SEC+ Revision Questions Mitigating Security Threats

Question 1

The web developers at your company are testing their latest web site code before going live to ensure that it is robust and secure. During their testing they provide malformed URLs with
additional abnormal parameters as well as an abundance of random data. What term describes their actions?
A. Cross-site scripting
B. Fuzzing
C. Patching
D. Debugging

Answer 1

Fuzzing

Question 2

The process of disabling unneeded network services on a computer is referred to as what?
A. Patching
B. Fuzzing
C. Hardening
D. Debugging

Answer 2

Hardening

Question 3

You are on a conference call with your developers, Serena and Thomas, discussing the security of your new travel site. You express concern over a recent article describing how user submissions to web sites may contain malicious code that runs locally when others simply read the post. Serena suggests validating user input before allowing the user submissions. Which problem might validation solve?
A. Cross-site scripting
B. Fuzzing
C. Hardening
D. Patching

Answer 3

Cross-site scripting

Question 4

Which of the following lessens the success of dictionary password attacks?

A. Password complexity requirements
B. Account lockout threshold
C. Password hints
D. Enforce password history

Answer 4

Password complexity requirements

Question 5

A RADIUS server is used to authenticate your wireless network users. While creating a new user account, you notice there are many more user accounts than actual users. What should be done?
A. Delete all accounts not linked to a user.
B. Disable all accounts not linked to a user.
C. Verify how accounts are used and then delete unnecessary accounts.
D. Verify how accounts are used and then disable unnecessary accounts.

Answer 5

Verify how accounts are used and then disable unnecessary accounts.

Question 6

The 802.11n wireless network in your department must be layer 2 secured. You would like to control which specific wireless devices are allowed to connect. How can you do this?
A. SIM card
B. NetBIOS computer name
C. MAC address
D. IP address

Answer 6

MAC address

Question 7

What is the best definition of the IEEE 802.1x standard?
A. It defines a group of wireless standards.
B. It defines the Ethernet standard.
C. It defines network access control only for wireless networks.
D. It defines network access control for wired and wireless networks.

Answer 7

It defines network access control for wired and wireless networks.

Question 8

You are hardening a Linux computer and have disabled SSH in favor of Telnet. You ensure passwords are required for Telnet access. Identify your error.
A. Secure Telnet should have public key authentication enabled.
B. Only strong passwords should be used with Telnet.
C. SSH should have been used instead of Telnet.
D. The Telnet port should have been changed from 23 to 8080.

Answer 8

SSH should have been used instead of Telnet.

Question 9

As the IT director of a high school using Group Policy and Active Directory, you plan the appropriate standard security settings for newly deployed Windows 7 workstations. Some teachers require modifications to these settings because of the specialized software they use. Which term refers to the standardized security parameters?
A. Initial baseline configuration
B. Principle of least privilege
C. Sysprepped image
D. Local security policy

Answer 9

Initial baseline configuration

Question 10

The periodic assessment of security policy compliance is referred to as what?
A. Remediation
B. Hardening
C. Continuous security monitoring
D. Trend analysis

Answer 10

Continuous security monitoring

Question 11

You are a Windows Server 2012 administrator. You install and configure the Network Policy Server (NPS) role and configure health policies that require all connecting clients to have firewall and spyware software enabled. Clients violating these health policies will receive an IP address placing them on a restricted subnet containing servers with client firewall and spyware software to install. What term accurately refers to the role the servers on this restricted subnet play?
A. Isolation
B. Remediation
C. Validation
D. Authentication

Answer 11

Remediation

Question 12

IT security personnel respond to the repeated misuse of an authenticated user’s session cookie on an e-commerce web site. The affected user reports that they occasionally use the site but not for the transactions in question. The security personnel decide to reduce the amount of time an authentication cookie is valid. What type of attack have they responded to?
A. DoS
B. Dictionary
C. Privilege escalation
D. Cross-site request forgery

Answer 12

Cross-site request forgery

Question 13

A network administrator places a network appliance on the DMZ network and configures it with various security thresholds, each of which will notify the IT group via e-mail. The IT group will then adhere to the incident response policy and take action. What will be triggered when any of these thresholds is violated?
A. Alarm
B. Alert
C. Remediation
D. Input validation

Answer 13

Alarm

Question 14

A user reports repeated instances of Windows 7 slowing down to the point where they can no longer be productive. You view the Windows Event Viewer logs for the past month and notice an exorbitant amount of SMTP traffic leaving the local machine each morning between
10 A.M. and 11 A.M. What type of analysis was performed to learn of this anomaly?
A. Forensic
B. Trend
C. Network statistical
D. Vulnerability

Answer 14

B. Trend

Question 15

Roman is developing an application that controls the lighting system in a large industrial complex. A piece of code calls a function that controls a custom-built circuit board. While running his application, Roman’s application fails repeatedly because of unforeseen circumstances. Which secure coding guideline did Roman not adhere to?
A. Packet encryption
B. Digital signatures
C. Error handling
D. Hardening

Answer 15

C. Error handling

Question 16

What can be done to harden the Windows operating system? (Choose three.)
A. Disable system restore points.
B. Disable unnecessary services.
C. Patch the operating system.
D. Configure EFS.
E. Disable Group Policy.

