Sec+ 401 1000-1199
A network engineer is configuring a VPN tunnel connecting a company's network to a business partner. Which of the following protocols should be used for key exchange? A. SHA-1 B. RC4 C. Blowfish D. Diffie-Hellman
A. SHA-1
Which of the following would be used as a secure substitute for Telnet? A. SSH B. SFTP C. SSL D. HTTPS
A. SSH
Which of the following cryptographic related browser settings allows an organization to communicate securely? A. SSL 3.0/TLS 1.0 B. 3DES C. Trusted Sites D. HMAC
A. SSL 3.0/TLS 1.0
One of the findings of risk assessment is that many of the servers on the data center subnet contain data that is in scope for PCI compliance, Everyone in the company has access to these servers, regardless of their job function. Which of the following should the administrator do? A. Segment the network B. Use 802.1X C. Deploy a proxy sever D. Configure ACLs E. Write an acceptable use policy
A. Segment the network
A security technician is attempting to access a wireless network protected with WEP. The technician does not know any information about the network. Which of the following should the technician do to gather information about the configuration of the wireless network? A. Spoof the MAC address of an observed wireless network client B. Ping the access point to discover the SSID of the network C. Perform a dictionary attack on the access point to enumerate the WEP key D. Capture client to access point disassociation packets to replay on the local PC's loopback
A. Spoof the MAC address of an observed wireless network client
A company uses PGP to ensure that sensitive email is protected. Which of the following types of cryptography is being used here for the key exchange? A. Symmetric B. Session-based C. Hashing D. Asymmetric
A. Symmetric
Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure? A. Trust Model B. Recovery Agent C. Public Key D. Private Key
A. Trust Model
A network administrator is looking for a way to automatically update company browsers so they import a list of root certificates from an online source. This online source will then be responsible for tracking which certificates are to be trusted or not trusted. Which of the following BEST describes the service that should be implemented to meet these requirements? A. Trust model B. Key escrow C. OCSP D. PKI
A. Trust model
Which of the following is the MOST likely cause of users being unable to verify a single user's email signature and that user being unable to decrypt sent messages? A. Unmatched key pairs B. Corrupt key escrow C. Weak public key D. Weak private key
A. Unmatched key pairs
Which of the following ports should be opened on a firewall to allow for NetBIOS communication? (Select TWO). A. 110 B. 137 C. 139 D. 143 E. 161 F. 443
B. 137 C. 139
An employee needs to connect to a server using a secure protocol on the default port. Which of the following ports should be used? A. 21 B. 22 C. 80 D. 110
B. 22
Which of the following concepts is enforced by certifying that email communications have been sent by who the message says it has been sent by? A. Key escrow B. Non-repudiation C. Multifactor authentication D. Hashing
B. Non-repudiation
Which of the following offers the LEAST secure encryption capabilities? A. TwoFish B. PAP C. NTLM D. CHAP
B. PAP
Connections using point-to-point protocol authenticate using which of the following? (Select TWO). A. RIPEMD B. PAP C. CHAP D. RC4 E. Kerberos
B. PAP C. CHAP
A new client application developer wants to ensure that the encrypted passwords that are stored in their database are secure from cracking attempts. To implement this, the developer implements a function on the client application that hashes passwords thousands of times prior to being sent to the database. Which of the following did the developer MOST likely implement? A. RIPEMD B. PBKDF2 C. HMAC D. ECDHE
B. PBKDF2
A company's security administrator wants to manage PKI for internal systems to help reduce costs. Which of the following is the FIRST step the security administrator should take? A. Install a registration server. B. Generate shared public and private keys. C. Install a CA D. Establish a key escrow policy.
C. Install a CA
A security technician received notification of a remotely exploitable vulnerability affecting all multifunction printers firmware installed throughout the organization. The vulnerability allows a malicious user to review all the documents processed by the affected printers. Which of the following compensating controls can the security technician to mitigate the security risk of a sensitive document leak? A. Create a separate printer network B. Perform penetration testing to rule out false positives C. Install patches on the print server D. Run a full vulnerability scan of all the printers
C. Install patches on the print server
Digital Signatures provide which of the following? A. Confidentiality B. Authorization C. Integrity D. Authentication E. Availability
C. Integrity
Which of the following is a requirement when implementing PKI if data loss is unacceptable? A. Web of trust B. Non-repudiation C. Key escrow D. Certificate revocation list
C. Key escrow
Which of the following identifies certificates that have been compromised or suspected of being compromised? A. Certificate revocation list B. Access control list C. Key escrow registry D. Certificate authority
C. Key escrow registry
The security manager must store a copy of a sensitive document and needs to verify at a later point that the document has not been altered. Which of the following will accomplish the security manager's objective? A. RSA B. AES C. MD5 D. SHA
C. MD5
The database server used by the payroll system crashed at 3 PM and payroll is due at 5 PM. Which of the following metrics is MOST important is this instance? A. ARO B. SLE C. MTTR D. MTBF
C. MTTR
A security Operations Center was scanning a subnet for infections and found a contaminated machine. One of the administrators disabled the switch port that the machine was connected to, and informed a local technician of the infection. Which of the following steps did the administrator perform? A. Escalation B. Identification C. Notification D. Quarantine E. Preparation
C. Notification D. Quarantine
Which of the following protocols is used to validate whether trust is in place and accurate by returning responses of either "good", "unknown", or "revoked"? A. CRL B. PKI C. OCSP D. RA
C. OCSP
Joe, a user, wants to protect sensitive information stored on his hard drive. He uses a program that encrypted the whole hard drive. Once the hard drive is fully encrypted, he uses the same program to create a hidden volume within the encrypted hard drive and stores the sensitive information within the hidden volume. This is an example of which of the following? (Select TWO). A. Multi-pass encryption B. Transport encryption C. Plausible deniability D. Steganography E. Transitive encryption F. Trust models
C. Plausible deniability D. Steganography
Users need to exchange a shared secret to begin communicating securely. Which of the following is another name for this symmetric key? A. Session Key B. Public Key C. Private Key D. Digital Signature
C. Private Key
Which of the following access methods uses radio frequency waves for authentication? A. Video surveillance B. Mantraps C. Proximity readers D. Biometrics
C. Proximity readers
