Security +
How often, at a MINIMUM, should Sara, an administrator, review the accesses and right of the users on her system? A.Annually B.Immediately after an employee is terminated C.Every five years D.Every time they patch the server
A.Annually
A network administrator noticed various chain messages have been received by the company. Which of the following security controls would need to be implemented to mitigate this issue? A.Anti-spam B.Antivirus C.Host-based firewalls D.Anti-spyware
A.Anti-spam
The system administrator notices that their application is no longer able to keep up with the large amounts of traffic their server is receiving daily. Several packets are dropped and sometimes the server is taken offline. Which of the following would be a possible solution to look into to ensure their application remains secure and available? A.Cloud computing B.Full disk encryption C.Data Loss Prevention D.HSM
A.Cloud computing
Which of the following concepts allows an organization to group large numbers of servers together in order to deliver a common service? A.Clustering B.RAID C.Backup Redundancy D.Cold site
A.Clustering
Which of the following concepts are included on the three sides of the "security triangle"? (Select THREE). A.Confidentiality B.Availability C.Integrity D.Authorization E.Authentication F.Continuity
A.Confidentiality B.Availability C.Integrity
Which of the following controls would prevent an employee from emailing unencrypted information to their personal email account over the corporate network? A.DLP B.CRL C.TPM D.HSM
A.DLP
Mandatory vacations are a security control which can be used to uncover which of the following? A.Fraud committed by a system administrator B.Poor password security among users C.The need for additional security staff D.Software vulnerabilities in vendor code
A.Fraud committed by a system administrator
Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network? A.HIPS on each virtual machine B.NIPS on the network C.NIDS on the network D.HIDS on each virtual machine
A.HIPS on each virtual machine
Each server on a subnet is configured to only allow SSH access from the administrator's workstation. Which of the following BEST describes this implementation? A.Host-based firewalls B.Network firewalls C.Network proxy D.Host intrusion prevention
A.Host-based firewalls
A security specialist has been asked to evaluate a corporate network by performing a vulnerability assessment. Which of the following will MOST likely be performed? A.Identify vulnerabilities, check applicability of vulnerabilities by passively testing security controls. B.Verify vulnerabilities exist, bypass security controls and exploit the vulnerabilities. C.Exploit security controls to determine vulnerabilities and mis-configurations. D.Bypass security controls and identify applicability of vulnerabilities by passively testing security controls.
A.Identify vulnerabilities, check applicability of vulnerabilities by passively testing security controls.
Which of the following is best practice to put at the end of an ACL? A.Implicit deny B.Time of day restrictions C.Implicit allow D.SNMP string
A.Implicit deny
In order to securely communicate using PGP, the sender of an email must do which of the following when sending an email to a recipient for the first time? A.Import the recipient's public key B.Import the recipient's private key C.Export the sender's private key D.Export the sender's public key
A.Import the recipient's public key
Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the following is MOST likely blocking Pete's access to this site? A.Internet content filter B.Firewall C.Proxy server D.Protocol analyzer
A.Internet content filter
During a security assessment, an administrator wishes to see which services are running on a remote server. Which of the following should the administrator use? A.Port scanner B.Network sniffer C.Protocol analyzer D.Process list
A.Port scanner
Which of the following is synonymous with a server's certificate? A.Public key B.CRL C.Private key D.Recovery agent
A.Public key
Which of the following would provide the STRONGEST encryption? A.Random one-time pad B.DES with a 56-bit key C.AES with a 256-bit key D.RSA with a 1024-bit key
A.Random one-time pad
A network analyst received a number of reports that impersonation was taking place on the network. Session tokens were deployed to mitigate this issue and defend against which of the following attacks? A.Replay B.DDoS C.Smurf D.Ping of Death
A.Replay
A security administrator is responsible for performing periodic reviews of user permission settings due to high turnover and internal transfers at a corporation. Which of the following BEST describes the procedure and security rationale for performing such reviews? A.Review all user permissions and group memberships to ensure only the minimum set of permissions required to perform a job is assigned. B.Review the permissions of all transferred users to ensure new permissions are granted so the employee can work effectively. C.Ensure all users have adequate permissions and appropriate group memberships, so the volume of help desk calls is reduced. D.Ensure former employee accounts have no permissions so that they cannot access any network file stores and resources.
A.Review all user permissions and group memberships to ensure only the minimum set of permissions required to perform a job is assigned.
