Sec+B

Card Set Information

Author:
raschwe
ID:
267909
Filename:
Sec+B
Updated:
2014-03-25 17:42:15
Tags:
140331
Folders:

Description:
Review B
Show Answers:

Home > Flashcards > Print Preview

The flashcards below were created by user raschwe on FreezingBlue Flashcards. What would you like to do?


  1. Which of the following will allow Pete, a security analyst, to trigger a security alert because of a tracking cookie?

    A. Network based firewall
    B. Host based firewall
    C. Anti-spyware software
    D. Anti-spam software
    C. Anti-spyware software
    (this multiple choice question has been scrambled)
  2. Which of the following protocols allows for secure transfer of files? (Select TWO).

    A. ICMP
    B. SNMP
    C. SFTP
    D. SCP
    E. TFTP
    • C. SFTP
    • D. SCP
  3. Which of the following passwords is the LEAST complex?

    A. MyTr@in#8
    B. MyTr@in12
    C. MyTrain!45
    D. Mytr@in!!
    D. Mytr@in!!
    (this multiple choice question has been scrambled)
  4. During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection to an internal router, but not successfully log in to it. Which ports and protocols are MOST likely to be open on the firewall? (Select FOUR).

    A. 21
    B. 22
    C. 23
    D. 69
    E. 3389
    F. SSH
    G. Terminal services
    H. Rlogin
    I. Rsync
    J. Telnet
    • B. 22
    • C. 23
    • F. SSH
    • J. Telnet
  5. Which of the following is an application security coding problem?

    A. Patch management
    B. Application fuzzing
    C. Application hardening
    D. Error and exception handling
    D. Error and exception handling
    (this multiple choice question has been scrambled)
  6. An IT security technician needs to establish host based security for company workstations. Which of the following will BEST meet this requirement?

    A. Implement OS hardening by applying GPOs.
    B. Implement database hardening by applying vendor guidelines.
    C. Implement IIS hardening by restricting service accounts.
    D. Implement perimeter firewall rules to restrict access.
    A. Implement OS hardening by applying GPOs.
    (this multiple choice question has been scrambled)
  7. Which of the following is the MOST specific plan for various problems that can arise within a system?

    A. Continuity of Operation Plan
    B. Business Continuity Plan
    C. Disaster Recovery Plan
    D. IT Contingency Plan
    D. IT Contingency Plan
    (this multiple choice question has been scrambled)
  8. Which of the following BEST describes the weakness in WEP encryption?

    A. The initialization vector of WEP uses a crack-able RC4 encryption algorithm. Once enough packets are captured an XOR operation can be performed and the asymmetric keys can be derived.
    B. The WEP key has a weak MD4 hashing algorithm used. A simple rainbow table can be used to generate key possibilities due to MD4 collisions.
    C. The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.
    D. The WEP key is stored in plain text and split in portions across 224 packets of random data. Once enough packets are sniffed the IV portion of the packets can be removed leaving the plain text key.
    C. The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.
    (this multiple choice question has been scrambled)
  9. Sara, the Chief Security Officer (CSO), has had four security breaches during the past two years. Each breach has cost the company $3,000. A third party vendor has offered to repair the security hole in the system for $25,000. The breached system is scheduled to be replaced in five years. Which of the following should Sara do to address the risk?

    A. Ignore the risk saving $5,000.
    B. Transfer the risk saving $5,000.
    C. Accept the risk saving $10,000.
    D. Mitigate the risk saving $10,000.
    B. Transfer the risk saving $5,000.
    (this multiple choice question has been scrambled)
  10. Which of the following is an authentication and accounting service that uses TCP for connecting to routers and switches?

    A. TACACS+
    B. Kerberos
    C. DIAMETER
    D. RADIUS
    A. TACACS+
    (this multiple choice question has been scrambled)
  11. Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production system?

    A. Peer review
    B. Input validation
    C. Network intrusion detection system
    D. Anomaly-based HIDS
    B. Input validation
    (this multiple choice question has been scrambled)
  12. Pete, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection?

