multi test e

The flashcards below were created by user johnnystevens on FreezingBlue Flashcards.

  1. 401 To facilitate compliance with the Internet use portion of the corporate acceptable use policy, an administrator implements a series of proxy servers and firewalls. The administrator further recommends installation of software based firewalls on each host on the network. Which of the following would have provided an alternative simpler solution?

    A. Hardware IDS
    B. Software HIPS
    C. Internet content filter
    D. DMZ
    C. Internet content filter
    (this multiple choice question has been scrambled)
  2. 402 The marketing department wants to distribute pens with embedded USB drives to clients. In the past this client has been victimized by social engineering attacks which led to a loss of sensitive data. The security administrator advises the marketing department not to distribute the USB pens due to which of the following?

    A. The cost associated with distributing a large volume of the USB pens
    B. The security risks associated with combining USB drives and cell phones on a network
    C. The security costs associated with securing the USB drives over time
    D. The risks associated with the large capacity of USB drives and their concealable nature
    D. The risks associated with the large capacity of USB drives and their concealable nature
    (this multiple choice question has been scrambled)
  3. 403 USB drives create a potential security risk due to which of the following?

    A. Large storage capacity
    B. Operating system incompatibility
    C. Potential for software introduction
    D. Widespread use
    C. Potential for software introduction
    (this multiple choice question has been scrambled)
  4. 404 As a best practice, risk assessments should be based upon which of the following?

    A. A qualitative measurement of risk and impact
    B. An absolute measurement of threats
    C. A survey of annual loss, potential threats and asset value
    D. A quantitative measurement of risk, impact and asset value
    D. A quantitative measurement of risk, impact and asset value
    (this multiple choice question has been scrambled)
  5. 405 Which of the following is a cryptographic hash function?

    A. RC4
    B. SHA
    C. ECC
    D. RSA
    B. SHA
    (this multiple choice question has been scrambled)
  6. 406 From a security standpoint, which of the following is the BEST reason to implement performance monitoring applications on network systems?

    A. To detect availability degradations caused by attackers
    B. To detect integrity degradations to network attached storage
    C. To detect host intrusions from external networks
    D. To detect network intrusions from external attackers
    A. To detect availability degradations caused by attackers
    (this multiple choice question has been scrambled)
  7. 407 All of the following are methods used to conduct risk assessments EXCEPT:

    A. disaster exercises
    B. vulnerability scans
    C. penetration tests
    D. security audits
    A. disaster exercises
    (this multiple choice question has been scrambled)
  8. 408 After conducting a risk assessment, the main focus of an administrator should be which of the following?

    A. To report the results of the assessment to the users
    B. To ensure all vulnerabilities are eliminated
    C. To ensure all threats are mitigated
    D. To ensure risk mitigation activities are implemented
    D. To ensure risk mitigation activities are implemented
    (this multiple choice question has been scrambled)
  9. 409 Which of the following is a BEST practice when implementing a new system?

    A. Use default installations
    B. Implement open source alternatives
    C. Use group policies
    D. Disable unneeded services
    D. Disable unneeded services
    (this multiple choice question has been scrambled)
  10. 410 When installing and securing a new system for a home user which of the following are best practices? (Select THREE)

    A. Use a strong firewall
    B. Block inbound access to port 80
    C. Apply all system patches
    D. Use input validation
    E. Install remote control software
    F. Apply all service packs
    • A. Use a strong firewall
    • C. Apply all system patches
    • F. Apply all service packs
  11. 411 Which of the following describes a logic bomb?

    A. A piece of malicious code that is concealed from all detection
    B. A piece of malicious code that exploits a race condition
    C. A piece of malicious code that can spread on its own
    D. A piece of malicious code that executes based on an event or date
    D. A piece of malicious code that executes based on an event or date
    (this multiple choice question has been scrambled)
  12. 412 Which of the following is a prerequisite for privilege escalation to occur?

    A. The attacker must use a rootkit in conjunction with privilege escalation
    B. The attacker has to create their own zero day attack for privilege escalation
    C. The attacker must already have physical access to the system
    D. The attacker must have already gained entry into the system
    D. The attacker must have already gained entry into the system
    (this multiple choice question has been scrambled)
  13. 413 Which of the following is an example of an attack that executes once a year on a certain date?

