multi test a

Card Set Information

Author:
johnnystevens
ID:
10947
Filename:
multi test a
Updated:
2010-03-17 12:42:21
Tags:
testing
Folders:

Description:
multiple choice upload test
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user johnnystevens on FreezingBlue Flashcards. What would you like to do?


  1. 1 All of the following provide confidentiality protection as part of the underlying protocol EXCEPT:

    A. SSL
    B. L2TP
    C. IPSeC
    D. SSH
    B. L2TP
    (this multiple choice question has been scrambled)
  2. 2 Which of the following allows an attacker to manipulate files by using the least significant bit(s) to secretly embed data?

    A. Steganography
    B. Worm
    C. Trojan horse
    D. Virus
    A. Steganography
    (this multiple choice question has been scrambled)
  3. 3 Which of the following type of attacks would allow an attacker to capture HTTP requests and send back a spoofed page?

    A. Replay
    B. Phishing
    C. Teardrop
    D. TCP/IP hijacking
    D. TCP/IP hijacking
    (this multiple choice question has been scrambled)
  4. 4 How should a company test the integrity of its backup data?

    A. By conducting another backup
    B. By using software to recover deleted files
    C. By restoring part of the backup
    D. By reviewing the written procedures
    C. By restoring part of the backup
    (this multiple choice question has been scrambled)
  5. 5 Which of following can BEST be used to determine the topology of a network and discover unknown devices?

    A. Protocol analyzer
    B. Vulnerability scanner
    C. NIPS
    D. Network mapper
    D. Network mapper
    (this multiple choice question has been scrambled)
  6. 6 When should a technician perform penetration testing?

    A. When the technician is trying to guess passwords on a network
    B. When the technician is war driving and trying to gain access
    C. When the technician suspects that weak passwords exist on the network
    D. When the technician has permission from the owner of the network
    D. When the technician has permission from the owner of the network
    (this multiple choice question has been scrambled)
  7. 7 An administrator has implemented a new SMTP service on a server. A public IP address translates to the internal SMTP server. The administrator notices many sessions to the server, and gets notification that the server?s public IP address is now reported in a spam real-time block list. Which of the following is wrong with the server?

    A. The amount of sessions needs to be limited
    B. SMTP open relaying is enabled
    C. It does not have a spam filter
    D. The public IP address is incorrect
    B. SMTP open relaying is enabled
    (this multiple choice question has been scrambled)
  8. 8 Which of the following is MOST efficient for encrypting large amounts of data?

    A. ECC algorithms
    B. Asymmetric key algorithms
    C. Hashing algorithms
    D. Symmetric key algorithms
    D. Symmetric key algorithms
    (this multiple choice question has been scrambled)
  9. 9 Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?

    A. War driving
    B. Rogue access points
    C. Session hijacking
    D. Weak encryption
    A. War driving
    (this multiple choice question has been scrambled)
  10. 10 Which of the following BEST describes ARP?

    A. Discovering the IP address of a device from the MAC address
    B. Discovering the MAC address of a device from the IP address
    C. Discovering the IP address of a device from the DNS name
    D. Discovering the DNS name of a device from the IP address
    B. Discovering the MAC address of a device from the IP address
    (this multiple choice question has been scrambled)
  11. 11 Which of the following would be BEST to use to apply corporate security settings to a device?

    A. A security template
    B. A security hotfix
    C. A security patch
    D. An OS service pack
    A. A security template
    (this multiple choice question has been scrambled)
  12. 12 A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If the anti-malware software is purchased, which of the following is the expected net savings?

    A. $2,290
    B. $900
    C. $2,700
    D. $5,000
    A. $2,290
    (this multiple choice question has been scrambled)
  13. 13 Which of the following is the main objective of steganography?

    A. Message digest
    B. Hide information
    C. Encrypt information
    D. Data integrity
    B. Hide information
    (this multiple choice question has been scrambled)
  14. 14 Which of the following would allow for secure key exchange over an unsecured network without a pre-shared key?

