Practice Test #2 Study Set

Kristi is setting up database servers on their own subnet. She has placed them on 10.10.3.3/29. How many nodes can be allocated in this subnet? A. 6 B. 32 C. 16 D. 8

A. 6 32, 16, and 8 are wrong. See CIDR number calculations.

Name a process of deleting data by sending an eraser to clear the instruction in an address of nonvolatile memory. A. Data-at-Rest B. Data-over-the-Network C. Data-in-Use D. Data-in-Transit

A. Data-at-Rest Data-at-rest is the data that is currently inactive but stored in digital form in places such as nonvolatile memory. Data-in-transit is data that is moving, data-over-the-network is not considered digital data, and data-in-use is data that is active and stored in volatile memory.

Grady is seeking access control methods that enforce authorization rules by the OS. Users cannot override authentication or access control policies. Which of the following best suits these needs? A. MAC B. DAC C. ABAC D. RBAC

A. MAC MAC (mandatory access control) best suits the requested needs by enforcing rules of the OS. DAC doesn't centralize account control, RBAC is role-based, and ABAC works off of environmental attributes.

How would you appropriately categorize the authentication method being displayed here? See attached Pic. A. PAP Authentication B. Multi-Factor Authentication C. Biometric Authentication D. One-Time Password Authentication

A. PAP Authentication For the exam, you need to know the different categories of authentication and what type of authentication methods belong to each category. A username and password is used as part of the Password Authentication Protocol (PAP) authentication system. A username and password is also considered a knowledge factor in an authentication system.

Cheyenne is doing a penetration test for a client's network and is currently gathering information from sources such as archive.org, netcraft.com, social media, and other information websites. What stage has just been described? A. Passive reconnaissance B. Active reconnaissance C. Pivot D. Exploitation

A. Passive reconnaissance This is a prime example of passive reconnaissance because there is no engagement with the target. Active recon has target communication, initial exploitation is actually breaking into the target network and a pivot is when you have breached one system and use that to move to another system.

Shannon works for a security company that performs pen tests for clients. She's currently conducting a test of an e-commerce company and discovers that after compromising the web server, she can use the web server to launch a second attack into the company's internal network. What type of attack is this considered? A. Pivot B. Black-Box Testing C. White-Box Testing D. Internal Attack

A. Pivot Pivots occur when you successfully exploit one machine and use that to exploit another. Pivots can be internal or external and black-box/white-box testing are types of penetration tests (relating to how much information the person has when they make an attack on the system).

Which of the following types of attacks occurs when an attacker calls up people over the phone and attempts to trick them into providing their credit card information? See attached Pic A. Vishing B. Phishing C. Spear Phishing D. Pharming E. Hoax

A. Vishing Vishing is the fraudulent practice of making phone calls or leaving voice messages purporting to be from reputable companies in order to induce individuals to reveal personal information, such as bank details and credit card numbers.

The web server administrator at your e-commerce company is concerned about someone using netcat to connect to the company web server to retrieve detailed information. What best describes this concern? A. Vulnerability Scanning B. Banner Grabbing C. Active Reconnaissance D. Passive Reconnaissance

B. Banner Grabbing Banner grabbing is a process where someone connects to a web server and gathers information by "grabbing their banner" which can be done through netcat fairly easily. Banner grabbing is a form of active reconnaissance, but banner grabbing is a better term for it. This scenario doesn't relate to vulnerability scanning or passive reconnaissance.

Your security policy is set to include system testing and security awareness training guidelines. Which of the following types of control is this? A. Detective Technical Control B. Detective Administrative Control C. Preventive Technical Control D. Preventative Administrative Control

D. Preventative Administrative Control Testing and training are considered to be preventative administrative controls. These items are often followed by policies and how they should be executed. Detective controls uncover violations, preventative technical controls are similar to an IPS.

Laura manages DLP for a large company where some employees have COPE and some have BYOD. What DLP issue could these devices present? A. Only jailbroken COPE and BYOD devices can be used as a USB OTG resource B. COPE and BYOD devices can be used as a USB OTG resource C. COPE devices can be used as a USB OTG D. BYOD devices can be used as a USB OTG resource

B. COPE and BYOD devices can be used as a USB OTG resource The correct answer is that COPE and BYOD devices can be used as USB on the go devices. This should be a big concern for data loss prevention (DLP) because of the ease of exfiltrating data. COPE and BYOD devices can both be used as a USB OTG resource and the phone doesn't need to be jailbroken to classify it as a USB OTG resource.

Steven is constantly receiving calls from wireless users who are being redirected to a login page when they connect to the network. The login page comes up whenever the users first connect to the network and attempt to access any website outside of the local area network from within their web browsers. Which of the following is causing this to happen? A. MAC filtering B. Captive portal C. Key stretching D. WEP

B. Captive portal When users are redirected to a login page, typically it's from a Captive Portal. This is a page where users are required to agree to some terms before being granted access to their network. WEP doesn't apply to this question. Key stretching increases password strength and MAC filtering prohibits anybody who's not on the allowed list from accessing the network.

