Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

Security+ > Study Questions (251 - 286) > Flashcards

Study Questions (251 - 286) Flashcards

1
Q

Which of the following network design elements provides for a one-to-one relationship between an internal network address and an external network address?

A. NAT
B. NAC
C. VLAN
D. PAT

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Using proximity card readers instead of the traditional key punch doors would help to mitigate:

A. impersonation.
B. tailgating.
C. dumpster diving.
D. shoulder surfing.

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

In planning for a firewall implementation, Pete, a security administrator, needs a tool to help him understand what traffic patterns are normal on his network. Which of the following tools would help Pete determine traffic patterns?

A. Syslog
B. Protocol analyzer
C. Proxy server
D. Firewall

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

TKIP uses which of the following encryption ciphers?

A. RC5
B. AES
C. RC4
D. 3DES

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Jane, an administrator, needs to transfer DNS zone files from outside of the corporate network.
Which of the following protocols must be used?

A. TCP
B. ICMP
C. UDP
D. IP

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Common access cards use which of the following authentication models?

A. PKI
B. XTACACS
C. RADIUS
D. TACACS

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Which of the following application attacks is used to gain access to SEH?

A. Cookie stealing
B. Buffer overflow
C. Directory traversal
D. XML injection

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Which of the following does a second authentication requirement mitigate when accessing privileged areas of a website, such as password changes or user profile changes?

A. Cross-site scripting
B. Cookie stealing
C. Packet sniffing
D. Transitive access

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Jane, a security technician, has been tasked with preventing contractor staff from logging into the company network after business hours. Which of the following BEST allows her to accomplish this?

A. Time of day restrictions
B. Access control list
C. Personal identity verification
D. Mandatory vacations

A

A

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Which of the following ports does DNS operate on, by default?

A. 23
B. 53
C. 137
D. 443

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Sara from IT Governance wants to provide a mathematical probability of an earthquake using facts and figures.Which of the following concepts would achieve this?

A. Qualitative Analysis
B. Impact Analysis
C. Quantitative Analysis
D. SLE divided by the ARO

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

A buffer overflow can result in which of the following attack types?

A. DNS poisoning
B. Zero-day
C. Privilege escalation
D. ARP poisoning

A

C

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Which of the following is an authentication service that uses UDP as a transport medium?

A. TACACS+
B. LDAP
C. Kerberos
D. RADIUS

A

D

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Which of the following is true concerning WEP security?

A. WEP keys are transmitted in plain text.
B. The WEP key initialization process is flawed.
C. The pre-shared WEP keys can be cracked with rainbow tables.
D. WEP uses the weak RC4 cipher.

A

B

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO).

A. Tethering
B. Screen lock PIN
C. Remote wipe
D. Email password
E. GPS tracking
F. Device encryption
A

C F

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Which of the following can be implemented on a lost mobile device to help recover it?

A. Remote sanitization
B. GPS tracking
C. Voice encryption
D. Patch management

A

B

17
Q

Sara, a security administrator, needs to implement the equivalent of a DMZ at the datacenter entrance. Which of the following must she implement?

A. Video surveillance
B. Mantrap
C. Access list
D. Alarm

A

B

18
Q

Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses to gather data on new malware. Which of the following is being implemented by Jane’s company?

A. Vulnerability scanner
B. Honeynet
C. Protocol analyzer
D. Port scanner

A

B

19
Q

Sara, a senior programmer for an application at a software development company, has also assumed an auditing role within the same company. She will be assessing the security of the application. Which of the following will she be performing?

A. Blue box testing
B. Gray box testing
C. Black box testing
D. White box testing

A

D

20
Q

Jane, a security analyst, wants to ensure that data is being stored encrypted, in the event that a corporate laptop is stolen. Which of the following encryption types will accomplish her goal?

A. IPSec
B. Secure socket layer
C. Whole disk
D. Transport layer security

A

C

21
Q

Which of the following BEST describes a directory traversal attack?

A. A malicious user can insert a known pattern of symbols in a URL to access a file in another section of the directory.
B. A malicious user can change permissions or lock out user access from a webroot directory or subdirectories.
C. A malicious user can delete a file or directory in the webroot directory or subdirectories.
D. A malicious user can redirect a user to another website across the Internet.