    A. Video surveillance
    B. HVAC
    C. Sign in and sign out logs
    D. Mantrap
    D. Mantrap
    (this multiple choice question has been scrambled)
  13. Which of the following should be connected to the fire alarm system in order to help prevent the spread of a fire in a server room without data loss to assist in an FM-200 deployment?

    A. Water base sprinkler system
    B. Video surveillance
    C. HVAC
    D. Electrical
    C. HVAC
    (this multiple choice question has been scrambled)
  14. Matt, a security consultant, has been tasked with increasing server fault tolerance and has been given no budget to accomplish his task. Which of the following can Matt implement to ensure servers will withstand hardware failure?

    A. RAID
    B. Hardware load balancing
    C. A cold site
    D. A host standby
    A. RAID
    (this multiple choice question has been scrambled)
  15. Which of the following fire suppression systems is MOST likely used in a datacenter?

    A. Dry-pipe
    B. FM-200
    C. Vacuum
    D. Wet-pipe
    B. FM-200
    (this multiple choice question has been scrambled)
  16. A security administrator has installed a new KDC for the corporate environment. Which of the following authentication protocols is the security administrator planning to implement across the organization?

    A. XTACACS
    B. RADIUS
    C. Kerberos
    D. LDAP
    C. Kerberos
    (this multiple choice question has been scrambled)
  17. While opening an email attachment, Pete, a customer, receives an error that the application has encountered an unexpected issue and must be shut down. This could be an example of which of the following attacks?

    A. Cross-site scripting
    B. Buffer overflow
    C. Directory traversal
    D. Header manipulation
    B. Buffer overflow
    (this multiple choice question has been scrambled)
  18. Jane has recently implemented a new network design at her organization and wishes to passively identify security issues with the new network. Which of the following should Jane perform?

    A. White box testing
    B. Vulnerability assessment
    C. Penetration testing
    D. Black box testing
    B. Vulnerability assessment
    (this multiple choice question has been scrambled)
  19. A security technician is working with the network firewall team to implement access controls at the company's demarc as part of the initiation of configuration management processes. One of the network technicians asks the security technician to explain the access control type found in a firewall. With which of the following should the security technician respond?

    A. Rule based access control
    B. Role based access control
    C. Discretionary access control
    D. Mandatory access control
    A. Rule based access control
    (this multiple choice question has been scrambled)
  20. Jane, a security administrator, has been tasked with explaining authentication services to the company's management team. The company runs an active directory infrastructure. Which of the following solutions BEST relates to the host authentication protocol within the company's environment?

    A. Least privilege
    B. Kerberos
    C. LDAP
    D. TACACS+
    B. Kerberos
    (this multiple choice question has been scrambled)
  21. Pete, the compliance manager, wants to meet regulations. Pete would like certain ports blocked only on all computers that do credit card transactions. Which of the following should Pete implement to BEST achieve this goal?

    A. A host-based intrusion prevention system
    B. Antivirus update system
    C. A network-based intrusion detection system
    D. A host-based firewall
    D. A host-based firewall
    (this multiple choice question has been scrambled)
  22. Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites.  Which of the following devices would BEST achieve this goal?

    A. Switch
    B. Spam filter
    C. Firewall
    D. URL content filter
    D. URL content filter
    (this multiple choice question has been scrambled)
  23. Pete, the system administrator, wishes to monitor and limit users' access to external websites.  Which of the following would BEST address this?

    A. Block all traffic on port 80.
    B. Implement NIDS.
    C. Use server load balancers.
    D. Install a proxy server.
    D. Install a proxy server.
    (this multiple choice question has been scrambled)
  24. Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure?

    A. NAP
    B. PAT
    C. DNAT
    D. NAC
    B. PAT
    (this multiple choice question has been scrambled)
  25. Matt, a security analyst, needs to select an asymmetric encryption method that allows for the same level of encryption strength with a lower key length than is typically necessary. Which of the following encryption methods offers this capability?