A security administrator at a company which implements key escrow and symmetric encryption only, needs to decrypt an employee's file. The employee refuses to provide the decryption key to the file. Which of the following can the administrator do to decrypt the file? A. Use the employee's private key B. Use the CA private key C. Retrieve the encryption key D. Use the recovery agent
C. Retrieve the encryption key
A network administrator has identified port 21 being open and the lack of an IDS as a potential risk to the company. Due to budget constraints, FTP is the only option that the company can is to transfer data and network equipment cannot be purchased. Which of the following is this known as? A. Risk transference B. Risk deterrence C. Risk acceptance D. Risk avoidance
C. Risk acceptance
Identifying residual is MOST important to which of the following concepts? A. Risk deterrence B. Risk acceptance C. Risk mitigation D. Risk avoidance
C. Risk mitigation
A technician wants to verify the authenticity of the system files of a potentially compromised system. Which of the following can the technician use to verify if a system file was compromised? (Select TWO). A. AES B. PGP C. SHA D. MD5 E. ECDHE
C. SHA D. MD5
A system administrator has noticed network performance issues and wants to gather performance data from the gateway router. Which of the following can be used to perform this action? A. SMTP B. iSCSI C. SNMP D. IPSec
C. SNMP
Internet banking customers currently use an account number and password to access their online accounts. The bank wants to improve security on high value transfers by implementing a system which call users back on a mobile phone to authenticate the transaction with voice verification. Which of the following authentication factors are being used by the bank? A. Something you know, something you do, and something you have B. Something you do, somewhere you are, and something you have C. Something you are, something you do and something you know D. Something you have, something you are, and something you know
C. Something you are, something you do and something you know
A security administrator discovers an image file that has several plain text documents hidden in the file. Which of the following security goals is met by camouflaging data inside of other files? A. Integrity B. Confidentiality C. Steganography D. Availability
C. Steganography
A security analyst discovered data such as images and word documents hidden within different types of files. Which of the following cryptographic concepts describes what was discovered? A. Symmetric encryption B. Non-repudiation C. Steganography D. Hashing
C. Steganography
Company employees are required to have workstation client certificates to access a bank website. These certificates were backed up as a precautionary step before the new computer upgrade. After the upgrade and restoration, users state they can access the bank's website, but not login. Which is the following is MOST likely the issue? A. The IP addresses of the clients have change B. The client certificate passwords have expired on the server C. The certificates have not been installed on the workstations D. The certificates have been installed on the CA
C. The certificates have not been installed on the workstations
RC4 is a strong encryption protocol that is generally used with which of the following? A. WPA2 CCMP B. PEAP C. WEP D. EAP-TLS
C. WEP
While setting up a secure wireless corporate network, which of the following should Pete, an administrator, avoid implementing? A. EAP-TLS B. PEAP C. WEP D. WPA
C. WEP
Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4 protocol. Which of the following is a wireless encryption solution that the technician should implement while ensuring the STRONGEST level of security? A. WPA2-AES B. 802.11ac C. WPA-TKIP D. WEP
C. WPA-TKIP
Which of the following provides the HIGHEST level of confidentiality on a wireless network? A. Disabling SSID broadcast B. MAC filtering C. WPA2 D. Packet switching
C. WPA2
Ann wants to send a file to Joe using PKI. Which of the following should Ann use in order to sign the file? A. Joe's public key B. Joe's private key C. Ann's public key D. Ann's private key
D. Ann's private key
A security administrator needs a locally stored record to remove the certificates of a terminated employee. Which of the following describes a service that could meet these requirements? A. OCSP B. PKI C. CA D. CRL
D. CRL
Joe, a user, reports to the system administrator that he is receiving an error stating his certificate has been revoked. Which of the following is the name of the database repository for these certificates? A. CSR B. OCSP C. CA D. CRL
D. CRL
Public key certificates and keys that are compromised or were issued fraudulently are listed on which of the following? A. PKI B. ACL C. CA D. CRL
D. CRL
Which of the following types of trust models is used by a PKI? A. Transitive B. Open source C. Decentralized D. Centralized
D. Centralized
A new mobile banking application is being developed and uses SSL / TLS certificates but penetration tests show that it is still vulnerable to man-in-the-middle attacks, such as DNS hijacking. Which of the following would mitigate this attack? A. Certificate revocation B. Key escrow C. Public key infrastructure D. Certificate pinning
D. Certificate pinning
A CA is compromised and attacks start distributing maliciously signed software updates. Which of the following can be used to warn users about the malicious activity? A. Key escrow B. Private key verification C. Public key verification D. Certificate revocation list
D. Certificate revocation list
Which of the following technologies was developed to allow companies to use less-expensive storage while still maintaining the speed and redundancy required in a business environment? A. RAID B. Tape Backup C. Load Balancing D. Clustering
D. Clustering
Which of the following design components is used to isolate network devices such as web servers? A. VLAN B. VPN C. NAT D. DMZ
D. DMZ
Which of the following would an attacker use to penetrate and capture additional traffic prior to performing an IV attack? A. DNS poisoning B. DDoS C. Replay attack D. Dictionary attacks
D. Dictionary attacks
An administrator has two servers and wants them to communicate with each other using a secure algorithm. Which of the following choose to provide both CRC integrity checks and RCA encryption? A. NTLM B. RSA C. CHAP D. ECDHE
D. ECDHE
A security administrator must implement a system to allow clients to securely negotiate encryption keys with the company's server over a public unencrypted communication channel. Which of the following implements the required secure key negotiation? (Select TWO). A. PBKDF2 B. Symmetric encryption C. Steganography D. ECDHE E. Diffie-Hellman
D. ECDHE E. Diffie-Hellman
A technician wants to secure communication to the corporate web portal, which is currently using HTTP. Which of the following is the FIRST step the technician should take? A. Send the server's public key to the CA B. Install the CA certificate on the server C. Import the certificate revocation list into the server D. Generate a certificate request from the server
D. Generate a certificate request from the server
An administrator needs to submit a new CSR to a CA. Which of the following is a valid FIRST step? A. Generate a new private key based on AES. B. Generate a new public key based on RSA. C. Generate a new public key based on AES. D. Generate a new private key based on RSA. Answer: D
