ZO

Who is responsible for establishing access permissions to network resources in the DAC access control model?

Why do security researchers often use virtual machines?

Which access control system allows the system administrator to establish access permissions to network resources?

You work as a network administrator for your company. Taking personal safety into consideration, what fire suppression substances types can effectively prevent damage to electronic equipment?

Which of the following access control models uses roles to determine access permissions?

Given: John is a network administrator. He advises the server administrator of his company to implement whitelisting, blacklisting, closing-open relays and strong authentication techniques. Question: Which threat is being addressed?

Most current encryption schemes are based on

Study the following items carefully, which one will permit a user to float a domain registration for a maximum of five days?

Which of the following types of cryptography is typically used to provide an integrity check?

The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates. The public key infrastructure is based on which encryption schemes?

How is access control permissions established in the RBAC access control model?

Which threat is increased by the availability of portable external storage such as USB hard drives to networks?

What does the DAC access control model use to identify the users who have permissions to a resource?

What does the DAC access control model use to identify the users who have permissions to a resource?

Which of the following describes a type of algorithm that cannot be reversed in order to decode the data?

CRL is short for Certificate Revocation List. Which types of keys are included in a CRL?

Secret Key encryption is also known as:

Virtualized applications, such as virtualized browsers, can protect the underlying operating system from which of the following?

What does the MAC access control model use to identify the users who have permissions to a resource?

For the following items, which one is a collection of servers setup to attract hackers?

Which of the following statements regarding the MAC access control models is TRUE?

Which description is correct about an application or string of code that could not automatically spread from one system to another but is designed to spread from file to file?

Which of the following are types of certificate-based authentication? (Select TWO)

In computer security, an access control list (ACL) is a list of permissions attached to an object. Which log will reveal activities about ACL?

The ability to logon to multiple systems with the same credentials is typically known as:

For the following options, which is an area of the network infrastructure that allows a technician to put public facing systems into it without compromising the entire infrastructure?

Which of the following would be MOST important to have to ensure that a company will be able to recover in case of severe environmental trouble or destruction?

Remote authentication allows you to authenticate Zendesk users using a locally hosted script. Which of the following is an example of remote authentication?

Documentation describing a group expected minimum behavior is known as:

What maybe happen when hashing two different files creates the same result?

The DAC (Discretionary Access Control) model has an inherent flaw. Choose the option that describes this flaw.

The CEO of your company is worrying about staff browsing inappropriate material on the Internet via HTTPS. Your company is advised to purchase a product which can decrypt the SSL session, scan the content and then repackage the SSL session without staff knowing. Which type of attack is similar to this product?

You work as the network administrator at Certkiller.com. The Certkiller.com network uses the RBAC (Role Based Access Control) model. You must plan the security strategy for users to access resources on the Certkiller.com network. The types of resources you must control access to are mailboxes, and files and printers. Certkiller.com is divided into distinct departments and functions named Finance, Sales, Research and Development, and Production respectively. Each user has its own workstation, and accesses resources based on the department wherein he/she works. You must determine which roles to create to support the RBAC (Role Based Access Control) model. Which of the following roles should you create?

Sending a patch through a testing and approval process is an example of which option?

Choose the access control model that allows access control determinations to be performed based on the security labels associated with each user and each data item.

For the following items, which is a security limitation of virtualization technology?

A company's new employees are asked to sign a document that describes the methods of and purposes for accessing the company's IT systems. Which of the following BEST describes this document?

What technology is able to isolate a host OS from some types of security threats?

Which of the following is the BEST place to obtain a hotfix or patch for an application or system?

Tom is a network administrator of his company. He guesses that PCs on the internal network may be acting as zombies participating in external DDoS attacks. Which item will most effectively confirm the administrators?? suspicions?

Choose the terminology or concept which best describes a (Mandatory Access Control) model.

Password cracking tools are available worldwide over the Internet. Which one of the following items is a password cracking tool?

Which authentication method does the following sequence: Logon request, encrypts value response, server, challenge, compare encrypts results, authorize or fail referred to?

