Security+ Network Security
Which of the following ports should be used by a system administrator to securely manage a remote server? A 22 B 69 C 137 D 445
A 22
A technician is unable to manage a remote server. Which of the following ports should be opened on the firewall for remote server management? (Select TWO). A 22 B 135 C 137 D 143 E 443 F 3389
A 22 F 3389
Which of the following BEST describes a demilitarized zone? A A buffer zone between protected and unprotected networks B A network where all servers exist and are monitored C A sterile, isolated network segment with access lists D A private network that is protected by a firewall and a VLAN
A A buffer zone between protected and unprotected networks
A security team has identified that the wireless signal is broadcasting into the parking lot. To reduce the risk of an attack against the wireless network from the parking lot, which of the following controls should be used? (Select TWO). A Antenna placement B Interference C Use WEP D Single Sign on E Disable the SSID F Power levels
A Antenna placement F Power levels
A network technician is on the phone with the system administration team. Power to the server room was lost and servers need to be restarted. The DNS services must be the first to be restarted. Several machines are powered off. Assuming each server only provides one service, which of the following should be powered on FIRST to establish DNS services? A Bind server B Apache server C Exchange server D RADIUS server
A Bind server
A security administrator wishes to increase the security of the wireless network. Which of the following BEST addresses this concern? A Change the encryption from TKIP-based to CCMP-based B Set all nearby access points to operate on the same channel C Configure the access point to use WEP instead of WPA2 D Enable all access points to broadcast their SSIDs
A Change the encryption from TKIP-based to CCMP-based
A network administrator wants to block both DNS requests and zone transfers coming from outside IP addresses. The company uses a firewall which implements an implicit allow and is currently configured with the following ACL applied to its external interface. PERMIT TCP ANY ANY 80 PERMIT TCP ANY ANY 443 Which of the following rules would accomplish this task? (Select TWO). A Change the firewall default settings so that it implements an implicit deny B Apply the current ACL to all interfaces of the firewall C Remove the current ACL D Add the following ACL at the top of the current ACL DENY TCP ANY ANY 53 E Add the following ACL at the bottom of the current ACL DENY ICMP ANY ANY 53 F Add the following ACL at the fottom of the current ACL DENY IP ANY ANY 53
A Change the firewall default so that it implements an implicit deny F Add the following ACL at the bottom of the current ACL DENY IP ANY ANY 53
Joe, a technician at the local power plant, notices that several turbines had ramp up in cycles during the week. Further investigation by the system engineering team determined that a timed .exe file has been uploaded to the system control console during a visit by international contractors. Which of the following actions should Joe recommend? A Create a VLAN for the SCADA B Enable PKI for the MainFrame C Implement patch management D Implement stronger WPA2 Wireless
A Create a VLAN for the SCADA
An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL? A Create three VLANs on the switch connected to a router B Define three subnets, configure each device to use their own dedicated IP address range, and then connect the network to a router C Install a firewall and connect it to the switch D Install a firewall and connect it to a dedicated switch for each device type
A Create three VLANs on the switch connected to a router
A security analyst needs to ensure all external traffic is able to access the company's front-end servers but protect all access to internal resources. Which of the following network design elements would MOST likely be recommended? A DMZ B Cloud computing C VLAN D Virtualization
A DMZ
When designing a new network infrastructure, a security administrator requests that the intranet web server be placed is an isolated area of the network for security purposes. Which of the following design elements would be implemented to comply with the security administrator's request? A DMZ B Cloud services C Virtualization D Sandboxing
A DMZ
A security architect wishes to implement a wireless network with connectivity to the company's internal network. Before they inform all employees that this network is being put in place, the architect wants to roll it out to a small test segment. Which of the following allows for greater secrecy about this network during this initial phase of implementation? A Disabling SSID broadcasting B Implementing WPA2-TKIP C Implementing WPA2-CCMP D Filtering test workstations by MAC address
A Disabling SSID broadcasting
Which of the following devices is MOST likely being used when processing the following? 1 PERMIT IP ANY EQ 80 2 DENY IP ANY ANY A Firewall B NIPS C Load balancer D URL filter
A Firewall
Which of the following devices would MOST likely have a DMZ interface? A Firewall B Switch C Load balancer D Proxy
A Firewall
Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network? A HIPS on each virtual machine B NIPS on the network C NIDS on the network D HIDS on each virtual machine
A HIPS on each virtual machine
After a network outage, a PC technician is unable to ping various network devices. The network administrator verifies that those devices are working properly and can be accessed securely. Which of the following is the MOST likely reason the PC technician is unable to ping those devices? A ICMP is being blocked B SSH is not enabled C DNS settings are wrong D SNMP is not configured properly
A ICMP is being blocked
Configuring the mode, encryption methods, and security associations are part of which of the following? A IPSec B Full disk encryption C 802.1x D PKI
A IPSec
A network engineer is designing a secure tunneled VPN. Which of the following protocols would be the MOST secure? A IPsec B SFTP C BGP D PPTP
A IPsec
A company's legacy server requires administration using Telnet. Which of the following protocols could be used to secure communication by offering encryption at a lower OSI layer? (Select TWO). A IPv6 B SFTP C IPSec D SSH E IPv4
A IPv6 C IPSec
