Security + Questions 262

1.

1 point

Which of the following can Pete, a security administrator, use to distribute the processing effort when generating hashes for a password cracking program?

RAID

Redundancy

Clustering

Virtualization

2.

1 point

Which of the following should be connected to the fire alarm system in order to help prevent the spread of a fire in a server room without data loss to assist in an FM-200 deployment?

HVAC

Water base sprinkler system

Electrical

Video surveillance

3.

1 point

Jane, an administrator, needs to make sure the wireless network is not accessible from the parking area of their office. Which of the following would BEST help Jane when deploying a new access point?

Placement of antenna

Enabling the MAC filtering

Implementing WPA2

Disabling the SSID

4.

1 point

Which of the following is an example of multifactor authentication?

Username and password

Credit card and PIN

Fingerprint and retina scan

Password and PIN

5.

1 point

Which of the following could cause a browser to display the message below?

"The security certificate presented by this website was issued for a different website's address."

The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs.

The website is using an expired self signed certificate.

The website is using a wildcard certificate issued for the company's domain.

HTTPS://127.0.01 was used instead of HTTPS://localhost.

6.

1 point

Which of the following application attacks is used to gain access to SEH?

XML injection

Cookie stealing

Buffer overflow

Directory traversal

7.

1 point

Using proximity card readers instead of the traditional key punch doors would help to mitigate:

Dumpster diving

Shoulder surfing

Impersonation

Tailgating

8.

1 point

Which of the following should Jane, a security administrator, perform before a hard drive is analyzed with forensics tools?

Capture system image

Interview witnesses

Identify user habits

Disconnect system from network

9.

1 point

Which of the following technologies uses multiple devices to share work?

RAID

Load balancing

Switching

VPN concentrator

10.

1 point

In order for Sara, a client, to logon to her desktop computer, she must provide her username, password, and a four digit PIN. Which of the following authentication methods is Sara using?

Four factor

Single factor

Three factor

Two factor

11.

1 point

Pete, an employee, is terminated from the company and the legal department needs documents from his encrypted hard drive. Which of the following should be used to accomplish this task?
(Select TWO).

Public key

Recovery agent

Private hash

CRL

Key escrow

12.

1 point

Which of the following will allow Pete, a security analyst, to trigger a security alert because of a tracking cookie?

Network based firewall

Host based firewall

Anti-spam software

Anti-spyware software

13.

1 point

Matt, the IT Manager, wants to create a new network available to virtual servers on the same hypervisor, and does not want this network to be routable to the firewall. How could this BEST be accomplished?

Commission a stand-alone switch.

Create a VLAN without a default gateway.

Create a virtual switch.

Remove the network from the routing table.

14.

1 point

Which of the following BEST describes the weakness in WEP encryption?

The WEP key is stored in plain text and split in portions across 224 packets of random data. Once enough packets are sniffed the IV portion of the packets can be removed leaving the plain text key.

The initialization vector of WEP uses a crack-able RC4 encryption algorithm. Once enough packets are captured an XOR operation can be performed and the asymmetric keys can be derived.

The WEP key has a weak MD4 hashing algorithm used. A simple rainbow table can be used to generate key possibilities due to MD4 collisions.

The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.

15.

1 point

Mike, a network administrator, has been asked to passively monitor network traffic to the company's sales websites. Which of the following would be BEST suited for this task?

HIDS

NIPS

Firewall

Spam filter

16.

1 point

Which of the following pseudocodes can be used to handle program exceptions?

If program module crashes, then restart program module.

If user's input exceeds buffer length, then truncate the input.

If program detects another instance of itself, then kill program instance.

If user enters invalid input, then restart program.

17.

1 point

Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses to gather data on new malware. Which of the following is being implemented by Jane's company?

Honeynet

Protocol analyzer

Port scanner

Vulnerability scanner

18.

1 point

Matt, a developer, recently attended a workshop on a new application. The developer installs the new application on a production system to test the functionality. Which of the following is MOST
likely affected?

Initial baseline configuration

Application security

Management of interfaces

Application design

19.

1 point

Which of the following is an authentication and accounting service that uses TCP for connecting to routers and switches?

TACACS+

DIAMETER

RADIUS

Kerberos

20.

1 point

Which of the following security strategies allows a company to limit damage to internal systems and provides loss control?

Restoration and recovery strategies

Deterrent strategies

Containment strategies

Detection strategies

21.

1 point

A company that purchased an HVAC system for the datacenter is MOST concerned with which of the following?

Integrity

Availability

Confidentiality

Fire suppression

22.

1 point

Which of the following passwords is the LEAST complex?

MyTr@in12

MyTrain!45

MyTr@in#8

Mytr@in!!

23.