D. Generate a new private key based on RSA.
Jane, a VPN administrator, was asked to implement an encryption cipher with a MINIMUM effective security of 128-bits. Which of the following should Jane select for the tunnel encryption? A. Blowfish B. DES C. SHA256 D. HMAC
D. HMAC
Which of the following MUST Matt, a security administrator, implement to verify both the integrity and authenticity of a message while requiring a shared secret? A. RIPEMD B. MD5 C. SHA D. HMAC
D. HMAC
Which of the following cryptographic algorithms is MOST often used with IPSec? A. Blowfish B. Twofish C. RC4 D. HMAC
D. HMAC
Joe, the systems administrator, is setting up a wireless network for his team's laptops only and needs to prevent other employees from accessing it. Which of the following would BEST address this? A. Disable default SSID broadcasting. B. Use WPA instead of WEP encryption. C. Lower the access point's power settings. D. Implement MAC filtering on the access point.
D. Implement MAC filtering on the access point.
A certificate authority takes which of the following actions in PKI? A. Signs and verifies all infrastructure messages B. Issues and signs all private keys C. Publishes key escrow lists to CRLs D. Issues and signs all root certificates
D. Issues and signs all root certificates
Which of the following would be a reason for developers to utilize an AES cipher in CCM mode (Counter with Chain Block Message Authentication Code)? A. It enables the ability to reverse the encryption with a separate key B. It allows for one time pad inclusions with the passphrase C. Counter mode alternates between synchronous and asynchronous encryption D. It allows a block cipher to function as a steam cipher
D. It allows a block cipher to function as a steam cipher
Which of the following allows an organization to store a sensitive PKI component with a trusted third party? A. Trust model B. Public Key Infrastructure C. Private key D. Key escrow
D. Key escrow
Which of the following incident response plan steps would MOST likely engaging business professionals with the security team to discuss changes to existing procedures? A. Recovery B. Incident identification C. Isolation / quarantine D. Lessons learned E. Reporting
D. Lessons learned
Which of the following steps of incident response does a team analyze the incident and determine steps to prevent a future occurrence? A. Mitigation B. Identification C. Preparation D. Lessons learnedv
D. Lessons learned
An agent wants to create fast and efficient cryptographic keys to use with Diffie-Hellman without using prime numbers to generate the keys. Which of the following should be used? A. Elliptic curve cryptography B. Quantum cryptography C. Public key cryptography D. Symmetric cryptography
D. Symmetric cryptography
Which of the following protocols uses an asymmetric key to open a session and then establishes a symmetric key for the remainder of the session? A. SFTP B. HTTPS C. TFTP D. TLS
D. TLS
Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server? A. SSLv2 B. SSHv1 C. RSA D. TLS
D. TLS
Which of the following explains the difference between a public key and a private key? A. The public key is only used by the client while the private key is available to all.Both keys are mathematically related. B. The private key only decrypts the data while the public key only encrypts the data.Both keys are mathematically related. C. The private key is commonly used in symmetric key decryption while the public key is used in asymmetric key decryption. D. The private key is only used by the client and kept secret while the public key is available to all.
D. The private key is only used by the client and kept secret while the public key is available to all.
An employee in the accounting department recently received a phishing email that instructed them to click a link in the email to view an important message from the IRS which threatened penalties if a response was not received by the end of the business day. The employee clicked on the link and the machine was infected with malware. Which of the following principles BEST describes why this social engineering ploy was successful? A. Scarcity B. Familiarity C. Social proof D. Urgency
D. Urgency
Which of the following BEST describes part of the PKI process? A. User1 decrypts data with User2's private key B. User1 hashes data with User2's public key C. User1 hashes data with User2's private key D. User1 encrypts data with User2's public key
D. User1 encrypts data with User2's public key
A security administrator has been tasked with setting up a new internal wireless network that must use end to end TLS. Which of the following may be used to meet this objective? A. WPA B. HTTPS C. WEP D. WPA 2
D. WPA 2
Which of the following is true about PKI? (Select TWO). A. When encrypting a message with the public key, only the public key can decrypt it. B. When encrypting a message with the private key, only the private key can decrypt it. C. When encrypting a message with the public key, only the CA can decrypt it. D. When encrypting a message with the public key, only the private key can decrypt it. E. When encrypting a message with the private key, only the public key can decrypt it
D. When encrypting a message with the public key, only the private key can decrypt it. E. When encrypting a message with the private key, only the public key can decrypt it.