Which of the following allows Pete, a security technician, to provide the MOST secure wireless implementation? A Implement WPA B Disable SSID C Adjust antenna placement D Implement WEP
A Implement WPA
An IT director is looking to reduce the footprint of their company's server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company. Which of the following BEST describes this arrangement? A Infrastructure as a Service B Storage as a Service C Platform as a Service D Software as a Service
A Infrastructure as a Service
Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. Which of the following is MOST likely blocking Pete's access to this site? A Internet content filter B Firewall C Proxy server D Protocol analyzer
A Internet content filter
Which of the following means of wireless authentication is easily vulnerable to spoofing? A MAC Filtering B WPA-LEAP C WPA-PEAP D Enabled SSID
A MAC Filtering
Which of the following protocols is used by IPv6 for MAC address resolution? A NDP B ARP C DNS D NCP
A NDP
Pete, a security administrator, has observed repeated attempts to break into the network. Which of the following is designed to stop an intrusion on the network? A NIPS B HIDS C HIPS D NIDS
A NIPS
Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure? A PAT B NAP C DNAT D NAC
A PAT
Jane, an administrator, needs to make sure the wireless network is not accessible from the parking area of their office. Which of the following would BEST help Jane when deploying a new access point? A Placement of antenna B Disabling the SSID C Implementing WPA2 D Enabling the MAC filtering
A Placement of antenna
Which of the following is a programming interface that allows a remote computer to run programs on a local machine? A RPC B RSH C SSH D SSL
A RPC
After reviewing the firewall logs of her organization's wireless APs, Ann discovers an unusually high amount of failed authentication attempts in a particular segment of the building. She remembers that a new business moved into the office space across the street. Which of the following would be the BEST option to begin addressing the issue? A Reduce the power level of the AP on the network segment B Implement MAC filtering on the AP of the affected segment C Perform a site survey to see what has changed on the segment D Change the WPA2 encryption key of the AP in the affected segment
A Reduce the power level of the AP on the network segment
Which of the following uses port 22 by default? (Select THREE). A SSH B SSL C TLS D SFTP E SCP F FTPS G SMTP H SNMP
A SSH D SFTP E SCP
An organization does not want the wireless network name to be easily discovered. Which of the following software features should be configured on the access points? A SSID broadcast B MAC filter C WPA2 D Antenna placement
A SSID broadcast
A network security engineer just deployed an IDS on the network, but the Chief Technical Officer (CTO) has concerns that the device is only able to detect known anomalies. Which of the following types of IDS has been deployed? A Signature Based IDS B Heuristic IDS C Behavior Based IDS D Anomaly Based IDS
A Signature Based IDS
A company's business model was changed to provide more web presence and now its ERM software is no longer able to support the security needs of the company. The current data center will continue to provide network and security services. Which of the following network elements would be used to support the new business model? A Software as a Service B DMZ C Remote access support D Infrastructure as a Service
A Software as a Service
The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO's direction but has mandated that key authentication systems be run within the organization's network. Which of the following would BEST meet the CIO and CRO's requirements? A Software as a Service B Infrastructure as a Service C Platform as a Service D Hosted virtualization service
A Software as a Service
Which of the following wireless security technologies continuously supplies new keys for WEP? A TKIP B Mac filtering C WPA2 D WPA
A TKIP
A company provides secure wireless Internet access for visitors and vendors working onsite. Some of the vendors using older technology report that they are unable to access the wireless network after entering the correct network information. Which of the following is the MOST likely reason for this issue? A The SSID broadcast is disabled B The company is using the wrong antenna type C The MAC filtering is disabled on the access point D The company is not using strong enough encryption
A The SSID broadcast is disabled
Ann, a sales manager, successfully connected her company-issued smartphone to the wireless network in her office without supplying a username/password combination. Upon disconnecting from the wireless network, she attempted to connect her personal tablet computer to the same wireless network and could not connect. Which of the following is MOST likely the reason? A The company wireless is using a MAC filter B The company wireless has SSID broadcast disabled C The company wireless is using WEP D The company wireless is using WPA2
A The company wireless is using a MAC filter
An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to combine the security controls of some of the network devices in the organization. Which of the following methods would BEST accomplish this goal? A Unified Threat Management B Virtual Private Network C Single Sign on D Role-based management
A Unified Threat Management
An organization does not have adequate resources to administer its large infrastructure. A security administrator wishes to integrate the security controls of some of the network devices in the organization. Which of the following methods would BEST accomplish this goal? A Unified Threat Management B Virtual Private Network C Single sign on D Role-based management
A Unified Threat Management
Matt, the network engineer, has been tasked with separating network traffic between virtual machines on a single hypervisor. Which of the following would he implement to BEST address this requirement? (Select TWO). A Virtual switch B NAT C System partitioning D Access-list E Disable spanning tree F VLAN
A Virtual switch F VLAN
A corporation is looking to expand their data center but has run out of physical space in which to store hardware. Which of the following would offer the ability to expand while keeping their current data center operated by internal staff? A Virtualization B Subnetting C IaaS D SaaS
