Security+ SYO-501 - Quiz

Question 1

An attacker has decided to attempt to compromise your organization’s network. They have already determined the ISP you are using and know your public IP addresses. They have also performed port scanning to discover your open ports. What communications technique can the hacker now use to identify the applications that are running on each open port facing the Internet?
A.	Credentialed penetration test
B.	Intrusive vulnerability scan
C.	Banner grabbing
D.	Port scanning

Answer 1

Q1.1
C. Banner grabbing

C. Banner grabbing is the communications technique a hacker can use to identify the product that is running on an open port facing the Internet.

Question 2

You are the security manager for a large organization. Your NIDS has reported abnormal levels of network activity and several systems have become unresponsive. While investigating the causes of these issues, you discover a rootkit on your mission-critical database server. What is the best step to take to return this system to production?
A.	Reconstitute the system.
B.	Run an antivirus tool.
C.	Install a HIDS.
D.	Apply vendor patches.

Answer 2

Q1.2
A. Reconstitute the system.

A. The only real option to return a system to a secure state after a rootkit is reconstitution

Question 3

If user awareness is overlooked, what attack is more likely to succeed?
A.	Man-in-the-middle
B.	Reverse hash matching
C.	Physical intrusion
D.	Social engineering

Answer 3

Q1.3
D. Social engineering

D. Social engineering is more likely to occur if users aren’t properly trained to detect and prevent it. The lack of user awareness training won’t have as much impact on man-in-the-middle, reverse hash-matching, or physical intrusion attacks.

Question 4

A pirated movie-sharing service is discovered operating on company equipment. Administrators do not know who planted the service or who the users are. What technique could be used to attempt to trace the identity of the users?
A.	Typo squatting
B.	Integer overflow
C.	Watering hole attack
D.	Ransomware

Answer 4

Q1.4
C. Watering hole attack

C. A watering hole attack could be used to plant phone-home-to-identity malware on the systems of subsequent visitors.

Question 5

You are the IT security manager for a retail merchant organization that is just going online with an e-commerce website. You hired several programmers to craft the code that is the backbone of your new web sales system. However, you are concerned that while the new code functions well, it might not be secure. You begin to review the code, systems design, and services architecture to track down issues and concerns. Which of the following do you hope to find in order to prevent or protect against XSS?
A.	Input validation
B.	Defensive coding
C.	Allowing script input
D.	Escaping metacharacters

Answer 5

Q1.5
A. Input validation
B. Defensive coding
D. Escaping metacharacters

A, B, and D. A programmer can implement the most effective way to prevent XSS by validating input, coding defensively, escaping metacharacters, and rejecting all script-like input.

Question 6

What type of virus attempts to disable security features that are focused on preventing malware infection?
A.	Retrovirus
B.	Polymorphic
C.	Companion
D.	Armored

Answer 6

Q1.6
A. Retrovirus

A. Retroviruses specifically target antivirus systems to render them useless.

Question 7

What does the acronym RAT stand for?
A.	Random Access Token
B.	Remote Authentication Testing
C.	Random Authorization Trajectory
D.	Remote Access Trojan

Answer 7

Q1.7
D. Remote Access Trojan

D. A RAT is a remote access Trojan. A RAT is a form of malicious code that grants an attacker some level of remote control access to a compromised system.

Question 8

What form of social engineering attack focuses on stealing credentials or identity information from any potential target?
A.	Phishing
B.	Tailgating
C.	Dumpster diving
D.	Logic bomb

Answer 8

Q1.8
A. Phishing

A. Phishing is a form of social engineering attack focused on stealing credentials or identity information from any potential target. It is based on the concept of fishing for information. Phishing is employed by attackers to obtain sensitive information such as usernames, passwords, credit card details, or other personally identifiable information by masquerading as a trustworthy entity (a bank, a service provider, or a merchant, for example) in electronic communication (usually email).

Question 9

What type of service attack positions the attacker in the communication path between a client and a server?
A.	Session hijacking
B.	Man-in-the-middle
C.	Amplification
D.	Replay

Answer 9

Q1.9
B. Man-in-the-middle

B. A man-in-the-middle attack is a communications eavesdropping attack. Attackers position themselves in the communication stream between a client and server (or any two communicating entities). The client and server believe that they’re communicating directly with each other—they may even have secured or encrypted communication links.

Question 10

What form of attack abuses a program’s lack of length limitation on the data it receives before storing the input in memory and can lead to arbitrary code execution?
A.	ARP poisoning
B.	XSS
C.	Domain hijacking
D.	Buffer overflow

Answer 10

Q1.10
D. Buffer overflow

D. A buffer overflow attack occurs when an attacker submits data to a process that is larger than the input variable is able to contain. Unless the program is properly coded to handle excess input, the extra data is dropped into the system’s execution stack and may execute as a fully privileged operation.