    A. MD5
    B. DH-ECC
    C. 3DES
    D. AES
    B. DH-ECC
    (this multiple choice question has been scrambled)
  15. 15 Which of the following improves security in a wireless system?

    A. Closed network
    B. MAC filtering
    C. SSID spoofing
    D. IP spoofing
    B. MAC filtering
    (this multiple choice question has been scrambled)
  16. 16 A user wants to implement secure LDAP on the network. Which of the following port numbers secure LDAP use by default?

    A. 636
    B. 389
    C. 443
    D. 53
    A. 636
    (this multiple choice question has been scrambled)
  17. 17 On which of the following is a security technician MOST likely to find usernames?

    A. Firewall logs
    B. DHCP logs
    C. DNS logs
    D. Application logs
    D. Application logs
    (this multiple choice question has been scrambled)
  18. 18 How many keys are utilized with asymmetric cryptography?

    A. Five
    B. Seven
    C. Two
    D. One
    C. Two
    (this multiple choice question has been scrambled)
  19. 19 During a risk assessment it is discovered that only one system administrator is assigned several tasks critical to continuity of operations. It is recommended to cross train other system administrators to perform these tasks and mitigate which of the following risks?

    A. Privilege escalation
    B. Single point of failure
    C. DDoS
    D. Disclosure of PII
    B. Single point of failure
    (this multiple choice question has been scrambled)
  20. 20 Which of the following network filtering devices will rely on signature updates to be effective?

    A. NIDS
    B. Proxy server
    C. Honeynet
    D. Firewall
    A. NIDS
    (this multiple choice question has been scrambled)
  21. 21 Which of the following is a single server that is setup in the DMZ or outer perimeter in order to distract attackers?

    A. Honeypot
    B. DMZ
    C. VLAN
    D. Honeynet
    A. Honeypot
    (this multiple choice question has been scrambled)
  22. 22 Which of the following encryption algorithms is decrypted in the LEAST amount of time?

    A. RSA
    B. L2TP
    C. 3DES
    D. AES
    D. AES
    (this multiple choice question has been scrambled)
  23. 23 An administrator is trying to secure a network from threats originating outside the network. Which of the following devices provides protection for the DMZ from attacks launched from the Internet?

    A. Proxy server
    B. Firewall
    C. Antivirus
    D. Content filter
    B. Firewall
    (this multiple choice question has been scrambled)
  24. 24 Which of the following is a way to manage operating system updates?

    A. Hotfix management
    B. Patch application
    C. Service pack management
    D. Change management
    D. Change management
    (this multiple choice question has been scrambled)
  25. 25 Which of the following is a list of discrete entries that are known to be benign?

    A. Signature
    B. ACL
    C. Whitelist
    D. Blacklist
    C. Whitelist
    (this multiple choice question has been scrambled)
  26. 26 Which of the following increases the collision resistance of a hash?

    A. Larger key space
    B. Increase the input length
    C. Rainbow Table
    D. Salt
    D. Salt
    (this multiple choice question has been scrambled)
  27. 27 A programmer has decided to alter the server variable in the coding of an authentication function for a proprietary sales application. Before implementing the new routine on the production application server, which of the following processes should be followed?

    A. Change management
    B. Secure disposal
    C. Password complexity
    D. Chain of custody
    A. Change management
    (this multiple choice question has been scrambled)
  28. 28 When deploying 50 new workstations on the network, which of following should be completed FIRST?

    A. Run the latest spyware
    B. Run OS updates
    C. Install a word processor
    D. Apply the baseline configuration
    D. Apply the baseline configuration
    (this multiple choice question has been scrambled)
  29. 29 Which of the following should be implemented to have all workstations and servers isolated in their own broadcast domains?

    A. NAT
    B. Access lists
    C. VLANs
    D. Intranet
    C. VLANs
    (this multiple choice question has been scrambled)
  30. 30 End users are complaining about receiving a lot of email from online vendors and pharmacies. Which of the following is this an example of?

    A. Trojan
    B. Spam
    C. Phishing
    D. DNS poisoning
    B. Spam
    (this multiple choice question has been scrambled)
  31. 31 Which of the following BEST describes a private key in regards to asymmetric encryption?

    A. Everyone has access to the private key on the CA.
    B. Only the CA has access to the private key.
    C. The key owner and a recipient of an encrypted email have exclusive access to the private key.
    D. The key owner has exclusive access to the private key.
    D. The key owner has exclusive access to the private key.
    (this multiple choice question has been scrambled)
  32. 32 Which of the following logs might reveal the IP address and MAC address of a rogue device within the local network?

    A. DNS logs
    B. Antivirus logs
    C. DHCP logs
    D. Security logs
    C. DHCP logs
    (this multiple choice question has been scrambled)
  33. 33 Which of the following is commonly used in a distributed denial of service (DDOS) attack?

    A. Adware
    B. Trojan
    C. Phishing
    D. Botnet
    D. Botnet
    (this multiple choice question has been scrambled)
  34. 34 Which of the following practices is MOST relevant to protecting against operating system security flaws?

    A. Antivirus selection
    B. Patch management
    C. Network intrusion detection
    D. Firewall configuration
    B. Patch management
    (this multiple choice question has been scrambled)
  35. 35 Which of the following is a best practice for coding applications in a secure manner?

    A. Rapid Application Development (RAD)
    B. Input validation
    C. Object oriented coding
    D. Cross-site scripting
    B. Input validation
    (this multiple choice question has been scrambled)
  36. 36 Which of the following technologies can be used as a means to isolate a host OS from some types of security threats?

    A. Intrusion detection
    B. Virtualization
    C. Cloning
    D. Kiting
    B. Virtualization
    (this multiple choice question has been scrambled)
  37. 37 Which of the following network tools would provide the information on what an attacker is doing to compromise a system?

    A. Internet content filters
    B. Honeypot
    C. Firewall
    D. Proxy server
    B. Honeypot
    (this multiple choice question has been scrambled)
  38. 38 Assigning proper security permissions to files and folders is the primary method of mitigating which of the following?

    A. Trojan
    B. DoS
    C. Policy subversion
    D. Hijacking
    A. Trojan
    (this multiple choice question has been scrambled)
  39. 39 Which of the following logical access controls would be MOST appropriate to use when creating an account for a temporary worker?

    A. Time of day restrictions
    B. ACL
    C. Logical tokens
    D. Account expiration
    D. Account expiration
    (this multiple choice question has been scrambled)
  40. 40 Which of the following may be an indication of a possible system compromise?

    A. A port monitor utility shows that there are many connections to port 80 on the Internet facing web server.
    B. A protocol analyzer records a high number of UDP packets to a streaming media server on the Internet.
    C. A performance monitor indicates a recent and ongoing drop in speed, disk space or memory utilization from the baseline.
    D. The certificate for one of the web servers has expired and transactions on that server begins to drop rapidly.
    C. A performance monitor indicates a recent and ongoing drop in speed, disk space or memory utilization from the baseline.
    (this multiple choice question has been scrambled)
  41. 41 An administrator suspects that files are being copied to a remote location during off hours. The file server does not have logging enabled. Which of the following logs would be the BEST place to look for information?

    A. Firewall logs
    B. Antivirus logs
    C. Intrusion detection logs
    D. DNS logs
    A. Firewall logs
    (this multiple choice question has been scrambled)
  42. 42 Which of the following access control methods gives the owner control over providing permissions?

    A. Mandatory Access Control (MAC)
    B. Rule-Based Access control (RBAC)
    C. Role-Based Access Control (RBAC)
    D. Discretionary Access Control (DAC)
    D. Discretionary Access Control (DAC)
    (this multiple choice question has been scrambled)
  43. 43 Which of the following access control methods grants permissions based on the users position in the company?

    A. Mandatory Access Control (MAC)
    B. Role-Based Access Control (RBAC)
    C. Discretionary Access Control (DAC)
    D. Rule-Based Access control (RBAC)
    B. Role-Based Access Control (RBAC)
    (this multiple choice question has been scrambled)
  44. 44 Which of the following access control methods includes switching work assignments at preset intervals?

    A. Least privilege
    B. Mandatory vacations
    C. Separation of duties
    D. Job rotation
    D. Job rotation
    (this multiple choice question has been scrambled)
  45. 45 Which of the following authentication methods would MOST likely prevent an attacker from being able to successfully deploy a replay attack?

    A. Kerberos
    B. RAS
    C. TACACS
    D. RADIUS
    A. Kerberos
    (this multiple choice question has been scrambled)
  46. 46 Which of the following would an attacker use to footprint a system?

    A. RADIUS
    B. Port scanner
    C. Password cracker
    D. Man-in-the-middle attack
    B. Port scanner
    (this multiple choice question has been scrambled)
  47. 47 Which of the following ensures a user cannot deny having sent a message?

    A. Confidentiality
    B. Integrity
    C. Non-repudiation
    D. Availability
    C. Non-repudiation
    (this multiple choice question has been scrambled)
  48. 48 Which of the following allows an attacker to embed a rootkit into a picture?

    A. Trojan horse
    B. Virus
    C. Steganography
    D. Worm
    C. Steganography
    (this multiple choice question has been scrambled)
  49. 49 Which of the following is a publication of inactivated user certificates?

    A. Certificate revocation list
    B. Certificate suspension
    C. Certificate authority
    D. Recovery agent
    A. Certificate revocation list
    (this multiple choice question has been scrambled)
  50. 50 Which of the following is a method of encrypting email?

    A. L2TP
    B. S/MIME
    C. SMTP
    D. VPN
    B. S/MIME
    (this multiple choice question has been scrambled)
  51. 51 Which of the following risks would be reduced by implementing screen filters?

    A. Phishing
    B. Man-in-the-middle attacks
    C. Shoulder surfing
    D. Replay attacks
    C. Shoulder surfing
    (this multiple choice question has been scrambled)
  52. 52 Which of the following allows an attacker to hide the presence of malicious code by altering the systems process and registry entries?

    A. Logic bomb
    B. Rootkit
    C. Trojan
    D. Worm
    B. Rootkit
    (this multiple choice question has been scrambled)
  53. 53 Which of the following will propagate itself without any user interaction?

    A. Virus
    B. Trojan
    C. Worm
    D. Rootkit
    C. Worm
    (this multiple choice question has been scrambled)
  54. 54 An administrator wants to setup their network with only one public IP address. Which of the following would allow for this?

    A. NAT
    B. VLAN
    C. NIDS
    D. DMZ
    A. NAT
    (this multiple choice question has been scrambled)
  55. 55 An administrator wants to proactively collect information on attackers and their attempted methods of gaining access to the internal network. Which of the following would allow the administrator to do this?

    A. NIDS
    B. NIPS
    C. DMZ
    D. Honeypot
    D. Honeypot
    (this multiple choice question has been scrambled)
  56. 56 Which of the following allows a technician to correct a specific issue with a solution that has not been fully tested?

    A. Security roll-up
    B. Service pack
    C. Hotfix
    D. Patch
    C. Hotfix
    (this multiple choice question has been scrambled)
  57. 57 A technician wants to regulate and deny traffic to websites that contain information on hacking. Which of the following would be the BEST solution to deploy?

    A. Protocol analyzer
    B. NIDS
    C. Proxy
    D. Internet content filter
    D. Internet content filter
    (this multiple choice question has been scrambled)
  58. 58 Which of the following is the LEAST intrusive way of checking the environment for known software flaws?

    A. Vulnerability scanner
    B. Penetration test
    C. Port scanner
    D. Protocol analyzer
    A. Vulnerability scanner
    (this multiple choice question has been scrambled)
  59. 59 If a certificate has been compromised, which of the following should be done?

