Midterm
You have conducted a risk analysis to protect a key company asset. You identify the following key values: Asset Value = $400 Exposure Factor = 25% Annualized Rate of Occurrence = 25% Remember the formulas: SLE = AV X EF ALE = SLE X ARO What is the Annualized Loss Expectancy (ALE)? $75 $300 $100 $25
$25
If SLE is calculated at $2,500 and there are an anticipated 4 occurrences a year (ARO), then ALE is: $10,000 $2,500 $5,000 $625
$625
As it relates to security zones, which of the following can serve as a buffer network between a private secured network and the untrusted Internet? Extranet Intranet DMZ Padded cell
DMZ
What should you do to a user account if the user goes on an extended vacation? Remove all rights from the account Monitor the account more closely Delete the account Disable the account
Disable the account
Which of the following is an attack in which the intruder sends a frame to the AP with a spoofed address to make it look like it came from the victim and disconnects them from the network? Tcpdump Disassociation Back orifice Defragmentation Attack
Disassociation
Servers or computers that have two NIC cards, each connected to separate networks, are known as what type of computers? Protected Routed You Answered Firewalled Dual-homed
Dual-homed
Which of the following RAID configurations could not sustain data availability if one disk failed? RAID 1 RAID 3 RAID 0 RAID 5
RAID 0
Which access control method model grants rights or privileges based on their job function or position held? DAC RBAC MAC CAC
RBAC
A user has just authenticated using Kerberos. Which object is issued to the user immediately following login? Client access ticket Digital signature Digital certificate Ticket granting
Ticket granting
To reduce risk, your organization has decided to move the on-premise data center to Google Cloud and have them manage the asset . What type of risk strategy is this? Conveyance Transformation Transference Devolution
Transference
You have a situation where Server A trusts Server B and Server B trusts Server C. Due to these trust relationships, Server A now trusts Server C, what is this called? Transformative access Transitive access Reverse engineering LDAP access
Transitive access
To prevent files from being copied on a workstation to removable media, you should disable which ports? Serial FireWire USB PS/2
USB
You are trying to determine the origin of an email. You captured an email header and you have the source IP address of the email in question. Which command would you use to determine the domain the IP address belongs? ping -t arp -a nslookup digdug
nslookup
Which of the following is true regarding risk analysis? The less people that are involved in a risk analysis the better Don't implement a countermeasure if the cost is greater than the loss Exposure factor is the percent of the asset lost from an unsuccessful threat attack The value of an asset is the worth of a resource to the organization excluding qualitative values
Don't implement a countermeasure if the cost is greater than the loss
What is the term used for events that were mistakenly flagged by an intrusion detection system (IDS) although upon investigation, they weren't truly security events that needed any attention? False negative False rejection False positive Non-incident
False positive
What is the main function of a TPM hardware chip? Generate and store cryptographic keys Perform bulk encryption in a hardware processor Control access to removable media Provide authentication on a hardware device
Generate and store cryptographic keys
Which of the following wireless technologies is used to identify and track tags attached to objects? NFC RFID Initialization Vector SSID Broadcast
RFID
What type of inspections occurs at all levels of the network and provide additional security using a state table that tracks every communications channel? Stateful Classless Classful Stateless
Stateful
Which access control method model allows the owner of a resource to grant privileges to information they own? RBAC MAC DAC CAC
DAC
An organization has had confidential data removed by unscrupulous employees within the organization. They want to implement a technology to help prevent data exfiltration. What technology should they implement? ACL NAT DMZ DLP
DLP
Which of the following attempts to detect exfiltration of data? TPM EAL DLP HSM
DLP
You have been asked to implement a RAID 5 solution for your network. What is the minimum number of hard disks that can be used to configure RAID 5? 1 2 3 5
3
Which of the following IEEE 802.11 wireless standards provides the greatest speed? 802.11b 802.1x 802.11a 802.11n
