Testout Notes
You want to close all ports associated with NetBIOS on your network firewalls to prevent attacks directed against NetBIOS. Which ports should you close?
135, 137-139
To transfer files to your company's internal network from home, you use FTP. The administrator has recently implemented a firewall at the network perimeter and disabled as many ports as possible. Now, you can no longer make the FTP connection. You suspect the firewall is causing the issue. Which ports need to be open so you can still transfer the files? Select two.
21 20
How many network interfaces does a dual-homed gateway typically have?
3
To increase security on your company's internal network, the administrator has disabled as many ports as possible. However now you can browse the internet, but you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?
443
How many concurrent connections does NAT support?
5,000
What is the recommended humidity level for server rooms?
50%
What is the minimum number of users needed in a Windows Enterprise agreement to Intune to be included?
500
Which of the following cloud storage access services acts as a gatekeeper, extending an organization's security policies into the cloud storage infrastructure?
A cloud-access security broker
Which of the following is the BEST definition of the term hacker?
A general term used to describe any individual who uses their technical knowledge to gain unauthorized access to an organization.
Which of the following describes a configuration baseline?
A list of common security settings that a group or all devices share.
Users in the sales department perform many of their daily tasks, such as emailing and creating sales presentations, on company-owned tablets. These tablets contain sensitive information. If one of these tablets is lost or stolen, this information could end up in the wrong hands. The chief information officer wants you to implement a solution that can be used to keep sensitive information from getting into the wrong hands is a device is lost or stolen. Which of the following should you implement?
A mobile device management (MDM) infrastructure
Which of the following is the strongest form of multi-factor authentication?
A password, a biometric scan, and a token device.
Which of the following describes a logic bomb?
A program that performs a malicious activity at a specific time or after a triggering event.
You connect your computer to a wireless network available at the local library. You find that you can access all of the websites you want on the internet except for two. What might be causing the problem?
A proxy server is blocking access to the websites.
Which of the following BEST describes a honeyfile?
A single-file setup to entice and trap attackers.
IPsec is implemented through two separate protocols. What are these protocols called? (Select two.)
AH ESP
Which of the following is a policy that defines appropriate and inappropriate usage of company resources, assets, and communication?
Acceptable use policy (AUP)
What is the MOST important aspect of a biometric device?
Accuracy
Which of the following is the first phase of the Microsoft Intune application life cycle?
Add
You have a shared folder named Reports. Members of the Managers group have been given Write access to the shared folder. Mark Mangum is a member of the Managers group. He needs access to the files in the Reports folder, but should not have any access to the Confidential.xls file. What should you do?
Add Mark Mangum to the ACL for the Confidential.xls file with Deny permissions
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do to help reduce problems?
Add a separate A/C unit in the server room
Which of the following NAC agent types would be used for IoT devices?
Agentless
Which application development model approaches software development as a continuous, changing process with never-ending versions, bug-fixes, and enhancements?
Agile
A computer or small network that is not connected to the rest of the network or the internet is known as :
Air gap
What does the netstat -a command show?
All listening and non-listening sockets
You are the office manager of a small financial credit business. Your company handles personal financial information for clients seeking small loans over the internet. You are aware of your obligation to secure clients records, but the budget is an issue for your company. Which item would provide the BEST security for this situation?
All-in-one security appliance
You have configured the following rules. What is the effect? sudo iptables -A INPUT -p tcp --dport 25 -m conntrack --ctstate NEW, ESTABLISHED -j ACCEPT sudo iptables -A OUTPUT -p tcp --sport 25 -m conntrack --ctstate ESTABLISHED -j ACCEPT
Allow SMTP traffic
Community Cloud
Allows cloud services to be shared by several organizations
Which of the following BEST describes the Physical SDN layer?
Also known as the Infrastructure layer
Which of the following describes how access control lists can be used to improve network security?
An access control list filters traffic based on the IP header information, such as source or destination IP address, protocol, or socket number.
Which of the following defines an acceptable use agreement?
An agreement that identifies employees' rights to use company property, such as internet access and computer equipment, for personal use.
You are investigating the use of website and URL content filtering to prevent users from visiting certain websites. Which benefits are the result of implementing this technology in your organization? (Choose two.)
An increase in bandwidth availability Enforcement of the organization's internet usage policy
Which of the following BEST describes an inside attacker?
An unintentional threat actor. This is the most common threat.
As the security analyst for your organization, you have noticed an increase in emails that attempt to trick users into revealing confidential information, which web threat solution should you implement to protect against these threats?
Anti-phishing software
Which of the following app deployment and update methods can be configured to make available to specific users and groups only the apps that they have rights to access?
