Chapter 10

Question 1

As a network administrator, you are asked to recommend a secure method for transferring data between hosts on a network. Which of the following protocols would you recommend? (Select two.)

SCP
RCP
SFTP
TDP
FTP

Answer 1

SCP
SFTP

Question 2

Which of the following protocols uses port 443?

S-HTTP
SSH
S/MIME
HTTPS

Answer 2

HTTPS

Question 3

Which TCP/IP protocol is a secure form of HTTP that uses SSL as a sub-layer for security?

SSH
DNS
SMTP
HTTPS

Answer 3

HTTPS

Question 4

Which of the following tools allow remote management of servers? (Select two.)

SSL
Telnet
FTP
SSH
POP3

Answer 4

Telnet
SSH

Question 5

SFTP uses which mechanism to provide security for authentication and data transfer?

SSH
Token devices
SSL
IPsec

Answer 5

SSH

Question 6

When using SSL authentication, what does the client verify first when checking a server’s identity?

The certificate must be non-expiring and self-signed by the sysadmin.

The current date and time must fall within the server’s certificate-validity period.

All DNS resolution must point to the corporate intranet routers.

Master secrets are verifiable from asymmetric keys.

Answer 6

The current date and time must fall within the server’s certificate-validity period.

Question 7

Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)

TLS
SNMP
SMTP
HTTPS
SSL

Answer 7

TLS
SSL

Question 8

Which of the following protocols can TLS use for key exchange? (Select two.)

RSA
Diffie-Hellman
KEA
IKE
ECC

Answer 8

RSA
Diffie-Hellman

Question 9

IPsec is implemented through two separate protocols. What are these protocols called? (Select two.)

AH
SSL
EPS
L2TP
ESP

Answer 9

AH
ESP

Question 10

What is the primary function of the IKE Protocol used with IPsec?

Provide authentication services.

Provide both authentication and encryption.

Create a security association between communicating partners.

Encrypt packet contents.

Ensure dynamic key rotation and select initialization vectors (IVs).

Answer 10

Create a security association between communicating partners.

Question 11

Which of the following is a technology that tries to detect and stop sensitive data breaches, or data leakage incidents, in an organization?

Data transmission security
Data loss prevention
Public key cryptography
Data hashing

Answer 11

Data loss prevention

Question 12

Which rights management category is applied to music, videos, and software that is sold to consumers?

Static
Dynamic
IRM
DRM

Answer 12

DRM

Question 13

Your organization is having a third party come in and perform an audit on the financial records. You want to ensure that the auditor has access to the data they need while keeping the customers’ data secure. To accomplish this goal, you plan to implement a mask that replaces the client names and account numbers with fictional data.

Which masking method are you implementing?

Encryption
Tokenization
Static
Dynamic

Answer 13

Dynamic

Question 14

Which of the following BEST describes dynamic data masking? (Select two.)

It is helpful for data at rest in a database and can be specified by field or column.

It replaces original information with a mask that mimics the original in form and function.

Original data is made irretrievable through reverse-engineering.

It can be used to control which users can see the actual data.

It is good to use when making copies of a database for testing.

Answer 14

It replaces original information with a mask that mimics the original in form and function.

It can be used to control which users can see the actual data.

Question 15

Which of the following DLP implementations can be used to monitor and control access to physical devices on workstations or servers?

File-level DLP
Cloud DLP
Endpoint DLP
Network DLP

Answer 15

Endpoint DLP

Question 16

DLP can be used to identify sensitive files in a file system and then embed the organization’s security policy within the file.

Which of the following DLP implementations travels with sensitive data files when they are moved or copied?

Endpoint DLP
File-level DLP
Network DLP
Cloud DLP

Answer 16

File-level DLP

Question 17

You have been offered a position as a security analyst for Acme, Inc. The position will be remote. Acme Inc. has sent you your employment contract using a system that only allows you to open and digitally sign the contract.

Which rights management method is being used?

DRM
Static
IRM
Dynamic

Answer 17

IRM

Question 18

Which DLP method works by replacing sensitive data with realistic fictional data?

File-level DLP
Tokenization
Encryption
Masking

Answer 18

Masking

Question 19

DLP can be implemented as a software or hardware solution that analyzes traffic in an attempt to detect sensitive data that is being transmitted in violation of an organization’s security policies.

Which of the following DLP implementations analyzes traffic for data containing such things as financial documents, social security numbers, or key words used in proprietary intellectual property?

Cloud DLP
Network DLP
Endpoint DLP
File-level DLP

Answer 19

Network DLP

Question 20

Tokenization is another effective tool in data loss prevention. Tokenization does which of the following? (Select two.)

