Card Set Information

2010-04-02 17:07:22
Security Plus Security

SY0-201 CompTIA Security +( 2008 Edition) Exam
Show Answers:

  1. Who is responsible for establishing access permissions to network resources in the DAC access control model?
    The owner of the resource.
  2. Why do security researchers often use virtual machines?
    To offer an environment where malware can be executed with minimal risk to equipment and software
  3. Which access control system allows the system administrator to establish access permissions to network resources?
  4. You work as a network administrator for your company. Taking personal safety into consideration, what fire suppression substances types can effectively prevent damage to electronic equipment?
  5. Which of the following access control models uses roles to determine access permissions?
  6. Given: John is a network administrator. He advises the server administrator of his company to implement whitelisting, blacklisting, closing-open relays and strong authentication techniques. Question: Which threat is being addressed?
  7. Most current encryption schemes are based on
  8. Study the following items carefully, which one will permit a user to float a domain registration for a maximum of five days?
  9. Which of the following types of cryptography is typically used to provide an integrity check?
  10. The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates. The public key infrastructure is based on which encryption schemes?
  11. How is access control permissions established in the RBAC access control model?
    The role or responsibilities users have in the organization.
  12. Which threat is increased by the availability of portable external storage such as USB hard drives to networks?
    Removal of sensitive and PII data
  13. What does the DAC access control model use to identify the users who have permissions to a resource?
    Access Control Lists
  14. What does the DAC access control model use to identify the users who have permissions to a resource?
    Access Control Lists
  15. Which of the following describes a type of algorithm that cannot be reversed in order to decode the data?
    One Way Function
  16. CRL is short for Certificate Revocation List. Which types of keys are included in a CRL?
    Both public and private keys
  17. Secret Key encryption is also known as:
  18. Virtualized applications, such as virtualized browsers, can protect the underlying operating system from which of the following?
    Malware installation from suspects Internet sites
  19. What does the MAC access control model use to identify the users who have permissions to a resource?
    Predefined access privileges.
  20. For the following items, which one is a collection of servers setup to attract hackers?
  21. Which of the following statements regarding the MAC access control models is TRUE?
    In the Mandatory Access Control (MAC) users cannot share resources dynamically.
  22. Which description is correct about an application or string of code that could not automatically spread from one system to another but is designed to spread from file to file?
  23. Which of the following are types of certificate-based authentication? (Select TWO)
    Many-to-one mapping

    One-to-one mapping
  24. In computer security, an access control list (ACL) is a list of permissions attached to an object. Which log will reveal activities about ACL?
  25. The ability to logon to multiple systems with the same credentials is typically known as:
    Single sign-on
  26. For the following options, which is an area of the network infrastructure that allows a technician to put public facing systems into it without compromising the entire infrastructure?
  27. Which of the following would be MOST important to have to ensure that a company will be able to recover in case of severe environmental trouble or destruction?
    Disaster recovery plan
  28. Remote authentication allows you to authenticate Zendesk users using a locally hosted script. Which of the following is an example of remote authentication?
    A user in one city logs onto a network by connecting to a domain server in another city.
  29. Documentation describing a group expected minimum behavior is known as:
    Code of Ethics
  30. What maybe happen when hashing two different files creates the same result?
  31. The DAC (Discretionary Access Control) model has an inherent flaw. Choose the option that describes this flaw.
    The DAC (Discretionary Access Control) model uses only the identity of the user or specific process to control access to a resource. This creates a security loophole for Trojan horse attacks.
  32. The CEO of your company is worrying about staff browsing inappropriate material on the Internet via HTTPS. Your company is advised to purchase a product which can decrypt the SSL session, scan the content and then repackage the SSL session without staff knowing. Which type of attack is similar to this product?
  33. You work as the network administrator at Certkiller.com. The Certkiller.com network uses the RBAC (Role Based Access Control) model. You must plan the security strategy for users to access resources on the Certkiller.com network. The types of resources you must control access to are mailboxes, and files and printers. Certkiller.com is divided into distinct departments and functions named Finance, Sales, Research and Development, and Production respectively. Each user has its own workstation, and accesses resources based on the department wherein he/she works. You must determine which roles to create to support the RBAC (Role Based Access Control) model. Which of the following roles should you create?
    Create Finance, Sales, Research and Development, and Production roles.
  34. Sending a patch through a testing and approval process is an example of which option?
    Change management
  35. Choose the access control model that allows access control determinations to be performed based on the security labels associated with each user and each data item.
    MACs (Mandatory Access Control) method
  36. For the following items, which is a security limitation of virtualization technology?
    If an attack occurs, it could potentially disrupt multiple servers.
  37. A company's new employees are asked to sign a document that describes the methods of and purposes for accessing the company's IT systems. Which of the following BEST describes this document?
    Acceptable Use Policy
  38. What technology is able to isolate a host OS from some types of security threats?
  39. Which of the following is the BEST place to obtain a hotfix or patch for an application or system?
    The manufacturer's website
  40. Tom is a network administrator of his company. He guesses that PCs on the internal network may be acting as zombies participating in external DDoS attacks. Which item will most effectively confirm the administrators?? suspicions?
    Firewall logs
  41. Choose the terminology or concept which best describes a (Mandatory Access Control) model.
  42. Password cracking tools are available worldwide over the Internet. Which one of the following items is a password cracking tool?
    John the Ripper
  43. Which authentication method does the following sequence: Logon request, encrypts value response, server, challenge, compare encrypts results, authorize or fail referred to?
  44. IDS is short for Intrusion Detection Systems. Which option is the MOST basic form of IDS?
  45. Which of the following statements is TRUE regarding the Security Token system?
    If your token does not grant you access to certain information, that information will either not be displayed or your access will be denied. The authentication system creates a token every time a user or a session begins. At the completion of a session, the token is destroyed.
  46. Which statement is true about the cryptographic algorithm employed by TLS to establish a session key?
  47. To aid in preventing the execution of malicious code in email clients, which of the following should be done by the email administrator?
    Spam and anti-virus filters should be used
  48. Internet filter appliances/servers will most likely analyze which three items? (Select THREE).


