Security Module 4

Question 1

Which of the following is NOT an advantage to utilizing wrapper functions?

Answer 1

They provide error-correction of the existing code

Question 2

Fuzzing inputs random data into a program to accomplish which of the following?

Answer 2

Trap errors in the application code

Question 3

Seismic sensors are used for which of the following?

Answer 3

Motion detection

Question 4

Why would a data base administrator use NoSQL over a SQL relational database?

Answer 4

NoSQL is simpler by design and has a smaller attack surface

Question 5

A mantrap can be useful in physical security by preventing what?

Answer 5

Tailgating

Question 6

Which of the following security controls provides a substitute for normal controls that cannot be used?

Answer 6

Compensating controls

Question 7

What is an advantage to an alarmed carrier PDS over a hardened carrier PDS?

Answer 7

An alarmed carrier PDS can sense vibrations with optical fibers

Question 8

Televisions, HVAC controllers, and ATMs are all examples of what?

Answer 8

Embedded systems

Question 9

Which of the following correctly describes the importance of eliminating marks that classify a master key?

Answer 9

It is imperative to follow ideal key management procedures

Question 10

Which of the following is considered OS hardening?

Answer 10

Disabling the guest account

Question 11

Which of the following can use fingerprinting to distinguish critical data from unimportant data?

Answer 11

Data loss Prevention

Question 12

Why would an administrator allow an application exception through a software firewall instead of opening the applicatoin’s port?

Answer 12

The port is closed when not in use

Question 13

Cipher locks are susceptible to which security threat?

Answer 13

Shoulder Surfing

Question 14

What is a benefit of having an automated patch update service instead of configuring clients to install updates independently?

Answer 14

An automated patch update service can allow an administrator to test the patch within their environment before causing a network-wide problem

Question 15

Which of the following is the most restrictive anti-spam technique?

Answer 15

Whitelisting

Question 16

Passive RFID tags are powered by which of the following?

Answer 16

The signal coming from the transceiver

Question 17

Why would a Server 2008 R2 DNS server have a different security baseline than a Windows XP client?

Answer 17

If systems perform different functions, security settings can restrict one function but not the other

Question 18

Why would an administrator use the hardening technique of kernel pruning?

Answer 18

By removing services that aren’t needed, you can limit the attack surface of a system

Question 19

How is a hotfix different from other operating system fixes?

Answer 19

A hotfix can relate to a specific customer

Question 20

Why is dynamic heuristic detection considered more of a robust antivirus scanning method than static analysis?

Answer 20

Dynamic heuristic detection is more capable of preventing zero day attacks