questions 🖤

Question 1

A security administrator wants to deploy security controls to mitigate the threat of company employees’ personal information being captured online. Which of the following would best serve this purpose?
A)antivirus
B) host-based firewall
C) anti-spyware
D) web content filter

Answer 1

C) anti-spyware

Question 2

The below report indicates that the system is most likely infected by which of the following? Protocol LOCAL IP FOREIGN IP STATE, TCP 0.0.0:445 0.0.0.0.:0 Listening, TCP 0.0.0.0:3390 0.0.0.0.:0

A) worm
B) Trojan
C)listening
D)logic bomb

Answer 2

C)listening

Question 3

The network manager has obtained a public IP address for use with a new system to be available via the internet. This system will be placed in the DMZ and will communicate with a database server on the LAN. Which of the following should be used to allow for secure communication between internet users and the internal systems?

A) NAT
B) SSL
C) DNS
D) VLAN

Answer 3

B) SSL

Question 4

The SS ID broadcast for wireless router has been stopped, but a LAN administrator has noticed that authorized users are still accessing the wireless LAN. The administrator has determined that the attackers are still able to detect the presence of the wireless LAN even though the SS ID has been stopped. What would further obscure the presence of the wireless LAN?

A) reroute wireless users to honeypot
B) disable responses to a broadcast probe request
C) create a non-zero length SS ID for the wireless router
D) upgrade the encryption to WPA or WPA2

Answer 4

D) upgrade the encryption to WPA or WPA2

Question 5

Which of the following is a Data Loss Prevention (DLP) strategy that addresses data transit issues?

A) scanning of outbound IM
B) scanning copying of documents to USB
C) scanning of SharePoint documents library
D) scanning printing of documents

Answer 5

A) scanning of outbound IM

Question 6

An employee in the accounting department recently received a phishing email that instructed them to click a link in the email to view an important message from the IRS which threatened penalties if a response was not received by the end of the business day. The employee clicked on the link and the machine was infected with malware. Which of the following principles best describes why this social engineering ploy was successful?

A) scarcity
B) urgency
C) social proof
D) familiarity

Answer 6

B) urgency

Question 7

A system administrator would like to safeguard the integrity of data while in transit over the local LAN. What should be implemented to fulfill this requirement?
A) encryption
B)data loss prevention
C) access control lists
D)HIPS

Answer 7

A) encryption

Question 8

An attacker wants to get confidential data from an organization. The attacker decides to implement stenography as the method of hacking. Which of the following techniques should the attacker use?
A) uses a substitution cipher
B) add information to a sound file
C) encrypt an existing image file
D) hash an existing document

Answer 8

B) add information to a sound file

Question 9

What is protocol that could be used to support authentication services for several local devices from a central location without the use of tokens or tickets?
A)biometrics
B)TACACS+
C)PKI
D)smartcards

Answer 9

B) TACACS+

Question 10

Which of the following offerings typically allows the customer to apply operating system patches?
A)cloud-based storage
B) software as a service
C) public clouds
D) infrastructure as a service

Answer 10

D) infrastructure as a service

Question 11

A security analyst is investigating a potential breach. Upon gathering, documenting, and securing the evidence, which of the following actions is the next step to minimize the business impact?
A)launch an investigation to identify the attacking host
B) review lessons learned in the process
C) remove malware and restore the system to normal operation
D) initiate the incident response plan

Answer 11

C)remove malware and restore the system to normal operation

Question 12

An external auditor visits the human resource department and performs a physical security assessment. The auditor observes documents on printers that are unclaimed. A closer look at these documents reveals employees’ names, addresses, ages, and type of medical and dental coverage options each employee has selected. Which of the following is the most appropriate action to take?
A) flip the documents face down so no one knows these documents are PII sensitive
B)retrieve the documents, label them with PII cover sheets, and return them to the printer
C) shred the documents and let the owner of the printer discover the missing documents on their own
D) report to the human resources manager that their personnel are violating a privacy policy

