501 Security Plus
_____ provide specific advice on how to accomplish a given task or activity
guidlines
The approach to risk that involves taking steps to reduce the risk is ??
mitigation
Which device stores information about destinations in a network( choose the best answer)? a. Hub b. Modem c. Firewall d. router
d. router
Ahmed has been working to mitigate the threat of malware in his network. he has selected a specific vendor ( Vendor ABC ) for his antivirus software. he is using ABC products everywhere he needs antivirus software. Is this the correct decision? Why or Why not? a. Yes, consistency is more secure b. Yes, this will make the process more affordable c. No, this violates control diversity d. No, this violates vendor diversity
d. vendor diversity
The risk assessment component, in conjunction with the ____ , provides the organization with an accurate picture of the situation facing it? a. RAC b. ALE c. BIA d. RMG
c. Business Impact Analysis
Which of the following work by decrypting encrypted traffic (SSL or TLS), inspecting it, and the re-encrypting it before sending it on to its destination? a. SSL filters b. SSL gateways c. SSL accelerators d. SSL decryptors
d. SSL decryptors
To combat the problem described in Question 71(Loops) , which of the following technologies enable Bridge/Switch interfaces to be assigned a value that is then used to control the learning process and prevent problems ? a. ESSID b. SSID c. BRD d. STP
d. STP (spanning tree protocol)
you have added a new child domain to your network. As a result of this, the child has adopted all of the trust relationships with other domains in the forest that existed for its parent domain. What is responsible for this? a. LDAP access b. XML access c. Fussing access d. Transitive access
d. Transitive access
What technology is used to simplify network set up by allowing a router to have the administrator push a button on it to allow a new host to join? a. WEP b. WPA c. WTLS d. WPS
d. WPS (Wi-Fi protected set-up)
Which of the following types of attacks involves the sending of unsolicited messages over a Bluetooth connection? a. bluesmurfing b. bluesnarfing c. bluewhaling d. bluejacking
d. bluejacking
Which problem can occur when more than one bridge or switch is implemented on the network, and the devices confuse each other by leading one another to believe that a host is located on a certain segment when its not? a. backdoors b. dead zones c. collisions d. loops
d. loops
which of the following strategies involves sharing some of the risk burden with someone else, such as an insurance company? a. risk acceptance b. risk avoidance c. risk deterrence d. risk mitigation e. risk transference
e.
______ and ____ set a standard of expectation in an organization
policies and guidlines
The process of implementing and maintaining a secure network must first be addressed from a ______ , _______and _______ perspective.
policies, standards and guidlines
How do you calculate risk?
qualitatively ( subjective) quantitatively ( objective )
RAID stands for
redundant array of independent disks
____ tell people what is expected
standards
Name the three (3) categories of control types
1. technical 2. Mangaement 3. Operational
define SLE
Single Loss Expectancy
In RAID Level 1 what is the difference between mirroring and duplexing ?
duplexing includes multiple controllers
Ahmed has been directed to ensure that LDAP on his network is secure. LDAP is an example of which of the following? A. Discretionary Access Control b. IDS c. Tiered model application development environment d. file server
A. Discretionary Access Control
You've been notified that you'll soon be transferred to another site. Before you leave, you're to audit the network and document everything in use and the reason why it's in use. The next administrator will use this documentation to keep the network running. Which of the following protocols isn't a tunneling protocol but is probably used at your site by tunneling protocols for network security? A. IPsec b. PPTP c. L2TP d. L2F
A. IPsec
You are the chief security contact for MTS. One of your primary tasks is to document everything related to security and to create a manual that can be used to manage the company in your absence. Which documents should be referenced in your manual as the ones that identify the methods used to accomplish a given task?? a. Policies b. standards c. Guidelines d. BIA
Guidlines
______ risk calculations assign dollar amounts and the basic formula is ______
Quantitative / SLE x ARO + ALE
RAID level ___ does not include any fault tolerance
RAID Level 0
RAID Level __ can be implemented as mirroring or duplexing.
RAID Level 1
RAID Level __ is known as disk stripping woih parity
RAID Level 5
The asset value of your company's primary servers is $2 Million, they are housed in a single office building in Anderson, Indiana. Field offices are scattered throughout the United States, but the work stations located at the field offices serve as thin clients and access data from the Anderson Servers. Tornados in this part of the country are not uncommon, and it is estimated that one will level the building every 60 years. Which of the following is a SLE for this scenario? a. $2 million b. $1 million c. $500,000 d. $33,333.33 e. $16,666.67
a.