Which of the following is used to certify intermediate authorities in a large PKI deployment? A. Root CA B. Recovery agent C. Root user D. Key escrow
A. Root CA
After an audit, it was discovered that an account was not disabled in a timely manner after an employee has departed from the organization. Which of the following did the organization fail to properly implement? A. Routine account audits B. Account management processes C. Change management processes D. User rights and permission reviews
A. Routine account audits
A systems administrator has implemented PKI on a classified government network. In the event that a disconnect occurs from the primary CA, which of the following should be accessible locally from every site to ensure users with bad certificates cannot gain access to the network? A. A CRL B. Make the RA available C. A verification authority D. A redundant CA
A. A CRL
A new security policy being implemented requires all email within the organization be digitally signed by the author using PGP. Which of the following would needs to be created for each user? A. A certificate authority B. A key escrow C. A trusted key D. A public and private key
A. A certificate authority
Which of the following can be implemented with multiple bit strength? A. AES B. DES C. SHA-1 D. MD5 E. MD4
A. AES
A company is starting to allow employees to use their own personal without centralized management. Employees must contract IT to have their devices configured to use corporate email; access is also available to the corporate cloud-based services. Which of the following is the BEST policy to implement under these circumstances? A. Acceptable use policy B. Security policy C. Group policy D. Business Agreement policy
A. Acceptable use policy
In order to enter a high-security datacenter, users are required to speak the password into a voice recognition system. Ann a member if the sales department over hears the password and upon speaks it into the system. The system denies her entry and alerts the security team. Which of the following is the MOST likely reason for her failure to enter the data center? A. An authentication factor B. Discretionary access C. Time of day restrictions D. Least privilege restrictions
A. An authentication factor
A user attempts to install new and relatively unknown software recommended by a colleague. The user is unable to install the program, despite having successfully installed other programs previously. Which of the following is MOST likely the cause for the user's inability to complete the installation? A. Application black listing B. Network Intrusion Prevention System C. Group policy D. Application white listing
A. Application black listing
A security administrator is investigating a recent server breach. The breach occurred as a result of a zero-day attack against a user program running on the server. Which of the following logs should the administrator search for information regarding the breach? A. Application log B. Setup log C. Authentication log D. System log
A. Application log
The finance department works with a bank which has recently had a number of cyber attacks. The finance department is concerned that the banking website certificates have been compromised. Which of the following can the finance department check to see if any of the bank's certificates are still valid? A. Bank's CRL B. Bank's private key C. Bank's key escrow D. Bank's recovery agent
A. Bank's CRL
A network stream needs to be encrypted. Sara, the network administrator, has selected a cipher which will encrypt 8 bits at a time before sending the data across the network. Which of the following has Sara selected? A. Block cipher B. Stream cipher C. CRC D. Hashing algorithm
A. Block cipher
An administrator needs to renew a certificate for a web server. Which of the following should be submitted to a CA? A. CSR B. Recovery agent C. Private key D. CRL
A. CSR
Pete, an employee, needs a certificate to encrypt data. Which of the following would issue Pete a certificate? A. Certification authority B. Key escrow C. Certificate revocation list D. Registration authority
A. Certification authority
Various employees have lost valuable customer data due to hard drives failing in company provided laptops. It has been discovered that the hard drives used in one model of laptops provided by the company has been recalled by the manufactory, The help desk is only able to replace the hard drives after they fail because there is no centralized records of the model of laptop given to each specific user. Which of the following could have prevented this situation from occurring? A. Data backups B. Asset tracking C. Support ownership D. BYOD policies
A. Data backups
A network security engineer notices unusual traffic on the network from a single IP attempting to access systems on port 23. Port 23 is not used anywhere on the network. Which of the following should the engineer do to harden the network from this type of intrusion in the future? A. Disable unnecessary services on servers B. Disable unused accounts on servers and network devices C. Implement password requirements on servers and network devices D. Enable auditing on event logs
A. Disable unnecessary services on servers
Which of the following is used to verify data integrity? A. SHA B. 3DES C. AES D. RSA
A. SHA
Users are trying to communicate with a network but are unable to do so. A network administrator sees connection attempts on port 20 from outside IP addresses that are being blocked. How can the administrator resolve this? A. Enable stateful FTP on the firewall B. Enable inbound SSH connections C. Enable NETBIOS connections in the firewall D. Enable HTTPS on port 20
A. Enable stateful FTP on the firewall
Users in the HR department were recently informed that they need to implement a user training and awareness program which is tailored to their department. Which of the following types of training would be the MOST appropriate for this department? A. Handing PII B. Risk mitigation C. Input validation D. Hashing
A. Handing PII
Which of the following devices is BEST suited for servers that need to store private keys? A. Hardware security module B. Hardened network firewall C. Solid state disk drive D. Hardened host firewall
A. Hardware security module
In order to securely communicate using PGP, the sender of an email must do which of the following when sending an email to a recipient for the first time? A. Import the recipient's public key B. Import the recipient's private key C. Export the sender's private key D. Export the sender's public key
A. Import the recipient's public key
Which of the following is true about the recovery agent? A. It can decrypt messages of users who lost their private key. B. It can recover both the private and public key of federated users. C. It can recover and provide users with their lost or private key. D. It can recover and provide users with their lost public key.
A. It can decrypt messages of users who lost their private key.
Which of the following is true about the CRL? A. It should be kept public B. It signs other keys C. It must be kept secret D. It must be encrypted
A. It should be kept public
Which of the following is an attack designed to activate based on time? A. Logic Bomb B. Backdoor C. Trojan D. Rootkit
A. Logic Bomb
One month after a software developer was terminated the helpdesk started receiving calls that several employees' computers were being infected with malware. Upon further research, it was determined that these employees had downloaded a shopping toolbar. It was this toolbar that downloaded and installed the errant code. Which of the following attacks has taken place? A. Logic bomb B. Cross-site scripting C. SQL injection D. Malicious add-on
A. Logic bomb
A company is concerned that a compromised certificate may result in a man-in-the-middle attack against backend financial servers. In order to minimize the amount of time a compromised certificate would be accepted by other servers, the company decides to add another validation step to SSL/TLS connections. Which of the following technologies provides the FASTEST revocation capability? A. Online Certificate Status Protocol (OCSP) B. Public Key Cryptography (PKI) C. Certificate Revocation Lists (CRL) D. Intermediate Certificate Authority (CA)
A. Online Certificate Status Protocol (OCSP)
A security engineer is asked by the company's development team to recommend the most secure method for password storage. Which of the following provide the BEST protection against brute forcing stored passwords? (Select TWO). A. PBKDF2 B. MD5 C. SHA2 D. Bcrypt E. AES F. CHAP
A. PBKDF2 D. Bcrypt
When using PGP, which of the following should the end user protect from compromise? (Select TWO). A. Private key B. CRL details C. Public key D. Key password E. Key escrow F. Recovery agent
A. Private key D. Key password
A corporation has experienced several media leaks of proprietary data on various web forums. The posts were made during business hours and it is believed that the culprit is posting during work hours from a corporate machine. The Chief Information Officer (CIO) wants to scan internet traffic and keep records for later use in legal proceedings once the culprit is found. Which of the following provides the BEST solution? A. Protocol analyzer B. NIPS C. Proxy server D. HIDS