Which of the following types of application attacks would be used to specifically gain unauthorized information from databases that did not have any input validation implemented? A.SQL injection B.Session hijacking and XML injection C.Cookies and attachments D.Buffer overflow and XSS
A.SQL injection
During a routine audit a web server is flagged for allowing the use of weak ciphers. Which of the following should be disabled to mitigate this risk? (Select TWO). A.SSL 1.0 B.RC4 C.SSL 3.0 D.AES E.DES F.TLS 1.0
A.SSL 1.0 E.DES
Users need to exchange a shared secret to begin communicating securely. Which of the following is another name for this symmetric key? A.Session Key B.Public Key C.Private Key D.Digital Signature
A.Session Key
An investigator recently discovered that an attacker placed a remotely accessible CCTV camera in a public area overlooking several Automatic Teller Machines (ATMs). It is also believed that user accounts belonging to ATM operators may have been compromised. Which of the following attacks has MOST likely taken place? A.Shoulder surfing B.Dumpster diving C.Whaling attack D.Vishing attack
A.Shoulder surfing
A security technician is attempting to access a wireless network protected with WEP. The technician does not know any information about the network. Which of the following should the technician do to gather information about the configuration of the wireless network? A.Spoof the MAC address of an observed wireless network client B.Ping the access point to discover the SSID of the network C.Perform a dictionary attack on the access point to enumerate the WEP key D.Capture client to access point disassociation packets to replay on the local PC's loopback
A.Spoof the MAC address of an observed wireless network client
Which of the following services are used to support authentication services for several local devices from a central location without the use of tokens? A.TACACS+ B.Smartcards C.Biometrics D.Kerberos
A.TACACS+
Which of the following security concepts can prevent a user from logging on from home during the weekends? A.Time of day restrictions B.Multifactor authentication C.Implicit deny D.Common access card
A.Time of day restrictions
An internal auditor is concerned with privilege creep that is associated with transfers inside the company. Which mitigation measure would detect and correct this? A.User rights reviews B.Least privilege and job rotation C.Change management D.Change Control
A.User rights reviews
An administrator is concerned that a company's web server has not been patched. Which of the following would be the BEST assessment for the administrator to perform? A.Vulnerability scan B.Risk assessment C.Virus scan D.Network sniffer
A.Vulnerability scan
The security administrator is observing unusual network behavior from a workstation. The workstation is communicating with a known malicious destination over an encrypted tunnel. A full antivirus scan, with an updated antivirus definition file, does not show any signs of infection. Which of the following has happened on the workstation? A.Zero-day attack B.Known malware infection C.Session hijacking D.Cookie stealing
A.Zero-day attack
Which of the following cryptographic related browser settings allows an organization to communicate securely? A.SSL 3.0/TLS 1.0 B.3DES C.Trusted Sites D.HMAC
B.3DES
Which of the following symmetric key algorithms are examples of block ciphers? (Select THREE). A.RC4 B.3DES C.AES D.MD5 E.PGP F.Blowfish
B.3DES C.AES F.Blowfish
Which of the following is the default port for TFTP? A.20 B.69 C.21 D.68
B.69
A hacker has discovered a simple way to disrupt business for the day in a small company which relies on staff working remotely. In a matter of minutes the hacker was able to deny remotely working staff access to company systems with a script. Which of the following security controls is the hacker exploiting? A.DoS B.Account lockout C.Password recovery D.Password complexity
B.Account lockout
A trojan was recently discovered on a server. There are now concerns that there has been a security breach that allows unauthorized people to access data. The administrator should be looking for the presence of a/an: A.Logic bomb. B.Backdoor. C.Adware application. D.Rootkit.
B.Backdoor.
