itn 260 final exap test 1+2

Due to a breach, a certificate must be permanently revoked, and you don't want it to ever be used again. What is often used to revoke a certificate?

CRL

A major organization in the tracking and reporting of common computer and network security problems is ___________________.

CERT

Employees in your company are provided smartphones by the company. Which of the following best describes this?

COPE

Which of the following is a passive method of threat response?

Logging the event

___________________ provide rules for expected behaviors to people in an organization.

Policies

John is working on designing a network for the insurance company where he is employed. He wants to put the web server in an area that has somewhat less security so that outside users might access it. But he does not want that to compromise the security of the rest of the network. What would be John's best approach?

Place the web server in a DMZ.

Which organization is tasked with developing standards for, and tries to improve, the Internet

IETF

Which of the following would normally not be part of an incident response policy?

Contingency plans

Which feature of cloud computing involves dynamically provisioning (or deprovisioning) resources as needed?

Elasticity

Which of the following does not apply to a hashing algorithm?

Long key size

Which cloud service model gives the consumer the ability to use applications provided by the cloud provider over the Internet?

SaaS

Which of the following types of penetration testing focuses on the system, using techniques such as port scans, traceroute information, and network mapping to find weaknesses?

Active reconnaissance

Which type of load balancing configuration means that more than one load balancing server is working at all times to handle the load/requests as they come in?

Active-active

___________________ are used to monitor a network for suspect activity.

Intrusion Detection System

Melissa is planning on implementing biometric authentication on her network. Which of the following should be a goal for any biometric solution she selects?

Low CER

Jarod is evaluating web-based, single sign-on solutions. Which of the following technologies is most associated with web page authorization?

SAML

Ahmed is a network administrator for an insurance company. He is concerned about users storing company data on their smartphones to exfiltrate that data. Which of the following best describes this?

USB OTG

Which of the following is NOT one of the cloud delivery models recognized by NIST?

Unlisted

An IV attack is usually associated with which of the following wireless protocols?

WEP

Which security protocol for wireless networks attempts to establish the same security for them as would be present in a wired network?

WEP

Which of the following fully implements the 802.11i security standards?

WPA2

What technology is used to simplify network setup by allowing a router to have the administrator push a button on it to allow a new host to join?

WPS

Which of the following is the best description of shoulder surfing?

Watching someone enter important information

"Full disclosure testing" is more often known as which of the following?

White box

Which "X." standard defines certificate formats and fields for public keys?

X. 509

Which of the following is an IPsec header used to provide a mix of security services in IPv4 and IPv6?

ESP

Which of the following types of vulnerability scans uses actual network authentication to connect to systems and scan for vulnerabilities?

Endorsed

As the head of IT for MTS, you're explaining some security concerns to a junior administrator who has just been hired. You're trying to emphasize the need to know what is important and what isn't. Which of the following is not a consideration in key storage?

Environmental controls

With which of the following subscription-based models is security more cost effective than individuals or smaller corporations could ever get on their own?

SECaaS

Juanita is implementing a security mechanism that will fully encrypt the hard drive of laptops in her organization. The encryption and decryption will be automatic. What best describes what Juanita is implementing?

SED

Which of the following work by decrypting encrypted traffic (SSL or TLS), inspecting it, and then re-encrypting it before sending it on to its destination?

SSL decryptors

The process of reducing or eliminating susceptibility to outside interference is called what?

Shielding

Which device monitors network traffic in a passive manner?

Sniffer

Evan fears that the tenant in the office next door is using RF interference to try to force his small company to vacate the building in frustration. Purposely obstructing or interfering with a signal is known as which of the following?

Jamming

You've been assigned to mentor a junior administrator and bring her up to speed quickly. The topic you're currently explaining is authentication. Which method uses a KDC to accomplish authentication for users, programs, or systems?

Kerberos

Your company has implemented email encryption throughout the enterprise. You are concerned that someone might lose their cryptographic key. You want to implement some mechanism for storing copies of keys and recovering them. What should you implement?

Key escrow

Your office administrator is being trained to perform server backups. Which access control method would be ideal for this situation?

RBAC

What is the primary organization for maintaining certificates called?

CA

Which wireless technology uses TKIP?

WPA

In a hot and cold aisle system, what is the typical method of handling cold air?

t is pumped in from below raised floor tiles.

Which PKCS standard is the standard for password-based cryptography?

PKCS #5

Which cloud service model provides the consumer with the infrastructure to create applications and host them?

