multi test c

  1. 201 A user does not understand why the domain password policy is so stringent. Which of the following BEST demonstrates the security basis for the password policy?




    B. Explain how easy it is for a hacker to crack weak passwords
  2. 202 A company needs to have multiple servers running low CPU utilization applications. Which of the following is the MOST cost efficient method for accomplishing this?




    B. Install a single high end server, running multiple virtual servers
  3. 203 A programmer creates an application to accept data from a website. A user places more information than the program expects in the input field resulting in the back end database placing the extra information into the database. Which of the following is this an example of?




    C. SQL injection
  4. 204 Which of the following security threats is MOST commonly associated with a targeted distributed denial of service (DDoS)?




    B. Botnets
  5. 205 A developer added code to a financial system designed to transfer money to a foreign bank account on a specific time and date. The code would activate only if human resources processed the developers termination papers. The developer implemented which of the following security threats?




    C. Logic bomb
  6. 206 A CEO is concerned about staff browsing inappropriate material on the Internet via HTTPS. It has been suggested that the company purchase a product which could decrypt the SSL session, scan the content and then repackage the SSL session without staff knowing. Which of the following type of attacks is similar to this product?




    A. Man-in-the-middle
  7. 207 After a system risk assessment was performed it was found that the cost to mitigate the risk was higher than the expected loss if the risk was actualized. In this instance, which of the following is the BEST course of action?




    D. Accept the risk
  8. 208 A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If determining the risk, which of the following is the annual loss expectancy (ALE)?




    D. $7,290
  9. 209 A technician is deciding between implementing a HIDS on the database server or implementing a NIDS. Which of the following are reasons why a NIDS may be better to implement? (Select TWO).

    A. Many HIDS require frequent patches and updates
    B. Many HIDS are not able to detect network attacks
    C. Many HIDS have a negative impact on system performance
    D. Many HIDS only offer a low level of detection granularity
    E. Many HIDS are not good at detecting attacks on database servers
    • B. Many HIDS are not able to detect network attacks
    • C. Many HIDS have a negative impact on system performance
  10. 210 Which of the following scenarios is MOST likely to benefit from using a personal software firewall on a laptop?




    A. Office laptop connected to a home user?s network
  11. 211 Virtualized applications, such as virtualized browsers, are capable of protecting the underlying operating system from which of the following?




    A. Malware installation from suspects Internet sites
  12. 212 A flat or simple role-based access control (RBAC) embodies which of the following principles?




    B. Users assigned to roles, permissions are assigned to roles and users acquire permissions by being a member of the role
  13. 213 A number of unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated that this behavior stops. Which of the following is the BEST technology to install at the data center to prevent piggybacking?




    D. Mantrap
  14. 214 Which of the following is a security threat that hides its processes and files from being easily detected?




    D. Rootkit
  15. 215 Security templates are used for which of the following purposes? (Select TWO).

    A. To ensure that email is encrypted by users of PGP
    B. To ensure that PKI will work properly within the company?s trust model
    C. To ensure that performance is standardized across all servers
    D. To ensure that all servers start from a common security configuration
    E. To ensure that servers are in compliance with the corporate security policy
    • D. To ensure that all servers start from a common security configuration
    • E. To ensure that servers are in compliance with the corporate security policy
  16. 216 Frequent signature updates are required by which of the following security applications? (Select TWO).





    • B. Antivirus
    • E. IDS
  17. 217 When choosing an antivirus product, which of the following are the MOST important security considerations? (Select TWO).





    • E. The frequency of signature updates
    • E. The number of viruses the software can detect
  18. 218 Three generally accepted activities of patch management are: determining which patches are needed, applying the patches and which of the following?




    A. Auditing for the successful application of the patches
  19. 219 In which of the following situations would it be appropriate to install a hotfix?




    C. A patch is not available and workarounds do not correct the problem
  20. 220 Social engineering, password cracking and vulnerability exploitation are examples of which of the following?




    B. Penetration testing
  21. 221 If an administrator does not have a NIDS examining network traffic, which of the following could be used to identify an active attack?




    B. Protocol analyzer
  22. 222 Configuration baselines should be taken at which of the following stages in the deployment of a new system?




    C. After initial configuration
  23. 223 Which of the following practices should be implemented to harden workstations and servers?




    B. Install only needed software
  24. 224 Which of the following is a mechanism that prevents electromagnetic emanations from being captured?




    D. Faraday cage
  25. 225 Which of the following describes the difference between a secure cipher and a secure hash?




    A. A cipher can be reversed, a hash cannot
  26. 226 Which of the following physical threats is prevented with mantraps?




    B. Piggybacking
  27. 227 Which of the following BEST describes the differences between SHA-1 and MD5?




    C. SHA-1 produces few collisions than MD5
  28. 228 Which of the following BEST applies in the secure disposal of computers?




    A. Computer media must be sanitized
  29. 229 Which of the following BEST describes the differences between RADIUS and TACACS?