1 point

An IT security technician needs to establish host based security for company workstations. Which of the following will BEST meet this requirement?

Implement perimeter firewall rules to restrict access.

Implement IIS hardening by restricting service accounts.

Implement database hardening by applying vendor guidelines.

Implement OS hardening by applying GPOs.

24.

1 point

Which of the following is an application security coding problem?

Application fuzzing

Error and exception handling

Application hardening

Patch management

25.

1 point

Which of the following should the security administrator implement to limit web traffic based on country of origin? (Select THREE).

URL filtering

Load balancer

NIDS

Spam filter

Antivirus

Proxies

Firewall

26.

1 point

Mike, a security professional, is tasked with actively verifying the strength of the security controls on a company's live modem pool. Which of the following activities is MOST appropriate?

War dialing

Bluesnarfing

War driving

War chalking

27.

1 point

After Matt, a user, enters his username and password at the login screen of a web enabled portal, the following appears on his screen:

`Please only use letters and numbers on these fields'

Which of the following is this an example of?

Proper error handling

Proper input validation

Improper error handling

Improper input validation

28.

1 point

Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production system?

Anomaly-based HIDS

Input validation

Peer review

Network intrusion detection system

29.

1 point

Which of the following describes how Sara, an attacker, can send unwanted advertisements to a mobile device?

Man-in-the-middle

Packet sniffing

Bluesnarfing

Bluejacking

30.

1 point

Users at a company report that a popular news website keeps taking them to a web page with derogatory content. This is an example of which of the following?

Evil twin

DNS poisoning

Session hijacking

Vishing

31.

1 point

A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default?

20

22

23

21

33.

1 point

Which of the following mitigation strategies is established to reduce risk when performing updates to business critical systems?

Change management

Server clustering

Incident management

Forensic analysis

34.

1 point

An encrypted message is sent using PKI from Sara, a client, to a customer. Sara claims she never sent the message. Which of the following aspects of PKI BEST ensures the identity of the sender?

CRL

Trust models

Non-repudiation

Recovery agents

35.

1 point

Which of the following protocols allows for secure transfer of files? (Select TWO).

ICMP

TFTP

SFTP

SNMP

SCP

36.

1 point

Several bins are located throughout a building for secure disposal of sensitive information.

Which of the following does this prevent?

War driving

War chalking

Tailgating

Dumpster diving

37.

1 point

Matt, a security consultant, has been tasked with increasing server fault tolerance and has been given no budget to accomplish his task. Which of the following can Matt implement to ensure servers will withstand hardware failure?

A host standby

A cold site

Hardware load balancing

RAID

38.

1 point

Which of the following protocols uses an asymmetric key to open a session and then establishes a symmetric key for the remainder of the session?

HTTPS

SFTP

TFTP

TLS

39.

1 point

Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO).

Screen lock PIN

Remote wipe

GPS tracking

Tethering

Device encryption

Email password

40.

1 point

Which of the following is an authentication service that uses UDP as a transport medium?

LDAP

TACACS+

RADIUS

Kerberos

41.

1 point

Sara, a company's security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Sara should immediately implement which of the following?

Security awareness training

Technical controls

Physical security controls

Acceptable Use Policy

42.

1 point

Pete, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection?

Video surveillance

Mantrap

HVAC

Sign in and sign out logs

43.

1 point

Which of the following allows Pete, a security technician, to provide the MOST secure wireless implementation?

Disable SSID

Adjust antenna placement

Implement WPA

Implement WEP

44.

1 point

Which of the following can be used to mitigate risk if a mobile device is lost?

Strong passwords

Voice encryption

Cable lock

Transport encryption

45.

1 point

Jane, a security administrator, has observed repeated attempts to break into a server. Which of the following is designed to stop an intrusion on a specific server?

HIDS

NIPS

HIPS

NIDS

46.

1 point

Which of the following should Pete, a security manager, implement to reduce the risk of employees working in collusion to embezzle funds from their company?

Acceptable Use

Privacy Policy

Mandatory Vacations

Least Privilege

47.

1 point

A security administrator implements access controls based on the security classification of the data and need-to-know information. Which of the following BEST describes this level of access control?

Least privilege

Role-based Access Control

Mandatory Access Controls

Implicit deny

48.

1 point

Which of the following is a management control?

SYN attack prevention

Access Control List (ACL)

Logon banners

Written security policy

49.

1 point

Which of the following security concepts would Sara, the security administrator, use to mitigate the risk of data loss?

Cloud computing

Clean desk policy

Routine log review

Record time offset

50.

1 point

Which of the following is the MOST specific plan for various problems that can arise within a system?

Business Continuity Plan

IT Contingency Plan

Disaster Recovery Plan

Continuity of Operation Plan

Security + Questions 262 - 312