The asset value of your company's primary servers is $2 Million, they are housed in a single office building in Anderson, Indiana. Field offices are scattered throughout the United States, but the work stations located at the field offices serve as thin clients and access data from the Anderson Servers. Tornados in this part of the country are not uncommon, and it is estimated that one will level the building every 60 years. Which of the following is the ARO for this scenario?? A. 0.0167 b. 1 c. 5 d. 16.7 e. 60
a.
Which of the following policies are designed to reduce the risk of fraud and prevent other losses in an organization?? a. Separation of Duties b. Acceptable use c. Least Privilege d. Physical access control
a.
Which of the following strategies necessitates an identified risk that those involved understand the potential cost/damage and agree to live with it? A. Risk Acceptance B. Risk Avoidance C. Risk Transference D. Risk Mitigation
a.
if you calculate SLE to be $25,000 and that there will be one occurrence every four (4) years (ARO), then what is the ALE ? A. $6250 b. $12,000 c. $25,000 d. $100,000
a.
What is the size of the wrapper TKIP places around the WEP encryption with a key that is based on things such as the MAC address of your machine and the serial number of the packet? a. 128-bit b. 64-bit c. 56-bit d. 12-bit
a. 128-bit
Which type of load balancing configuration means that more than one load balancing server is working at all times to handle the load/requests as they come in? a. Active-Active b. Cooperative-sharing c. equal-partner d. Proactive-colleague
a. Active-Active
You are concerned about your backup files becoming infected with malware. Which of the following technologies would be best to protect your backup? a. Air-gap b. SPI firewall c. DMZ d. VLAN
a. Air-gap
The present method of requiring access to be strictly defined on every object is proving too cumbersome for your environment. The edict has come down from upper management that access requirements should be slightly reduced. Which access model allows users some flexibility for information - sharing purposes a. DAC b. MAC c. RBAC d. MLAC
a. DAC (discretionary access control)
What is a system that is intended or designed to be broken into by an attacker? a. Honeypot b. Honey bucket c. Decoy d. Spoofing system e. Deleted if the employee has been terminated
a. Honeypot
Upper management has suddenly become concerned about security. As the senior network administrator, you are tasked to suggest changes that should be implemented. Which of the following access methods should you recommend if the technique to be used is one that is primarily based on pre-established access and can't be changed by users a. MAC b. DAC c. RBAC d. Kerberos
a. MAC (mandatory access control)
Which AP-based technology can increase security dramatically by allowing or denying access based on a client's physical address? a. MAC filtering b. UTM (unified threat management) c. Round Robin d. WORM
a. MAC filtering
After a careful risk analysis, the value of your company's data has been increased. Accordingly, you're expected to implement authentication solutions that reflect the increased value of the data. Which of the following authentication methods uses more than one authentication process for a logon? a. Multifactor b. Biometrics c. Smartcard d. Kerberos
a. Multifactor
What technology is used to send data between phones that are in close proximity to each other? a. NFC b. iBi c. IBJ d. IFNC
a. NFC (near field communication)
____ hardening is making the __ as secure as you can before adding in antivirus, firewalls, and so forth? a. OS (operating system) b. iOS c. VPN ( virtual private network)
a. OS (operating system)
What type of attack captures portions of a session to play back later to convince a host that it is still talking to the original connection? a. Replay b. Echo c. Duplication d. Reprise
a. Replay
Jarrod is evaluating web-based, single sign on solutions. Which of the following technologies is most associated with web page authorization? a. SAML b. PIV c. CHAP d. RBAC
a. SAML
Which of the following can be used to offload the public-key encryption to a separate hardware plug-in card? a. SSL accelerator b. Load Balancer c. Proxy firewall d. SIEM
a. SSL accelerator
An IV attack is usually associated with which of the following wireless protocols? a. WEP b. WAP c. WPA d. WPA2
a. WEP
Juanita is the security administrator for a large university. She is concerned about copyright issues and wants to ensure that her university does not violate copyrights. What would be her main concern regarding unauthorized software? a. it might be copyrighted b. It might e used to circumvent copyright protection c. that should not be a copyright concern d. it is no a concern if she has a least one license for the software
a. it might be copyrighted
Upper Management has decreed that a firewall must be put in place immediately, before your site suffers an attack similar to on that struck a sister company. Responding to this order, your boss instructs you to implement a packet filter by the end of the week. A packet filter performs which function? a. prevents unauthorized packets from entering the network b. Allows all packets to leave the network c. allows all packets to enter the network d. eliminates collisions on the network.
