Selection of Quiz Questions
In order to securely communicate using PGP, the sender of an email must do which of the following when sending an email to a recipient for the first time?
Import the recipient's public key
A company would like to implement two-factor authentication for its vulnerability management database to require system administrators to use their token and random PIN codes. Which of the following authentication services accomplishes this objective?
RADIUS (Not TACACS+)
A systems engineer has been presented with storage performance and redundancy requirements for a new system to be built for the company. The storage solution must be designed to support the highest performance and must also be able to support more than one drive failure. Which of the following should the engineer choose to meet these requirements?
A mirrored mirror array
A developer needs to utilize AES encryption in an application but requires the speed of encryption and decryption to be as fast as possible. The data that will be secured is not sensitive so speed is valued over encryption complexity. Which of the following would BEST satisfy these requirements?
AES with cipher feedback (Not AES with counter mode)
During a routine audit it is discovered that someone has been using a state administrator account to log into a seldom used server. The person used server. The person has been using the server to view inappropriate websites that are prohibited to end users. Which of the following could BEST prevent this from occurring again?
Account expiration policies
Which of the following would Jane, an administrator, use to detect an unknown security vulnerability?
Application configuration baseline
Joe, an employee is taking a taxi through a busy city and starts to receive unsolicited files sent to his Smartphone. Which of the following is this an example of?
Bluejacking
Data execution prevention is a feature in most operating systems intended to protect against which type of attack?
Buffer overflow
During a recent audit, the auditors cited the company's current virtual machine infrastructure as a concern. The auditors cited the fact that servers containing sensitive customer information reside on the same physical host as numerous virtual machines that follow less stringent security guild lines. Which of the following would be the best choice to implement to address this audit concern while maintain the current infrastructure?
Create new VLANs and segment the network according to the level of data sensitivity (Not Migrate the individual virtual machines that do not contain sensitive data to separate physical machines)
A security administrator is using a software program to test the security of a wireless access point. After running the program for a few hours, the access point sends the wireless secret key back to the software program. Which of the following attacks is this an example of?
Deauth
A security analyst is reviewing the following packet capture of an attack directed at a company's server located in the DMZ: PHOTO HERE Which of the following ACLs provides the BEST protection against the above attack and any further attacks from the same IP, while minimizing service interruption?
Deny TCP from 192.168.1.10 to 172.31.67.4 (Not Deny IP from 192.168.1.10/32 to 0.0.0.0/0)
A business has recently adopted a policy allowing employees to use personal cell phones and tablets to access company email accounts while out of the office. Joe an employee was using a personal cell phone for email access and was recently terminated. It is suspected that Joe saved confidential client emails on his personal cell phone. Joe claims that the data on the phone is completely personal and refuse to allow the company access to inspect the cell phone. Which of the following is the MOST likely cause of this dispute?
Device ownership (Not Fair Use Policy)
Which of the following authentication methods can use the SCTP and TLS protocols for reliable packet transmissions?
Diameter
Ann was reviewing her company's event logs and observed several instances of GUEST accessing the company print server, file server, and archive database. As she continued to investigate, Ann noticed that it seemed to happen at random intervals throughout the day, but mostly after the weekly automated patching and often logging in at the same time. Which of the following would BEST mitigate this issue?
Disabling unnecessary accounts
Data confidentiality must be enforces on a secure database. Which of the following controls meets this goal? (Select TWO)
Encryption Hashing
To protect corporate data on removable media, a security policy should mandate that all removable devices use which of the following?
Full disk encryption
Which of the following cryptographic algorithms is MOST often used with IPSec?
HMAC
Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses to gather data on new malware. Which of the following is being implemented by Jane's company?
Honeynet
A security administrator suspects that an employee in the IT department is utilizing a reverse proxy to bypass the company's content filter and browse unapproved and nonwork related sites while at work. Which of the following tools could BEST be used to determine how the employee is connecting to the reverse proxy?
Honeypot
A system administrator wants to configure a setting that will make offline password cracking more challenging. Currently the password policy allows upper and lower case characters a minimum length of 5 and a lockout after 10 invalid attempts. Which of the following has the GREATEST impact on the time it takes to crack the passwords?
Implement an account lockout policy after three unsuccessful logon attempts (Not Increase the minimum password length to 8 while keeping the same character set)
Which of the following is a software vulnerability that can be avoided by using input validation?
Incorrect input
Jane, a security administrator, has been tasked with explaining authentication services to the company's management team. The company runs an active directory infrastructure. Which of the following solutions BEST relates to the host authentication protocol within the company's environment?
Kerberos
An attacker attempted to compromise a web form by inserting the following input into the username field: admin)(|(password=*)) Which of the following types of attacks was attempted?