A Virtualization
Due to limited resources, a company must reduce their hardware budget while still maintaining availability. Which of the following would MOST likely help them achieve their objectives? A Virtualization B Remote access C Network access control D Blade servers
A Virtualization
Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model? A WAF B NIDS C Routers D Switches
A WAF
A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN? A WPA2 CCMP B WPA C WPA with MAC filtering D WPA2 TKIP
A WPA2 CCMP
Configuring key/value pairs on a RADIUS server is associated with deploying which of the following? A WPA2-Enterprise wireless network B DNS secondary zones C Digital certificates D Intrusion detection system
A WPA2-Enterprise wireless network
A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default? A 20 B 21 C 22 D 23
B 21
Which of the following ports is used to securely transfer files between remote UNIX systems? A 21 B 22 C 69 D 445
B 22
After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall? A 25 B 68 C 80 D 443
B 68
Which of the following is the default port for TFTP? A 20 B 69 C 21 D 68
B 69
A security analyst noticed a colleague typing the following command: 'Telnet some-host 443' Which of the following was the colleague performing? A A hacking attempt to the some-host web server with the purpose of achieving a distributed denial of service attack. B A quick test to see if there is a service running on some-host TCP/443, which is being routed correctly and not blocked by a firewall C Trying to establish an insecure remote management session. The colleague should be using SSH or terminal services instead D A mistaken port being entered because telnet servers typically do not listen on port 443
B A quick test to see if there is a service running on some-host TCP/443, which is being routed correctly and not blocked by a firewall
Which of the following flags are used to establish a TCP connection? (Select TWO). A PSH B ACK C SYN D URG E FIN
B ACK C SYN
In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization? A Supervisor B Administrator C Root D Director
B Administrator
Joe, the Chief Technical Officer (CTO), is concerned about new malware being introduced into the corporate network. He has tasked the security engineers to implement a technology that is capable of alerting the team when unusual traffic is on the network. Which of the following types of technologies will BEST address this scenario? A Application Firewall B Anomaly Based IDS C Proxy Firewall D Signature IDS
B Anomaly Based IDS
A network consists of various remote sites that connect back to two main locations. Pete, the security administrator, needs to block TELNET access into the network. Which of the following, by default, would be the BEST choice to accomplish this goal? A Block port 23 on the L2 switch at each remote sire B Block port 23 on the network firewall C Block port 25 on the L2 switch at each remote site D Block port 25 on the network firewall
B Block port 23 on the network firewall
An access point has been configured for AES encryption but a client is unable to connect to it. Which of the following should be configured on the client to fix this issue? A WEP B CCMP C TKIP D RC4
B CCMP
Which of the following would Pete, a security administrator, do to limit a wireless signal from penetrating the exterior walls? A Implement TKIP encryption B Consider antenna placement C Disable the SSID broadcast D Disable WPA
B Consider antenna placement
While previously recommended as a security measure, disabling SSID broadcast is not effective against most attackers because network SSIDs are: A No longer used to authenticate to most wireless networks B Contained in certain wireless packets in plaintext C Contained in all wireless broadcast packets by default D No longer supported in 802.11 protocols
B Contained in certain wireless packets in plaintext
Layer 7 devices used to prevent specific types of html tags are called: A Firewalls B Content filters C Routers D NIDS
B Content filters
Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic? A Connect the WAP to a different switch B Create a voice VLAN C Create a DMZ D Set the switch ports to 802.1q mode
B Create a voice VLAN
During the analysis of a PCAP file, a security analyst noticed several communications with a remote server on port 53. Which of the following protocol types is observed in this traffic? A FTP B DNS C Email D NetBIOS
B DNS
Which of the following is the MOST secure protocol to transfer files? A FTP B FTPS C SSH D TELNET
B FTPS
After entering the following information into a SOHO wireless router, a mobile device's user reports being unable to connect to the network: PERMIT 0A:D1:FA:B1:03:37 DENY 01:33:7F:AB:10:AB Which of the following is preventing the device from connecting? A WPA2-PSK requires a supplicant on the mobile device B Hardware address filtering is blocking the device C TCP/IP Port filtering has been implemented on the SOHO router D IP address filtering has disabled the device from connecting
B Hardware address filtering is blocking the device
A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security without changing their baseline configuration. Which of the following should be implemented to secure the devices without risking availability? A Host-based firewall B IDS C IPS D Honeypot
B IDS
The Human Resources department has a parent shared folder setup on the server. There are two groups that access, one called managers and one called staff. There are many sub folders under the parent shared folder, one is called payroll. The parent folder access control list propagates all sub folders and all sub folders inherit the parent permission. Which of the following is the quickest way to prevent the staff group from gaining access to the payroll folder? A Remove the staff group from the payroll folder B Implicit deny on the payroll folder for the staff group C Implicit deny on the payroll folder for the mangers group D Remove inheritance from the payroll folder
B Implicit deny on the payroll folder for the staff group
Which of the following devices would be MOST useful to ensure availability when there are a large number of requests to a certain website? A Protocol analyzer B Load balancer C VPN concentrator D Web security gateway