Answer 16

B. Disable unnecessary services.
&
C. Patch the operating system.
&
D. Configure EFS.

Question 17

You are configuring a fleet of Windows 7 laptops for traveling employees, some of whom prefer using USB mice. It is critical that the machines are as secure as possible. What should you configure? (Choose three.)
A. Disable USB ports.
B. Require USB device encryption.
C. Enable and configure the Windows firewall.
D. Install and configure antivirus software.
E. Enable a power management scheme.

Answer 17

B. Require USB device encryption.
&
C. Enable and configure the Windows firewall.
&
D. Install and configure antivirus software.

Question 18

A shipment of new Windows computers has arrived for Accounting department employees. The computers have the operating system preinstalled but will require additional financial software. In which order should you perform all of the following?
A. Join the Active Directory domain.
B. Apply all operating system patches.
C. Ensure the virus scanner is up to date.
D. Log in to the Active Directory domain to receive Group Policy security settings.
E. Install the additional financial software.

Answer 18

C, B, A, D, E

Question 19

Which of the following items can help prevent ARP cache poisoning? (Choose three.)
A. Use 802.1x security.
B. Disable ARP.
C. Patch the operating system.
D. Configure the use of digital signatures for all network traffic.
E. Disable unused switch ports.

Answer 19

A. Use 802.1x security.
&
D. Configure the use of digital signatures for all network traffic.
&
E. Disable unused switch ports.

Question 20

Your intranet provides employees with the ability to search through an SQL database for their past travel expenses once they have logged in. One employee from the IT department discovers that if they enter an SQL string such as SELECT * FROM EXPENSES WHERE EMPID = ‘x’=’x’;, it returns all employee travel expense records. What secure coding guideline was ignored?
A. SQL injection prevention
B. Input validation
C. Disabling of SQL indexes
D. User authentication

Answer 20

B. Input validation

Question 21

You capture and examine network traffic weekly to ensure the network is being used properly. In doing so, you notice traffic to TCP port 53 on your server from an unknown IP address. After reviewing your server logs, you notice repeated failed attempts to execute a zone transfer to your server. What type of attack was attempted?
A. ARP poisoning
B. Cross-site scripting
C. DNS poisoning
D. MAC flooding

Answer 21

C. DNS poisoning

Question 22

A network security audit exposes three insecure wireless routers using default configurations. Which security principle has been ignored?
A. Application patch management
B. Device hardening
C. Input validation
D. Principle of least privilege

Answer 22

B. Device hardening

Question 23

Which of the following standards must authenticate computing devices before allowing network access?
A. Router
B. Hub
C. IEEE 802.1x
D. IEEE 802.11n

Answer 23

C. IEEE 802.1x

Question 24

What will prevent frequent repeated malicious attacks against user account passwords?
A. Minimum password age
B. Password hints
C. Password history
D. Account lockout

Answer 24

D. Account lockout

Question 25

Which item would best apply a standard security baseline to many computers?
A. A disk image of the operating system
B. Security templates distributed through Group Policy
C. Password settings distributed through Group Policy
D. Security templates distributed through a local security policy

Answer 25

B. Security templates distributed through Group Policy

Question 26

After patching and hardening your computers, how would you determine whether your computers are secure?
A. Performance baseline
B. Security templates
C. Penetration testing
D. Password cracking

Answer 26

C. Penetration testing

Question 27

While hardening a Windows server, you decide to disable a number of services. How can you ensure that the services you are disabling will not adversely affect other services?
A. Run the net start ‘service name’ / dep command.
B. Disable the services, let the system run for a few days, and then check the Event Viewer logs.
C. Right-click the service and choose Show Dependency Chain.
D. Double-click the service and view the Dependencies tab.