a. prevents unauthorized packets from entering the network
Dennis has implemented an authentication system that uses a password, a pin, and the user's birthday. What best describes this? a. single factor b. two factor c. three factor d. strong authentication
a. single factor
With which tunnel configuration are only some (usually all incoming) requests routed and encrypted over the VPN? a. split b. full c. partial d. hybrid
a. split
which of the following are multiport devices that improve network efficiency? a. switches b. modems c. gateways d. concentrators
a. switches
Which network devices are used to divide larger networks into smaller sections by sitting between two physical network segments and managing the flow of the data between the two ? a. Accelerators b. Proxies c. Bridges d. Balancer's
c. Bridges
Your company provides medical data to doctors from a worldwide database. Because of the sensitive nature of the data, its imperative that authentication be reestablished on each session and be valid only for that session. Which of the following authentication methods provides credentials that are valid during a single session? a. tokens b. certificate c. smartcard d. Kerberos
a. tokens
The approach to risk that involves living with the risk is ?
acceptance
Define ALE
annual loss expectancy
define ARO
annualized rate of occurance
The approach to risk that invovles not engaging in tthat activity is ?
avoidance
a _______ is a system used to gather information or designed to be broken a. Honey Net b. Honey Pot c. ISO d. NIST
b Honey Pot
Which of the following policies describes how the employers in an organization can use company systems and resources, both software and hardware? a. separation of duties b. acceptable usage c. least privilege d. physical access control
b.
Which of the following policy statements may include an escalation contact in the event that the person dealing with a situation needs to know who to contact? a. scope b. exception c. overview d. accountability
b.
Which of the following strategies involves identifying a risk and making the decision to discontinue engaging in the action a. risk acceptance b. risk avoidance c. risk mitigation d. risk transference
b.
What is the size of the initialization vector(IV) that WEP uses for encryption? a. 6-bit b. 24-bit c. 56-bit d. 128-bit
b. 24-bit
In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization? a. Supervisor b. Administrator c. Root d. Director
b. Administrator
____ systems are used to gather evidence in an investigation and to study attack strategies. a. Honey Net b. Honey Pot c. ISO d. NIST
b. Honey Pot
Which device monitors network traffic in a passive manner ? a. Sniffer b. IDS c. Firewall d. Web browser
b. IDS
You have been assigned to mentor a junior administrator and bring her up to speed quickly. The topic you're currently explaining is authentication. Which method uses a KDC(key distribution center) to accomplish authentication for users, programs, or systems? a. CHAP b. Kerberos c. Biometrics d. Smartcards
b. Kerberos
Which of the following technologies is used to identify and track tags attached to objects? A. NFC b. RFID c. IV d. DSC
b. RFID (radio frequency ID)
As more and more clients have been added to your network, the efficiency of the network has decreased significantly. You're preparing a budget for next year, and you specifically want to address this problem. Which of the following devices acts primarily as a tool to improve network efficiency? a. hub b. Switch c. Router d. PBX
b. Switch
Which of the following is a chip that can store cryptographic keys, passwords, or certificates? a. HMP b. TPM c. MTP d. PMH
b. TPM (trusted platform module)
John is a network administrator for ACME company. He is trying to explain least privileges to a new technician. which of the following is the basic premise of least privilege? a. Always assign responsibilities to the administrator who has the minimum permissions required. b. When assigning permissions, give users only the permissions they need to do their work and no more. c. regularly review user permissions and take away one that they currently have to see if they will complain or even notice that it is missing d. Do not give management more permissions than users
b. When assigning permissions, give users only the permissions they need to do their work and no more.
With which type of load balance scheduling is the first client request sent to the first group of servers, the second is sent to the second, and so on? a. affinity b. round-robin c. sequential d. progressive
b. round-robin
If you calculate the SLE to be $4000 and that there will be 10 occurences a year (ARO)then the ALE is ; a. $400 b. $4000 c. $40,000 d. $400,000
c.
Separation of duties helpsto prevent an individual from embezzling money from a company. To embezzle funds successfully, an individual would need to recruit others to commit an act of _______ (an agreement) between two or more partes established for the purpose of committing deception of (fraud). a. misappropriation b. misuse c. collusion d. fraud
c.
Which of the following is the structured approach that is followed to secure a company's assets? a. audit management b. incident management c. Change management d. skill management
c.
Which of the following policies should be used when assigning permissions, giving users onluy the permissions they need to do their work and no more ? A. separation of duties b. acceptable useage c. Least privilege d. physical access control
c.