Question 11

What is a programmatic activity that restricts or reorganizes software code without changing its externally perceived behavior or produced results?
A.	Buffer overflow
B.	Pass the hash
C.	Refactoring
D.	Shimming

Answer 11

Q.1.11
C. Refactoring

C. Refactoring is restricting or reorganizing software code without changing its externally perceived behavior or produced results. Refactoring focuses on improving software’s nonfunctional elements (quality attributes, nonbehavioral requirements, service requirements, or constraints). Refactoring can improve readability, reduce complexity, ease troubleshooting, and simplify future expansion and extension efforts.

Question 12

What wireless attack is able to trick mobile device users into connecting into its man-in-the-middle style of attack by automatically appearing as if it is a trusted network that they have connected to in the past?
A.	Replay
B.	Evil twin
C.	Bluesnarfing
D.	Disassociation

Answer 12

Q1.12
B. Evil twin

B. Evil twin is an attack where a hacker operates a false access point that will automatically clone or twin the identity of an access point based on a client device’s request to connect. Each time a device successfully connects to a wireless network, it retains a wireless profile in its history.

Question 13

What type of hacker hacks for a cause or purpose, knowing that they may be identified, apprehended, and prosecuted?
A.	Hacktivist
B.	Script kiddie
C.	Nation-state hacker
D.	Internal attacker

Answer 13

Q1.13
A. Hacktivist

A. A hacktivist is someone who uses their hacking skills for a cause or purpose. A hacktivist commits criminal activities for the furtherance of their cause. A hacktivist attacks targets even when they know they will be identified, apprehended, and prosecuted. They do this because they believe their purpose or cause is more important than themselves.

Question 14

When an attacker selects a target, they must perform reconnaissance to learn as much as possible about the systems and their configuration before launching attacks. What is the term for the gathering of information from any publicly available resource, such as websites, social networks, discussion forums, file services, and public databases?
A.	Banner grabbing
B.	Port scanning
C.	Open-source intelligence
D.	Enumeration

Answer 14

Q1.14
C. Open-source intelligence

C. Open source intelligence is the gathering of information from any publicly available resource. This includes websites, social networks, discussion forums, file services, public databases, and other online sources. This also includes non-Internet sources, such as libraries and periodicals.

Question 15

What penetration testing or hacking term refers to the concept of continuing an intrusion after an initial compromise in order to further breach an organization by focusing on new targets that may not have been accessible initially?
A.	Man-in-the-browser
B.	Pivot
C.	Daisy chaining
D.	Shimming

Answer 15

Q1.15
B. Pivot

B. In penetration testing (or hacking in general), a pivot is the action or ability to compromise a system, then using the privileges or accessed gained through the attack to focus attention on another target that may not have been visible or exploitable initially. It is the ability to adjust the focus or the target of an intrusion after an initial foothold is gained.

Question 16

What is the term for an attack or exploit that grants the attacker greater privileges, permissions, or access than what may have been achieved by the initial exploitation?
A.	Hoax
B.	Impersonation
C.	Piggybacking
D.	Privilege escalation

Answer 16

Q1.16
D. Privilege escalation

D. Privilege escalation is an attack or exploit that grants the attacker greater privileges, permissions, or access than may have been achieved by the initial exploitation.

Question 17

What type of information-gathering tactics rely on direct interaction with the target while attempting to avoid being detected as malicious?
A.	Passive reconnaissance
B.	Banner grabbing
C.	Active reconnaissance
D.	Social engineering

Answer 17

Q1.17
C. Active reconnaissance

C. Active reconnaissance is the idea of collecting information about a target through interactive means. By directly interacting with a target, the attacker can collect accurate and detailed information quickly but at the expense of potentially being identified as an attacker rather than just an innocent, benign, random visitor.

Question 18

What type of test of security controls is performed with an automated vulnerability scanner that seeks to identify weaknesses while listening in on network communications?
A.	Active
B.	Passive
C.	External
D.	Noncredentialed

Answer 18

Q1.18
B. Passive

B. A passive test of security controls is being performed when an automated vulnerability scanner is being used that seeks to identify weaknesses while listening in on network communications.

Question 19

What is the term used to describe systems that are no longer receiving updates and support from their vendors?
A.	Passive
B.	Embedded
C.	End-of-life
D.	Static

Answer 19

Q1.19
C. End-of-life

C. End-of-life systems are those that are no longer receiving updates and support from their vendor. If an organization continues to use an end-of-life system, the risk of compromise is high because any future exploitation will never be patched or fixed. It is of utmost important to move off end-of-life systems in order to maintain a secure environment.

Question 20

What is present on a system for ease of installation and initial configuration in order to minimize support calls from new customers?
A.	Default configuration
B.	Resource exhaustion trigger
C.	Buffer overflow flaw
D.	Collision tool

Answer 20

Q1.20
A. Default configuration

A. Default configurations should never be allowed to remain on a device or within an application. Defaults are such for ease of installation and initial configuration in order to minimize support calls from new customers.

Question 21

You are implanting a new network for a small office environment. The network includes a domain controller, four resource servers, a network printer, a wireless access point, and three dozen client systems. In addition to standard network management devices, such as switches and routers, why would you want to deploy a firewall?
A. To watch for intrusions
B. To control traffic entering and leaving a network
C. To require strong passwords
D. To prevent misuse of company resources

Answer 21

Q2.01

Question 22

As the security administrator for a moderate-sized network, you need to deploy security solutions to reduce the risk of a security breach. You elect to install a network-based IDS. However, after deployment you discover that the NIDS is not suitable for detecting which of the following?
A. Email spoofing
B. Denial-of-service attacks
C. Attacks against the network
D. Attacks against an environment that produces significant traffic

Answer 22

Q2.02

Question 23

Illegal or unauthorized zone transfers are a significant and direct threat to what type of network server?
A.	Web
B.	DHCP
C.	DNS
D.	Database

Answer 23

Q2.03

Question 24

What mechanism of loop protection is based on an element in a protocol header?
A.	Spanning Tree Protocol
B.	Ports
C.	Time to live
D.	Distance vector protocols

Answer 24

Q2.04

Question 25

What type of wireless antenna can be used to send or receive signals in any direction?
A.	Cantenna
B.	Yagi
C.	Rubber duck
D.	Panel

Answer 25

Q2.05

Question 26

What mechanism of wireless security is based on AES?
A.	TKIP
B.	CCMP
C.	LEAP
D.	WEP

Answer 26

Q2.06

Question 27

What technology provides an organization with the best control over BYOD equipment?
A.	Encrypted removable storage
B.	Mobile device management
C.	Geotagging
D.	Application whitelisting

Answer 27

Q2.07

Question 28

What is the most effective means to reduce the risk of losing the data on a mobile device, such as a notebook computer?
A. Encrypt the hard drive.
B. Minimize sensitive data stored on the mobile device.
C. Use a cable lock.
D. Define a strong logon password.

Answer 28

Q2.08

Question 29

Which security stance will be most successful at preventing malicious software execution?
A.	Deny by exception
B.	Whitelisting
C.	Allow by default
D.	Blacklisting

Answer 29

Q2.09

Question 30

LDAP operates over what TCP ports?
A.	636 and 389
B.	110 and 25
C.	443 and 80
D.	20 and 21

Answer 30

Q2.10

Question 31

What type of NAC agent is written in a web or mobile language and is temporarily executed on a system only when the specific management page is accessed?
A.	Permanent
B.	Dissolvable
C.	Passive
D.	Stateless

Answer 31

Q2.11

Question 32

What is the purpose or use of a media gateway?
A. It is a fictitious environment designed to fool attackers and intruders and lure them away from the private secured network.
B. It is used to connect several network segments and enable traffic from one network segment to traverse into another network segment.
C. It is used to spread or distribute network traffic load across several network links or network devices.
D. It is any device or service that converts data from one communication format to another.

Answer 32

Q2.12

Question 33

Which of the following is true regarding an exploitation framework? (Select all that apply.)
A. Is a passive scanner
B. Fully exploits vulnerabilities
C. Only operates in an automated fashion
D. Allows for customization of test elements
E. Represents additional risk to the environment
F. Can only assess systems over IPv4

Answer 33

Q2.13

Question 34

What is the purpose of a banner grabbing activity?
A. Detecting the presence of a wireless network
B. Capturing the initial response or welcome message from a network service that may directly or indirectly reveal its identity
C. Preventing access to a network until the client has accepted use terms or fully authenticated
D. Altering the source IP address of an outbound request

Answer 34

Q2.14

Question 35

How are effective permissions determined or calculated?
A. Accumulate allows, remove any denials
B. Count the number of users listed in the ACL
C. View the last access time stamp of the asset
D. Review the user’s group memberships

Answer 35

Q2.15

Question 36

What is a content filter mechanism that can reduce the possibility of malicious executable code being accepted as input?
A. Checking length
B. Blocking hex characters
C. Escaping metacharacters
D. Filtering on known patterns of malicious content

Answer 36

Q2.16

Question 37

What is an example of a PUP?
A.	A backdoor
B.	Unwanted marketing pop-ups
C.	A Trojan horse
D.	A password cracker

