FINAL

Which of the following is the strongest password? a. |ocrian b. Marqu1sD3S0d c. This1sV d. Thisisverysecure

#This1sV#ryS3cure

Within the birthday paradox, what is the probability that two people have the same birth date within a group of 23 people? a.99 percent b.100 percent c.50 percent d.23 percent

50 percent

Which of the following is a common encryption standard used today and can work with a 256-bit block size? a.AES b.DES c.Triple DES d.RC4

AES

Which of the following types of policies define the rules that restrict how a computer or other system may be used by an employee? a.Change management b.Due process c.Acceptable use d.Job rotation

Acceptable use

Which of the following is the amount of times per year that a specific incident occurs? a.SLE b.ARO c.ALE d.MAC

Annualized Rate of Occurrence (ARO)

You are contracted to conduct a forensic analysis of a computer. What should you do first? a.Back up the system. b.Analyze the files. c.Scan for viruses. d.Make changes to the operating system.

Back up the system

What is a certificate added to when it is considered to be no longer valid? a.Key escrow b.CRL c.CA d.RA

Certificate Revocation List

Which of the following will have tables, chairs, restrooms, and possibly some basic phone, data, and electric lines? a.Cold site b.Warm site c.Hot site d.Duplicate site

Cold site

What key combination helps to secure the logon process? a.Windows+R b.Ctrl+Shift+Esc c.Ctrl+Alt+Del d.Alt+F4

Ctrl+Alt+Del

When conducting an audit, what should be done after risk has been scanned for, analyzed, and calculated? a.Define exactly what should be audited. b.Create backups. c.Create a list of vulnerabilities. d.Develop a plan to mitigate risk.

Develop a plan to mitigate risk

Which of the following is when a prearranged list of likely words is attempted one at a time? a.Brute-force attack b.Dictionary attack c.Cryptanalysis attack d.Guessing

Dictionary Attack

A person complains that he cannot see any events in the Event Viewer. Which of the following questions should you not ask the person? a.Did you reboot your computer? b.Has auditing been turned on in a policy? c.Was auditing enabled for the individual objects? d.Do you have administrative capabilities?

Did you reboot your computer?

Which of the following backs up only the contents of a folder that have changed since the last full backup? a.Full backup b.Differential backup c.Copy backup d.Towers of Hanoi

Differential Backup

Which of the following is when a thief attempts to take responsibility for a shipment by diverting the delivery to a nearby location? a.Pretexting b.Diversion theft c.Phishing d.Baiting

Diversion theft

Which of the following can be summed up as ensuring that IT infrastructure risks are known and managed? a.Separation of duties b.Due diligence c.Due care d.Due process

Due dilligence

Which of the following encryption algorithms is based on the structure of an elliptic curve? Select one: a.RSA b.ECC c.RC4 d.One-time pad

Elliptic Curve Cryptography

In a standard incident response process, which of the following steps happens after containment? a.Identification b.Recovery c.Eradication d.Lessons learned

Eradication

Which of the following is not part of the three-step auditing process? a.Enabling auditing for files b.Turning on an auditing policy c.Evaluating the system log d.Reviewing the security log

Evaluating the system log

Which of the following is also known as "high-availability clusters"? a.Failover clusters b.Load-balancing clusters c.CPU clusters d.Redundant clusters

Failover clusters

A broadcast storm is when the TCP/IP handshake has been compromised. True False

False

A portable gas engine generator is the best solution for a company that wants a permanently installed generator True False

False

A stream cipher is a type of algorithm that encrypts a group of bits collectively as individual units known as blocks. True False

False

A surge is a short transient in the voltage that can be due to a short circuit or power outage. True False

False

A wet pipe system is known as a special hazard protection system. True False

False

An SNMP agent is software run on a server to monitor the network. True False

False

Anomaly-based monitoring uses predetermined attack patterns. True False

False

Behavior-based monitoring establishes a performance baseline based on a set of normal network traffic evaluations. True False

False

By default, Wireshark is non-promiscuous. True False

False

Certificates are digitally signed electronic documents that bind a private key with a user identity. True False

False

Change management is when more than one person is required to complete a particular task or operation. True False

False

DES is a commonly-used block cipher. True False

False

Encryption is a type of cipher. True False

False

Fire Class K extinguishers should be used for electrical fires. True False

False

If you move a folder to a different location on the same volume, that folder will lose its permissions. True False

False

In quantitative risk assessment: SLE X ALE = ARO True False

False

Lattice-based access control is an example of role-based access control. True False

False

Least privilege is a concept that denies all traffic to a resource unless the user is specifically granted access to that resource. True False

False

Most PKIs use a web of trust model. True False

False

OVAL is a type of penetration testing. True False

False

One of the reasons to have job rotation implemented is to increase employee boredom. True False

False

One of the strategies an organization might employ when managing a particular risk is to accept none of the risk. True False

False

Passive security analysis is when actual hands-on tests are run on a system. True False

False

Public keys are known only to specific users who keep the key secret. True False

False

Qualitative risk assessment measures risk by using exact monetary values. True False