In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be classified? A.Security control frameworks B.Best practice C.Access control methodologies D.Compliance activity
B.Best practice
A user commuting to work via public transport received an offensive image on their smart phone from another commuter. Which of the following attacks MOST likely took place? A.War chalking B.Bluejacking C.War driving D.Bluesnarfing
B.Bluejacking
A user has received an email from an external source which asks for details on the company's new product line set for release in one month. The user has a detailed spec sheet but it is marked "Internal Proprietary Information". Which of the following should the user do NEXT? A.Contact their manager and request guidance on how to best move forward B.Contact the help desk and/or incident response team to determine next steps C.Provide the requestor with the email information since it will be released soon anyway D.Reply back to the requestor to gain their contact information and call them
B.Contact the help desk and/or incident response team to determine next steps
A victim is logged onto a popular home router forum site in order to troubleshoot some router configuration issues. The router is a fairly standard configuration and has an IP address of 192.168.1.1. The victim is logged into their router administrative interface in one tab and clicks a forum link in another tab. Due to clicking the forum link, the home router reboots. Which of the following attacks MOST likely occurred? A.Brute force password attack B.Cross-site request forgery C.Cross-site scripting D.Fuzzing
B.Cross-site request forgery
Elastic cloud computing environments often reuse the same physical hardware for multiple customers over time as virtual machines are instantiated and deleted. This has important implications for which of the following data security concerns? A.Hardware integrity B.Data confidentiality C.Availability of servers D.Integrity of data
B.Data confidentiality
When implementing fire suppression controls in a datacenter it is important to: A.Select a fire suppression system which protects equipment but may harm technicians. B.Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers. C.Integrate maintenance procedures to include regularly discharging the system. D.Use a system with audible alarms to ensure technicians have 20 minutes to evacuate.
B.Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers.
A security administrator wants to get a real time look at what attackers are doing in the wild, hoping to lower the risk of zero-day attacks. Which of the following should be used to accomplish this goal? A.Penetration testing B.Honeynets C.Vulnerability scanning D.Baseline reporting
B.Honeynets
Which of the following protocols encapsulates an IP packet with an additional IP header? A.SFTP B.IPSec C.HTTPS D.SSL
B.IPSec
A user has unknowingly gone to a fraudulent site. The security analyst notices the following system change on the user's host: Old `hosts' file: 127.0.0.1 localhost New `hosts' file: 127.0.0.1 localhost 5.5.5.5 www.comptia.com Which of the following attacks has taken place? A.Spear phishing B.Pharming C.Phishing D.Vishing
B.Pharming
A security administrator notices large amounts of traffic within the network heading out to an external website. The website seems to be a fake bank site with a phone number that when called, asks for sensitive information. After further investigation, the security administrator notices that a fake link was sent to several users. This is an example of which of the following attacks? A.Vishing B.Phishing C.Whaling D.SPAM E.SPIM
B.Phishing
Which of the following protocols is the security administrator observing in this packet capture? 12:33:43, SRC 192.168.4.3:3389, DST 10.67.33.20:8080, SYN/ACK A.HTTPS B.RDP C.HTTP D.SFTP
B.RDP
Which of the following are Data Loss Prevention (DLP) strategies that address data in transit issues? (Select TWO). A.Scanning printing of documents. B.Scanning of outbound IM (Instance Messaging). C.Scanning copying of documents to USB. D.Scanning of SharePoint document library. E.Scanning of shared drives. F.Scanning of HTTP user traffic.
B.Scanning of outbound IM (Instance Messaging). F.Scanning of HTTP user traffic.
A user casually browsing the Internet is redirected to a warez site where a number of pop-ups appear. After clicking on a pop-up to complete a survey, a drive-by download occurs. Which of the following is MOST likely to be contained in the download? A.Backdoor B.Spyware C.Logic bomb D.DDoS E.Smurf
B.Spyware
A security analyst has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive's laptop they notice several pictures of the employee's pets are on the hard drive and on a cloud storage network. When the analyst hashes the images on the hard drive against the hashes on the cloud network they do not match. Which of the following describes how the employee is leaking these secrets? A.Social engineering B.Steganography C.Hashing D.Digital signatures
B.Steganography
A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 802.1q trunks. Which of the following is MOST likely the reason for the sub-interfaces? A.The network uses the subnet of 255.255.255.128. B.The switch has several VLANs configured on it. C.The sub-interfaces are configured for VoIP traffic. D.The sub-interfaces each implement quality of service.
B.The switch has several VLANs configured on it.
After an assessment, auditors recommended that an application hosting company should contract with additional data providers for redundant high speed Internet connections. Which of the following is MOST likely the reason for this recommendation? (Select TWO). A.To allow load balancing for cloud support B.To allow for business continuity if one provider goes out of business C.To eliminate a single point of failure D.To allow for a hot site in case of disaster E.To improve intranet communication speeds
B.To allow for business continuity if one provider goes out of business C.To eliminate a single point of failure
Which of the following is the BEST reason to provide user awareness and training programs for organizational staff? A.To ensure proper use of social media B.To reduce organizational IT risk C.To detail business impact analyses D.To train staff on zero-days
B.To reduce organizational IT risk
Which of the following is a measure of biometrics performance which rates the ability of a system to correctly authenticate an authorized user? A.Failure to capture B.Type II C.Mean time to register D.Template capacity
B.Type II
Which of the following assets is MOST likely considered for DLP? A.Application server content B.USB mass storage devices C.Reverse proxy D.Print server
B.USB mass storage devices
Which of the following is true about an email that was signed by User A and sent to User B? A.User A signed with User B's private key and User B verified with their own public key. B.User A signed with their own private key and User B verified with User A's public key. C.User A signed with User B's public key and User B verified with their own private key. D.User A signed with their own public key and User B verified with User A's private key.
