FINAL
Which of the following is the strongest password? a. |ocrian b. Marqu1sD3S0d c. This1sV d. Thisisverysecure
#This1sV#ryS3cure
Within the birthday paradox, what is the probability that two people have the same birth date within a group of 23 people? a.99 percent b.100 percent c.50 percent d.23 percent
50 percent
Which of the following is a common encryption standard used today and can work with a 256-bit block size? a.AES b.DES c.Triple DES d.RC4
AES
Which of the following types of policies define the rules that restrict how a computer or other system may be used by an employee? a.Change management b.Due process c.Acceptable use d.Job rotation
Acceptable use
Which of the following is the amount of times per year that a specific incident occurs? a.SLE b.ARO c.ALE d.MAC
Annualized Rate of Occurrence (ARO)
You are contracted to conduct a forensic analysis of a computer. What should you do first? a.Back up the system. b.Analyze the files. c.Scan for viruses. d.Make changes to the operating system.
Back up the system
What is a certificate added to when it is considered to be no longer valid? a.Key escrow b.CRL c.CA d.RA
Certificate Revocation List
Which of the following will have tables, chairs, restrooms, and possibly some basic phone, data, and electric lines? a.Cold site b.Warm site c.Hot site d.Duplicate site
Cold site
What key combination helps to secure the logon process? a.Windows+R b.Ctrl+Shift+Esc c.Ctrl+Alt+Del d.Alt+F4
Ctrl+Alt+Del
When conducting an audit, what should be done after risk has been scanned for, analyzed, and calculated? a.Define exactly what should be audited. b.Create backups. c.Create a list of vulnerabilities. d.Develop a plan to mitigate risk.
Develop a plan to mitigate risk
Which of the following is when a prearranged list of likely words is attempted one at a time? a.Brute-force attack b.Dictionary attack c.Cryptanalysis attack d.Guessing
Dictionary Attack
A person complains that he cannot see any events in the Event Viewer. Which of the following questions should you not ask the person? a.Did you reboot your computer? b.Has auditing been turned on in a policy? c.Was auditing enabled for the individual objects? d.Do you have administrative capabilities?
Did you reboot your computer?
Which of the following backs up only the contents of a folder that have changed since the last full backup? a.Full backup b.Differential backup c.Copy backup d.Towers of Hanoi
Differential Backup
Which of the following is when a thief attempts to take responsibility for a shipment by diverting the delivery to a nearby location? a.Pretexting b.Diversion theft c.Phishing d.Baiting
Diversion theft
Which of the following can be summed up as ensuring that IT infrastructure risks are known and managed? a.Separation of duties b.Due diligence c.Due care d.Due process
Due dilligence
Which of the following encryption algorithms is based on the structure of an elliptic curve? Select one: a.RSA b.ECC c.RC4 d.One-time pad
Elliptic Curve Cryptography
In a standard incident response process, which of the following steps happens after containment? a.Identification b.Recovery c.Eradication d.Lessons learned
Eradication
Which of the following is not part of the three-step auditing process? a.Enabling auditing for files b.Turning on an auditing policy c.Evaluating the system log d.Reviewing the security log
Evaluating the system log
Which of the following is also known as "high-availability clusters"? a.Failover clusters b.Load-balancing clusters c.CPU clusters d.Redundant clusters
Failover clusters
A broadcast storm is when the TCP/IP handshake has been compromised. True False
False
A portable gas engine generator is the best solution for a company that wants a permanently installed generator True False
False
A stream cipher is a type of algorithm that encrypts a group of bits collectively as individual units known as blocks. True False
False
A surge is a short transient in the voltage that can be due to a short circuit or power outage. True False
False
A wet pipe system is known as a special hazard protection system. True False
False
An SNMP agent is software run on a server to monitor the network. True False
False
Anomaly-based monitoring uses predetermined attack patterns. True False
False
Behavior-based monitoring establishes a performance baseline based on a set of normal network traffic evaluations. True False
False
By default, Wireshark is non-promiscuous. True False
False
Certificates are digitally signed electronic documents that bind a private key with a user identity. True False
False
Change management is when more than one person is required to complete a particular task or operation. True False
False
DES is a commonly-used block cipher. True False
False
Encryption is a type of cipher. True False
False
Fire Class K extinguishers should be used for electrical fires. True False
False
If you move a folder to a different location on the same volume, that folder will lose its permissions. True False
False
In quantitative risk assessment: SLE X ALE = ARO True False
False
Lattice-based access control is an example of role-based access control. True False
False
Least privilege is a concept that denies all traffic to a resource unless the user is specifically granted access to that resource. True False
False
Most PKIs use a web of trust model. True False
False
OVAL is a type of penetration testing. True False
False
One of the reasons to have job rotation implemented is to increase employee boredom. True False
False
One of the strategies an organization might employ when managing a particular risk is to accept none of the risk. True False
False
Passive security analysis is when actual hands-on tests are run on a system. True False
False
Public keys are known only to specific users who keep the key secret. True False
False
Qualitative risk assessment measures risk by using exact monetary values. True False
False
RAID 1 is known as striping with parity. True False
False
Redundant power supplies can help in the case of a brownout. True False
False
SNMP uses port 143 True False
False
Steganography uses a certificate authority to manage keys. True False
False
TEMPEST is a type of Faraday cage. True False
False
The first phase of the incident response process is Identification. True False
False
Which of the following backup schemes could be described as using a daily, weekly, and monthly set of tapes? a.10 tape rotation b.Grandfather-father-son c.Towers of Hanoi d.Six-tape scheme
Grandfather-father-son
A summary of a file or message best describes which of the following? a.Hash function b.MD5 c.Hash d.LANMAN
Hash
Which of the following could be described as an attempt at deceiving people into believing something that is false? a.Shoulder surfing b.Eavesdropping c.Hoax d.Piggybacking
Hoax
Which of the following is a near duplicate of the original site of the organization? a.Cold site b.Warm site c.Hot site d.Duplicate site
Hotsite
Which of the following is used to secure L2TP sessions? a.S/MIME b.PPTP c.SSH d.IPsec
IPsec
When conducting a risk assessment, which of the following should you do after identifying threats and threat likelihood? (Select the two best answers.) a.Identify the organization's assets. b.Identify vulnerabilities. c.Identify a potential monetary impact. d.Identify the impact assessment.
Identify a potential monetary impact identify the impact assessment
Which of the following will back up only the contents of a folder that have changed since the last full backup or the last incremental backup? a.Full backup b.Incremental backup c.Differential backup d.Copy backup
Incremental Backup
Which of the following is best described as when certificate keys are held in the case that third parties such as government or other organizations need access to encrypted communications? a.Key escrow b.CRL c.CA d.RA
Key escrow
Lattice-based access control is an example of what type of access control policy? a.DAC b.RBAC c.MAC d.Rule-based access control
Mandatory Access Control
Which of the following is an access control policy determined by a computer system and not by a user or owner? Select one: a.DAC b.MAC c.RBAC d.Discretionary security policy
Mandatory Access Control
Which of the following is based off of the MD5 hash? a.LANMAN b.NTLM c.NTLMv2 d.SHA-1
NTLMv2
Which of the following is the newest and strongest Windows hash? a.LANMAN b.NTLM c.NTLMv2 d.NTLMv3
NTLMv2
Which of the following is a vulnerability assessment tool? Select one: a.John the Ripper b.AirSnort c.Nessus d.Cain & Abel
Nessus
Which of the following types of encryption can encrypt plaintext with a secret random key that is the same length as the plaintext? a.PGP b.ECC c.One-time pad d.RSA
One-time pad
In a discretionary access control model, who is in charge of setting permissions to a resource? a.Owner of the resource b.Administrator c.Any user of the computer d.Administrator and the owner
Owner of the resource
"Maximum and minimum password age" is part of which of the following? a. Organizational unit b. Group policy editor c. Password policy
Password policy
Which of the following would not be considered part of a disaster recovery plan? a.Hot site b.Patch management software c.Backing up computers d.Tape backup
Patch management software
Which one of the following is the attempt at fraudulently obtaining private information through e-mail? Select one: a.Pretexting b.Diversion theft c.Phishing d.Baiting
Phishing
Which of the following is not a category of disaster? a.Fire b.Flood c.Successful malicious attack d.Pretexting
