multi test e

Card Set Information

Author:
johnnystevens
ID:
10951
Filename:
multi test e
Updated:
2010-03-17 12:59:42
Tags:
testing
Folders:

Description:
multiple choice upload test
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user johnnystevens on FreezingBlue Flashcards. What would you like to do?


  1. 401 To facilitate compliance with the Internet use portion of the corporate acceptable use policy, an administrator implements a series of proxy servers and firewalls. The administrator further recommends installation of software based firewalls on each host on the network. Which of the following would have provided an alternative simpler solution?

    A. Internet content filter
    B. Software HIPS
    C. DMZ
    D. Hardware IDS
    A. Internet content filter
    (this multiple choice question has been scrambled)
  2. 402 The marketing department wants to distribute pens with embedded USB drives to clients. In the past this client has been victimized by social engineering attacks which led to a loss of sensitive data. The security administrator advises the marketing department not to distribute the USB pens due to which of the following?

    A. The risks associated with the large capacity of USB drives and their concealable nature
    B. The security costs associated with securing the USB drives over time
    C. The cost associated with distributing a large volume of the USB pens
    D. The security risks associated with combining USB drives and cell phones on a network
    A. The risks associated with the large capacity of USB drives and their concealable nature
    (this multiple choice question has been scrambled)
  3. 403 USB drives create a potential security risk due to which of the following?

    A. Potential for software introduction
    B. Widespread use
    C. Operating system incompatibility
    D. Large storage capacity
    A. Potential for software introduction
    (this multiple choice question has been scrambled)
  4. 404 As a best practice, risk assessments should be based upon which of the following?

    A. A qualitative measurement of risk and impact
    B. A survey of annual loss, potential threats and asset value
    C. A quantitative measurement of risk, impact and asset value
    D. An absolute measurement of threats
    C. A quantitative measurement of risk, impact and asset value
    (this multiple choice question has been scrambled)
  5. 405 Which of the following is a cryptographic hash function?

    A. RC4
    B. RSA
    C. SHA
    D. ECC
    C. SHA
    (this multiple choice question has been scrambled)
  6. 406 From a security standpoint, which of the following is the BEST reason to implement performance monitoring applications on network systems?

    A. To detect integrity degradations to network attached storage
    B. To detect availability degradations caused by attackers
    C. To detect network intrusions from external attackers
    D. To detect host intrusions from external networks
    B. To detect availability degradations caused by attackers
    (this multiple choice question has been scrambled)
  7. 407 All of the following are methods used to conduct risk assessments EXCEPT:

    A. vulnerability scans
    B. penetration tests
    C. security audits
    D. disaster exercises
    D. disaster exercises
    (this multiple choice question has been scrambled)
  8. 408 After conducting a risk assessment, the main focus of an administrator should be which of the following?

    A. To ensure risk mitigation activities are implemented
    B. To ensure all vulnerabilities are eliminated
    C. To report the results of the assessment to the users
    D. To ensure all threats are mitigated
    A. To ensure risk mitigation activities are implemented
    (this multiple choice question has been scrambled)
  9. 409 Which of the following is a BEST practice when implementing a new system?

    A. Use group policies
    B. Disable unneeded services
    C. Use default installations
    D. Implement open source alternatives
    B. Disable unneeded services
    (this multiple choice question has been scrambled)
  10. 410 When installing and securing a new system for a home user which of the following are best practices? (Select THREE)

    A. Use a strong firewall
    B. Block inbound access to port 80
    C. Apply all system patches
    D. Use input validation
    E. Install remote control software
    F. Apply all service packs
    • A. Use a strong firewall
    • C. Apply all system patches
    • F. Apply all service packs
  11. 411 Which of the following describes a logic bomb?

    A. A piece of malicious code that exploits a race condition
    B. A piece of malicious code that executes based on an event or date
    C. A piece of malicious code that can spread on its own
    D. A piece of malicious code that is concealed from all detection
    B. A piece of malicious code that executes based on an event or date
    (this multiple choice question has been scrambled)
  12. 412 Which of the following is a prerequisite for privilege escalation to occur?

