IT 121 part 2

A breach occurs in a company that processes credit card information. Which industry specific law governs credit card data protection?

PCI DSS

A user is running a routine audit of the server hardware in the company data center. Several servers are using single drives to host operating systems and multiple types of attached storage solutions for storing data. The user wants to offer a better solution to provide fault tolerance during a drive failure. Which solution is best?

RAID

A new PC is taken out of the box, started up and connected to the Internet. Patches were downloaded and installed. Antivirus was updated. In order to further harden the operating system what can be done?

Remove unnecessary programs and services.

An administrator of a small data center wants a flexible, secure method of remotely connecting to servers. Which protocol would be best to use?

Secure Shell

After a security audit for an organization, multiple accounts were found to have privileged access to systems and devices. Which three best practices for securing privileged accounts should be included in the audit report? (Choose three.)

Secure password storage. Enforce the principle of least privilege. Reduce the number of privileged accounts.

A user was hired by a company to provide a highly available network infrastructure. The user wants to build redundancy into the network in case of a switch failure, but wants to prevent Layer 2 looping. What would the user implement in the network?

Spanning Tree Protocol

A user is asked to create a disaster recovery plan for a company. The user needs to have a few questions answered by management to proceed. Which three questions should the user ask management as part of the process of creating the plan? (Choose three.)

Who is responsible for the process What is the process? Where does the individual perform the process?

A user is asked to analyze the current state of a computer operating system. What should the user compare the current operating system against to identify potential vulnerabilities?

a baseline

The CIO wants to secure data on company laptops by implementing file encryption. The technician determines the best method is to encrypt each hard drive using Windows BitLocker. Which two things are needed to implement this solution?

at least two volumes TPM

A recent email sent throughout the company stated that there would be a change in security policy. The security officer who was presumed to have sent the message stated the message was not sent from the security office and the company may be a victim of a spoofed email. What could have been added to the message to ensure the message actually came from the person?

digital signature

A user downloads an updated driver for a video card from a website. A warning message pops up saying the driver is not approved. What does this piece of software lack?

digital signature

Why should WEP not be used in wireless networks today?

easily crackable

A user was hired as the new security officer. One of the first projects was to take inventory of the company assets and create a comprehensive database. Which three pieces of information would the user want to capture in an asset database? (Choose three.)

hardware network devices workstations operating systems

As a security professional, there is a possibility to have access to sensitive data and assets. What is one item a security professional should understand in order to make informed ethical decisions?

laws governing the data

A user is redesigning a network for a small company and wants to ensure security at a reasonable price. The user deploys a new application-aware firewall with intrusion detection capabilities on the ISP connection. The user installs a second firewall to separate the company network from the public network. Additionally, the user installs an IPS on the internal network of the company. What approach is the user implementing?

layered

Why is WPA2 better than WPA?

mandatory use of AES algorithms

A recent breach at a company was traced to the ability of a hacker to access the corporate database through the company website by using malformed data in the login form. What is the problem with the company website?

poor input validation

A security breach has happened at a major corporation. The incident team has responded and executed their incident response plan. During which phase are lessons learned applied?

post-incident

A team has been asked to create an incident response plan for security incidents. In what phase of an incident response plan does the team get management approval of the plan?

preparation

A user is asked to evaluate the security posture of a company. The user looks at past attempts to break into the company and evaluates the threats and exposures to create a report. Which type of risk analysis could the user perform?

qualitative

A user is asked to perform a risk analysis of a company. The user asks for the company asset database that contains a list of all equipment. The user uses this information as part of a risk analysis. Which type of risk analysis could be performed?

quantitative

What are three type of attacks that are preventable through the use of salting? (Choose three.)

rainbow tables, lookup tables, reverse lookup tables

A user is evaluating the network infrastructure of a company. The user noted many redundant systems and devices in place, but no overall evaluation of the network. In a report, the user emphasized the methods and configurations needed as a whole to make the network fault tolerant. What is the type of design the user is stressing?

resilient

Which three items are malware?

virus keylogger Trojan horse

A user is purchasing a new server for the company data center. The user wants disk striping with parity on three disks. Which RAID level should the user implement?

5

What is the standard for a public key infrastructure to manage digital certificates?

509

What is the step by step process for creating a digital signature?