App catalog
Your organization recently purchased 20 Android tablets for use by the organization's management team. To increase the security of these devices, you want to ensure that only specific apps can be installed. Which of the following would you implement?
App whitelisting
Which SDN layer would a load balancer that stops and starts VMs as resource use increases reside on?
Application
This layer communicates with the Control layer through what is called the northbound interface.
Application layer
Which type of firewall operates at Layer 7 of the OSI model?
Application layer
Which of the following devices can apply quality of service and traffic-shaping rules based on what created the network traffic?
Application-aware devices
Which of the steps in the Network Access Control (NAC) implementation process occurs once the policies have been defined?
Apply
You have just purchase a new network device and are getting ready to connect it to your network. Which of the following actions should you take to increase its security? Select two.
Apply all patches and updates. Change default account passwords.
Which of the following is an open-source hardware and software company that designs and manufactures single-board microcontrollers as well as kits to build digital devices?
Arduino
Which access control model is based on assigning attributes to objects and using Boolean logic to grant access based on the attributes of the subject?
Attribute-Based Access Control (ABAC)
Which of the following defines all the prerequisites must meet in order to access a network?
Authentication
A remote access user needs to gain access to resources on the server. Which of the following processes are performed by the remote access server to control access to resources?
Authentication and authorization
An organization's receptionist received a phone call from an individual claiming to be a partner in a high-level project and requesting sensitive information. The individual is engaging in which type of social engineering?
Authority
Which of the following applies the appropriate policies in order to provide a device with the access it's defined to receive?
Authorization
Sometimes, an attacker's goal is to prevent access to a system rather than to gain access. This form of attack is often called a denial-of-service attack and causes which impact?
Availability loss
Which of the following term describes a network device that is exposed to attacks and has been hardened against those attacks?
Bastion or sacrificial host
A smart card can be used to store all but which of the following items?
Biometric template original
Which of the following are functions of gateway email spam filter? Select two.
Blocks emails from specific senders Filters messages containing specific content
A collection of zombie computers have been set up to collect personal information. Which type of malware do the zombie computers represent?
Botnet
Penetrating system defenses to gain unauthorized access
Breaching
Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack?
Buffer-overflow attack
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?
Buffer-overflow attack
Which type of attack is the act of exploiting a software program's free acceptance of input in order to execute arbitrary code on a target?
Buffer-overflow attack
Which device deployment model gives businesses significant control over device security while allowing employees to use their devices to access both corporate and personal data?
COPE
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Circuit-level gateway
A network device is given an IP address of 172.16.0.55. Which type of network is this device on?
Class B private network
Which of the following fire extinguisher types is best used for the electrical fires that might result when working with computer components?
Class C
When designing a firewall, what is the recommended approach for opening and closing ports?
Close all ports; open only ports required by applications inside the DMZ.
What is the on-premises, cloud-based software tool that sits between an organization and a cloud-service provider called?
Cloud-access security broker
Which of the following can provide the most specific protection and monitoring capabilities?
Cloud-access security broker
Which of the following is a network device that is deployed in the cloud to protect against unwanted access to a private network?
Cloud-based firewall
In 2001, a worm exploited vulnerabilities in Microsoft Internet Information Services (IIS) to infect over 250,000 systems in under nine hours. What was this worm called?
Code Red
You have just finished developing a new application. Before putting it on the website for users to download, you want to provide a checksum to verify that the object has not been modified. Which of the following would you implement?
Code signing
Which of the following is a password that relates to things that people know, such as a mother's maiden name or a pet's name?
Cognitive
Which of the following BEST describes the Application SDN layer?
Communicates with the Control layer through the northbound interface.
A group of small local businesses have joined together to share access to a cloud based payment system. Which type of cloud is MOST likely being implemented?
Community
Which of the following intune portals is used by end users to manage their own account and enroll devices?
Company portal
You have hired 10 new temporary workers who will be with the company for three months. You want to make sure that the user accounts cannot be used for login after that time period. What should you do?
Configure account expiration in the user accounts.
A salesperson in your organization spends most of her time traveling between customer sites. After a customer visit, she must complete various managerial tasks, such as updating your organization's order database. Because she rarely comes back to your home office, she usually accesses the network from her notebook computer using Wi-Fi access provided by hotels, restaurants, and airports. Many of these locations provide unencrypted public Wi-Fi access, and you are concerned that sensitive data could be exposed. To remedy this situation, you decide to configure her notebook to use a VPN when accessing the home network over an open wireless connection. Which key steps should you take when implementing this configuration? (Select two.)
Configure the browser to send HTTPS requests through the VPN connection Configure the VPN connection to use IPSec
This layer provides the Physical layer with configuration and instructions.
Control layer
This layer receives its requests from the Application layer.
