multi test e

  1. 401 To facilitate compliance with the Internet use portion of the corporate acceptable use policy, an administrator implements a series of proxy servers and firewalls. The administrator further recommends installation of software based firewalls on each host on the network. Which of the following would have provided an alternative simpler solution?




    B. Internet content filter
  2. 402 The marketing department wants to distribute pens with embedded USB drives to clients. In the past this client has been victimized by social engineering attacks which led to a loss of sensitive data. The security administrator advises the marketing department not to distribute the USB pens due to which of the following?




    C. The risks associated with the large capacity of USB drives and their concealable nature
  3. 403 USB drives create a potential security risk due to which of the following?




    C. Potential for software introduction
  4. 404 As a best practice, risk assessments should be based upon which of the following?




    B. A quantitative measurement of risk, impact and asset value
  5. 405 Which of the following is a cryptographic hash function?




    B. SHA
  6. 406 From a security standpoint, which of the following is the BEST reason to implement performance monitoring applications on network systems?




    A. To detect availability degradations caused by attackers
  7. 407 All of the following are methods used to conduct risk assessments EXCEPT:




    B. disaster exercises
  8. 408 After conducting a risk assessment, the main focus of an administrator should be which of the following?




    D. To ensure risk mitigation activities are implemented
  9. 409 Which of the following is a BEST practice when implementing a new system?




    D. Disable unneeded services
  10. 410 When installing and securing a new system for a home user which of the following are best practices? (Select THREE)






    • A. Use a strong firewall
    • C. Apply all system patches
    • F. Apply all service packs
  11. 411 Which of the following describes a logic bomb?




    A. A piece of malicious code that executes based on an event or date
  12. 412 Which of the following is a prerequisite for privilege escalation to occur?




    D. The attacker must have already gained entry into the system
  13. 413 Which of the following is an example of an attack that executes once a year on a certain date?




    B. Logic bomb
  14. 414 Which of the following is the GREATEST threat to highly secure environments?




    D. USB devices
  15. 415 Management has asked a technician to prevent data theft through the use of portable drives. Which of the following should the technician implement?




    C. Disable USB drives
  16. 416 A technician has been informed that many of the workstations on the network are flooding servers. Which of the following is the MOST likely cause of this?




    C. Worm
  17. 417 Which of the following BEST describes a way to prevent buffer overflows?




    D. Apply all security patches to workstations
  18. 418 Which of the following is a security reason to implement virtualization throughout the network infrastructure?




    B. To isolate the various network services and roles
  19. 419 Which of the following is a reason to use a Faraday cage?




    C. To mitigate data emanation
  20. 420 Weak encryption is a common problem with which of the following wireless protocols?




    A. WEP
  21. 421 Which of the following describes a tool used by organizations to verify whether or not a staff member has been involved in malicious activity?




    C. Mandatory vacations
  22. 422 Which of the following is a cross-training technique where organizations minimize collusion amongst staff?




    C. Job rotation
  23. 423 Which of the following will allow a technician to restrict a user?s access to the GUI?




    B. Group policy implementation
  24. 424 Which of the following is the MOST common logical access control method?




    C. Usernames and password
  25. 425 Which of the following verifies control for granting access in a PKI environment?




    C. Certificate authority
  26. 426 Which of the following explains the difference between a public key and a private key?




    D. The private key is only used by the client and kept secret while the public key is available to all
  27. 427 Which of the following is a countermeasure when power must be delivered to critical systems no matter what?




    C. Backup generator
  28. 428 Which of the following is the MOST important step to conduct during a risk assessment of computing systems?




    B. The identification of missing patches
  29. 429 Which of the following tools will allow a technician to detect security-related TCP connection anomalies?




    B. Performance monitor
  30. 430 Which of the following monitoring methodologies will allow a technician to determine when there is a security related problem that results in an abnormal condition?




    A. Anomaly-based
  31. 431 Which of the following systems is BEST to use when monitoring application activity and modification?




    B. HIDS
  32. 432 Which of the following is the MOST important thing to consider when implementing an IDS solution?




    D. The personnel to interpret results
  33. 433 Which of the following is the FIRST step in the implementation of an IDS?




