CompTIA Security (Plus) Flashcards
1
Q
90
The first and most critical step of auditing is:
A. to audit all user activity
B. to ensure the correct things are being audited
C. to review audit data on a periodic basis
D. to back up audit logs to remote systems in case of system compromise
A
B.
the first and most critical step of auditing is to ensure the correct things are being audited.
2
Q
47 The term "Open Relay" refers to what? A. HTTP Servers B. FTP Servers C. Email Servers D. Application Servers
A
C: Open Relay, also known as Open Mail Relay, refers to allowing to send mail through a mail server. This is the source of much of the spam people receive.
HTTP, is incorrect HTTP servers simply process requests.
3
Q
20 Twofish was designed to replace what algorithm? A. Blowfish B. DES C. MD5 D. AES
A
B. Twofish was a candidate to replace DES as part of the AES competition.
4
Q
79 Which port should be opened on a firewall to permit e-mail traffic to pass? A. TCP 21 B. UDP 88 C. TCP 25 D. TCP 139
A
C. is correct; TCP Port 25 is used by SMTP (Simple Mail Transport Protocal)
5
Q
TCP 21 is used for what?
A
FTP
6
Q
Define (SMTP)
A
Simple Mail Transport Protocal
7
Q
UDP 88 is used with what?
A
Kerberos
8
Q
What is TCP 139 used for?
A
NetBIOS
9
Q
86
Privilege auditing is not useful for what?
A. following the “trust but verify” philosophy.
B. help[ing to ensure that users have been granted the correct privileges and rights required to perform their assigned duties.
C. Large corporations or positions with a high rate of turnover or employee movement.
D. identifying users with evil intentions
A
D. audits cannot determine users intentions, only what permissions the user should have based on logical factors.
A,B,C, are incorrect; these are all advantages of privilege auditing.
10
Q
48 An Accounting Lockout Policy is an excellent countermeasure against which type of attack? A. Virus B. DoS C. Smurf Attack D. Brute-Force Attack
A
D. an account lockout policy will typically require an account be disabled for a period of time before the user can try their password again, making a brute force attack time-consuming and more easily detectable.
11
Q
64 A web application firewall is designed to detect and stop which of the following? A. SQL injection attacks B. Port Scan C. Infected email traffic D. Worms
A
A. web security gateways are intended to address the security threats and pitfalls unique to web-based traffic such as SQL injection attacks.
B,C,D, are incorrect; although these are potential attacks, they are not against web applications.
12
Q
78
When a certificate authority signs a certificate, it uses what to do so?
A. nothing, CAs do not sign certificates
B. the CA’s public key
C. the CA’s private key
D. the requestor’s public key
A
C. the CA uses its private key, allowing users to use the public key to authenticate the origin of the signature.
A. is incorrect, CA’s “do” download certificates
13
Q
97 Which of the following documents is used to determine your most critical business functions and is used to help build your DRP? A. Business Continuity Plan B. Backup Recovery Plan C. Business Function Assessment D. Business Impact Analysis
A
D. the BIA outlines what the loss of any of your critical functions will mean to the organization and is used in the development of the Disaster Recovery plan (DRP) .
14
Q
94
Which of the following models of computer security implements the principle,
Protection = Prevention + (Detection + Response) ?
A. Bell-LaPadula
B. Operational Security
C. Biba
D. Chinese Wall
A
B. the Operational Security model is defined as:
Protection = Prevention + (Detection + Response)
A,C,D, are incorrect, they are “access” control models of differing types.
15
Q
55
An Access Control List (ACL) is?
A. the list of authorized users on the system or network
B. the list of all authorized users that are currently on the system or network
C. a list that contains the subjects that have accfess rights to a particular object
D. A list of subjects not allowed access to a particular object
A
C. an “Access Control List” (ACL) is used to define which subjects have which access rights to a particular object. The list identifies not only the subject but the specific access granted to the subject for the object.
16
Q
99 Which of the following is an example of a MAC address? A. 127.0.0.1 B. 255.255.255.0 C. 2001:db8:85a3::8a2e:370:733 D. 00:07:e9:7c:c8:aa
A
D is correct, it is a MAC address and is a hexadecimal representation of 48 bitsw
A. is an IP address
B. is a common subnet mask for IPv4
C. is an IPv6 address
17
Q
33 Which device does not segregate data-link traffic? A. Switch B. Hub C. Bridatege D. VLAN
A
B. is correct as hubs do not segregate ant type of network traffice.
A. switches seperate traffic based on layer 2 addresses.
C. bridges split traffic based on layer 2 adddresses
D. is incorrect, VLANs are implemented using switches and layer 2 addresses.
18
Q
31 Which of the following is not a method to implement 802.1X? A. EAP-RC2 B. EAP-MD5 C. EAP-TTLS D. EAP-TLS
A
A. is correct, RC2 is not a valid crypto scheme for 802.1X B,C, and D, are incorrect. B uses MD5 for encryption C. is tunneling TLS D. is TLS
19
Q
98
Which of hte following measrues will NOT improve the pgysical security of a computer?