Control layer
Which of the following reduces the risk of a threat agent being able to exploit a vulnerability?
Countermeasures
What is the primary function of the IKE Protocol used with IPsec?
Create a security association between communicating partners.
You want to give all managers the ability to view edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove managers as their job positions change. What is the best way to accomplish this?
Create a security group for the managers. Add all users as members of the group. Add the group to the file's DACL.
As you go through the process of making your network more manageable, you discover that employees in the sales department are on the same network segment as the human resources department. Which of the following steps can be used to isolate these departments?
Create a separate VLAN for each department.
Which type of update should be prioritized even outside of a normal patching window?
Critical updates
Which of the following items would be implemented at the Data layer of the security model?
Cryptography
Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted internet?
DMZ
Where should an organization's web server be placed?
DMZ
Which special network area is used to provide added protection by isolating publicly accessible servers?
DMZ
Jason is at home, attempting to access the website for his music store. When he goes to the website, it has a simple form asking for a name, email, and phone number. This is not the music store website. Jason is sure the website has been hacked. How did the attacker accomplish this hack?
DNS cache poisoning
Which rights management category is applied to music, videos, and software that is sold to consumers?
DRM
When confidential or protected data is exposed, either intentionally or accidentally, it is considered to be which of the following?
Data breach
DNS tunneling is a common method that allows an attacker to accomplish which attack?
Data exfiltration
Which of the following is a technology that tries to detect and stop sensitive data breaches, or data leakage incidents, in an organization?
Data loss prevention
Every ACME computer comes with the same account created at the factory. Which kind of vulnerability is this?
Default accounts and passwords
In which phase of the Microsoft Intune application life cycle would you assign an app to users and/or devices you manage and monitor them on the Azure portal?
Deploy
Which of the following can be used to stop piggybacking at a front entrance where employees should swipe smart cards to gain entry?
Deploy a mantrap
Which of the following are the two main causes of software vulnerabilities? Select two.
Design flaws Coding errors
Audit trails produced by auditing activities are which type of security control?
Detective
Which of the following best describes a stateful inspection?
Determines the legitimacy of traffic-based on the state of the connection from which the traffic originated.
Ron, a hacker, wants to get access to a prestigious law firm he has been watching for a while. June, and administrative assistant at the law firm, is having lunch at the food court around the corner from her office. Ron notices that June has a picture of a dog on her phone. He casually walks by and starts a conversation about dogs. Which phase of the social engineering process is Ron in?
Development phase
Why do attacks prefer to conduct distributed network attacks in static environments? Select two.
Devices are typically more difficult to monitor than traditional network devices. Devices tend to employ much weaker security than traditional network devices.
Which of the following protocols can TLS use for key exchange? Select two.
Diffie-Hellman RSA
Which of the following actions should you take to reduce the attack surface of a server?
Disable unused services
Which of the following NAC agent types creates a temporary connection?
Dissolvable
Which of the following is a common social engineering attack?
Distributing hoax virus-information emails
Documenting procedures and processes are part of which milestone in the NSA's Manageable Network Plan?
Document Your Network
Which of the following allows an easy exit of an area in the event of an emergency, but also prevents entry? Select two.
Double-entry door Turnstile
Which action would you use in a rule to disallow a connection silently?
Drop
You are performing a security test from the outside on a new application that has been deployed. Which secure testing method are you MOST likely using?
Dynamic
You want to connect your small company network to the Internet. Your ISP provides you with a single IP address that is to be shared between all hosts on your private network. You do not want external hosts to be able to initiate connection to internal hosts. What type of NAT should you implement?
Dynamic
Your organization is having a third party come in and perform an audit on the financial records. You want to ensure that the auditor has access to the data that they need while keeping the customers' data secure. To accomplish this goal, you plan to implement a mask that replaces the client names and account numbers with fictional data. Which masking method are you implementing?
Dynamic
Which NAT implementation assigns two IP addresses to the public NAT interface, allowing traffic to flow in both directions?
Dynamic and Static
Which of the following mobile device management (MDM) solutions is hardware-agnostic and supports many different brands of mobile devices?
EMM
Which IPSec subprotocol provides data encryption?
ESP
A Faraday cage is used to prevent what from leaving an area?
Electromagnetic emissions
It is important to follow correct procedures when running electrical cables next to data cables in order to protect against which environmental concern?
Electromagnetic interference
Compliments, misinformation, feigning ignorance, and being a good listener are tactics of which social engineering technique?
Elicitation
Which of the following is the single greatest threat to a network security?
Employees
In addition to Authentication Header (AH), IPSec is comprised of what other service?