  49. Which of the following types of publicly accessible servers should have anonymous logins disabled to prevent an attacker from transferring malicious data?
  50. Which practice can best code applications in a secure manner?
    Input validation
  51. In addition to bribery and forgery, which of the following are the MOST common techniques that attackers use to socially engineer people? (Select TWO)

    Assuming a position of authority
  52. Which of the following will restrict access to files according to the identity of the user or group?
  53. Which of the following would be an easy way to determine whether a secure web page has a valid certificate?
    Right click on the lock at the bottom of the browser and check the certificate information
  54. Which description is correct concerning the process of comparing cryptographic hash functions of system executables, configuration files, and log files?
    File integrity auditing
  55. A software or hardware device that allows only authorized network traffic in or out of a computer or network is called a:
  56. While hardening an operating system, which item is LEAST effective?
    Installing HIDS
  57. Which of the following types of attacks is BEST described as an attacker capturing part of a communication and later sending that communication segment to the server while pretending to be the client?
  58. In computer networking, network address translation (NAT) is the process of modifying network address information in datagram packet headers while in transit across a traffic routing device for the purpose of remapping a given address space into another. Which description is true about a static NAT?
    A static NAT uses a one to one mapping.
  59. Malicious code that enters a target system, lays dormant until a user opens the certain program then deletes the contents of attached network drives and removable storage devices is known as a:
    Logic Bomb
  60. Which action should be performed when discovering an unauthorized wireless access point attached to a network?
    Unplug the Ethernet cable from the wireless access point.
  61. Which of the following network authentication protocols uses symmetric key cryptography, stores a shared key for each network resource and uses a Key Distribution Center (KDC)?
  62. In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. As an Internet standard (RFC 1321), MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files. A user sees an MD5 hash number beside a file that they wish to download. Which description is true about a hash?
    A hash is a unique number that is generated based upon the files contents and should be verified after download.
  63. The risks of social engineering can be decreased by implementing:
    Security awareness training
  64. When a new network device is configured for first-time installation, which of the following is a security threat?
    Use of default passwords
  65. Which of the following access control models uses subject and object labels?
    Mandatory Access Control (MAC)
  66. Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. Which of the following is considered the weakest encryption?
  67. Which of the following access decisions are based on a Mandatory Access Control (MAC) environment?
    Sensitivity labels
  68. Which tool can best monitor changes to the approved system baseline?
    Enterprise performance monitoring software
  69. Audit log information can BEST be protected by: (Select TWO).
    Access controls that restrict usage

    Recording to write-once media.
  70. Which method will most effectively verify that a patch file downloaded from a third party has not been modified since the time that the original manufacturer released the patch?
    Compare the final MD5 hash with the original.
  71. Non-essential services are often appealing to attackers because non-essential services: (Select TWO)
    Are not typically configured correctly or secured