Answer 37

Q2.17

Question 38

What is the purpose of DEP being present in an operating system?
A.	To block buffer overflows
B.	To prevent social-engineering attacks
C.	To stop ransomware infections
D.	To interrupt backdoor installations

Answer 38

Q2.18

Question 39

What is the term used to describe the designation of a specific geographical area that is then used to implement features on mobile devices, which can be defined by GPS coordinates, a wireless indoor positioning system (IPS), or the presence or lack of a specific wireless signal?
A.	Bluesmacking
B.	Geofencing
C.	Banner grabbing
D.	CYOD

Answer 39

Q2.19

Question 40

What is the definition of DNSSEC?
A. It is an Internet standard for encrypting and digitally signing email.
B. It can be used as a secure Telnet replacement, it can be used to encrypt protocols similar to TLS, and it can be used as a VPN protocol.
C. It is a standard network-management protocol supported by most network devices and TCP/IP-compliant hosts used to obtain status information, performance data, statistics, and configuration details.
D. It is a security improvement to the existing name resolution infrastructure. The primary function of this tool is to provide reliable authentication between devices when performing resolution operations.

Answer 40

Q2.20

Question 41

Which of the following allows the deployment of a publicly accessible web server without compromising the security of the private network?
A.	Intranet
B.	DMZ
C.	Extranet
D.	Switch

Answer 41

Q3.01

Question 42

An organization has a high-speed fiber Internet connection that it uses for most of its daily operations, as well as its offsite backup operations. This represents what security problem?
A.	Single point of failure
B.	Redundant connections
C.	Backup generator
D.	Offsite backup storage

Answer 42

Q3.02

Question 43

A security template can be used to perform all but which of the following tasks?
A. Capture the security configuration of a master system
B. Apply security settings to a target system
C. Return a target system to its precompromised state
D. Evaluate compliance with security of a target system

Answer 43

Q3.03

Question 44

What technique or method can be employed by hackers and researchers to discover unknown flaws or errors in software?
A.	Dictionary attacks
B.	Fuzzing
C.	War dialing
D.	Cross-site request forgery

Answer 44

Q3.04

Question 45

What is a security risk of an embedded system that is not commonly found in a standard PC?
A. Power loss
B. Access to the Internet
C. Control of a mechanism in the physical world
D. Software flaws

Answer 45

Q3.05

Question 46

To ensure that whole-drive encryption provides the best security possible, which of the following should not be performed?
A. Screen lock the system overnight.
B. Require a boot password to unlock the drive.
C. Lock the system in a safe when it is not in use.
D. Power down the system after use.

Answer 46

Q3.06

Question 47

In order to avoid creating a monolithic security structure, organizations should adopt a wide range of security mechanisms. This concept is known as \_\_\_\_\_\_\_\_\_\_.
A.	Defense in depth
B.	Control diversity
C.	Intranet buffering
D.	Sandboxing

Answer 47

Q3.07

Question 48

When offering a resource to public users, what means of deployment provides the most protection for a private network?
A.	Intranet
B.	Wireless
C.	Honeynet
D.	DMZ

Answer 48

Q3.08

Question 49

When you are implementing a security monitoring system, what element is deployed in order to detect and record activities and events?
A.	Correlation engine
B.	Tap
C.	Sensor
D.	Aggregation switch

Answer 49

Q3.09

Question 50

When an enterprise is using numerous guest OSs to operate their primary business operations, what tool or technique can be used to enable communications between guest OSs hosted on different server hardware but keep those communications distinct from standard subnet communications?
A.	VPN
B.	SDN
C.	EMP
D.	FDE

Answer 50

Q3.10

Question 51

What type of OS is designed for public end-user access and is locked down so that only preauthorized software products and functions are enabled?
A.	Kiosk
B.	Appliance
C.	Mobile
D.	Workstation

Answer 51

Q3.11

Question 52

When you need to test new software whose origin and supply chain are unknown or untrusted, what tool can you use to minimize the risk to your network or workstation?
A.	Hardware security module
B.	UEFI
C.	Sandboxing
D.	SDN

Answer 52

Q3.12

Question 53

What is the concept of a computer implemented as part of a larger system that is typically designed around a limited set of specific functions (such as management, monitoring, and control) in relation to the larger product of which it’s a component?
A.	IoT
B.	Application appliance
C.	SoC
D.	Embedded system

Answer 53

Q3.13

Question 54

What is an industrial control system (ICS) that provides computer management and control over industrial processes and machines?
A.	SCADA
B.	HSM
C.	OCSP
D.	MFD

Answer 54

Q3.14

Question 55

Which SDLC model is based around adaptive development where focusing on a working product and fulfilling customer needs is prioritized over rigid adherence to a process, use of specific tools, and detailed documentation?
A.	Waterfall
B.	Agile
C.	Spiral
D.	Ad hoc