A. Insuring the server
B. Restricting physical access to the server
C. Use of locking rack mounts
D. High-Security locks
A
A. is the correct answer, insuring the server only provides a financial method of recovering from some aspect of lkoss; it does not improve the level of physical security.
20
Q
41 Which widely used protocol is available to vendors to establish their own customized authentication system? A. ICMP B. EAP C. PPP D. PPTP
A
B is correct, Extensible Authentication Protocal (EAP) allows vendors to cusomize their own authentication system.
ICMP is not used in authentication
21
Q
17 What kind of algorithim uses the same key to encrypt and decrypt a message? A. Alphanumeric Algorithm B. Asymmetric Algorithm C. Symmetric Algorithm D. Hash Algorithm
A
C is correct, Symmetric Algorithms use the same key to encrypt and decrypt.
22
Q
15 The attribute that prevents someone from later denying their actions is called what? A. Nonrepudiation B. Key Escrow C. Crytical Redundancy Check D. Two-Factor Authentification
A
A is correct, nonrepudiation prohibits people from denying their actions.
B,C,D, are incorrect. These are all terms used in cryptography but do not relate to the concept of repudiation and nonrepudiation.
23
Q
60
Which of hte following is a reason given for limiting an object’s privileges as part of the principle of least priviledge?
A. It makes it easier to assign blame if a problem occurs.
B. It limits the amount of harm that can be caused, thus limiting an organization’s exposure to damage.
C. it simplifies the job of security administrators
D. It consolodates responsibility
with a few key individuals, thus making security decisions easier to make.
A
B. is correct, this is the primary reason given for implementing the concept of least privilege.
24
Q
88
Acceptable use policies are used to define
A. Data retention
B. Server consolidation planning
C. Security personnel responsibilities for network protection
D. All user responsibilities
A
D is correct, an acceptable use policy defines all user responsibilities with respect to using IT resources.
25
```
21
When comparing two different implentations of the same algorithims for cryptographic strength, what is the best plan?
A. Government recommendation
B. Algorithm manufacturer's website
C. Age of algorithm
D. Key length in bits
```
D. is correct, the strength of an implementation is directly related to keyspace (number of potential keys)
26
```
3
The program TFTP uses waht port data transfer
A. TCP 422
B. TCP 443
C. UDP 80
D. UDP 69
```
D. is correct, Tivial File Transfer Program (TFTP) operated over a UDP port69.
27
```
68
You have created a file on a remote server that is confidential. You wish to assign permission to access the file to selected members of your team. You will be choosing which of the following type pf access control systems?
A. Mandatory Access Control
B. Team-based Access Control
C. Discretionary Access Control
D. Group-based Control
```
C. Discretionary Access Control gives the user the option of setting controls.
A. is inccorect, as Mandatory Access Control does not provide for user control.
28
```
95
Which of hte following documnets are mandatory elements regarding the implementaion od a policy?
A. Guidlines
B. Standards
C. Procedures
D. Audit Findings
```
B is correct; standards are externally defined expectations with regard to a specific condition, hence they act to guide policy.
A, C, and D are incorrect; they are elements of a security process, just not mandatory elements, or elements with mandatory content.
29
59
What is described as the chief drawback to the securcity principle of seperation of duties?
A. It is often not well accepted by users
B. It disperses responsibilities, thus making it easier for the insiders to take advantage of security holes.
C. The cost required in terms of both time and money.
D. It is a difficult concept to understand and implement.
C is correct; the chief drawback with the principle of separation of duties is the perceived cost involved.
A is incorrect; while it may not be popular among users, this is not a chief drawback. B and D are incorrect, as the principle is not hard to understand, and it doesn't make it easier for insiders to take advantage of security holes.
30
```
62
Which of the following is a toll designed to identifiy what devices are connected to a given network and, where possible, the operating system in use on that device?
A. Firewall
B. Web Security Gateway
C. All-in-one security appliance
D. network mapper
```
D is correct; a network mapper is a tool designed to identify what devices are connected to a given network and, where possible, the operating system in use on that device.
A, B, and C are tools for operational security, not for network discovery.
31
```
8
Which of hte following sends unguarenteed or best-effort data transfers?
A. DNS
B. TCP
C. FTP
D. UDP
```
D is correct. User Datagram Protocol (UDP) sends data without guaranteeing delivery.
A is incorrect. DNS is not a data transfer protocol. B and C are both guaranteed delivery protocols.
32
```
91 Which of the following security terms ensures that only authorized individuals are able to create or change information?
A. Confidentiality
B. Integrity
C. Authentication
D. Non-repudiation
```
B is correct; integrity refers to the protection of information from unauthorized alteration.
A is incorrect; confidentiality refers to the protection of information disclosure to unauthorized parties. C and D are incorrect; they are not related to changing of information.