B Load balancer
A Chief Information Security Officer (CISO) is tasked with outsourcing the analysis of security logs. These will need to still be reviewed on a regular basis to ensure the security of the company has not been breached. Which of the following cloud service options would support this requirement? A SaaS B MaaS C IaaS D PaaS
B MaaS
An administrator is looking to implement a security device which will be able to not only detect network intrusions at the organization level, but help defend against them as well. Which of the following is being described here? A NIDS B NIPS C HIPS D HIDS
B NIPS
Which of the following network design elements allows for many internal devices to share one public IP address? A DNAT B PAT C DNS D DMZ
B PAT
Matt, an administrator, notices a flood fragmented packet and re transmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue? A Spam filter B Protocol analyzer C Web application firewall D Load balancer
B Protocol analyzer
A network administrator is asked to send a large file containing PII to a business associate. Which of the following protocols is the BEST choice to use? A SSH B SFTP C SMTP D FTP
B SFTP
Which of the following secure file transfer methods uses port 22 by default? A FTPS B SFTP C SSL D S/MIME
B SFTP
A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports? A SNMP B SNMPv3 C ICMP D SSH
B SNMPv3
Matt, a security administrator, wants to configure all the switches and routes in the network in order to securely monitor their status. Which of the following protocols would he need to configure on each device? A SMTP B SNMPv3 C IPSec D SNMP
B SNMPv3
A recent vulnerability scan found that Telnet is enabled on all network devices. Which of the following protocols should be used instead of Telnet? A SCP B SSH C SFTP D SSL
B SSH
A security analyst needs to logon to the console to perform maintenance on a remote server. Which of the following protocols would provide secure access? A SCP B SSH C SFTP D HTTPS
B SSH
An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols? A TCP/IP B SSL C SCP D SSH
B SSL
Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model? A Packet Filter Firewall B Stateful Firewall C Proxy Firewall D Application Firewall
B Stateful Firewall
Pete, a network administrator, is implementing IPv6 in the DMZ. Which of the following protocols must he allow through the firewall to ensure the web servers can be reached via IPv6 from an IPv6 enabled Internet host? A TCP port 443 and IP protocol 46 B TCP port 80 and TCP port 443 C TCP port 80 and ICMP D TCP port 443 and SNMP
B TCP port 80 and TCP port 443
The server administrator has noted that most servers have a lot of free disk space and low memory utilization. Which of the following statements will be correct if the server administrator migrates to a virtual server environment? A The administrator will need to deploy load balancing and clustering B The administrator may spend more on licensing but less on hardware and equipment C The administrator will not be able to add a test virtual environment in the data center D Servers will encounter latency and lowered throughtput issues
B The administrator may spend more on licensing but less on hardware and equipment
A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 802.1q trunks. Which of the following is most likely the reason for the sub-interfaces? A The network uses the subnet of 255.255.255.128 B The switch has several VLANs configured on it C The sub-interfaces are configuured for VoIP traffic D The sub-interfaces each implement quality of service
B The switch has several VLANs configured on it
Which of the following components of an all-in-one security appliance would MOST likely be configured in order to restrict access to peer-to-peer file sharing websites? A Spam filter B URL filter C Content inspection D Malware inspection
B URL filter
A network engineer is setting up a network for a company. There is a BYOD policy for the employees so that they can connect their laptops and mobile devices. Which of the following technologies should be employed to separate the administrative network from the network in which all of the employees' devices are connected? A VPN B VLAN C WPA2 D MAC filtering
B VLAN
Pete, a security administrator, is informed that people from the HR department should have access to the accounting department's server, and the accounting department should not have access to the HR department's server. The network is separated by switches. Which of the following is designed to keep the HR department users from accessing in the accounting department's server and vice-versa? A ACLs B VLANs C DMZs D NATS
B VLANs
Which of the following would Pete, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers? A Packet filtering firewall B VPN gateway C Switch D Router
B VPN gateway
The security administrator has been tasked to update all the access points to provide a more secure connection. All access points currently use WPA TKIP for encryption. Which of the following would be configured to provide more secure connections? A WEP B WPA2 CCMP C Disable SSID broadcast and increase power levels D MAC filtering
B WPA2 CCMP
A security engineer is reviewing log data and sees the output below: POST:/payload.php HTTP/1.1 HOST: localhost Accept: */* Referrer: http://localhost/ ******** HTTPS/1.1 403 Forbidden Connection: close Log: Access denied with 403. Pattern matches from bypass. Which of the following technologies was MOST likely being used to generate this log? A Host-based Intrusion Detection System B Web application firewall C Network-based Intrusion Detection System D Stateful Inspection Firewall E URL Content Filter
B Web application firewall
An administrator wants to establish a WIFI network using a high grain directional antenna with a narrow radiation pattern to connect two buildings separated by a very long distance. Which of the following antennas would be BEST for this situation? A Dipole B Yagi C Sector D Omni
B Yagi
If you don't know the MAC address of a Linux-based machine, what command-line utility can you use to ascertain it? A macconfig B ifconfig C ipconfig D config
B ifconfig
