What methods monitor a network for the possible penetration of security measures?
A. Intrusion detection and intrusion prevention
Packet filter, circuit-level gateway, and application-level gateway are all forms of what?
B. Stateful inspection.
What form of security management do firewalls implement?
A. Rule-based management.
What TCP/IP service enables a LAN to use private IP addresses for internal traffic and public IP addresses for external traffic?
What computing technology has the capability to simulate an operating system, a server, a storage device, or other network
What IPv6 protocol set provides for the secure exchange of packets at the Network or IP layer?
Which mode of IPSec should you use to assure the integrity and confidentiality of data within the same LAN?
C. ESP transport mode.
What IEEE standard defines Extensible Authentication Protocol?
A. IEEE 802.1x.
What element of a security policy limits an employee's access to only those records or assets she needs to do her job?
B. Principle of least privilege.
What type of risk control provides a method or strategy for handling the aftermath of a potential security event?
Which one of the following is NOT a resource protected by data loss prevention (DLP) controls?
C. Database management systems.
What is the correct order of the following incident response steps?
D. C, B, E, A, D.
Which of the following has the highest (most important) order of volatility?
A. Main memory.
What is the chronological documentation of the seizure, custody, control, transfer, analysis, and disposition of any evidence,
physical or digital, gathered during the investigation of an incident?
A. Chain of custody.
What do HVAC systems maintain inside a secured data center?
B. Temperature and relative humidity.
What process categorizes information by its sensitivity, access, protection, and regulation?
A. Information classification.
What is the fire class for an electrical fire?
B. Class C.
What emergency plan should include procedures and guidelines for restoring applications, data, hardware, communications, and
making the mission essential IT infrastructure available as soon as possible?
C. Disaster recovery plan (DRP).
A user on your network receives an email advising her to visit a company's website to confirm her name, address, phone number,
and account number with the company. What type of social engineering could this email likely be?
What network model allows employees to connect and use personal devices on an organization's network?
D. Bring Your Own Device (BYOD).
Which of the following concepts is NOT associated with a system with very low downtime?
Which RAID technology implements both disk striping and disk mirroring?
C. RAID 10.
What guideline describes a network architecture that segments a network into security zones?
B. Secure network architecture.
What TCP/IP Layer 3 protocol is most associated with a Denial-of-Service attack?
In what type of cryptographic attack does an attacker attempt to find two data strings that produce the same hash result from a
common hash function?
A. Hash collision attack.
What is the general term for software designed to perform damage, destruction, nuisance, and collect personal or private
In what type of attack does an attacker add an unauthorized device to a wireless network to gain access to a wired network to
which a wireless network access point is connected?
C. Insertion attack.
What term describes an unauthorized network access point inserted into a wireless network?
A. Rogue access point.
What device is a helpful tool for network administrators for troubleshooting network issues and an attacker's tool for intercepting
data packets on a network?
B. Packet sniffer.
What form of attack inserts programming code, data, formatting, or commands into an existing document or file?
B. Code injection attack.
What type of HTTP cookie remains on a user's computer between sessions with a specic website?
C. Persistent cookie.
What must an attacker do to gain the credentialing necessary to navigate inside of a network or system?
A. Achieve escalation of privileges
Which of the following is NOT something a protocol analyzer can assist an administrator in identifying?
A. Identity of intruders.
Of the security system types that you can use to screen system activity for unauthorized events and incidents, which one will
identify a potential threat and attempt to block it?
A. Intrusion prevention system (IPS).
An employee's network account permissions and rights are the same as those for all of the other administrative assistants in the
company. What is the basis of the assigned permissions?