IDS is short for Intrusion Detection Systems. Which option is the MOST basic form of IDS?

Which of the following statements is TRUE regarding the Security Token system?

Which statement is true about the cryptographic algorithm employed by TLS to establish a session key?

To aid in preventing the execution of malicious code in email clients, which of the following should be done by the email administrator?

Internet filter appliances/servers will most likely analyze which three items? (Select THREE).

Which of the following types of publicly accessible servers should have anonymous logins disabled to prevent an attacker from transferring malicious data?

Which practice can best code applications in a secure manner?

In addition to bribery and forgery, which of the following are the MOST common techniques that attackers use to socially engineer people? (Select TWO)

Which of the following will restrict access to files according to the identity of the user or group?

Which of the following would be an easy way to determine whether a secure web page has a valid certificate?

Which description is correct concerning the process of comparing cryptographic hash functions of system executables, configuration files, and log files?

A software or hardware device that allows only authorized network traffic in or out of a computer or network is called a:

While hardening an operating system, which item is LEAST effective?

Which of the following types of attacks is BEST described as an attacker capturing part of a communication and later sending that communication segment to the server while pretending to be the client?

In computer networking, network address translation (NAT) is the process of modifying network address information in datagram packet headers while in transit across a traffic routing device for the purpose of remapping a given address space into another. Which description is true about a static NAT?

Malicious code that enters a target system, lays dormant until a user opens the certain program then deletes the contents of attached network drives and removable storage devices is known as a:

Which action should be performed when discovering an unauthorized wireless access point attached to a network?

Which of the following network authentication protocols uses symmetric key cryptography, stores a shared key for each network resource and uses a Key Distribution Center (KDC)?

In cryptography, MD5 (Message-Digest algorithm 5) is a widely used cryptographic hash function with a 128-bit hash value. As an Internet standard (RFC 1321), MD5 has been employed in a wide variety of security applications, and is also commonly used to check the integrity of files. A user sees an MD5 hash number beside a file that they wish to download. Which description is true about a hash?

The risks of social engineering can be decreased by implementing:

When a new network device is configured for first-time installation, which of the following is a security threat?

Which of the following access control models uses subject and object labels?

Encryption is the conversion of data into a form, called a ciphertext, that cannot be easily understood by unauthorized people. Which of the following is considered the weakest encryption?

Which of the following access decisions are based on a Mandatory Access Control (MAC) environment?

Which tool can best monitor changes to the approved system baseline?

Audit log information can BEST be protected by: (Select TWO).

Which method will most effectively verify that a patch file downloaded from a third party has not been modified since the time that the original manufacturer released the patch?

Non-essential services are often appealing to attackers because non-essential services: (Select TWO)

Which action should be performed to harden workstations and servers?

A user downloads and installs a new screen saver and the program starts to rename and delete random files. Which of the following would be the BEST description of this program?

John works as a network administrator for his company. He uses a tool to check SMTP, DNS, P0P3, and ICMP packets on the network. This is an example of which of the following?

Which of the following types of malicious software travels across computer networks without requiring a user to distribute the software?

What will be implemented by a technician to mitigate the chances of a successful attack against the wireless network?

Which of the following should be done if an audit recording fails in an information system?

In order to recover discarded company documents, which of the following might an attacker resort to?

Which of the following types of authentication BEST describes providing a username, password and undergoing a thumb print scan to access a workstation?

Which item specifies a set of consistent requirements for a workstation or server?

Which of the following steps is MOST often overlooked during the auditing process?

Users would not like to enter credentials to each server or application to conduct their normal work. Which type of strategy can solve this problem?

Kerberos uses which of the following ports by default?

What should be taken into consideration while executing proper logging procedures? (Select TWO).

Turnstiles, double entry doors and security guards are all prevention measures for which of the following types of social engineering?

In computer programming, DLL injection is a technique used to run code within the address space of another process by forcing it to load a dynamic-link library. Which activity is MOST closely associated with DLL injection?

Spam is considered a problem even when deleted before being opened because spam:

Alex is a network administrator of his company. He is backing up all server data nightly to a local NAS device. Which additional action should Alex perform to block disaster in the case the primary site is permanently lost?