A firewall technician has been instructed to disable all non-secure ports on a corporate firewall. The technician has blocked traffic on port 21, 69, 80, and 137-139. The technician has allowed traffic on ports 22 and 443. Which of the following correctly lists the protocols blocked and allowed? A. Blocked: TFTP, HTTP, NetBIOS; Allowed: HTTPS, FTP B. Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS C. Blocked: SFTP, TFTP, HTTP, NetBIOS; Allowed: SSH, SCP, HTTPS D. Blocked: FTP, HTTP, HTTPS; Allowed: SFTP, SSH, SCP, NetBIOS
B. Blocked: FTP, TFTP, HTTP, NetBIOS; Allowed: SFTP, SSH, SCP, HTTPS
Which of the following IP addresses would be hosts on the same subnet given the subnet mask 255.255.255.224? (Select TWO). A 10.4.4.125 B 10.4.4.158 C 10.4.4.165 D 10.4.4.189 E 10.4.4.199
C 10.4.4.165 D 10.4.4.189
Which of the following ports would be blocked if Pete, a security administrator, wants to deny access to websites? A 21 B 25 C 80 D 3389
C 80
A database administrator contacts a security administrator to request firewall changes for a connection to a new internal application. The security administrator notices that the new application uses a port typically monopolized by a virus. The security administrator denies the request and suggests a new port or service be used to complete the application's task. Which of the following is the security administrator practicing in this example? A Explicit deny B Port security C Access control lists D Implicit deny
C Access control lists
Multi-tenancy is a concept found in which of the following? A Full disk encryption B Removable media C Cloud computer D Data loss prevention
C Cloud computing
At an organization, unauthorized users have been accessing network resources via unused network wall jacks. Which of the following would be used to stop unauthorized access? A Configure an access list B Configure spanning tree protocol C Configure port security D Configure loop protection
C Configure port security
Matt, the IT Manager, wants to create a new network available to virtual servers on the same hypervisor, and does not want this network to be routable to the firewall. How could this BEST be accomplished? A Create a VLAN without a default gateway B Remove the network from the routing table C Create a virtual switch D Commission a stand-alone switch
C Create a virtual switch
Which of the following network architecture concepts is used to securely isolate at the boundary between networks? A VLAN B Subnetting C DMZ D NAT
C DMZ
A technician has just installed a new firewall onto the network. Users are reporting that they cannot reach any website. Upon further investigation, the technician determines that websites can be reached be entering their IP addresses. Which of the following ports may have been closed to cause this issue? A HTTP B DHCP C DNS D NetBIOS
C DNS
Which of the following best practices makes a wireless network more difficult to find? A Implement MAC filtering B UseWPA2-PSK C Disable SSID broadcast D Power down unused WAPs
C Disable SSID broadcast
An administrator configuures all wireless access points to make use of a new network certificate authority. Which of the following is being used? A WEP B LEAP C EAP-TLS D TKIP
C EAP-TLS
Jane, the security administrator, sets up a new AP but realizes too many outsiders are able to connect to that AP and gain unauthorized access. Which of the following would be the BEST way to mitigate the issue and still provide coverage where needed? (Select TWO). A Disable the wired ports B Use channels 1, 4 and 7 only C Enable MAC filtering D Disable SSID broadcast E Switch from 802.11a to 802.11b
C Enable MAC filtering D Disable SSID broadcast
Which of the following security devices can be replicated on a Linux based computer using IP tables to inspect and properly handle network based traffic? A Sniffer B Router C Firewall D Switch
C Firewall
The Chief Information Security Officer (CISO) has mandated that all IT systems with credit data be segregated from the main corporate network to prevent unauthorized access and that access to the IT systems should be logged. Which of the following would BEST meet the CISO's requirements? A Sniffers B NIDS C Firewalls D Web proxies E Layer 2 switches
C Firewalls
A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in a scenario? A WPA2 B WPA C IPv6 D IPv4
C IPv6
Which of the following protocols allows for the LARGEST address space? A IPX B IPv4 C IPv6 D Appletalk
C IPv6
An administrator would like to review the effectiveness of existing security in the enterprise. Which of the following would be the BEST place to start? A Review past security incidents and their resolution B Rewrite the existing security policy C Implement an intrusion prevention system D Install honey pot systems
C Implement an intrusion prevention system
Concurrent use of a firewall, content filtering, antivirus software and an IDS system would be considered components of: A Redundant systems B Separation of duties C Layered security D Application control
C Layered security
Ann, a security administrator, has concerns regarding her company's wireless network. The network is open and available for visiting prospective clients in the conference room, but she notices that many more devices are connecting to the network than should be. Which of the following would BEST alleviate Ann's concerns with minimum disturbance of current functionality for clients? A Enable MAC filtering on the wireless access point B Configure WPA2 encryption on the wireless access point C Lower the antenna's broadcasting power D Disable SSID broadcasting
C Lower the antenna's broadcasting power
A computer is put into a restricted VLAN until the computer's virus definitions are up-to-date. Which of the following BEST describes this system type? A NAT B NIPS C NAC D DMZ
C NAC
Mike, a network administrator, has been asked to passively monitor network traffic to the company's sales websites. Which of the following would be BEST suited for this task? A HIDS B Firewall C NIPS D Spam filter
C NIPS
A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this? A ICMP B BGP C NetBIOS D DNS
C NetBIOS
An auditor is given access to a conference room to conduct an analysis. When they connect their laptop's Ethernet cable into the wall jack, they are not able to get a connection to the Internet but have a link light. Which of the following is MOST likely causing the issue? A Ethernet cable is damaged B The host firewall is set to disallow outbound connections C Network Access Control D The switch port is administratively shutdown