    A. Rootkit
    B. Logic bomb
    C. Worm
    D. Virus
    B. Logic bomb
    (this multiple choice question has been scrambled)
  14. 414 Which of the following is the GREATEST threat to highly secure environments?

    A. Network attached storage
    B. BIOS configuration
    C. RSA256
    D. USB devices
    D. USB devices
    (this multiple choice question has been scrambled)
  15. 415 Management has asked a technician to prevent data theft through the use of portable drives. Which of the following should the technician implement?

    A. Disable USB drives
    B. Use security templates
    C. Install a CCTV system
    D. Implement a biometric system
    A. Disable USB drives
    (this multiple choice question has been scrambled)
  16. 416 A technician has been informed that many of the workstations on the network are flooding servers. Which of the following is the MOST likely cause of this?

    A. Virus
    B. Spam
    C. Worm
    D. Logic bomb
    C. Worm
    (this multiple choice question has been scrambled)
  17. 417 Which of the following BEST describes a way to prevent buffer overflows?

    A. Monitor P2P program usage through content filters
    B. Apply group policy management techniques
    C. Apply security templates enterprise wide
    D. Apply all security patches to workstations
    D. Apply all security patches to workstations
    (this multiple choice question has been scrambled)
  18. 418 Which of the following is a security reason to implement virtualization throughout the network infrastructure?

    A. To isolate the various network services and roles
    B. To implement additional network services at a lower cost
    C. To centralize the patch management of network servers
    D. To analyze the various network traffic with protocol analyzers
    A. To isolate the various network services and roles
    (this multiple choice question has been scrambled)
  19. 419 Which of the following is a reason to use a Faraday cage?

    A. To minimize weak encryption
    B. To allow wireless usage
    C. To mitigate data emanation
    D. To find rogue access points
    C. To mitigate data emanation
    (this multiple choice question has been scrambled)
  20. 420 Weak encryption is a common problem with which of the following wireless protocols?

    A. WEP
    B. WPA2-Enterprise
    C. WPA
    D. WPA2-Personal
    A. WEP
    (this multiple choice question has been scrambled)
  21. 421 Which of the following describes a tool used by organizations to verify whether or not a staff member has been involved in malicious activity?

    A. Implicit allow
    B. Implicit deny
    C. Mandatory vacations
    D. Time of day restrictions
    C. Mandatory vacations
    (this multiple choice question has been scrambled)
  22. 422 Which of the following is a cross-training technique where organizations minimize collusion amongst staff?

    A. Job rotation
    B. Cross-site scripting
    C. Separation of duties
    D. Least privilege
    A. Job rotation
    (this multiple choice question has been scrambled)
  23. 423 Which of the following will allow a technician to restrict a user?s access to the GUI?

    A. Password policy enforcement
    B. Group policy implementation
    C. Access control lists
    D. Use of logical tokens
    B. Group policy implementation
    (this multiple choice question has been scrambled)
  24. 424 Which of the following is the MOST common logical access control method?

    A. Usernames and password
    B. Multifactor authentication
    C. Access control lists
    D. Security ID badges
    A. Usernames and password
    (this multiple choice question has been scrambled)
  25. 425 Which of the following verifies control for granting access in a PKI environment?

    A. System administrator
    B. Recovery agent
    C. Certificate authority
    D. Certificate revocation list
    C. Certificate authority
    (this multiple choice question has been scrambled)
  26. 426 Which of the following explains the difference between a public key and a private key?

    A. The private key only decrypts the data while the public key only encrypts the data. Both keys are mathematically related
    B. The public key is only used by the client while the private key is available to all. Both keys are mathematically related
    C. The private key is commonly used in symmetric key decryption while the public key is used in asymmetric key decryption
    D. The private key is only used by the client and kept secret while the public key is available to all
    D. The private key is only used by the client and kept secret while the public key is available to all
    (this multiple choice question has been scrambled)
  27. 427 Which of the following is a countermeasure when power must be delivered to critical systems no matter what?

    A. Uninterruptible power supplies (UPSs)
    B. Redundant power supplies
    C. Warm site
    D. Backup generator
    D. Backup generator
    (this multiple choice question has been scrambled)
  28. 428 Which of the following is the MOST important step to conduct during a risk assessment of computing systems?

    A. The identification of USB drives
    B. The identification of missing patches
    C. The identification of disgruntled staff members
    D. The identification of mantraps
    B. The identification of missing patches
    (this multiple choice question has been scrambled)
  29. 429 Which of the following tools will allow a technician to detect security-related TCP connection anomalies?

    A. Logical token
    B. Performance monitor
    C. Public key infrastructure
    D. Trusted platform module
    B. Performance monitor
    (this multiple choice question has been scrambled)
  30. 430 Which of the following monitoring methodologies will allow a technician to determine when there is a security related problem that results in an abnormal condition?

    A. Anomaly-based
    B. NIPS
    C. Signature-based
    D. NIDS
    A. Anomaly-based
    (this multiple choice question has been scrambled)
  31. 431 Which of the following systems is BEST to use when monitoring application activity and modification?

    A. NIDS
    B. RADIUS
    C. OVAL
    D. HIDS
    D. HIDS
    (this multiple choice question has been scrambled)
  32. 432 Which of the following is the MOST important thing to consider when implementing an IDS solution?

    A. The cost of the device
    B. Distinguishing between false positives
    C. Distinguishing between false negatives
    D. The personnel to interpret results
    D. The personnel to interpret results
    (this multiple choice question has been scrambled)
  33. 433 Which of the following is the FIRST step in the implementation of an IDS?

    A. Document the existing network
    B. Decide on the type
    C. Decide on the model
    D. Purchase the equipment
    A. Document the existing network
    (this multiple choice question has been scrambled)
  34. 434 Which of the following encryption algorithms is used for encryption and decryption of data?

    A. SHA-1
    B. NTLM
    C. RC5
    D. MD5
    C. RC5
    (this multiple choice question has been scrambled)

  35. B. Transport and Tunnel


    436 Which of the following would a technician use to check data integrity?

    A. Rivest cipher 4
    B. Digital signature algorithm
    C. Encapsulating security protocol
    D. Message authentication code
    D. Message authentication code
    (this multiple choice question has been scrambled)
  36. 437 Which of the following are the functions of asymmetric keys?

    A. Decrypt, validate, encode and verify
    B. Decrypt, decipher, encode and encrypt
    C. Encrypt, sign, decrypt and verify
    D. Sign, validate, encrypt and verify
    C. Encrypt, sign, decrypt and verify
    (this multiple choice question has been scrambled)
  37. 438 Which of the following is the purpose of the AH?

    A. Provides non-repudiation
    B. Provides integrity
    C. Provides confidentiality
    D. Provides authorization
    B. Provides integrity
    (this multiple choice question has been scrambled)
  38. 439 Which of the following describes the insertion of additional bytes of data into a packet?

    A. Header injection
    B. Encapsulating
    C. TCP hijacking
    D. Padding
    D. Padding
    (this multiple choice question has been scrambled)
  39. 440 Which of the following is true regarding authentication headers (AH)?

    A. The authentication information hash will increase by one if the bytes remain the same on transfer
    B. The authentication information may be the same on different packets if the integrity remains in place
    C. The authentication information is a keyed hash based on all of the bytes in the packet
    D. The authentication information hash will remain the same if the bytes change on transfer
    C. The authentication information is a keyed hash based on all of the bytes in the packet
    (this multiple choice question has been scrambled)

  40. C. 8021x


    442 The method of controlling how and when users can connect in from home is called which of the following?

    A. Remote authentication
    B. Virtual Private Networking (VPN)
    C. Remote access policy
    D. Terminal access control
    C. Remote access policy
    (this multiple choice question has been scrambled)
  41. 443 Which of the following is the main limitation with biometric devices?

    A. They can be easily fooled or bypassed
    B. The error human factor
    C. They are expensive and complex
    D. The false rejection rate
    C. They are expensive and complex
    (this multiple choice question has been scrambled)
  42. 444 Who is ultimately responsible for the amount of residual risk?

    A. The DRP coordinator
    B. The security technician
    C. The organizations security officer
    D. The senior management
    D. The senior management
    (this multiple choice question has been scrambled)
  43. 445 Which of the following typically use IRC for command and control activities?

    A. Logic bombs
    B. Worms
    C. Trojan
    D. Botnets
    D. Botnets
    (this multiple choice question has been scrambled)
  44. 446 When designing a firewall policy, which of the following should be the default action?

    A. Implicit deny
    B. Implicit allow
    C. Least privilege
    D. DMZ
    A. Implicit deny
    (this multiple choice question has been scrambled)
  45. 447 If hashing two different files creates the same result, which of the following just occurred?

    A. A pseudo-random event
    B. A duplication
    C. A mirror
    D. A collision
    D. A collision
    (this multiple choice question has been scrambled)
  46. 448 Which of the following type of protection is hashing used to provide?

    A. Collision
    B. Integrity
    C. Cryptographic randomness
    D. Confidentiality
    B. Integrity
    (this multiple choice question has been scrambled)
  47. 449 All of the following are part of the disaster recovery plan EXCEPT:

    A. obtaining management buy-in
    B. identifying all assets
    C. patch management software
    D. system backups
    C. patch management software
    (this multiple choice question has been scrambled)
  48. 450 Which of the following is MOST likely to make a disaster recovery exercise valuable?

    A. Management participation
    B. Revising the disaster recovery plan during the exercise
    C. Learning from the mistakes of the exercise
    D. Conducting intricate, large-scale mock exercises
    C. Learning from the mistakes of the exercise
    (this multiple choice question has been scrambled)
  49. 451 Which of the following allows directory permissions to filter down through the sub-directory hierarchy?

    A. Mirroring
    B. Impedance
    C. Replication
    D. Inheritance
    D. Inheritance
    (this multiple choice question has been scrambled)
  50. 452 Which of the following access control models BEST follows the concept of separation of duties?

    A. Rule-base access control (RBAC)
    B. Discretionary Access Control (DAC)
    C. Mandatory Access Control (MAC)
    D. Role-based access control (RBAC)
    D. Role-based access control (RBAC)
    (this multiple choice question has been scrambled)
  51. 453 Which of the following would MOST likely prevent a PC application from accessing the network?

    A. HIDS
    B. Antivirus
    C. Virtualization
    D. Host-based firewall
    D. Host-based firewall
    (this multiple choice question has been scrambled)
  52. 454 A technician is investigating intermittent switch degradation. The issue only seems to occur when the buildings roof air conditioning system runs. Which of the following would reduce the connectivity issues?

    A. Add a wireless network
    B. Redundant HVAC systems
    C. Adding a heat deflector
    D. Shielding
    D. Shielding
    (this multiple choice question has been scrambled)
  53. 455 A technician tracks the integrity of certain files on the server. Which of the following algorithms provide this ability?

    A. AES
    B. 3DES
    C. XOR
    D. SHA-1
    D. SHA-1
    (this multiple choice question has been scrambled)
  54. 456 Which of the following describes the standard load for all systems?

    A. Patch management
    B. Security template
    C. Group policy
    D. Configuration baseline
    D. Configuration baseline
    (this multiple choice question has been scrambled)
  55. 457 When testing a newly released patch, a technician should do all of the following EXCEPT:

    A. test it in a non-production environment
    B. verify the integrity of the patch
    C. verify the patch is relevant to the system
    D. deploy immediately using Patch Management
    D. deploy immediately using Patch Management
    (this multiple choice question has been scrambled)
  56. 458 A botnet zombie is using HTTP traffic to encapsulate IRC traffic. Which of the following would detect this encapsulated traffic?