33
```
80
For security policy to be effective, it must be understood by:
A. All employees
B. Senior management
C. System administrators
D. Security personnel
```
A. is correct because security is an all-hands effort; all employees must understand the effects of a security breach and the company policy associated with security.
B, C, and D are incorrect; as they are subsets of "All employees," which is a better answer.
34
```
28
What type of firewall works primarily on port and IP addresses?
A. Stateful Firewall
B. Web application firewall
C. Socket layer firewall
D. Packet filtering firewall
```
D is correct. A packet-filtering firewall works primarily on ports and IP addresses.
A and B are incorrect. They are different types of firewalls that require additional packet inspection. C is incorrect. This is a simple distractor.
35
```
11
What six-byte number is used to identify a Network Interface Card?
A. Interface label
B. Media Access Control address
C. Internal protocal number
D. Fully Qualified Domain Name
```
B is correct. The Media Access Control (MAC) address uniquely identifies Network Interface Cards. The MAC address consists of a vendor number and serial number.
A is incorrect. It is a nonsensical distractor. C and D are incorrect. They are technical terms not related to layer 2 addressing.
36
```
54
The activity of searching for unsecured wireless networks is know as what?
A. War-mapping
B. Wa-chalking
C. War-driving
D. War-monitoring
```
C is correct; the activity of searching for unsecured wireless networks is known as war-driving.
A, B, and D are incorrect; they are distractors using wireless terms and the "war-" prefix.
37
```
34
An evil twin attack is performed utilizing:
A. Fire sheep plug-in for Firefox
B. Stolen credentials
C. A rogue access point
D. Spoofed packets
```
C is correct. An evil twin is a rogue access point set up by an attacker that produces a stronger signal than the legitimate access point, pulling in users by virtue of the stronger signal.
A is incorrect; the Fire sheep plug-in targets a different vulnerability. B is incorrect; credentials do not play a role in the evil twin attack. D is incorrect; spoofed packets are not involved in the evil twin attack.
38
53
To sniff all network traffic connected to your computer, what is necessary?
A. You must have a public IP number
B. Your NIC card muist be in promiscuous mode
C. You must be in single-user mode
D. you must have an automatic IP address.
B is correct; your NIC card must be able to examine all traffic on your network media, which means it must be set to promiscuous mode.
A is incorrect; it is always true, and not discriminatory. C is incorrect; it is not relevant. D is incorrect; it is a nonsensical distractor.
39
```
ECC is particularly suited to
A. Mainframes
B. Signing digital contracts
C. Storing passwords securley
D. Mobile devices
```
D is correct. ECC requires very little power, making it ideal for low-power devices, such as mobile devices.
A, B, and C are incorrect. Although used on mainframes, ECC is primarily designed and used in low-power situations where transmission errors may occur, as in mobile devices.
40
```
73
Which of the following services allows a client to retrieve email from a server?
A. SNMP
B. POP3
C. FTP
D. HTTP
```
B is correct; POP3 (Post Office Protocol) is the only correct answer.
A is incorrect; SNMP is Simple Network Management Protocol. C is incorrect; FTP is for file transfers. D is incorrect; HTTP is used to communicate to a web server, not the e-mail server.
41
```
46 Loop protection involves which of the following?
A. Switches
B. VPNs
C. Physical security
D. Remote Access
```
A is correct; loops can be formed at layer 2, and the Spanning Tree Protocol is typically used to prevent loops.
B, C, and D are incorrect; they are distractors built using relevant terms.
42
```
44 Which of the following describes an attack in which an attacker tries to write more data than allowed to a memory of a victim's computer?
A. Buffer overflow
B. Cross-site script
C. Command injection attack
D. Cross-site request forgery
```
A is correct; a buffer overflow results when data is written beyond the allocated memory. The data may overwrite other data space, code space, registers, or stack space, resulting in unexpected behavior.
B, C, and D are all attacks, but not ones that are the result of overwriting memory buffers.
43
89
Which of the following steps will an attacker often take to attack a computer system?
A. Determine little information on the computer resource
B. Install patches for all known vulnerabilities
C. Limit the number of servics running on a system
D. Perform a port scan to identify al open ports.
D is correct; attackers will often perform a port scan to identify all open ports on a system to determine which potential vulnerabilities may be exploited.
A is incorrect; this is a nonsensical answer. B is incorrect; attackers will not install all patches. C is incorrect; this is a mitigation effort, not an attacker effort.
44
14 Smart Card Authentication can be described as using the following to verify idnetity:
A. Something you have (Token)
B. somehting you are
C. a cryptographic ley to increase security
D. military grade security
A is correct. Smart cards are typically credit card-sized devices used to authenticate with a server that individuals carry with them.
B is incorrect. Something you are is related to biometrics, not smart cards. C and D are incorrect. Smart cards may use strong cryptography, but they are ultimately tokens.
45
27
| A root kit does what?
A is correct. Rootkits are designed to help malicious users, including unauthorized users, gain unauthorized administrative access to computers.
46
```
70
Clear text passswords are a weakness associated with which protocol?