Pretexting
Which of the following is when a person invents a scenario in the hope of persuading a victim to divulge information? a.Pretexting b.Diversion theft c.Phishing d.Baiting
Pretexting
Which act governs the collection, use, and dissemination of personally identifiable information? a.Privacy Act of 1974 b.SOX c.HIPAA d.Gramm-Leach-Bliley Act
Privacy Act of 1974
Which tool can be instrumental in capturing FTP GET requests? a.Vulnerability scanner b.Port scanner c.Performance Monitor d.Protocol analyzer
Protocol analyzer
Which of the following uses the equation SLE x ARO = ALE? a.Qualitative risk assessment b.Passive security analysis c.Quantitative risk assessment d.ALE. e.Active security analysis
Quantitative Risk Assessment
Which of the following can be described as striping with parity? a.RAID 0 b.RAID 1 c.RAID 5 d.RAID 0+1
RAID 5
Which of the following is a stream cipher? a.DES b.RC4 c.AES d.RC6
RC4
Which of the following are asymmetric encryption algorithms? (Select the two best answers.) a.RSA b.RC6 c.Diffie-Hellman d.AES
RSA and Diffie-Hellman
Which of the following best describes an audit trail? a.Records or logs that show the tracked actions of users b.Ensuring that a person or group cannot refute the validity of your proof c.Files that log activity of users d.Software deployed via the network management system
Records or logs that show the tracked actions of users
Which of the following access control policies is based on sets of permissions involved in an operation? a. DAC b. RBAC c. MAC d. Rule-based access control
Rule Base Access Control
Which of the following employs a 160-bit hash? a.MD5 b.SHA-1 c.SHA-2 d.NTLM
SHA-1
You are setting up auditing on a Windows computer. If set up properly, which log should have entries? a.Application log b.System log c.Security log d.Maintenance log
Security Log
Which of the following is not an example of a default hidden share? a.IPC$ b.Security$ c.Admin$ d.C$
Security$
Which of the following is the most basic form of IDS? a.Anomaly-based b.Behavior-based c.Signature-based d.Statistical-based
Signature-Based
Which of the following can be defined as the loss of value in dollars based on a single incident? a.SLE b.ARO c.ALE d.MAC
Single Loss Expectancy SLE
Which type of certificate is most commonly used by communications sessions? a.Single-sided certificate b.Dual-sided certificate c.Web of trust d.Certificate authority
Single sided certificate
Which of the following scenarios would not use a PKI? a.E-commerce and web logins b.E-mail and other communications c.Symmetric key algorithms d.Virtual private networks
Symmetric key algorithms
What do hackers use malicious port scanning to accomplish? a.The "fingerprint" of the operating system b.The topology of the network c.All the computer names on the network d.All the usernames and passwords
The "fingerprint" of the operating system
Which of the following are examples of penetration testing methods? (Select the two best answers.) a.The Open Source Security Testing Methodology Manual b.OVAL c.NIST penetration testing d.CERDEC
The Open Source Security Testing Methodology Manual, NIST penetration testing
What is the main reason to frequently view the logs of a DNS server? a.To defend against DoS attacks b.To prevent domain name kiting c.To monitor unauthorized zone transfers d.To create aliases
To monitor unauthorized zone transfers
Which of the following data sensitivity classifications is often broken into sections on a need-to-know basis? a.Public information b.Confidential information c.Internal information d.Top secret information
Top secret information
A CO2 fire extinguisher displaces the oxygen needed for a fire to burn. True False
True
A Class D fire extinguisher should be used in a chemical laboratory. True False
True
A UPS combines the functionality of a surge suppressor and a battery backup. True False
True
A blackout is when a total loss of power occurs for a prolonged period. True False
True
A cryptanalysis attack is a type of password cracking method. True False
True
A fire extinguisher denoted by a green triangle should be used for ash fires. True False
True
A key is an essential piece of information that determines the output of a cipher. True False
True
A single point of failure is an element, object, or part of a system that, if it fails, can cause the entire system to fail. True False
True
Active Directory Users and Computers can be used to add organizational units to a domain. True False
True
An NMS is the software run on one or more servers that control the monitoring of network-attached devices and computers. True False
True
Baselining is the process of measuring changes in networking. True False
True