C Network Access Control
Which of the following would satisfy wireless network implementation requirements to use mutual authentication and usernames and passwords? A EAP-MD5 B WEP C PEAP-MSCHAPv2 D EAP-TLS
C PEAP-MSCHAPv2
Which of the following should be performed to increase the availability of IP telephony by prioritizing traffic? A Subnetting B NAT C Quality of service D NAC
C Quality of service
A security analyst is reviewing firewall logs while investigating a compromised web server. The following ports appear in the log: 22,25,445,1433,3128,3389,6667 Which of the following protocols was used to access the server remotely? A LDAP B HTTP C RDP D HTTPS
C RDP
Which of the following protocols operates at the HIGHEST level of the OSI model? A ICMP B IPSec C SCP D TCP
C SCP
Which of the following protocols allows for secure transfer of files? (Select TWO). A ICMP B SNMP C SFTP D SCP E TFTP
C SFTP D SCP
Which of the following should be implemented to stop an attacker from mapping out addresses and/or devices on a network? A Single sign on B IPv6 C Secure zone transfers D VoIP
C Secure zone transfers
When performing the daily review of the system vulnerability scans of the network Joe, the administrator, noticed several security related vulnerabilities with an assigned vulnerability identification number from the vendor website. Joe proceeds with applying the recommended solution for identified. Which of the following is the type of vulnerability described? A Network based B IDS C Signature based D Host based
C Signature based
A company has implemented PPTP as a VPN solution. Which of the following ports would need to be opened on the firewall in order for this VPN to function properly? (Select TWO). A UDP 1723 B TCP 500 C TCP 1723 D UDP 47 E TCP 47
C TCP 1723 D UDP 47
Pete needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall? A TCP 23 B UDP 69 C TCP 22 D TCP 21
C TCP 22
A security technician needs to open ports on a firewall to allow for domain name resolution. Which of the following ports should be opened? (Select TWO). A TCP 21 B TCP 23 C TCP 53 D UDP 23 E UDP 53
C TCP 53 E UDP 53
Which of the following protocols is used to authenticate the client and server's digital certificate? A PEAP B DNS C TLS D ICMP
C TLS
Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal? A Firewall B Switch C URL content filter D Spam filter
C URL content filter
A review of the company's network traffic shows that most of the malware infections are caused by users visiting gambling and gaming websites. The security manager wants to implement a solution that will block these websites, scan all web traffic for signs of malware, and block the malware before it enters the company network. Which of the following is suited for this purpose? A ACL D IDS C UTM D Firewall
C UTM
An administrator needs to segment internal traffic between layer 2 devices within the LAN. Which of the following types of network design elements would MOST likely be used? A Routing B DMZ C VLAN D NAT
C VLAN
A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another? A Implement a virtual firewall B Install HIPS on each VM C Virtual switches with VLANs D Develop a patch management guide
C Virtual switches with VLANs
Which of the following is required to allow multiple servers to exist on one physical server? A Software as a Service (SaaS) B Platform as a Service (PaaS) C Virtualization D Infrastructure as a Service (IaaS)
C Virtualization
A malicious user is sniffing a busy encrypted wireless network waiting for an authorized client to connect to it. Only after an authorized client has connected and the hacker was able to capture the client handshake with the AP can the hacker begin a brute force attack to discover the encryption key. Which of the following attacks is taking place? A IV attack B WEP cracking C WPA cracking D Rogue AP
C WPA cracking
Which of the following firewall rules only denies DNS zone transfers? A deny udp any any port 53 B deny ip any any C deny tcp any any port 53 D deny all dns packets
C deny tcp any any port 53
Which of the following would the security engineer set as the subnet mask for the servers below to utilize host addresses on a separate broadcast domains? Server 1: 192.168.100.6 Server 2: 192. 168.100.9 Server 3: 192.169.100.20 A /24 B /27 C /28 D /29 E /30
D /29
Which of the following ports is used for SSH, by default? A 23 B 32 C 12 D 22
D 22
Which of the following ports and protocol types must be opened on a host with a host-based firewall to allow incoming SFTP connections? A 21/UDP B 21/TCP C 22/UDP D 22/TCP
D 22/TCP
Ann, a technician, is attempting to establish a remote terminal session to an end user's computer using Kerberos authentication, but she cannot connect to the destination machine. Which of the following default ports should Ann ensure is open? A 22 B 139 C 443 D 3389
D 3389
A company determines a need for additional protection from rogue devices plugging into physical ports around the building. Which of the following provides the highest degree of protection from unauthorized wired network access? A Intrusion Prevention Systems B MAC filtering C Flood guards D 802.1x
D 802.1x
While configuring a new access layer switch, the administrator, Joe, was advised that he needed to make sure that only devices authorized to access the network would be permitted to login and utilize resources. Which of the following should the administrator implement to ensure this happens? A Log Analysis B VLAN Management C Network separation D 802.1x
D 802.1x
A company has several conference rooms with wired network jacks that are used by both employees and guests. Employees need access to internal resources and guests only need access to the Internet. Which of the following combinations is BEST to meet the requirements? A NAT and DMZ B VPN and IPSec C Switches and a firewall D 802.1x and VLANS
D 802.1x and VLANs
FTP/s uses which of the following TCP ports by default? A 20 and 21 B 139 and 445 C 443 and 22 D 989 and 990
D 989 and 990
A company has recently implemented a high density wireless system by having a junior technician install two new access points for every access point already deployed. Users are now reporting random wireless disconnections and slow network connectivity. Which of the following is the MOST likely cause? A The old APs use 802.11a B Users did not enter the MAC of the new APs C The new APs use MIMO D A site survey was not conducted