    A. The attacker must have already gained entry into the system
    B. The attacker must use a rootkit in conjunction with privilege escalation
    C. The attacker must already have physical access to the system
    D. The attacker has to create their own zero day attack for privilege escalation
    A. The attacker must have already gained entry into the system
    (this multiple choice question has been scrambled)
  13. 413 Which of the following is an example of an attack that executes once a year on a certain date?

    A. Virus
    B. Logic bomb
    C. Rootkit
    D. Worm
    B. Logic bomb
    (this multiple choice question has been scrambled)
  14. 414 Which of the following is the GREATEST threat to highly secure environments?

    A. RSA256
    B. BIOS configuration
    C. Network attached storage
    D. USB devices
    D. USB devices
    (this multiple choice question has been scrambled)
  15. 415 Management has asked a technician to prevent data theft through the use of portable drives. Which of the following should the technician implement?

    A. Disable USB drives
    B. Install a CCTV system
    C. Use security templates
    D. Implement a biometric system
    A. Disable USB drives
    (this multiple choice question has been scrambled)
  16. 416 A technician has been informed that many of the workstations on the network are flooding servers. Which of the following is the MOST likely cause of this?

    A. Logic bomb
    B. Worm
    C. Spam
    D. Virus
    B. Worm
    (this multiple choice question has been scrambled)
  17. 417 Which of the following BEST describes a way to prevent buffer overflows?

    A. Apply all security patches to workstations
    B. Apply group policy management techniques
    C. Apply security templates enterprise wide
    D. Monitor P2P program usage through content filters
    A. Apply all security patches to workstations
    (this multiple choice question has been scrambled)
  18. 418 Which of the following is a security reason to implement virtualization throughout the network infrastructure?

    A. To implement additional network services at a lower cost
    B. To analyze the various network traffic with protocol analyzers
    C. To isolate the various network services and roles
    D. To centralize the patch management of network servers
    C. To isolate the various network services and roles
    (this multiple choice question has been scrambled)
  19. 419 Which of the following is a reason to use a Faraday cage?

    A. To minimize weak encryption
    B. To find rogue access points
    C. To mitigate data emanation
    D. To allow wireless usage
    C. To mitigate data emanation
    (this multiple choice question has been scrambled)
  20. 420 Weak encryption is a common problem with which of the following wireless protocols?

    A. WPA2-Personal
    B. WPA
    C. WPA2-Enterprise
    D. WEP
    D. WEP
    (this multiple choice question has been scrambled)
  21. 421 Which of the following describes a tool used by organizations to verify whether or not a staff member has been involved in malicious activity?

    A. Implicit deny
    B. Implicit allow
    C. Time of day restrictions
    D. Mandatory vacations
    D. Mandatory vacations
    (this multiple choice question has been scrambled)
  22. 422 Which of the following is a cross-training technique where organizations minimize collusion amongst staff?

    A. Least privilege
    B. Cross-site scripting
    C. Separation of duties
    D. Job rotation
    D. Job rotation
    (this multiple choice question has been scrambled)
  23. 423 Which of the following will allow a technician to restrict a user?s access to the GUI?

    A. Password policy enforcement
    B. Group policy implementation
    C. Use of logical tokens
    D. Access control lists
    B. Group policy implementation
    (this multiple choice question has been scrambled)
  24. 424 Which of the following is the MOST common logical access control method?

    A. Multifactor authentication
    B. Security ID badges
    C. Access control lists
    D. Usernames and password
    D. Usernames and password
    (this multiple choice question has been scrambled)
  25. 425 Which of the following verifies control for granting access in a PKI environment?

    A. Certificate authority
    B. Certificate revocation list
    C. System administrator
    D. Recovery agent
    A. Certificate authority
    (this multiple choice question has been scrambled)
  26. 426 Which of the following explains the difference between a public key and a private key?

    A. The private key only decrypts the data while the public key only encrypts the data. Both keys are mathematically related
    B. The private key is only used by the client and kept secret while the public key is available to all
    C. The public key is only used by the client while the private key is available to all. Both keys are mathematically related
    D. The private key is commonly used in symmetric key decryption while the public key is used in asymmetric key decryption
    B. The private key is only used by the client and kept secret while the public key is available to all
    (this multiple choice question has been scrambled)
  27. 427 Which of the following is a countermeasure when power must be delivered to critical systems no matter what?