    A. ECC
    B. RSA
    C. Diffie-Hellman
    D. Twofish
    A. ECC
    (this multiple choice question has been scrambled)
  26. Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach?

    A. $3,750
    B. $75,000
    C. $15,000
    D. $1,500
    A. $3,750
    (this multiple choice question has been scrambled)
  27. Methods to test the responses of software and web applications to unusual or unexpected inputs is known as:

    A. HTML encoding.
    B. Web crawling.
    C. Brute force.
    D. Fuzzing.
    D. Fuzzing.
    (this multiple choice question has been scrambled)
  28. Pete needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall?

    A. TCP 22
    B. TCP 21
    C. UDP 69
    D. TCP 23
    A. TCP 22
    (this multiple choice question has been scrambled)
  29. Sara, a security architect, has developed a framework in which several authentication servers work together to increase processing power for an application. Which of the following does this represent?

    A. Load balancing
    B. RAID
    C. Clustering
    D. Warm site
    C. Clustering
    (this multiple choice question has been scrambled)
  30. Which statement is TRUE about the operation of a packet sniffer?

    A. It can only have one interface on a management network.
    B. It must be placed on a single virtual LAN interface.
    C. They are required for firewall operation and stateful inspection.
    D. The Ethernet card must be placed in promiscuous mode.
    D. The Ethernet card must be placed in promiscuous mode.
    (this multiple choice question has been scrambled)
  31. Which of the following firewall rules only denies DNS zone transfers?

    A. deny ip any any
    B. deny tcp any any port 53
    C. deny udp any any port 53
    D. deny all dns packets
    B. deny tcp any any port 53
    (this multiple choice question has been scrambled)
  32. Which of the following BEST explains the use of an HSM within the company servers?

    A. Thumb drives present a significant threat which is mitigated by HSM.
    B. Hardware encryption is faster than software encryption.
    C. Software encryption can perform multiple functions required by HSM.
    D. Data loss by removable media can be prevented with DLP.
    B. Hardware encryption is faster than software encryption.
    (this multiple choice question has been scrambled)
  33. Which of the following technologies can store multi-tenant data with different security requirements?

    A. Cloud computing
    B. Data loss prevention
    C. Hard drive encryption
    D. Trusted platform module
    A. Cloud computing
    (this multiple choice question has been scrambled)
  34. Matt, a security analyst, needs to implement encryption for company data and also prevent theft of company data. Where and how should Matt meet this requirement?

    A. Matt should implement access control lists and turn on EFS.
    B. Matt should install TPMs and encrypt the company database.
    C. Matt should install Truecrypt and encrypt the company server.
    D. Matt should implement DLP and encrypt the company database.
    D. Matt should implement DLP and encrypt the company database.
    (this multiple choice question has been scrambled)
  35. Which of the following types of encryption will help in protecting files on a PED?

    A. Encrypted hidden container
    B. Database encryption
    C. Transport layer encryption
    D. Mobile device encryption
    D. Mobile device encryption
    (this multiple choice question has been scrambled)
  36. Which of the following does full disk encryption prevent?

    A. Client side attacks
    B. Clear text access
    C. Network-based attacks
    D. Database theft
    B. Clear text access
    (this multiple choice question has been scrambled)
  37. Pete, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company's password policy. Which of the following should Pete do NEXT?

    A. Ask the application development manager to submit a risk acceptance memo so that the issue can be documented.
    B. Inform the Chief Information Officer of non-adherence to the security policy so that the developers can be reprimanded.
    C. Contact the Chief Information Officer and ask them to change the company password policy so that the application is made compliant.
    D. Tell the application development manager to code the application to adhere to the company's password policy.
    D. Tell the application development manager to code the application to adhere to the company's password policy.
    (this multiple choice question has been scrambled)
  38. Sara, a security manager, has decided to force expiration of all company passwords by the close of business day. Which of the following BEST supports this reasoning?