D A site survey was not conducted
The security admin at ABC company received the following log info from an external party: 10:45:01 EST, SRC 10.4.3.7:3056, DST 8.4.2.1:80, ALERT, Direction traversal The external party is reporting attacks coming from abc-company.com. Which of the following is the reason the ABC company's security administrator is unable to determine the origin of the attack? A A NIDS was used in place of a NIPS B The log is not in UTC C The external party uses a firewall D ABC company uses PAT
D ABC company uses PAT
A system administrator wants to enable WPA2 CCMP. Which of the following is the only encryption used? A RC4 B DES C 3DES D AES
D AES
The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented? A Implicit deny B VLAN management C Port security D Access control lists
D Access control lists
Which of the following offers the LEAST amount of protection against data theft by USB drives? A DLP B Database encryption C TPM D Cloud computing
D Cloud computing
Which of the following technologies can store multi-tenant data with different security requirements? A Data loss prevention B Trusted platform module C Hard drive encryption D Cloud computing
D Cloud computing
Joe, a security administrator, believes that a network breach has occurred in the datacenter as a result of a misconfigured router access list, allowing outside access to an SSH server. Which of the following should Joe search for in the log files? A Failed authentication attempts B Network ping sweeps C Host port scans D Connections to port 22
D Connections to port 22
A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall. Which of the following BEST describes this new network? A VLAN B Subnet C VPN D DMZ
D DMZ
A security administrator suspects that an increase in the amount of TFTP traffic on the network is due to unauthorized file transfers, and wants to configure a firewall to block all TFTP traffic. Which of the following would accomplish this task? A Deny TCP port 68 B Deny TCP port 69 C Deny UDP port 68 D Deny UDP port 69
D Deny UDP port 69
Which of the following is a best practice when securing a switch from physical access? A Disable unnecessary accounts B Print baseline configuration C Enable access lists D Disable unused ports
D Disable unused ports
When reviewing security logs, an administrator sees requests for the AAAA record of www.comptia.com. Which of the following BEST describes this type of record? A DNSSEC record B IPv4 DNS record C IPSEC DNS record D IPv6 DNS record
D IPv6 DNS record
A system administrator attempts to ping a hostname and the response is 2001:4860:0:2001::68. Which of the following replies has the administrator received? A The loopback address B The local MAC address C IPv4 address D IPv6 address
D IPv6 address
An administrator needs to connect a router in one building to a router in another using Ethernet. Each router is connected to a manged switch and the switches are connected to each other via a fiber line. Which of the following should be configured to prevent unauthorized devices from connecting to the network? A Configured each port on the switches to use the same VLAN other than the default one B Enable VTP on both switches and set to the same domain C Configure only one of the routers to run DHCP services D Implement port security on the switches
D Implement port security on the switches
Which of the following offerings typically allows the customer to apply operating system patches? A Software as a service B Public Clouds C Cloud Based Storage D Infrastructure as a service
D Infrastructure as a service
Which of the following is a step in deploying a WPA2-Enterprise wireless network? A Install a token on the authentication server B Install a DHCP server on the authentication server C Install an encryption key on the authentication server D Install a digital certificate on the authentication server
D Install a digital certificate on the authentication server
Pete, the system administrator, wishes to monitor and limit users' access to external websites. Which of the following would BEST address this? A Block all traffic on port 80 B Implement NIDS C Use server load balancers D Install a proxy server
D Install a proxy server
Users are unable to connect to the web server at IP 192.168.0.20. Which of the following can be inferred of a firewall that is configured ONLY with the following ACL? PERMIT TCP ANY HOST 192.168.0.10 EQ 80 PERMIT TCP ANY HOST 192.168.0.10 EQ 443 A It implements stateful packet filtering B It implements bottom-up processing C It failed closed D It implements an implicit deny
D It implements an implicit deny
An information bank has been established to store contacts, phone numbers and other records. A UNIX application needs to connect to the index server using port 389. Which of the following authentication services should be used on this port by default? A RADIUS B Kerberos C TACACS+ D LDAP
D LDAP
Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks? A Protocol filter B Load balancer C NIDS D Layer 7 firewall
D Layer 7 firewall
A security analyst has been tasked with securing a guest wireless network. They recommend the company use an authentication server but are told the funds are not available to set this up. Which of the following BEST allows the analyst to restrict user access to approved devices? A Antenna placement B Power level adjustment C Disable SSID broadcasting D MAC filtering
D MAC filtering
An administrator wishes to hide the network addresses of an internal network when connecting to the Internet. The MOST effective way to mask the network address of the users would be by passing the traffic through a: A stateful firewall B packet-filtering firewall C NIPS D NAT
D NAT
Matt, a systems security engineer, is determining which credential-type authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate, has a server side certificate, and uses TLS tunnels for encryption. Which credential type authentication method BEST fits these requirements? A EAP-TLS B EAP-FAST C PEAP-CHAP D PEAP-MSCHAPv2
D PEAP-MSCHAPv2
Which of the following should the security administrator implement to limit web traffic based on country of origin? (Select THREE). A Spam filter B Load balancer C Antivirus D Proxies E Firewall F NIDS G URL filtering