    A. Uninterruptible power supplies (UPSs)
    B. Redundant power supplies
    C. Warm site
    D. Backup generator
    D. Backup generator
    (this multiple choice question has been scrambled)
  28. 428 Which of the following is the MOST important step to conduct during a risk assessment of computing systems?

    A. The identification of missing patches
    B. The identification of disgruntled staff members
    C. The identification of mantraps
    D. The identification of USB drives
    A. The identification of missing patches
    (this multiple choice question has been scrambled)
  29. 429 Which of the following tools will allow a technician to detect security-related TCP connection anomalies?

    A. Logical token
    B. Performance monitor
    C. Trusted platform module
    D. Public key infrastructure
    B. Performance monitor
    (this multiple choice question has been scrambled)
  30. 430 Which of the following monitoring methodologies will allow a technician to determine when there is a security related problem that results in an abnormal condition?

    A. Anomaly-based
    B. NIDS
    C. NIPS
    D. Signature-based
    A. Anomaly-based
    (this multiple choice question has been scrambled)
  31. 431 Which of the following systems is BEST to use when monitoring application activity and modification?

    A. OVAL
    B. HIDS
    C. RADIUS
    D. NIDS
    B. HIDS
    (this multiple choice question has been scrambled)
  32. 432 Which of the following is the MOST important thing to consider when implementing an IDS solution?

    A. The personnel to interpret results
    B. The cost of the device
    C. Distinguishing between false negatives
    D. Distinguishing between false positives
    A. The personnel to interpret results
    (this multiple choice question has been scrambled)
  33. 433 Which of the following is the FIRST step in the implementation of an IDS?

    A. Decide on the model
    B. Decide on the type
    C. Purchase the equipment
    D. Document the existing network
    D. Document the existing network
    (this multiple choice question has been scrambled)
  34. 434 Which of the following encryption algorithms is used for encryption and decryption of data?

    A. SHA-1
    B. MD5
    C. RC5
    D. NTLM
    C. RC5
    (this multiple choice question has been scrambled)

  35. B. Transport and Tunnel



    436 Which of the following would a technician use to check data integrity?

    A. Rivest cipher 4
    B. Message authentication code
    C. Digital signature algorithm
    D. Encapsulating security protocol
    B. Message authentication code
    (this multiple choice question has been scrambled)
  36. 437 Which of the following are the functions of asymmetric keys?

    A. Sign, validate, encrypt and verify
    B. Decrypt, validate, encode and verify
    C. Encrypt, sign, decrypt and verify
    D. Decrypt, decipher, encode and encrypt
    C. Encrypt, sign, decrypt and verify
    (this multiple choice question has been scrambled)
  37. 438 Which of the following is the purpose of the AH?

    A. Provides confidentiality
    B. Provides non-repudiation
    C. Provides authorization
    D. Provides integrity
    D. Provides integrity
    (this multiple choice question has been scrambled)
  38. 439 Which of the following describes the insertion of additional bytes of data into a packet?

    A. Padding
    B. Header injection
    C. Encapsulating
    D. TCP hijacking
    A. Padding
    (this multiple choice question has been scrambled)
  39. 440 Which of the following is true regarding authentication headers (AH)?

    A. The authentication information may be the same on different packets if the integrity remains in place
    B. The authentication information hash will increase by one if the bytes remain the same on transfer
    C. The authentication information hash will remain the same if the bytes change on transfer
    D. The authentication information is a keyed hash based on all of the bytes in the packet
    D. The authentication information is a keyed hash based on all of the bytes in the packet
    (this multiple choice question has been scrambled)

  40. C. 8021x



    442 The method of controlling how and when users can connect in from home is called which of the following?

    A. Remote access policy
    B. Virtual Private Networking (VPN)
    C. Remote authentication
    D. Terminal access control
    A. Remote access policy
    (this multiple choice question has been scrambled)
  41. 443 Which of the following is the main limitation with biometric devices?