    C. Document the existing network
  34. 434 Which of the following encryption algorithms is used for encryption and decryption of data?




    A. RC5

  35. B. Transport and Tunnel


    436 Which of the following would a technician use to check data integrity?




    D. Message authentication code
  36. 437 Which of the following are the functions of asymmetric keys?




    B. Encrypt, sign, decrypt and verify
  37. 438 Which of the following is the purpose of the AH?




    B. Provides integrity
  38. 439 Which of the following describes the insertion of additional bytes of data into a packet?




    D. Padding
  39. 440 Which of the following is true regarding authentication headers (AH)?




    B. The authentication information is a keyed hash based on all of the bytes in the packet

  40. C. 8021x


    442 The method of controlling how and when users can connect in from home is called which of the following?




    D. Remote access policy
  41. 443 Which of the following is the main limitation with biometric devices?




    D. They are expensive and complex
  42. 444 Who is ultimately responsible for the amount of residual risk?




    D. The senior management
  43. 445 Which of the following typically use IRC for command and control activities?




    D. Botnets
  44. 446 When designing a firewall policy, which of the following should be the default action?




    C. Implicit deny
  45. 447 If hashing two different files creates the same result, which of the following just occurred?




    A. A collision
  46. 448 Which of the following type of protection is hashing used to provide?




    C. Integrity
  47. 449 All of the following are part of the disaster recovery plan EXCEPT:




    C. patch management software
  48. 450 Which of the following is MOST likely to make a disaster recovery exercise valuable?




    C. Learning from the mistakes of the exercise
  49. 451 Which of the following allows directory permissions to filter down through the sub-directory hierarchy?




    A. Inheritance
  50. 452 Which of the following access control models BEST follows the concept of separation of duties?




    D. Role-based access control (RBAC)
  51. 453 Which of the following would MOST likely prevent a PC application from accessing the network?




    C. Host-based firewall
  52. 454 A technician is investigating intermittent switch degradation. The issue only seems to occur when the buildings roof air conditioning system runs. Which of the following would reduce the connectivity issues?




    A. Shielding
  53. 455 A technician tracks the integrity of certain files on the server. Which of the following algorithms provide this ability?




    D. SHA-1
  54. 456 Which of the following describes the standard load for all systems?




    C. Configuration baseline
  55. 457 When testing a newly released patch, a technician should do all of the following EXCEPT:




    A. deploy immediately using Patch Management
  56. 458 A botnet zombie is using HTTP traffic to encapsulate IRC traffic. Which of the following would detect this encapsulated traffic?




    C. Anomaly-based IDS
  57. 459 Documentation review, log review, rule-set review, system configuration review, network sniffing, and file integrity checking are examples of:




    A. passive security testing techniques
  58. 460 To determine whether a system is properly documented and to gain insight into the systems security aspects that are only available through documentation is the purpose of:




    A. passive security testing techniques
  59. 461 Which of the following BEST describes external security testing?




    A. Conducted from outside the organizations security perimeter
  60. 462 Port scanners can identify all of the following EXCEPT:




    D. vulnerabilities
  61. 463 All of the following are limitations of a vulnerability scanner EXCEPT:




    C. it generates less network traffic than port scanning
  62. 464 Which of the following can BEST aid in preventing a phishing attack?




    C. Conducting user awareness training
  63. 465 A travel reservation company conducts the majority of its transactions through a public facing website.

    Any downtime to this website results in substantial financial damage for the company. One web server is connected to several distributed database servers. Which of the following describes this scenario?




    B. Single point of failure
  64. 466 Which of the following is MOST commonly used to secure a web browsing session?




    B. HTTPS
  65. 467 One of the reasons that DNS attacks are so universal is DNS services are required for a computer to access:




    C. the Internet
  66. 468 One of the security benefits to using virtualization technology is:




    A. if an instance is compromised the damage can be compartmentalized
  67. 469 A virtual server implementation attack that affects the:




    D. RAM will affect all virtual instances
  68. 470 An administrator wants to set up a new web server with a static NAT. Which of the following is the BEST reason for implementing NAT?




    C. Hides the organizations internal network addressing scheme
  69. 471 Which of the following is the BEST reason for an administrator to use port address translation (PAT) instead of NAT on a new corporate mail gateway?




    A. PAT allows external users to access the mail gateway on pre-selected ports
  70. 472 Which of the following describes a static NAT?




    D. A static NAT uses a one to one mapping
  71. 473 Which of the following if disabled will MOST likely reduce, but not eliminate the risk of VLAN jumping?




    C. DTP on all ports
  72. 474 An administrator is concerned that PCs on the internal network may be acting as zombies participating in external DDoS attacks. Which of the following could BEST be used to confirm the administrator?s suspicions?




    C. Firewall logs
  73. 475 Restricting access to files based on the identity of the user or group is an example of which of the following?




    D. DAC
  74. 476 Restricting access to files based on the identity of the user or group and security classification of the information is an example of which of the following?




    A. MAC
  75. 477 A new Internet content filtering device installed in a large financial institution allows IT administrators to log in and manage the device, but not the content filtering policy. Only the IT security operation staff can modify policies on the Internet filtering device. Which of the following is this an example of?




    A. Role-Based Access Control (RBAC)
  76. 478 Which of the following would BEST describe a disaster recovery plan (DRP)?




    D. Addresses the recovery of an organizations IT infrastructure
  77. 479 Which of the following is the primary objective of a business continuity plan (BCP)?




    A. Addresses the recovery of an organizations business operations
  78. 480 A software manufacturer discovered a design flaw in a new application. Rather than recall the software, management decided to continue manufacturing the product with the flaw. Which of the following risk management strategies was adopted by management?




    B. Risk acceptance
  79. 481 Which of the following BEST describes an application or string of code that cannot automatically spread from one system to another but is designed to spread from file to file?




    B. Virus
  80. 482 Which of the following is considered an independent program that can copy itself from one system to another and its main purpose is to damage data or affect system performance?




    D. Worm
  81. 483 All of the following are considered malware EXCEPT:




    D. spam
  82. 484 Which of the following NIDS configurations is solely based on specific network traffic?




    A. Signature-based
  83. 485 Which of the following only looks at header information of network traffic?




    C. Packet filter
  84. 486 Which of the following access control methods could the administrator implement because of constant hiring of new personnel?




    A. Role-based
  85. 487 When using a single sign-on method, which of the following could adversely impact the entire network?




    C. Authentication server
  86. 488 RADIUS uses all of the following authentication protocols EXCEPT:




    D. L2TP
  87. 489 A HIDS is installed to monitor which of following?




    C. System files
  88. 490 Which of the following intrusion detection systems uses statistical analysis to detect intrusions?




    D. Anomaly
  89. 491 Which of the following intrusion detection systems uses well defined models of how an attack occurs?




    D. Signature
  90. 492 Which of the following is a system that will automate the deployment of updates to workstations and servers?




    C. Patch management
  91. 493 A user is concerned with the security of their laptops BIOS. The user does not want anyone to be able to access control functions except themselves. Which of the following will make the BIOS more secure?




    B. Password
  92. 494 Which of the following is a method to apply system security settings to all workstations at once?




    D. A security template
  93. 495 Which of the following would be a method of securing the web browser settings on all network workstations?




    C. Group policy
  94. 496 Which of the following is a limitation of a HIDS?




    C. Someone must manually review the logs
  95. 497 A technician has implemented a new network attached storage solution for a client. The technician has created many shares on the storage. Which of the following is the MOST secure way to assign permissions?




    A. Least privilege
  96. 498 Which of the following is an example of a trust model?




    A. Managing the CA relationships
  97. 499 Which of the following is the common mail format for digitally signed and encrypted messages?




    D. S/MIME
  98. 500 Which of the following is the common way of implementing cryptography on network devices for encapsulating traffic between the device and the host managing them?




    D. SSH
Author
johnnystevens
ID
10951
Card Set
multi test e
Description
multiple choice upload test
Updated