Answer 12

D) report to the Human Resources manager that their personnel are violating a privacy policy

Question 13

Following a system review, one corporate workstation was found to be strong passwords in plain text. Which of the following is the correct method for storing passwords?
A) hashing the password prior to storing
B)creating a digital certificate of the password prior to storing
C) using cryptography to conceal the password prior to strong
D) run the passwords through a quaternion system of equations

Answer 13

A) hashing the password prior to strong

Question 14

Which of the following best describes the initial processing phase used in mobile device forensics?

A)the phone and storage cards should be examined as a complete unit after examining the removable storage cards separately
B) the phone should be powered down and the battery removed to preserve the state of data on any internal or removable storage utilized by the mobile device

C) the mobile device should be examined first, then removeable storage and lastly the phone without removable storage should be examined again

D) the removable data storage cards should be processed first to prevent data alteration when examining the mobile device

Answer 14

B) the phone should be powered down and the battery removed to preserve the state of data on any internal or removable storage utilized by the mobile device

Question 15

The Chief Information Officer (CIO) is concerned with moving an application to a SaaS cloud provider. Which of the following can be implemented to provide for data confidentiality assurance during and after the migration to the cloud?

A)HPM technology
B)DLP policy
C) TPM technology
D) full-disk encryption

Answer 15

B)DLP policy

Question 16

Which of the following exposures associated with the spoiling of sensitive reports for offline printing could be considered the most serious?

A) Other unauthorized copies of reports could be printed
B) sensitive data may be read by operators
C) data cannot be altered without authorization
D) output would be lost in case of system failure

Answer 16

A) Other unauthorized copies of reports could be printed

Question 17

What is the Biba security model concerned with?

Answer 17

A) Reliability
B) Availability
C) Integrity
D) Confidentially

Question 18

Which of the following is not a common integrity goal?

A) maintain internal and external consistency
B)prevent unauthorized users from making modifications
C) Prevent paths that could lead to inappropriate disclosure
D) Prevent authorized users from making improper modifications

Answer 18

C) prevent paths that could lead to inappropriate disclosure

Question 19

Attributable data should be:

Answer 19

Always traced to individuals responsible for observing and recording the data

Question 20

Which of the following questions is less likely to help in assessing controls covering audit trails?

A) is there separation of duties between security personnel who administer the access control function and those who administer the audit trail?

B) Are incidental monitored and tracked until resolved?

C) Is access to online logs strictly controlled?

D) Does the trail provide a trace of user actions?

Answer 20

B) Are incidental monitored and tracked until resolved?

Question 21

Which of the following is not a method to protect objects Andy the data within the objects?
A) layering
B) data mining
C) data hiding
D) abstraction

Answer 21

B) data mining

Question 22

What is a locking device that prevents unauthorized unplugging of cables from computer devices called?

A) Preset locks
B) Door delays
C) Cable trap
D) slot locks

Answer 22

C) cable trap

Question 23

What does it mean if a system uses “Trusted Recovery”?

A) A failure or crash of the system cannot be breach security

B) A single account on the system has the administrative rights to recover or reboot the system after a crash

C) The recovery process is done from media that have been locked in state

D) There is no such principle as “Trusted Recovery” in security

Answer 23

A) A failure or crash of the system cannot be breach security

Question 24

When it comes to magnetic media sanitization, what difference can be make between clearing and purging information?

A) They both involve rewriting the media

B) Clearing completely crases the media
whereas purging only removes file headers, allowing the recovery of files

C) Clearing renders information unrecoverable by a keyboard attack and purging renders information unrecoverable against laboratory attack

Answer 24

C) Clearing renders information unrecoverable by a keyboard attack and purging renders information unrecoverable against laboratory attack

Question 25

The Information Technology Security Evaluation Criteria (ITSEC) was written to address which one of the following that the Orange Book did not address?