    A. The false rejection rate
    B. They can be easily fooled or bypassed
    C. The error human factor
    D. They are expensive and complex
    D. They are expensive and complex
    (this multiple choice question has been scrambled)
  42. 444 Who is ultimately responsible for the amount of residual risk?

    A. The organizations security officer
    B. The security technician
    C. The senior management
    D. The DRP coordinator
    C. The senior management
    (this multiple choice question has been scrambled)
  43. 445 Which of the following typically use IRC for command and control activities?

    A. Trojan
    B. Worms
    C. Logic bombs
    D. Botnets
    D. Botnets
    (this multiple choice question has been scrambled)
  44. 446 When designing a firewall policy, which of the following should be the default action?

    A. Implicit deny
    B. Least privilege
    C. DMZ
    D. Implicit allow
    A. Implicit deny
    (this multiple choice question has been scrambled)
  45. 447 If hashing two different files creates the same result, which of the following just occurred?

    A. A collision
    B. A duplication
    C. A mirror
    D. A pseudo-random event
    A. A collision
    (this multiple choice question has been scrambled)
  46. 448 Which of the following type of protection is hashing used to provide?

    A. Confidentiality
    B. Cryptographic randomness
    C. Collision
    D. Integrity
    D. Integrity
    (this multiple choice question has been scrambled)
  47. 449 All of the following are part of the disaster recovery plan EXCEPT:

    A. identifying all assets
    B. system backups
    C. patch management software
    D. obtaining management buy-in
    C. patch management software
    (this multiple choice question has been scrambled)
  48. 450 Which of the following is MOST likely to make a disaster recovery exercise valuable?

    A. Learning from the mistakes of the exercise
    B. Conducting intricate, large-scale mock exercises
    C. Revising the disaster recovery plan during the exercise
    D. Management participation
    A. Learning from the mistakes of the exercise
    (this multiple choice question has been scrambled)
  49. 451 Which of the following allows directory permissions to filter down through the sub-directory hierarchy?

    A. Inheritance
    B. Mirroring
    C. Replication
    D. Impedance
    A. Inheritance
    (this multiple choice question has been scrambled)
  50. 452 Which of the following access control models BEST follows the concept of separation of duties?

    A. Discretionary Access Control (DAC)
    B. Rule-base access control (RBAC)
    C. Role-based access control (RBAC)
    D. Mandatory Access Control (MAC)
    C. Role-based access control (RBAC)
    (this multiple choice question has been scrambled)
  51. 453 Which of the following would MOST likely prevent a PC application from accessing the network?

    A. Host-based firewall
    B. Virtualization
    C. HIDS
    D. Antivirus
    A. Host-based firewall
    (this multiple choice question has been scrambled)
  52. 454 A technician is investigating intermittent switch degradation. The issue only seems to occur when the buildings roof air conditioning system runs. Which of the following would reduce the connectivity issues?

    A. Adding a heat deflector
    B. Redundant HVAC systems
    C. Shielding
    D. Add a wireless network
    C. Shielding
    (this multiple choice question has been scrambled)
  53. 455 A technician tracks the integrity of certain files on the server. Which of the following algorithms provide this ability?

    A. SHA-1
    B. 3DES
    C. XOR
    D. AES
    A. SHA-1
    (this multiple choice question has been scrambled)
  54. 456 Which of the following describes the standard load for all systems?

    A. Group policy
    B. Security template
    C. Patch management
    D. Configuration baseline
    D. Configuration baseline
    (this multiple choice question has been scrambled)
  55. 457 When testing a newly released patch, a technician should do all of the following EXCEPT:

    A. verify the integrity of the patch
    B. test it in a non-production environment
    C. verify the patch is relevant to the system
    D. deploy immediately using Patch Management
    D. deploy immediately using Patch Management
    (this multiple choice question has been scrambled)
  56. 458 A botnet zombie is using HTTP traffic to encapsulate IRC traffic. Which of the following would detect this encapsulated traffic?