B.User A signed with their own private key and User B verified with User A's public key.
Which of the following utilities can be used in Linux to view a list of users' failed authentication attempts? A.badlog B.faillog C.wronglog D.killlog
B.faillog
Digital Signatures provide which of the following? A. Confidentiality B. Authorization C. Integrity D. Authentication E. Availability
C. Integrity
A company with a US-based sales force has requested that the VPN system be configured to authenticate the sales team based on their username, password and a client side certificate. Additionally, the security administrator has restricted the VPN to only allow authentication from the US territory. How many authentication factors are in use by the VPN system? A.1 B.2 C.3 D.4
C.3
A user ID and password together provide which of the following? A.Authorization B.Auditing C.Authentication D.Identification
C.Authentication
The Chief Information Officer (CIO) is concerned with moving an application to a SaaS cloud provider. Which of the following can be implemented to provide for data confidentiality assurance during and after the migration to the cloud? A.HPM technology B.Full disk encryption C.DLP policy D.TPM technology
C.DLP policy
A security administrator notices that a specific network administrator is making unauthorized changes to the firewall every Saturday morning. Which of the following would be used to mitigate this issue so that only security administrators can make changes to the firewall? A.Mandatory vacations B.Job rotation C.Least privilege D.Time of day restrictions
C.Least privilege
In order for network monitoring to work properly, you need a PC and a network card running in what mode? A.Launch B.Exposed C.Promiscuous D.Sweep
C.Promiscuous
Which of the following should be performed to increase the availability of IP telephony by prioritizing traffic? A.Subnetting B.NAT C.Quality of service D.NAC
C.Quality of service
A recent intrusion has resulted in the need to perform incident response procedures. The incident response team has identified audit logs throughout the network and organizational systems which hold details of the security breach. Prior to this incident, a security consultant informed the company that they needed to implement an NTP server on the network. Which of the following is a problem that the incident response team will likely encounter during their assessment? A.Chain of custody B.Tracking man hours C.Record time offset D.Capture video traffic
C.Record time offset
A company has purchased an application that integrates into their enterprise user directory for account authentication. Users are still prompted to type in their usernames and passwords. Which of the following types of authentication is being utilized here? A.Separation of duties B.Least privilege C.Same sign-on D.Single sign-on
C.Same sign-on
A periodic update that corrects problems in one version of a product is called a A.Hotfix B.Overhaul C.Service pack D.Security update
C.Service pack
A security administrator is concerned about the strength of user's passwords. The company does not want to implement a password complexity policy. Which of the following can the security Administrator implement to mitigate the risk of an online password attack against users with weak passwords? A.Increase the password length requirements B.Increase the password history C.Shorten the password expiration period D.Decrease the account lockout time
C.Shorten the password expiration period
A system administrator has noticed vulnerability on a high impact production server. A recent update was made available by the vendor that addresses the vulnerability but requires a reboot of the system afterwards. Which of the following steps should the system administrator implement to address the vulnerability? A.Test the update in a lab environment, schedule downtime to install the patch, install the patch and reboot the server and monitor for any changes B.Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the patch, and monitor for any changes C.Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the update, reboot the server, and monitor for any changes D.Backup the server, schedule downtime to install the patch, installs the patch and monitor for any changes
C.Test the update in a lab environment, backup the server, schedule downtime to install the patch, install the update, reboot the server, and monitor for any changes
Company employees are required to have workstation client certificates to access a bank website. These certificates were backed up as a precautionary step before the new computer upgrade. After the upgrade and restoration, users state they can access the bank's website, but not login. Which is the following is MOST likely the issue? A.The IP addresses of the clients have change B.The client certificate passwords have expired on the server C.The certificates have not been installed on the workstations D.The certificates have been installed on the CA
C.The certificates have not been installed on the workstations
A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another? A.Implement a virtual firewall B.Install HIPS on each VM C.Virtual switches with VLANs D.Develop a patch management guide
C.Virtual switches with VLANs
A program has been discovered that infects a critical Windows system executable and stays dormant in memory. When a Windows mobile phone is connected to the host, the program infects the phone's boot loader and continues to target additional Windows PCs or phones. Which of the following malware categories BEST describes this program? A.Zero-day B.Trojan C.Virus D.Rootkit
C.Virus