Answer 27

D. Double-click the service and view the Dependencies tab.

Question 28

Your company uses Microsoft IIS to host multiple intranet web sites on a two-node cluster. All sites store their configuration and content on drive C: and log files are stored on D:. All sites share a common application pool. The IT director has asked that you ensure a single hacked web site will not adversely affect other running web sites. What should you do?
A. Move each web site configuration to a separate hard disk.
B. Move each web site content to a separate hard disk.
C. Configure each web site to use its own application pool.
D. Add a third node to the two-node cluster.

Answer 28

C. Configure each web site to use its own application pool.

Question 29

You are developing your Windows 8.1 enterprise rollout strategy. IT security policies have been updated to reflect the company’s stricter security standards. Which of the following will harden Windows 8.1? (Choose two.)
A. Use a Class C IP address.
B. Configure log archiving.
C. Configure USB device restrictions.
D. Disable unused services.

Answer 29

C. Configure USB device restrictions.
&
D. Disable unused services.

Question 30

How can you prevent rogue machines from connecting to your network?
A. Deploy an IEEE 802.1x configuration.
B. Use strong passwords for user accounts.
C. Use IPv6.
D. Deploy an IEEE 802.11 configuration.

Answer 30

A. Deploy an IEEE 802.1x configuration.

Question 31

What can be done to secure the network traffic that is generated when administering your wireless router?
A. Use HTTPS with IPv6.
B. Use HTTP with PKI.
C. Use HTTP with IPv6.
D. Use HTTPS with PKI.

Answer 31

D. Use HTTPS with PKI.

Question 32

Your company is upgrading to a new office suite. The spreadsheet application must only trust macros digitally signed by the company certificate authority. You have servers installed in a single Windows Active Directory domain. What should you configure to ensure macro security on all stations is configured properly?
A. Configure the spreadsheet application on each computer to trust company macros.
B. Create an EFS PKI certificate for signing the macros.
C. Use Group Policy to enforce the described application configuration baseline.
D. Use Group Policy to distribute macros to all stations.

Answer 32

C. Use Group Policy to enforce the described application configuration baseline.

Question 33

Aidan is creating a Linux operating system image that will be used to deploy Linux virtual machines from a template. After patching the operating system, he installs the required application software, installs and updates the anti-malware software, creates the image, and stores it on the imaging server. What did Aidan forget to do?
A. He forgot to Sysprep the installation before capturing the image.
B. He forgot to patch the application software.
C. He forgot to turn on anti-malware real-time monitoring.
D. He forgot to encrypt the hard drive.

Answer 33

B. He forgot to patch the application software.

Question 34

You are the founder of Acme Data Mining. The business focuses on retrieving relevant consumer habits from various sources, and that data is then sold to retailers. Because of the amount of data that must be processed, you must implement the fastest possible solution. Which type of technology should you implement?
A. SQL
B. NoSQL
C. SATA
D. NoSATA

Answer 34

B. NoSQL

Question 35

You have been asked to develop secure web application for a wine home brewing retailer. The app will read and write to a back-end database for customer transactions. The database has rules in place to check that data is valid. The web site uses HTTPS. What else should be done to further secure the web app?
A. Use JavaScript for server-side data validation.
B. Use PKI.
C. Use a VPN.
D. Use JavaScript for client-side data validation.

Answer 35

D. Use JavaScript for client-side data validation.

Question 36

Your company has issued Android-based smart phones to select employees. Your manager asks you to ensure that data on the smart phones is protected. How do you address your manager’s concerns?
A. Implement SCADA, screen locking, device encryption, and anti-malware, and disable unnecessary software on the phones.
B. Implement PKI VPN authentication certificates, screen locking, device encryption, and anti-malware, and disable unnecessary software on the phones.
C. Implement screen locking, device encryption, patching, and anti-malware, and disable unnecessary software on the phones.
D. Implement HTTPS, screen locking, device encryption, and anti-malware, and disable unnecessary software on the phones.

Answer 36

C. Implement screen locking, device encryption, patching, and anti-malware, and disable unnecessary software on the phones.

Question 37

While hardening your home office network, you decide to check that the firmware in all your network devices is updated. To which of the following devices would this apply?
A. Smart TV, gaming console, printer, HVAC, wireless router
B. Refrigerator, printer, wireless router, electrical outlets, printer
C. HVAC, fire extinguisher, gaming console, printer, wireless router
D. Gaming console, Android devices, Apple iOS devices, printers, fire extinguisher

Answer 37

A. Smart TV, gaming console, printer, HVAC, wireless router

Question 38

Which enterprise-class items within your organization should be patched regularly? (Choose all that apply.)
A. Mainframes
B. Thin clients
C. Public cloud virtualization hosts
D. IP addresses

Answer 38

A. Mainframes
&
B. Thin clients