Encapsulating Security Payload (ESP)
Travis is sending a highly confidential email to Craig that contains sensitive data. Which of the following should Travis implement to ensure that only Craig is able to read the email?
Encryption
Which of the following DLP implementation can be used to monitor and control access to physical devices on workstations or servers?
Endpoint DLP
Your organization recently purchased 18 iPad tablets for use by the organization's management team. These devices have iOS pre-installed on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the BEST approach to take to accomplish this? Select two.
Enroll the devices in a mobile device management (MDM) system. Configure and apply security policy settings in a mobile device management (MDM) system.
Configuring additional rights to do more than breach the system.
Escalating privileges
Which option is a benefit of CCTV?
Expand the area visible by security guards
You want to implement an access control list in which only the users you specifically authorize have access to the resource. Anyone not on the list should be prevented from having access. Which of the following methods of access control should the access list use?
Explicit allow, implicit deny
Crashing systems
Exploitation
Which of the following is a privately controlled portion of a network that is accessible to some specific external entities?
Extranet
Which of the following terms is used to describe an event in which a person who should be allowed access is denied access to a system?
False negative
DLP can be used to identify sensitive files in a file system and then embed the organization's security policy within the file. Which of the following DLP implementations travels with sensitive data files when they are moved or copied?
File-level DLP
Which kind of virus operates only in memory and usually exploits a trusted application like PowerShell to circumvent traditional endpoint security solutions?
Fileless virus
Which of the following are characteristics of a packet-filtering firewall? Select two
Filters IP address and port Stateless
Which of the following items would you secure in the Perimeter layer of the security model?
Firewalls
Which of the following types of proxies would you use to remain anonymous when surfing the internet?
Forward
Which of the following enters random data to the inputs of an application?
Fuzzing
Which device is NAT typically implemented on?
Gateway router
Which fuzz testing program type defines new test data based on models of the input?
Generation-based
Which of the following tools can you use on a Windows network to automatically distribute and install software and operating system patches on workstations? Select two.
Group Policy WSUS
Which TCP/IP protocol is a secure form of HTTP that uses SSL as a sublayer for security?
HTTPS
Which of the following protocols uses port 443?
HTTPS
Which of the following threat actors seeks to defame, shed light on, or cripple an organization or government?
Hacktivist
By definition, what is the process of reducing security exposure and tightening security controls?
Hardening
Jessica needs to set up a firewall to protect her internal network from the internet. Which of the following would be the BEST type of firewall for her to use?
Hardware
Prepare to Document means establishing the process you will use to document your network. Which of the following makes this documentation more useful?
Have a printed hard copy kept in a secure location.
You want to create a collection of computers on your network that appear to have valuable data but actually store fake data that could entice a potential intruder. Once the intruder connects, you want to be able to observe and gather information about the attacker's methods. Which feature should you implement?
Honeynet
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use?
Host-based firewall
Most equipment is cooled by bringing cold air in the front and ducting the heat out of the back. What is the term for where the heat is sent in this type of scenario?
Hot aisle
You have been offered a position as a security analyst for Acme, Inc. The position will be remote. Acme Inc. has sent you your employment contract using a system that only allows you to open and digitally sign the contract. Which rights management method is being used?
IRM
What is Cisco's Network Access Control (NAC) solution called?
Identity Services Engine (ISE)
Which impact of vulnerabilities occurs when an attacker uses information gained from a data breach to commit fraud by doing things like opening new accounts with the victim's information?
Identity theft
Your organization allows employees to bring their own devices into work, but management is concerned that a malicious internal user could use a mobile device to conduct an insider attack. Which of the following should be implemented to help mitigate this threat?
Implement an AUP that specifies where and when mobile devices can be possessed within the organization.
An attacker inserts SQL database commands into a data input field of an order form used by a web-based application. When submitted, these commands are executed on the remote database server, causing customer contact information from the database to be sent to the malicious user's web browser. Which practice would have prevented this exploit?
Implementing client-side validation
While using a web-based order form, an attacker enters an unusually large value in the Quantity field. The value entered is large enough to exceed the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order as a return instead of a purchase, and the attacker's account is refunded a large sum of money. Which practices would have prevented this exploit? Select two.
Implementing server-side validation Implementing client-side validation
The IT manager has tasked you with configuring Intune. You have enrolled the devices and now need to set up the Intune policies. Where would you go to set up the Intune policies?
In the Admin portal, select Policy>Add Policy
Which of the following are true concerning virtual desktop infrastructure VDI? Select two.
In the event of a widespread malware infection, the administrator can quickly reimage all user desktops on a few central servers. User desktop environments are centrally hosted on servers instead of on individual desktop systems.
Which of the following functions does a single quote (') perform in an SQL injection?