    A. Rootkit
    B. Vulnerability scanner
    C. Anomaly-based IDS
    D. Proxy server
    C. Anomaly-based IDS
    (this multiple choice question has been scrambled)
  57. 459 Documentation review, log review, rule-set review, system configuration review, network sniffing, and file integrity checking are examples of:

    A. invasive security testing techniques
    B. passive security testing techniques
    C. black box testing techniques
    D. active security testing techniques
    B. passive security testing techniques
    (this multiple choice question has been scrambled)
  58. 460 To determine whether a system is properly documented and to gain insight into the systems security aspects that are only available through documentation is the purpose of:

    A. invasive security testing techniques
    B. passive security testing techniques
    C. hybrid security testing techniques
    D. active security testing techniques
    B. passive security testing techniques
    (this multiple choice question has been scrambled)
  59. 461 Which of the following BEST describes external security testing?

    A. Conducted from outside the building that hosts the organizations servers
    B. Conducted from outside the organizations security perimeter
    C. Conducted from outside the perimeter switch but inside the firewall
    D. Conducted from outside the perimeter switch but inside the border router
    B. Conducted from outside the organizations security perimeter
    (this multiple choice question has been scrambled)
  60. 462 Port scanners can identify all of the following EXCEPT:

    A. vulnerabilities
    B. applications
    C. active hosts
    D. operating systems
    A. vulnerabilities
    (this multiple choice question has been scrambled)
  61. 463 All of the following are limitations of a vulnerability scanner EXCEPT:

    A. it only uncovers vulnerabilities for active systems
    B. it generates a high false-positive error rate
    C. it generates less network traffic than port scanning
    D. it relies on a repository of signatures
    C. it generates less network traffic than port scanning
    (this multiple choice question has been scrambled)
  62. 464 Which of the following can BEST aid in preventing a phishing attack?

    A. Enabling complex password policies
    B. Implementing two-factor authentication
    C. Conducting user awareness training
    D. Requiring the use of stronger encryption
    C. Conducting user awareness training
    (this multiple choice question has been scrambled)
  63. 465 A travel reservation company conducts the majority of its transactions through a public facing website.

    Any downtime to this website results in substantial financial damage for the company. One web server is connected to several distributed database servers. Which of the following describes this scenario?

    A. Single point of failure
    B. Warm site
    C. RAID
    D. Proxy server
    A. Single point of failure
    (this multiple choice question has been scrambled)
  64. 466 Which of the following is MOST commonly used to secure a web browsing session?

    A. SHTTP
    B. HTTPS
    C. SSH
    D. S/MIME
    B. HTTPS
    (this multiple choice question has been scrambled)
  65. 467 One of the reasons that DNS attacks are so universal is DNS services are required for a computer to access:

    A. WLANs
    B. LANs
    C. the Internet
    D. WANs
    C. the Internet
    (this multiple choice question has been scrambled)
  66. 468 One of the security benefits to using virtualization technology is:

    A. if an instance is compromised the damage can be compartmentalized
    B. if one instance is compromised no other instances can be compromised
    C. applying a patch to the server automatically patches all instances
    D. virtual instances are not affected by conventional port scanning techniques
    A. if an instance is compromised the damage can be compartmentalized
    (this multiple choice question has been scrambled)
  67. 469 A virtual server implementation attack that affects the:

    A. OS kernel will affect all virtual instances
    B. disk partition will affect all virtual instances
    C. system registry will affect all virtual instances
    D. RAM will affect all virtual instances
    D. RAM will affect all virtual instances
    (this multiple choice question has been scrambled)
  68. 470 An administrator wants to set up a new web server with a static NAT. Which of the following is the BEST reason for implementing NAT?

    A. Publishes the organizations internal network addressing scheme
    B. Hides the organizations external network addressing scheme
    C. Hides the organizations internal network addressing scheme
    D. Publishes the organizations external network addressing scheme
    C. Hides the organizations internal network addressing scheme
    (this multiple choice question has been scrambled)
  69. 471 Which of the following is the BEST reason for an administrator to use port address translation (PAT) instead of NAT on a new corporate mail gateway?

    A. PAT allows external users to access the mail gateway on pre-selected ports
    B. PAT provides the mail gateway with protection on port 25
    C. PAT allows external users to access the mail gateway on random ports
    D. PAT provides the mail gateway with protection on port 24
    A. PAT allows external users to access the mail gateway on pre-selected ports
    (this multiple choice question has been scrambled)
  70. 472 Which of the following describes a static NAT?

    A. A static NAT uses a many to many mapping
    B. A static NAT uses a one to many mapping
    C. A static NAT uses a many to one mapping
    D. A static NAT uses a one to one mapping
    D. A static NAT uses a one to one mapping
    (this multiple choice question has been scrambled)
  71. 473 Which of the following if disabled will MOST likely reduce, but not eliminate the risk of VLAN jumping?

    A. ARP caching
    B. LAN manager
    C. DTP on all ports
    D. TACACS
    C. DTP on all ports
    (this multiple choice question has been scrambled)
  72. 474 An administrator is concerned that PCs on the internal network may be acting as zombies participating in external DDoS attacks. Which of the following could BEST be used to confirm the administrator?s suspicions?

    A. HIDS logs
    B. Proxy logs
    C. Firewall logs
    D. AV server logs
    C. Firewall logs
    (this multiple choice question has been scrambled)
  73. 475 Restricting access to files based on the identity of the user or group is an example of which of the following?

    A. MAC
    B. PKI
    C. CRL
    D. DAC
    D. DAC
    (this multiple choice question has been scrambled)
  74. 476 Restricting access to files based on the identity of the user or group and security classification of the information is an example of which of the following?

    A. MAC
    B. NTFS
    C. DAC
    D. RBAC
    A. MAC
    (this multiple choice question has been scrambled)
  75. 477 A new Internet content filtering device installed in a large financial institution allows IT administrators to log in and manage the device, but not the content filtering policy. Only the IT security operation staff can modify policies on the Internet filtering device. Which of the following is this an example of?

    A. Role-Based Access Control (RBAC)
    B. Discretionary Access Control (DAC)
    C. Mandatory Access Control (MAC)
    D. Lightweight Directory Access Protocol (LDAP)
    A. Role-Based Access Control (RBAC)
    (this multiple choice question has been scrambled)
  76. 478 Which of the following would BEST describe a disaster recovery plan (DRP)?

    A. Addresses the recovery of an organizations backup site
    B. Addresses the recovery of an organizations email
    C. Addresses the recovery of an organizations business documentation
    D. Addresses the recovery of an organizations IT infrastructure
    D. Addresses the recovery of an organizations IT infrastructure
    (this multiple choice question has been scrambled)
  77. 479 Which of the following is the primary objective of a business continuity plan (BCP)?

    A. Addresses the recovery of an organizations business operations
    B. Addresses the recovery of an organizations business payroll system
    C. Addresses the recovery of an organizations backup site
    D. Addresses the recovery of an organizations business facilities
    A. Addresses the recovery of an organizations business operations
    (this multiple choice question has been scrambled)
  78. 480 A software manufacturer discovered a design flaw in a new application. Rather than recall the software, management decided to continue manufacturing the product with the flaw. Which of the following risk management strategies was adopted by management?

    A. Risk acceptance
    B. Risk mitigation
    C. Risk avoidance
    D. Risk transfer
    A. Risk acceptance
    (this multiple choice question has been scrambled)
  79. 481 Which of the following BEST describes an application or string of code that cannot automatically spread from one system to another but is designed to spread from file to file?

    A. Botnet
    B. Adware
    C. Virus
    D. Worm
    C. Virus
    (this multiple choice question has been scrambled)
  80. 482 Which of the following is considered an independent program that can copy itself from one system to another and its main purpose is to damage data or affect system performance?

    A. Virus
    B. Spyware
    C. Spam
    D. Worm
    D. Worm
    (this multiple choice question has been scrambled)
  81. 483 All of the following are considered malware EXCEPT:

    A. logical bombs
    B. spam
    C. virus
    D. Trojan
    B. spam
    (this multiple choice question has been scrambled)
  82. 484 Which of the following NIDS configurations is solely based on specific network traffic?

    A. Behavior-based
    B. Signature-based
    C. Anomaly-based
    D. Host-based
    B. Signature-based
    (this multiple choice question has been scrambled)
  83. 485 Which of the following only looks at header information of network traffic?

    A. Hybrid firewall
    B. Application firewall
    C. Packet filter
    D. Internet content filter
    C. Packet filter
    (this multiple choice question has been scrambled)
  84. 486 Which of the following access control methods could the administrator implement because of constant hiring of new personnel?

    A. Role-based
    B. Rule-based
    C. Decentralized
    D. Discretionary
    A. Role-based
    (this multiple choice question has been scrambled)
  85. 487 When using a single sign-on method, which of the following could adversely impact the entire network?

    A. Authentication server
    B. Workstation
    C. Biometrics
    D. Web server
    A. Authentication server
    (this multiple choice question has been scrambled)
  86. 488 RADIUS uses all of the following authentication protocols EXCEPT:

    A. EAP
    B. CHAP
    C. PAP
    D. L2TP
    D. L2TP
    (this multiple choice question has been scrambled)
  87. 489 A HIDS is installed to monitor which of following?

    A. Temporary Internet files
    B. NIC performance
    C. System files
    D. CPU performance
    C. System files
    (this multiple choice question has been scrambled)
  88. 490 Which of the following intrusion detection systems uses statistical analysis to detect intrusions?

    A. Honeynet
    B. Signature
    C. Knowledge
    D. Anomaly
    D. Anomaly
    (this multiple choice question has been scrambled)
  89. 491 Which of the following intrusion detection systems uses well defined models of how an attack occurs?

    A. Behavior
    B. Signature
    C. Anomaly
    D. Protocol
    B. Signature
    (this multiple choice question has been scrambled)
  90. 492 Which of the following is a system that will automate the deployment of updates to workstations and servers?

    A. Remote access
    B. Service pack
    C. Patch management
    D. Installer package
    C. Patch management
    (this multiple choice question has been scrambled)
  91. 493 A user is concerned with the security of their laptops BIOS. The user does not want anyone to be able to access control functions except themselves. Which of the following will make the BIOS more secure?

    A. Encrypt the hard drive
    B. Flash the BIOS
    C. Password
    D. Create an access-list
    C. Password
    (this multiple choice question has been scrambled)
  92. 494 Which of the following is a method to apply system security settings to all workstations at once?

    A. Patch management
    B. Policy analyzer
    C. Configuration baseline
    D. A security template
    D. A security template
    (this multiple choice question has been scrambled)
  93. 495 Which of the following would be a method of securing the web browser settings on all network workstations?

    A. Group policy
    B. Control panel
    C. P2P software
    D. Internet content filter
    A. Group policy
    (this multiple choice question has been scrambled)
  94. 496 Which of the following is a limitation of a HIDS?

    A. Someone must manually review the logs
    B. It requires an open port on the firewall
    C. It does not capture MAC addresses
    D. They are difficult to install
    A. Someone must manually review the logs
    (this multiple choice question has been scrambled)
  95. 497 A technician has implemented a new network attached storage solution for a client. The technician has created many shares on the storage. Which of the following is the MOST secure way to assign permissions?

    A. Full control
    B. Least privilege
    C. Authentication
    D. Separation of duties
    B. Least privilege
    (this multiple choice question has been scrambled)
  96. 498 Which of the following is an example of a trust model?

    A. Recovery agent
    B. Managing the CA relationships
    C. Internet key exchange
    D. SSL/TLS
    B. Managing the CA relationships
    (this multiple choice question has been scrambled)
  97. 499 Which of the following is the common mail format for digitally signed and encrypted messages?

    A. MIME
    B. SSL
    C. SMTP
    D. S/MIME
    D. S/MIME
    (this multiple choice question has been scrambled)
  98. 500 Which of the following is the common way of implementing cryptography on network devices for encapsulating traffic between the device and the host managing them?

    A. SNMP
    B. SSH
    C. SMTP
    D. S/MIME
    B. SSH
    (this multiple choice question has been scrambled)
Author:
johnnystevens
ID:
10951
Card Set:
multi test e
Updated:
2010-03-17 16:59:42
Tags:
testing
Folders:

Description:
multiple choice upload test
Show Answers: