-
Which of the following protocols is used to authenticate the
client and server’s digital certificate?
TLS
-
access controls based on security classification and need to know best describes this level of access control?
Mandatory Access Control
-
Security officer receives reports of unauthorized personnel having access codes to the cipher locks of secure areas. What should immediately be implemented?
Physical Security Controls or Security Awareness Training?
Training.
-
An encrypted message is sent using PKI from client to server. Client claims it never sent the message. Which attribute of PKI best ensures the identity of the sender?
CRL
Non-repudiation
Trust models
Recovery agents
CRL
-
Which of the issues could cause a browser to display "The security certificate presented by this website was issued for a different website's address?
-The website cert was issued by a different CA than what the browser recognizes in its trusted CAs
-The website is using an expired self signed cert
-HTTPS://127.0.0.1 was used instead of HTTPS://localhost
-HTTPS://127.0.0.1 was used instead of HTTPS://localhost
-
Which of the following security concepts would the security admin use to mitigate the risk of data loss?
-cloud computing
-routine log review
-clean desk policy
clean desk policy
-
What is two-factor authentication?
something you know, something you have, something you are
-
What port is used for passive FTP
21
-
which of the following mitigation strategies is established to reduce risk when performing updates to business systems?
-Incident management
-server clustering
-change management
-forensic analysis
Change management
-
which of the following should a security manager implement to reduce the risk of employees working in collusion to embezzle funds from their company?
-least privilege
-acceptable use
-mandatory vacation
mandatory vacations
-
Which of the following protocols uses asymmetric key to open a session and then establishes a symmetric key for the remainder of the session?
-SFTP
-HTTPS
-TFTP
-TLS
HTTPS
-
in reviewing logs from hosts across the internet used to gather information on new malware. What is this?
-vulnerability scanner
-honeynet
-protocol analyzer
-port scanner
honeynet
-
2 best methods to protect against lost mobile device
-tethering
-screen lock PIN
-remote wipe
-device encryption
-
Which attack is used to gain access to SEH?
-cookie stealing
-buffer overflow
-directory traversal
-XML injection
SEH= structured error handling
Buffer overflow
-
Bluesnarfing versus bluejacking
bluejacking- sending unsolicited messages via bluetooth
bluesnarfing- stealing data via bluetooth
-
Which of the following is synonymous with a servers certificate?
-public key
-CRL
-Private key
-Recovery Agent
public key
-
Which uses UDP?
-TACAS+
-LDAP
-Kerberos
-RADIUS
RADIUS
-
The head hancho is concerned with moving an application to a cloud. Which of the following can be implemented to provide for data confidentiality assurance during and after the migration to the cloud?
-HPM technology
-Full Disk Encryption
-DLP technology
-TPM technology
HPM technology
-
Which of the following protocols is used in this capture?
12:33:43, SRC 192.168.4.3:3398, DST 10.67.33.20:8080, SYN/ACK
-HTTPS
-RDP
-HTTP
-SFTP
RDP
-
A workstation acts strangely. It is communicating with a known malicious destination over an encrypted tunnel. An antivirus scan doesn’t result in anything. That happened on the workstation?
-Zero-day attack
-known malware infection
-session hijacking
-cookie stealing
Zero-day attack
-
A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has 3 sub-interfaces, each configured with ACLs applied to them in 802.1 q trunks. Which of the following is most likely the reason for the sub-interfaces?
-network uses the subnet of 255.255.255.128
-The switch has several VLANs configured on it
-The sub-interfaces are configured for VoIP traffic
-The sub-interfaces each implement quality of service
The switch has several VLANs configured on it
-
Company employees are required to have workstation client certificates to access a bank website. These certs were backed up as a precautionary step before the new computer upgrade. After the upgrade and restoration, users sate they can access the bank’s website but not login. Which is the most likely the issue?
-The IP address of the clients have changed
-The client certificates have expired on the server
-The certificates have not been installed on the workstations
-The certificates have been installed on the CA
The certificates have not been installed on the workstations
-
During a routine audit a web server is flagged for allowing the use of weak ciphers. Which TWO should be disabled to mitigate risk?
-SSL 1.0
-RC4
-SSL 3.0
-DES
DES and SSL 1.0
-
A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected?
-ICMP
-BGP
-NetBIOS
-DNS
NetBIOS
-
Which of the following assets is MOST likely considered for DLP?
-Application server content
-USB mass storage devices
-Reverse proxy
-Print Server
USB Storage
-
Cross site scripting versus cross site forgery
CSS is when a page uses scripts within itself to misuse information within the page
CSF or “one click attack” gets you to click a link via e-mail, IM, or within the page and then tries to hijack cached credentials (i.e. authentication cookie)
-
Digital signatures provides which of the following?
-confidentiality
-authorization
-integrity
-authentication
integrity
-
Which of the following allows a network admin to implement an access control policy based on individual user characteristic and NOT on job function?
-Attributes based
-Implicit Deny
-Role based
-Rule based
Attributes based
-
RADIUS provides which of the following?
-authentication, authorization, availability
- authentication, authorization, auditing
- authentication, accounting, auditing
-authentication, authorization, accounting
authentication, authorization, accounting
-
Which of the following offers the LEAST secure encryption capabilities?
-TwoFish
-PAP
-NTLM
-CHAP
PAP
-
Which of the following network architecture concepts is used to securely isolate at the boundary between networks?
-VLAN
-Subnetting
-DMZ
-NAT
DMZ
-
During a security assessment, an administrator wishes to see which series are running on a remote server. Which of the following should the admin use?
-Port scanner
-network sniffer
-protocol analyzer
-process list
Port scanner
-
-
which of these provides additional encryption strength by repeating the encryption process with additional keys?
-AES
-3DES
-TwoFish
-Blowfish
3DES
|
|