A. Protocol analyzer
Which of the following is synonymous with a server's certificate? A. Public key B. CRL C. Private key D. Recovery agent
A. Public key
Which of the following authentication protocols makes use of UDP for its services? A. RADIUS B. TACACS+ C. LDAP D. XTACACS
A. RADIUS
A security administrator must implement a wireless encryption system to secure mobile devices' communication. Some users have mobile devices which only support 56-bit encryption. Which of the following wireless encryption methods should be implemented? A. RC4 B. AES C. MD5 D. TKIP
A. RC4
Which of the following uses both a public and private key? A. RSA B. AES C. MD5 D. SHA
A. RSA
Which of the following would provide the STRONGEST encryption? A. Random one-time pad B. DES with a 56-bit key C. AES with a 256-bit key D. RSA with a 1024-bit key
A. Random one-time pad
After encrypting all laptop hard drives, an executive officer's laptop has trouble booting to the operating system. Now that it is successfully encrypted the helpdesk cannot retrieve the data. Which of the following can be used to decrypt the information for retrieval? A. Recovery agent B. Private key C. Trust models D. Public key
A. Recovery agent
Which of the following allows a company to maintain access to encrypted resources when employee turnover is high? A. Recovery agent B. Certificate authority C. Trust model D. Key escrow
A. Recovery agent
A system administrator is notified by a staff member that their laptop has been lost. The laptop contains the user's digital certificate. Which of the following will help resolve the issue? (Select TWO). A. Revoke the digital certificate B. Mark the key as private and import it C. Restore the certificate using a CRL D. Issue a new digital certificate E. Restore the certificate using a recovery agent
A. Revoke the digital certificate D. Issue a new digital certificate
A company plans to expand by hiring new engineers who work in highly specialized areas. Each engineer will have very different job requirements and use unique tools and applications in their job. Which of the following is MOST appropriate to use? A. Role-based privileges B. Credential management C. User assigned privileges D. User access
A. Role-based privileges
A bank has a fleet of aging payment terminals used by merchants for transactional processing. The terminals currently support single DES but require an upgrade in order to be compliant with security standards. Which of the following is likely to be the simplest upgrade to the aging terminals which will improve in-transit protection of transactional data? A. AES B. 3DES C. RC4 D. WPA2
B. 3DES
Which of the following provides additional encryption strength by repeating the encryption process with additional keys? A. AES B. 3DES C. TwoFish D. Blowfish
B. 3DES
Which of the following symmetric key algorithms are examples of block ciphers? (Select THREE). A. RC4 B. 3DES C. AES D. MD5 E. PGP F. Blowfish
B. 3DES C. AES F. Blowfish
In PKI, a key pair consists of: (Select TWO). A. A key ring B. A public key C. A private key D. Key escrow E. A passphrase
B. A public key C. A private key
Sara, a security engineer, is testing encryption ciphers for performance. Which of the following ciphers offers strong encryption with the FASTEST speed? A. 3DES B. Blowfish C. Serpent D. AES256
B. Blowfish
Which of the following should be used when a business needs a block cipher with minimal key size for internal encryption? A. AES B. Blowfish C. RC5 D. 3DES
B. Blowfish
Which of the following components MUST be trusted by all parties in PKI? A. Key escrow B. CA C. Private key D. Recovery key
B. CA
A systems administrator has made several unauthorized changes to the server cluster that resulted in a major outage. This event has been brought to the attention of the Chief Information Office (CIO) and he has requested immediately implement a risk mitigation strategy to prevent this type of event from reoccurring. Which of the following would be the BEST risk mitigation strategy to implement in order to meet this request? A. Asset Management B. Change Management C. Configuration Management D. Incident Management
B. Change Management
Which of the following are restricted to 64-bit block sizes? (Select TWO). A. PGP B. DES C. AES256 D. RSA E. 3DES F. AES
B. DES E. 3DES
Public keys are used for which of the following? A. Decrypting wireless messages B. Decrypting the hash of an electronic signature C. Bulk encryption of IP based email traffic D. Encrypting web browser traffic
B. Decrypting the hash of an electronic signature
Which of the following types of cryptography should be used when minimal overhead is necessary for a mobile device? A. Block cipher B. Elliptical curve cryptography C. Diffie-Hellman algorithm D. Stream cipher
B. Elliptical curve cryptography
Given the following list of corporate access points, which of the following attacks is MOST likely underway if the company wireless network uses the same wireless hardware throughout? MACSID 00:01:AB:FA:CD:34Corporate AP 00:01:AB:FA:CD:35Corporate AP 00:01:AB:FA:CD:36Corporate AP 00:01:AB:FA:CD:37Corporate AP 00:01:AB:FA:CD:34Corporate AP A. Packet sniffing B. Evil Twin C. WPS attack D. Rogue access point
B. Evil Twin
The Chief Security Officer (CSO) for a datacenter in a hostile environment is concerned about protecting the facility from car bomb attacks. Which of the following BEST would protect the building from this threat? (Select two.) A. Dogs B. Fencing C. CCTV D. Guards E. Bollards F. Lighting
B. Fencing E. Bollards
Which of the following is MOST critical in protecting control systems that cannot be regularly patched? A. Asset inventory B. Full disk encryption C. Vulnerability scanning D. Network segmentation
B. Full disk encryption
A security administrator wants to block unauthorized access to a web server using a locally installed software program. Which of the following should the administrator deploy? A. NIDS B. HIPS C. NIPS D. HIDS
B. HIPS
Which of the following concepts is used by digital signatures to ensure integrity of the data? A. Non-repudiation B. Hashing C. Transport encryption D. Key escrow
B. Hashing
Joe must send Ann a message and provide Ann with assurance that he was the actual sender. Which of the following will Joe need to use to BEST accomplish the objective? A. A pre-shared private key B. His private key C. Ann's public key D. His public key
B. His private key
Which of the following protocols encapsulates an IP packet with an additional IP header? A. SFTP B. IPSec C. HTTPS D. SSL
B. IPSec
Which of the following is considered a risk management BEST practice of succession planning? A. Reducing risk of critical information being known to an individual person who may leave the organization B. Implementing company-wide disaster recovery and business continuity plans C. Providing career advancement opportunities to junior staff which reduces the possibility of insider threats D. Considering departmental risk management practices in place of company-wide practices
B. Implementing company-wide disaster recovery and business continuity plans
An administrator has concerns regarding the company's server rooms Proximity badge readers were installed, but it is discovered this is not preventing unapproved personnel from tailgating into these area. Which of the following would BEST address this concern? A. Replace proximity readers with turn0based key locks B. Install man-traps at each restricted area entrance C. Configure alarms to alert security when the areas are accessed D. Install monitoring cameras at each entrance
B. Install man-traps at each restricted area entrance
Which of the following algorithms has well documented collisions? (Select TWO). A. AES B. MD5 C. SHA D. SHA-256 E. RSA
B. MD5 C. SHA
Joe, an employee, was escorted from the company premises due to suspicion of revealing trade secrets to a competitor. Joe had already been working for two hours before leaving the premises. A security technician was asked to prepare a report of files that had changed since last night's integrity scan. Which of the following could the technician use to prepare the report? (Select TWO). A. PGP B. MD5 C. ECC D. AES E. Blowfish F. HMAC
B. MD5 F. HMAC
Which of the following documents outlines the responsibility of both participants in an agreement between two organizations? A. RFC B. MOU C. RFQ D. SLA
B. MOU
A small company wants to employ PKI. The company wants a cost effective solution that must be simple and trusted. They are considering two options: X.509 and PGP. Which of the following would be the BEST option? A. PGP, because it employs a web-of-trust that is the most trusted form of PKI. B. PGP, because it is simple to incorporate into a small environment. C. X.509, because it uses a hierarchical design that is the most trusted form of PKI. D. X.509, because it is simple to incorporate into a small environment
