701 Which of the following BEST allows a technician to mitigate the chances of a successful attack against the wireless network?
B. Implement an authentication system and WPA
702 A technician is reviewing the system logs for a firewall and is told that there is an implicit deny within the ACL. Which of the following is an example of an implicit deny?
C. Items which are not specifically given access are denied by default
703 Which of the following is the MOST likely reason that an attacker would use a DoS attack?
A. The attacker wants to prevent authorized users from using a certain service
704 Which of the following is a way to gather reconnaissance information from a printer resource?
C. SNMP
705 A technician gets informed that there is a worm loose on the network. Which of the following should the technician review to discover the internal source of the worm?
A. Antivirus logs
706 Which of the following BEST allows for the encryption of an entire hard drive?
D. Symmetric algorithm
707 Which of the following would a Faraday cage prevent usage of?
C. Cell phone
708 Which of the following will allow a technician to block certain HTTP traffic from company staff members?
C. Content filter
709 Which of the following is a security threat to a workstation that requires interaction from a staff member?
B. Virus
710 Which of the following will prevent a person from booting into removal storage media if the correct boot sequence is already set?
B. BIOS password settings
711 Which of the following ports need to be open to allow a user to login remotely onto a workstation?
D. 3389
712 Which of the following, if intercepted, could allow an attacker to access a user?s email information?
D. Browser cookies
713 Which of the following would allow a technician to minimize the risk associated with staff running port scanners on the network?
A. Group policy
714 Which of the following is the MOST effective application to implement to identify malicious traffic on a server?
D. HIDS software
715 Which of the following is the MOST appropriate type of software to apply on a workstation that needs to be protected from other locally accessible workstations?
A. Personal software firewall
716 Which of the following is a way for a technician to identify security changes on a workstation?
D. Configuration baseline
717 Which of the following is a way to correct a single security issue on a workstation?
B. A patch
718 Which of the following protects a home user from the Internet?
D. Personal firewall
719 Computer equipment has been stolen from a company?s office. To prevent future thefts from occurring and to safeguard the company?s trade secrets which of the following should be implemented?
A. Hardware locks and door access systems
720 Which of the following is the primary purpose for a physical access log in a data center?
A. Maintain a list of personnel who enter the facility
721 Which of the following biometric authentication devices also carries significant privacy implications due to personal health information that can be discovered during the authentication process?
C. Retina scanner
722 An administrator has already implemented two-factor authentication and now wishes to install a third authentication factor. If the existing authentication system uses strong passwords and PKI tokens which of the following would provide a third factor?
A. Fingerprint scanner
723 A biometric authentication system consists of all of the following components EXCEPT:
D. hardware token
724 Which of the following is an example of remote authentication?
A. A user in one city logs onto a network by connecting to a domain server in another city
725 Which of the following is a three-factor authentication system?
B. Username, password, token and iris scanner
726 Which of the following is an acceptable group in which to place end users?
A. Domain users
727 According to industry best practices, administrators should institute a mandatory rotation of duties policy due to which of the following?
C. Continuity of operations in the event of absence or accident
728 According to industry best practices, administrators should institute a mandatory rotation of duties policy due to which of the following?
D. To detect an inside threat
729 Which of the following is considered the strongest encryption by use of mathematical evaluation techniques?
D. AES
730 Which of the following should be implemented when protecting personally identifiable information (PII) and sensitive information on IT equipment that can be easily stolen (E. g. USB drive, laptops)?
B. Whole disk encryption
731 Which of the following is the BEST wireless security practice that could be implemented to prevent unauthorized access?
B. WPA2 with TKIP
732 Which of the following can prevent malicious software applications from being introduced while browsing the Internet?
A. Pop-up blockers
733 Which of the following are reasons to implement virtualization technology? (Select TWO)
B. To reduce recovery time in the event of application failure
E. To provide a secure virtual environment for testing
734 Network security administrators should implement which of the following to ensure system abuse by administrators does not go undetected in the logs?
C. Separation of duties
735 After completing a risk assessment and penetration test against a network, a security administrator recommends the network owner take actions to prevent future security incidents. Which of the following describes this type of action?
A. Risk mitigation
736 Public key infrastructure uses which of the following combinations of cryptographic items?
D. Private keys, public keys and asymmetric cryptography
737 An administrator wants to implement a procedure to control inbound and outbound traffic on a network segment. Which of the following would achieve this goal?
C. ACL
738 In PKI, the CA is responsible for which of the following?
B. Maintaining the CRL
739 In PKI, which of the following entities is responsible for publishing the CRL?
C. CA
740 Which of the following is a security risk associated with USB drives?
A. Easy to conceal and large storage capacity
741 Which of the following is a security risk associated with introducing cellular telephones with mobile OS installed on a closed network?
C. New vector to introduce viruses and malware to the network
742 The availability of portable external storage such as USB hard drives has increased which of the following threats to networks?
D. Removal of sensitive and PII data
743
An administrator finds a device attached between the USB port on a host and the attached USB keyboard. The administrator has also noticed large documents being transmitted from the host to a host on an external network. The device is MOST likely which of the following?
A. In-line keystroke logger
744 A user is receiving an error which they have not seen before when opening an application. Which of the following is MOST likely the cause of the problem?
B. A patch was pushed out
745 Which of the following is used to encrypt email and create digital signatures?
A. S/MIME
746 Which of the following can be used to encrypt FTP or telnet credentials over the wire?
B. SSH
747 Which of the following is a vulnerability assessment tool?
D. Nessus
748 Which of the following is a vulnerability scanner?
B. Microsoft Baseline Security Analyzer
749 Which of the following is a password cracking tool?
D. John the Ripper
750 Which of the following is a protocol analyzer?
B. WireShark
751 Which of the following is a system setup to distract potential attackers?
D. Honeypot
752 Changing roles every couple of months as a security mitigation technique is an example of which of the following?
A. Job rotation
753 Which of the following should be checked if an email server is forwarding emails for another domain?
A. SMTP open relay
754 Which of the following will allow the running of a system integrity verifier on only a single host?
D. HIDS
755 Which of the following has the ability to find a rootkit?
D. Malware scanner
756 Which of the following will be prevented by setting a BIOS password?
B. Changing the system boot order
757 Which of the following is a security limitation of virtualization technology?
A. If an attack occurs, it could potentially disrupt multiple servers
758 Which of the following must be used to setup a DMZ?
C. Router
759 Which of the following would be used to push out additional security hotfixes?
D. Patch management
760 Which of the following would be used to allow a server to shut itself down normally upon a loss of power?
B. Uninterruptible Power Supply (UPS)
761 Which of the following is the BEST security measure to use when implementing access control?
A. Password complexity requirements
762 Applying a service pack could affect the baseline of which of the following?
B. Heuristic-based NIDS
763 Which of the following is the strongest encryption form that can be used in all countries?
A. WEP
764 When would it be appropriate to use time of day restrictions on an account?
C. As an added security measure if employees work set schedules
765 Which of the following could be used to restore a private key in the event of a CA server crashing?
C. Recovery agent
766 Which of the following is a possible security risk associated with USB devices?
D. Bluesnarfing
767 Which of the following is MOST effective in preventing adware?
C. Pop-up blocker
768 Which of the following is the MOST important when implementing heuristic-based NIPS?
D. Ensure the network is secure when baseline is established
769 Which of the following attacks enabling logging for DNS aids?