A) Integrity and availability
B) Integrity and confidentiality
C) confidentiality and availability
D) accessibility and confidentiality

Answer 25

A) Integrity and availability

Question 26

Small files that websites put on your computer hard disk drive when you visit, your information is sometime sold to other websites

Answer 26

Cookies

Question 27

What is Malware?

Answer 27

Software that may harm your computer

Question 28

T or F : if you receive an attachment from someone you don’t know, you should never open it.

Answer 28

True

Question 29

The ________ type of malware that is triggered by the user. Code automatically makes copies of itself.

Answer 29

Virus

Question 30

Which of the following may result in a malware infection?

Opening an email attachment
Clicking on an infected link
Downloading a file from a website
All of the above

Answer 30

All of the above

Question 31

What is phishing?

Answer 31

A scam to get confidential information

Question 32

What damage can be caused by malware?

Computer crashes
Permanent deletion
The compromising personal information, which may lead to identity theft
All of the above

Answer 32

All of the above

Question 33

The _______ type of malware, that secretly collects personal information and sends it to a third party

Answer 33

Spyware

Question 34

Which of the following is not effective in preventing malware infections?

Answer 34

Opening email attachments

Question 35

If you think your computer has a virus, a good first step in solving the problem would be to:

Answer 35

Run a virus scan

Question 36

Special program which can detect and remove viruses from computer is called

Answer 36

Anti virus

Question 37

What is a Trojan horse?

Answer 37

Is destructive software disguised as something good

Question 38

What is an email attachment

Answer 38

Is a computer file sent along with an email message

Question 39

What is “crash” as it relates to computers?

Answer 39

The system stops functioning properly

Question 40

What is an example of a firewall being effective?

Answer 40

When a certain website might be blocked

Question 41

How can you get rid of a virus

Answer 41

-Take it to a computer specialist
-scan for the virus in the computer’s settings

Question 42

It is a self- replicating program that is harmful to networks.

Answer 42

Worm

Question 43

It help prevent attackers from monitoring or recording traffic between resources and computers, by making data more difficult to read

Answer 43

Data encryption

Question 44

Two-factor authentication

Answer 44

Users are required to verify their identify in 2 different ways

Question 45

Anti- malware software

Answer 45

Uses a database of known harmful software to search for dangerous files on a device

Question 46

Passwords

Answer 46

A string of characters used to gain access to a computer system

Question 47

Firewalls

Answer 47

Prevents certain packets of data from entering/ leaving a network

Question 48

Access levels

Answer 48

Allowing different users different permissions for files and programs

Question 49

Firewalls are available as a special hardware device or as __________.

Answer 49

Software

Question 50

A firewall will block________ of information from certain malicious IP addresses.

Answer 50

Packets

Question 51

Fire walls can also block packets that are for _____ that are not used.

Answer 51

Ports

Question 52

When packets are blocked from entering a computer or network they are said to be _______.

Answer 52

Dropped

Question 53

A firewall can look at the data inside each packet of data. This is known as ________. Computers that are protected by the firewall are part of the trusted network.

Answer 53

Packet inspection

Question 54

Put the stages of initializing a HTTPS connection with SSL/TLS in order

Answer 54

1) client browser requests a secure connection

2) Server responds be sending a copy it’s security certificate

3)The browser inspects and verifies the server certificate

4) if the certificate is valid, the browser will send an encrypted session key to the server

5) The server and browser can now communicate using session key

Question 55

Which of these user authentication methods are not bio-metric

Retina scan
2FA
Facial recognition
Fingerprint scanning

Answer 55

2FA

Question 56

The user who has access to all files, data and programs on a computer system is known as the ______.

Answer 56

Admin
(Administrator)

Question 57

A _______ is a type of malware that is triggered by running an infected file, whereas a ______ is able to self-replicate and will often spread automatically through a local network

Answer 57

Virus
Worm