Security admin want to know which systems are more susceptible to an attack compared other on the network. Which assessment tool would be most effective
Which is the MAIN reason to require data labeling?
To ensure staff understands what data they are handling and processing
Which is MOST common a part of routine system audits
User rights and permissions reviews
Proper wireless antenna placement and radio power setting reduces the success of which reconnaissance methods
Which elements of PKI are found in a browsers's trusted root CA?
Which BEST Describes the process of key escrow
Maintains a secured copy of a user's private key FOR THE SOLE PURPOSE OF RECOVERING THE KEY IF IT IS LOST
A security administrator has discovered through a password auditing software that most passwords can be discovered by cracking the first seven characters and then cracking the second part of the password. Which is in use by the company
An adminstrator is updating firmware on routers throughout the company. Where should the administrator document this work.
Change Management System
DRPs should contain which of the following
Hierrarchical list of CRITICAL SYSTEMS
Which reduces the likelihood of a single point of failure when a server fails?
A penetration test shows that almost all database servers were able to be compromised through a default database user account witht he default password. Which of the following is MOS likely missing from the operational procedures
Which of the following is a policy that would force all users to organize their areas as well as help in reducing the risk of possible data theft?
Clean desk policy
Which of the following is the MOST secure way of storing keys of digital certificates used for decryption/encryption of SSL sessions?
Which of the following environmental controls would BEST be used to regulate cooling a datacenter?
Hot and cold aisles
The recovery agent is used to recover the
A business-critical application will be installed on an internet facing server. Which of the following is the BEST security control that should be performed in conjuction with updating the application to the MOST current version
Vendor-provided hardening docuemntation should be reviewed and applied
A user report that their 802.11n capable interface connects and disconnect frequently to an access point that was recently installed. The user has a Bluetooth enabled laptop. A compay in the next building had their wireless network breached last month. Which of the following is MOST likely causing the disconnections
The new access point was mis-configured and is interfering with another nearby access point
The security administrator is getting reports from the users that they are accessing certain websites andare unable to download anything off of those sites. The security administrator is also receiving several alarms from the IDS about suspicious traffic on the network. Which is the MOST likely cause?
NIPT is blocking activities from those specific websites
Where are revoked certificates stored
Which of the following are the default ports for HTTP and HTTPS protocols
80 and 443
Which of the following BEST describes the function of TPM
Hardware chip that stores encryption keys
An admin has implemented a policy that passwords expire after 60 days and cannot match their last six previous used passwords. Uwers are bypassing this policy by immediately changing their passwords six time sand then back to the original password. Which of the following can the admin MOST easily employ to prevent this unsecure practice with the least administrative effort
Create a policy that passwords cannot be changed more than once a day
The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses
the same key on each end of the transmission medium
Which of the following is the default rule found in a corporate firewall's access control list
Which of the following attackes is best described as the interruption of network traffic accompanined bythe insertion of malicious coe
A user downloades a keygen to install pirated software. After running the keygen, system performance is extrememmly slow and numberous antivirus alterts are displayed. Which of the following BEST describes this type of malware
Which of the following is a form of photo identification used to gain access into a secure location
Penetration testing should only be used during controlled conditions with express consent of the system owner because
penetration testing actively tests security controls and can cuase system instability
Which of the following is a reason to perform user awareness and training
To minimize the organizational risk posed by users
Which of the following should be used to help prevent device theft of unused assets
Which of the following PKI implementation element is responsible for verifying the authenticity of certifcate contents?
Performing routine security audits is form of which of the following controls
Which of the following allows an attacker to identify vulverabilities within a closed source software application
Reviewing an access control list on a firewall reveals a Drop ALL statement at the end of the rules. Which of the following describes this form of access control
Time of day restrictions
Which of the follwoing web application security weaknesses can be mitigated by preventing the use of HTML tags
Which of the following are BEST reasons to use a HSM
Several classified mobile devices have been stolen. Which of the following would BEST reduce the data leakage threat
Remotely santize the devices
A security admin ensures that certain characters and commands entered on a web server are not interpreted as legitmate data and not passed on to backend servers. This is an example of which
A purpose of LDAP authentication services is
a single point of user management
Which of the following software should a security admin implmement if serveral users are stating that they are receiving unwanted email containing advertisements
A sec admin is implementing a solution that can integrate with an existing server and provide encryption capabilities. Which meets this requirement?
Which of the follwoing tools provides the ability to determine if an application is transmitting a password in clear-text
Which environmental variables reduces potential for static discharges
Which is the primary purpose of using a digital signature
MOST likely performed by a web security gateway
Which would admin apply to mobile devices to BEST ensure confidentiality of data
Which protocol should be blocked at the network perimeter to prevent host enumeration by sweep devices
If secruity admin want to TELNET into a router to make config changes, which port needs to be open by default
Which of the follwoing must a security admin do when the private key of a web server has been compromised by an intruder
submit the public key to the CRL
Which of the following can cause hardware based drive encryption to see slower deployment?
A lack of management software
Which of the following is a best practice to identify fraud from an employee in a sensitive position?
Which protocals would be MOST secure methods to transer files from a host machine
A critical system in the datacenter is not connected to a UPS. The security admin has coordinated an authorizes service interruption to resolve this issue. This is an example of