Q300-Q362 Flashcards
Which of the following protocols allows for secure transfer of files? (Select TWO).
A. ICMP B. SNMP C. SFTP D. SCP E. TFTP
C. SFTP
D. SCP
Which of the following passwords is the LEAST complex? A. MyTrain!45 B. Mytr@in!! C. MyTr@in12 D. MyTr@in#8
B. Mytr@in!!
During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection to an internal router, but not successfully log in to it. Which ports and protocols are MOST likely to be open on the firewall? (Select FOUR). A. 21 B. 22 C. 23 D. 69 E. 3389 F. SSH G. Terminal services H. Rlogin I. Rsync J. Telnet
B. 22
C. 23
F. SSH
J. Telnet
Which of the following is an application security coding problem?
A. Error and exception handling B. Patch management
C. Application hardening
D. Application fuzzing
A. Error and exception handling
An IT security technician needs to establish host based security for company workstations. Which of the following will BEST meet this requirement?
A. Implement IIS hardening by restricting service accounts.
B. Implement database hardening by applying vendor guidelines. C. Implement perimeter firewall rules to restrict access.
D. Implement OS hardening by applying GPOs.
D. Implement OS hardening by applying GPOs.
Which of the following is the MOST specific plan for various problems that can arise within a system?
A. Business Continuity Plan
B. Continuity of Operation Plan C. Disaster Recovery Plan
D. IT Contingency Plan
D. IT Contingency Plan
Which of the following BEST describes the weakness in WEP encryption?
A. The initialization vector of WEP uses a crack-able RC4 encryption algorithm.
Once enough packets are captured an XOR operation can be performed and the asymmetric keys can be derived.
B. The WEP key is stored in plain text and split in portions across 224 packets of random data. Once enough packets are sniffed the IV portion of the packets can be removed leaving the plain text key.
C. The WEP key has a weak MD4 hashing algorithm used.
A simple rainbow table can be used to generate key possibilities due to MD4 collisions.
D. The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.
D. The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.
Sara, the Chief Security Officer (CSO), has had four security breaches during the past two years.
Each breach has cost the company $3,000. A third party vendor has offered to repair the security hole in the system for $25,000. The breached system is scheduled to be replaced in five years.
Which of the following should Sara do to address the risk?
A. Accept the risk saving $10,000. B. Ignore the risk saving $5,000. C. Mitigate the risk saving $10,000. D. Transfer the risk saving $5,000.
D. Transfer the risk saving $5,000.
Which of the following is an authentication and accounting service that uses TCP for connecting to routers and switches?
A. DIAMETER B. RADIUS
C. TACACS+ D. Kerberos
C. TACACS+
Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production system?
A. Input validation
B. Network intrusion detection system C. Anomaly-based HIDS
D. Peer review
A. Input validation
Pete, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection?
A. Sign in and sign out logs B. Mantrap
C. Video surveillance
D. HVAC
B. Mantrap
Which of the following should be connected to the fire alarm system in order to help prevent the spread of a fire in a server room without data loss to assist in an FM-200 deployment?
A. Water base sprinkler system B. Electrical
C. HVAC
D. Video surveillance
C. HVAC
Matt, a security consultant, has been tasked with increasing server fault tolerance and has been given no budget to accomplish his task. Which of the following can Matt implement to ensure servers will withstand hardware failure?
A. Hardware load balancing B. RAID
C. A cold site
D. A host standby
B. RAID
Which of the following fire suppression systems is MOST likely used in a datacenter?
A. FM-200 B. Dry-pipe C. Wet-pipe D. Vacuum
A. FM-200
A security administrator has installed a new KDC for the corporate environment. Which of the following authentication protocols is the security administrator planning to implement across the organization?
A. LDAP
B. RADIUS C. Kerberos D. XTACACS
C. Kerberos
While opening an email attachment, Pete, a customer, receives an error that the application has encountered an unexpected issue and must be shut down. This could be an example of which of the following attacks?
A. Cross-site scripting B. Buffer overflow
C. Header manipulation D. Directory traversal
B. Buffer overflow
Jane has recently implemented a new network design at her organization and wishes to passively identify security issues with the new network. Which of the following should Jane perform?
A. Vulnerability assessment B. Black box testing
C. White box testing
D. Penetration testing
A. Vulnerability assessment
A security technician is working with the network firewall team to implement access controls at the company’s demarc as part of the initiation of configuration management processes. One of the network technicians asks the security technician to explain the access control type found in a firewall. With which of the following should the security technician respond?
A. Rule based access control B. Role based access control C. Discretionary access control D. Mandatory access control
A. Rule based access control
Jane, a security administrator, has been tasked with explaining authentication services to the company’s management team. The company runs an active directory infrastructure. Which of the following solutions BEST relates to the host authentication protocol within the company’s environment?
A. Kerberos
B. Least privilege C. TACACS+
D. LDAP
A. Kerberos
Pete, the compliance manager, wants to meet regulations. Pete would like certain ports blocked only on all computers that do credit card transactions. Which of the following should Pete implement to BEST achieve this goal?
A. A host-based intrusion prevention system
B. A host-based firewall
C. Antivirus update system
D. A network-based intrusion detection system
B. A host-based firewall
Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal? A. Firewall B. Switch C. URL content filter D. Spam filter
C. URL content filter
Pete, the system administrator, wishes to monitor and limit users’ access to external websites. Which of the following would BEST address this?
A. Block all traffic on port 80. B. Implement NIDS.
C. Use server load balancers. D. Install a proxy server.
D. Install a proxy server.
Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure?
A. PAT B. NAP C. DNAT D. NAC
A. PAT
Matt, a security analyst, needs to select an asymmetric encryption method that allows for the same level of encryption strength with a lower key length than is typically necessary. Which of the following encryption methods offers this capability?
A. Twofish
B. Diffie-Hellman C. ECC
D. RSA
C. ECC
Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach?
A. $1,500 B. $3,750 C. $15,000 D. $75,000
B. $3,750