sec+ domain 3

Honeynets are usually more difficult to monitor than firewalls and IDSes. True or false?

False. Honeynets are easier to configure and monitor as they will provide valuable information only for specific attacks.

What is the suggested height of a fence for physical security? 5 feet 6 feet 4 feet 8 feet

8 feet 8 feet is challenging compared to 4/5/6 feet. Fences used for actual prevention rather than as a deterrent should be 8 feet high and angled at 45 degrees towards the outside.

Which of the following protocols are mainly used to monitor and configure network devices? SMTP SNMP NTP SCP

SNMP Simple Network Management Protocol is used to configure and monitor network devices.

How can sniffers be mitigated and broadcast traffic be decreased? PPTP IPSec VPN VLAN

VLAN VLAN enhances a feature called segmentation which is created to contain network traffic, protecting this traffic from being broadcast and mitigating sniffing threats.

Which of the following best describes an intranet? a privately operated network that uses TCP/IP the global network that uses TCP/IP a network that connects one nation to another exclusively

a privately operated network that uses TCP/IP An intranet is a privately operated network that uses TCP/IP. These are most often found within corporations.

ABC Inc. wants to deploy a bastion host in their DMZ. Which of the following should they consider for this bastion host? all of these apply all possible patches and hot fixes log all security related events shut down any unncessary service, protocol, or program

all of these A bastion host lies in the DMZ and is not fully protected as is the internal network. It is publicly accessible and for this reason, it should be hardened as far as possible. So, all of these measures should be taken to harden this bastion host.

Which type of control is recommended by the concept of control diversity? physical controls administrative controls technical controls all of these

all of these Control diversity is a concept which involves using a combination of physical, administrative and technical controls to properly secure an environment, rather than relying on a single control type to protect against all threats.

Which of the following are cloud deployment types? public private community all of these

all of these Public, private and community clouds are all implementation of cloud storage, with each providing cloud services to a different subset of groups.

Physical security ________________ can affect the availability of the company resources can affect the integrity of the assets and environments can affect the confidentiality of the data and business processes all of these are correct

all of these are correct Physical security impacts Availability, Integrity, Confidentiality The layered defense model means that physical controls should work together in a tiered architecture to provide better security.

An extranet is defined as: an extension of a private network an addition to the internet unwanted networks none of these

an extension of a private network An extranet is a cross between the Internet and an intranet. An extranet is a section of an organization's network that has been sectioned off so that it acts as an intranet for the private network but also serves information to the public Internet.

All of the following could be used to prevent shoulder surfing,except: strategically placed monitors awareness training high-walled cubicles anti-emanation materials

anti-emanation materials Strategically placing monitors and using high-walled cubicles can prevent line-of-sight, and making users aware of shoulder surfing helps them protect against the threat themselves. Anti-emanation materials help prevent electrical signals from being interpreted by an attacker, but do not mitigate regular shoulder surfing threats.

Which of these has 3 digits with wheels? warded lock tumbler lock combination lock device lock

combination lock Combination lock requires the correct combination of digits aligned in order to be opened

Plain photo ID cards are: dumb cards smart cards swipe cards none of these

dumb cards These are 'dumb' cards and just a paper printout of relevant information along with holder's photograph.

If you implement endpoint security, then there is no need for a DMZ. True or False? true false

false Endpoint security does not replace DMZ and technologies such as firewalls, but it does add defense in depth.

Any piece of systems hardware can be taken off-site as long as the employee has been with the company for more that 3 years and has a ISSEP/CISSP Certification true false

false Hardware should never be moved off-site unless under extenuating services approved by management, no matter what an employee's qualifications might be.

Physical security's sole aim is to protect company information and data. false true

false That is one of the aims, not a sole aim. It also protects people, equipment, infrastructure etc.

You should place your Intranet DNS server in demilitarized zone (DMZ). True or false?

false This server is used to provide DNS services to the internal network, and there is no need for it to be placed in an external-facing DMZ.

Which of the following options is a result of poor physical security? SQL injection implement rogue WAP DNS spoofing MAC spoofing

implement rogue WAP Insufficient physical security can allow a hacker to plant a rogue wireless access point on a network.

What type of network traffic is only visible to the virtualization hypervisor, and thus a potential security concern? ingress traffic WAN traffic egress traffic inter-vm traffic

inter-vm traffic Inter-VM traffic is exhibited when two virtual machines communicate only with each other, and the packets flow through a virtual switch, never leaving the hypervisor environment. Unless additional virtual networking is in place, or perhaps another virtual machine to monitor Inter-VM traffic, the lack of visibility provides attackers a mechanism to use Inter-VM traffic as a potential covert communication channel.

Which of the following is a physical control affecting integrity keeping bushes trimmed low enough to eliminate easy hiding places for intruders running background investigations on security guards to insure they do not have criminal records using CCTV to monitor for intruders and sleeping security. guards keeping backup tapes locked up when not in use

keeping back tapes locked up when not in use Trimming bushes and using cameras to monitor for unscrupulous activity are preventive controls. Running background checks will verify the integrity of security guards but this is an administrative control not physical. Keeping the backup tapes locked will keep them out of the hands of people that should not be touching them and improve the likelihood they will be unmodified when they are needed.

Which of these security measures can ensure that no one can breaks into the server room to take away the servers? physical logical administrative technical

physical Physical security can ensure no unauthorized personal can break into server room physically to steal the server hardware. Logical measures involve the software and password protocols. Technical measures include user authentication. Administrative controls involve the policies and procedures.

A wireless ____ reader is capable of sensing the presence of a card that is within some specific distance from the reader. proximity signal ID field

proximity These are known as wireless proximity readers since they sense the cards in their vicinity or proximity.

What is the final environment used to ensure programs are functioning properly before being put into a production environment? development test staging post-prod

staging A staging environment is used to ensure a program is complete and functions without error in a production-like environment, before actually being released to production. Development is where the initial creation of a program is done, and the testing environment is where initial functionality testing takes place.

Which of the following can monitor files to see if they have been changed? tripwire SNORT flow-tools portsentry

tripwire Tripwire is a tool that checks file integrity, identifying when files are modified from their previous content.

One should never have their database server in DMZ. True or false? true false

true A database server contains sensitive information and provides a critical service. Database servers should be highly protected and should NEVER be Internet-facing or in a DMZ.

Email injection is an input validation vulnerability true false

true Email injection occurs when applications send email messages and do not properly sanitize or otherwise validate the user input for sending emails.

The technology that is used to host multiple OS within the memory of a single host is known as ___________. virtualization none of this logical partitioning storage area network

virtualization Virtualization allows any OS to operate on any hardware.

Apart from authentication, what other methods are used in implementing a mantrap? visual identification visual de-implementation mental stimulation exclusive access

visual identification Mantraps can be used to require employee authentication, and during this process those passing through the mantrap can also be visually identified using security guards or cameras.

What is VM Sprawl? when VMs are too numerous to be properly managed when a vm has too many services running a concept used by VM vendors to push their product it's when VM monitoring is done via well-known sources

when VMs are too numerous to be properly managed VM sprawl occurs when an organization does not properly manage the creation/deletion of virtual machines, resulting in a large amount of unused or undocumented VMs eating up resources and potentially providing access to attackers.

Where Should Physical Security Controls be implemented? (select three) workstations outermost gate restrooms data centers

workstations outermost gate data centers Physical security controls should be used to prevent/deter access to areas which may contain sensitive information, including workstation environments, data centers and the building in general. Physical security is tuypically not required for something as innocuous as a restroom, especially when these are already located in an area with its own physical security controls.