Answer 55

Q3.15

Question 56

When an organization wishes to automate many elements and functions of IT management, such as development, operations, security, and quality assurance, they are likely to be implementing which of the following?
A.	SCADA
B.	UTM
C.	IaaS
D.	DevOps

Answer 56

Q3.16

Question 57

What is not a cloud security benefit or protection?
A.	CASB
B.	SECaaS
C.	VM sprawl
D.	VM isolation

Answer 57

Q3.17

Question 58

What form of cloud service provides the customer with the ability to run their own custom code but does not require that they manage the execution environment or operating system?
A.	SaaS
B.	PaaS
C.	IaaS
D.	SECaaS

Answer 58

Q3.18

Question 59

What recovery mechanism is used to return a system back to a previously operating condition when a new software install corrupts the operating system?
A.	Revert to known state
B.	Roll back to known configuration
C.	Live boot media
D.	Template

Answer 59

Q3.19

Question 60

What type of security mechanism can be used to prevent a vehicle from damaging a facility?
A.	Fencing
B.	Lighting
C.	Bollard
D.	Access cards

Answer 60

Q3.20

Question 61

What method of access control is best suited for environments with a high rate of employee turnover?
A.	MAC
B.	DAC
C.	RBAC
D.	ACL

Answer 61

Q4.01

Question 62

What mechanism is used to support the exchange of authentication and authorization details between systems, services, and devices?
A.	Biometric
B.	Two-factor authentication
C.	SAML
D.	LDAP

Answer 62

Q4.02

Question 63

Which is the strongest form of password?
A.	More than eight characters
B.	One-time use
C.	Static
D.	Different types of keyboard characters

Answer 63

Q4.03

Question 64

Which of the following technologies can be used to add an additional layer of protection between a directory services–based network and remote clients?
A.	SMTP
B.	RADIUS
C.	PGP
D.	VLAN

Answer 64

Q4.04

Question 65

Which of the following is not a benefit of single sign-on?
A. The ability to browse multiple systems
B. Fewer usernames and passwords to memorize
C. More granular access control
D. Stronger passwords

Answer 65

Q4.05

Question 66

Federation is a means to accomplish \_\_\_\_\_\_\_.
A.	Accountability logging
B.	ACL verification
C.	Single sign-on
D.	Trusted OS hardening

Answer 66

Q4.06

Question 67

You have been tasked with installing new kiosk systems for use in the retail area of your company’s store. The company elected to use standard equipment and an open-source Linux operating system. You are concerned that everyone will know the default password for the root account. What aspect of the kiosk should be adjusted to prevent unauthorized entities from being able to make system changes?
A.	Authorization
B.	Accounting
C.	Authentication
D.	Auditing

Answer 67

Q4.07

Question 68

Your company has several shifts of workers. Overtime and changing shifts is prohibited due to the nature of the data and the requirements of the contract. To ensure that workers are able to log into the IT system only during their assigned shifts, you should implement what type of control?
A.	Multifactor authentication
B.	Time-of-day restrictions
C.	Location restrictions
D.	Single sign-on

Answer 68

Q4.08

Question 69

Place the following steps (represented by the letters A through I) in the correct order:
A. The KDC verifies that the client has a valid TGT and then issues an ST to the client. The ST includes a time stamp that indicates its valid lifetime.
B. The client receives the TGT. At this point, the subject is an authenticated principle in the Kerberos realm.
C. The client sends the ST to the network server that hosts the desired resource.
D. The Kerberos client system encrypts the password and transmits the protected credentials to the KDC.
E. The subject requests access to resources on a network server. This causes the client to request a service ticket (ST) from the KDC.
F. The subject provides logon credentials.
G. The network server verifies the ST. If it’s verified, it initiates a communication session with the client. From this point forward, Kerberos is no longer involved.
H. The KDC verifies the credentials and then creates a ticket-granting ticket (TGT)—a hashed form of the subject’s password with the addition of a time stamp that indicates a valid lifetime. The TGT is encrypted and sent to the client.
I. The client receives the ST.
1. F, D, H, B, E, A, I, C, G
2. H, I, C, D, G, F, E, A, B
3. A, B, C, D, E, F, G, H, I
4. I, A, E, B, C, G, F, H, D

Answer 69

Q4.09

Question 70

Your company has recently purchased Cisco networking equipment. When you are setting up to allow remote access, what means of AAA service is now available to your organization?
A.	RADIUS
B.	X.500
C.	TACACS+
D.	X.509 v3

Answer 70

Q4.10

Question 71

Your organization has recently decided to allow some employees to work from home two days a week. While configuring the network to allow for remote access, you realize the risk this poses to the organization’s infrastructure. What mechanism can be implemented to provide an additional barrier against remote access abuse?
A.	Kerberos
B.	Single sign-on
C.	Stronger authorization
D.	RADIUS