B. PGP, because it is simple to incorporate into a small environment.
In order to use a two-way trust model the security administrator MUST implement which of the following? A. DAC B. PKI C. HTTPS D. TPM
B. PKI
Which of the following types of cloud computing would be MOST appropriate if an organization required complete control of the environment? A. Hybrid Cloud B. Private cloud C. Community cloud D. Community cloud E. Public cloud
B. Private cloud
A system administrator is configuring shared secrets on servers and clients. Which of the following authentication services is being deployed by the administrator? (Select two.) A. Kerberos B. RADIUS C. TACACS+ D. LDAP E. Secure LDAP
B. RADIUS D. LDAP
Which of the following ciphers would be BEST used to encrypt streaming video? A. RSA B. RC4 C. SHA1 D. 3DES
B. RC4
All of the following are valid cryptographic hash functions EXCEPT: A. RIPEMD. B. RC4. C. SHA-512. D. MD4.
B. RC4.
Which of the following protocols is the security administrator observing in this packet capture? 12:33:43, SRC 192.168.4.3:3389, DST 10.67.33.20:8080, SYN/ACK A. HTTPS B. RDP C. HTTP D. SFTP
B. RDP
Protecting the confidentiality of a message is accomplished by encrypting the message with which of the following? A. Sender's private key B. Recipient's public key C. Sender's public key D. Recipient's private key
B. Recipient's public key CompTIA SY0-401 Exam
One of the senior managers at a company called the help desk to report to report a problem. The manager could no longer access data on a laptop equipped with FDE. The manager requested that the FDE be removed and the laptop restored from a backup. The help desk informed the manager that the recommended solution was to decrypt the hard drive prior to reinstallation and recovery. The senior manager did not have a copy of the private key associated with the FDE on the laptop. Which of the following tools or techniques did the help desk use to avoid losing the data on the laptop? A. Public key B. Recovery agent C. Registration details D. Trust Model
B. Recovery agent
Pete, an employee, is terminated from the company and the legal department needs documents from his encrypted hard drive. Which of the following should be used to accomplish this task? (Select TWO). A. Private hash B. Recovery agent C. Public key D. Key escrow E. CRL
B. Recovery agent D. Key escrow
Which of the following protocols provides transport security for virtual terminal emulation? A. TLS B. SSH C. SCP D. S/MIME
B. SSH
Which of the following can use RC4 for encryption? (Select TWO). A. CHAP B. SSL C. WEP D. AES E. 3DES
B. SSL C. WEP
Which of the following must a user implement if they want to send a secret message to a coworker by embedding it within an image? A. Transport encryption B. Steganography C. Hashing D. Digital signature
B. Steganography
Recent data loss on financial servers due to security breaches forced the system administrator to harden their systems. Which of the following algorithms with transport encryption would be implemented to provide the MOST secure web connections to manage and access these servers? A. B. TLS C. HTTP D. FTP
B. TLS
The ore-sales engineering team needs to quickly provide accurate and up-to-date information to potential clients. This information includes design specifications and engineering data that is developed and stored using numerous applications across the enterprise. Which of the following authentication technique is MOST appropriate? A. Common access cards B. TOTP C. Single sign-on D. HOTP
B. TOTP
The security administrator installed a newly generated SSL certificate onto the company web server. Due to a misconfiguration of the website, a downloadable file containing one of the pieces of the key was available to the public. It was verified that the disclosure did not require a reissue of the certificate. Which of the following was MOST likely compromised? A. The file containing the recovery agent's keys. B. The file containing the public key. C. The file containing the private key. D. The file containing the server's encrypted passwords
B. The file containing the public key.
Which of the following is replayed during wireless authentication to exploit a weak key infrastructure? A. Preshared keys B. Ticket exchange C. Initialization vectors D. Certificate exchange
B. Ticket exchange
Which of the following is replayed during wireless authentication to exploit a weal key infrastructure? A. Preshared keys B. Ticket exchange C. Initialization vectors D. Certificate exchange
B. Ticket exchange
The concept of rendering data passing between two points over an IP based network impervious to all but the most sophisticated advanced persistent threats is BEST categorized as which of the following? A. Stream ciphers B. Transport encryption C. Key escrow D. Block ciphers
B. Transport encryption
Which of the following is true about an email that was signed by User A and sent to User B? A. User A signed with User B's private key and User B verified with their own public key. B. User A signed with their own private key and User B verified with User A's public key. C. User A signed with User B's public key and User B verified with their own private key. D. User A signed with their own public key and User B verified with User A's private key.