    A. Proxy server
    B. Rootkit
    C. Anomaly-based IDS
    D. Vulnerability scanner
    C. Anomaly-based IDS
    (this multiple choice question has been scrambled)
  57. 459 Documentation review, log review, rule-set review, system configuration review, network sniffing, and file integrity checking are examples of:

    A. black box testing techniques
    B. active security testing techniques
    C. invasive security testing techniques
    D. passive security testing techniques
    D. passive security testing techniques
    (this multiple choice question has been scrambled)
  58. 460 To determine whether a system is properly documented and to gain insight into the systems security aspects that are only available through documentation is the purpose of:

    A. active security testing techniques
    B. passive security testing techniques
    C. hybrid security testing techniques
    D. invasive security testing techniques
    B. passive security testing techniques
    (this multiple choice question has been scrambled)
  59. 461 Which of the following BEST describes external security testing?

    A. Conducted from outside the perimeter switch but inside the firewall
    B. Conducted from outside the organizations security perimeter
    C. Conducted from outside the building that hosts the organizations servers
    D. Conducted from outside the perimeter switch but inside the border router
    B. Conducted from outside the organizations security perimeter
    (this multiple choice question has been scrambled)
  60. 462 Port scanners can identify all of the following EXCEPT:

    A. vulnerabilities
    B. applications
    C. operating systems
    D. active hosts
    A. vulnerabilities
    (this multiple choice question has been scrambled)
  61. 463 All of the following are limitations of a vulnerability scanner EXCEPT:

    A. it only uncovers vulnerabilities for active systems
    B. it relies on a repository of signatures
    C. it generates a high false-positive error rate
    D. it generates less network traffic than port scanning
    D. it generates less network traffic than port scanning
    (this multiple choice question has been scrambled)
  62. 464 Which of the following can BEST aid in preventing a phishing attack?

    A. Conducting user awareness training
    B. Requiring the use of stronger encryption
    C. Implementing two-factor authentication
    D. Enabling complex password policies
    A. Conducting user awareness training
    (this multiple choice question has been scrambled)
  63. 465 A travel reservation company conducts the majority of its transactions through a public facing website.

    Any downtime to this website results in substantial financial damage for the company. One web server is connected to several distributed database servers. Which of the following describes this scenario?

    A. RAID
    B. Warm site
    C. Single point of failure
    D. Proxy server
    C. Single point of failure
    (this multiple choice question has been scrambled)
  64. 466 Which of the following is MOST commonly used to secure a web browsing session?

    A. HTTPS
    B. S/MIME
    C. SHTTP
    D. SSH
    A. HTTPS
    (this multiple choice question has been scrambled)
  65. 467 One of the reasons that DNS attacks are so universal is DNS services are required for a computer to access:

    A. the Internet
    B. WLANs
    C. LANs
    D. WANs
    A. the Internet
    (this multiple choice question has been scrambled)
  66. 468 One of the security benefits to using virtualization technology is:

    A. if one instance is compromised no other instances can be compromised
    B. virtual instances are not affected by conventional port scanning techniques
    C. if an instance is compromised the damage can be compartmentalized
    D. applying a patch to the server automatically patches all instances
    C. if an instance is compromised the damage can be compartmentalized
    (this multiple choice question has been scrambled)
  67. 469 A virtual server implementation attack that affects the:

    A. system registry will affect all virtual instances
    B. OS kernel will affect all virtual instances
    C. disk partition will affect all virtual instances
    D. RAM will affect all virtual instances
    D. RAM will affect all virtual instances
    (this multiple choice question has been scrambled)
  68. 470 An administrator wants to set up a new web server with a static NAT. Which of the following is the BEST reason for implementing NAT?

    A. Publishes the organizations internal network addressing scheme
    B. Publishes the organizations external network addressing scheme
    C. Hides the organizations external network addressing scheme
    D. Hides the organizations internal network addressing scheme
    D. Hides the organizations internal network addressing scheme
    (this multiple choice question has been scrambled)
  69. 471 Which of the following is the BEST reason for an administrator to use port address translation (PAT) instead of NAT on a new corporate mail gateway?