A. CHAP
B. PAP
C. Certificate based authentication
D. Kerberos
```
B is correct; PAP is a two-way handshake involving the clear text transmission of a password.
A, C, and D are incorrect; they all involve encryption.
47
61
Implicit deny in a firewall rule set means?
A. all traffic is rejected
B. all incoming traffic is rejected
C. any traffice not expressly permited is denied
D. any traffic not denied by a prior rule is permitted.
C is correct; implicit deny means that any traffic not expressly permitted by a rule in the firewall's rule set or ACL is denied and rejected by the firewall.
A and B are incorrect; implementation would be equivalent to a disconnection, not a firewall. D is incorrect; this is an implicit allow.
48
```
38
Instead of Telnet, what protocal is recommended?
A. Hyperterminal
B. SSH
C. SSL
D. Open Terminal
```
B is correct, as Telnet sends messages in plaintext over the network. SSH is strongly recommended instead of Telnet.
A and D are incorrect and built using distractors from common terms. C is incorrect as SSL is a transport-level encryption methodology and not used for command-level access.
49
```
36
Callback can be exploited by what means?
A. three-way calling
B. smart card authentication
C. caller id
D. call forwarding
```
D is correct. Call Forwarding will route the legitimate call from the Remote Access Server to the attacker's phone number.
A, B, and C are incorrect; they are all distractors built using terms that are relevant to the subject.
50
```
43
End users have respsonsibilities to protect information, and all of the folllowing policies are involved in the comprehensive effort eccept?
A. clean desk policy
B. sick leave policy
C. password policy
D. physical security policy
```
B is correct; sick leave policies do not involve access issues.
A is incorrect; leaving sensitive material on your desk when you are not there to safeguard it is a potential vulnerability. C is incorrect; passwords provide access to systems. D is incorrect; physical access by unauthorized personnel to materials and systems can create vulnerabilities
51
```
4
Removing unnecessary services and applying service packs is an example of what?
A. system migration
B. system hardenning
C. system mitigiation
D. system monitoring
```
B is correct. Removing unnecessary services and applying service packs is an example of system hardening.
A, C, and D are common terms meant to distract.
52
```
13 Which of the following is not assocaited with authentification>
A. something you are
b. somehting you know
c, somehting you have
d. somehting you had
```
D is correct. Authentication is usually accomplished by providing something you "have", "know", or "are" (as in the case of biometrics). The key word is "had" as this implies past tense, and is therefore not appropriate for authentication.
A, B, and C are incorrect. These answers all relate to common items used for authentication
53
```
67
The formula for Single Loss Expectancy (SLE) is
A. Asset Value time ALE
B. ALE times Asset Value
C. ALE times EF
D. Asset Value time EF
```
EXPLANATION:
D is correct; the formula for Single Loss Expectancy (SLE) is Asset Value times Exposure Value (EF).
A, B, and C are incorrect; they are distractors constructed from risk quantification terms.
54
```
23
Proper humidity and temperature for information systems equipment is an exampe of what type of security?
A. Physical security
B. Perimeter Security
C. Admistrative security
D. Techincal security
```
A is correct. Environmental controls are an example of physical security.
B, C and D are incorrect. These are all common distractors. They are relevant terms to security, but not to this question.
55
```
6
An exampe of attacking the inherent trust a weg browser imparts to a web session is:
A. Cross-site scripting
B. Rogue WAP
C. Man-in-the-middle attacke
D. Smurf Attack
```
A is correct. Cross-site scripting is an attack methodology; while all are attacks, this answer is most closely related to the web.
B, C, and D are incorrect. They are not tied directly to web browser activity.
56
```
29
TCP port 21 is typically associated with which protocal?
A. SMTP
B. SSH
C. FTP
D. FTPS
```
C is correct. FTP uses TCP port 21 for control channel.
A is incorrect; SMTP uses port 25.
B is incorrect; SSH uses port 22.
D is incorrect; FTPS uses ports 989/990.
57
```
An attack that simultaneously involves many attackers in an attempt to shut down services in known as what?
A. DDoS
B. DoS
C. War-chalking
D. Social engineering
```
A is correct; an attack that simultaneously involves many attackers in an attempt to shut down services is known as a Distributed Denial of Service attack (DDoS). A DDoS attack is usually perpetrated by Zombie machines.
B is incorrect; Denial of Service is not from multiple attackers.
C is incorrect; war-chalking is the leaving of visual clues as to wireless locations.
D is incorrect; social engineering is an attack against the people element of security.
58
Define DDoS:
| (3) characteristics
1. Distributed Denial of Service attack (DDoS).
2. an attack that simultaneously involves many attackers in an attempt to shut down services
3. A DDoS attack is usually perpetrated by Zombie machines
59
```
30
A top-level CA exists in what type of PKI trust model?
A. tower architecture
B. mesh architecture
C. hierarchical architecture
D. web of trust
```
C is correct. A top-level CA is necessary to establish a hierarchical trust model.