PaaS

What is the process of applying manual changes to a program called?

Patching

Which of the following is NOT necessary to back up?

Applications

Your company owns a printing press worth $100,000. If it were damaged in a fire, it would be worth $8,000 in parts. What would the single loss expectance (SLE) be?

$8,000

What TCP port does Telnet use?

23

Computer room humidity should ideally be kept above ___________________ percent

50

What TCP port does HTTP use?

80

Which standard defines port-based security for wireless network access control?

802.1x

You are a network administrator for ACME Corporation. You want to implement a new access control mechanism. The mechanism you are considering takes into account the entire environment/scenario of the access request. What does this describe?

ABAC

According to the TCP/IP model, HTTP functions at which layer?

Application

Which of the following is an attack where a program or service is placed on a server to bypass normal security procedures?

Back Door

A ___________________ security device uses some biological characteristic of human beings to uniquely identify a person for authentication.

Biometric

Which technology uses a physical characteristic to establish identity?

Biometrics

Which of the following is a type of smartcard issued by the Department of Defense as a general identification/authentication card for military personnel, contractors, and non-DoD employees?

CAC

Individuals who specialize in the making of codes are known as ___________________.

Cryptographers

Servers or computers that have two NIC cards, each connected to separate networks, are known as what type of computers?

Dual-homed

Which of the following Evaluation Assurance Levels (EAL) specifies that the user wants assurance that the system will operate correctly, but threats to security are not viewed as serious?

EAL 1

Elizabeth works for a company that manufactures portable medical devices, such as insulin pumps. She is concerned about security for the device. Which of the following would be the most helpful in securing these devices?

Ensure that all communications with the device are encrypted.

The process of automatically switching from a malfunctioning system to another system is called what?

Failover

What is the term used for events that were mistakenly flagged although they weren't truly events about which to be concerned?

False positives

Which of the following devices are the first line of defense for networks connected to the Internet?

Firewalls

Which of the following is the best description of tailgating?

Following someone through a door they just unlocked

Due to growth beyond current capacity, a new server room is being built. As a manager, you want to make certain that all the necessary safety elements exist in the room when it's finished. Which fire-suppression system works best when used in an enclosed area by displacing the air around a fire?

Gas based

Which of the following would be most effective in preventing a thief from using a mobile device stolen from your company?

Geofencing

Which IDS system uses algorithms to analyze the traffic passing through the network?

Heuristic

A ___________________ is a system designed to fool attackers into thinking a system is unsecured so they will attack it. Then the "victim" will learn their attack methods without compromising a live system.

Honey Pot

What is a system that is intended or designed to be broken into by an attacker?

Honeypot

Which of the following is a series of standards that define procedures for implementing electronically secure industrial automation and control systems?

ISA/IEC-62443

In which cloud service model can the consumer "provision" and "deploy and run"?

IaaS

Terrance is examining an authentication system that was developed at MIT and uses tickets for authentication. What system is Terrance most likely examining?

KERBEROS

Which authentication method uses a Key Distribution Center (KCD)?

Kerberos

Upper management has suddenly become concerned about security. As the senior network administrator, you are asked to suggest changes that should be implemented. Which of the following access methods should you recommend if the technique to be used is one that is primarily based on preestablished access and can't be changed by users?

MAC

MAC is an acronym for what as it relates to cryptography?

Message authentication code

What is the form of social engineering in which you simply ask someone for a piece of information that you want by making it look as if it is a legitimate request?

Phishing

Upper management has decreed that a firewall must be put in place immediately, before your site suffers an attack similar to one that struck a sister company. Responding to this order, your boss instructs you to implement a packet filter by the end of the week. A packet filter performs which function?

Prevents unauthorized packets from entering the network

Which cloud delivery model is implemented by a single organization, enabling it to be implemented behind a firewall?

Private

Which of the following strategies necessitates an identified risk that those involved understand the potential cost/damage and agree to live with it?

Risk acceptance

Which of the following strategies involves identifying a risk and making the decision to discontinue engaging in the action?

Risk avoidance

Which of the following agreements contains the technical information regarding the technical and security requirements of the interconnection between two or more organizations?

Risk deterrence

Which hashing algorithm uses a 160-bit hash value?

SHA

Gertrude is managing a new software project. The project has very clearly defined requirements that are not likely to change. Which of the following is the most appropriate development model for her?