Allows continued control access to the file, even when it’s no longer in your system

Allows a security policy to travel with a specific file, even when copied or moved

Protects data on its server with authentication and authorization protocols

Identifies sensitive files and embeds them within your security policies

Replaces actual data with a randomly generated alphanumeric character set

Answer 20

Protects data on its server with authentication and authorization protocols

Replaces actual data with a randomly generated alphanumeric character set

Question 21

Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?

Smurf attack
Time-of-check to time-of-use attack
Buffer overflow attack
Data diddling

Answer 21

Buffer overflow attack

Question 22

Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack?

Superzapping
Denial-of-service attack
Dictionary attack
Buffer overflow attack

Answer 22

Buffer overflow attack

Question 23

Which type of attack is the act of exploiting a software program’s free acceptance of input in order to execute arbitrary code on a target?

Data diddling
Covert channel exploitation
Buffer overflow attack
TOCTOU

Answer 23

Buffer overflow attack

Question 24

Which of the following is an attack that injects malicious scripts into web pages to redirect users to fake websites to gather personal information?

Drive-by download
XSS
DLL injection
SQL injection

Answer 24

XSS

Question 25

Which of the following is specifically meant to ensure that a program operates on clean, correct, and useful data? Input validation Error and exception handling Application hardening Process spawning

Answer 25

Input validation

Question 26

You have a website that accepts input from users for creating customer accounts. Input on the form is passed to a database server where the user account information is stored. An attacker is able to insert database commands in the input fields and have those commands execute on the server. Which type of attack has occurred? SQL injection Buffer overflow Cross-site scripting DLL injection

Answer 26

SQL Injection

Question 27

An attacker inserts SQL database commands into a data input field of an order form used by a web-based application. When submitted, these commands are executed on the remote database server, causing customer contact information from the database to be sent to the malicious user's web browser. Which practice would have prevented this exploit? Using the latest browser version and patch level Implementing a script blocker Implementing client-side validation Installing antivirus, anti-spyware, pop-up blockers, and firewall software

Answer 27

Implementing client-side validation

Question 28

Which of the following functions does a single quote (') perform in an SQL injection? Indicates that everything after the single quote is a comment Indicates that code is ending and a comment is being entered Indicates that data has ended and a command is beginning Indicates that the comment has ended and data is being entered

Answer 28

Indicates that data has ended and a command is beginning

Question 29

As you browse the internet, you notice that when you go to some sites, multiple additional windows are opened automatically. Many of these windows contain advertisements for products that are inappropriate for your family to view. Which tool can you implement to prevent these windows from showing? Anti-spyware Phishing filter Antivirus Anti-adware Pop-up blocker

Answer 29

Pop-up blocker

Question 30

While using a web-based order form, an attacker enters an unusually large value in the Quantity field. The value he or she entered is so large that it exceeds the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order as a return instead of a purchase, and the attacker's account is credited with a large sum of money. Which practices would have prevented this exploit? (Select two.) Installing the latest operating system updates Installing antivirus, anti-spyware, pop-up blockers, and firewall software Using the latest browser version and patch level Implementing client-side validation Implementing server-side validation

Answer 30

Implementing client-side validation Implementing server-side validation

Question 31

Which application development model approaches software development as a continuous, changing process with never-ending versions, bug fixes, and enhancements? Code signing Agile Waterfall Fuzz testing

Answer 31

Agile

Question 32

You are performing a security test from the outside on a new application that has been deployed. Which secure testing method are you MOST likely using? Static Dynamic Runtime Interactive

Answer 32

Dynamic

Question 33

Which of the following enters random data to the inputs of an application? Fuzzing Validation rules Routines Application hardening

Answer 33

Fuzzing

Question 34

Which of the following is the first step in the Waterfall application development model? Design Requirements Maintenance Implementation

Answer 34

Requirements

Question 35

Which of the following are the two main causes of software vulnerabilities? (Select two.) Obfuscation Coding errors Design flaws Normalization Fuzzing

Answer 35

Coding errors Design flaws

Question 36

Which of the following is considered a drawback of the Waterfall application development life cycle? Development is broken into Sprints. Each step in the life cycle only needs to be completed once before moving on to the next one. Testing is performed throughout development. Requirements are determined at the beginning and are carried through to the end product.

Answer 36

Requirements are determined at the beginning and are carried through to the end product.

Question 37

You have just finished developing a new application. Before putting it on the website for users to download, you want to provide a checksum to verify that the object has not been modified. Which of the following would you implement? Normalization Memory management Code signing Code obfuscation

Answer 37

Code signing

Question 38

Which fuzz testing program type defines new test data based on models of the input? Memory management Code signing Generation-based Mutation-based

Answer 38

Generation-based

Question 39

What is the storage location called that holds all the development source files that version control systems use? Stored procedures Normalization Repository Memory management

Answer 39

Repository

Question 40

What is a set of software development tools called that can be installed as one unit and provides code frameworks or code snippets to help development go faster? SDK Repository Code signing Memory management

Answer 40

SDK