Which standard defines port-based security for wireless network access control? a. 802.1n b. 802.1g c. 802.1x d. 802.1s
c. 802.1x
You are a junior security administrator for a large bank. You have been asked to make the database servers as secure as they can be. the process of making certain that an entity (operating system, application, and so on) is as secure as it can be is known as which of the following ?? a. Stabilizing b. Reinforcing c. Hardening d. Toughening
c. Hardening
Terrance is examining an authentication system that was developed at MIT and uses tickets for authentication. What system is Terrance most likely examining? a. CHAP b. MS-CHAP c. Kerberos d. OATH
c. Kerberos
Melissa is planning on implementing biometric authentication on her network. Which of the following should be a goal for any biometric solution she selects?? a. high FRR, low FAR b. High FAR, low FRR c. Low CER d. High CER
c. Low CER ( cross-over error rate)
Which of the following is the term used whenever two or more parties authenticate each other? a. SSO b. Multifactor authentication c. Mutual authentication d. Tunneling
c. Mutual authentication
Tom has been instructed to find a security standard, applicable to the United States, that will help him develop appropriate security policies. He has found a standard that describes 8 principles and 14 practices that can be used to develop security policies. What standard is Tom most likely reviewing? a. ISO/IEC 27001:2013 b. NIST 800-12 c. NIST 800-14 d. ISA/IEC-62443 4
c. NIST 800-14
John is working on designing a network for the insurance company where he is employed. he wants to put the web server in an area that has somewhat less security so that outside users might access it. But he does not want to compromise the security of the rest of the network. What would be John's best approach? a. Place the web server in a honey net b. Place the web server on the guest network segment c. Place the web server in a DMZ d. Place the web server outside his network
c. Place the web server in a DMZ
Your office administrator is being trained to perform server backups. Which access control method would be ideal for this situation? a. MAC b. DAC c. RBAC d. security Tokens
c. RBAC (role based access control)
In which two modes can IPsec work? a. Tunneling and Storing b. Transport and Storing c. Tunneling and Transport d. At-Rest and At- Ease
c. Tunneling and Transport
Which of the following protections implies that information, once written, cannot be modified ? a. DLP b. ROM c. WORM d. NAC
c. WORM (write once read many)
Which of the following agreements contains the technical information regarding the technical and security requirements of the interconnections between two or more organizations? a. BPA b. MOA c. ISA d. MOU
c. interconnection Security Agreement
Which of the following can be implemented as a software or hardware solution and is usually associated with a device - a router, a firewall, NAT, and so on - used to shift a load from one device to another? a. Proxy b. hub c. load balancer d. switch
c. load balancer
Which of the following devices is the MOST capable of providing infrastructure security; a. Hub b. switch c. router d. modem
c. router
A periodic update that corrects problems in one version of a product is called? a. Hotfix b. Overhaul c. Service pack d. Security update
c. service pack
John is trying to determine the origin of an email. He has captured the email headers and knows the IP address of the originating email server. What command would show John the complete path to that IP address? a. ping -a b. arp c. tracert d. nslookup
c. tracert ( traceroute)
The asset value of your company's primary servers is $2 Million, they are housed in a single office building in Anderson, Indiana. Field offices are scattered throughout the United States, but the work stations located at the field offices serve as thin clients and access data from the Anderson Servers. Tornados in this part of the country are not uncommon, and it is estimated that one will level the building every 60 years. Which of the following amounts is the ALE for this scenario?? a. $2milliion b. $1 million c. $500,000 d. $33,333.33 e. $16,666.67
d
What is the term used for events that were mistakenly flagged although they weren't truly events about which to be concerned? a. Fools gold b. non-incidents c. error flags d. false positives
d.
Which of the following policy statements should address who is responsible for ensuring that the policy is enforced? a. Scope b. Exception c. Overview d. Accountability
d.
Which of the following strategies is accomplished any time you take steps to redice risk?? A. Risk Acceptance b. Risk Avoidance c. risk transference d. risk mitigation
d.
you are a network administrator for ACME Corporation. You want to implement a new access control mechanism. The mechanism you are considering takes into account the entire environments/scenario of the access request. What does this describe?? a. MAC b. DAC c. RBAC d. ABAC
d. ABAC ( attribute based authentication)
Which of the following is a type of smartcard issued by the Department of Defense as a general identification/authentication card for military personnel, contractors, and non-DOD employees? a. PIV b. POV c. DLP d. CAC
d. CAC
You are working a security administrator for a small financial institution. you want to use an authentication method that will periodically reauthenticate clients. Which protocol is best suited for this?? A. PAP b. SPAP c. Kerberos d. CHAP
d. CHAP
Which IDS system uses algorithms to analyze the traffic passing through the network? a. arithmetical b. Algebraic c. statistical d. Heuristic
d. Heuristic
Juanita is implementing a security mechanism that will fully encrypt the hard drive of laptops in her organization. The encryption and decryption will be automatic. what best describes what Juanita is implementing? a. AES b. TPM c. FDE d. SED
d. SED (self encrypting drive)
The approach to risk that makes you THINK INSURANCE is?
transference