Scrum

As part of your training program, you're trying to educate users on the importance of security. You explain to them that not every attack depends on implementing advanced technological methods. Some attacks take advantage of human shortcomings to gain access that should otherwise be denied. What term do you use to describe attacks of this type?

Social engineering

With which tunnel configuration are only some (usually all incoming) requests routed and encrypted over the VPN?

Split

Which of the following is an internal threat?

System Failure

Which remote access protocol, implemented almost exclusively by Cisco, is a central server providing remote access usernames that dial-up users can use for authentication.

TACACS+

You have taken out an insurance policy on your data/systems to share some of the risk with another entity. What type of risk strategy is this?

Transference

Which of the following is similar to Blowfish but works on 128-bit blocks?

Twofish

Type K fire extinguishers are intended for use on cooking oil fires. This type is a subset of which other type of fire extinguisher?

Type B

Which fire extinguisher type is the best to be used on computer equipment in the case of a computer fire?

Type C

When your company purchased a virtual datacenter provider, you inherited a mess. The employees working there had to respond regularly to requests to create virtual machines without the disciplines and controls normally found in the physical world. This resulted in machines being over-provisioned (too much CPU, memory, or disk) and consuming resources long after they were no longer required. What type of problem is this?

VM sprawl

If you wanted to connect two networks securely over the Internet, what type of technology could you use?

VPN

When you combine phishing with Voice over IP, it is known as:

Vishing

Which of the following is another name for social engineering?

Wetware

John is a network administrator for ACME company. He is trying to explain least privileges to a new technician. Which of the following is the basic premise of least privilege?

When assigning permissions, give users only the permissions they need to do their work and no more.

The area of an application that is available to users (those who are authenticated as well as those who are not) is known as its:

attack surface

Which access control method model grants rights or privileges based on their job function or position held?

RBAC

Although a hybrid cloud could be any mixture of cloud delivery models, it is usually a combination of which of the following?

Public and private

What protocol is used by technologies for load balancing/prioritizing traffic?

QoS

Refer to the scenario in question 2. Which of the following amounts is the ALE for this scenario?

$16,666.67

Refer to the scenario in question 2. Which of the following is the ARO for this scenario?

0.0167

With near field communication (NFC) technology, the industry tends to use what distance as "near"?

1.6 inches

How many channels does the 802.11 standard define?

14

You're explaining the basics of security to upper management in an attempt to obtain an increase in the networking budget. One of the members of the management team mentions that they've heard of a threat from a virus that attempts to mask itself by hiding code from antivirus software. What type of virus is she referring to?

Armored virus

The risk assessment component, in conjunction with the __________, provides the organization with an accurate picture of the situation facing it.

BIA

An alert signals you that a server in your network has a program running on it that bypasses authorization. Which type of attack has occurred?

Backdoor

A client calls you and says that he wants to turn off the SSID broadcast on his small network because he is afraid that those simply scanning for a network are finding it and trying to connect to it. You inform him that this is a very weak form of security and suggest some other options, but he is insistent on this being done. What is this form of hiding the router known as?

Cloaking

Which of the following are on-premise or cloud-based security policy enforcement points?

Cloud access security brokers

Which cloud delivery model has an infrastructure shared by several organizations with shared interests and common IT needs?

Community

You're the chief security contact for MTS. One of your primary tasks is to document everything related to security and to create a manual that can be used to manage the company in your absence. Which documents should be referenced in your manual as the ones that identify the methods used to accomplish a given task?

Guidelines

Which of the following provides continuous online backup by using optical or tape jukeboxes?

HSM

You are a junior security administrator for a large bank. You have been asked to make the database servers as secure as they can be. The process of making certain that an entity (operating system, application, and so on) is as secure as it can be is known as which of the following?

Hardening

Which of the following will not reduce EMI?

Humidity control

Which cloud delivery model could be considered an amalgamation of other types of delivery models?

Hybrid

You've been brought in as a security consultant for a small bicycle manufacturing firm. Immediately, you notice that they're using a centralized key-generating process, and you make a note to dissuade them from that without delay. What problem is created by using a centralized key-generating process?

Key transmission

Which organization can be used to identify an individual for certificate issue in a PKI environment?

LRA

Which of the following policies should be used when assigning permissions, giving users only the permissions they need to do their work and no more?

Least privilege

Which U.S. government agency is responsible for creating and breaking codes?

NSA

The command monlist can be used with which protocol as part of an amplification attack?

NTP

As more and more clients have been added to your network, the efficiency of the network has decreased significantly. You're preparing a budget for next year, and you specifically want to address this problem. Which of the following devices acts primarily as a tool to improve network efficiency?

