Secuirty+ NT SyQ's 1-2
What protocol, running on top of TCP/IP, is often used for name registration and resolution with Windows-based clients? Telnet SSL NetBIOS TLS
C. NetBIOS is used for name resolution and registration in Windows-based environments. It runs on top of TCP/IP
Which of the following strategies involves understanding something about the enemy and letting them know the harm that can come their way if they cause harm to you? Risk acceptance Risk avoidance Risk deterrence Risk mitigation Risk transference
C. Risk deterrence involves understanding something about the enemy and letting them know the harm that can come their way if they cause harm to you.
Which of the following devices is the most capable of providing infrastructure security? Hub Switch Router Modem
C. Routers can be configured in many instances to act as packet-filtering firewalls. When configured properly, they can prevent unauthorized ports from being opened.
Which of the following policies should be used when assigning permissions, giving users only the permissions they need to do their work and no more? Separation of duties Acceptable use Least privilege Physical access control
C. The principle of least privilege should be used when assigning permissions. Give users only the permissions they need to do their work and no more
The risk-assessment component, in conjunction with the ________, provides the organization with an accurate picture of the situation facing it. RAC ALE BIA RMG
C. The risk-assessment component, in conjunction with the BIA (Business Impact Analysis), provides the organization with an accurate picture of the situation facing it.
Refer to the scenario in question 2. Which of the following is the ALE for this scenario? $2 million $1 million $500,000 $33,333.33 $16,666.67
E. ALE (annual loss expectancy) is equal to SLE times the annualized rate of occurrence. In this case, SLE is $1 million and the ARO is 1/60
Which of the following strategies involves sharing some of the burden of the risk with someone else such as an insurance company? Risk acceptance Risk avoidance Risk deterrence Risk mitigation Risk transference
E. Risk transference involves sharing some of the burden of the risk with someone else such as an insurance company
Refer to the scenario in question 2. Which of the following is the ARO for this scenario? 0.0167 1 5 16.7 60
A. ARO (annualized rate of occurrence) is the frequency (in number of years) the event can be expected to happen. In this case, ARO is 1/60 or 0.0167.
Which ports are, by default, reserved for use by FTP? (Choose all that apply.) 20 and 21 TCP 20 and 21 UDP 22 and 23 TCP 22 and 23 UDP
A. FTP uses TCP ports 20 and 21. FTP does not use UDP ports
Which protocol is primarily used for network maintenance and destination information? ICMP SMTP IGMP Router
A. ICMP is used for destination and error reporting functions in TCP/IP. ICMP is routable and is used by programs such as Ping and Traceroute.
How many bits are used for addressing with IPv4 and IPv6, respectively? 32, 128 16, 64 8, 32 4, 16
A. IPv4 uses 32 bits for the host address, while IPv6 uses 128 bits for this.
If you calculate SLE to be $25,000 and that there will be one occurrence every four years (ARO), then what is the ALE? $6,250 $12,500 $25,000 $100,000
A. If you calculate SLE to be $25,000 and that there will be one occurrence every four years (ARO), then the ALE is $6,250 ($25,000 × .25).
hich protocol is unsuitable for WAN VPN connections? PPP PPTP L2TP IPSec
A. PPP provides no security, and all activities are unsecure. PPP is primarily intended for dial-up connections and should never be used for VPN connections.
Upper management has decreed that a firewall must be put in place immediately, before your site suffers an attack similar to one that struck a sister company. Responding to this order, your boss instructs you to implement a packet filter by the end of the week. A packet filter performs which function? Prevents unauthorized packets from entering the network Allows all packets to leave the network Allows all packets to enter the network Eliminates collisions in the network
A. Packet filters prevent unauthorized packets from entering or leaving a network. Packet filters are a type of firewall that blocks specified port traffic.
Which of the following strategies necessitates an identified risk that those involved understand the potential cost/damage and agree to accept? Risk acceptance Risk avoidance Risk deterrence Risk mitigation Risk transference
A. Risk acceptance necessitates an identified risk that those involved understand the potential cost/damage and agree to accept.
Which of the following are multiport devices that improve network efficiency? Switches Modems Gateways Concentrators
A. Switches are multiport devices that improve network efficiency. A switch typically has a small amount of information about systems in a network.
Which of the following policies are designed to reduce the risk of fraud and prevent other losses in an organization? Separation of duties Acceptable use Least privilege Physical access control
A. The separation of duties policies are designed to reduce the risk of fraud and prevent other losses in an organization
Which service(s), by default, use TCP and UDP port 22? (Choose all that apply.) SMTP SSH SCP IMAP
B. C. Port 22 is used by both SSH and SCP with TCP and UDP.
Which device is used to connect voice, data, pagers, networks, and almost any other conceivable application into a single telecommunications system? Router PBX Hub Server
B. Many modern PBX (private branch exchange) systems integrate voice and data onto a single data connection to your phone service provider. In some cases, this allows an overall reduction in cost of operations. These connections are made using existing network connections such as a T1 or T3 network.
Most of the sales force have been told that they should no longer report to the office on a daily basis. From now on, they're to spend the majority of their time on the road calling on customers. Each member of the sales force has been issued a laptop computer and told to connect to the network nightly through a dial-up connection. Which of the following protocols is widely used today as a transport protocol for Internet dial-up connections? SMTP PPP PPTP L2TP
B. PPP can pass multiple protocols and is widely used today as a transport protocol for dial-up connections
Which of the following strategies involves identifying a risk and making the decision to no longer engage in the action? Risk acceptance Risk avoidance Risk deterrence Risk mitigation Risk transference
B. Risk avoidance involves identifying a risk and making the decision to no longer engage in the actions associated with that risk
Consider the following scenario: The asset value of your company's primary servers is $2 million and they are housed in a single office building in Anderson, Indiana. You have field offices scattered throughout the United States, so the servers in the main office account for approximately half the business. Tornados in this part of the country are not uncommon, and it is estimated one will level the building every 60 years. Which of the following is the SLE for this scenario? $2 million $1 million $500,000 $33,333.33 $16,666.67
B. SLE (single loss expectancy) is equal to asset value (AV) times exposure factor (EF). In this case, asset value is $2 million and exposure factor is 1/2
As more and more clients have been added to your network, the efficiency of the network has decreased significantly. You're preparing a budget for next year, and you specifically want to address this problem. Which of the following devices acts primarily as a tool to improve network efficiency? Hub Switch Router PBX
B. Switches create virtual circuits between systems in a network. These virtual circuits are somewhat private and reduce network traffic when used
Which of the following policies describes how the employees in an organization can use company systems and resources, both software and hardware? Separation of duties Acceptable use Least privilege Physical access control
B. The acceptable use policies describe how the employees in an organization can use company systems and resources, both software and hardware
Which of the following policy statements may include an escalation contact, in the event that the person dealing with a situation needs to know whom to contact? Scope Exception Overview Accountability
B. The exception policy statement may include an escalation contact, in the event that the person dealing with a situation needs to know whom to contact
IPv6, in addition to having more bits allocated for each host address, also has mandatory requirements built in for which security protocol? TFTP IPSec SFTP L2TP
B. The implementation of IPSec is mandatory with IPv6. While it is widely implemented with IPv4, it is not a requirement.
Which of the following can be implemented as a software or hardware solution and is usually associated with a device—a router, a firewall, NAT, and so on—and used to shift a load from one device to another? Proxy Hub Load balancer Switch
C. A load balancer can be implemented as a software or hardware solution, and is usually associated with a device—a router, a firewall, NAT, and so on. As the name implies, it is used to shift a load from one device to another.
Which of the following is the structured approach that is followed to secure the company's assets? Asset management Incident management Change management Skill management
C. Change management is the structured approach that is followed to secure the company's assets
Separation of duties helps prevent an individual from embezzling money from a company. To successfully embezzle funds, an individual would need to recruit others to commit an act of collusion (an agreement between two or more parties established for the purpose of committing deception or fraud). Misappropriation Misuse Collusion Fraud
C. Collusion is an agreement between two or more parties established for the purpose of committing deception or fraud. Collusion, when part of a crime, is also a criminal act in and of itself
You're the chief security contact for MTS. One of your primary tasks is to document everything related to security and create a manual that can be used to manage the company in your absence. Which documents should be referenced in your manual as the ones that identify the methods used to accomplish a given task?
C. Guidelines help clarify processes to maintain standards. Guidelines tend to be less formal than policies or standards
You're the administrator for Mercury Technical. A check of protocols in use on your server brings up one that you weren't aware was in use; you suspect that someone in HR is using it to send messages to multiple recipients. Which of the following protocols is used for group messages or multicast messaging? SMTP SNMP IGMP L2TP
C. IGMP is used for group messaging and multicasting. IGMP maintains a list of systems that belong to a message group. When a message is sent to a particular group, each system receives an individual copy
You're explaining protocols to a junior administrator shortly before you leave for vacation. The topic of Internet mail applications comes up, and you explain how communications are done now as well as how you expect them to be done in the future. Which of the following protocols is becoming the newest standard for Internet mail applications? SMTP POP IMAP IGMP
C. IMAP is becoming the most popular standard for email clients and is replacing POP protocols for mail systems. IMAP allows mail to be forwarded and stored in information areas called stores
If you calculate SLE to be $4,000 and that there will be 10 occurrences a year (ARO), then the ALE is: $400 $4,000 $40,000 $400,000
C. If you calculate SLE to be $4,000 and that there will be 10 occurrences a year (ARO), then the ALE is $40,000 ($4,000 × 10).
A socket is a combination of which components? TCP and port number UDP and port number IP and session number IP and port number
D. A socket is a combination of IP address and port number. The socket identifies which application will respond to the network request
What is the term used for events that mistakenly were flagged and aren't truly events to be concerned with? Fool's gold Non-incidents Error flags False positives
D. False positives are events that mistakenly were flagged and aren't truly events to be concerned with.
You've been given notice that you'll soon be transferred to another site. Before you leave, you're to audit the network and document everything in use and the reason why it's in use. The next administrator will use this documentation to keep the network running. Which of the following protocols isn't a tunneling protocol but is probably used at your site by tunneling protocols for network security? IPSec PPTP L2TP L2F
D. IPSec provides network security for tunneling protocols. IPSec can be used with many different protocols besides TCP/IP, and it has two modes of security
Which of the following strategies is accomplished anytime you take steps to reduce the risk? Risk acceptance Risk avoidance Risk deterrence Risk mitigation Risk transference
D. Risk mitigation is accomplished anytime you take steps to reduce the risk.
Which device stores information about destinations in a network? Hub Modem Firewall Router
D. Routers store information about network destinations in routing tables. Routing tables contain information about known hosts on both sides of the router
Which of the following services use only TCP ports and not UDP? (Choose all that apply.) IMAP LDAP FTPS SFTP
D. SFTP uses only TCP ports. IMAP, LDAP, and FTPS all use both TCP and UDP ports
Which of the following policy statements should address who is responsible for ensuring that it is enforced? Scope Exception Overview Accountability
D. The accountability policy statement should address who is responsible for ensuring that it is enforced