    Sustain attacks that go unnoticed
  72. Which action should be performed to harden workstations and servers?
    Install only needed software.
  73. A user downloads and installs a new screen saver and the program starts to rename and delete random files. Which of the following would be the BEST description of this program?
    Trojan horse
  74. John works as a network administrator for his company. He uses a tool to check SMTP, DNS, P0P3, and ICMP packets on the network. This is an example of which of the following?
    A protocol analyzer
  75. Which of the following types of malicious software travels across computer networks without requiring a user to distribute the software?
  76. What will be implemented by a technician to mitigate the chances of a successful attack against the wireless network?
    Implement an authentication system and WPA.
  77. Which of the following should be done if an audit recording fails in an information system?
    Send an alert to the appropriate personnel
  78. In order to recover discarded company documents, which of the following might an attacker resort to?
    Dumpster diving
  79. Which of the following types of authentication BEST describes providing a username, password and undergoing a thumb print scan to access a workstation?
  80. Which item specifies a set of consistent requirements for a workstation or server?
    Configuration baseline
  81. Which of the following steps is MOST often overlooked during the auditing process?
    Reviewing event logs regularly
  82. Users would not like to enter credentials to each server or application to conduct their normal work. Which type of strategy can solve this problem?
  83. Kerberos uses which of the following ports by default?
  84. What should be taken into consideration while executing proper logging procedures? (Select TWO).
    The information that is needed to reconstruct events

    The amount of disk space required
  85. Turnstiles, double entry doors and security guards are all prevention measures for which of the following types of social engineering?
  86. In computer programming, DLL injection is a technique used to run code within the address space of another process by forcing it to load a dynamic-link library. Which activity is MOST closely associated with DLL injection?
    Penetration testing
  87. Spam is considered a problem even when deleted before being opened because spam:
    Wastes Company Bandwidth
  88. Alex is a network administrator of his company. He is backing up all server data nightly to a local NAS device. Which additional action should Alex perform to block disaster in the case the primary site is permanently lost?
    Backup all data at a preset interval to tape and store those tapes at a sister site in another city.
  89. Which of the following programming techniques should be used to prevent buffer overflow attacks?
    Input validation
  90. Which description is correct about the standard load for all systems?
    Configuration baseline
  91. Which of the following authentication systems make use of the KDC Key Distribution Center?
  92. A digital signature or digital signature scheme is a type of asymmetric cryptography. For messages sent through an insecure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. While using a digital signature, the message digest is encrypted with which of the following keys?
    Senders private key
  93. Which of the following authentication methods increases the security of the authentication process because it must be in your physical possession?
    Smart Cards.
  94. Users need to access their email and several secure applications from any workstation on the network. In addition, an authentication system implemented by the administrator requires the use of a username, password, and a company issued smart card. This is an example of which of the following?
  95. Which of the following statements regarding authentication protocols is FALSE?
    MS-CHAP version 1 is capable of mutual authentication of both the client and the server.
  96. Many unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated to stop this behavior. Which technology should be installed at the data center to prevent piggybacking?
  97. Which password management system best provides for a system with a large number of users?
    Self service password reset management systems
  98. Why will a Faraday cage be used?
    To mitigate data emanation
  99. Which definition best defines what a challenge-response session is?
    A challenge-response session is a workstation or system that produces a random challenge string that the user provides, when prompted, in conjunction with the proper PIN (Personal Identification Number).
  100. The hashing algorithm is created from a hash value, making it nearly impossible to derive the original input number. Which item can implement the strongest hashing algorithm?
  101. For which reason are clocks used in Kerberos authentication?
    Clocks are used to ensure that tickets expire correctly.
  102. Network utilization is the ratio of current network traffic to the maximum traffic that the port can handle. Which of the following can most effectively determine whether network utilization is abnormal?
    Performance baseline
  103. To reduce vulnerabilities on a web server, an administrator should adopt which of the following preventative measures?
    Apply the most recent manufacturer updates and patches to the server.
  104. A travel reservation organization conducts the majority of its transactions via a public facing website. Any downtime to this website will lead to serious financial damage for this organization. One web server is connected to several distributed database servers. Which statement is correct about this scenario?
    Single point of failure
  105. Which of the following is a common type of attack on web servers?
    Buffer overflow
  106. An Intrusion detection system (IDS) is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or disabling of computer systems, mainly through a network, such as the Internet. When an IDS is configured to match a specific traffic pattern, then which of the following is this referring to?
  107. The employees at a company are using instant messaging on company networked computers. The MOST important security issue to address when using instant messaging is that instant messaging:
    Communications are open and unprotected
  108. Removable storage has been around almost as long as the computer itself. Which of the following is the GREATEST security risk regarding removable storage?
    Confidentiality of data
  109. A VPN typically provides a remote access link from one host to another over:
    The Internet
  110. In which authentication model a ticket granting server is an important concept?
  111. Which of the following would be needed to ensure that a user who has received an email cannot claim that the email was not received?
  112. Coaxial cable is a cable consisting of an inner conductor, surrounded by a tubular insulating layer typically made from a flexible material with a high dielectric constant, all of which is then surrounded by another conductive layer (typically of fine woven wire for flexibility, or of a thin metallic foil), and then finally covered again with a thin insulating layer on the outside. Which is the primary security risk with coaxial cable?
    Data emanation from the core
  113. Which of the following portions of a company's network is between the Internet and an internal network?
    Demilitarized zone (DMZ)
  114. A technician is conducting a forensics analysis on a computer system. Which step should be taken FIRST?
    Get a binary copy of the system.
  115. Which of the following is MOST often used to allow a client or partner access to a network?
  116. In a secure environment, which authentication mechanism will perform better?
    TACACS because it encrypts client-server negotiation dialogs.
  117. Which of the following types of firewalls provides inspection at layer 7 of the OSI model?
  118. Which goals can be achieved by use of security templates? (Select TWO).
    To ensure that servers are in compliance with the corporate security policy