Switch

Which of the following are multiport devices that improve network efficiency?

Switches

You work for an electronics company that has just created a device that emits less RF than any competitor's product. Given the enormous importance of this invention and of the marketing benefits it could offer, you want to have the product certified. Which certification is used to indicate minimal electronic emissions?

TEMPEST

You've been given notice that you'll soon be transferred to another site. Before you leave, you're to audit the network and document everything in use and the reason why it's in use. The next administrator will use this documentation to keep the network running. Which of the following protocols isn't a tunneling protocol but is probably used at your site by tunneling protocols for network security?

ipsec

Tom is responsible for account management in his company. For user John Smith who is an administrator, which of the following would be the best name for him to choose?

jsmith

Which kind of security attack is a result of the trusting nature of human beings?

social engineering

What is the size of the wrapper TKIP places around the WEP encryption with a key that is based on things such as the MAC address of your machine and the serial number of the packet?

128-bit

Proximity readers work with which of the following? (Choose all that apply.)

13.56 MHZ smart card 125 kHz proximity card

What is the size of the initialization vector (IV) that WEP uses for encryption?

24-bit

Juanita is responsible for setting up network accounts for her company. She wants to establish an account for the SQL Server service. Which of the following would be the best type of account for her to use?

A user/service account

You need to encrypt your hard drive. Which of the following is the best choice?

AES

Which of the following policies describes how the employees in an organization can use company systems and resources, both software and hardware?

Acceptable use

Which of the following policy statements should address who is responsible for ensuring that the policy is enforced?

Accountability

In intrusion detection system vernacular, which account is responsible for setting the security policy for an organization?

Administrator

You are concerned about your backup files becoming infected with malware. Which of the following technologies would be best to protect your backup?

Air-gap

Which of the following is a reversion from a change that had negative consequences?

Backout

Which site best provides limited capabilities for the restoration of services in a disaster?

Backup site

Which of the following terms refers to the process of establishing a standard for security?

Baselining

Which of the following types of attacks involves the sending of unsolicited messages over a Bluetooth connection?

Bluejacking

Using Bluetooth to extract data from a victim's phone is best described as which of the following?

Bluesnarfing

Which of the following is the gaining of unauthorized access through a Bluetooth connection?

Bluesnarfing

Which network devices are used to divide larger networks into smaller sections by sitting between two physical network segments and managing the flow of data between the two?

Bridges

Which method of code breaking tries every possible combination of characters in an attempt to "guess" the password or key?

Brute Force

John is looking for a solution for his company that will give the company the most control over mobile devices, while still having the employees purchase their own devices. Which of the following solutions should he select?

CYOD

What document describes how a CA issues certificates and for what they are used?

Certificate policies

Which of the following is the best example of perimeter security?

Chain link fence

Which of the following is the structured approach that is followed to secure a company's assets?

Change management

An attacker has placed an opaque layer over the Request A Catalog button on your web page. This layer tricks visitors into going to a form on a different website and giving their contact information to another party when their intention was to give it to you. What type of attack is this known as?

Clickjacking

When your servers become too busy, you can offload traffic to resources from a cloud provider. This is known as which of the following?

Cloud bursting

Separation of duties helps to prevent an individual from embezzling money from a company. To embezzle funds successfully, an individual would need to recruit others to commit an act of __________ (an agreement between two or more parties established for the purpose of committing deception or fraud).

Collusion

Which access control method model allows the owner of a resource to grant privileges to information they own?

DAC

You find that users on your network are getting dropped from the wireless connection. When you check the logs for the wireless access point, you find that a deauthentication packet has been sent to the WAP from the users' IP addresses. What seems to be happening here?

Disassociation attack

Which plan or policy helps an organization determine how to relocate to an emergency site?

Disaster-recovery plan

With Bluetooth devices suddenly popping up everywhere in your network, you want to secure as many of them as possible. One of the simplest methods of securing these devices is not to set their attribute to:

Discoverable

Which type of attack denies authorized users access to network resources?

DoS

You are the administrator of the sybex.com website. You are working when suddenly web server and network utilization spikes to 100% and stays there for several minutes and users start reporting "Server not available" errors. You may have been the victim of what kind of attack?

DoS

Which of the following Evaluation Assurance Levels (EAL) is the common security benchmark for commercial systems?

EAL 4

Which of the following is attack in which a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit?

