SEC+ Revision Questions Implementing System Security Flashcards
Which security measure would protect hard disk contents even if server hard disks were physically stolen?
A. NTFS permissions
B. Power-on password
C. Complex administrative passwords
D. Encryption
D. Encryption
Trinity’s user account is mistakenly deleted when she goes on a three-month maternity leave. When she returns, a new account with appropriate NTFS permissions is created for her. When she tries to open her old files, she keeps getting “Access Denied” messages. What is the problem?
A. Trinity does not have proper NTFS permissions.
B. Trinity’s new user account has a different SID than her old one.
C. Trinity’s files are encrypted with her old account.
D. Trinity’s account should be made a member of the Power Users group.
C. Trinity’s files are encrypted with her old account.
Nate has been using his work e-mail address when surfing the Web and filling in forms on various web sites. To which potential problem has Nate exposed himself?
A. Spam
B. Phishing
C. SQL injection
D. DNS poisoning
A. Spam
You are a server virtualization consultant for Not Really There, Inc. During a planning meeting with a client, the issue of virtual machine point-in-time snapshots comes up. You recommend careful use of snapshots because of the security ramifications. What is your concern?
A. Snapshots can consume a large amount of disk space.
B. The use of snapshots could trigger a MAC flood.
C. Invoked snapshots will mean that the virtual machine is temporarily unavailable.
D. Invoked snapshots will be patched less often than the currently running virtual machine.
D. Invoked snapshots will be patched less often than the currently running virtual machine.
What can be done to harden a mobile, handheld device? (Choose two.)
A. Disable Wi-Fi.
B. Ensure it is used only in physically secured areas.
C. Set Bluetooth discovery to disabled.
D. Enable screen lock.
C. Set Bluetooth discovery to disabled.
&
D. Enable screen lock.
A private medical practice hires you to determine the feasibility of cloud computing whereby
e-mail and medical applications, as well as patient information, would be hosted by an Internet provider. You are asked to identify possible security issues. (Choose two.)
A. Data storage is not local but instead on the provider’s premises, where other businesses also have access to cloud computing services.
B. HTTPS will be used to access remote services.
C. Should the provider be served a subpoena, the possibility of full data disclosure exists.
D. Data will be encrypted in transit as well as when stored.
A. Data storage is not local but instead on the provider’s premises, where other businesses also have access to cloud computing services.
&
C. Should the provider be served a subpoena, the possibility of full data disclosure exists.
Which option will protect employee laptops when they travel and connect to wireless networks?
A. Personal firewall software
B. MAC address filtering
C. Virtualization
D. 802.11n-compliant wireless card
A. Personal firewall software
What can be done to ensure the confidentiality of sensitive data copied to USB flash drives?
A. File hash
B. Encryption
C. NTFS permissions
D. Share permissions
B. Encryption
Which standard is a firmware solution for drive encryption?
A. TPM
B. DLP
C. EFS
D. NTFS
A. TPM
What can be done to protect data after a handheld device is lost or stolen?
A. Enable encryption.
B. Execute a remote wipe.
C. Enable screen lock.
D. Disable Bluetooth discovery.
B. Execute a remote wipe.
How can the specific location of a mobile device be tracked?
A. IP address
B. MAC address
C. SIM card code
D. GPS
D. GPS
What type of software filters unsolicited junk e-mail?
A. Antispam
B. Antivirus
C. Antispyware
D. Antiadware
A. Antispam
What type of software works against the collection of personal information?
A. Antispam
B. Antivirus
C. Antispyware
D. Antiadware
C. Antispyware
Which of the following best protects against operating system defects?
A. Antivirus software
B. Firewall software
C. Encryption
D. Patching
D. Patching
What is the best way to prevent laptop theft?
A. GPS
B. Cable lock
C. Host-based firewall
D. Antivirus software
B. Cable lock
A server administrator must adhere to legislation that states financial data must be kept secure in the event of a physical security breach. What practices will ensure the administrator complies with the law? (Choose two.)
A. Applying NTFS permissions
B. Storing backup tapes in a safe
C. Encrypting server hard disks
D. Storing backup tapes in a locked cabinet
B. Storing backup tapes in a safe
&
C. Encrypting server hard disks
What type of software examines application behavior, logs, and events for suspicious activity?
A. NIDS
B. Host-based firewall
C. HIDS
D. Spyware
C. HIDS
A database administrator requests a method by which malicious activity against a Microsoft SQL database server can be detected. All network traffic to the database server is encrypted. What solution should you recommend?
A. HIDS
B. NIDS
C. IPSec
D. SSL
A. HIDS
Which of the following are true regarding virtualization? (Choose two.)
A. Each virtual machine has one or more unique MAC addresses.
B. Virtual machine operating systems do not need to be patched.
C. Virtual machines running on the same physical host can belong to different VLANs.
D. A security compromise in one virtual machine means all virtual machines on the physical host are compromised.
A. Each virtual machine has one or more unique MAC addresses.
&
C. Virtual machines running on the same physical host can belong to different VLANs.
Cloud computing offers which benefits? (Choose two.)
A. Simple scalability
B. Fewer hardware purchases
C. Better encryption
D. Local data storage
E. No requirement for antivirus software
A. Simple scalability
&
B. Fewer hardware purchases
Mitch is responsible for three payroll servers that store data on a SAN. The chief financial officer (CFO) requests observation of access to a group of budget files by a particular user. What should Mitch do?
A. Create file hashes for each budget file.
B. Encrypt the budget files.
C. Configure a HIDS to monitor the budget files.
D. Configure file system auditing.
D. Configure file system auditing.
Your company has acquired security software that will monitor application usage on all workstations. Before the software can function properly, you must have users run their applications as they normally would for a short period. Why does the security software require this to be done?
A. To update antivirus definitions for application files
B. To establish a normal usage baseline
C. To verify the security software has the required permissions to run
D. To verify licensed software is being used
B. To establish a normal usage baseline
Kevin is a trial lawyer in southern California. He requires secure, high-quality voice communication with clients. What can he do?
A. Use VoIP with packet encryption over the Internet.
B. Use cell phone voice encryption.
C. Use only landline telephones.
D. Use his cell phone on a special voice network for legal professionals.
B. Use cell phone voice encryption.
Your IT manager asks you to ensure e-mail messages and attachments do not contain sensitive data that could be leaked to competitors. What type of solution should you propose?
A. Antivirus software
B. NIDS
C. DLP
D. HIDS
C. DLP