    To ensure that all servers start from a common security configuration
  119. A newly hired security specialist is asked to evaluate a company's network security. The security specialist discovers that users have installed personal software; the network OS has default settings and no patches have been installed and passwords are not required to be changed regularly. Which of the following would be the FIRST step to take?
    Enforce the security policy.
  120. Which of the following can be used to implement a procedure to control inbound and outbound traffic on a network segment?
  121. Giving each user or group of users only the access they need to do their job is an example of which of the following security principals?
  122. Giving each user or group of users only the access they need to do their job is an example of which of the following security principals?
    Least privilege
  123. Which one of the following is not Bluetooth threat?
    Smurf Attack.
  124. A company implements an SMTP server on their firewall. This implementation would violate which of the following security principles?
    Use a device as intended
  125. In computing, the Basic Input / Output System (BIOS , also known as the System BIOS, is a de facto standard defining a firmware interface for IBM PC Compatible computers. A user is concerned with the security of their laptops BIOS. The user would not like anyone to be able to access control functions except themselves. Which of the following could make the BIOS more secure?
  126. A company is upgrading the network and needs to reduce the ability of users on the same floor and network segment to see each other's traffic. Which of the following network devices should be used?
  127. In computing, a Uniform Resource Locator (URL) is a type of Uniform Resource Identifier (URI) that specifies where an identified resource is available and the mechanism for retrieving it. When a user attempts to go to a website, he notices the URL has changed, which attack will MOST likely cause the problem?
    DNS poisoning
  128. A system administrator reports that an unauthorized user has accessed the network. Which of the following would be the FIRST action to take?
    Contain the problem.
  129. After analyzing vulnerability and applying a security patch, which non-intrusive action should be taken to verify that the vulnerability was truly removed?
    Repeat the vulnerability scan.
  130. A company's security' specialist is securing a web server that is reachable from the Internet. The web server is located in the core internal corporate network. The network cannot be redesigned and the server cannot be moved. Which of the following should the security specialist implement to secure the web server? (Select TWO).
    Host-based IDS

    Host-based firewall
  131. A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Which method can be used to perform denial of service (DoS) attacks?
  132. The CHAP (Challenge Handshake Authentication Protocol) sends a logon request from the client to the server, and the server sends a challenge back to the client At which stage does the CHAP protocol perform the handshake process? Choose the best complete answer.
    At the stage when the connection is established and at whichever time after the connection has been established.
  133. A network intrusion detection system (NIDS) is an intrusion detection system that tries to detect malicious activity such as denial of service attacks, port scans or even attempts to crack into computers by monitoring network traffic. Which NIDS configuration is solely based on specific network traffic?
  134. Which of the following are nonessential protocols and services?
    TFTP (Trivial File Transfer Protocol).
  135. You work as a network technician for your company. The company policy for availability needs full backups on Sunday and incremental backups each week night at 10 p.m. The file server crashes on Wednesday afternoon; how many types are required to restore the data on the file server for Thursday morning?
  136. Which of the following protocols are not recommended due to them supplying passwords and information over the network?
    SNMP (Simple Network Management Protocol).
  137. Which is the correct order in which crucial equipment should draw power?
    UPS line conditioner, UPS battery, and backup generator
  138. Most key fob based identification systems use which of the following types of authentication mechanisms? (Select TWO).

