Study Questions (251 - 286) Flashcards by John B

Which of the following network design elements provides for a one-to-one relationship between an internal network address and an external network address?

A. NAT
B. NAC
C. VLAN
D. PAT

How well did you know this?

Not at all

Perfectly

Using proximity card readers instead of the traditional key punch doors would help to mitigate:

A. impersonation.
B. tailgating.
C. dumpster diving.
D. shoulder surfing.

How well did you know this?

Not at all

Perfectly

In planning for a firewall implementation, Pete, a security administrator, needs a tool to help him understand what traffic patterns are normal on his network. Which of the following tools would help Pete determine traffic patterns?

A. Syslog
B. Protocol analyzer
C. Proxy server
D. Firewall

How well did you know this?

Not at all

Perfectly

TKIP uses which of the following encryption ciphers?

A. RC5
B. AES
C. RC4
D. 3DES

How well did you know this?

Not at all

Perfectly

Jane, an administrator, needs to transfer DNS zone files from outside of the corporate network.
Which of the following protocols must be used?

A. TCP
B. ICMP
C. UDP
D. IP

How well did you know this?

Not at all

Perfectly

Common access cards use which of the following authentication models?

A. PKI
B. XTACACS
C. RADIUS
D. TACACS

How well did you know this?

Not at all

Perfectly

Which of the following application attacks is used to gain access to SEH?

A. Cookie stealing
B. Buffer overflow
C. Directory traversal
D. XML injection

How well did you know this?

Not at all

Perfectly

Which of the following does a second authentication requirement mitigate when accessing privileged areas of a website, such as password changes or user profile changes?

A. Cross-site scripting
B. Cookie stealing
C. Packet sniffing
D. Transitive access

How well did you know this?

Not at all

Perfectly

Jane, a security technician, has been tasked with preventing contractor staff from logging into the company network after business hours. Which of the following BEST allows her to accomplish this?

A. Time of day restrictions
B. Access control list
C. Personal identity verification
D. Mandatory vacations

How well did you know this?

Not at all

Perfectly

Which of the following ports does DNS operate on, by default?

A. 23
B. 53
C. 137
D. 443

How well did you know this?

Not at all

Perfectly

Sara from IT Governance wants to provide a mathematical probability of an earthquake using facts and figures.Which of the following concepts would achieve this?

A. Qualitative Analysis
B. Impact Analysis
C. Quantitative Analysis
D. SLE divided by the ARO

How well did you know this?

Not at all

Perfectly

A buffer overflow can result in which of the following attack types?

A. DNS poisoning
B. Zero-day
C. Privilege escalation
D. ARP poisoning

How well did you know this?

Not at all

Perfectly

Which of the following is an authentication service that uses UDP as a transport medium?

A. TACACS+
B. LDAP
C. Kerberos
D. RADIUS

How well did you know this?

Not at all

Perfectly

Which of the following is true concerning WEP security?

A. WEP keys are transmitted in plain text.
B. The WEP key initialization process is flawed.
C. The pre-shared WEP keys can be cracked with rainbow tables.
D. WEP uses the weak RC4 cipher.

How well did you know this?

Not at all

Perfectly

Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO).

A. Tethering
B. Screen lock PIN
C. Remote wipe
D. Email password
E. GPS tracking
F. Device encryption

C F

How well did you know this?

Not at all

Perfectly

Which of the following can be implemented on a lost mobile device to help recover it?

A. Remote sanitization
B. GPS tracking
C. Voice encryption
D. Patch management

Sara, a security administrator, needs to implement the equivalent of a DMZ at the datacenter entrance. Which of the following must she implement?

A. Video surveillance
B. Mantrap
C. Access list
D. Alarm

Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses to gather data on new malware. Which of the following is being implemented by Jane’s company?

A. Vulnerability scanner
B. Honeynet
C. Protocol analyzer
D. Port scanner

Sara, a senior programmer for an application at a software development company, has also assumed an auditing role within the same company. She will be assessing the security of the application. Which of the following will she be performing?

A. Blue box testing
B. Gray box testing
C. Black box testing
D. White box testing

Jane, a security analyst, wants to ensure that data is being stored encrypted, in the event that a corporate laptop is stolen. Which of the following encryption types will accomplish her goal?