Which of the following programming techniques should be used to prevent buffer overflow attacks?

Which description is correct about the standard load for all systems?

Which of the following authentication systems make use of the KDC Key Distribution Center?

A digital signature or digital signature scheme is a type of asymmetric cryptography. For messages sent through an insecure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. While using a digital signature, the message digest is encrypted with which of the following keys?

Which of the following authentication methods increases the security of the authentication process because it must be in your physical possession?

Users need to access their email and several secure applications from any workstation on the network. In addition, an authentication system implemented by the administrator requires the use of a username, password, and a company issued smart card. This is an example of which of the following?

Which of the following statements regarding authentication protocols is FALSE?

Many unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated to stop this behavior. Which technology should be installed at the data center to prevent piggybacking?

Which password management system best provides for a system with a large number of users?

Why will a Faraday cage be used?

Which definition best defines what a challenge-response session is?

The hashing algorithm is created from a hash value, making it nearly impossible to derive the original input number. Which item can implement the strongest hashing algorithm?

For which reason are clocks used in Kerberos authentication?

Network utilization is the ratio of current network traffic to the maximum traffic that the port can handle. Which of the following can most effectively determine whether network utilization is abnormal?

To reduce vulnerabilities on a web server, an administrator should adopt which of the following preventative measures?

A travel reservation organization conducts the majority of its transactions via a public facing website. Any downtime to this website will lead to serious financial damage for this organization. One web server is connected to several distributed database servers. Which statement is correct about this scenario?

Which of the following is a common type of attack on web servers?

An Intrusion detection system (IDS) is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or disabling of computer systems, mainly through a network, such as the Internet. When an IDS is configured to match a specific traffic pattern, then which of the following is this referring to?

The employees at a company are using instant messaging on company networked computers. The MOST important security issue to address when using instant messaging is that instant messaging:

Removable storage has been around almost as long as the computer itself. Which of the following is the GREATEST security risk regarding removable storage?

A VPN typically provides a remote access link from one host to another over:

In which authentication model a ticket granting server is an important concept?

Which of the following would be needed to ensure that a user who has received an email cannot claim that the email was not received?

Coaxial cable is a cable consisting of an inner conductor, surrounded by a tubular insulating layer typically made from a flexible material with a high dielectric constant, all of which is then surrounded by another conductive layer (typically of fine woven wire for flexibility, or of a thin metallic foil), and then finally covered again with a thin insulating layer on the outside. Which is the primary security risk with coaxial cable?

Which of the following portions of a company's network is between the Internet and an internal network?

A technician is conducting a forensics analysis on a computer system. Which step should be taken FIRST?

Which of the following is MOST often used to allow a client or partner access to a network?

In a secure environment, which authentication mechanism will perform better?

Which of the following types of firewalls provides inspection at layer 7 of the OSI model?

Which goals can be achieved by use of security templates? (Select TWO).

A newly hired security specialist is asked to evaluate a company's network security. The security specialist discovers that users have installed personal software; the network OS has default settings and no patches have been installed and passwords are not required to be changed regularly. Which of the following would be the FIRST step to take?

Which of the following can be used to implement a procedure to control inbound and outbound traffic on a network segment?

Giving each user or group of users only the access they need to do their job is an example of which of the following security principals?

Giving each user or group of users only the access they need to do their job is an example of which of the following security principals?

Which one of the following is not Bluetooth threat?

A company implements an SMTP server on their firewall. This implementation would violate which of the following security principles?

In computing, the Basic Input / Output System (BIOS , also known as the System BIOS, is a de facto standard defining a firmware interface for IBM PC Compatible computers. A user is concerned with the security of their laptops BIOS. The user would not like anyone to be able to access control functions except themselves. Which of the following could make the BIOS more secure?

A company is upgrading the network and needs to reduce the ability of users on the same floor and network segment to see each other's traffic. Which of the following network devices should be used?

In computing, a Uniform Resource Locator (URL) is a type of Uniform Resource Identifier (URI) that specifies where an identified resource is available and the mechanism for retrieving it. When a user attempts to go to a website, he notices the URL has changed, which attack will MOST likely cause the problem?

A system administrator reports that an unauthorized user has accessed the network. Which of the following would be the FIRST action to take?

After analyzing vulnerability and applying a security patch, which non-intrusive action should be taken to verify that the vulnerability was truly removed?

A company's security' specialist is securing a web server that is reachable from the Internet. The web server is located in the core internal corporate network. The network cannot be redesigned and the server cannot be moved. Which of the following should the security specialist implement to secure the web server? (Select TWO).

A denial-of-service attack (DoS attack) or distributed denial-of-service attack (DDoS attack) is an attempt to make a computer resource unavailable to its intended users. Which method can be used to perform denial of service (DoS) attacks?

The CHAP (Challenge Handshake Authentication Protocol) sends a logon request from the client to the server, and the server sends a challenge back to the client At which stage does the CHAP protocol perform the handshake process? Choose the best complete answer.

A network intrusion detection system (NIDS) is an intrusion detection system that tries to detect malicious activity such as denial of service attacks, port scans or even attempts to crack into computers by monitoring network traffic. Which NIDS configuration is solely based on specific network traffic?

Which of the following are nonessential protocols and services?

You work as a network technician for your company. The company policy for availability needs full backups on Sunday and incremental backups each week night at 10 p.m. The file server crashes on Wednesday afternoon; how many types are required to restore the data on the file server for Thursday morning?

Which of the following protocols are not recommended due to them supplying passwords and information over the network?

Which is the correct order in which crucial equipment should draw power?

Most key fob based identification systems use which of the following types of authentication mechanisms? (Select TWO).

Which item will MOST likely permit an attacker to make a switch function like a hub?

Which of the following describes a server or application that is accepting more input than the server or application is expecting?

The IP Authentication Header (AH) is used to provide connectionless integrity and data origin authentication for IP datagrams (hereafter referred to as just "authentication"), and to provide protection against replays. Which of the following is correct about authentication headers (AH)?

Which of the following refers to the ability to be reasonably certain that data is not modified or tampered with?

Which description is correct about the form used while transferring evidence?

Disguising oneself as a reputable hardware manufacturer's field technician who is picking up a server for repair would be described as:

A graphical user interface (GUI) is a type of user interface which allows people to interact with electronic devices such as computers; hand-held devices such as MP3 Players, Portable Media Players or Gaming devices; household appliances and office equipment. Which of the following will allow a technician to restrict a user accessing to the GUI?

A security specialist has downloaded a free security software tool from a trusted industry site. The source has published the MD5 hash values for the executable program. The specialist performs a successful virus scan on the download but the MD5 hash is different. Which of the following steps should the specialist take?

Which authentication method will prevent a replay attack from occurring?

Which of the following identifies the layer of the OSI model where SSL provides encryption?

Which of the following can be used by a technician to detect staff members that are connecting to an unauthorized website?

Which of the following would be the BEST reason to disable unnecessary services on a server?

For the following items, which is an example of an attack that executes once a year on a certain date?

Access controls based on security labels associated with each data item and each user are known as:

Which tool can help the technician to find all open ports on the network?

A user is assigned access rights explicitly. This is a feature of which of the following access control models?

Which algorithms can best encrypt large amounts of data?

Which of the following describes an attacker encouraging a person to perform an action in order to be successful?

During which phase of identification and authentication does proofing occur?

A user has received an email from a mortgage company asking for personal information including bank account numbers. This would BEST be described as:

Which item can reduce the attack surface of an operating system?

Which of the following connectivity is required for a web server that is hosting an SSL based web site?

For the following items, which is a protocol analyzer?

Malicious port scanning is a method of attack to determine which of the following?

Which description is correct about a way to prevent buffer overflows?

Which of the following is used to determine equipment status and modify the configuration or settings of network devices?

Which item will effectively allow for fast, highly secure encryption of a USB flash drive?

Which of the following describes the process by which a single user name and password can be entered to access multiple computer applications?

Which of the following describes the process by which a single user name and password can be entered to access multiple computer applications?

Network traffic is data in a network. Which tool can be used to review network traffic for clear text passwords?

To preserve evidence for later use in court, which of the following needs to be documented?

What are best practices while installing and securing a new system for a home user? (Select THREE).

Which of the following is a major reason that social engineering attacks succeed?

Which security action should be finished before access is given to the network?

Which of the following types of backups requires that files and software that have been changed since the last full backup be copied to storage media?

Which port must be open to allow a user to login remotely onto a workstation?

Which item best describes an instance where a biometric system identifies legitimate users as being unauthorized?

The purpose of the SSID in a wireless network is to:

Which of the following is the best description about the method of controlling how and when users can connect in from home?

Which of the following would be the MOST common method for attackers to spoof email?

The implicit deny will block anything you didn't specifically allow but you may have allowed stuff that you don't need. A technician is reviewing the system logs for a firewall and is told that there is an implicit deny within the ACL Which is an example of an implicit deny?

Which of the following is often misused by spyware to collect and report a user's activities?

Which of the following is not identified within the penetration testing scope of work?

Choose the figure which represents the number of ports in the TCP/IP (Transmission Control Protocol/Internet Protocol) which are vulnerable to being scanned, attacked, and exploited.

Tom is a network technician of his company. Now, he is making a decision between implementing a HIDS on the database server and implementing a NIDS. Why NIDS may be better to implement? (Select TWO).

Which of the following would be considered a detrimental effect of a virus hoax? (Select TWO).

To keep an 802.llx network from being automatically discovered, a user should:

Which security policy will be most likely used while attempting to mitigate the risks involved with allowing a user to access company email via their cell phone?

Which of the following BEST describes the baseline process of securing devices on a network infrastructure?

In computing, virtualization is a broad term that refers to the abstraction of computer resources. Which is a security reason to implement virtualization throughout the network infrastructure?

Which of the following types of removable media is write-once and appropriate for archiving security logs?

After installing new software on a machine, what needs to be updated to the baseline?

Which of the following could cause communication errors with an IPSec VPN tunnel because of changes made to the IP header?

A PC is rejecting push updates from the server; all other PCs on the network are accepting the updates successfully. What should be examined first?

A company wants to connect the network to a manufacturer's network to be able to order parts. Which of the following types of networks should the company implement to provide the connection while limiting the services allowed over the connection?

Malware, a portmanteau from the words malicious and software, is software designed to infiltrate or damage a computer system without the owner's informed consent. A network technician suspects that a piece of malware is consuming too many CPU cycles and slowing down a system. Which item can help determine the amount of CPU cycles being consumed?

Which of the following ports are typically used by email clients? (Select TWO)

In order to allow for more oversight of past transactions, a company decides to exchange positions of the purchasing agent and the accounts receivable agent. Which is an example of this?

Fiber optic cable is considered safer than CAT5 because fiber optic cable: (Select TWO).

How to make sure that when an employee leaves the company permanently, the company will have access to their private keys?

A DNS (Domain Name Service) server uses a specific port number. Choose this port number from the options

An outside auditor has been contracted to determine whether weak passwords are being used on the network. In order to achieve this goal, the auditor is running a password cracker against the master password file. Which of the following is an example of this?

Which of the following access attacks would involve looking through your files in the hopes of finding something interesting

Identify the service provided by message authentication code (MAC) hash;

A company wants to implement a VLAN. Senior management believes that a VLAN will be secure because authentication is accomplished by MAC addressing and that dynamic trunking protocol (DTP) will facilitate network efficiency. Which of the following issues should be discussed with senior management before VLAN implementation?

John works as a network administrator for his company. On the monthly firewall log, he discovers that many internal PCs are sending packets on a routine basis to a single external PC. Which statement correctly describes what is happening?

Pretty Good Privacy (PGP) uses a PKI Trust Model where no certificate authority (CA) is subordinate to another. The model with no single trusted root is known as:

Which key can be used by a user to log into their network with a smart card?