SYO-questions 1

Users are unable to connect to a web server at IP address 10.80.1.5. You look at the rules in a firewall's ACL between the user's system and the web server and see the following 2 rules.

Permit TCP any host 10.80.1.5 eq 80
Permit TCP any host 10.80.1.5 eq 443

Which system monitors the content of systems (workstations, servers, networks) to make sure key content is not deleted are removed?

If an attacker is able to gain access to restricted directories (such as root directory) through HTTP, it is known as

Which of the following involves unauthorized commands coming from a trusted user to a website?

SFTP uses which method to secure it's transmission?

Security for JavaScript is established by whom?

Katie's hand print is matched against a record in the system that indicates that she has been assigned clearance to view the contents of secret documents. Later, at her desk, she tries to connect to a folder that is marked Top Secret, and access is denied. This is an example of:

At the end of the day, security personnel can view electronic log files that record the identities of everyone who entered and exited the building along with the time of day. This is an example of

An administrator of a large multinational company has the ability to assign object access rights and track users' resource access from a central administrative console. Users throughout the organization can gain access to any system after providing a single username and password. This is an example of:

To withdraw money from an automatic teller machine, Nancy inserts a card and types a four-digit PIN. This incorporates what types of authentication? (Select all that apply.)

What is the best example of token-based authentication?

rue or False? Mutual authentication protects clients from submitting confidential information to an insecure server.

Which algorithm is a hashing encryption algorithm?

Which of the following is a specific set of actions used to encrypt data?

True or False? A digital signature is an application of hashing encryption, because the signature is never transformed back to cleartext.

Open and review the policy file. What type of policy document is this?

Which standard policy components are included in this policy? (Select all that apply.)

While you are connected to another host on your network, the connection is suddenly dropped. When you review the logs at the other host, it appears as if the connection is still active. This could be a(n)

Your e-commerce web server is getting extremely slow. Customers are calling stating that it is taking a long time to place an order on your site. This could be a(n):

Tina, the network analysis guru in your organization, analyzes a network trace capture file and discovers that packets have been intercepted and retransmitted to both a sender and a receiver during an active session. This could be a(n):

rue or False? A DNS poisoning attack can be used to cause a DoS condition

ohn is given a laptop for official use and is on a business trip. When he arrives at his hotel, he turns on his laptop and finds a wireless access point with the name of the hotel, which he connects to for sending official communications. He may become a victim of which wireless threat?

Chuck, a sales executive, is attending meetings at a professional conference that is also
being attended by representatives of other companies in his field. At the conference, he
uses his smartphone with a Bluetooth headset to stay in touch with clients. A few days after the conference, he finds that competitors' sales representatives are getting in touch with his key contacts and influencing them by revealing what he thought was private information from his email and calendar. Chuck is a victim of which wireless threat?

Which of the following is the best example of a malicious code attack?

Which are the traits of a backdoor attack? (Select all that apply.)

Which technology is only used for monitoring and capturing the content of data communications on a network?

Your organization is in the process of implementing security controls throughout the corporate network. A security device is needed to actively scan and monitor network activity and then alert and block anyaccess that is suspicious. What device is the best option in this scenario?

Which telephony technology allows telephone, email, fax, web, and computer actions to be integrated to work together?

What data encryption method should you implement when you need to send data for the company's annual earnings report as an attachment in an email from your mobile device to the board of directors of your organization?

Why did the connection fail?

Is the security administrator, you are responsible for ensuring that your BCP coincides with the organization's needs. What are your goals while establishing a BCP? (Select all that apply)

Your organization is located in an area where there is a threat of hurricanes. As a member of the BCP team, you need to determine what effect there would be if a hurricane halted business activities at your organization. Which BCP component is this an example of?

Which part of the plan specifies interim sites and systems you can switch to following a disaster?

You recommend the company pay a small monthly rental fee for a warehouse with phone and power hookups to use as a:

Which are common components that should be in Ristell & Sons' DRP? (Select all that apply.)

What should you keep in mind while choosing a good recovery team?

What is the order of the 7 layers on the OSI

What is the order of the 4 TCP/IP Model

What is the order of the 6 phase of Incident Response?

What are the Five Stages of Ethical Hacking?