A. IPSec
B. Secure socket layer
C. Whole disk
D. Transport layer security

Which of the following BEST describes a directory traversal attack?

A. A malicious user can insert a known pattern of symbols in a URL to access a file in another section of the directory.
B. A malicious user can change permissions or lock out user access from a webroot directory or subdirectories.
C. A malicious user can delete a file or directory in the webroot directory or subdirectories.
D. A malicious user can redirect a user to another website across the Internet.

Sara, the Chief Executive Officer (CEO) of a corporation, wishes to receive her corporate email and file attachments on her corporate mobile computing device. If the device is lost or stolen, the BEST security measure to ensure that sensitive information is not comprised would be:

A. to immediately file a police report and insurance report.
B. the ability to remotely wipe the device to remove the data.
C. to immediately issue a replacement device and restore data from the last backup.
D. to turn on remote GPS tracking to find the device and track its movements.

In her morning review of new vendor patches, a security administrator has identified an exploit that is marked as critical. Which of the following is the BEST course of action?

A. The security administrator should wait seven days before testing the patch to ensure that the vendor does not issue an updated version, which would require reapplying the patch.
B. The security administrator should download the patch and install it to her workstation to test whether it will be able to be applied to all workstations in the environment.
C. The security administrator should alert the risk management department to document the patch and add it to the next monthly patch deployment cycle.
D. The security administrator should download the patch to the test network, apply it to affected systems, and evaluate the results on the test systems.

Which of the following protocols allows for secure transfer of files? (Select TWO).

A. ICMP
B. SNMP
C. SFTP
D. SCP
E. TFTP

C D

Sara, a security administrator, is configuring a new firewall. She has entered statements into the firewall configuration as follows: Allow all Web traffic Deny all Telnet traffic Allow all SSH traffic Mike, a user on the network, tries unsuccessfully to use RDP to connect to his work computer at home. Which of the following principles BEST explains why Mike's attempt to connect is not successful? A. Explicit deny B. Loop protection C. Implicit deny D. Implicit permit

Jane, a security administrator, notices that a program has crashed. Which of the following logs should Jane check? A. Access log B. Firewall log C. Audit log D. Application log

Users at a corporation are unable to login using the directory access server at certain times of the day. Which of the following concepts BEST describes this lack of access? A. Mandatory access control B. Least privilege C. Time of day restrictions D. Discretionary access control

Which of the following passwords is the LEAST complex? A. MyTrain!45 B. Mytr@in!! C. MyTr@in12 D. MyTr@in#8

During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection to an internal router, but not successfully log in to it. Which ports and protocols are MOST likely to be open on the firewall? (Select FOUR). ``` A. 21 B. 22 C. 23 D. 69 E. 3389 F. SSH G. Terminal services H. Rlogin I. Rsync J. Telnet ```

B C F J

During an anonymous penetration test, Jane, a system administrator, was able to identify a shared print spool directory, and was able to download a document from the spool. Which statement BEST describes her privileges? A. All users have write access to the directory. B. Jane has read access to the file. C. All users have read access to the file. D. Jane has read access to the directory.

Sara, an IT security technician, has identified security weaknesses within her company's code. Which of the following is a common security coding issue? A. Input validation B. Application fuzzing C. Black box testing D. Vulnerability scanning

Which of the following is an application security coding problem? A. Error and exception handling B. Patch management C. Application hardening D. Application fuzzing

Which of the following is a hardware-based security technology included in a computer? A. Symmetric key B. Asymmetric key C. Whole disk encryption D. Trusted platform module

Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the following is MOST likely blocking Pete's access to this site? A. Internet content filter B. Firewall C. Proxy server D. Protocol analyzer

Jane, the administrator of a small company, wishes to track people who access the secured server room, which is secured only by a simple hardware key lock. Jane does not have much of a budget or the approval to make significant construction changes. Given the limitations, which of the following can she do in the meantime? A. Implement an access log and a security guard B. Install a 24/7 closed-circuit camera system C. Install a separate hardware lock with limited keys D. Implement a cipher key lock

An administrator might choose to implement a honeypot in order to: A. provide load balancing for network switches. B. distract potential intruders away from critical systems. C. establish a redundant server in case of a disaster. D. monitor any incoming connections from the Internet.