A and B are incorrect. They are nonsensical distractors.
D is incorrect. Web of trust is a flat model dependent upon trust with peers.
60
```
92
Which type of social enginerring attack targets only specific individuals high up in an organization, such as the corporate officers, with e-mail attempting to get them to reveal personal or sensitive information?
A. Phishing
B. Whaling
C. Spammig
D. Spear phishing
```
B is correct; whaling refers to the use of more senior execs to create trust in lower levels to any unauthorized users.
A, C, and D are incorrect. They are all social engineering attacks, but with different methodologies.
61
25
What is the best way to generate a complex password>
A. concatenating two words so the password strength is greater than 10 characters
B. random generations from a computer program
C. using a passphrase
D. using your birth date and a name together
C is correct. A complex password is long and utilizes alphabetic and numeric characters. The best way to generate a complex password is as a passphrase.
A is incorrect. A dictionary attack can concatenate two words.
B is incorrect. Random passwords are difficult to remember and their use often results in users writing them down.
D is incorrect. Concatenating known pieces of information can be guessed.
62
57
| A Linux or UNIX file with the permissions 760 means what?
D is correct; a Linux or UNIX file with the permissions 760 means rwx for the owner, rw for the group, and no access for all others: 4=read (r), 2=write (w), and 1=execute (x).
A is incorrect; it is 751.
B is incorrect; it is 720.
C is incorrect; it is 750.
63
83
To help secure production web servers, sample files:
A. should be set to read-only but left in place
B. should be removed from production servers
C. should be set to read-write and left in place
D. should be moved to a folder called/samples
B is correct; to help secure production web servers, sample files should be removed from all production servers.
A, C, and D are incorrect as they allow unneeded information to reside on production servers.
64
```
18
Quantum cryptography is best used for:
A. Secure Key Distribution
B. Mobile Devices
C. MEssage Integrity
D. Authentication
```
Hint: Quantum cryptography can detect interception
A is correct. Quantum cryptography is best utilized for secure key distribution.
B, C, and D are incorrect. Quantum cryptography is computationally challenging (bad for mobile), and its strength is in detecting interception and in strength of encryption-ruling out C and D.
65
```
1
Spoofing can be described as:
A. sending large columns of unsolicitied information
B. pretending o be someone you are not
C. monitoring network traffic
D. scanning network traffic
```
Hint
The common definition of spoofing is to do what?
B is correct. Spoofing can be described as pretending to be someone you are not.
A is incorrect; this is flooding.
C and D are not attacks, but rather are techniques to detect attacks.
66
```
69
Who is responsible for access control on objects in the Manatory Access Control (MAC) model?
A. owner of hte object
B. creatore of the object
C. system adminsitrator
D. security officer
```
Hint:
In the MAC model, permissions are predetermined.
C is correct; the system administrator is responsible for Mandatory Access Control model implementation on the system.
A and B are incorrect; owners and creators can administer Discretionary Access Control (DAC) systems. D is incorrect; it is a simple distractor.
67
63
An application that executes malicious code when a predetermined event occurs is called what?
```
Hint:
A predetermined event is the trigger of a broad class of attacks.
```
D is correct; logic bombs will execute based on predetermined events.
A is incorrect; evil twin is a wireless attack. B is incorrect; root kits are a means of changing the system files and operation of an OS. C is incorrect; back doors are alternative means of entry.
68
```
35
Which of the following is not a typical cloud-based offering?
A. platform as a service
B. infrastructure as a service
C. authentification as a service
D. software as a service
```
Hint:
What are the attributes of cloud-based services?
C is correct; authentication does not lend itself to the autoprovisioning aspects of cloud services.
A is incorrect; Platform as a Service (PaaS) is the autoprovisioning of platforms across a network.
B is incorrect; Infrastructure as a Service (IaaS) is the autoprovisioning of infrastructure across a network.
D is incorrect; Software as a Service (SaaS) is the autoprovisioning of software across a network.
69
```
40
Which Boolean operator is most commonly used in cryptographic applications?
A. XOR
B. NOR
C. OR
D. NAND
```
Hint:
Streaming ciphers.
A is correct; the Exclusive OR (XOR) is typically used to encrypt and decrypt data.
B, C, and D are incorrect; they are built from logical distractors.
70
```
74
Which of the following is not cryptogaphic algorithm used for encryption?
A. DES
B. MD5
C. ECC
D. AES
```
Hint:
Encryption implies decryption.
B is correct; MD5 is a hash algorithm and is not used to encrypt information.
A is incorrect; DES is the Data Encryption Standard.
C is incorrect; ECC is elliptic curve cryptography.
D is incorrect; AES is Advanced Encryption Standard.
71
24
What is tailgating?
A. observing another employee enter a security code
B. slipstreaming
C. cascading
D. following another individual through an open door
Hint
Tailgating when driving refers to what?
D is correct. Following an individual through a normally locked door is called tailgating.
A is incorrect, it is a form of social engineering called shoulder surfing.