Scott is the CISO for a bank. In recent readings, he read about an attack where the attacker was able to enumerate all the network resources and was able to make some resources unavailable. All of this was done by exploiting a single protocol. Which protocol would need to be secured to mitigate this attack? A. HTTP B. LDAP C. HTTPS D. DHCP

B. LDAP The best protocol to mitigate this attack would LDAP because it is considered a directory or a phonebook of your network and if you make LDAP unavailable then the footprint of your network is not as easily obtained. SNMP is a simple network management protocol which could help an attacker but not make the resources unavailable. HTTP is for web pages and DHCP assigns IP addresses, so neither of those fit the scenario.

You are a security analyst and you have just successfully removed malware from a virtual server. Which could you use to return the virtual server to its last known good state? A. Sandbox B. Snapshot C. Elasticity D. Hypervisor

B. Snapshot Snapshots are images of the virtual machines at a certain point in time. A snapshot would be able to return the server to its last known good state. A sandbox is an isolated system, a hypervisor hosts virtual machines, and elasticity makes the system more scalable.

Tracie has been using a packet sniffer to observe traffic in the company network and has noticed that traffic between the web server and the database server is sent in clear text. She would like a solution that will encrypt traffic and also leverage the existing digital certificate infrastructure the company has. Which of the following is the best solution? A. SSL B. TLS C. WPA2 D. IPSec

B. TLS Transport Layer Security (TLS) can be used to secure any network communications and works in conjunction with several technologies such as HTTP, LDAP, SMTP, etc, and uses digital certificates. SSL is a much older technology that's been replaced by TLS. IPSec is incorrect because it works with a VPN and WPA2 is security for WiFi.

Jeff is the network administrator and sometimes needs to run a packet sniffer so he can view the network traffic. He would like to find a well-known packet sniffer that works on Linux. Which of the following is the best choice? A. Nmap B. Tcpdump C. Ophcrack D. Nesses

B. Tcpdump Tcpdump is a packet sniffer made for Linux but has been/can be ported to Windows. This allows the user to view the current network traffic. Ophcrack is a Windows password-cracking tool, Nmap is a port scanner, and Nessus is a vulnerability scanner.

Kevin is going over his company's recertification policy. Which is the best reason to recertify? A. To enhance onboarding B. To audit permissions C. To manage credentials D. To audit usage

B. To audit permissions The best reason to recertify is to audit permissions. This involves conducting a periodic audit of permissions. Audit usage is great but doesn't completely relate. Onboarding doesn't contain recertification as part of its process and credential management doesn't fit in this scenario.

You've been asked to conduct a penetration test for a small company and for the test, you were only given a company name, the domain name of their website, and the IP address of their gateway router. What describes the type of test? A. External Test B. White-Box Test C. Black-Box Test D. Threat Test

C. Black-Box Test The correct choice is black-box test, which uses minimal information. White-box tests involve complete information. External tests are done from outside the network and the terminology doesn't match this scenario and the term threat test isn't an industry term used in penetration testing.

Laura manages the physical security for her company. She's especially concerned about an attacker driving a vehicle into the building. Which option below would protect against this threat? A. A security guard on duty B. A gate C. Bollards D. Security Cameras

C. Bollards Of the options provided, the best object to protect against the threat of someone driving into the building is bollards. Bollards are large concrete objects designed to prevent a vehicle from passing the boundaries. Gates are good, but they can be breached. Security guards aren't able to stop vehicles and security cameras are passive because they show you what happened but don't prevent it from happening.

Using the image provided, select four security features that you should use with a smart phone provided through a COPE policy in your organization? See attached Pic A. Remote wipe, location tracking, Host-based firewall, cable lock B. Cable lock, network sniffer, Cellular data, Remote Wipe C. Cellular data, remote wipe, location tracing, MDM D. MDM, location tracking, host-based firewall, remote wipe

C. Cellular data, remote wipe, location tracing, MDM Cellular data, Remote wipe, Location tracking, and MDM(mobile device management) are all appropriate security features to use with a company-provided laptop. By using cellular data, your users will be able to avoid connecting to WiFi networks for connectivity. Remote wipe enables the organization to remotely erase the contents of the device if it is lost or stolen. Location tracking uses the smart phone's GPS coordinates for certain apps, location-based authentication, and to track down a device if it is lost or stolen. A mobile device management (MDM) program enables the administrators to remotely push software updates, security policies, and other security features to the device from a centralized server.

Neil, a network administrator for a small firm, has discovered several machines on his network are infected with malware. The malware is sending a flood of packets to an external target. What describes this attack? A. Botnet B. SYN Flood C. DDoS D. Backdoor

C. DDoS While his machines may be part of a botnet, the attack being described by the flood of packets leaving the network is indicative of a distributed denial of service attack. We see nothing in here that is specific and describes a SYN flood attack (SYN was never mentioned in the question). Also, there is no indication of a backdoor based on the scenario provided. On the exam, be careful not to add information into the scenario that has not been given to you. In this question, a DDoS is the best option provided.