Battery-inverter generators use lead-acid batteries. True False
True
Cryptography is the practice and study of hiding the meaning of a message. True False
True
DAC is an access control policy generally determined by the owner. True or False
True
Due process refers to the principle that an organization must respect and safeguard personnel's rights. True False
True
FM-200 systems use a clean agent fire extinguishant. True False
True
Failure-resistant disk systems protect against data loss due to disk failure. An example of this would be RAID 1 mirroring. True False
True
Full control is a type of NTFS permission that might be enabled within an access control list. True False
True
If a child folder is inheriting its permissions from a parent folder, it could be said that the parent is propagating those permissions to the child. True False
True
If a key pair is generated at a local computer, it is considered to be decentralized. True False
True
In a signature-based monitoring environment, network traffic is analyzed for predetermined attack patterns True False
True
In data sensitivity classifications, information available to anyone is called public information. True False
True
In the five steps of vulnerability management, prioritizing vulnerabilities should happen before mitigation of vulnerabilities. True False
True
Most certificates are based on the X.509 standard. True False
True
NMAP is a type of vulnerability scanner. True False
True
PKIs manage, store, and revoke digital certificates. True False
True
Public key cryptography uses asymmetric keys alone or in addition to symmetric keys. True False
True
RAID 0+1 combines the advantages of RAID 0 and RAID 1. True False
True
Risk management can be defined as the identification, assessment, and prioritization of risks. True False
True
Security monitoring can be augmented by using a SIEM solution. True False
True
Separation of duties is when more than one person is required to complete a task. True False
True
Social engineering is the act of manipulating users into revealing confidential information. True False
True
Symmetric key algorithms are a type of cipher that uses a single key, identical keys, or closely related keys. True False
True
Symmetric key algorithms require a secure initial exchange of one or more secret keys. True False
True
The Sarbanes-Oxley (SOX) act governs the disclosure of financial and accounting information. True False
True
The ultimate goal of risk management is to reduce all risk to a level acceptable to the organization. True False
True
To change permissions on a file in Linux, you would use the chmod command. True False
True
When a Faraday cage is applied to an entire room, electromagnetic energy will not pass through the walls in either direction. True False
True
What device should be used to ensure that a server does not shut down when there is a power outage? a.RAID 1 box b.UPS c.Redundant NIC d.Hot site
Uninterruptable Power Supply
Which of the following should be included in a password to make it complex? (Select the three best answers.) a. Uppercase letters b. Numbers c. Special characters d. Function keys
Uppercase letters Numbers Special Characters
Which of the following keeps every user in a standard user mode instead of as an administrator, even if the user is a member of the administrators group? a.Password policy b.Administrator policy c.Vista access control d.User Account Control
User Access Control
Of the following, what are two good ways to protect the computer? (Select the two best answers.) a.Verify that the guest account is disabled. b.Rename and password protect the administrator account. c.Delete the administrator account. d.Remove password policies.
Verify that the guest account is disabled, Rename and password protect the administrator account
Which of the following questions should you take into account when securing log files? (Select the two best answers.) a.Were the log files encrypted and hashed? b.Are the logs stored in multiple locations? c.Were the log files encrypted in a Kerberos system? d.How big are the log files?
Were the log files encrypted and hashed? Are the logs stored in multiple locations?
Which of the following best describes dumpster diving? a.When a person literally scavenges for private information in the garbage b.When a malicious individual leaves infected removable media lying in the garbage c.When an unauthorized person tags along with an authorized person to gain entry to a restricted area d.When a person looks for important data by phishing in a lake
When a person literally scavenges for private information in the garbage
Which of the following is a protocol analyzer? Select one: a.Nessus b.Cain & Abel c.Wireshark d.John the Ripper
Wireshark