Create a message digest; encrypt the digest with the private key of the sender; and bundle the message, encrypted digest, and public key together in order to sign the document.

A company is concerned with traffic that flows through the network. There is a concern that there may be malware that exists that is not being blocked or eradicated by antivirus. What technology can be put in place to detect potential malware traffic on the network?

IDS

What are two potential threats to applications?

unauthorized access data loss

A school administrator is concerned with the disclosure of student information due to a breach. Under which act is student information protected?

FERPA

As part of HR policy in a company, an individual may opt-out of having information shared with any third party other than the employer. Which law protects the privacy of personal shared information?

GLBA

What three services does CERT provide? (Choose three.)

develop tools, products, and methods to conduct forensic examinations develop tools, products, and methods to analyze vulnerabilities resolve software vulnerabilities

A user is instructed by a boss to find a better method to secure passwords in transit. The user has researched several means to do so and has settled on using HMAC. What are the key elements needed to implement HMAC?

secret key and message digest

A user is asked to evaluate the data center to improve availability for customers. The user notices that there is only one ISP connection, some of the equipment is out of warranty, there are no spare parts, and no one was monitoring the UPS which was tripped twice in one month. Which three deficiencies in high availability has the user identified? (Choose three.)

single points of failure failure to detect errors as they occur failure to design for reliability

The CEO of a company is concerned that if a data breach should occur and customer data is exposed, the company could be sued. The CEO makes the decision to buy insurance for the company. What type of risk mitigation is the CEO implementing?

transference

A user is a consultant who is hired to prepare a report to Congress as to which industries should be required to maintain five nine availability. Which three industries should the user include in a report? (Choose three.)

finance healthcare public safety

What is the purpose of CSPRNG?

to generate salt

A user is proposing the purchase of a patch management solution for a company. The user wants to give reasons why the company should spend money on a solution. What benefits does patch management provide? (Choose three.)

Administrators can approve or deny patches. Updates cannot be circumvented. Updates can be forced on systems immediately.

What is the difference between an HIDS and a firewall?

An HIDS monitors operating systems on host computers and processes file system activity. Firewalls allow or deny traffic between the computer and other systems.

A user calls the help desk complaining that an application was installed on the computer and the application cannot connect to the Internet. There are no antivirus warnings and the user can browse the Internet. What is the most likely cause of the problem?

computer firewall

What are three disclosure exemptions that pertain to the FOIA? (Choose three.)

confidential business information law enforcement records that implicate one of a set of enumerated concerns national security and foreign policy information

The manager of desktop support wants to minimize downtime for workstations that crash or have other software-related issues. What are three advantages of using disk cloning? (Choose three.)

easier to deploy new computers within the organization can provide a full system backup ensures a clean imaged machine

A user is the database administrator for a company. The user has been asked to implement an integrity rule that states every table must have a primary key and that the column or columns chosen to be the primary key must be unique and not null. Which integrity requirement is the user implementing?

entity integrity

A user calls the help desk complaining that the password to access the wireless network has changed without warning. The user is allowed to change the password, but an hour later, the same thing occurs. What might be happening in this situation?

rogue access point

Alice and Bob use the same password to login into the company network. This means both would have the exact same hash for their passwords. What could be implemented to prevent both password hashes from being the same?

salting

An intern has started working in the support group. One duty is to set local policy for passwords on the workstations. What tool would be best to use?

secpol.msc

An auditor is asked to assess the LAN of a company for potential threats. What are three potential threats the auditor may point out? (Choose three.)

unlocked access to network equipment a misconfigured firewall unauthorized port scanning and network probing

A security professional is asked to perform an analysis of the current state of a company network. What tool would the security professional use to scan the network only for security risks?

vulnerability scanner

What are three validation criteria used for a validation rule? (Choose three.)

size, range, format

A user makes a request to implement a patch management service for a company. As part of the requisition the user needs to provide justification for the request. What three reasons can the user use to justify the request? (Choose three.)

the ability to obtain reports on systems no opportunities for users to circumvent updates the ability to control when updates occur

A user is evaluating the security infrastructure of a company and notices that some authentication systems are not using best practices when it comes to storing passwords. The user is able to crack passwords very fast and access sensitive data. The user wants to present a recommendation to the company on the proper implementation of salting to avoid password cracking techniques. What are three best practices in implementing salting? (Choose three.)