Olivia manages wireless security in her company and wants completely different WiFi access (ie different SSID, different security levels, different authentication methods) in different parts of the company. What's the best choice for Olivia to select in WAPs? A. Thin B. Repeater C. Fat D. Full

C. Fat The best choice is a Fat WAP. Fat WAP's have all the controls you need on the WAP itself, including forwarding traffic, etc. Nothing else is required as far as tools or resources, all can be managed from the interface of the WAP itself. Thin WAPs require additional devices for functionality; repeater resends the signal and Full is not a term relating to a WAP.

You have noticed your company lacks deterrent controls. As the new security administrator, which of the following would you install that satisfies your needs? A. Audit Logs B. Audible Alarm C. Lightning D. Antivirus Scanner

C. Lightning Deterrent controls are used to warn attackers. Lighting added will warn individuals. The other examples are examples of detective controls, where they detect but do not prevent.

Rhonda manages account security for her company. She's noticed a receptionist who has an account with a six-character password that hasn't been changed in two years and her password history isn't maintained. What is the most significant problem with this account? ​ A. Nothing, this is adequate for a low-security position B. The lack of password history is the most significant problem C. The password length is the most significant problem D. The age of the password is the most significant problem

C. The password length is the most significant problem The most significant problem with this account is the password length. The password is too short and these are the most insecure passwords. The lack of password history is a problem as well as the age of the password, but the length is the most significant issue.

Neil is given the task of creating a wireless network for his company. The wireless network needs to implement a wireless protocol that provides the maximum level of security while providing support for older wireless devices, simultaneously. Which protocol should be used? A. WPA2 B. AES C. WPA D. WEP E. IV

C. WPA WPA is the protocol that should be used to help provide him with the maximum level of security while still being compatible with legacy devices on his network. WPA2 wouldn't work great with older cards, WEP isn't considered secure and IV is not related to the current scenario.

Of the listed principles, which one is the most important in managing account permissions? A. Usage auditing B. Standard naming convention C. Account recovery D. Account recertification

D. Account recertification The most important principle in managing account permissions is the account recertification. Periodically, this process verifies that permissions still need to be granted. Auditing isn't as important, standard naming conventions will not help and account recovery doesn't help with managing permissions.

Buddy is the security manager for a bank and has recently been reading about malware that accesses system memory modules. He would like to find a solution that keeps programs from utilizing system memory. Which of the options would be the best solution? A. FDE (Full Disk Encryption) B. UTM (Unified Threat Management) C. IDS (Intrusion Detection System) D. DEP (Data Execution Prevention)

D. DEP DEP is the best option (data execution prevention). This resource monitors programs that access system memory and prevent them from doing so. FDE is a good idea but doesn't prevent anything from accessing system memory; UTM is a great idea but it doesn't relate to the scenario and IDS systems monitor network traffic, not programs running on a system.

In mobile devices, which of the following algorithms is typically used?? A. DES B. 3DES C. AES D. ECC

D. ECC ECC (elliptical curve cryptography) is the one used most often. The other options are not used in mobile devices because of the power need and ECC doesn't typically have a great external disruption.

You're responsible for server room security. You're concerned about physical theft of computers. Of the following, which would best be able to detect theft or attempted theft? A. Strong Deadbolt to server rooms B. RADIUS C. Smart Cards D. Motion sensor cameras

D. Motion sensor cameras The best option for server room security would be motion sensor activated cameras which record every entry into the server room. All other options are incorrect for the current scenario. They're good security measures but won't provide the results requested.

Kaye works for a large insurance company and manages their cybersecurity. She's concerned about insiders and wants to be able to detect malicious activity but wants the detection process to be invisible to the attacker. What technology best fits these needs? A. NNIDS (Network Node Intrusion Detection System) B. NIPS (Network-based Intrusion Prevention System) C. Hybrid NIDS (Network Intrusion Detection System) D. Out-of-bound NIDS (Network Intrusion Detection System)

D. Out-of-bound NIDS Out-of-band NIDS could place the management system on a different network, so this seems to be the best option to meet the requested needs. Hybrid NIDS have network and host IDS. A network IPS is easy to detect and by blocking the offending traffic with a NNIDS (network node IDS), you're simply delegating IDS functions.

You have an email that you are sending to a friend. You want to ensure it retains its integrity during transit, so you decide to digitally sign the email. When using a PKI system, what is used to encrypt the hash digest of the email to create a digital signature? A. Public B. Shared C. CER (Crossover Error Rate) D. Private Key

D. Private Key A digital signature is comprised of a hash digest of the original email that is then encrypted using the sender's private key. To verify the digital signature upon receipt, the receiver's email client will decrypt the signature file, hash the email itself, and compare the unencrypted signature file to the newly calculated hash. If they match, then the signature is considered authentic and the email is considered to have good integrity (it hasn't been changed in transit).

Which of the standards below was developed by the WiFi Alliance and is used to implement the requirements of IEEE 802.11i?? A. TKIP (Temporary Key Integrity Protocol) B. NIC (Network Interface Card) C. WPA (WiFi Protected Access) D. WPA2 (WiFi Protected Access 2)

D. WPA2 WPA2 was used to implement the requirements of IEEE 802.11i. a NIC is a network interface card. WPA is WiFi protected access. TKIP wraps around WEP encryption to make it stronger and is also used in WPA.