Evil twin

A ___________________ is used to provide EMI and RFI shielding for an entire room of computer or electronic equipment (also used to prevent eavesdropping).

Faraday cage

Which of the following is a concept that works on the assumption that any information created on any system is stored forever?

Full archival

John is responsible for application security at his company. He is concerned that the application reacts appropriately to unexpected input. What type of testing would be most helpful to him?

Fuzzing

Which of the following is the technique of providing unexpected values as input to an application to try to make it crash?

Fuzzing

The __________ backup method is based on the philosophy that a full backup should occur at regular intervals, such as monthly or weekly?

GFS

You're a consultant brought in to advise MTS on its backup procedures. One of the first problems you notice is that the company doesn't use a good tape-rotation scheme. Which backup method uses a rotating schedule of backup media to ensure long-term information storage?

Grandfather, Father, and Son method

Which of the following is a newer backup type that provides continuous online backup by using optical or tape jukeboxes and can be configured to provide the closest version of an available real-time backup?

HSM

You've been chosen to lead a team of administrators in an attempt to increase security. You're currently creating an outline of all the aspects of security that will need to be examined and acted on. Which of the following terms describes the process of improving security in a network operating system (NOS)?

Hardening

What is the machine on which virtualization software is running known as?

Host

The TCP protocol functions at which layer of the TCP/IP model?

Host-to-Host

A ___________________ is a backup location that can provide services within hours of complete system failure.

Hot site

A ___________________ is a repair made while the system being repaired remains in operation.

Hotfix

Your company does electronic monitoring of individuals under house arrest around the world. Because of the sensitive nature of the business, you can't afford any unnecessary downtime. What is the process of applying a repair to an operating system while the system stays in operation?

Hotfix

Which of the following is NOT a routing protocol?

ICMP

You're trying to rearrange your backup procedures to reduce the amount of time they take each evening. You want the backups to finish as quickly as possible during the week. Which backup system backs up only the files that have changed since the last backup?

Incremental backup

Gerard is concerned about SQL injection attacks on his company's e-commerce server. What security measure would be most important for him to implement?

Input validation

Which type of penetration-style testing involves actually trying to break into the network?

Intrusive

Juanita is the security administrator for a large university. She is concerned about copyright issues and wants to ensure that her university does not violate copyrights. What would be her main concern regarding unauthorized software?

It might be copyrighted.

What principle is most important in setting up network accounts?

Least privileges

Your system has just stopped responding to keyboard commands. You noticed that this occurred when a spreadsheet was open and you connected to the Internet. Which kind of attack has probably occurred?

Logic bomb

Which problem can occur when more than one bridge or switch is implemented on the network, and the devices confuse each other by leading one another to believe that a host is located on a certain segment when it is not?

Loops

John is concerned about message integrity. He wants to ensure that message integrity cannot be compromised no matter what the threat. What would best help him accomplish this goal?

MAC

Which access control model is a static model that uses predefined access privileges for resources that are assigned by the administrator?

MAC

Which AP-based technology can increase security dramatically by allowing or denying access based on a client's physical address?

MAC filtering

Karl from Accounting is in a panic. He is convinced that he has identified malware on the servers—a type of man-in-the-middle attack in which a Trojan horse manipulates calls between the browser and yet still displays back the user's intended transaction. What type of attack could he have stumbled on?

Man-in-the-browser

An administrator at a sister company calls to report a new threat that is making the rounds. According to him, the latest danger is an attack that attempts to intervene in a communications session by inserting a computer between the two systems that are communicating. Which of the following types of attacks does this constitute?

Man-in-the-middle attack

Ahmed has been working to mitigate the threat of malware in his network. He has selected a specific vendor (Vendor ABC) for his antivirus software. He is using ABC products everywhere he needs antivirus software. Is this the correct decision? Why or why not?

No, this violates vendor diversity.

Mary claims that she didn't make a phone call from her office to a competitor and tell them about developments at her company. Telephone logs, however, show that such a call was placed from her phone, and time clock records show that she was the only person working at the time. What do these records provide?

Nonrepudiation

Myra is concerned about database security. She wants to begin with a good configuration of the database. Which of the following is a fundamental issue with database configuration?

Normalization

The CRL takes time to be fully disseminated. Which protocol allows a certificate's authenticity to be immediately verified?

OCSP

Mary is responsible for website security in her company. She wants to address widely known and documented web application vulnerabilities. Which resource would be most helpful?