B and C are incorrect. They are nonsensical distractors.
72
```
7
All employees should be expected to read nad understand which of hte following documents associated with end-user resonsibilities?
A. acceptable user agreement
B. firewall rules
C. flodd guard procedures
D. business impact analysis
```
Hint:
All employees" is key.
A is correct. All employees should read and understand the firm's acceptable use policy.
B, C, and D are common security elements used as distractors. Not all choices would apply to all employees.
73
```
72
Which type of social enginering attack utilizes voice messaging to send insolicitied bulk messages?
A. Vishing
B. SPIM
C. SPAM
D. War driving
```
Hint:
Instant messaging is a voice communication technology.
B is correct. SPIM is basically SPAM sent via a messaging service.
A is incorrect; vishing is basically a variation of phishing that uses voice communication technology to obtain the information the attacker is seeking.
C is incorrect; SPAM is not associated directly with voice messaging. When it is, it is called SPIM, making B a better choice.
D is incorrect; it is a nonsensical distractor.
74
```
32 Testers who have full access to design and coding elements in developing their test plan are using which methodology?
A. black box testing
B. grey box testing
C. open source testing
D. white box testing
```
Hint:
Memorization element, no hint available
D is correct; white box testing refers to testing schemes where design and coding decisions are open to inspection.
A is incorrect; black-box testing refers to testing in which the testers have no knowledge of what is inside.
B is incorrect; grey-box testing refers to partial knowledge.
C is incorrect; it is a combination of terms meant to distract.
75
81 Data classification allows an organization to determine what?
A. Data retention Policy: when can data be destroyed?
B. Data storage policy: how should data be stored?
C. Data security policy: how much protection does data the nata need?
D. Data duplication policy: how the data should be copied.
Hint:
Data classification is the foundation of _____, which can then be used to make crucial data management decisions.
Hint:
C is correct; data classification is the cornerstone of determining what the security requirements are for the data.
A is incorrect; retention is not strictly determined by data sensitivity (classification). B is incorrect; storage is not strictly determined by data sensitivity (classification). D is incorrect; duplication is not strictly determined by data sensitivity (classification).
76
To help secure DNS servers, zone transfers should:
A. be limited to DNS servers that need access to the entire zone information for update and replication purposes
B. always be disabled
C. restricted to hosts on the local network only
D. be permitted as long as another DNS server is making the zone transfer request.
Hint:
The objective is to secure DNS operations, not restrict them.
A is correct; zone transfers should be limited to DNS servers that need access to the entire zone information for update and replication purposes.
B, C, and D are incorrect as they would impair DNS operations.
77
```
5
What type of device stores and issues certificates?
A. CA
B. WAP
C. PEAP
D. Router
```
Hint
Which elements belong to PKI?
A is correct. A certificate authority (CA) stores and issues certificates.
B, C, and D are incorrect; they are security acronyms and terms used to distract.
78
```
51
What is the term given to the process of returning to an earlier release of a software application in the event that a new release causes either a partial or complete failure?
A. software backup
B. software oatch purge
C. backout
D. software scrub
```
Hint:
In the event of failure during a software update, one needs a ____ plan.
C is correct; a backout plan is the steps to restore a system in the event of a failure of an upgrade.
A, B, and D are incorrect; they are distractors constructed from relevant terms.
79
```
45
Which of the following is centralized security based on typical job types?
A. MAC
B. RBAC
C. Realm-based
D. DAC
```
Hint:
"Typical job types" implies groups.
B is correct; Role-based Access Control (RBAC) grants access based on the type of work the user is granted.
A is incorrect; Mandatory Access Control is based on data, not job type.
C is incorrect; Realm-based is not based on job types.
D is incorrect; Discretionary Access Control is based on data, not job type.
80
```
22
A __________ refers to a bootable media device left in the open with an enticing title.
A. USB stick
B. live CD
C. Road apple
D. phishing stinger
```
Hint:
Slang Term
C is correct. "Road apple" is the term used to describe the social engineering attack associated with leaving bootable media for people to pick up and use.
A and B are incorrect; they can be bootable media, but are not necessarily an attack.
D is a nonsense distractor.
81
```
76
PKI is used to manage identitied through the use of:
A. certificates
B. digital signatures
C. kerberos tickets
D. hardward-based tokens
```
Hint
___________'s are used to convey information on identities between parties.
A is correct; a PKI uses certificates to pass keys associated with identities.
B is incorrect; digital signatures involve certificates and PKI, but they don't manage the identities.
C is incorrect; Kerberos can involve certificates and PKI, but it doesn't manage the identities.
D is a distractor using a security term.
82
```
16
A one-way algorithm that creates a unique fized-size number from a variable-length message is known as what?
A. Algorithmic Number Sequence
B. Symmetric encryption
C. RIPEMD
D. Hash
```
Hint:
MD5 and SHA1 are examples.
D is correct. A hash is a fixed-sized result of an algorithm that is generated based on the content of the input to an algorithm.