  139. Which item will MOST likely permit an attacker to make a switch function like a hub?
    MAC Flooding
  140. Which of the following describes a server or application that is accepting more input than the server or application is expecting?
    Buffer overflow
  141. The IP Authentication Header (AH) is used to provide connectionless integrity and data origin authentication for IP datagrams (hereafter referred to as just "authentication"), and to provide protection against replays. Which of the following is correct about authentication headers (AH)?
    The authentication information is a keyed hash based on all of the bytes in the packet.
  142. Which of the following refers to the ability to be reasonably certain that data is not modified or tampered with?
  143. Which description is correct about the form used while transferring evidence?
    Chain of custody
  144. Disguising oneself as a reputable hardware manufacturer's field technician who is picking up a server for repair would be described as:
    Social Engineering
  145. A graphical user interface (GUI) is a type of user interface which allows people to interact with electronic devices such as computers; hand-held devices such as MP3 Players, Portable Media Players or Gaming devices; household appliances and office equipment. Which of the following will allow a technician to restrict a user accessing to the GUI?
    Group policy implementation
  146. A security specialist has downloaded a free security software tool from a trusted industry site. The source has published the MD5 hash values for the executable program. The specialist performs a successful virus scan on the download but the MD5 hash is different. Which of the following steps should the specialist take?
    Avoid executing the file and contact the source website administrator
  147. Which authentication method will prevent a replay attack from occurring?
  148. Which of the following identifies the layer of the OSI model where SSL provides encryption?
  149. Which of the following can be used by a technician to detect staff members that are connecting to an unauthorized website?
    Protocol analyzer
  150. Which of the following would be the BEST reason to disable unnecessary services on a server?
    Attack surface and opportunity for compromise are reduced
  151. For the following items, which is an example of an attack that executes once a year on a certain date?
    Logic bomb
  152. Access controls based on security labels associated with each data item and each user are known as:
    Mandatory Access Control (MAC)
  153. Which tool can help the technician to find all open ports on the network?
    Network scanner
  154. A user is assigned access rights explicitly. This is a feature of which of the following access control models?
    Discretionary Access Control (DAC)
  155. Which algorithms can best encrypt large amounts of data?
    Symmetric key algorithms
  156. Which of the following describes an attacker encouraging a person to perform an action in order to be successful?
    Social engineering
  157. During which phase of identification and authentication does proofing occur?
  158. A user has received an email from a mortgage company asking for personal information including bank account numbers. This would BEST be described as:
  159. Which item can reduce the attack surface of an operating system?
    Disabling unused services
  160. Which of the following connectivity is required for a web server that is hosting an SSL based web site?
    Port 443 inbound
  161. For the following items, which is a protocol analyzer?
  162. Malicious port scanning is a method of attack to determine which of the following?
    The fingerprint of the operating system
  163. Which description is correct about a way to prevent buffer overflows?
    Apply all security patches to workstations.
  164. Which of the following is used to determine equipment status and modify the configuration or settings of network devices?
  165. Which item will effectively allow for fast, highly secure encryption of a USB flash drive?
  166. Which of the following describes the process by which a single user name and password can be entered to access multiple computer applications?
  167. Which of the following describes the process by which a single user name and password can be entered to access multiple computer applications?
    Single sign-on
  168. Network traffic is data in a network. Which tool can be used to review network traffic for clear text passwords?
    Protocol analyzer
  169. To preserve evidence for later use in court, which of the following needs to be documented?
    Chain of custody
  170. What are best practices while installing and securing a new system for a home user? (Select THREE).
    Use a strong firewall.

    Apply all system patches.