    A. Implementation of configuration management processes.
    B. Implementation of account lockout procedures.
    C. Enforcement of password complexity requirements.
    D. A recent security breach in which passwords were cracked.
    D. A recent security breach in which passwords were cracked.
    (this multiple choice question has been scrambled)
  39. Which of the following presents the STRONGEST access control?

    A. DAC
    B. RBAC
    C. MAC
    D. TACACS
    C. MAC
    (this multiple choice question has been scrambled)
  40. Which of the following encompasses application patch management?

    A. Configuration management
    B. Fuzzing
    C. Cross-site request forgery
    D. Policy management
    A. Configuration management
    (this multiple choice question has been scrambled)
  41. Sara, an application developer, implemented error and exception handling alongside input validation. Which of the following does this help prevent?

    A. Cross-site scripting
    B. Pop-up blockers
    C. Buffer overflow
    D. Fuzzing
    C. Buffer overflow
    (this multiple choice question has been scrambled)
  42. Which of the following is the LEAST volatile when performing incident response procedures?

    A. Registers
    B. RAM
    C. Hard drive
    D. RAID cache
    C. Hard drive
    (this multiple choice question has been scrambled)
  43. Pete, a developer, writes an application. Jane, the security analyst, knows some things about the overall application but does not have all the details. Jane needs to review the software before it is released to production. Which of the following reviews should Jane conduct?

    A. Business Impact Analysis
    B. White Box Testing
    C. Gray Box Testing
    D. Black Box Testing
    C. Gray Box Testing
    (this multiple choice question has been scrambled)
  44. The information security team does a presentation on social media and advises the participants not to provide too much personal information on social media web sites. This advice would BEST protect people from which of the following?

    A. Brute force attacks
    B. Rainbow tables attacks
    C. Birthday attacks
    D. Cognitive passwords attacks
    D. Cognitive passwords attacks
    (this multiple choice question has been scrambled)
  45. Pete's corporation has outsourced help desk services to a large provider. Management has published a procedure that requires all users, when receiving support, to call a special number. Users then need to enter the code provided to them by the help desk technician prior to allowing the technician to work on their PC. Which of the following does this procedure prevent?

    A. Pharming
    B. Collusion
    C. Impersonation
    D. Transitive Access
    C. Impersonation
    (this multiple choice question has been scrambled)
  46. Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address?

    A. Man-in-the-middle
    B. Interference
    C. ARP poisoning
    D. Rogue access point
    D. Rogue access point
    (this multiple choice question has been scrambled)
  47. Which of the following can be implemented with multiple bit strength?

    A. SHA-1
    B. DES
    C. MD4
    D. AES
    E. MD5
    D. AES
    (this multiple choice question has been scrambled)
  48. Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide?

    A. No competition with the company's official social presence
    B. Increased user productivity based upon fewer distractions
    C. Elimination of risks caused by unauthorized P2P file sharing
    D. Protection against malware introduced by banner ads
    D. Protection against malware introduced by banner ads
    (this multiple choice question has been scrambled)
  49. Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete's BEST option?

    A. Move the servers and data to another part of the company's main campus from the server room.
    B. Use hardware already at an offsite location and configure it to be quickly utilized.
    C. Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy.
    D. Retain data back-ups on the main campus and establish redundant servers in a virtual environment.
    B. Use hardware already at an offsite location and configure it to be quickly utilized.
    (this multiple choice question has been scrambled)
  50. A network stream needs to be encrypted. Sara, the network administrator, has selected a cipher which will encrypt 8 bits at a time before sending the data across the network. Which of the following has Sara selected?

    A. Block cipher
    B. Stream cipher
    C. CRC
    D. Hashing algorithm
    A. Block cipher
    (this multiple choice question has been scrambled)
  51. Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator.  Which of the following is configured in the RADIUS server and what technologies should the authentication protocol be changed to?

    A. PAP, MSCHAPv2
    B. CHAP, PAP
    C. MSCHAPv2, NTLMv2
    D. NTLM, NTLMv2
    A. PAP, MSCHAPv2
    (this multiple choice question has been scrambled)
  52. Which of the following is an advantage of implementing individual file encryption on a hard drive which already deploys full disk encryption?

    A. Double encryption causes the individually encrypted files to partially lose their properties
    B. File level access control only apply to individually encrypted files in a fully encrypted drive
    C. Individually encrypted files will remain encrypted when copied to external media
    D. Reduces processing overhead required to access the encrypted files
    C. Individually encrypted files will remain encrypted when copied to external media
    (this multiple choice question has been scrambled)
  53. An IT director is looking to reduce the footprint of their company's server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company. Which of the following BEST describes this arrangement?

    A. Infrastructure as a Service
    B. Software as a Service
    C. Platform as a Service
    D. Storage as a Service
    A. Infrastructure as a Service
    (this multiple choice question has been scrambled)
  54. A forensic analyst is reviewing electronic evidence after a robbery. Security cameras installed at the site were facing the wrong direction to capture the incident. The analyst ensures the cameras are turned to face the proper direction. Which of the following types of controls is being used?

    A. Deterrent
    B. Preventive
    C. Corrective
    D. Detective
    C. Corrective
    (this multiple choice question has been scrambled)
  55. A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in this scenario?

    A. IPv6
    B. WPA2
    C. WPA
    D. IPv4
    A. IPv6
    (this multiple choice question has been scrambled)
  56. The network administrator is responsible for promoting code to applications on a DMZ web server. Which of the following processes is being followed to ensure application integrity?

    A. Application firewall review
    B. Application change management
    C. Application hardening
    D. Application patch management
    B. Application change management
    (this multiple choice question has been scrambled)
  57. An IT auditor tests an application as an authenticated user. This is an example of which of the following types of testing?

    A. Penetration
    B. Black box
    C. White box
    D. Gray box
    D. Gray box
    (this multiple choice question has been scrambled)
  58. The manager has a need to secure physical documents every night, since the company began enforcing the clean desk policy. The BEST solution would include: (Select TWO).

    A. Fire- or water-proof safe.
    B. Department door locks.
    C. Proximity card.
    D. 24-hour security guard.
    E. Locking cabinets and drawers.
    • A. Fire- or water-proof safe.
    • E. Locking cabinets and drawers.
  59. Which of the following is an important implementation consideration when deploying a wireless network thatuses a shared password?

    A. Server certificate
    B. Authentication server
    C. Key length
    D. EAP method
    C. Key length
    (this multiple choice question has been scrambled)
  60. Which of the following would satisfy wireless network implementation requirements to use mutual authentication and usernames and passwords?

    A. EAP-TLS
    B. EAP-MD5
    C. WEP
    D. PEAP-MSCHAPv2
    D. PEAP-MSCHAPv2
    (this multiple choice question has been scrambled)
  61. Some customers have reported receiving an untrusted certificate warning when visiting the company's website. The administrator ensures that the certificate is not expired and that customers have trusted the original issuer of the certificate. Which of the following could be causing the problem?

    A. The intermediate CA certificates were not installed on the server.
    B. The client's browser is trying to negotiate SSL instead of TLS.
    C. The encryption key used in the certificate is too short.
    D. The certificate is not the correct type for a virtual server.
    A. The intermediate CA certificates were not installed on the server.
    (this multiple choice question has been scrambled)
  62. A security analyst needs to ensure all external traffic is able to access the company's front-end servers but protect all access to internal resources. Which of the following network design elements would MOST likely be recommended?

    A. DMZ
    B. Virtualization
    C. Cloud computing
    D. VLAN
    A. DMZ
    (this multiple choice question has been scrambled)
  63. A company's business model was changed to provide more web presence and now its ERM software is no longer able to support the security needs of the company. The current data center will continue to provide network and security services. Which of the following network elements would be used to support the new business model?

    A. DMZ
    B. Remote access support
    C. Software as a Service
    D. Infrastructure as a Service
    C. Software as a Service
    (this multiple choice question has been scrambled)
  64. Which of the following network devices is used to analyze traffic between various network interfaces?

    A. Firewalls
    B. Content inspection
    C. Sniffers
    D. Proxies
    C. Sniffers
    (this multiple choice question has been scrambled)
  65. Layer 7 devices used to prevent specific types of html tags are called:

    A. Routers.
    B. Firewalls.
    C. Content filters.
    D. NIDS.
    C. Content filters.
    (this multiple choice question has been scrambled)
  66. A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports?

    A. SNMP
    B. SNMPv3
    C. SSH
    D. ICMP
    B. SNMPv3
    (this multiple choice question has been scrambled)
  67. A security administrator has been tasked to ensure access to all network equipment is controlled by a central server such as TACACS+. This type of implementation supports which of the following risk mitigation strategies?

    A. Implement procedures to prevent data theft
    B. User rights and permissions review
    C. Change management
    D. Data loss prevention
    B. User rights and permissions review
    (this multiple choice question has been scrambled)
  68. Company A sends a PGP encrypted file to company B. If company A used company B's public key to encrypt the file, which of the following should be used to decrypt data at company B?

    A. Private key
    B. CRLs
    C. Registration
    D. Public key
    A. Private key
    (this multiple choice question has been scrambled)
  69. Which of the following types of authentication solutions use tickets to provide access to various resources from a central location?

    A. Kerberos
    B. PKI
    C. ACLs
    D. Biometrics
    A. Kerberos
    (this multiple choice question has been scrambled)
  70. A corporation is looking to expand their data center but has run out of physical space in which to store hardware. Which of the following would offer the ability to expand while keeping their current data center operated by internal staff?

    A. Subnetting
    B. SaaS
    C. Virtualization
    D. IaaS
    C. Virtualization
    (this multiple choice question has been scrambled)
  71. After viewing wireless traffic, an attacker notices the following networks are being broadcasted by local access points:

    Corpnet
    Coffeeshop
    FreePublicWifi

    Using this information the attacker spoofs a response to make nearby laptops connect back to a malicious device. Which of the following has the attacker created?

    A. Infrastructure as a Service
    B. Load balancer
    C. Evil twin
    D. Virtualized network
    C. Evil twin
    (this multiple choice question has been scrambled)
  72. Which of the following concepts is enforced by certifying that email communications have been sent by who the message says it has been sent by?

    A. Non-repudiation
    B. Hashing
    C. Multifactor authentication
    D. Key escrow
    A. Non-repudiation
    (this multiple choice question has been scrambled)
  73. After a recent breach, the security administrator performs a wireless survey of the corporate network. The security administrator notices a problem with the following output:
    MACSSIDENCRYPTIONPOWERBEACONS
    00:10:A1:36:12:CCMYCORPWPA2 CCMP601202
    00:10:A1:49:FC:37MYCORPWPA2 CCMP709102
    FB:90:11:42:FA:99MYCORPWPA2 CCMP403031
    00:10:A1:AA:BB:CCMYCORPWPA2 CCMP552021
    00:10:A1:FA:B1:07MYCORPWPA2 CCMP306044
    Given that the corporate wireless network has been standardized, which of the following attacks is underway?

    A. IV attack
    B. Evil twin
    C. Rogue AP
    D. DDoS
    B. Evil twin
    (this multiple choice question has been scrambled)
  74. Input validation is an important security defense because it:

    A. protects mis-configured web servers.
    B. rejects bad or malformed data.
    C. prevents denial of service attacks.
    D. enables verbose error reporting.
    B. rejects bad or malformed data.
    (this multiple choice question has been scrambled)
  75. In order to maintain oversight of a third party service provider, the company is going to implement a Governance, Risk, and Compliance (GRC) system. This system is promising to provide overall security posture coverage. Which of the following is the MOST important activity that should be considered?