    C. TACACS separates authentication, authorization and auditing capabilities
  30. 230 Which of the following BEST describes the differences between RADIUS and TACACS?




    D. TACACS encrypts client-server negotiation dialog
  31. 231 Which of the following authentication mechanisms performs better in a secure environment?




    B. TACACS because it encrypts client-server negotiation dialogs
  32. 232 To evaluate the security compliance of a group of servers against best practices, which of the following BEST applies?




    A. Run a vulnerability assessment tool
  33. 233 Which of the following is a problem MOST often associated with UTP cable?




    B. Crosstalk
  34. 234 An administrator notices on the monthly firewall log that many of the internal PCs are sending packets on a routine basis to a single external PC. Which of the following BEST describes what is occurring?




    C. The remote PC has a zombie master application running and the local PCs have a zombie slave application running
  35. 235 An administrator notices that a PC is sending an unusual amount of email at odd times of the day. Which of the following should the administrator check for FIRST?




    C. A SMTP open relay
  36. 236 Which of the following would a password cracker help an administrator to find?




    B. Weak passwords
  37. 237 Which of the following is setup within a router?




    A. DMZ
  38. 238 Which of the following would BEST allow for fast, highly secure encryption of a USB flash drive?




    B. AES256
  39. 239 When is the correct time to discuss the appropriate use of electronic devices with a new employee?




    A. At time of hire
  40. 240 Which of the following could BEST assist in the recovery of a crashed hard drive?




    A. Forensics software
  41. 241 Which of the following facilitates the creation of an unencrypted tunnel between two devices?




    A. L2TP
  42. 242 Which of the following allows for a secure connection to be made through a web browser?




    A. SSL
  43. 243 Which of the following is the BEST order in which crucial equipment should draw power?




    A. UPS line conditioner, UPS battery, and backup generator
  44. 244 Which of the following would require a pre-sharing of information before a home user could attach to a neighbors wireless adapter?




    B. SSID broadcasting disabled
  45. 245 Which of the following would BEST allow an administrator to quickly find a rogue server on the network?




    C. A network mapper
  46. 246 Which of the following would BEST allow an administrator to quickly find a PC with a blank database administrator password?




    B. Vulnerability scanner
  47. 247 An administrator is backing up all server data nightly to a local NAS device. Which of the following additional steps should the administrator take for protection from disaster in the case the primary site is permanently lost?




    A. Backup all data at a preset interval to tape and store those tapes at a sister site in another city
  48. 248 Which of the following is the MOST intrusive on a network?




    C. Penetration testing
  49. 249 A single sign-on requires which of the following?




    C. A unified trust model
  50. 250 All of the following are where backup tapes should be kept EXCEPT:




    C. near a power line
  51. 251 All of the following require periodic updates to stay accurate EXCEPT:




    A. pop-up blocker applications
  52. 252 Which of the following is the quickest method to create a secure test server for a programmer?




    A. Create a virtual server on existing equipment
  53. 253 Which of the following is a collection of fixes for an application or operating system that has been tested by the vendor?




    C. A service pack
  54. 254 Which of the following usually applies specifically to a web browser?




    B. Pop-up blocker
  55. 255 Pre-shared keys apply to which of the following?




    B. PGP
  56. 256 Which of the following is a risk associated with a virtual server?




    C. If the physical server crashes, all of the local virtual servers go offline immediately
  57. 257 Which of the following exploits is only triggered by a specific date or time key?




    B. Logic bomb
  58. 258 Threats to a network could include: (Select TWO)

    A. penetration testing
    B. network audits
    C. disgruntled employees
    D. dial-up access
    E. disabled user accounts
    • C. disgruntled employees
    • D. dial-up access
  59. 259 An antivirus server keeps flagging an approved application that the marketing department has installed on their local computers as a threat. This is an example of:




    A. false positive
  60. 260 A vendor releases an application update to a recent service pack that addresses problems being experienced by some end users. This update would be considered a:




    B. hotfix
  61. 261 A technician is working on an end users desktop which has been having performance issues. The technician notices there seems to be a lot of activity on the NIC. A good tool to quickly check the current network connections of the desktop would be:




    A. netstat
  62. 262 A company has an issue with field users logging into VPN to connect to the mail server, and leaving their computers connected while in public places. The administrator needs to prevent both unauthorized access to the company email and data, and limit the impact on the VPN server. Which of the following BEST achieves this goal?




    A. Use group policy to lock computers after five minutes of inactivity, and limit VPN connections to one hour
  63. 263 The service provided by message authentication code (MAC) hash is:




    B. integrity
  64. 264 An administrator is running a network monitoring application that looks for behaviors on the network outside the standard baseline that has been established. This is typical of a(n):




    C. anomaly-based tool
  65. 265 Some examples of hardening techniques include all of the following EXCEPT:




    A. running weekly spyware applications
  66. 266 An administrator wants to block users from accessing a few inappropriate websites as soon as possible. The existing firewall allows blocking by IP address. To achieve this goal the administrator will need to:




    C. upgrade to a URL based filter to achieve the desired result
  67. 267 A CRL contains a list of which of the following type of keys?




    A. Both public and private keys
  68. 268 A user logs into their network with a smart card. Which of the following keys is used?




    D. Private key
  69. 269 An administrator wants to ensure that when an employee leaves the company permanently, that the company will have access to their private keys. Which of the following will accomplish this?




    A. Store the keys in escrow
  70. 270 When a server and workstation communicate via SSL, which of the following keys are being used? (Select TWO)





    • A. Public key
    • C. Session key
  71. 271 A user is going to dispose of some old hard drives. Which of the following should the user do to the drives before disposing of them?




    B. Use a certified wipe program to erase data
  72. 272 A user wants to implement very tight security controls for technicians that seek to enter the user?s datacenter. Which of the following solutions offers the BEST security controls?




    C. Biometric reader and smartcard
  73. 273 Which of the following concepts, requires users and system processes to be assigned minimum levels of permission to carry out the assigned task?




    A. Least privilege
  74. 274 When using discretionary access control (DAC), who determines access and what privileges they have?




    B. Owner
  75. 275 Which of the following is a security benefit of mandatory vacations?




    C. Detecting fraud
  76. 276 The data custodian in an organization is responsible for:




    A. recoverability of the data
  77. 277 Which of the following organizational documentation describes how tasks or job functions should be conducted?




    C. Procedures
  78. 278 Which of the following organizational documentation provides high level objectives that change infrequently?




    D. Policy
  79. 279 Which of the following sites can be online the QUICKEST and does not require data restoration from backup media to ensure the production data is as current as possible?




    C. Mirrored site
  80. 280 Which of the following are MOST likely to be analyzed by Internet filter appliances/servers? (Select THREE).






    • B. Certificates
    • D. URLs
    • E. Content
  81. 281 The primary function of risk management in an organization is to reduce risk to a level:




    D. the organization will accept
  82. 282 Which of the following BEST describes risk analysis?




    A. Evaluation and assessment
  83. 283 A financial institution performed a risk assessment on the DLT backup system used to store customer account details. The main risk highlighted was the long-term retention of electronically stored data. Which of the following is the MOST likely reason for the risk being raised?




    A. Compatibility of media and application systems
  84. 284 Which of the following hashing techniques is commonly disabled to make password cracking more difficult?




    D. NTLM
  85. 285 An organization has recently implemented a work from home program. Employees need to connect securely from home to the corporate network. Which of the following encryption technologies might BEST accomplish this?




    D. IPSec
  86. 286 The use of a physical token, PIN and a password during authentication is an example of which of the following?




    D. Two-factor authentication
  87. 287 Port 3535 is typically blocked for outbound traffic on a company?s LAN. An end-user has recently purchased a legitimate business program that needs to make outbound calls using this port. Which of the following steps should a technician take to allow this? (Select TWO)





    • A. Open the port on the company?s firewall
    • D. Open the port on the user?s personal software firewall
  88. 288 Which of the following describes software that is often written solely for a specific customer?s application?




    A. Hotfix
  89. 289 A security manager believes that too many services are running on a mission critical database server. Which of the following tools might a security analyst use to determine services that are running on the server, without logging into the machine?




    A. Port scanner
  90. 290 A manufacturing corporation has decided to send a highly sensitive message to one of their suppliers. The message is concealed inside a JPEG image of a beach resort. Which of the following is this an example of?




    A. Steganography
  91. 291 Which of the following encryption methods is often used along with L2TP?




    A. IPSec
  92. 292 An administrator is assigned to monitor servers in a data center. A web server connected to the Internet suddenly experiences a large spike in CPU activity. Which of the following is the MOST likely cause?




    B. DoS
  93. 293 Which of the following methods will help to identify when unauthorized access has occurred?




    D. Implement previous logon notification
  94. 294 Ensuring administrators have both a regular user account and a privileged user account is an example of applying which security principle?




    C. Least privilege
  95. 295 All of the following are steps in the incident response process EXCEPT:




    D. repudiation
  96. 296 Which of the following is an example of two-factor authentication for an information system?




    B. ATM card and PIN
  97. 297 Which of the following describes a spanned switch port in the context of IDS traffic analysis?




    D. An association of a set of source ports with a single destination port
  98. 298 A technician is performing an assessment on a router and discovers packet filtering is employed. Which of the following describes a security concern with stateless packet filtering?




    C. Packet payload is not checked
  99. 299 Which of the following describes the process of comparing cryptographic hash functions of system executables, configuration files, and log files?




    C. File integrity auditing
  100. 300 Which of the following is a cryptographic representation of non-repudiation?




    D. Digital signature
Author
johnnystevens
ID
10949
Card Set
multi test c
Description
multiple choice upload test
Updated