Answer 71

Q4.11

Question 72

You are developing a smart app that will control a new IoT device that automates blinking light fixtures in time with the beat of music. You want to make using the device as simple as possible, so you want to adopt an authentication technique that is seamless for the user. Which technology should you integrate into your app and device?
A.	OpenID Connect
B.	Shibboleth
C.	A secure token
D.	Role-based access control

Answer 72

Q4.12

Question 73

How are effective permissions calculated?
A. Count the number of allows, subtract the number of denials
B. Accumulate allows, remove denials
C. Look at the user’s clearance level
D. Count the number of groups the user is a member of

Answer 73

Q4.13

Question 74

What form of authorization is based on a scheme of characteristics related to the user, the object, the system, the application, the network, the service, time of day, or even other subjective environmental concerns?
A.	RBAC
B.	MAC
C.	DAC
D.	ABAC

Answer 74

Q4.14

Question 75

Your organization wants to integrate a biometric factor into the existing multifactor authentication system. To ensure alignment with company priorities, what tool should be used in selecting which type or form of biometric to use?
A.	CER comparison
B.	OAuth verifier
C.	Zephyr analysis chart
D.	Federation assessment

Answer 75

Q4.15

Question 76

What type of biometric error increases as the sensitivity of the device increases?
A.	FAR
B.	FRR
C.	CER
D.	False positive

Answer 76

Q4.16

Question 77

You are installing a new network service application. The application requires a variety of permissions on several resources and even a few advanced user rights in order to operate properly. Which type of account should be created for this application to operate under?
A.	Service
B.	User
C.	Privileged
D.	Generic

Answer 77

Q4.17

Question 78

Failing to perform regular permissions auditing can result in a violation of what security concept?
A.	Implicit deny
B.	Security by obscurity
C.	Least privilege
D.	Diversity of defense

Answer 78

Q4.18

Question 79

What type of access management can involve restrictions based on MAC address, IP address, OS version, patch level, and/or subnet in addition to logical or geographical position?
A.	Geography-based access control
B.	Physical access control
C.	Logical access control
D.	Location-based access control

Answer 79

Q4.19

Question 80

Which of the following is a recommended basis for reliable password complexity?
A. Minimum of eight characters; include representations of at least three of the four character types
B. Allow for a maximum of three failed logon attempts before locking the account for 15 minutes
C. Require that a password remain static for at least three days and prevent the reuse of the five most recently used passwords
D. Require that each administrator have a normal user account in addition to a privileged account

Answer 80

Q4.20

Question 81

Which of the following risk assessment formulas represents the total potential loss a company may experience within a single year due to a specific risk to an asset?
A.	EF
B.	SLE
C.	ARO
D.	ALE

Answer 81

Q5.01

Question 82

Which of the following is more formal than a handshake agreement but not a legal binding contract?
A.	SLA
B.	BIA
C.	DLP
D.	MOU

Answer 82

Q5.02

Question 83

When a user signs a(n) \_\_\_\_\_\_\_\_\_, it’s a form of consent to the monitoring and auditing processes used by the organization.
A.	Acceptable use policy
B.	Privacy policy
C.	Separation of duties policy
D.	Code of ethics policy

Answer 83

Q5.03

Question 84

When is business continuity needed?
A. When new software is distributed
B. When business processes are interrupted
C. When a user steals company data
D. When business processes are threatened

Answer 84

Q5.04

Question 85

You run a full backup every Monday. You also run a differential backup every other day of the week. You experience a drive failure on Friday. Which of the following restoration procedures should you use to restore data to the replacement drive?
A. Restore the full backup and then each differential backup.
B. Restore the full backup and then the last differential backup.
C. Restore the differential backup.
D. Restore the full backup.

Answer 85

Q5.05

Question 86

Which of the following is a security control type that is not usually associated with or assigned to a security guard?
A.	Preventive
B.	Detective
C.	Corrective
D.	Administrative

Answer 86

Q5.06

Question 87

You are the security manager for a brokerage firm. New company policy requires that all administrators be evaluated for compliance or violations in regard to adherence to the security policy and ethics agreement. Which of the following is a technique that can be used to accomplish this task?
A.	Separation of duties
B.	Clean desk
C.	Background checks
D.	Mandatory vacations

Answer 87

Q5.07

Question 88

Separation of duties has recently been implemented at your organization. Due to the size of the company, a single person has been assigned to each compartmented management area. There is some concern that over time the company will be at risk of being unable to perform critical tasks if one or more administrators are unavailable due to illness, vacation, retirement, or termination. What tool can be used to reduce this risk?
A.	Job rotation
B.	Principle of least privilege
C.	Exit interviews
D.	Awareness training