802.11n
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped? VNC IPSec RDP ACL
ACL
Which of the following policy statements should address who is responsible for ensuring that the policy is enforced? Accountability Scope Overview Exception
Accountability
What is the process called when you reduce security exposure and tighten security controls? Social engineering Passive reconnaissance Hardening Active scanning
Answer Hardening
You provide IT security services for a local middle school. You have been asked by school administration for a firewall solution that can control Internet access based on user and prevent access to specific URLs. Which type of firewall should you install? Application level IPS Packet filtering Circuit-level
Application level
What is the most common VPN encryption protocol? AES RC4 IPSec PPP
IPSec
Which of the following is not a routing protocol? ICMP RIP BGP OSPF
BGP
Which of the following terms is used to reference the unauthorized access of data on a device over a Bluetooth connection? Bluejacking Bluesnarfing Blueface Whitelisting
Bluesnarfing
Separation of duties polices are designed to reduce the risk of what? Turnover Fraud Burn Breach of confidentiality
Breach of confidentiality
Which of the following is they type of smartcard issued by the Department of Defense (DoD) as a general identification/authentication card for military personnel, contractors, and non-DoD employees? ARP DLP PIV CAC
CAC
You want to connect your small company network to the Internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate a connect to internal hosts. What type of network address translation (NAT) should you implement? Allied Dynamic Restricted Static
Dynamic
Which of the following protocols provides data encryption for IPSec? AH ESP AES SSL
ESP
What is one of the biggest security risks associated with virtualization? Web browsing on a virtual machine is always anonymous Hacking the hypervisor to access the other virtual machines There is no antivirus for virtual machines You can't patch a virtual machine
Hacking the hypervisor to access the other virtual machines
Which IDS systems uses algorithms to analyze the traffic passing through the network? Signature-Based Statistical Heuristic Geometrical
Heuristic
Wireless Ethernet conforms to which IEEE standard? IEEE 1394 IEEE 802.3 IEEE 802.1X IEEE 802.11
IEEE 802.11
Which of the following specifications identify security that can be added to wireless networks? IEEE 802.3 IEEE 802.11i IEEE 802.2 IEEE 1394
IEEE 802.11i
Which standard defines port-based security for wireless network access control? IEEE 802.1x IEEE 802.11a IEEE 802.11n IEEE 802.11ac
IEEE 802.1x
Which of the following is true regarding LDAP? It is a directory access protocol It is built on the X.209 directory structure It stands for Lightweight Dynamic Access Protocol It is a file server
It is a directory access protocol
Which authentication method uses a key distribution center (KDC)? CHAP Identification and authentication Kerberos Login and authentication
Kerberos
Which of the following is not a tunneling protocol? IPSec PPTP L2TP L2FT
L2FT
When assigning permissions to users, which principle should you adhere to? Least privilege Eminent domain Risk deterrence Absolute power corrupts absolutely
Least privilege
Which access control model is a static model that uses predefined access privileges for resources that are assigned by the administrator? DAC CAC RBAC MAC
MAC
Which type of risk strategy is undertaken when you attempt to reduce the risk? Avoidance Assessment Transference Mitigation
Mitigation
Which of the following is a common method for authorizing websites or applications to access information? PAP SPAP CHAP OATH aka OAuth
OATH aka OAuth
Which of the following authentication protocols transmits the password in cleartext and therefore is not secure? PAP RADIUS CHAP EAP
PAP
Which of the following types of firewalls will pass or block packets based on their IP address and TCP port number? You Answered Stateful inspection Proxy Dual-homed Packet filter
Packet filter
You are concerned that an internal employee might set up an unauthorized AP on your network and create a serious security vulnerability. Which of the following is the best method to use to detect rogue AP's? Perform a site survey Anonymous surveys to employees Sniff traffic using a wired protocol analyzer program Do nothing and accept the risk
Perform a site survey
Which of the following deals with a specific issue or aspect of a business and it should provide enough detail so that it could be audited to verify it is being followed.