Indicates that data has ended and a command is beginning
Power, heating, ventilation, air conditioning systems (HVAC), and utilities are all components of which term?
Infrastructure
In healthcare, regulations often dictate that important systems remain unpatched to maintain compliance. Which kind of vulnerability does this introduce?
Inherent vulnerabilities
In which of the iptables default chains would you configure a rule to allow an external device to access the HTTPS port on the Linux server?
Input
Which of the following is specifically meant to ensure that a program operates on clean, correct, and useful data?
Input validation
You manage the information systems for a large co-location data center. Networked environmental controls are used to manage the temperature within the data center. These controls use embedded smart technology allowing them to be managed using a mobile device app over an Internet connection. You are concerned about the security of these devices. What can you do to increase their security posture?
Install the latest firmware updates from the device manufacturer. Verify that your network's existing security infrastructure is working properly.
Hybrid Cloud
Integrates one cloud service with other cloud services
What is the system that connects application repositories, systems, and IT environments in a way that allows access and exchange of data over a network by multiple devices and locations called?
Integration
An employee stealing company data could be an example of which kind of threat actor?
Internal threat
You notice that a growing number of devices, such as environmental control systems and wearable devices, are connecting to your network. These devices, known as smart devices, are sending and receiving data via wireless network connections. Which of the following labels applies to this growing ecosystem of smart devices?
Internet of Things (IoT)
Your organization recently purchased 20 Android tablets for use by the organization's management team. You are using a Windows domain. Which of the following should you use to push security settings to the devices?
Intune
Which of the following is the recommended intune configuration?
Intune Standalone
Which of the following Best describes spyware?
It monitors the actions you take on your machine and sends the information back to its originating source.
Which of the following BEST describes dynamic data masking? Select two.
It replaces original information with a mask that mimics the original in form and function. It can be used to control which users can see the actual data.
A script kiddie is a threat actor who lacks knowledge and sophistication. Script kiddie attacks often seek to exploit well known vulnerabilities in systems. What is the best defense against script kiddie attacks?
Keep systems up to date and use standard security practices.
Which of the following is the most important thing to do to prevent console access to the router?
Keep the router in a locked room
Which of the following are examples of social engineering attacks? Select two.
Keylogging Impersonation Shoulder surfing
Which VPN protocol typically employs IPSec as its data encryption mechanism?
L2TP
At which layer of the OSI model do NAT routers operate?
Layer 3 (Network Layer)
Which of the following is a security approach that combines multiple security controls and defenses?
Layered security
Eliminating single points of failure
Layering
Implementing multiple security measures to protect the same asset.
Layering
Which of the following controls is an example of a physical access control method?
Locks on doors.
In which milestone should you use a network scanner and then confirm the scan manually with a room-by-room walkthrough?
Map Your Network
Which DLP method works by replacing sensitive data with realistic fictional data?
Masking
Which Microsoft tool can be used to review a system's security configuration against recommended settings?
Microsoft Security Compliance Toolkit
Which of the following is a solution that pushes security policies directly to mobile devices over a network connection?
Mobile device management (MDM)
Social engineers are master manipulators. Which of the following are tactics they might use?
Moral obligation, ignorance, and threatening
Which of the following is an advantage of software defined networking SDN?
More granular control
Members of the Sales team use laptops to connect to the company network. While traveling, they connect their laptops to the Internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use?
NAC
The IT manager has tasked you with implementing a solution that ensures that mobile devices are up to date, have anti-malware installed, and have the latest definition updates before being allowed to connect to the network. Which of the following should you implement?
NAC
You are configuring the security settings for your network. You have decided to configure a policy that requires any computer connecting to the network to run at least Windows 10 version 2004. Which of the following have you configured?
NAC
You have a file server named Srv3 that holds files used by the Development department. You want to allow users to access the files over the network, and control access to files when files are accessed through the network or through a local logon. Which solution should you implement?
NTFS permissions and share permissions.
Which of the following principles is implemented in a mandatory access control model to determine object access by classification level?
Need to Know
Google Cloud, Amazon Web Services (AWS), and Microsoft Azure are some of the most widely used cloud storage solutions for enterprises. Which of the following factors prompt companies to take advantage of cloud storage? (Select two.)
Need to bring costs down Growing demand for storage
DLP can be implemented as a software or hardware solution that analyzes traffic in an attempt to detect sensitive data that is being transmitted in violation of an organization's security policies. Which of the following DLP implementations analyzes traffic for data containing such things as financial documents, social security numbers, or key words used in proprietary intellectual property?
Network DLP
Which of the following does the Application layer use to communicate with the Control layer?
Northbound APIs
Which of the following BEST describes zero-trust security?