Purchasing receives an automated phone call from a bank asking to input and verify credit card information. The phone number displayed on the caller ID matches the bank. Which of the following attack types is this? A.Hoax B.Phishing C.Vishing D.Whaling
C.Vishing
A company hires outside security experts to evaluate the security status of the corporate network. All of the company's IT resources are outdated and prone to crashing. The company requests that all testing be performed in a way which minimizes the risk of system failures. Which of the following types of testing does the company want performed? A.Penetration testing B.WAF testing C.Vulnerability scanning D.White box testing
C.Vulnerability scanning
The Chief Information Officer (CIO) wants to implement a redundant server location to which the production server images can be moved within 48 hours and services can be quickly restored, in case of a catastrophic failure of the primary datacenter's HVAC. Which of the following can be implemented? A.Cold site B.Load balancing C.Warm site D.Hot site
C.Warm site
A network administrator has recently updated their network devices to ensure redundancy is in place so that: A.switches can redistribute routes across the network. B.environmental monitoring can be performed. C.single points of failure are removed. D.hot and cold aisles are functioning.
C.single points of failure are removed.
RADIUS provides which of the following? A. Authentication, Authorization, Availability B. Authentication, Authorization, Auditing C. Authentication, Accounting, Auditing D. Authentication, Authorization, Accounting
D. Authentication, Authorization, Accounting
Which of the following is true about asymmetric encryption? A.A message encrypted with the private key can be decrypted by the same key B.A message encrypted with the public key can be decrypted with a shared key. C.A message encrypted with a shared key, can be decrypted by the same key. D.A message encrypted with the public key can be decrypted with the private key.
D.A message encrypted with the public key can be decrypted with the private key.
A security administrator plans on replacing a critical business application in five years. Recently, there was a security flaw discovered in the application that will cause the IT department to manually re-enable user accounts each month at a cost of $2,000. Patching the application today would cost $140,000 and take two months to implement. Which of the following should the security administrator do in regards to the application? A.Avoid the risk to the user base allowing them to re-enable their own accounts B.Mitigate the risk by patching the application to increase security and saving money C.Transfer the risk replacing the application now instead of in five years D.Accept the risk and continue to enable the accounts each month saving money
D.Accept the risk and continue to enable the accounts each month saving money
While rarely enforced, mandatory vacation policies are effective at uncovering: A.Help desk technicians with oversight by multiple supervisors and detailed quality control systems. B.Collusion between two employees who perform the same business function. C.Acts of incompetence by a systems engineer designing complex architectures as a member of a team. D.Acts of gross negligence on the part of system administrators with unfettered access to system and no oversight.
D.Acts of gross negligence on the part of system administrators with unfettered access to system and no oversight.
The IT department has setup a share point site to be used on the intranet. Security has established the groups and permissions on the site. No one may modify the permissions and all requests for access are centrally managed by the security team. This is an example of which of the following control types A.Rule based access control B.Mandatory access control C.User assigned privilege D.Discretionary access control
D.Discretionary access control
Which of the following controls can be used to prevent the disclosure of sensitive information stored on a mobile device's removable media in the event that the device is lost or stolen? A.Hashing B.Screen locks C.Device password D.Encryption
D.Encryption
Which of the following security concepts identifies input variables which are then used to perform boundary testing? A.Application baseline B.Application hardening C.Secure coding D.Fuzzing
D.Fuzzing
A system administrator needs to ensure that certain departments have more restrictive controls to their shared folders than other departments. Which of the following security controls would be implemented to restrict those departments? A.User assigned privileges B.Password disablement C.Multiple account creation D.Group based privileges
D.Group based privileges
Which of the following is BEST carried out immediately after a security breach is discovered? A.Risk transference B.Access control revalidation C.Change management D.Incident management
D.Incident management
Which of the following security awareness training is BEST suited for data owners who are concerned with protecting the confidentiality of their data? A.Social networking use training B.Personally owned device policy training C.Tailgating awareness policy training D.Information classification training
D.Information classification training
Users are unable to connect to the web server at IP 192.168.0.20. Which of the following can be inferred of a firewall that is configured ONLY with the following ACL PERMIT TCP ANY HOST 192.168.0.10 EQ 80 PERMIT TCP ANY HOST 192.168.0.10 EQ 443 A.It implements stateful packet filtering. B.It implements bottom-up processing. C.It failed closed. D.It implements an implicit deny.
D.It implements an implicit deny.
An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the following authentication services should be used on this port by default? A.RADIUS B.Kerberos C.TACACS+ D.LDAP
D.LDAP
An attacker attempted to compromise a web form by inserting the following input into the username field: admin)(|(password=*)) Which of the following types of attacks was attempted? A.SQL injection B.Cross-site scripting C.Command injection D.LDAP injection
D.LDAP injection
Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks? A.Protocol filter B.Load balancer C.NIDS D.Layer 7 firewall
D.Layer 7 firewall
The IT department has setup a website with a series of questions to allow end users to reset their own accounts. Which of the following account management practices does this help? A.Account Disablements B.Password Expiration C.Password Complexity D.Password Recovery
D.Password Recovery
Encryption of data at rest is important for sensitive information because of which of the following? A.Facilitates tier 2 support, by preventing users from changing the OS B.Renders the recovery of data harder in the event of user password loss C.Allows the remote removal of data following eDiscovery requests D.Prevents data from being accessed following theft of physical equipment
D.Prevents data from being accessed following theft of physical equipment
Which of the following must be kept secret for a public key infrastructure to remain secure? A.Certificate Authority B.Certificate revocation list C.Public key ring D.Private key
D.Private key
A software development company wants to implement a digital rights management solution to protect its intellectual property. Which of the following should the company implement to enforce software digital rights? A.Transport encryption B.IPsec C.Non-repudiation D.Public key infrastructure
D.Public key infrastructure
An administrator notices that former temporary employees' accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from happening? A.Implement a password expiration policy. B.Implement an account expiration date for permanent employees. C.Implement time of day restrictions for all temporary employees. D.Run a last logon script to look for inactive accounts
D.Run a last logon script to look for inactive accounts
Which of the following protocols uses TCP instead of UDP and is incompatible with all previous versions? A.TACACS B.XTACACS C.RADIUS D.TACACS+
D.TACACS+
Which of the following should be enabled in a laptop's BIOS prior to full disk encryption? A.USB B.HSM C.RAID D.TPM
D.TPM
Datacenter access is controlled with proximity badges that record all entries and exits from the datacenter. The access records are used to identify which staff members accessed the data center in the event of equipment theft. Which of the following MUST be prevented in order for this policy to be effective? A.Password reuse B.Phishing C.Social engineering D.Tailgating
D.Tailgating
Review the following diagram depicting communication between PC1 and PC2 on each side of a router. Analyze the network traffic logs which show communication between the two computers as captured by the computer with IP 10.2.2.10. DIAGRAM PC1 PC2 [192.168.1.30]--------[INSIDE 192.168.1.1 router OUTSIDE 10.2.2.1]----- ----[10.2.2.10] LOGS 10:30:22, SRC 10.2.2.1:3030, DST 10.2.2.10:80, SYN 10:30:23, SRC 10.2.2.10:80, DST 10.2.2.1:3030, SYN/ACK 10:30:24, SRC 10.2.2.1:3030, DST 10.2.2.10:80, ACK Given the above information, which of the following can be inferred about the above environment? A.192.168.1.30 is a web server. B.The web server listens on a non-standard port. C.The router filters port 80 traffic. D.The router implements NAT.
D.The router implements NAT.
Which of the following is a hardware-based security technology included in a computer? A.Symmetric key B.Asymmetric key C.Whole disk encryption D.Trusted platform module
D.Trusted platform module
After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the following is the term used to describe these markings? A.IV attack B.War dialing C.Rogue access points D.War chalking
D.War chalking
A system administrator is responding to a legal order to turn over all logs from all company servers. The system administrator records the system time of all servers to ensure that: A.HDD hashes are accurate. B.the NTP server works properly. C.chain of custody is preserved. D.time offset can be calculated.
D.time offset can be calculated.
After a recent internal audit, the security administrator was tasked to ensure that all credentials must be changed within 90 days, cannot be repeated, and cannot contain any dictionary words or patterns. All credentials will remain enabled regardless of the number of attempts made. Which of the following types of user account options were enforced? (Select TWO). A.Recovery B.User assigned privileges C.Lockout D.Disablement E.Group based privileges F.Password expiration G.Password complexity
F.Password expiration G.Password complexity