OWASP

Your IT manager has stated that you need to select an appropriate tool for email encryption. Which of the following would be the best choice?

PGP

A firewall operating as a ___________________ firewall will pass or block packets based on their application or TCP port number.

Packet filter

Locking the door(s) to the server room involves what kind of security?

Physical

Karl is conducting penetration testing on the Pranks Anonymous servers and having difficulty finding a weakness. Suddenly, he discovers that security on a different company's server—a vendor to Pranks Anonymous—can be breached. Once he has compromised the completely different company's server, he can access the Pranks Anonymous servers and then launch an attack. What is this weakness/exploit known as?

Pivot

You are responsible for e-commerce security at your company. You want to use the most widely implemented asymmetric algorithm available today. Which of the following is the most widely used asymmetric algorithm today?

RSA

Denish is testing an application that is multithreaded. Which of the following is a specific concern for multithreaded applications?

Race conditions

RFI is the byproduct of electrical processes, similar to EMI. The major difference is that RFI is usually projected across which of the following?

Radio spectrum

Your company has grown at a tremendous rate, and the need to hire specialists in various IT areas has become apparent. You're helping to write an online advertisement that will be used to recruit new employees, and you want to make certain that applicants possess the necessary skills. One knowledge area in which your organization is weak is database intelligence. What is the primary type of database used in applications today that you can mention in the ads?

Relational.

A ___________________is the term for an area in a building where access is individually monitored and controlled.

Security Zone

Which of the following policies are designed to reduce the risk of fraud and prevent other losses in an organization?

Separation of duties

The administrator at MTS was recently fired, and it has come to light that he didn't install updates and fixes as they were released. As the newly hired administrator, your first priority is to bring all networked clients and servers up to date. What is a bundle of one or more system fixes in a single product called?

Service Pack

A periodic update that corrects problems in one version of a product is called a(n) __________.

Service pack

What term describes when the item used to validate a user's session, such as a cookie, is stolen and used by another to establish a session with a host that thinks it is still communicating with the first party?

Session hijacking

What is another name for working copies?

Shadow copies

Which of the following is a small library that is created to intercept API calls transparently?

Shim

Dennis has implemented an authentication system that uses a password, a PIN, and the user's birthday. What best describes this system?

Single factor

With which of the following subscription-based models is security more cost effective than individuals or smaller corporations could ever get on their own?

Snapshot

What kind of virus could attach itself to the boot sector of your disk to avoid detection and report false information about file sizes?

Stealth virus

What kind of cryptographic method replaces one character with another from a "match-up list" to produce the ciphertext? The decoder wheels kids get in cereal boxes often make this kind of cryptography.

Substitution cipher

Kristin from Payroll has left the office on maternity leave and won't return for at least six weeks. You've been instructed to suspend her key. Which of the following statements is true?

Suspended keys can be reactivated.

Your company provides medical data to doctors from a worldwide database. Because of the sensitive nature of the data, it's imperative that authentication be established on each session and be valid only for that session. Which of the following authentication methods provides credentials that are valid only during a single session?

Tokens

You have added a new child domain to your network. As a result of this, the child has adopted all of the trust relationships with other domains in the forest that existed for its parent domain. What is responsible for this?

Transitive access

In which two modes can IPSec work?

Tunneling and Transport

You've been drafted for the safety committee. One of your first tasks is to inventory all the fire extinguishers and make certain that the correct types are in the correct locations throughout the building. Which of the following categories of fire extinguisher is intended for use on electrical fires?

Type C

Which type of hypervisor implementation is known as "bare metal"?

Type I

Which hypervisor model needs the operating system to be up and cannot boot until it is?

Type II

Which type of hypervisor implementation is known as "hosted"?

Type II

During the authentication part of setting up his small office access point, Wolfgang was required to enter a PIN within 60 seconds. This process is known as:

Wi-Fi Protected Setup

Although you're talking to her on the phone, the sound of the administrative assistant's screams of despair can be heard down the hallway. She has inadvertently deleted a file that the boss desperately needs. Which type of backup is used for the immediate recovery of a lost file?

Working copies

Which of the following involves unauthorized commands coming from a trusted user to the website?

XSRF

Which of the following is NOT one of the three cloud service models recognized by the NIST?