A

A

22
Q

Sara, the Chief Executive Officer (CEO) of a corporation, wishes to receive her corporate email and file attachments on her corporate mobile computing device. If the device is lost or stolen, the BEST security measure to ensure that sensitive information is not comprised would be:

A. to immediately file a police report and insurance report.
B. the ability to remotely wipe the device to remove the data.
C. to immediately issue a replacement device and restore data from the last backup.
D. to turn on remote GPS tracking to find the device and track its movements.

A

B

23
Q

In her morning review of new vendor patches, a security administrator has identified an exploit that is marked as critical. Which of the following is the BEST course of action?

A. The security administrator should wait seven days before testing the patch to ensure that the vendor does not issue an updated version, which would require reapplying the patch.
B. The security administrator should download the patch and install it to her workstation to test whether it will be able to be applied to all workstations in the environment.
C. The security administrator should alert the risk management department to document the patch and add it to the next monthly patch deployment cycle.
D. The security administrator should download the patch to the test network, apply it to affected systems, and evaluate the results on the test systems.

A

D

24
Q

Which of the following protocols allows for secure transfer of files? (Select TWO).

A. ICMP
B. SNMP
C. SFTP
D. SCP
E. TFTP
A

C D

25
Q

Sara, a security administrator, is configuring a new firewall. She has entered statements into the firewall configuration as follows:

Allow all Web traffic

Deny all Telnet traffic

Allow all SSH traffic

Mike, a user on the network, tries unsuccessfully to use RDP to connect to his work computer at home. Which of the following principles BEST explains why Mike’s attempt to connect is not successful?

A. Explicit deny
B. Loop protection
C. Implicit deny
D. Implicit permit

A

C

26
Q

Jane, a security administrator, notices that a program has crashed. Which of the following logs should Jane check?

A. Access log
B. Firewall log
C. Audit log
D. Application log

A

D

27
Q

Users at a corporation are unable to login using the directory access server at certain times of the day. Which of the following concepts BEST describes this lack of access?

A. Mandatory access control
B. Least privilege
C. Time of day restrictions
D. Discretionary access control

A

C

28
Q

Which of the following passwords is the LEAST complex?

A. MyTrain!45
B. Mytr@in!!
C. MyTr@in12
D. MyTr@in#8

A

B

29
Q

During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection to an internal router, but not successfully log in to it. Which ports and protocols are MOST likely to be open on the firewall? (Select FOUR).

A. 21
B. 22
C. 23
D. 69
E. 3389
F. SSH
G. Terminal services
H. Rlogin
I. Rsync
J. Telnet
A

B C F J

30
Q

During an anonymous penetration test, Jane, a system administrator, was able to identify a shared print spool directory, and was able to download a document from the spool. Which statement BEST describes her privileges?

A. All users have write access to the directory.
B. Jane has read access to the file.
C. All users have read access to the file.
D. Jane has read access to the directory.

A

C

31
Q

Sara, an IT security technician, has identified security weaknesses within her company’s code. Which of the following is a common security coding issue?

A. Input validation
B. Application fuzzing
C. Black box testing
D. Vulnerability scanning

A

A

32
Q

Which of the following is an application security coding problem?

A. Error and exception handling
B. Patch management
C. Application hardening
D. Application fuzzing

A

A

33
Q

Which of the following is a hardware-based security technology included in a computer?

A. Symmetric key
B. Asymmetric key
C. Whole disk encryption
D. Trusted platform module

A

D

34
Q

Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the following is MOST likely blocking Pete’s access to this site?

A. Internet content filter
B. Firewall
C. Proxy server
D. Protocol analyzer

A

A

35
Q

Jane, the administrator of a small company, wishes to track people who access the secured server room, which is secured only by a simple hardware key lock. Jane does not have much of a budget or the approval to make significant construction changes. Given the limitations, which of the following can she do in the meantime?

A. Implement an access log and a security guard
B. Install a 24/7 closed-circuit camera system
C. Install a separate hardware lock with limited keys
D. Implement a cipher key lock

A

D

36
Q

An administrator might choose to implement a honeypot in order to:

A. provide load balancing for network switches.
B. distract potential intruders away from critical systems.
C. establish a redundant server in case of a disaster.
D. monitor any incoming connections from the Internet.

A

B

Security+ (14 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions