Chapter Three Practice Test
57. A list of applications approved for use on your network would be known as which of the following?
C. Whitelist
139. Ixxia is responsible for security at a mid-sized company. She wants to prevent users on her network from visiting job-hunting sites while at work. Which of the following would be the best device to accomplish this goal?
A. Proxy server
55. Which level of RAID is a "stripe of mirrors"?
A. RAID 1+0
39. Denish is concerned about the security of embedded devices in his company. He is most concerned about the operating system security for such devices. Which of the following would be the best option for mitigating this threat?
A. RTOS
81. Edward is responsible for web application security at a large insurance company. One of the applications that he is particularly concerned about is used by insurance adjusters in the field. He wants to have strong authentication methods to mitigate misuse of the application. What would be his best choice
A. Authenticate the client with a digital certificate
53. Which of the following terms refers to the process of establishing a standard for security?
A. Baselining
97. Tom works as a software development manager for a large company. He is trying to explain to management the difference between compiled code and runtime code. What is the biggest advantage of compiled code?
A. Better performance
51. Mark is responsible for cybersecurity at a small college. There are many computer labs that are open for students to use. These labs are monitored only by a student worker, who may or may not be very attentive. Mark is concerned about the theft of computers. Which of the following would be the best way for him to mitigate this threat?
A. Cable locks
110. You are concerned about VM escape attacks. Which of the following would provide the most protection against this?
A. Completely isolate the VM from the host.
118. Jeff is the security administrator for an e-commerce site. He is concerned about DoS attacks. Which of the following would be the most effective in addressing this?
A. DDoS mitigator
18. Which design concept limits access to systems from outside users while protecting users and systems inside the LAN?
A. DMZ
5. Gabriel is setting up a new e-commerce server. He is concerned about security issues. Which of the following would be the best location to place an e-commerce server?
A. DMZ
109. Jane is concerned about servers in her datacenter. She is particularly worried about EMI. What damage might EMI most likely cause to servers?
A. Damage to chips (CPU or RAM)
17. You are concerned about peripheral devices being exploited by an attacker. Which of the following is the first step you should take to mitigate this threat?
A. Disable WiFi for any peripheral that does not absolutely need it.
91. Vincent works for a company that manufactures portable medical devices, such as insulin pumps. He is concerned about ensuring these devices are secure. Which of the following is the most important step for him to take?
A. Ensure all communications with the device are encrypted.
9. You are the network administrator for a large company. Your company frequently has nonemployees in the company such as clients and vendors. You have been directed to provide these nonemployees with access to the Internet. Which of the following is the best way to implement this?
A. Establish a guest network.
131. Molly is implementing biometrics in her company. Which of the following should be her biggest concern?
A. FAR
10. Juan is a network administrator for an insurance company. His company has a number of traveling salespeople. He is concerned about confidential data on their laptops. What is the best way for him to address this?
A. FDE ( Full disk encryption)
36. Gerard is responsible for secure communications with his company's e-commerce server. All communications with the server use TLS. What is the most secure option for Gerard to store the private key on the e-commerce server?
A. HSM
1. Caroline has been asked to find a standard to guide her company's choices in implementing information security management systems. She is looking for a standard that is international. Which of the following would be the best choice for her?
A. ISO 27002
100. Daniel works for a mid-sized financial institution. The company has recently moved some of its data to a cloud solution. Daniel is concerned that the cloud provider may not support the same security policies as the company's internal network. What is the best way to mitigate this concern?
A. Implement a cloud access security broker.
121. Emily manages the IDS/IPS for her network. She has an NIPS installed and properly configured. It is not detecting obvious attacks on one specific network segment. She has verified that the NIPS is properly configured and working properly. What would be the most efficient way for her to address this?
A. Implement port mirroring for that segment.
67. You are responsible for server room security for your company. You are concerned about physical theft of the computers. Which of the following would be best able to detect theft or attempted theft?
A. Motion sensor-activated cameras
14. Juanita is implementing virtualized systems in her network. She is using Type I hypervisors. What operating system should be on the machines for her to install the hypervisor?
A. None
21. You have instructed all administrators to disable all nonessential ports on servers at their sites. Why are nonessential protocols a security issue that you should be concerned about?
A. Nonessential ports provide additional areas of attack.
2. You are responsible for network security at an e-commerce company. You want to ensure that you are using best practices for the e-commerce website your company hosts. What standard would be the best for you to review?
A. OWASP (Open Web Application Security Project)
142. Darrel is looking for a cloud solution for his company. One of the requirements is that the IT staff can make the transition with as little change to the existing infrastructure as possible. Which of the following would be his best choice?
A. Off-premises cloud
64. Mary is responsible for virtualization management in her company. She is concerned about VM escape. Which of the following methods would be the most effective in mitigating this risk?
A. Only share resources between the VM and host if absolutely necessary.
25. Upper management has decreed that a firewall must be put in place immediately, before your site suffers an attack similar to one that struck a sister company. Responding to this order, your boss instructs you to implement a packet filter by the end of the week. A packet filter performs which function?
A. Prevents unauthorized packets from entering the network
62. Mary is concerned about application security for her company's application development. Which of the following is the most important step for addressing application security?
A. Proper error handling
115. Mia is a network administrator for a bank. She is responsible for secure communications with her company's customer website. Which of the following would be the best for her to implement?
D. TLS
60. John is using the waterfall method for application development. At which phase should he implement security measures?
A. Requirements B. Design C. Implementation
79. Omar is using the waterfall method for software development in his company. Which of the following is the proper sequence for the waterfall method?
A. Requirements, design, implementation, testing, deployment, maintenance
86. Victor is a network administrator for a medium-sized company. He wants to be able to access servers remotely so that he can perform small administrative tasks from remote locations. Which of the following would be the best protocol for him to use?
A. SSH
44. Which cloud service model gives the consumer the ability to use applications provided by the cloud provider over the Internet?
A. SaaS
134. Fred is responsible for physical security in his company. He wants to find a good way to protect the USB thumb drives that have BitLocker keys stored on them. Which of the following would be the best solution for this situation?
A. Store the drives in a secure cabinet.
94. Greg is a programmer with a small company. He is responsible for the web application. He has become aware that one of the modules his web application uses may have a security flaw allowing an attacker to circumvent authentication. There is an update available for this module that fixes the flaw. What is the best approach for him to take to mitigate this threat?
A. Submit an RFC.
145. What is the primary reason a company would consider implementing Agile programming?
A. To speed up development time
46. Which type of hypervisor implementation is known as "bare metal"?
A. Type I
92. Emile is concerned about securing the computer systems in vehicles. Which of the following vehicle types has significant cybersecurity vulnerabilities?
A. UAV B. Automobiles C. Airplanes
147. What is the primary security issue presented by monitors?
A. Unauthorized users may see confidential data.
65. You work at a large company. You are concerned about ensuring that all workstations have a common configuration, no rogue software is installed, and all patches are kept up to date. Which of the following would be the most effective for accomplishing this?
A. Use VDE.
72. Mark is an administrator for a health care company. He has to support an older, legacy application. He is concerned that this legacy application might have vulnerabilities that would affect the rest of the network. What is the most efficient way to mitigate this?
A. Use an application container.
74. Mia has to deploy and support a legacy application. The configuration for this application and the OS it runs on are very specific and cannot be changed. What is the best approach for her to deploy this?
A. Use an immutable server
149. Which of the following security measures is most effective against phishing attacks?
A. User training
116. Abigail is responsible for setting up an NIPS on her network. The NIPS is located in one particular network segment. She is looking for a passive method to get a copy of all traffic to the NIPS network seg
A. Using a network tap
11. Terrance is responsible for secure communications on his company's network. The company has a number of traveling salespeople who need to connect to network resources. What technology would be most helpful in addressing this need?
A. VPN concentrator
27. An IV attack is usually associated with which of the following wireless protocols?
A. WEP
41. Teresa is responsible for WiFi security in her company. Which wireless security protocol uses TKIP?
A. WPA
23. Which of the following would prevent a user from installing a program on a companyowned mobile device?
A. Whitelisting
130. What is the ideal humidity range for a server room?
B. 40% to 60%
52. Joanne is responsible for security at a power plant. The facility is very sensitive and security is extremely important. She wants to incorporate two-factor authentication with physical security. What would be the best way to accomplish this?
B. A mantrap with a smart card at one door and a pin keypad at the other door
75. To mitigate the impact of a software vendor going out of business, a company that uses vendor software should require which one of the following?
B. A third-party source-code escrow
6. Enrique is concerned about backup data being infected by malware. The company backs up key servers to digital storage on a backup server. Which of the following would be most effective in preventing the backup data being infected by malware?
B. Air-gap the backup server.
3. John is installing an HVAC system in his datacenter. What will this HVAC have the most impact on?
B. Availability
50. John is responsible for physical security at his company. He is particularly concerned about an attacker driving a vehicle into the building. Which of the following would provide the best protection against this threat?
B. Bollards
83. John is examining the logs for his company's web applications. He discovers what he believes is a breach. After further investigation, it appears as if the attacker executed code from one of the libraries the application uses, code that is no longer even used by the application. What best describes this attack?
B. Code reuse attack
24. You're designing a new network infrastructure so that your company can allow unauthenticated users connecting from the Internet to access certain areas. Your goal is to protect the internal network while providing access to those areas. You decide to put the web server on a separate subnet open to public contact. What is this subnet called?
B. DMZ
45. Which feature of cloud computing involves dynamically provisioning (or deprovisioning) resources as needed?
B. Elasticity
90. You are concerned about the security of new devices your company has implemented. Some of these devices use SoC technology. What would be the best security measure you could take for these?
B. Ensuring each has its own cryptographic key
78. Sophia wants to test her company's web application to see if it is handling input validation and data validation properly. Which testing method would be most effective for this?
B. Fuzzing
54. You are trying to increase security at your company. You're currently creating an outline of all the aspects of security that will need to be examined and acted on. Which of the following terms describes the process of improving security in a trusted OS?
B. Hardening
89. Erik is responsible for the security of a SCADA system. Availability is a critical issue. Which of the following is most important to implement?
B. IPS
16. You are responsible for setting up a kiosk computer that will be in your company's lobby. It will be accessible for visitors to locate employee offices, obtain the guest WiFi password, and retrieve general public company information. What is the most important thing to consider when configuring this system?
B. Limiting functionality to only what is needed
34. Maria is a security engineer with a manufacturing company. During a recent investigation, she discovered that an engineer's compromised workstation was being used to connect to SCADA systems while the engineer was not logged in. The engineer is responsible for administering the SCADA systems and cannot be blocked from connecting to them. What should Maria do to mitigate this threat?
B. Implement account usage auditing on the SCADA system.
104. Helga works for a bank and is responsible for secure communications with the online banking application. The application uses TLS to secure all customer communications. She has noticed that since migrating to larger encryption keys, the server's performance has declined. What would be the best way to address this issue?
B. Implement an SSL accelerator
133. Donald is responsible for networking for a defense contractor. He is concerned that emanations from UTP cable could reveal classified information. Which of the following would be his most effective way to address this?
B. Implement protected cabling.
124. Gerard is responsible for physical security at his company. He is considering using cameras that would detect a burglar entering the building at night. Which of the following would be most useful in accomplishing this goal?
B. Infrared-sensing camera
117. Janice is explaining how IPSec works to a new network administrator. She is trying to explain the role of IKE. Which of the following most closely matches the role of IKE in IPSec?
B. It establishes the SAs.
71. Which of the following is the most important benefit from implementing SDN?
B. It provides scalability.
43. Which cloud service model provides the consumer with the infrastructure to create applications and host them?
B. PaaS
99. Your development team primarily uses Windows, but they need to develop a specific solution that will run on Linux. What is the best solution to getting your programmers access to Linux systems for development and testing?
B. PaaS
19. Which of the following is the equivalent of a VLAN from a physical security perspective?
B. Partitioning
148. Clark is responsible for mobile device security in his company. Which of the following is the most important security measure for him to implement?
B. Patch management
37. You are the security officer for a large company. You have discovered malware on one of the workstations. You are concerned that the malware might have multiple functions and might have caused more security issues with the computer than you can currently detect. What is the best way to test this malware?
B. Place the malware in a sandbox environment for testing.
68. Teresa has deployed session tokens on her network. These would be most effective against which of the following attacks?
B. Replay
137. Mike is a network administrator for an e-commerce company. There have been several updates to the operating system, the webserver software, and the web application, all within the last 24 hours. It appears that one of these updates has caused a significant security problem. What would be the best approach for Mike to take to correct this problem?
B. Roll the server back to the last known good state.
93. Ariel is responsible for software development in her company. She is concerned that the software development team integrate well with the network system. She wants to ensure that software development processes are aligned with the security needs of the entire network. Which of the following would be most important for her to implement?
B. Secure DevOps
126. You are working for a large company. You are trying to find a solution that will provide controlled physical access to the building and record every employee who enters the building. Which of the following would be the best for you to implement?
B. Smart card access
87. Mark is responsible for a server that runs sensitive software for a major research facility. He is very concerned that only authorized software execute on this server. He is also concerned about malware masquerading as legitimate, authorized software. What technique would best address this concern?
B. Software attestation
22. Which type of firewall examines the content and context of each packet it encounters?
B. Stateful packet filtering firewall
101. Hanz is responsible for the e-commerce servers at his company. He is concerned about how they will respond to a DoS attack. Which software testing methodology would be most helpful in determining this?
B. Stress testing
143. Ryan is concerned about the security of his company's web application. Since the application processes confidential data, he is most concerned about data exposure. Which of the following would be the most important for him to implement?
B. TLS
13. John works for an insurance company. His company uses a number of operating systems, including Windows and Linux. In this mixed environment, what determines the network operating system?
B. The OS of the domain controller
12. Mohaned is concerned about malware infecting machines on his network. One of his concerns is that malware would be able to access sensitive system functionality that requires administrative access. What technique would best address this issue?
B. Using a nonadministrative account for normal activities
32. Joanne works for a large insurance company. Some employees have wearable technology, such as smart watches. What is the most significant security concern from such devices?
B. These devices can be used to carry data in and out of the company.
3. Cheryl is responsible for cybersecurity at a mid-sized insurance company. She has decided to utilize a different vendor for network antimalware than she uses for host antimalware. Is this a recommended action, and why or why not?
B. This is recommended; this is described as vendor diversity.
29. John is responsible for security in his company. He is implementing a kernel integrity subsystem for key servers. What is the primary benefit of this action?
B. To detect whether files have been altered
84. Emiliano is a network administrator and is concerned about the security of peripheral devices. Which of the following would be a basic step he could take to improve security for those devices?
B. Turn off remote access (SSH, telnet, etc.) if not needed.
112. Dennis is trying to set up a system to analyze the integrity of applications on his network. He wants to make sure that the applications have not been tampered with or Trojaned. What would be most useful in accomplishing this goal?
B. Use cryptographic hashes.
63. Farès is responsible for managing the many virtual machines on his company's networks. Over the past two years, the company has increased the number of virtual machines significantly. Farès is no longer able to effectively manage the large number of machines. What is the term for this situation?
B. VM sprawl
35. Lucy works as a network administrator for a large company. She needs to administer several servers. Her objective is to make it easy to administer and secure these servers, as well as making the installation of new servers more streamlined. Which of the following best addresses these issues?
B. Virtualizing the servers
106. Which of the following is the best description for VM sprawl?
B. When there are more VMs than IT can effectively manage
40. Which of the following 802.11 standards is supported in WPA2, but not in WEP or WPA?
C. 802.11i
114. Tom is responsible for VPN connections in his company. His company uses IPSec for VPNs. What is the primary purpose of AH in IPSec?
C. Authenticate the entire packet.
120. Liam is responsible for monitoring security events in his company. He wants to see how diverse events may connect. He is interested in identifying different indicators of compromise that may point to the same breach. Which of the following would be most helpful for him to implement?
C. Correlation engine
129. Carole is concerned about security for her server room. She wants the most secure lock she can find for the server room door. Which of the following would be the best choice for her?
C. Deadbolt
132. Daniel is responsible for physical security in his company. All external doors have electronic smart card access. In an emergency such as a power failure, how should the doors fail?
C. Fail open
69. Hector is using infrared cameras to verify that servers in his datacenter are being properly racked. Which of the following datacenter elements is he concerned about?
C. Hot and cold aisles
76. Abigail is responsible for datacenters in a large, multinational company. She has to support multiple datacenters in diverse geographic regions. What would be the most effective way for her to manage these centers consistently across the enterprise?
C. Implement Infrastructure as Code (IaC)
38. Web developers in your company currently have direct access to the production server and can deploy code directly to it. This can lead to unsecure code, or simply code flaws being deployed to the live system. What would be the best change you could make to mitigate this risk?
C. Implement a staging server.
8. Mary is the CISO for a mid-sized company. She is attempting to mitigate the danger of computer viruses. Which administrative control can she implement to help achieve this goal?
C. Implement network-based antimalware.
105. What is the primary advantage of allowing only signed code to be installed on computers?
C. It verifies who created the software.
122. You have been instructed to find a VPN solution for your company. Your company uses TACACS+ for remote access. Which of the following would be the best VPN solution for your company?
C. L2TP
30. You are responsible for BIOS security in your company. Which of the following is the most fundamental BIOS integrity technique?
C. Managing BIOS passwords
31. You have been asked to implement security for SCADA systems in your company. Which of the following standards will be most helpful to you?
C. NIST 800-30
113. George is a network administrator at a power plant. He notices that several turbines had unusual ramp-ups in cycles last week. After investigating, he finds that an executable was uploaded to the system control console and caused this. Which of the following would be most effective in preventing this from affecting the SCADA system in the future?
C. Place the SCADA system on a separate VLAN.
66. Juan is responsible for the physical security of the company server room. He has been asked to recommend a type of fire suppression system for the server room. Which of the following would be the best choice?
C. Pre-action
77. Olivia is responsible for web application security for her company's e-commerce server. She is particularly concerned about XSS and SQL injection. Which technique would be most effective in mitigating these attacks?
C. Proper input validation
102. You are the CIO for a small company. The company wants to use cloud storage for some of its data, but cost is a major concern. Which of the following cloud deployment models would be best?
C. Public cloud
127. David is responsible for cryptographic keys in his company. What is the best way to deauthorize a public key?
C. Publish that certificate in the CRL.
26. You're outlining your plans for implementing a wireless network to upper management. Which protocol was designed to provide security for a wireless network and is considered equivalent to the security of a wired network?
C. WPA2
107. Which of the following is the best description of a stored procedure?
C. SQL statements compiled on the database server as a single procedure that can be called
123. Jacob is the CIO for a mid-sized company. His company has very good security policies and procedures. The company has outsourced its web application development to a well-known web programming company. Which of the following should be the most important security issue for Jacob to address?
C. Security practices of the web application vendor
58. Hans is a security administrator for a large company. Users on his network visit a wide range of websites. He is concerned they might get malware from one of these many websites. Which of the following would be his best approach to mitigate this threat?
C. Set browsers to allow only signed components
47. Mohaned is a security analyst and has just removed malware from a virtual server. What feature of virtualization would he use to return the virtual server to a last known good state?
C. Snapshot
85. Ixxia is a software development team manager. She is concerned about memory leaks in code. What type of testing is most likely to find memory leaks?
C. Static code analysis
98. Your company is interested in keeping data in the cloud. Management feels that public clouds are not secure but is concerned about the cost of a private cloud. What is the solution you would recommend?
C. Suggest that they consider a community cloud.
28. Suzan is responsible for application development in her company. She wants to have all web applications tested prior to being deployed live. She wants to use a test system that is identical to the live server. What is this called?
C. Test server
42. Juan is responsible for wireless security in his company. He has decided to disable the SSID broadcast on the single AP the company uses. What will the effect be on client machines?
C. They will no longer see the SSID as an available network.
144. Arjun has just taken over web application security for a small company. He notices that some values are temporarily stored in hidden fields on one of the web pages. What is this called and how would it be best characterized?
C. This is obfuscation, a possible security flaw.
7. Janelle is the security administrator for a small company. She is trying to improve security throughout the network. Which of the following steps should she take first?
C. Turn off unneeded services on all computers.
128. Thomas is trying to select the right fire extinguisher for his company's server room. Which of the following would be his best choice?
C. Type C
111. Teresa is the network administrator for a small company. The company is interested in a robust and modern network defense strategy but lacks the staff to support it. What would be the best solution for Teresa to use?
C. Use Security as a Service
95. You are using a sophisticated system that models various attacks on your networks. You intend for this system to help your team realize weak areas and improve response to incidents. What is the most important step to take before relying on data from this system?
C. Verify the models being used.
59. Elizabeth has implemented agile development for her company. What is the primary difference between agile development and the waterfall method?
D. Agile repeats phases.
125. Tim is implementing a Faraday cage around his server room. What is the primary purpose of a Faraday cage?
D. Block EMI
80. Lilly is responsible for security on web applications for her company. She is checking to see that all applications have robust input validation. What is the best way to implement validation?
D. Client-side and server-side validation
103. Alisha is monitoring security for a mid-sized financial institution. Under her predecessor there were multiple high-profile breaches. Management is very concerned about detecting any security issues or breach of policy as soon as possible. Which of the following would be the best solution for this?
D. Continuous monitoring
49. Jarod is concerned about EMI affecting a key escrow server. Which method would be most effective in mitigating this risk?
D. Faraday cage
138. Which device would most likely process the following rules?
D. Firewall
20. In an attempt to observe hacker techniques, a security administrator configures a nonproduction network to be used as a target so that he can covertly monitor network attacks. What is this type of network called?
D. Honeynet
4. Maria is a security administrator for a large bank. She is concerned about malware, particularly spyware that could compromise customer data. Which of the following would be the best approach for her to mitigate the threat of spyware?
D. Host and network antimalware, computer usage policies, and employee training
15. You are responsible for security at your company. You want to improve cloud security by following the guidelines of an established international standard. What standard would be most helpful?
D. ISO 27002
82. Sarah is the CIO for a small company. The company uses several custom applications that have complicated interactions with the host operating system. She is concerned about ensuring that systems on her network are all properly patched. What is the best approach in her environment?
D. Immediately deploy patches to a test environment, then as soon as testing is complete have a staged rollout to the network.
119. Doug is a network administrator for a small company. The company has recently implemented an e-commerce server. This has placed a strain on network bandwidth. What would be the most cost-effective means for him to address this issue?
D. Implement aggregation switches.
88. Hannah is a programmer with a large software company. She is interested in ensuring that the module she just created will work well with a module created by another program. What type of testing is this?
D. Integration testing
140. You are responsible for an e-commerce site. The site is hosted in a cluster. Which of the following techniques would be best in assuring availability?
D. Load balancing
141. When you are concerned about application security, what is the most important issue in memory management?
D. Make sure you release any memory you allocate.
56. Isabella is responsible for database management and security. She is attempting to remove redundancy in the database. What is this process called?
D. Normalization
96. Your company has an accounting application that was developed in-house. It has been in place for 36 months, and functioning very well, with very few issues. You have just made a minor change to the tax calculation based on a change in tax law. What should be your next step?
D. Perform regression testing
108. Farès is responsible for security at his company. He has had bollards installed around the front of the building. What is Farès trying to accomplish
D. Preventing a vehicle from being driven into the building
48. Lisa is concerned about fault tolerance for her database server. She wants to ensure that if any single drive fails, it can be recovered. What RAID level would support this goal while using distributed parity bits?
D. RAID 5
135. Juanita is responsible for servers in her company. She is looking for a fault-tolerant solution that can handle two drives failing. Which of the following should she select?
D. RAID 6
150. You are the CISO for a mid-sized health care company. Which of the following is the most important for you to implement?
D. Regulatory requirements
70. Gerald is concerned about unauthorized people entering the company's building. Which of the following would be most effective in preventing this?
D. Security guards
146. When you're implementing security cameras in your company, which of the following is the most important concern?
D. Security of the camera and video storage
61. You are responsible for database security at your company. You are concerned that programmers might pass badly written SQL commands to the database, or that an attacker might exploit badly written SQL in applications. What is the best way to mitigate this threat?
D. Stored procedures
136. You are a network administrator for a mid-sized company. You need all workstations to have the same configuration. What would be the best way for you to accomplish this?
D. Use a master image that is properly configured and image all workstations from that.
73. Lars is auditing the physical security of a company. The company uses chain-link fences on its perimeter. The fence is over pavement, not soft ground. How close to the ground should the bottom of the fence be?
D. Within 2 inches