    A. PAT provides the mail gateway with protection on port 25
    B. PAT allows external users to access the mail gateway on pre-selected ports
    C. PAT allows external users to access the mail gateway on random ports
    D. PAT provides the mail gateway with protection on port 24
    B. PAT allows external users to access the mail gateway on pre-selected ports
    (this multiple choice question has been scrambled)
  70. 472 Which of the following describes a static NAT?

    A. A static NAT uses a many to one mapping
    B. A static NAT uses a many to many mapping
    C. A static NAT uses a one to one mapping
    D. A static NAT uses a one to many mapping
    C. A static NAT uses a one to one mapping
    (this multiple choice question has been scrambled)
  71. 473 Which of the following if disabled will MOST likely reduce, but not eliminate the risk of VLAN jumping?

    A. DTP on all ports
    B. TACACS
    C. LAN manager
    D. ARP caching
    A. DTP on all ports
    (this multiple choice question has been scrambled)
  72. 474 An administrator is concerned that PCs on the internal network may be acting as zombies participating in external DDoS attacks. Which of the following could BEST be used to confirm the administrator?s suspicions?

    A. Proxy logs
    B. HIDS logs
    C. AV server logs
    D. Firewall logs
    D. Firewall logs
    (this multiple choice question has been scrambled)
  73. 475 Restricting access to files based on the identity of the user or group is an example of which of the following?

    A. PKI
    B. CRL
    C. DAC
    D. MAC
    C. DAC
    (this multiple choice question has been scrambled)
  74. 476 Restricting access to files based on the identity of the user or group and security classification of the information is an example of which of the following?

    A. RBAC
    B. NTFS
    C. MAC
    D. DAC
    C. MAC
    (this multiple choice question has been scrambled)
  75. 477 A new Internet content filtering device installed in a large financial institution allows IT administrators to log in and manage the device, but not the content filtering policy. Only the IT security operation staff can modify policies on the Internet filtering device. Which of the following is this an example of?

    A. Discretionary Access Control (DAC)
    B. Lightweight Directory Access Protocol (LDAP)
    C. Role-Based Access Control (RBAC)
    D. Mandatory Access Control (MAC)
    C. Role-Based Access Control (RBAC)
    (this multiple choice question has been scrambled)
  76. 478 Which of the following would BEST describe a disaster recovery plan (DRP)?

    A. Addresses the recovery of an organizations business documentation
    B. Addresses the recovery of an organizations email
    C. Addresses the recovery of an organizations IT infrastructure
    D. Addresses the recovery of an organizations backup site
    C. Addresses the recovery of an organizations IT infrastructure
    (this multiple choice question has been scrambled)
  77. 479 Which of the following is the primary objective of a business continuity plan (BCP)?

    A. Addresses the recovery of an organizations business operations
    B. Addresses the recovery of an organizations business payroll system
    C. Addresses the recovery of an organizations backup site
    D. Addresses the recovery of an organizations business facilities
    A. Addresses the recovery of an organizations business operations
    (this multiple choice question has been scrambled)
  78. 480 A software manufacturer discovered a design flaw in a new application. Rather than recall the software, management decided to continue manufacturing the product with the flaw. Which of the following risk management strategies was adopted by management?

    A. Risk acceptance
    B. Risk mitigation
    C. Risk avoidance
    D. Risk transfer
    A. Risk acceptance
    (this multiple choice question has been scrambled)
  79. 481 Which of the following BEST describes an application or string of code that cannot automatically spread from one system to another but is designed to spread from file to file?

    A. Virus
    B. Botnet
    C. Worm
    D. Adware
    A. Virus
    (this multiple choice question has been scrambled)
  80. 482 Which of the following is considered an independent program that can copy itself from one system to another and its main purpose is to damage data or affect system performance?

    A. Spyware
    B. Worm
    C. Spam
    D. Virus
    B. Worm
    (this multiple choice question has been scrambled)
  81. 483 All of the following are considered malware EXCEPT:

    A. logical bombs
    B. Trojan
    C. spam
    D. virus
    C. spam
    (this multiple choice question has been scrambled)
  82. 484 Which of the following NIDS configurations is solely based on specific network traffic?