Answer 88

Q5.08

Question 89

Downtime is a violation of availability. Avoiding downtime is an essential tenet of your organization’s mission and security policy. What element of system management and maintenance needs to be monitored and tracked in order to avoid device failure resulting in unplanned downtime?
A.	RTO
B.	MTTF
C.	ALE
D.	NDA

Answer 89

Q5.09

Question 90

You are the network manager for a large organization. Over the weekend a storm caused a power surge, which damaged the main router between the company network and the Internet service. On Monday morning you realize that the entire intranet is unable to connect to any outside resource and mission-critical tasks are not functioning. What is the problem that the organization is experiencing?
A. Sustained redundancy
B. Maintaining of availability
C. Load-balanced distribution of job tasks
D. A single point of failure

Answer 90

Q5.10

Question 91

What form of risk analysis can involve the Delphi technique, interviews, and focus groups?
A.	Quantitative
B.	Residual
C.	Qualitative
D.	Cost-benefit

Answer 91

Q5.11

Question 92

You are the security manager for a large organization. During the yearly risk management reassessment, a specific risk is being left as is. You thoroughly document the information regarding the risk, the related assets, and the potential consequences. What is this method of addressing risk known as?
A.	Mitigation
B.	Tolerance
C.	Assignment
D.	Ignoring

Answer 92

Q5.12

Question 93

What type of security policy or plan has the following main phases: Preparation, Identification, Containment, Eradication, Recovery, and Lessons Learned?
A.	IRP
B.	BCP
C.	DRP
D.	BPA

Answer 93

Q5.13

Question 94

In what phase of an incident response plan does the organization return to normal operations after handling a violating event?
A.	Containment
B.	Lessons Learned
C.	Recovery
D.	Eradication

Answer 94

Q5.14

Question 95

When an organization is sent a lawyer’s letter demanding that they retain specific records, logs, and other files pertaining to suspected illegal activity, what is this known as?
A.	Audit
B.	Forensics
C.	Investigation
D.	Legal hold

Answer 95

Q5.15

Question 96

Which of the following are important elements in gathering data from storage devices related to a suspect’s system during a forensic investigation? (Select all that apply.)
A. Calculating a hash of the original storage device
B. Creating bitstream copy clones of the original
C. Using read-block adapters
D. Removing the storage device from the suspect’s system

Answer 96

Q5.16

Question 97

What is the main goal of BCP?
A.	Recover from disasters
B.	Minimize the impact of a disruptive event
C.	Keep costs to a minimum
D.	Prevent intrusions

Answer 97

Q5.17

Question 98

What form of alternate processing facility is a reliable means of recovery but is not usually considered to be cost effective?
A.	Warm
B.	Cold
C.	Onsite
D.	Hot

Answer 98

Q5.18

Question 99

A corrective control is used for what purpose?
A. To thwart or stop unwanted or unauthorized activity from occurring
B. To discover or detect unwanted or unauthorized activity
C. To modify the environment to return systems to normal after an unwanted or unauthorized activity has occurred
D. To provide various options to other existing controls to aid in enforcement and support of security policies

Answer 99

Q5.19

Question 100

Which of the following may be considered protected health information? (Select all that apply.)
A.	Phone numbers
B.	Medical record numbers
C.	Email address
D.	Vehicle identifiers
E.	Web URLs
F.	IP address numbers
G.	Biometric identifiers
H.	Photographic images

Answer 100

Q5.20

Question 101

Which of the following is most directly associated with providing or supporting perfect forward secrecy?
A.	PBKDF2
B.	ECDHE
C.	HMAC
D.	OCSP

Answer 101

Q6.01

Question 102

Which of the following symmetric-encryption algorithms offers the strength of 168-bit keys?
A.	Data Encryption Standard
B.	Advanced Encryption Standard
C.	Triple DES
D.	IDEA

Answer 102

Q6.02

Question 103

The security service that protects the secrecy of data, information, or resources is known as what?
A.	Integrity
B.	Authentication
C.	Nonrepudiation
D.	Confidentiality

Answer 103

Q6.03

Question 104

Digital signatures can be created using all but which of the following?
A.	Asymmetric cryptography
B.	Hashing
C.	Key escrow
D.	Symmetric cryptography

Answer 104

Q6.04

Question 105

When a subject or end user requests a certificate, they must provide which of the following items? (Choose all that apply.)
A.	Proof of identity
B.	A hardware storage device
C.	A public key
D.	A private key

Answer 105

Q6.05

Question 106

From a private corporate perspective, which of the following is most secure?
A.	Decentralized key management
B.	Centralized key management
C.	Individual key management
D.	Distributed key management