    A. Baseline configuration and host hardening
    B. Service Level Agreement (SLA) monitoring
    C. Security alerting and trending
    D. Continuous security monitoring
    D. Continuous security monitoring
    (this multiple choice question has been scrambled)
  76. A recent audit of a company's identity management system shows that 30% of active accounts belong to people no longer with the firm. Which of the following should be performed to help avoid this scenario? (Select TWO).

    A. Automatically disable accounts that have not been utilized for at least 10 days.
    B. Utilize automated provisioning and de-provisioning processes where possible.
    C. Request that employees provide a list of systems that they have access to prior to leaving the firm.
    D. Perform regular user account review / revalidation process.
    E. Implement a process where new account creations require management approval.
    • B. Utilize automated provisioning and de-provisioning processes where possible.
    • D. Perform regular user account review / revalidation process.
  77. The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO's direction but has mandated that key authentication systems be run within the organization's network. Which of the following would BEST meet the CIO and CRO's requirements?

    A. Infrastructure as a Service
    B. Software as a Service
    C. Hosted virtualization service
    D. Platform as a Service
    B. Software as a Service
    (this multiple choice question has been scrambled)
  78. Which of the following provides the BEST application availability and is easily expanded as demand grows?

    A. Load balancing
    B. Server virtualization
    C. Active-Passive Cluster
    D. RAID 6
    A. Load balancing
    (this multiple choice question has been scrambled)
  79. An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL?

    A. Define three subnets, configure each device to use their own dedicated IP address range, and thenconnect the network to a router
    B. Install a firewall and connect it to a dedicated switch for each device type
    C. Install a firewall and connect it to the switch
    D. Create three VLANs on the switch connected to a router
    D. Create three VLANs on the switch connected to a router
    (this multiple choice question has been scrambled)
  80. Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card?

    A. MAC filtering
    B. WEP
    C. TKIP
    D. Disabled SSID broadcast
    A. MAC filtering
    (this multiple choice question has been scrambled)
  81. Which of the following provides additional encryption strength by repeating the encryption process with additional keys?

    A. AES
    B. TwoFish
    C. Blowfish
    D. 3DES
    D. 3DES
    (this multiple choice question has been scrambled)
  82. Which of the following BEST describes part of the PKI process?

    A. User1 hashes data with User2's private key
    B. User1 decrypts data with User2's private key
    C. User1 encrypts data with User2's public key
    D. User1 hashes data with User2's public key
    C. User1 encrypts data with User2's public key
    (this multiple choice question has been scrambled)
  83. Two members of the finance department have access to sensitive information. The company is concerned theymmay work together to steal information. Which of the following controls could be implemented to discover if they are working together?

    A. Separation of duties
    B. Mandatory vacations
    C. Mandatory access control
    D. Least privilege access
    B. Mandatory vacations
    (this multiple choice question has been scrambled)
  84. A system administrator attempts to ping a hostname and the response is 2001:4860:0:2001::68. Which of the following replies has the administrator received?

    A. IPv6 address
    B. IPv4 address
    C. The loopback address
    D. The local MAC address
    A. IPv6 address
    (this multiple choice question has been scrambled)
  85. Which of the following allows a network administrator to implement an access control policy based on individual user characteristics and NOT on job function?

    A. Rule based
    B. Attributes based
    C. Implicit deny
    D. Role based
    B. Attributes based
    (this multiple choice question has been scrambled)
  86. Which of the following is a best practice when a mistake is made during a forensics examination?

    A. The examiner should disclose the mistake and assess another area of the disc.
    B. The examiner should verify the tools before, during, and after an examination.
    C. The examiner should document the mistake and workaround the problem.
    D. The examiner should attempt to hide the mistake during cross-examination.
    C. The examiner should document the mistake and workaround the problem.
    (this multiple choice question has been scrambled)
  87. Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure?

    A. Recovery Agent
    B. Private Key
    C. Public Key
    D. Trust Model
    D. Trust Model
    (this multiple choice question has been scrambled)
  88. Which of the following offers the LEAST secure encryption capabilities?