    A. Signature-based
    B. Host-based
    C. Behavior-based
    D. Anomaly-based
    A. Signature-based
    (this multiple choice question has been scrambled)
  83. 485 Which of the following only looks at header information of network traffic?

    A. Internet content filter
    B. Application firewall
    C. Hybrid firewall
    D. Packet filter
    D. Packet filter
    (this multiple choice question has been scrambled)
  84. 486 Which of the following access control methods could the administrator implement because of constant hiring of new personnel?

    A. Rule-based
    B. Decentralized
    C. Role-based
    D. Discretionary
    C. Role-based
    (this multiple choice question has been scrambled)
  85. 487 When using a single sign-on method, which of the following could adversely impact the entire network?

    A. Biometrics
    B. Authentication server
    C. Web server
    D. Workstation
    B. Authentication server
    (this multiple choice question has been scrambled)
  86. 488 RADIUS uses all of the following authentication protocols EXCEPT:

    A. L2TP
    B. PAP
    C. CHAP
    D. EAP
    A. L2TP
    (this multiple choice question has been scrambled)
  87. 489 A HIDS is installed to monitor which of following?

    A. NIC performance
    B. Temporary Internet files
    C. System files
    D. CPU performance
    C. System files
    (this multiple choice question has been scrambled)
  88. 490 Which of the following intrusion detection systems uses statistical analysis to detect intrusions?

    A. Honeynet
    B. Knowledge
    C. Signature
    D. Anomaly
    D. Anomaly
    (this multiple choice question has been scrambled)
  89. 491 Which of the following intrusion detection systems uses well defined models of how an attack occurs?

    A. Behavior
    B. Anomaly
    C. Protocol
    D. Signature
    D. Signature
    (this multiple choice question has been scrambled)
  90. 492 Which of the following is a system that will automate the deployment of updates to workstations and servers?

    A. Remote access
    B. Patch management
    C. Installer package
    D. Service pack
    B. Patch management
    (this multiple choice question has been scrambled)
  91. 493 A user is concerned with the security of their laptops BIOS. The user does not want anyone to be able to access control functions except themselves. Which of the following will make the BIOS more secure?

    A. Encrypt the hard drive
    B. Password
    C. Create an access-list
    D. Flash the BIOS
    B. Password
    (this multiple choice question has been scrambled)
  92. 494 Which of the following is a method to apply system security settings to all workstations at once?

    A. Patch management
    B. Policy analyzer
    C. Configuration baseline
    D. A security template
    D. A security template
    (this multiple choice question has been scrambled)
  93. 495 Which of the following would be a method of securing the web browser settings on all network workstations?

    A. Internet content filter
    B. P2P software
    C. Control panel
    D. Group policy
    D. Group policy
    (this multiple choice question has been scrambled)
  94. 496 Which of the following is a limitation of a HIDS?

    A. They are difficult to install
    B. It does not capture MAC addresses
    C. Someone must manually review the logs
    D. It requires an open port on the firewall
    C. Someone must manually review the logs
    (this multiple choice question has been scrambled)
  95. 497 A technician has implemented a new network attached storage solution for a client. The technician has created many shares on the storage. Which of the following is the MOST secure way to assign permissions?

    A. Full control
    B. Authentication
    C. Separation of duties
    D. Least privilege
    D. Least privilege
    (this multiple choice question has been scrambled)
  96. 498 Which of the following is an example of a trust model?

    A. Managing the CA relationships
    B. Internet key exchange
    C. Recovery agent
    D. SSL/TLS
    A. Managing the CA relationships
    (this multiple choice question has been scrambled)
  97. 499 Which of the following is the common mail format for digitally signed and encrypted messages?

    A. MIME
    B. S/MIME
    C. SMTP
    D. SSL
    B. S/MIME
    (this multiple choice question has been scrambled)
  98. 500 Which of the following is the common way of implementing cryptography on network devices for encapsulating traffic between the device and the host managing them?

    A. SNMP
    B. S/MIME
    C. SSH
    D. SMTP
    C. SSH
    (this multiple choice question has been scrambled)

What would you like to do?

Home > Flashcards > Print Preview