LDAP injection
An organization has an internal PKI that utilizes client certificates on each workstation. When deploying a new wireless network, the security engineer has asked that the new network authenticate clients by utilizes the existing client certificates. Which of the following authentication mechanisms should be utilized to meet this goal?
LEAP
A penetration tester was able to obtain elevated privileges on a client workstation and multiple servers using the credentials of an employee. Which of the following controls would mitigate these issues? (Select TWO)
Least privilege Account expiration
For high availability which of the following would be MOST appropriate for fault tolerance?
Load Balancing
Joe is the accounts payable agent for ABC Company. Joe has been performing accounts payable function for the ABC Company without any supervision. Management has noticed several new accounts without billing invoices that were paid. Which of the following is the BEST management option for review of the new accounts?
Mandatory vacation
A computer is put into a restricted VLAN until the computer's virus definitions are uptodate. Which of the following BEST describes this system type?
NAC
A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this?
NetBIOS
Matt, a systems security engineer, is determining which credentialtype authentication to use within a planned 802.1x deployment. He is looking for a method that does not require a client certificate, has a server side certificate, and uses TLS tunnels for encryption. Which credential type authentication method BEST fits these requirements?
PEAPMSCHAPv2
A system administrator wants to prevent password compromises from offline password attacks. Which of the following controls should be configured to BEST accomplish this task? (Select TWO)
Password complexity Account lockouts
An outside security consultant produces a report of several vulnerabilities for a particular server. Upon further investigation, it is determine that the vulnerability reported does not apply to the platform the server is running on. Which of the following should the consultant do in order to produce more accurate results?
Perform a penetration test in addition to a vulnerability scan
During a security assessment, an administrator wishes to see which services are running on a remote server. Which of the following should the administrator use?
Port scanner (Not Process List)
The recovery agent is used to recover the:
Private key
When creating a public / private key pair, for which of the following ciphers would a user need to specify the key strength?
RSA (Not SHA)
Which of the following security benefits would be gained by disabling a terminated user account rather than deleting it?
Retention of User Keys (Not Retention of user directories and files)
During a server audit, a security administrator does not notice abnormal activity. However, a network security analyst notices connections to unauthorized ports from outside the corporate network. Using specialized tools, the network security analyst also notices hidden processes running. Which of the following has MOST likely been installed on the server?
Rootkit
After an audit, it was discovered that an account was not disabled in a timely manner after an employee has departed from the organization. Which of the following did the organization fail to properly implement?
Routine Account Audits (Not User rights and permission reviews)
The chief information officer (CIO) of a major company intends to increase employee connectivity and productivity by issuing employees mobile devices with access to their enterprise email, calendar, and contacts. The solution the CIO intends to use requires a PKI that automates the enrollment of mobile device certificates. Which of the following, when implemented and configured securely, will meet the CIO's requirement?
SCEP
Which of the following protocols operates at the HIGHEST level of the OSI model?
SCP
Which of the following uses port 22 by default? (Select THREE).
SSH SFTP SCP
A security administrator is concerned about the strength of user's passwords. The company does not want to implement a password complexity policy. Which of the following can the security Administrator implement to mitigate the risk of an online password attack against users with weak passwords?
Shorten the password expiration period (Not Increase the password length requirements )
When confidentiality is the primary concern which of the following types of encryption should be chosen?
Symmetric
Which of the following has a storage root key?
TPM (Not HSM)
Joe uses his badge to enter the server room, Ann follows Joe entering without using her badge. It is later discovered that Ann used a USB drive to remove confidential data from a server. Which of the following principles is potentially being violated? (Select TWO)
Tailgating Data handling
An internal audit has detected that a number of archived tapes are missing from secured storage. There was no recent need for restoration of data from the missing tapes. The location is monitored by access control and CCTV systems. Review of the CCTV system indicates that it has not been recording for three months. The access control system shows numerous valid entries into the storage location during that time. The last audit was six months ago and the tapes were accounted for at that time. Which of the following could have aided the investigation?
Testing controls
Joe a web developer wants to make sure his application is not susceptible to cross-site request forgery attacks. Which of the following is one way to prevent this type of attack?
The application should always use SSL encryption (Not HTTP header checking)
Ann the security administrator has been reviewing logs and has found several overnight sales personnel are accessing the finance department's network shares. Which of the following security controls should be implemented to BEST remediate this?
Time of day restrictions
A website is breached, exposing the usernames and MD5 password hashes of its entire user base. Many of these passwords are later cracked using rainbow tables. Which of the following actions could have helped prevent the use of rainbow tables on the password hashes?
Use SHA as a hashing algorithm instead of MD5
A network engineer is setting up a network for a company. There is a BYOD policy for the employees so that they can connect their laptops and mobile devices. Which of the following technologies should be employed to separate the administrative network from the network in which all of the employees' devices are connected?
VLAN