Only devices that pass both authentication and authorization are trusted.
Which of the following is the MOST likely to happen if the firewall managing traffic into the DMZ fails?
Only the servers in the DMZ are compromised, but the LAN will stay protected.
You have placed an FTP server in your DMZ behind your firewall. The FTP server will be used to distribute software updates and demonstration versions of your products. Users report that they are unable to access the FTP server. What should you do to enable access?
Open ports 20 and 21 for outbound connections.
A hacker scans hundreds of IP addresses randomly on the internet until they find an exploitable target. Which kind of attack is this?
Opportunistic attack
Which of the following does a NAT router use to associate a port number with a request from a private host?
PAT
Which device is often employed by power companies to protect cabling infrastructure from having cables added or removed and to prevent emissions from being retrieved from the air?
PDS
Which of the following VPN protocols is no longer considered secure?
PPTP
You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?
PTZ
Which of the following BEST describes the Platform as a Service (PaaS) cloud computing service model?
PaaS delivers everything a developer needs to build an application on the cloud infrastructure.
What needs to be configured on a firewall to allow traffic directed to the public resource in the DMZ?
Packet filters
Which type of firewall protects against packets coming from certain IP addresses?
Packet-filtering
What type of password is maryhadalittlelamb?
Passphrase
When training your employees on how to identify various attacks, which of the following policies should you be sure to have and enforce? Select two.
Password policies Clean desk policies
Windows Server Update Services (WSUS) is used to accomplish which part of a manageable network?
Patch management
Which of the following items would be implemented at the Network layer of the security model?
Penetration testing
Which of the following NAC agent types is the most convenient agent type?
Permanent
Which of the following is one of the Most common attacks on employees?
Phishing attack
Which of the following are examples of Something You Have authentication controls? Select two.
Photo ID Smart card
Which security control, if not applied, can allow an attacker to bypass other security controls?
Physical access control
On this layer, individual networking devices use Southbound APIs to communicate with the control plane.
Physical layer
This layer is also known as the Infrastructure layer
Physical layer
You are part of a committee that is meeting to define how Network Access Control (NAC) should be implemented in the organization. Which step in the NAC process is this?
Plan
As you browse the internet, you notice that when you go to some sites, multiple additional windows are opened automatically. Many of these windows contain advertisements for products that are inappropriate for your family to view. Which tool can you implement to prevent these windows from showing?
Pop-up blocker
You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into the server components and affecting the ability of the network. Which of the following should you implement?
Positive pressure system
What is the primary purpose of separation of duties?
Prevent conflicts of interest
Giving users only the access they need to do their job and nothing more.
Principle of least privilege
You assign access permissions so that users can only access the resources required to accomplish their specific work tasks. Which security principle are you complying with?
Principle of least privilege
Which of the following is an example of privilege escalation?
Privilege creep
A user is able to access privileged administrative features with an account that is not granted administrator rights. Which type of vulnerability is this?
Privilege escalation
Tokenization is another effective tool in data loss prevention. Tokenization does which of the following? (Select two.)
Protects data on its server with authentication and authorization protocols. Replaces actual data with a randomly generated alphanumeric character set
Private Cloud
Provides cloud services to a single organization
Public Cloud
Provides cloud services to just about anyone
Which of the following BEST describes a virtual desktop infrastructure (VDI)?
Provides enhanced security and better data protection because most of the data processing is provided by servers in the data center rather than on the local device.
You have used firewalls to create a demilitarized zone. You have a web server that needs to be accessible to internet users. The web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers? (Select two.)
Put the web server inside the DMZ. Put the database server on the private network.
Which of the following do security templates allow you to do? Select two.
Quickly apply settings to multiple computers Configure consistent security settings between devices
You have implemented an access control method that only allows users who are managers to access specific data. Which type of access control model is being used?
RBAC
Which type of packet would the sender receive if they sent a connection request to TCP port 25 on a server with the following command applied? sudo iptables -A OUTPUT -p tcp -dport 25 -j REJECT
RST
Which of the following serves real-time applications without buffer delays?
RTOS
The constant change in personal habits and passwords to prevent anticipated events and exploitation.
Randomness
A type of malware that prevents the system from being used until the victim pays the attacker money is known as what?
Ransomware
If Mark has a read-write permission to the share \\fileserver\securefiles and a read-only permission to the file coolstuff.docx on the NTFS file system shared by the file share, he is able to perform which action?
Read the file.
Gathering system hardware information
Reconnaissance
In which phase of an attack does the attacker gather information about the target?
Reconnaissance
After a security event that involves a breach of physical security, what is the term used for the new measures, incident review, and repairs meant to stop a future incident from occurring?
Recovery
Which kind of malware provides an attacker with administrative control over a target computer through a backdoor?
Remote Access Trojan (RAT)
Which of the following app deployment and update methods allows an administrator to remove apps and clear all data from a device without affecting the device itself?
Remote management
Which of the following app deployment and update methods allows updates to be uploaded onto Intune where they can be pushed out to users within 24 hours?
Remote management
Mobile application management (MAM) provides the ability to do which of the following?
Remotely install and uninstall apps.
Which of the following methods can cloud providers implement to provide high availability?
Replication
What is the storage location called that holds all the development source files that version control systems use?
Repository
Which of the following are solutions that address physical security? Select two.
Require identification and name badges for all employees. Escort visitors at all times.
Which of the following is the first step in the Waterfall application development model?
Requirements
Which of the following is considered a drawback of the Waterfall application development life cycle?
Requirements are determined at the beginning and are carried through to the end product.
Which of the following are characteristics of a rootkit? Select two.
Resides below regular antivirus software detection. Requires administrator-level privileges for installation.
You are implementing security at a local high school that is concerned with students accessing inappropriate material on the internet from the library's computers. The students use the computers to search the internet for research paper content. The school budget is limited. Which content filtering option would you choose?
Restrict content based on content categories.
A proxy server can be configured to do which of the following?
Restrict users on the inside of a network from getting out to the internet.
Which of the following is an example of rule-based access control?
Router access control lists that allow or deny traffic based on the characteristics of an IP packet.
Which of the following devices are special computer systems that gather, analyze, and manage automated factory equipment?
SCADA
As a network administrator, you are asked to recommend a secure method for transferring data between hosts on a network. Which of the following protocols would you recommend? (Select two.)
SCP SFTP
What is a set of software development tools called that can be installed as one unit and provides code frameworks or code snippets to help development go faster?
SDK
Which of the following is a disadvantage of software defined networking SDN?
SDN standards are still being developed.
You have implemented a cloud service to provide features such as authentication, anti-malware, intrusion detection, and penetration testing. Which cloud service have you most likely implemented?
SECaaS
Which of the following file transfer protocols use SSH to provide confidentiality during the transfer? Select two.
SFTP SCP
You have a website that accepts input from users for creating customer accounts. Input on the form is passed to a database server where the user account information is stored. An attacker is able to insert database commands in the input fields and have those commands execute on the server. Which type of attack has occurred?
SQL injection
For Milestone 4 (Reach Your Network), which of the following would be considered a secure protocol to use to reach your network?
SSH
SFTP uses which mechanism to provide security for authentication and data transfer?
SSH
FTPS uses which mechanism to provide security for authentication and data transfer?
SSL
Which of the following protocols are often added to other protocols to provide secure transmission of data? Select two.
SSL TLS
Which of the following cloud computing solutions delivers software applications to a client either over the internet or on a local area network?
SaaS
You have installed antivirus software on the computers on your network. You update the definition and engine files and configure the software to update those files everyday. What else should you do to protect your systems from malware? Select two.
Schedule regular full-system scans. Educate users about malware.
Which of the following is another name for a firewall that performs router functions?
Screening router
Which of the following is a network security service that filters malware from user-side internet connections using different techniques?
Secure web gateway
Which VPN implementation uses routers on the edge of each site?
Site-to-site VPN
Which kind of access control technology allows more than just the identity of an individual to be transmitted wirelessly to either allow or deny access?
Smart card
Which of the following do Raspberry Pi systems make use of?
SoC
Any attack involving human interaction of some kind is referred to as what?
Social engineering
Network engineers have the option of using software to configure and control network rather than relying on individual static configuration files that are located on each network device. Which of the following is a relatively new technology that allows network and security professionals to use software to manage, control, and make changes to a network?
Software defined networking SDN
You have just installed a packet-filtering firewall on your network. Which options are you able to set on your firewall? Select all that apply
Source address of a packet Destination address of a packet Port number
Which APIs do individual networking devices use to communicate with the control plane from the Physical layer?
Southbound
You are configuring web threat protection on the network and want to block emails coming from a specific sender. Which of the following should be configured?
Spam filter
Which VPN tunnel style routes only certain types of traffic?
Split
Preparing a computer to perform additional tasks in the attack
Staging
You are the network administrator for a small company that implements NAT to access the Internet. However, you recently acquired 5 servers that must be accessible from outside your network. Your ISP has provided you with 5 additional registered IP addresses to support these new servers but you don't want the public to access these servers directly. You want to place these servers behind your firewall on the inside network yet still allow them to be accessible to the public from the outside. Which method of NAT translation should you implement for these 5 servers?
Static
You have a small network at home that is connected to the internet. On your home network, you have a server with the IP address of 192.168.55.199/16. You have a single public address that is shared by all hosts on your private network. You want to configure the server as a web server and allow internet hosts to contact the server to browse a personal website. What should you use to allow access?
Static NAT
Which of the following are features of an application-level gateway? Select two.
Stops each packet at the firewall for inspection. Reassembles entire messages
The root account has all privileges and no barriers. Which of the following is another name for the root account?
Superuser account
A VPN is primarily used for which of the following purposes?
Support secured communications over an untrusted network.
Which of the following is defined as an operating system that comes hardened and validated to a specific security level as defined in the Common Criteria for Information Technology Security Evaluation (CC)?
TOS
Which of the following tools allow remote management of servers? Select two.
Telnet SSH
If a user's BYOD device (such as a tablet or phone) is infected with malware, that malware can be spread if that user connects to your organization's network. One way to prevent this event is to use a Network Access Control (NAC) system. How does an NAC protect your network from being infected by a BYOD device?
The NAC remediates devices before allowing them to connect to your network.
Which of the following best describes an SDN controller?
The SDN controller is software
When using SSL authentication, what does the client verify first when checking a server's identity?
The current date and time must fall within the server's certificate validity period.
Which statement BEST describes IPSec when used in tunnel mode?
The entire data packet, including headers, is encapsulated
Which of the following defines the crossover error rate for evaluating biometric systems?
The point where the number of false positives matches the number of false negatives in a biometric system.
Which problem does NAT help address?
The shortage of IPv4 addresses
The IT manager has tasked you with installing new physical machines. These computer systems are barebone systems that simply establish a remote connection to the data center to run the user's virtualized desktop. Which type of deployment model is being used?
Thin client
A honeypot is used for which purpose?
To delay intruders in order to gather auditing data
Which of the following types of proxies can be used for web filtering?
Transparent
Which of the following is a program that appears to be a legitimate application, utility, game, or screensaver, but performs malicious activities surreptitiously?
Trojan horse
Which of the following mobile device management (MDM) solutions allows an organization to manage all devices, including printers, workstations, and even IoT devices?
UEM
Which formula is used to determine a cloud provider's availability percentage?
Uptime/uptime + downtime
You have a company network that is connected to the internet. You want all users to have internet access, but you need to protect your private network and users. You also need to make a web server publicly available to internet users. Which solution should you use?
Use firewalls to create a DMZ. Place the web server inside the DMZ and the private network behind the DMZ.
The policies, Procedures, and Awareness layer of the security model includes which of the following? Select two.
User education Employee onboarding
The Application layer of the security model includes which of the following? Select two.
User management Web application security
Which of the following identification and authentication factors are often well known or easily discovered by others on the same network or system?
Username
Which of the following is used for identification?
Username
Which of the following is the BEST solution to allow access to private resources from the internet?
VPN
A group of salesmen would like to remotely access your private network through the internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?
VPN connection
As the security analyst for your organization, you have noticed an increase in user computers being infected with malware. Which two solutions should you implement and configure to remedy this problem? (Select two.)
Virus scanner Spam filters
Which of the following is the BEST example of the principle of least privilege?
Wanda has been given access of the files that she needs for her job.
A wireless access point configured to use Wired Equivalent Privacy (WEP) is an example of which kind of vulnerability?
Weak security configurations
You are configuring web threat protection on the network and have identified a website that contains malicious content. Which of the following should you configure?
Web threat filtering
You are configuring web threat protection on the network and want to prevent users from visiting www.videosite.org. Which of the following needs to be configured?
Website filtering
Which of the following are disadvantages of biometrics? Select two.
When used alone, they are no more secure that a strong password. They have the potential to produce numerous false negatives.
Which of the following is an attack that injects malicious scripts into web pages to redirect users to fake websites to gather personal information?
XSS
In which of the following situations would most likely implement a demilitarized zone (DMZ)?
You want to protect a public web server from attack.
What should you consider security baselines?
dynamic
Stealing information
exploitation
Which of the following tools allows the user to set security rules for an instance of an application that interacts with one organization and different security rules for an instance of the application when interacting with another organization?
instance awareness
Which command should you use to display both listening and non-listening sockets on your Linux system?
netstat -a
You need to increase the security of your Linux system by finding and closing open ports. Which of the following commands should you use to locate open ports?
nmap
Which command should you use to scan for open TCP ports on your Linux system? (Tip: enter the command as if in Command Prompt.)
nmap -sT
Which command would you use to list all of the currently defined iptables rule?
sudo iptables -L
Diversifying layers of defense
variety
You want to make sure no unneeded software packages are running on your Linux server. Select the command from the drop-down list that you can use to see all installed RPM packages.
yum list installed