    A. PAP
    B. TwoFish
    C. NTLM
    D. CHAP
    A. PAP
    (this multiple choice question has been scrambled)
  89. Which of the following network architecture concepts is used to securely isolate at the boundary between networks?

    A. NAT
    B. DMZ
    C. Subnetting
    D. VLAN
    B. DMZ
    (this multiple choice question has been scrambled)
  90. Datacenter access is controlled with proximity badges that record all entries and exits from the datacenter. The access records are used to identify which staff members accessed the data center in the event of equipment theft. Which of the following MUST be prevented in order for this policy to be effective?

    A. Social engineering
    B. Phishing
    C. Password reuse
    D. Tailgating
    D. Tailgating
    (this multiple choice question has been scrambled)
  91. Elastic cloud computing environments often reuse the same physical hardware for multiple customers over time as virtual machines are instantiated and deleted. This has important implications for which of the following data security concerns?

    A. Hardware integrity
    B. Availability of servers
    C. Integrity of data
    D. Data confidentiality
    D. Data confidentiality
    (this multiple choice question has been scrambled)
  92. When implementing fire suppression controls in a datacenter it is important to:

    A. Integrate maintenance procedures to include regularly discharging the system.
    B. Select a fire suppression system which protects equipment but may harm technicians.
    C. Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers.
    D. Use a system with audible alarms to ensure technicians have 20 minutes to evacuate.
    C. Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers.
    (this multiple choice question has been scrambled)
  93. Vendors typically ship software applications with security settings disabled by default to ensure a wide range of interoperability with other applications and devices. A security administrator should perform which of the following before deploying new software?

    A. Application white listing
    B. Network penetration testing
    C. Application hardening
    D. Input fuzzing testing
    C. Application hardening
    (this multiple choice question has been scrambled)
  94. A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another?

    A. Develop a patch management guide
    B. Virtual switches with VLANs
    C. Implement a virtual firewall
    D. Install HIPS on each VM
    B. Virtual switches with VLANs
    (this multiple choice question has been scrambled)
  95. Mandatory vacations are a security control which can be used to uncover which of the following?

    A. Software vulnerabilities in vendor code
    B. Poor password security among users
    C. Fraud committed by a system administrator
    D. The need for additional security staff
    C. Fraud committed by a system administrator
    (this multiple choice question has been scrambled)
  96. Each server on a subnet is configured to only allow SSH access from the administrator's workstation. Which of the following BEST describes this implementation?

    A. Host-based firewalls
    B. Network firewalls
    C. Host intrusion prevention
    D. Network proxy
    A. Host-based firewalls
    (this multiple choice question has been scrambled)
  97. During a security assessment, an administrator wishes to see which services are running on a remote server. Which of the following should the administrator use?

    A. Network sniffer
    B. Process list
    C. Port scanner
    D. Protocol analyzer
    C. Port scanner
    (this multiple choice question has been scrambled)
  98. In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be classified?

    A. Best practice
    B. Compliance activity
    C. Security control frameworks
    D. Access control methodologies
    A. Best practice
    (this multiple choice question has been scrambled)
  99. Disabling unnecessary services, restricting administrative access, and enabling auditing controls on a server are forms of which of the following?

    A. Creating a security baseline
    B. Application patch management
    C. System hardening
    D. Cross-site scripting prevention
    C. System hardening
    (this multiple choice question has been scrambled)
  100. A system administrator has noticed vulnerability on a high impact production server. A recent update wasmade available by the vendor that addresses the vulnerability but requires a reboot of the system afterwards.Which of the following steps should the system administrator implement to address the vulnerability?

    A. Backup the server, schedule downtime to install the patch, installs the patch and monitor for any changes
    B. Test the update in a lab environment, schedule downtime to install the patch, install the patch and reboot the server and monitor for any changes
    C. Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the patch, and monitor for any changes
    D. Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the update, reboot the server, and monitor for any changes
    D. Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the update, reboot the server, and monitor for any changes
    (this multiple choice question has been scrambled)

What would you like to do?

Home > Flashcards > Print Preview