Policy
Which of the following is not one of the three ways to implement cloud computing? Software as a Service Program as a Service Platform as a Service Infrastructure as a Service
Program as a Service
What is the most effective way to improve or enforce security in any environment? Enforcing account lockout Providing user-awareness training Disabling Internet access Requiring two-factor authentication
Providing user-awareness training
Which of the following best describes the concept of due care or due diligence? Reasonable precautions based on industry best practices are utilized and documented Legal disclaimers are consistently and conspicuously displayed on all systems Security through obscurity is best accomplished by port stealthing Availability supersedes security unless physical harm is likely
Reasonable precautions based on industry best practices are utilized and documented
What is the primary feature that can be designed into a networks infrastructure to protect and support availability? Fiber optic cables Network tap Redundancy Switches instead of hubs
Redundancy
You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device? Change management Resource allocation Acceptable user SLA
Resource allocation
Which of the following is used on a wireless network to identify the network name? SSID IP Address RFID TACACS+ PSK
SSID
What is the switch technology that can help prevent a loop (broadcast storm) when a switch is connected to another switch? STP PAT NAT RDP
STP
If you wanted to connect two networks securely over the Internet, what type of technology could you use? Telnet Bridge Repeater VPN
VPN
Which of the following offers the weakest from of encryption for 802.11 wireless networks? WEP WPA WPAII IEEE 802.11i
WEP
Which of the following wireless security modes would be associated with a RADIUS server? TKIP and preshared keys WPA2 Enterprise Mode WPA2 preshared keys WEP preshared keys
WPA2 Enterprise Mode
Which of the following wireless encryption protocols uses AES? WEP WPA SHA-2 WPAII
WPAII
The network administrator is trying to determine the IP address to MAC address resolutions that have occurred on a Windows 7 based PC. Which command would reveal this information? pathping arp -a tracert netstat
arp -a
Which type of attack is one in which a rogue wireless access point poses with the same SSID as the legitimate access point to intercept information that users transmit? NRZ RADIUS Evil twin Faulty access point
Evil twin
In which two modes can IPSec work? Tunneling and STP Tunneling and Storing Transport and Tunneling Transport and SSH
Transport and Tunneling
Which security mechanism uses a unique list that meets the following specifications: The list is embedded directly in the object itself The list defines which subjects have access to certain objects the list specifies the level or type of access allowed to certain objects User ACL Hashing Mandatory access control Kerberos
User ACL
What is a service level agreement (SLA)? A contract with a legal entity to limit your asset loss liability A guarantee of a specific level of service A guarantee to match the price of any other ISP An agreement to support another company in the event of a disaster
A guarantee of a specific level of service
Which of the following is an example of multifactor authentication? Facial recognition and a retina scan A fingerprint scan and facial recognition A password and a fingerprint scan A password and a PIN
A password and a fingerprint scan
ADIUS is primarily used for what purpose? Logging on to a Linux based operating system Managing access to a network over a VPN Authenticating remote clients before access to the network is granted Managing RAID fault-tolerant drive configurations
Authenticating remote clients before access to the network is granted
You would like to use an authentication method for your company that uses encryption and periodically reauthenticates clients. Which protocol should you use given the following options? FTPS PAP SLIP CHAP
CHAP
Question 11 0 / 1 pts You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall would you use? Application level Circuit-level VPN concentrator Packet filtering
Circuit-level
You want to make sure that all users have passwords over 8 characters in length and that passwords must be changed every 30 days. What should you do? Configure account policies in Group Policy Configure day/time settings in the user accounts Configure expiration settings in the user accounts Configure public key policies in Group Policy
Configure account policies in Group Policy
Which of the following solutions would you implement to track which websites that network users are accessing? NIDS Packet filtering firewall Honeypot Proxy server
Proxy server
Which remote access protocol, implemented almost exclusively by Cisco, is a central server providing remote access that users can use for authentication? RADIUS SLIP VPN TACACS+
TACACS+
Which of the following encryption methods is principally associated with WPA for wireless networks? MD5 AES TKIP 802.1x
TKIP
Which of the following is the greatest security vulnerability with Wi-Fi Protected Setup (WPS)? The PIN can be cracked relatively easy It is too advanced to implement for the average user It requires a RADIUS server It requires a TACACS+ server
The PIN can be cracked relatively easy