    A. Put the certificate in key escrow
    B. Put the certificate on the CRL
    C. Run the recovery agent
    D. Suspend the certificate for further investigation
    B. Put the certificate on the CRL
    (this multiple choice question has been scrambled)
  60. 60 Which of the following requires an update to the baseline after installing new software on a machine?

    A. Honeypot
    B. Signature-based NIDS
    C. Behavior-based HIDS
    D. Signature-based NIPS
    C. Behavior-based HIDS
    (this multiple choice question has been scrambled)
  61. 61 Which of the following would be the MOST secure choice to implement for authenticating remote connections?

    A. RADIUS
    B. LDAP
    C. RAS
    D. 8021x
    A. RADIUS
    (this multiple choice question has been scrambled)
  62. 62 Which of the following is the BEST way to reduce the number of accounts a user must maintain?

    A. CHAP
    B. Kerberos
    C. SSO
    D. MD5
    C. SSO
    (this multiple choice question has been scrambled)
  63. 63 Which of the following can be used as a means for dual-factor authentication?

    A. Iris scan and proximity card
    B. RAS and username/password
    C. RADIUS and L2TP
    D. LDAP and WPA
    A. Iris scan and proximity card
    (this multiple choice question has been scrambled)
  64. 64 After implementing file auditing, which of the following logs would show unauthorized usage attempts?

    A. Performance
    B. Application
    C. Security
    D. System
    C. Security
    (this multiple choice question has been scrambled)
  65. 65 Which of the following type of attacks requires an attacker to sniff the network?

    A. Man-in-the-Middle
    B. DNS poisoning
    C. DDoS attack
    D. MAC flooding
    A. Man-in-the-Middle
    (this multiple choice question has been scrambled)
  66. 66 If a user attempts to go to a website and notices the URL has changed, which of the following attacks is MOST likely the cause?

    A. DDoS attack
    B. DNS poisoning
    C. DLL injection
    D. ARP poisoning
    B. DNS poisoning
    (this multiple choice question has been scrambled)
  67. 67 Which of the following attacks can be caused by a user being unaware of their physical surroundings?

    A. Phishing
    B. Shoulder surfing
    C. Man-in-the-middle
    D. ARP poisoning
    B. Shoulder surfing
    (this multiple choice question has been scrambled)
  68. 68 Which of the following actions should be performed upon discovering an unauthorized wireless access point attached to a network?

    A. Change the SSID on the wireless access point
    B. Unplug the Ethernet cable from the wireless access point
    C. Enable MAC filtering on the wireless access point
    D. Run a ping against the wireless access point
    B. Unplug the Ethernet cable from the wireless access point
    (this multiple choice question has been scrambled)
  69. 69 Which of the following redundancy solutions contains hardware systems similar to the affected organization, but does not provide live data?

    A. Hot site
    B. Uninterruptible Power Supply (UPS)
    C. Cold site
    D. Warm site
    D. Warm site
    (this multiple choice question has been scrambled)
  70. 70 During the implementation of LDAP, which of the following will typically be changed within the organizations software programs?

    A. Network protocol
    B. IP addresses
    C. Authentication credentials
    D. Non-repudiation policy
    C. Authentication credentials
    (this multiple choice question has been scrambled)
  71. 71 Which of the following would be MOST useful to determine why packets from a computer outside the network are being dropped on the way to a computer inside the network?

    A. System log
    B. Firewall log
    C. HIDS log
    D. Security log
    B. Firewall log
    (this multiple choice question has been scrambled)
  72. 72 Which of the following security policies is BEST to use when trying to mitigate the risks involved with allowing a user to access company email via their cell phone?

    A. The cell phone should have data connection abilities disabled
    B. The cell phone should only be used for company related emails
    C. The cell phone data should be encrypted according to NIST standards
    D. The cell phone should require a password after a set period of inactivity
    D. The cell phone should require a password after a set period of inactivity
    (this multiple choice question has been scrambled)
  73. 73 An administrator has been asked to encrypt credit card data. Which of the following algorithms would be the MOST secure with the least CPU utilization?