    Apply all service packs.
  171. Which of the following is a major reason that social engineering attacks succeed?
    Lack of security awareness
  172. Which security action should be finished before access is given to the network?
    Identification and authentication
  173. Which of the following types of backups requires that files and software that have been changed since the last full backup be copied to storage media?
  174. Which port must be open to allow a user to login remotely onto a workstation?
  175. Which item best describes an instance where a biometric system identifies legitimate users as being unauthorized?
    False rejection
  176. The purpose of the SSID in a wireless network is to:
    Identify the network
  177. Which of the following is the best description about the method of controlling how and when users can connect in from home?
    Remote access policy
  178. Which of the following would be the MOST common method for attackers to spoof email?
    Open relays
  179. The implicit deny will block anything you didn't specifically allow but you may have allowed stuff that you don't need. A technician is reviewing the system logs for a firewall and is told that there is an implicit deny within the ACL Which is an example of an implicit deny?
    Items which are not specifically given access are denied by default.
  180. Which of the following is often misused by spyware to collect and report a user's activities?
    Tracking cookie
  181. Which of the following is not identified within the penetration testing scope of work?
    a complete list of all network vulnerabilities.
  182. Choose the figure which represents the number of ports in the TCP/IP (Transmission Control Protocol/Internet Protocol) which are vulnerable to being scanned, attacked, and exploited.
    65,535 ports
  183. Tom is a network technician of his company. Now, he is making a decision between implementing a HIDS on the database server and implementing a NIDS. Why NIDS may be better to implement? (Select TWO).
    Many HIDS are not able to detect network attacks.
  184. Many HIDS have a negative impact on system performance.
  185. Which of the following would be considered a detrimental effect of a virus hoax? (Select TWO).
    Technical support resources are consumed by increased user calls.
  186. Users are tricked into changing the system configuration.
  187. To keep an 802.llx network from being automatically discovered, a user should:
    Turn off the SSID broadcast
  188. Which security policy will be most likely used while attempting to mitigate the risks involved with allowing a user to access company email via their cell phone?
    The cell phone should require a password after a set period of inactivity.
  189. Which of the following BEST describes the baseline process of securing devices on a network infrastructure?
  190. In computing, virtualization is a broad term that refers to the abstraction of computer resources. Which is a security reason to implement virtualization throughout the network infrastructure?
    To isolate the various network services and roles
  191. Which of the following types of removable media is write-once and appropriate for archiving security logs?
  192. After installing new software on a machine, what needs to be updated to the baseline?
    Behavior-based HIDS
  193. Which of the following could cause communication errors with an IPSec VPN tunnel because of changes made to the IP header?
  194. A PC is rejecting push updates from the server; all other PCs on the network are accepting the updates successfully. What should be examined first?
    Local firewall
  195. A company wants to connect the network to a manufacturer's network to be able to order parts. Which of the following types of networks should the company implement to provide the connection while limiting the services allowed over the connection?
  196. Malware, a portmanteau from the words malicious and software, is software designed to infiltrate or damage a computer system without the owner's informed consent. A network technician suspects that a piece of malware is consuming too many CPU cycles and slowing down a system. Which item can help determine the amount of CPU cycles being consumed?
    Run performance monitor to evaluate the CPU usage.
  197. Which of the following ports are typically used by email clients? (Select TWO)
  198. 110
  199. In order to allow for more oversight of past transactions, a company decides to exchange positions of the purchasing agent and the accounts receivable agent. Which is an example of this?
    Job rotation
  200. Fiber optic cable is considered safer than CAT5 because fiber optic cable: (Select TWO).
    Is not susceptible to interference.
  201. Is hard to tap in to.
  202. How to make sure that when an employee leaves the company permanently, the company will have access to their private keys?
    Store the keys in escrow.
  203. A DNS (Domain Name Service) server uses a specific port number. Choose this port number from the options
    Port 1,024
  204. An outside auditor has been contracted to determine whether weak passwords are being used on the network. In order to achieve this goal, the auditor is running a password cracker against the master password file. Which of the following is an example of this?
    Vulnerability assessment
  205. Which of the following access attacks would involve looking through your files in the hopes of finding something interesting
  206. Identify the service provided by message authentication code (MAC) hash;
  207. A company wants to implement a VLAN. Senior management believes that a VLAN will be secure because authentication is accomplished by MAC addressing and that dynamic trunking protocol (DTP) will facilitate network efficiency. Which of the following issues should be discussed with senior management before VLAN implementation?
    MAC addresses can be spoofed and DTP allows rogue network devices to configure ports
  208. John works as a network administrator for his company. On the monthly firewall log, he discovers that many internal PCs are sending packets on a routine basis to a single external PC. Which statement correctly describes what is happening?
    The remote PC has a zombie master application running and the local PCs have a zombie slave application running.
  209. Pretty Good Privacy (PGP) uses a PKI Trust Model where no certificate authority (CA) is subordinate to another. The model with no single trusted root is known as:
  210. Which key can be used by a user to log into their network with a smart card?
    Private key