Answer 106

Q6.06

Question 107

When should a key or certificate be renewed?
A.	Every year
B.	Every quarter
C.	Just after it expires
D.	Just before it expires

Answer 107

Q6.07

Question 108

Which mode of operation used by symmetric encryption algorithms ensures unique cipher text by integrating an IV into the operation and linking each cipher text block to the next plain text block?
A.	Cipher Block Chaining
B.	Electronic Codebook
C.	Galois Counter Mode
D.	Counter Mode

Answer 108

Q6.08

Question 109

You are the communications officer for a large organization. Your data transfer system encrypts each file before sending it across the network to the recipient. There have been issues with the keys being intercepted as they are sent along the same path as the protect files. What alternative system should be used for key exchange?
A.	Ephemeral
B.	Out-of-band
C.	Sequential
D.	Synchronized

Answer 109

Q6.09

Question 110

Place the steps for creating a digital signature in correct order.
A. The receiver uses the sender’s public key to decrypt the sender’s private key and thus extract the hash from the digital signature.
B. The sender computes a hash of the message.
C. The complete message package is sent to the receiver.
D. The sender attaches the encrypted hash to the message.
E. The receiver computes a hash of the message.
F. The sender writes a message.
G. The receiver compares the two hash values.
H. The receiver strips off the encrypted hash (the digital signature).
I. The sender uses the sender’s private key to encrypt the hash.
1. H, G, E, B, D, F, A, C, I
2. F, I, G, A, D, H, C, B, E
3. C, A, E, I, B, D, G, H, F
4. F, B, I, D, C, H, A, E, G

Answer 110

Q6.10

Question 111

You are a programmer with a new app for use on smartphones. Your app provides users with a means to securely store personal data, such as their calendar, financial information, and personal contacts in an encrypted container. There is concern that users will be unable to remember a long random encryption key, but you want to use something stronger than just a remembered password. What technique can be used to minimize the information remembered by the user while maximizing the security of the encryption?
A.	Session key
B.	Ephemeral key
C.	Key stretching
D.	Secret algorithm

Answer 111

Q6.11

Question 112

What is the least effective form of security?
A.	Ephemeral keys
B.	Security through obscurity
C.	Implicit deny
D.	Authentication using certificates

Answer 112

Q6.12

Question 113

As a security-focused systems designer, you need to select the means by which symmetric keys are generated and exchanged between communication endpoints. Which of the following will provide your product with the most secure solution?
A.	Digital envelopes
B.	Static keys
C.	ECDHE
D.	Sequential keys

Answer 113

Q6.13

Question 114

What is the result of the following calculation: 1 0 0 1 0 0 1 1 ⊕ 0 0 0 1 1 1 0 0?
A.	1 0 0 1 1 1 1 1
B.	0 0 0 1 0 0 0 0
C.	0 1 1 1 0 0 0 0
D.	1 0 0 0 1 1 1 1

Answer 114

Q6.14

Question 115

Given the ROT13 matrix that follows, what is the plain text of the following cipher text: frphevgl ebpxf?
A. PT: A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
B. CT: N O P Q R S T U V W X Y Z A B C D E F G H I J K L M
C. Windows rules
D. Security rocks
E. Ephemeral crypto
F. Cracking keys

Answer 115

Q6.15

Question 116

What form of wireless can use a RADIUS server to authenticate a wireless client?
A.	WEP
B.	WPA PSK
C.	WPA-2 ENT
D.	WPS

Answer 116

Q6.16

Question 117

What form of EAP is considered one of the strongest options, negotiates security using digital certificates similar to HTTPS, and can function over wireless connections?
A.	EAP-FAST
B.	EAP-SIM
C.	PEAP
D.	EAP-TLS

Answer 117

Q6.17

Question 118

You are the manager of a restaurant and want to offer your customers wireless connectivity to the Internet. You are concerned that non-patrons will abuse the system and you therefore want to limit access to paying customers. Which of the following solutions would be able to accomplish this?
A. Use an open WiFi network with a hidden SSID.
B. Use a captive portal requiring a code that is provided to customers just after they place their drink order.
C. Post a sign on the wall with the WiFi name and password.
D. Track the MAC addresses of each wireless user and block those that abuse the system.

Answer 118

Q6.18

Question 119

You are implementing a new web server for your organization. There have been issues in the past with hackers impersonating your site in order to harm your clients and visitors. What certificate-based tool can be used to reduce the risk of site impersonation?
A.	Pinning
B.	Stapling
C.	Key escrow
D.	Offline CA

Answer 119

Q6.19

Question 120

What type of certificate will enable an organization to verify six specific subdomains with a single certificate but not allow other subdomains to be included?
A.	Wildcard
B.	SAN
C.	Root
D.	Domain validation

Answer 120

Q6.20