A is incorrect; it is a nonsense term.
B and C are cryptographic terms associated with other cryptographic items, not fixed block.
83
Give 2 examples of a "Hash"
| *a one-way algorithm that creates a unique fized-size number from a variable-length message
MD5 and SHA1
84
84
On mail servers, relaying occurs when:
A. a message is forwaded between local users
B. the server handles a message and neither the sender not the recipient is a local user
C. the server handles a message and the sender is not a local user
D. the server handles a message and the recipient is not a local user
Hint:
Mail relay is used to spoof mail addresses.
B is correct; on mail servers, relaying occurs when the server handles a message and neither the sender nor the recipient is a local user.
A, C, and D are incorrect as they are all related to normal e-mail processing.
85
```
2
Flood Guards are related to which elements of network security?
A. spanning tree algorithm
B. IDS/IPS
C. routing
D. physical security
```
Hint:
Floods would be detected by what element on a network?
B is correct. Flooding-type attacks can be caught using an intrusion detection (or prevention) system.
A is incorrect. Spanning Tree Algorithm is related to loop protection.
C and D are incorrect. Both are legitimate terms, but not related to flooding attacks and prevention.
86
Define
IDS
IPS
& what it does?
intrusion detection system
intrusion prevention system
Flood Guards related to which elements of network security? Flooding-type attacks can be caught using these.
87
```
71
Kerberos systems require which of the following item(s)?
A. (KDC) Key Distribution Center
B. (RAS) Remote Access Server
C. Client Certificate
D. (CA) Certificate Authority
```
Hint
Kerberos uses tickets to pass ____ between requestor and servers.
A is correct; Kerberos uses a KDC, which is composed of two parts, an Authentication Server (AS) and a Ticket Granting Server (TGS).
B, C, and D are incorrect; an RAS is not required, nor is a client certificate or a certificate authority in the Kerberos scheme.
88
What (2) parts compose "Kerberos"
(AS) Authentification Server
| (TGS) Ticket Granting Server
89
```
Which media is most susceptible to EMI?
A. Fiber Optic
B. Unshielded Twisted-Pair (UTP)
C. Thicknet
D. IR transfers
```
Hint
What is the definition of EMI, and what is it related to?
B is correct. Unshielded Twisted-Pair (UTP) is most susceptible to electromagnetic interference.
A and D are incorrect. Both of these media are outside the typical frequency range of EMI, and in the case of fiber optics, shielded as well.
C is incorrect as it is a shielded cable.
90
50
Escalation auditing is the process of looking for:
A. an increase in the nubmer of users on a system
B. a decrease in user rights
C. an increase in privilege
D. unauthorized logins
Hint:
Escalation is a key term in the question.
C is correct; escalation auditing is the process of looking for an increase in privilege.
A is incorrect; this is a nonsensical distractor.
B is incorrect; this is not an escalation issue. The audit searches for threats that can come from an increase in privilege.
D is incorrect; although unauthorized logins are a security issue, they are not related to this topic.
91
85
Internet content filter appliances can be used to:
A. restrict outgoing network traffic
B. block end-users access to specific types of data based on content
C. manage website content across multiple web servers
D. prevent intrusions to web servers
Hint:
Purpose is to filter Internet-based content.
B is correct; Internet content filters act to restrict the types of information being accessed by web users.
A is incorrect; this is data loss prevention.
C is incorrect; this is load balancing.
D is incorrect; this is done by web application firewalls.
92
```
39
Which protocol is a countermeasure for network sniffing?
A. Telnet
B. SSH
C. FTP
D. TCP
```
Hint:
Plaintext can be sniffed.
B is correct; Secure Shell (SSH) encrypts traffic, making the traffic not available to sniffers.
A, C, and D are incorrect; they are all plaintext protocols, with their traffic available for sniffing.
93
Define (SSH)
Secure Shell (SSH) encrypts traffic, making the traffic not available to sniffers.
94
```
9
Which of the following is not classification of a security control type?
A. Techincal
B. Managerial
C. Auditable
D. Operational
```
Hint
There are three main types of security controls.
C is correct. Auditability is not a descriptive element associated with security controls.
A, B, and D are incorrect.
They are all types of security controls.
95
```
12
What does ACL stnad for?
A. Access Configuration List
B. Approved Computer Listing
C. Access Control List
D. Audit Control List
```
Hint
Files use these for permissions.
C is correct. ACL stands for Access Control list.
A and D are incorrect; they are distractors from unrelated technical terms.
B is incorrect; it is a nonsensical distractor.
96
```
42
Which ofthe following does not secure e-mail?
A. PGP
B. S/MIME
C. MIME
D. OpenPGP
```
Hint
Securing e-mail requires encryption.
C is correct, as S/MIME, PGP, and OpenPGP are all methods of securing e-mail via encryption. MIME is not encrypted.
A, B, and D are incorrect, as they all enable encryption with e-mail.
97
Name (3) methods for securing e-mail.
1. S/MIME
2. PGP
3. OpenPGP
98
```
96
Which of hte following is an environmental issue that could breach computer security?
A. Brute Force attack
B. Social Engineering
C. Air Conditioning
D. Piggybacking
```
Hint
Environmental issue
C. Air conditioning failures can lead to overheating and system shutdowns, adversely affecting availability, one of the elements of security.
A, B, and D are incorrect; they are security term distractors.
99
```
77
A key element in using PKI certificate security is the use of which of the following?
A. digital signature
B. Web of trust
C. RA
D. CRL
```
Hint:
How do you know a certificate is still valid?
D is correct. CRL (Certificate Revocation List) is the best answer. The CRL determines whether the issuer has revoked the certificate.
A and C are incorrect; they are involved, but not in any fashion that provides better security than a CRL.
B is incorrect; it is not involved in PKI certificate trust decisions.
100
Define (CRL)
| And what it does?
Certificate Revocation List
| *a key element in using PKI certificate security
101
```
49
Lockouts prevent what type of activity
A. 135, 137, 139
B. 137, 138, 139
C. 135, 139
D. 137, 139
```
Hint
This is a memorization element.
B is correct; UDP 137 is NetBIOS name service, UDP 138 is NetBIOS Datagram service, and TCP 139 is NetBIOS connection.
A and C are incorrect; as port 135 is not associated with NetBIOS.
D is incorrect as it skips port 138, which is part of NetBIOS.
102
```
10
Which of the following correctly describes the TCP three-way handshake?
A. SYN, SYN/ACK, ACK
B. SYN, SYN, ACK
C. SYN, ACK, FIN
D. SYN, PSH, FIN
```
Hint
Think of a conversation
A is correct. The three-way handshake is as follows: SYN, SYN/ACK, ACK. Each of these items is represented as one bit in the TCP Header.
B, C, and D are incorrect; they are IP flags used as distractors.
103
82
A disadvantage of a Full backup is"
A. it cna only be stored on tape
B. it takes the longest time to restore
C. it contains all data on the system
D. it can contain malware
Hint
What are the operational characteristics of a Full backup compared to other types?
B is correct; a full backup takes the longest to restore as it contains all information.
A is incorrect; full backups can be stored on a variety of media.
C is incorrect; it is not a disadvantage.
D is incorrect; all backups can backup malware infections, it is not unique to full backups.
104
87
An advantage of symmetric key-based encryption over asymmetric encryption is:
A. speed of operation for bulk encryption/decryption
B. simplicity of lagorithm for coding
C. an increased level of security
D. ease of key distribution
Hint
Symmetric key-based encryption is commonly used for what functions?
A is correct; symmetric key is faster than asymmetric key cryptography, hence it is better for bulk operations.
B is incorrect; symmetric vs. asymmetric has no relation to complexity of algorithms.
C is incorrect; symmetric vs. asymmetric has no relation to level of security.
D is incorrect; asymmetric algorithms solve key distribution issues.
105
52
What type of survey is performed to assess the optimal location of Wireless Access Points?
A. WAP survey
B. Site survey
C. Spectrum survey
D. LAN survey
Hint
The location of wireless devices is dependent upon what?
B is correct; a site survey is performed to assess the optimal location of Wireless Access Points.
A, C, and D are distractors built from common wireless terms.
106
58
Configuring the operating system of a hard drive with RAID 1, is an example of what?
A. fault redundanct
B. fault recovery
C. fault tolerance
D. swapping
Hint
This is a definition question.
C is correct; configuring the operating system of a hard drive with RAID 1 is an example of fault tolerance.
A, B, and D are distractors made from common terms in this area of knowledge.
107
93
Which security princicple has to be combined with host security to avoid introducing or overlooking vulnerabilities in a system?
A. Network Security
B. Layered Security
C. Defense in Depth
D. Least Privilege
Hint:
Hosts work with ______.
A is correct. Network security must be combined with host-based security to close all potential paths of attack.
B, C, and D are incorrect as they all offer incomplete solutions. A is more comprehensive and the best answer.
108
37
Which of the following protocols cannot travers NAT?
A. SMTP
B. NTP
C. L2TP
D. FTP
Hint
NAT occurs at what level of the OSI model?
C is correct; L2TP cannot traverse NAT. One recommended option is to have the VPN terminate at the firewall instead of traversing it.
A, B, and D are incorrect; SMTP, NTP, and FTP applications can communicate across NAT.
109
100
In which of the following attacks does the attacker ensure that all communication going to or from the target machine passes through the attacker's machine?
A. replay attack
B. spoofing
C. brute force attack
D. Man-in-the-middle attack
Hint
The name describes how the data flows.
D is correct; in the man-in-the-middle attack, the attacking machine inserts itself in the path of communications between the target machine and its connections.
A is incorrect; in replay attacks, the replay packets do not involve all data.
B is incorrect; spoofing is falsifying content fields.
C is incorrect; the brute force method alleviates the importance of the positioning of the attacker with respect to their pattern of attack.
