multi test b

Card Set Information

Author:
johnnystevens
ID:
10948
Filename:
multi test b
Updated:
2010-03-17 12:43:57
Tags:
testing
Folders:

Description:
multiple choice upload test
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user johnnystevens on FreezingBlue Flashcards. What would you like to do?


  1. 101 A technician is rebuilding the infrastructure for an organization. The technician has been tasked with making sure that the virtualization technology is implemented securely. Which of the following is a concern when implementing virtualization technology?

    A. The technician should verify that the virtual servers are dual homed so that traffic is securely separated.
    B. The technician should subnet the network so each virtual server is on a different network segment.
    C. The technician should perform penetration testing on all the virtual servers to monitor performance.
    D. The technician should verify that the virtual servers and the host have the latest service packs and patches applied.
    D. The technician should verify that the virtual servers and the host have the latest service packs and patches applied.
    (this multiple choice question has been scrambled)
  2. 102 A technician is reviewing the logical access control method an organization uses. One of the senior managers requests that the technician prevent staff members from logging on during nonworking days. Which of the following should the technician implement to meet managements request?


    A. Enforce Kerberos
    B. Deploy smart cards
    C. Time of day restrictions
    D. Access control lists
    C. Time of day restrictions
    (this multiple choice question has been scrambled)
  3. 103 How would a technician implement a security patch in an enterprise environment?

    A. Download the patch from the Internet, test the patch and install it on all of the production servers.
    B. Download the patch from the vendors secure website and install it as needed.
    C. Download the patch from the vendors secure website and install it on the most vulnerable workstation.
    D. Download the patch from the vendors secure website, test the patch and install it on all workstations.
    D. Download the patch from the vendors secure website, test the patch and install it on all workstations.
    (this multiple choice question has been scrambled)
  4. 104 Which of the following is considered the weakest encryption?

    A. AES
    B. DES
    C. SHA
    D. RSA
    B. DES
    (this multiple choice question has been scrambled)
  5. 105 Which of the following encryption schemes is the public key infrastructure based on?

    A. Asymmetric
    B. Quantum
    C. Elliptical curve
    D. Symmetric
    A. Asymmetric
    (this multiple choice question has been scrambled)
  6. 106 Which of the following BEST describes the term war driving?

    A. Driving from point to point with a wireless scanner to read other users emails through the access point
    B. Driving from point to point with a wireless scanner to use unsecured access points
    C. Driving from point to point with a laptop and an antenna to find unsecured wireless access points
    D. Driving from point to point with a wireless network card and hacking into unsecured wireless access points
    C. Driving from point to point with a laptop and an antenna to find unsecured wireless access points
    (this multiple choice question has been scrambled)
  7. 107 Which of the following statements BEST describes the implicit deny concept?

    A. Blocks everything and only allows the minimal required privileges
    B. Blocks everything and only allows privileges based on job description
    C. Blocks everything and only allows explicitly granted permissions
    D. Blocks everything and allows the maximum level of permissions
    C. Blocks everything and only allows explicitly granted permissions
    (this multiple choice question has been scrambled)
  8. 108 When is the BEST time to update antivirus definitions?

    A. When an attack occurs on the network
    B. When a new virus is discovered on the system
    C. At least once a week as part of system maintenance
    D. As the definitions become available from the vendor
    D. As the definitions become available from the vendor
    (this multiple choice question has been scrambled)
  9. 109 Why would a technician use a password cracker?

    A. To change a user?s passwords when they leave the company
    B. To look for weak passwords on the network
    C. To change users passwords if they have forgotten them
    D. To enforce password complexity requirements
    B. To look for weak passwords on the network
    (this multiple choice question has been scrambled)
  10. 110 Users on a network report that they are receiving unsolicited emails from an email address that does not change. Which of the following steps should be taken to stop this from occurring?

    A. Configure a rule in each user?s router and restart the router
    B. Install an anti-spam filter on the domain mail servers and filter the email address
    C. Configure rules on the users host and restart the host
    D. Install an ACL on the firewall to block traffic from the sender and filter the IP address
    B. Install an anti-spam filter on the domain mail servers and filter the email address
    (this multiple choice question has been scrambled)
  11. 111 Which of the following is a true statement with regards to a NIDS?

    A. A NIDS is normally installed on the email server
    B. A NIDS is installed on the proxy server
    C. A NIDS monitors and analyzes network traffic for possible intrusions
    D. A NIDS prevents certain types of traffic from entering a network
    C. A NIDS monitors and analyzes network traffic for possible intrusions
    (this multiple choice question has been scrambled)
  12. 112 A technician suspects that a piece of malware is consuming too many CPU cycles and slowing down a system. Which of the following will help determine the amount of CPU cycles that are being consumed?

    A. Run performance monitor to evaluate the CPU usage
    B. Install HIDS to determine the CPU usage
    C. Install malware scanning software
    D. Use a protocol analyzer to find the cause of the traffic
    A. Run performance monitor to evaluate the CPU usage
    (this multiple choice question has been scrambled)
  13. 113 Which of the following are characteristics of a hash function? (Select TWO)

    A. One-way
    B. Encrypts a connection
    C. Ensures data can be easily decrypted
    D. Fixed length output
    E. Requires a key
    • A. One-way
    • D. Fixed length output
  14. 114 Which of the following is the MOST secure alternative for administrative access to a router?

    A. rlogin
    B. HTTP
    C. SSH
    D. Telnet
    C. SSH
    (this multiple choice question has been scrambled)
  15. 115 Which of the following might an attacker resort to in order to recover discarded company documents?

    A. Phishing
    B. Shoulder surfing
    C. Dumpster diving
    D. Insider theft
    C. Dumpster diving
    (this multiple choice question has been scrambled)
  16. 116 Which of the following creates a security buffer zone between two rooms?

    A. DMZ
    B. Mantrap
    C. Turnstile
    D. Anti-pass back
    B. Mantrap
    (this multiple choice question has been scrambled)
  17. 117 Which of the following tools would be used to review network traffic for clear text passwords?

    A. Protocol analyzer
    B. Port scanner
    C. Password cracker
    D. Firewall
    A. Protocol analyzer
    (this multiple choice question has been scrambled)
  18. 118 Kerberos uses which of the following trusted entities to issue tickets?

    A. Key Distribution Center
    B. Certificate Authority
    C. Internet Key Exchange
    D. Ticket Granting System
    A. Key Distribution Center
    (this multiple choice question has been scrambled)
  19. 119 Which of the following specifies a set of consistent requirements for a workstation or server?

    A. Vulnerability assessment
    B. Imaging software
    C. Configuration baseline
    D. Patch management
    C. Configuration baseline
    (this multiple choice question has been scrambled)
  20. 120 A company?s website allows customers to search for a product and display the current price and quantity available of each product from the production database. Which of the following would invalidate an SQL injection attack launched from the lookup field at the web server level?

    A. NIPS
    B. Security template
    C. Input validation
    D. Buffer overflow protection
    C. Input validation
    (this multiple choice question has been scrambled)
  21. 121 Which of the following virtual machine components monitors and manages the various virtual instances?

    A. VMOS
    B. VCPU
    C. Hypervisor
    D. Virtual supervisor
    C. Hypervisor
    (this multiple choice question has been scrambled)
  22. 122 A smurf attack is an example of which of the following threats?

    A. DoS
    B. ARP Poisoning
    C. Man-in-the-middle
    D. TCP/IP Hijacking
    A. DoS
    (this multiple choice question has been scrambled)
  23. 123 Which of the following is the BEST tool for allowing users to go to approved business-related websites only?

    A. Internet content filter
    B. ACL
    C. Caching server
    D. Firewall
    A. Internet content filter
    (this multiple choice question has been scrambled)
  24. 124 Which of the following is a security trait of a virtual machine?

    A. Provides real-time access to all system processes
    B. Provides a restricted environment for executing code
    C. Provides additional resources for testing
    D. Provides a read-only area for executing code
    B. Provides a restricted environment for executing code
    (this multiple choice question has been scrambled)
  25. 125 An unauthorized user intercepted a user?s password and used this information to obtain the company?s administrator password. The unauthorized user can use the administrator?s password to access sensitive information pertaining to client data. Which of the following is this an example of?

    A. Session hijacking
    B. Least privilege
    C. Privilege escalation
    D. Network address translation
    C. Privilege escalation
    (this multiple choice question has been scrambled)
  26. 126 Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. Which of the following mitigation techniques would address this concern? (Select TWO)

    A. Disable the USB root hub within the OS
    B. Install anti-virus software on the USB drives
    C. Disable USB within the workstations BIOS
    D. Apply the concept of least privilege to USB devices
    E. Run spyware detection against all workstations
    • A. Disable the USB root hub within the OS
    • C. Disable USB within the workstations BIOS
  27. 127 An administrator has developed an OS install that will implement the tightest security controls possible. In order to quickly replicate these controls on all systems, which of the following should be established?

    A. Create a boot disk for the operating system
    B. Create an image from the OS install
    C. Implement OS hardening procedures
    D. Take screen shots of the configuration options
    B. Create an image from the OS install
    (this multiple choice question has been scrambled)
  28. 128 After registering an email address on a website, a user starts receiving messages from unknown sources. The email account is new, and therefore the user is concerned. This type of message traffic is referred to as:

    A. SPIM
    B. spam
    C. S/MIME
    D. instant message traffic
    B. spam
    (this multiple choice question has been scrambled)
  29. 129 A technician is testing the security of a new database application with a website front-end. The technician notices that when certain characters are input into the application it will crash the server. Which of the following does the technician need to do?

    A. Utilize SSL on the website
    B. Implement an ACL
    C. Input validation
    D. Lock-down the database
    C. Input validation
    (this multiple choice question has been scrambled)
  30. 130 An administrator in a small office environment has implemented an IDS on the network perimeter to detect malicious traffic patterns. The administrator still has a concern about traffic inside the network originating between client workstations. Which of the following could be implemented?

    A. A network router
    B. A VLAN
    C. An access list
    D. HIDS
    D. HIDS
    (this multiple choice question has been scrambled)
  31. 131 A user is redirected to a different website when the user requests the DNS record www.xyz.comptia. com. Which of the following is this an example of?

    A. DoS
    B. DNS caching
    C. DNS poisoning
    D. Smurf attack
    C. DNS poisoning
    (this multiple choice question has been scrambled)
  32. 132 A company wants to host public servers on a new network. These servers will include a website and mail server. Which of the following should be implemented on the network to isolate these public hosts from the rest of the network?

    A. VLAN
    B. IPv6
    C. IPSec
    D. DMZ
    D. DMZ
    (this multiple choice question has been scrambled)
  33. 133 A user has decided that they do not want an internal LAN segment to use public IP addresses. The user wants to translate them as private IP addresses to a pool of public IP addresses to identify them on the Internet. Which of the following does the user want to implement?

    A. NAT
    B. IPSec
    C. SSH
    D. SFTP
    A. NAT
    (this multiple choice question has been scrambled)
  34. 134 An administrator has been studying stateful packet inspection and wants to implement this security technique on the network. Which of the following devices could the administrator use to BEST utilize stateful packet inspection?

    A. IDS
    B. Hub
    C. Firewall
    D. Switch
    C. Firewall
    (this multiple choice question has been scrambled)
  35. 135 Which of the following is the primary purpose of a honeypot?

    A. Provide cryptography for the network
    B. Work as a network proxy
    C. Translate addresses at the perimeter
    D. To provide a decoy target on the network
    D. To provide a decoy target on the network
    (this multiple choice question has been scrambled)
  36. 136 An administrator wants to ensure that that no equipment is damaged when there is a fire or false alarm in the server room. Which of the following type of fire suppression systems should be used?

    A. Hydrogen Peroxide
    B. Wet pipe sprinkler
    C. Deluge sprinkler
    D. Carbon Dioxide
    D. Carbon Dioxide
    (this multiple choice question has been scrambled)
  37. 137 Which of the following is a CRL composed of?

    A. Expired user accounts
    B. Public Key Infrastructure (PKI)
    C. Certificate authorities
    D. Expired or revoked certificates
    D. Expired or revoked certificates
    (this multiple choice question has been scrambled)
  38. 138 Which of the following is the primary purpose of a CA?

    A. Issue private/public keys
    B. LANMAN validation
    C. Kerberos authentication
    D. Encrypt data
    A. Issue private/public keys
    (this multiple choice question has been scrambled)
  39. 139 An administrator wants to replace telnet with a more secure protocol to manage a network device. Which of the following should be implemented on the network?

    A. SSH
    B. SNMP
    C. SFTP
    D. SMTP
    A. SSH
    (this multiple choice question has been scrambled)
  40. 140 A user is attempting to receive digitally signed and encrypted email messages from a remote office. Which of the following protocols does the system need to support?

    A. SMTP
    B. ISAKMP
    C. IPSec
    D. S/MIME
    D. S/MIME
    (this multiple choice question has been scrambled)
  41. 141 An administrator does not want anyone to VPN from inside the network to a remote office or network. Which of the following protocols should be blocked outbound on the network?

    A. TPM
    B. SNMP
    C. ISAKMP
    D. OVAL
    C. ISAKMP
    (this multiple choice question has been scrambled)
  42. 142 An administrator is implementing a public website and they want all client connections to the server to be encrypted via their web browser. Which of the following should be implemented?

    A. Blowfish
    B. SHA-1
    C. SSL
    D. 3DES
    C. SSL
    (this multiple choice question has been scrambled)
  43. 143 Which of the following is MOST likely provided by asymmetric key cryptography?

    A. Performance
    B. Kiting
    C. A pre-shared key
    D. Confidentiality
    D. Confidentiality
    (this multiple choice question has been scrambled)
  44. 144 All of the following are symmetric key algorithms EXCEPT:

    A. RC4
    B. ECC
    C. 3DES
    D. Rijndael
    B. ECC
    (this multiple choice question has been scrambled)
  45. 145 Which of the following is true about ECC algorithms?

    A. It is implemented in portable devices
    B. It is the algorithm used in PGP
    C. It is CPU intensive
    D. It is a private key algorithm
    A. It is implemented in portable devices
    (this multiple choice question has been scrambled)
  46. 146 Which of the following is a way to encrypt session keys using SSL?

    A. Session keys are encrypted using a symmetric algorithm
    B. Session keys are encrypted using an asymmetric algorithm
    C. Session keys are sent in clear text because they are private keys
    D. Session keys are sent unencrypted
    B. Session keys are encrypted using an asymmetric algorithm
    (this multiple choice question has been scrambled)
  47. 147 Which of the following can reduce the risk associated with password guessing attacks? (Select TWO).

    A. Implement single sign-on
    B. Implement shared passwords
    C. Implement account-lockout thresholds
    D. Implement shadow passwords
    E. Implement stronger password complexity policies
    • C. Implement account-lockout thresholds
    • E. Implement stronger password complexity policies
  48. 148 Which of the following is a common practice in forensic investigation?

    A. Performing a Gutman sanitization of the drive
    B. Performing a binary copy of the systems storage media
    C. Performing a sanitization of the drive
    D. Performing a file level copy of the systems storage media
    B. Performing a binary copy of the systems storage media
    (this multiple choice question has been scrambled)
  49. 149 Which of the following is done to ensure appropriate personnel have access to systems and networks? (Select TWO).

    A. Conduct periodic penetration testing assessments.
    B. Conduct periodic personnel employment verifications.
    C. Conduct rights review of users and groups.
    D. Conduct virus scan.
    E. Conduct vulnerability assessments.
    • B. Conduct periodic personnel employment verifications.
    • C. Conduct rights review of users and groups.
  50. 150 Antivirus software products detect malware by comparing the characteristics of known instances against which of the following type of file sets?

    A. NIDS signature
    B. Text
    C. Signature
    D. Dynamic Library
    C. Signature
    (this multiple choice question has been scrambled)
  51. 151 Which of the following type of fire suppression tools would cause the MOST damage to electrical equipment?

    A. Foam
    B. Water
    C. Carbon Dioxide
    D. Halon
    B. Water
    (this multiple choice question has been scrambled)
  52. 152 Which of the following is the BEST process of removing PII data from a disk drive before reuse?

    A. Destruction
    B. Reformatting
    C. Sanitization
    D. Degaussing
    C. Sanitization
    (this multiple choice question has been scrambled)
  53. 153 When assigning permissions, which of the following concepts should be applied to enable a person to perform their job task?

    A. Role based
    B. Least privilege
    C. Discretionary access control (DAC)
    D. Rule based
    B. Least privilege
    (this multiple choice question has been scrambled)
  54. 154 While conducting a review of the system logs, a user had attempted to log onto the network over 250 times. Which of the following type of attacks is MOST likely occurring?

    A. DNS spoofing
    B. Brute force
    C. Phishing
    D. Spamming
    B. Brute force
    (this multiple choice question has been scrambled)
  55. 155 Users do not want to enter credentials to each server or application to conduct their normal work. Which of the following type of strategies will resolve this issue?

    A. Smart card
    B. SSO
    C. Two-factor authentication
    D. Biometrics
    B. SSO
    (this multiple choice question has been scrambled)
  56. 156 A user was trying to update an open file but when they tried to access the file they were denied. Which of the following would explain why the user could not access the file?

    A. Execute only access
    B. Write only access
    C. Audit only access
    D. Rights are not set correctly
    D. Rights are not set correctly
    (this multiple choice question has been scrambled)
  57. 157 Accessing a system or application using permissions from another users account is a form of which of the following?

    A. Phishing
    B. Domain kiting
    C. ARP spoofing
    D. Privilege escalation
    D. Privilege escalation
    (this multiple choice question has been scrambled)
  58. 158 Which of the following is an important reason for password protecting the BIOS?

    A. To maintain password complexity requirements
    B. To keep a virus from overwriting the BIOS
    C. To keep a user from changing the boot order of the system
    D. To prevent system start-up without knowing the password
    C. To keep a user from changing the boot order of the system
    (this multiple choice question has been scrambled)
  59. 159 Which of the following is a software bundle containing multiple security fixes?

    A. A patch
    B. Service pack
    C. A hotfix
    D. Patch management
    B. Service pack
    (this multiple choice question has been scrambled)
  60. 160 A company uses a policy of assigning passwords to users, by default the passwords are based off of the word $ervicexx, where xx is the last two numbers of the users cell phone number. The users are not required to change this password. Which of the following is this an example of?

    A. Weak passwords
    B. Known plain text
    C. Back door
    D. Default accounts
    A. Weak passwords
    (this multiple choice question has been scrambled)
  61. 161 Which of the following is an installable package that includes several patches from the same vendor for various applications?

    A. Hotfix
    B. Patch template
    C. Patch rollup
    D. Service pack
    D. Service pack
    (this multiple choice question has been scrambled)
  62. 162 Which of the following is a best practice to prevent users from being vulnerable to social engineering?

    A. Have a solid acceptable use policy in place with a click through banner
    B. Provide thorough and frequent user awareness training
    C. Have user sign both the acceptable use policy and security based HR policy
    D. Provide a service level agreement that addresses social engineering issues
    B. Provide thorough and frequent user awareness training
    (this multiple choice question has been scrambled)
  63. 163 The RAS logs on a server show 100 errors in a two minute time period from an attempt to access an account. The error log shows unknown username or password. Which of the following is this an example of?

    A. The local firewall is blocking GRE packets
    B. The end users ISP is having issues with packet loss
    C. An unauthorized attempt to access the server
    D. One of the users forgot their password and kept trying to login
    C. An unauthorized attempt to access the server
    (this multiple choice question has been scrambled)
  64. 164 An administrator notices that former temporary employees? accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from happening?

    A. Implement time of day restrictions for all temporary employees
    B. Implement an account expiration date for temporary employees
    C. Implement a password expiration policy
    D. Run a last logon script to look for inactive accounts
    B. Implement an account expiration date for temporary employees
    (this multiple choice question has been scrambled)
  65. 165 Which of the following is the primary security risk with coaxial cable?

    A. Crosstalk between the wire pairs
    B. Data emanation from the core
    C. Refraction of the signal
    D. Diffusion of the core light source
    B. Data emanation from the core
    (this multiple choice question has been scrambled)
  66. 166 Which of the following is a collection of patches?

    A. A security baseline
    B. A service pack
    C. A security hotfix
    D. A security template
    B. A service pack
    (this multiple choice question has been scrambled)
  67. 167 Which of the following would allow an administrator to find weak passwords on the network?

    A. A network mapper
    B. A password generator
    C. A rainbow table
    D. A hash function
    C. A rainbow table
    (this multiple choice question has been scrambled)
  68. 168 Which of the following is the BEST place where the disaster recovery plan should be kept?

    A. At multiple offsite locations
    B. On the network file server
    C. Multiple copies printed out and kept in the server room
    D. Printed out and kept in the desk of the CIO
    A. At multiple offsite locations
    (this multiple choice question has been scrambled)
  69. 169 Which of the following is established immediately upon evidence seizure?

    A. Chain of custody
    B. Forensic analysis
    C. Damage and loss control
    D. Start the incident respond plan
    A. Chain of custody
    (this multiple choice question has been scrambled)
  70. 170 Which of the following is a required privilege that an administrator must have in order to restore a public/private key set on a certificate authority (CA)?

    A. Group administrator
    B. Domain administrator
    C. Recovery agent
    D. Registration authority
    C. Recovery agent
    (this multiple choice question has been scrambled)
  71. 171 Which of the following algorithms have the smallest key space?

    A. AES
    B. SHA-1
    C. DES
    D. IDEA
    C. DES
    (this multiple choice question has been scrambled)
  72. 172 Which of the following is the MOST recent addition to cryptography?

    A. 3DES
    B. DES
    C. AES
    D. PGP
    C. AES
    (this multiple choice question has been scrambled)
  73. 173 Which of the following requires a common pre-shared key before communication can begin?

    A. Symmetric key cryptography
    B. Asymmetric key cryptography
    C. Secure hashing algorithm
    D. Public key infrastructure
    A. Symmetric key cryptography
    (this multiple choice question has been scrambled)
  74. 174 Which of the following provides the MOST comprehensive redundancy for an entire site with the least downtime?

    A. A warm site
    B. A hot site
    C. A cold site
    D. A mobile site
    B. A hot site
    (this multiple choice question has been scrambled)
  75. 175 Which of the following allows devices attached to the same switch to have separate broadcast domains?

    A. NAT
    B. DMZ
    C. VLAN
    D. NAC
    C. VLAN
    (this multiple choice question has been scrambled)
  76. 176 Which of the following allows for notification when a hacking attempt is discovered?

    A. NIDS
    B. Protocol analyzer
    C. NAT
    D. Netflow
    A. NIDS
    (this multiple choice question has been scrambled)
  77. 177 When dealing with a 10BASE5 network, which of the following is the MOST likely security risk?

    A. A vampire tap
    B. An incorrect VLAN
    C. A repeater
    D. SSID broadcasting
    A. A vampire tap
    (this multiple choice question has been scrambled)
  78. 178 Which of the following allows a technician to scan for missing patches on a device without actually attempting to exploit the security problem?

    A. A port scanner
    B. Security baselines
    C. Group policy
    D. A vulnerability scanner
    D. A vulnerability scanner
    (this multiple choice question has been scrambled)
  79. 179 Which of the following allows for proof that a certain person sent a particular email?

    A. Integrity
    B. Steganography
    C. Non-repudiation
    D. Trusted Platform Module
    C. Non-repudiation
    (this multiple choice question has been scrambled)
  80. 180 Which of the following uses a key ring?

    A. DES
    B. AES
    C. PGP
    D. RSA
    C. PGP
    (this multiple choice question has been scrambled)
  81. 181 Which of the following allows for the highest level of security at time of login?

    A. Two-factor authentication
    B. NTLMv2
    C. One-factor authentication
    D. Single sign-on
    A. Two-factor authentication
    (this multiple choice question has been scrambled)
  82. 182 Sending a patch through a testing and approval process is an example of which of the following?

    A. Change management
    B. Disaster planning
    C. User education and awareness training
    D. Acceptable use policies
    A. Change management
    (this multiple choice question has been scrambled)
  83. 183 Sending continuous TCP requests to a device and ignoring the return information until the device ceases to accept new connections is an example of which of the following?

    A. TCP/IP hijacking
    B. Kiting
    C. DoS
    D. DNS poisoning
    C. DoS
    (this multiple choice question has been scrambled)
  84. 184 Which of the following would use a group of bots to stop a web server from accepting new requests?

    A. MAC
    B. DoS
    C. ARP
    D. DDoS
    D. DDoS
    (this multiple choice question has been scrambled)
  85. 185 Which of the following is the MOST likely to generate static electricity?

    A. High humidity and low temperature
    B. High humidity and high temperature
    C. Low humidity and low temperature
    D. Low humidity and high temperature
    D. Low humidity and high temperature
    (this multiple choice question has been scrambled)
  86. 186 Using an asymmetric key cryptography system, where can a technician generate the key pairs?

    A. A recovery agent
    B. A key escrow service
    C. A certificate authority
    D. IETF
    C. A certificate authority
    (this multiple choice question has been scrambled)
  87. 187 Which of the following media is the LEAST likely to be successfully tapped into?

    A. Shielded twisted pair cable
    B. Unshielded twisted pair cable
    C. Coaxial cable
    D. Fiber optic cable
    D. Fiber optic cable
    (this multiple choice question has been scrambled)
  88. 188 Which of the following allows a person to find public wireless access points?

    A. Data emanation
    B. Weak encryption
    C. SSID broadcast
    D. 8021x
    C. SSID broadcast
    (this multiple choice question has been scrambled)
  89. 189 Which of the following allows a file to have different security permissions for users that have the same roles or user groups?

    A. Role-Based Access Control (RBAC)
    B. Rule-Based Access Control (RBAC)
    C. Discretionary Access Control (DAC)
    D. Mandatory Access Control (MAC)
    C. Discretionary Access Control (DAC)
    (this multiple choice question has been scrambled)
  90. 190 A DMZ has a fake network that a hacker is attacking. Which of the following is this an example of?

    A. Man-in-the-middle
    B. Firewall
    C. Proxy server
    D. Honeypot
    D. Honeypot
    (this multiple choice question has been scrambled)
  91. 191 A company decides that the purchasing agent and the accounts receivable agent should exchange positions in order to allow for more oversight of past transactions. Which of the following is this an example of?

    A. Job rotation
    B. Separation of duties
    C. Implicit deny
    D. Least privilege
    A. Job rotation
    (this multiple choice question has been scrambled)
  92. 192 A user complains that the color laser printer continuously gives an access denied message while attempting to print a text document. The administrator logs onto the PC and prints successfully. Which of the following should the administrator check FIRST?

    A. That the user has sufficient rights to print to the printer
    B. That the toner should be changed in the printer
    C. That the printer has the correct size of paper in each of the trays
    D. That the user is attempting to print to the correct printer tray
    A. That the user has sufficient rights to print to the printer
    (this multiple choice question has been scrambled)
  93. 193 Which of the following uses a sandbox to manage a program?s ability to access system resources?

    A. Java
    B. JavaScript
    C. Cold Fusion
    D. ActiveX
    A. Java
    (this multiple choice question has been scrambled)
  94. 194 Which of the following allows a technician to view the security permissions of a file?

    A. The data emanation
    B. The access control list
    C. The security baseline
    D. The local security template
    B. The access control list
    (this multiple choice question has been scrambled)
  95. 195 A user is denied access to a file. The user had access to the file yesterday. Which of the following is the FIRST action for the technician to take?

    A. Deny the users request and forward to the human resources department
    B. Reboot the system
    C. Verify that the user?s permissions are correct
    D. Grant access to the file
    C. Verify that the user?s permissions are correct
    (this multiple choice question has been scrambled)
  96. 196 A user is convinced that someone is attempting to use their user account at night. Which of the following should an administrator check FIRST in order to prove or disprove this claim?

    A. The firewall logs
    B. The local security logs
    C. The IDS logs
    D. The security application logs
    B. The local security logs
    (this multiple choice question has been scrambled)
  97. 197 A user reports that a web based application is not working after a browser upgrade. Before the upgrade, a login box would appear on the screen and disappear after login. The login box does not appear after the upgrade. Which of the following BEST describes what to check FIRST?

    A. That the anti-spam application trusts this site
    B. That the pop-up blocker application trusts this site
    C. That the software based firewall application trusts this site
    D. That the antivirus application trusts this site
    B. That the pop-up blocker application trusts this site
    (this multiple choice question has been scrambled)
  98. 198 An intrusion has been detected on a company?s network from the Internet. Which of the following should be checked FIRST?

    A. The firewall logs
    B. The DNS logs
    C. The performance logs
    D. The access logs
    A. The firewall logs
    (this multiple choice question has been scrambled)
  99. 199 A user needs to verify that a patch file downloaded from a third party has not been modified since the time that the original manufacturer released the patch. Which of the following is the BEST way to verify that the file has not been modified?

    A. Download the patch file over an AES encrypted VPN connection
    B. Download the patch file through a SSL connection
    C. Compare the final MD5 hash with the original
    D. Compare the final LANMAN hash with the original
    C. Compare the final MD5 hash with the original
    (this multiple choice question has been scrambled)
  100. 200 A technician suspects that one of the network cards on the internal LAN is causing a broadcast storm. Which of the following would BEST diagnose which NIC is causing this problem?

    A. A protocol analyzer
    B. The local firewall log file
    C. The NIDS log file
    D. The local security log file
    A. A protocol analyzer
    (this multiple choice question has been scrambled)

What would you like to do?

Home > Flashcards > Print Preview