B. User A signed with their own private key and User B verified with User A's public key.
The public key is used to perform which of the following? (Select THREE). A. Validate the CRL B. Validate the identity of an email sender C. Encrypt messages D. Perform key recovery E. Decrypt messages F. Perform key escrow
B. Validate the identity of an email sender C. Encrypt messages E. Decrypt messages
Which of the following is a concern when encrypting wireless data with WEP? A. WEP displays the plain text entire key when wireless packet captures are reassembled B. WEP implements weak initialization vectors for key transmission C. WEP uses a very weak encryption algorithm D. WEP allows for only four pre-shared keys to be configured
B. WEP implements weak initialization vectors for key transmission
Which of the following provides the strongest authentication security on a wireless network? A. MAC filter B. WPA2 C. WEP D. Disable SSID broadcast
B. WPA2
The finance department just procured a software application that needs to communicate back to the vendor server via SSL. Which of the following default ports on the firewall must the security engineer open to accomplish this task? A. 80 B. 130 C. 443 D. 3389
C. 443
In which of the following scenarios is PKI LEAST hardened? A. The CRL is posted to a publicly accessible location. B. The recorded time offsets are developed with symmetric keys. C. A malicious CA certificate is loaded on all the clients. D. All public keys are accessed by an unauthorized user.
C. A malicious CA certificate is loaded on all the clients.
An incident occurred when an outside attacker was able to gain access to network resources. During the incident response, investigation security logs indicated multiple failed login attempts for a network administrator. Which of the following controls, if in place could have BEST prevented this successful attack? A. Password history B. Password complexity C. Account lockout D. Account expiration
C. Account lockout
Which of the following BEST explains Platform as a Service? A. An external entity that provides a physical or virtual instance of an installed operating system B. A third party vendor supplying support services to maintain physical platforms and servers C. An external group providing operating systems installed on virtual servers with web applications D. An internal group providing physical server instances without installed operating systems or support
C. An external group providing operating systems installed on virtual servers with web applications
When confidentiality is the primary concern, and a secure channel for key exchange is not available, which of the following should be used for transmitting company documents? A. Digital Signature B. Symmetric C. Asymmetric D. Hashing
C. Asymmetric
Which of the following is the BEST technology for the sender to use in order to secure the in-band exchange of a shared key? A. Steganography B. Hashing algorithm C. Asymmetric cryptography D. Steam cipher
C. Asymmetric cryptography
When reviewing a digital certificate for accuracy, which of the following would Matt, a security administrator, focus on to determine who affirms the identity of the certificate owner? A. Trust models B. CRL C. CA D. Recovery agent
C. CA
When employees that use certificates leave the company they should be added to which of the following? A. PKI B. CA C. CRL D. TKIP
C. CRL
Which of the following MUST be updated immediately when an employee is terminated to prevent unauthorized access? A. Registration B. CA C. CRL D. Recovery agent
C. CRL
Which of the following should a security technician implement to identify untrusted certificates? A. CA B. PKI C. CRL D. Recovery agent
C. CRL
Which of the following provides a static record of all certificates that are no longer valid? A. Private key B. Recovery agent C. CRLs D. CA
C. CRLs
An organization is required to log all user internet activity. Which of the following would accomplish this requirement? A. Configure an access list on the default gateway router. Configure the default gateway router to log all web traffic to a syslog server B. Configure a firewall on the internal network. On the client IP address configuration, use the IP address of the firewall as the default gateway, configure the firewall to log all traffic to a syslog server C. Configure a proxy server on the internal network and configure the proxy server to log all web traffic to a syslog server D. Configure an access list on the core switch, configure the core switch to log all web traffic to a syslog server
C. Configure a proxy server on the internal network and configure the proxy server to log all web traffic to a syslog server
Joe an application developer is building an external facing marketing site. There is an area on the page where clients may submit their feedback to articles that are posted. Joe filters client-side JAVA input. Which of the following is Joe attempting to prevent? A. SQL injections B. Watering holes C. Cross site scripting D. Pharming
C. Cross site scripting
A company wants to prevent end users from plugging unapproved smartphones into PCs and transferring data. Which of the following would be the BEST control to implement? A. MDM B. IDS C. DLP D. HIPS
C. DLP
Which of the following authentication methods can use the SCTP and TLS protocols for reliable packet transmissions? A. TACACS+ B. SAML C. Diameter D. Kerberos
C. Diameter
A security administrator must implement a secure key exchange protocol that will allow company clients to autonomously exchange symmetric encryption keys over an unencrypted channel. Which of the following MUST be implemented? A. SHA-256 B. AES C. Diffie-Hellman D. 3DES
C. Diffie-Hellman
Matt, a security analyst, needs to select an asymmetric encryption method that allows for the same level of encryption strength with a lower key length than is typically necessary. Which of the following encryption methods offers this capability? A. Twofish B. Diffie-Hellman C. ECC D. RSA
C. ECC
A file on a Linux server has default permissions of rw-rw-r--. The system administrator has verified that Ann, a user, is not a member of the group owner of the file. Which of the following should be modified to assure that Ann has read access to the file? A. User ownership information for the file in question B. Directory permissions on the parent directory of the file in question C. Group memberships for the group owner of the file in question D. The file system access control list (FACL) for the file in question
C. Group memberships for the group owner of the file in question
Joe needs to track employees who log into a confidential database and edit files. In the past, critical files have been edited, and no one admits to making the edits. Which of the following does Joe need to implement in order to enforce accountability? A. Non-repudiation B. Fault tolerance C. Hashing D. Redundancy
C. Hashing
A new MPLS network link has been established between a company and its business partner. The link provides logical isolation in order to prevent access from other business partners. Which of the following should be applied in order to achieve confidentiality and integrity of all data across the link? A. MPLS should be run in IPVPN mode. B. SSL/TLS for all application flows. C. IPSec VPN tunnels on top of the MPLS link. D. HTTPS and SSH for all application flows.