XaaS

John is trying to determine the origin of an email. He has captured the email headers and knows the IP address of the originating email server. What command would show John the complete path to that IP address?

tracert

Consider the following scenario. The asset value of your company's primary servers is $2 million, and they are housed in a single office building in Anderson, Indiana. Field offices are scattered throughout the United States, but the workstations located at the field offices serve as thin clients and access data from the Anderson servers. Tornados in this part of the country are not uncommon, and it is estimated that one will level the building every 60 years. Which of the following is the SLE for this scenario?

1 Million

You are working as a security administrator for a small financial institution. You want to use an authentication method that will periodically reauthenticate clients. Which protocol is best suited for this?

CHAP

Which acronym describes devices provided by the company?

COPE

According to CERT, which of the following would be a formalized or an ad hoc team you can call upon to respond to an incident after it arises?

CSIRT

The present method of requiring access to be strictly defined on every object is proving too cumbersome for your environment. The edict has come down from upper management that access requirements should be slightly reduced. Which access model allows users some flexibility for information-sharing purposes?

DAC

As the security administrator for your organization, you must be aware of all types of attacks that can occur and plan for them. Which type of attack uses more than one computer to attack the victim?

DDoS

With which of the following is the DNS server given information about a name server that it thinks is legitimate when it isn't?

DNS poisoning

Your company is about to invest heavily in a new server farm and have made an attractive offer for a parcel of land in another country. A consultant working on another project hears of this and suggests that you get the offer rescinded because the laws in that country are much more stringent than where you currently operate. Which of the following is the concept that data is subject to the laws of where it is stored?

Data sovereignty

What is a disassociation attack more commonly known as?

Deauthentication attack

You want to assign privileges to a user so that she can delete a file but not be able to assign privileges to others. What permissions should you assign?

Delete

If RF levels become too high, it can cause the receivers in wireless units to become deaf. This process is called:

Desensitizing

Which backup system backs up all the files that have changed since the last full backup?

Differential backup

Ahmed has been directed to ensure that LDAP on his network is secure. LDAP is an example of which of the following?

Directory access protocol

Which of the following is an intermediate access control mechanism used in a high-security installation that requires visual identification, as well as authentication, to gain access?

Mantrap

Which type of risk strategy is undertaken when you attempt to reduce the risk?

Mitigation

After a careful risk analysis, the value of your company's data has been increased. Accordingly, you're expected to implement authentication solutions that reflect the increased value of the data. Which of the following authentication methods uses more than one authentication process for a logon?

Multifactor

Which of the following terms implies hosting data from more than one consumer on the same equipment?

Multitenancy

Which of the following is the term used whenever two or more parties authenticate each other?

Mutual authentication

What technology is used to send data between phones that are in close proximity to each other?

NFC

During a training session, you want to impress upon users the serious nature of security and, in particular, cryptography. To accomplish this, you want to give them as much of an overview about the topic as possible. Which government agency should you mention is primarily responsible for establishing government standards involving cryptography for general-purpose government use?

NIST

Tom has been instructed to find a security standard, applicable to the United States, that will help him develop appropriate security policies. He has found a standard that describes 8 principles and 14 practices that can be used to develop security policies. What standard is Tom most likely reviewing?

NIST 800-14

Pass-the-hash attacks take advantage of a weak encryption routine associated with which protocols?

NTLM and LanMan

Which cloud delivery model could be considered a pool of services and resources delivered across the Internet by a cloud provider?

Public

You're a member of a consortium wanting to create a new standard that will effectively end all spam. After years of meeting, the group has finally come across a solution and now wants to propose it. The process of proposing a new standard or method on the Internet is referred to by which acronym?

RFC

Which of the following technologies is used to identify and track tags attached to objects?

RFID

You're the head of information technology for MTS and have a brother in a similar position for ABC. The companies are approximately the same size and are located several hundred miles apart. As a benefit to both companies, you want to implement an agreement that would allow either company to use resources at the other site should a disaster make a building unusable. What type of agreement between two organizations provides mutual use of their sites in the event of an emergency?

Reciprocal agreement

The new head of software engineering has demanded that all code be tested to identify the design flow and then modified, as needed, to clean up routines without changing the code's visible behavior. What is this process known as?

Refactoring

Juan has just made a minor change to the company's e-commerce application. The change works as expected. What type of testing is most important for him to perform?

Regression testing

Which of the following would be best at preventing a thief from accessing the data on a stolen phone?

Remote wipe

What type of attack captures portions of a session to play back later to convince a host that it is still talking to the original connection?

Replay

You've discovered that an expired certificate is being used repeatedly to gain logon privileges. Which type of attack is this most likely to be?