    A. AES
    B. MD5
    C. 3DES
    D. SHA-1
    A. AES
    (this multiple choice question has been scrambled)
  74. 74 Which of the following algorithms is the LEAST secure?

    A. NTLM
    B. MD5
    C. LANMAN
    D. SHA-1
    C. LANMAN
    (this multiple choice question has been scrambled)
  75. 75 Which of the following algorithms is MOST closely associated with the signing of email messages?

    A. TKIP
    B. SHA-1
    C. PGP
    D. MD5
    C. PGP
    (this multiple choice question has been scrambled)
  76. 76 An executive uses PKI to encrypt sensitive emails sent to an assistant. In addition to encrypting the body of the email, the executive wishes to encrypt the signature so that the assistant can verify that the email actually came from the executive. Which of the following asymmetric keys should the executive use to encrypt the signature?

    A. Private
    B. Public
    C. Shared
    D. Hash
    A. Private
    (this multiple choice question has been scrambled)
  77. 77 A technician needs to detect staff members that are connecting to an unauthorized website. Which of the following could be used?

    A. Host routing table
    B. Protocol analyzer
    C. HIDS
    D. Bluesnarfing
    B. Protocol analyzer
    (this multiple choice question has been scrambled)
  78. 78 An administrator suspects that multiple PCs are infected with a zombie. Which of the following tools could be used to confirm this?

    A. Recovery agent
    B. Spyware
    C. Port scan
    D. Antivirus
    D. Antivirus
    (this multiple choice question has been scrambled)
  79. 79 Which of the following is an example of security personnel that administer access control functions, but do not administer audit functions?

    A. Least privilege
    B. Separation of duties
    C. Access enforcement
    D. Account management
    B. Separation of duties
    (this multiple choice question has been scrambled)
  80. 80 A malware incident has just been detected within a company. Which of the following should be the administrator?s FIRST response?

    A. Containment
    B. Removal
    C. Recovery
    D. Monitor
    A. Containment
    (this multiple choice question has been scrambled)
  81. 81 Taking into account personal safety, which of the following types of fire suppression substances would BEST prevent damage to electronic equipment?

    A. CO2
    B. Halon
    C. Foam
    D. Water
    A. CO2
    (this multiple choice question has been scrambled)
  82. 82 Which of the following describes the process of securely removing information from media (e.g. hard drive) for future use?

    A. Deleting
    B. Sanitization
    C. Destruction
    D. Reformatting
    B. Sanitization
    (this multiple choice question has been scrambled)
  83. 83 Which of the following principles should be applied when assigning permissions?

    A. Rule based
    B. Most privilege
    C. Least privilege
    D. Role based
    C. Least privilege
    (this multiple choice question has been scrambled)
  84. 84 Which of the following type of strategies can be applied to allow a user to enter their username and password once in order to authenticate to multiple systems and applications?

    A. Biometrics
    B. Smart card
    C. Two-factor authentication
    D. Single sign-on
    D. Single sign-on
    (this multiple choice question has been scrambled)
  85. 85 User A is a member of the payroll security group. Each member of the group should have read/write permissions to a share. User A was trying to update a file but when the user tried to access the file the user was denied. Which of the following would explain why User A could not access the file?

    A. Read only access
    B. Rights are not set correctly
    C. Privilege escalation
    D. Least privilege
    B. Rights are not set correctly
    (this multiple choice question has been scrambled)
  86. 86 Which of the following threats is the MOST difficult to detect and hides itself from the operating system?

    A. Spyware
    B. Adware
    C. Spam
    D. Rootkit
    D. Rootkit
    (this multiple choice question has been scrambled)
  87. 87 Which of the following methods is used to perform denial of service (DoS) attacks?