A salt should not be reused, A salt must be unique, A salt should be unique for each password

An organization has implemented a private cloud infrastructure. The security administrator is asked to secure the infrastructure from potential threats. What three tactics can be implemented to protect the private cloud? (Choose three.)

Disable ping, probing, and port scanning. Test inbound and outbound traffic. Update devices with security fixes and patches.

What are three types of power issues that a technician should be concerned about? (Choose three.)

brownout blackout spike

If a person knowingly accesses a government computer without permission, what federal act laws would the person be subject to?

CFAA

Unauthorized visitors have entered a company office and are walking around the building. What two measures can be implemented to prevent unauthorized visitor access to the building? (Choose two.)

Conduct security awareness training regularly. Establish policies and procedures for guests visiting the building.

A user has created a new program and wants to distribute it to everyone in the company. The user wants to ensure that when the program is downloaded that the program is not changed while in transit. What can the user do to ensure that the program is not changed when downloaded?

Create a hash of the program file that can be used to verify the integrity of the file after it is downloaded.

Which method tries all possible passwords until a match is found?

brute force

Which service will resolve a specific web address into an IP address of the destination web server?

DNS

What are three NIST-approved digital signature algorithms? (Choose three.)

DSA, ECDSA, RSA

A consultant is hired to make recommendations on managing device threats in a company. What are three general recommendations that can be made? (Choose three.)

Enable automated antivirus scans. Disable administrative rights for users. Enable screen lockout.

A user has completed a six month project to identify all data locations and catalog the location. The next step is to classify the data and produce some criteria on data sensitivity. Which two steps can the user take to classify the data?

Establish the owner of the data. Identify sensitivity of the data.

A user has been asked to implement IPsec for inbound external connections. The user plans to use SHA-1 as part of the implementation. The user wants to ensure the integrity and authenticity of the connection. What security tool can the user use?

HMAC

What are two items that can be found on the Internet Storm Center website? (Choose two.)

InfoSec reports InfoSec job postings

What is a strength of using a hashing function?

It is a one-way function and not reversible.

Why is Kali Linux a popular choice in testing the network security of an organization?

It is an open source Linux security distribution and contains over 300 tools.

Companies may have different operation centers that handle different issues with the IT operations. If an issue is related to network infrastructure, what operation center would be responsible?

NOC

What can be used to rate threats by an impact score to emphasize important vulnerabilities?

NVD

An investigator finds a USB drive at a crime scene and wants to present it as evidence in court. The investigator takes the USB drive and creates a forensic image of it and takes a hash of both the original USB device and the image that was created. What is the investigator attempting to prove about the USB drive when the evidence is submitted in court?

The data in the image is an exact copy and nothing has been altered by the process.

Identify three situations in which the hashing function can be applied. (Choose three.)

PKI, IPsec, CHAP

A company has had several incidents involving users downloading unauthorized software, using unauthorized websites, and using personal USB devices. The CIO wants to put in place a scheme to manage the user threats. What three things might be put in place to manage the threats? (Choose three.)

Provide security awareness training. Disable CD and USB access. Use content filtering.

A company is attempting to lower the cost in deploying commercial software and is considering a cloud based service. Which cloud based service would be best to host the software?

SaaS

A user is connecting to an e-commerce server to buy some widgets for a company. The user connects to the site and notices there is no lock in the browser security status bar. The site does prompt for a username and password and the user is able to log in. What is the danger in proceeding with this transaction?

The site is not using a digital certificate to secure the transaction, with the result that everything is in the clear.

A company wants to implement biometric access to its data center. The company is concerned with people being able to circumvent the system by being falsely accepted as legitimate users. What type of error is false acceptance?

TypeII

The company has many users who telecommute. A solution needs to be found so a secure communication channel can be established between the remote location of users and the company. What is a good solution for this situation?

VPN

A user needs to add redundancy to the routers in a company. What are the three options the user can use? (Choose three.)

VRRP HSRP GLBP

What are the three broad categories for information security positions? (Choose three.)

builders monitors definers

The manager of a department suspects someone is trying to break into computers at night. You are asked to find out if this is the case. What logging would you enable?

audit