Replay attack

Which of the following strategies is accomplished any time you take steps to reduce risk?

Risk mitigation

Which of the following strategies involves sharing some of the risk burden with someone else, such as an insurance company?

Risk transference

Janet is a network administrator for a small company. Users have been reporting that personal data is being stolen when using the wireless network. They all insist that they only connect to the corporate wireless access point. Reviewing the logs for the WAP shows that these users have not connected to it. Which of the following could best explain this situation?

Rouge access point

With which type of load balance scheduling is the first client request sent to the first group of servers, the second is sent to the second, and so on?

Round-robin

Which device stores information about destinations in a network (choose the best answer)?

Router

Which of the following devices is the most capable of providing infrastructure security?

Router

What is it known as when an attacker manipulates the database code to take advantage of a weakness in it?

SQL injection

Which encryption/security measure, originally developed by Netscape, is used to establish a secure, lower-layer communication connection between two TCP/IP-based machines?

SSL

Which of the following can be used to offload the public-key encryption to a separate hardware plug-in card?

SSL accelerator

To combat the problem described in Question 19, which of the following technologies enable bridge/switch interfaces to be assigned a value that is then used to control the learning process and prevent problems?

STP

What is the term for restricting an application to a safe/restricted resource area?

Sandboxing

Which of the following would be the most secure way to deploy a legacy application that requires a legacy operating system?

Sandboxing

Vincent is a programmer working on an e-commerce site. He has conducted a vulnerability scan and discovered a flaw in a third-party module. There is an update available for this module that fixes the flaw. What is the best approach for him to take to mitigate this threat?

Submit an RFC.

Mercury Technical Solutions has been using SSL in a business-to-business environment for a number of years. Despite the fact that there have been no compromises in security, the new IT manager wants to use stronger security than SSL can offer. Which of the following protocols is similar to SSL but offers the ability to use additional security protocols?

TLS

Which of the following is a chip that can store cryptographic keys, passwords, or certificates?

TPM

When going with a public cloud delivery model, who is accountable for the security and privacy of the outsourced service?

The organization

You're redesigning your network in preparation for putting the company up for sale. The network, like all aspects of the company, needs to perform at its best in order to benefit the sale. Which model is used to provide an intermediary server between the end user and the database?

Three-tiered

It has been brought to your attention that a would-be attacker in Indiana has been buying up domains based on common misspellings of your company's name with the sole intent of creating websites that resemble yours and prey on those who mistakenly stumble onto these pages. What type of attack is this known as?

Typo squatting

To prevent files from being copied on a workstation to removable media, you should disable which ports?

USB

___________________ is the security layer for wireless 802.11 connections using WAP.

WTLS

When a hole is found in a web browser or other software, and attackers begin exploiting it before the developer can respond, what type of attack is it known as?

Zero-day

Frustrated with the low signal that the devices in his cubicle receive, Spencer brings in his own access point and creates his own network. Kristin, a co-worker, tells him that if the boss finds out about this it is grounds for immediate dismissal, and he should read the employee handbook if he has any questions. Setting up your own access point represents which of the following?

Rogue

Which encryption algorithm uses a 40 to 128-bit key and is used on many products from Microsoft and IBM?

CAST

What is the primary weakness of infrared communications?

Line of sight

Which type of attack is one in which a rogue wireless access point poses as a legitimate wireless service provider to intercept information that users transmit?

Evil twin

Which of the following policy statements may include an escalation contact in the event that the person dealing with a situation needs to know who to contact?

Exception

If you calculate the SLE to be $4,000 and that there will be 10 occurrences a year (ARO), then the ALE is:

$40,000

If you calculate SLE to be $25,000 and that there will be one occurrence every four years (ARO), then what is the ALE?

$6,250

Ahmed is responsible for security of a SCADA system. If availability is his biggest concern, what is the most important thing for him to implement?

IPS

Karl has checked into a hotel after a long day of travel. He is attempting to check his daily deluge of email messages using the free in-room Wi-Fi, but it keeps losing the connection. When he calls the front desk, they suggest that he might want to use the premium Wi-Fi (which costs more) to get a better connection. What type of attack could this scenario represent?

Disassociation

Which of the following is the process used during data acquisition for the preservation of all forms of relevant information when litigation is reasonably anticipated?

Legal hold

You're the leader of the security committee at ACME Company. After a move to a new facility, you're installing a new security monitoring system throughout. Which of the following categories best describes a motion detector mounted in the corner of a hallway?

Security zone