C. IPSec VPN tunnels on top of the MPLS link.
A security administrator has concerns that employees are installing unapproved applications on their company provide smartphones. Which of the following would BEST mitigate this? A. Implement remote wiping user acceptance policies B. Disable removable storage capabilities C. Implement an application whitelist D. Disable the built-in web browsers
C. Implement an application whitelist
Which of the following would Matt, a security administrator, use to encrypt transmissions from an internal database to an internal server, keeping in mind that the encryption process must add as little latency to the process as possible? A. ECC B. RSA C. SHA D. 3DES
D. 3DES
Which of the following is true about asymmetric encryption? A. A message encrypted with the private key can be decrypted by the same key B. A message encrypted with the public key can be decrypted with a shared key. C. A message encrypted with a shared key, can be decrypted by the same key. D. A message encrypted with the public key can be decrypted with the private key.
D. A message encrypted with the public key can be decrypted with the private key.
To ensure compatibility with their flagship product, the security engineer is tasked to recommend an encryption cipher that will be compatible with the majority of third party software and hardware vendors. Which of the following should be recommended? A. SHA B. MD5 C. Blowfish D. AES
D. AES
The IT department has installed new wireless access points but discovers that the signal extends far into the parking lot. Which of the following actions should be taken to correct this? A. Disable the SSID broadcasting B. Configure the access points so that MAC filtering is not used C. Implement WEP encryption on the access points D. Lower the power for office coverage only
D. Lower the power for office coverage only
Users report that after downloading several applications, their systems' performance has noticeably decreased. Which of the following would be used to validate programs prior to installing them? A. Whole disk encryption B. SSH C. Telnet D. MD5
D. MD5
When designing a corporate NAC solution, which of the following is the MOST relevant integration issue? A. Infrastructure time sync B. End user mobility C. 802.1X supplicant compatibility D. Network Latency E. Network Zoning
D. Network Latency
Users can authenticate to a company's web applications using their credentials form a popular social media site. Which of the following poses the greatest risk with this integration? A. Malicious users can exploit local corporate credentials with their social media credentials B. Changes to passwords on the social media site can be delayed from replicating to the company C. Data loss from the corporate servers can create legal liabilities with the social media site D. Password breaches to the social media affect the company application as well
D. Password breaches to the social media affect the company application as well
An organization has a need for security control that identifies when an organizational system has been unplugged and a rouge system has been plugged in. The security control must also provide the ability to supply automated notifications. Which of the following would allow the organization to BEST meet this business requirement? A. MAC filtering B. ACL C. SNMP D. Port security
D. Port security
Company A sends a PGP encrypted file to company B. If company A used company B's public key to encrypt the file, which of the following should be used to decrypt data at company B? A. Registration B. Public key C. CRLs D. Private key
D. Private key
The recovery agent is used to recover the: A. Root certificate B. Key in escrow C. Public key D. Private key
D. Private key
Which of the following must be kept secret for a public key infrastructure to remain secure? A. Certificate Authority B. Certificate revocation list C. Public key ring D. Private key
D. Private key
Symmetric encryption utilizes __________, while asymmetric encryption utilizes _________. A. Public keys, one time B. Shared keys, private keys C. Private keys, session keys D. Private keys, public keys
D. Private keys, public keys
A software development company wants to implement a digital rights management solution to protect its intellectual property. Which of the following should the company implement to enforce software digital rights? A. Transport encryption B. IPsec C. Non-repudiation D. Public key infrastructure
D. Public key infrastructure
A CRL is comprised of. A. Malicious IP addresses. B. Trusted CA's. C. Untrusted private keys. D. Public keys.
D. Public keys.
Which of the following represents a cryptographic solution where the encrypted stream cannot be captured by a sniffer without the integrity of the stream being compromised? A. Elliptic curve cryptography. B. Perfect forward secrecy. C. Steganography. D. Quantum cryptography
D. Quantum cryptography.
A software developer utilizes cryptographic functions to generate codes that verify message integrity. Due to the nature if the data that is being sent back and forth from the client application to the server, the developer would like to change the cryptographic function to one that verities both authentication and message integrity. Which of the following algorithms should the software developer utilize? A. HMAC B. SHA C. Two Fish D. RIPEMD
D. RIPEMD
The security administrator runs an rpm verify command which records the MD5 sum, permissions, and timestamp of each file on the system. The administrator saves this information to a separate server. Which of the following describes the procedure the administrator has performed? A. Host software base-lining B. File snapshot collection C. TPM D. ROMDB verification
D. ROMDB verification
When creating a public / private key pair, for which of the following ciphers would a user need to specify the key strength? A. SHA B. AES C. DES D. RSA
D. RSA
Deploying a wildcard certificate is one strategy to: A. Secure the certificate's private key. B. Increase the certificate's encryption key length. C. Extend the renewal date of the certificate. D. Reduce the certificate management burden.
D. Reduce the certificate management burden.
Which of the following authentication provides users XML for authorization and authentication? A. Kerberos B. LDAP C. RADIUS D. SAML
D. SAML
Attempting to inject 50 alphanumeric key strokes including spaces into an application input field that only expects four alpha characters in considered which of the following attacks? A. XML injection B. Buffer overflow C. LDAP Injection D. SQL injection
D. SQL injection
A system administrator is setting up a file transfer server. The goal is to encrypt the user authentication and the files the user is sending using only a user ID and a key pair. Which of the following methods would achieve this goal? A. AES B. IPSec C. PGP D. SSH
D. SSH
A system administrator wants to confidentially send a user name and password list to an individual outside the company without the information being detected by security controls. Which of the following would BEST meet this security goal? A. Digital signatures B. Hashing C. Full-disk encryption D. Steganography
D. Steganography
Which of the following can hide confidential or malicious data in the whitespace of other files (e.g. JPEGs)? A. Hashing B. Transport encryption C. Digital signatures D. Steganography
D. Steganography
Encryption used by RADIUS is BEST described as: A. Quantum B. Elliptical curve C. Asymmetric D. Symmetric
D. Symmetric