D Proxies E Firewall G URL filtering
A UNIX administrator would like to use native commands to provide a secure way of connecting to other devices remotely and to securely transfer files. Which of the following protocols could be utilized? (Select TWO). A RDP B SNMP C FTP D SCP E SSH
D SCP E SSH
By default, which of the following uses TCP port 22? (Select THREE) A FTPS B STELNET C TLS D SCP E SSL F HTTPS G SSH H SFTP
D SCP G SSH H SFTP
Which of the following is BEST used as a secure replacement for TELNET? A HTTPS B HMAC C GPG D SSH
D SSH
Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks? A NAT B Virtualization C NAC D Subnetting
D Subnetting
Which of the following would allow the organization to divide a Class C IP address range into several ranges? A DMZ B Virtual LANs C NAT D Subnetting
D Subnetting
Which of the following is a difference between TFTP and FTP? A TFTP is slower than FTP B TFTP is more secure than FTP C TFTP utilizes TCP and FTP uses UDP D TFTP utilizes UDP and FTP uses TCP
D TFTP utilizes UDP and FTP uses TCP
A security engineer, Joe, has been asked to create a secure connection between his mail server and the mail server of a business partner. Which of the following protocol would be MOST appropriate? A HTTPS B SSH C FTP D TLS
D TLS
On Monday, all company employees report being unable to connect to the corporate wireless network, which uses 802.1x with PEAP. A technician verifies that no configuration changes were made to the wireless network and its supporting infrastructure and that there are no outages. Which of the following is the MOST likely cause for this issue? A Too many incorrect authentication attempts have caused users to be temporarily disabled B The DNS server is overwhelmed with connections s and is unable to respond to queries C The company IDS detected a wireless attack and disabled the wireless network D The Remote Authentication Dial-In User Service server certificate has expired
D The Remote Authentication Dial-In User Service server certificate has expired
Which of the following BEST describes the weakness in WEP encryption? A The intialization vector of WEP uses a crack-able RC4 encryption algorithm. Once enough packets are captures an XOR operation can be performed and the asymmetric keys can be derived. B The WEP key is stored in plain text and split in portions across 224 packets of random data. Once enough packets are sniffed the IV portion of the packets can be removed leaving the plain text key. C The WEP key has a weak MD4 hashing algorithm used. A simple rainbow table can be used to generate key possibilities due to MD4 collisions. D The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.
D The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.
The administrator receives a call from an employee named Joe. Joe says the Internet is down and he is receiving a blank page when typing to connect to a popular sports website. The administrator asks Joe to try visiting a popular search engine site, which Joe reports as successful. Joe then says that he can get to the sports site on this phone. Which of the following might the administrator need to configure? A The access rules on the IDS B The pop up blocker in the employee's browser C The sensitivity level of the spam filter D The fault block page on the URL filter
D The default block page on the URL filter
Review the following diagram depicting communication between PC1 and PC2 on each side of a router. Analyze the network traffic logs which show communication between the two computers as captures by the computer with IP 10.2.2.10. DIAGRAM PC1PC2 [192.168.1.30]-------[INSIDE 192.168.1.1 router OUTSIDE 10.2.2.1]--------[10.2.2.10] LOGS Given the above information, which of the following can be inferred about the above environment? A 192.168.1.30 is a web server B The web server listens on a non-standard prot C The router filters port 80 traffic D The router implements NAT
D The router implements NAT
Pete, a security engineer, is trying to inventory all servers in a rack. The engineer launches RDP sessions to five different PCs and notices that the hardware properties are similar. Additionally, the MAC addresses of all five servers appear on the same switch port. Which of the following is MOST likely the cause? A The system is running 802.1x B The system is using NAC C The system is in active-standby mode D The system is virtualized
D The system is virtualized
According to company policy an administrator must logically keep the Human Resources department separated from the Accounting department. Which of the following would be the simplest way to accomplish this? A NIDS B DMZ C NAT D VLAN
D VLAN
A security administrator must implement a network authentication solution which will ensure encryption of user credentials when users enter their username and password to authenticate to the network. Which of the following should should the administrator implement? A WPA2 over EAP-TTLS B WPA-PSK C WPA2 with WPS D WEP over EAP-PEAP
D WEP over EAP-PEAP
A security administrator must implement a wireless security system, which will require users to enter a 30 character ASCII password on their accounts. Additionally the system must support 3DS wireless encryption. Which of the following should be implemented? A WPA2-CCMP with 802.1X B WPA2-PSK C WPA2-CCMP D WPA2-Enterprise
D WPA2-Enterprise
Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor? A Allow incoming IPSec traffic into the vendor's IP address B Set up a VPN account for the vendor, allowing access to the remote site C Turn of the firewall while the vendor is in the office, allowing access to the remote site D Write a firewall rule to allow the vendor to have access to the remote site
D Write a firewall rule to allow the vendor to have access to the remote site
A small company can only afford to buy an all-in-one wireless router/switch. The company has 3 wireless BYOD users and 2 web servers without wireless access. Which of the following should the company configure to protect the servers from the user devices? (Select TWO) A Deny incoming connections to the outside router interface B Change the default HTTP port C Implement EAP-TLS to establish mutual authentication D Disable the physical switch ports E Create a server VLAN F Create an ACL to access the server
E Create a server VLAN F Create an ACL to access the server