    A. Botnet
    B. Spyware
    C. Privilege escalation
    D. Adware
    A. Botnet
    (this multiple choice question has been scrambled)
  88. 88 Which of the following is an attack that is triggered by a specific event or by a date?

    A. Privilege escalation
    B. Spam
    C. Rootkit
    D. Logic bomb
    D. Logic bomb
    (this multiple choice question has been scrambled)
  89. 89 Which of the following can an attacker use to gather information on a system without having a user ID or password?

    A. DNS poisoning
    B. Spoofing
    C. Null session
    D. NAT
    C. Null session
    (this multiple choice question has been scrambled)
  90. 90 Which of the following is a way to logically separate a network through a switch?

    A. VLAN
    B. Subnetting
    C. NAT
    D. Spanning port
    A. VLAN
    (this multiple choice question has been scrambled)
  91. 91 Which of the following is a security threat when a new network device is configured for first-time installation?

    A. Installation of a back door
    B. Denial of Service (DoS)
    C. Use of default passwords
    D. Attacker privilege escalation
    C. Use of default passwords
    (this multiple choice question has been scrambled)
  92. 92

    Which of the following is an exploit against a device where only the hardware model and manufacturer are known?

    A. Default passwords
    B. Denial of service (DoS)
    C. Replay attack
    D. Privilege escalation
    A. Default passwords
    (this multiple choice question has been scrambled)
  93. 93 A technician is implementing a new wireless network for an organization. The technician should be concerned with all of the following wireless vulnerabilities EXCEPT:

    A. SSID broadcasts
    B. rogue access points
    C. weak encryption
    D. 80211 mode
    D. 80211 mode
    (this multiple choice question has been scrambled)
  94. 94 Which of the following tools will allow the technician to find all open ports on the network?

    A. Network scanner
    B. Protocol analyzer
    C. Performance monitor
    D. Router ACL
    A. Network scanner
    (this multiple choice question has been scrambled)
  95. 95 An organization is installing new servers into their infrastructure. A technician is responsible for making sure that all new servers meet security requirements for uptime. In which of the following is the availability requirements identified?

    A. Security template
    B. Performance baseline
    C. Device manufacturer documentation
    D. Service level agreement
    D. Service level agreement
    (this multiple choice question has been scrambled)
  96. 96 After issuance a technician becomes aware that some keys were issued to individuals who are not authorized to use them. Which of the following should the technician use to correct this problem?

    A. Recovery agent
    B. Key escrow
    C. Public key recovery
    D. Certificate revocation list
    D. Certificate revocation list
    (this multiple choice question has been scrambled)
  97. 97 Password crackers are generally used by malicious attackers to:

    A. verify system access
    B. gain system access
    C. facilitate penetration testing
    D. sniff network passwords
    B. gain system access
    (this multiple choice question has been scrambled)
  98. 98 Which of the following properly describes penetration testing?

    A. Penetration tests are generally used to demonstrate a weakness in a system and then provide documentation on the weakness.
    B. Penetration tests are generally used to exploit a weakness without permission and show how an attacker might compromise a system.
    C. Penetration tests are generally used to map the network and grab banners.
    D. Penetration tests are generally used to scan the network and identify open ports.
    A. Penetration tests are generally used to demonstrate a weakness in a system and then provide documentation on the weakness.
    (this multiple choice question has been scrambled)
  99. 99 Which of the following should a technician review when a user is moved from one department to another?

    A. Acceptable usage policy
    B. User access and rights
    C. Data storage and retention policies
    D. Users group policy
    B. User access and rights
    (this multiple choice question has been scrambled)
  100. 100 Which of the following is a reason to implement security logging on a DNS server?

    A. To measure the DNS server performance
    B. To control unauthorized DNS DoS
    C. To perform penetration testing on the DNS server
    D. To monitor unauthorized zone transfers
    D. To monitor unauthorized zone transfers
    (this multiple choice question has been scrambled)

What would you like to do?

Home > Flashcards > Print Preview