False

RAID 1 is known as striping with parity. True False

False

Redundant power supplies can help in the case of a brownout. True False

False

SNMP uses port 143 True False

False

Steganography uses a certificate authority to manage keys. True False

False

TEMPEST is a type of Faraday cage. True False

False

The first phase of the incident response process is Identification. True False

False

Which of the following backup schemes could be described as using a daily, weekly, and monthly set of tapes? a.10 tape rotation b.Grandfather-father-son c.Towers of Hanoi d.Six-tape scheme

Grandfather-father-son

A summary of a file or message best describes which of the following? a.Hash function b.MD5 c.Hash d.LANMAN

Hash

Which of the following could be described as an attempt at deceiving people into believing something that is false? a.Shoulder surfing b.Eavesdropping c.Hoax d.Piggybacking

Hoax

Which of the following is a near duplicate of the original site of the organization? a.Cold site b.Warm site c.Hot site d.Duplicate site

Hotsite

Which of the following is used to secure L2TP sessions? a.S/MIME b.PPTP c.SSH d.IPsec

IPsec

When conducting a risk assessment, which of the following should you do after identifying threats and threat likelihood? (Select the two best answers.) a.Identify the organization's assets. b.Identify vulnerabilities. c.Identify a potential monetary impact. d.Identify the impact assessment.

Identify a potential monetary impact identify the impact assessment

Which of the following will back up only the contents of a folder that have changed since the last full backup or the last incremental backup? a.Full backup b.Incremental backup c.Differential backup d.Copy backup

Incremental Backup

Which of the following is best described as when certificate keys are held in the case that third parties such as government or other organizations need access to encrypted communications? a.Key escrow b.CRL c.CA d.RA

Key escrow

Lattice-based access control is an example of what type of access control policy? a.DAC b.RBAC c.MAC d.Rule-based access control

Mandatory Access Control

Which of the following is an access control policy determined by a computer system and not by a user or owner? Select one: a.DAC b.MAC c.RBAC d.Discretionary security policy

Mandatory Access Control

Which of the following is based off of the MD5 hash? a.LANMAN b.NTLM c.NTLMv2 d.SHA-1

NTLMv2

Which of the following is the newest and strongest Windows hash? a.LANMAN b.NTLM c.NTLMv2 d.NTLMv3

NTLMv2

Which of the following is a vulnerability assessment tool? Select one: a.John the Ripper b.AirSnort c.Nessus d.Cain & Abel

Nessus

Which of the following types of encryption can encrypt plaintext with a secret random key that is the same length as the plaintext? a.PGP b.ECC c.One-time pad d.RSA

One-time pad

In a discretionary access control model, who is in charge of setting permissions to a resource? a.Owner of the resource b.Administrator c.Any user of the computer d.Administrator and the owner

Owner of the resource

"Maximum and minimum password age" is part of which of the following? a. Organizational unit b. Group policy editor c. Password policy

Password policy

Which of the following would not be considered part of a disaster recovery plan? a.Hot site b.Patch management software c.Backing up computers d.Tape backup

Patch management software

Which one of the following is the attempt at fraudulently obtaining private information through e-mail? Select one: a.Pretexting b.Diversion theft c.Phishing d.Baiting

Phishing

Which of the following is not a category of disaster? a.Fire b.Flood c.Successful malicious attack d.Pretexting

Pretexting

Which of the following is when a person invents a scenario in the hope of persuading a victim to divulge information? a.Pretexting b.Diversion theft c.Phishing d.Baiting

Pretexting

Which act governs the collection, use, and dissemination of personally identifiable information? a.Privacy Act of 1974 b.SOX c.HIPAA d.Gramm-Leach-Bliley Act

Privacy Act of 1974

Which tool can be instrumental in capturing FTP GET requests? a.Vulnerability scanner b.Port scanner c.Performance Monitor d.Protocol analyzer

Protocol analyzer

Which of the following uses the equation SLE x ARO = ALE? a.Qualitative risk assessment b.Passive security analysis c.Quantitative risk assessment d.ALE. e.Active security analysis

Quantitative Risk Assessment

Which of the following can be described as striping with parity? a.RAID 0 b.RAID 1 c.RAID 5 d.RAID 0+1

RAID 5

Which of the following is a stream cipher? a.DES b.RC4 c.AES d.RC6

RC4

Which of the following are asymmetric encryption algorithms? (Select the two best answers.) a.RSA b.RC6 c.Diffie-Hellman d.AES

RSA and Diffie-Hellman

Which of the following best describes an audit trail? a.Records or logs that show the tracked actions of users b.Ensuring that a person or group cannot refute the validity of your proof c.Files that log activity of users d.Software deployed via the network management system

Records or logs that show the tracked actions of users

Which of the following access control policies is based on sets of permissions involved in an operation? a. DAC b. RBAC c. MAC d. Rule-based access control

Rule Base Access Control

Which of the following employs a 160-bit hash? a.MD5 b.SHA-1 c.SHA-2 d.NTLM

SHA-1

You are setting up auditing on a Windows computer. If set up properly, which log should have entries? a.Application log b.System log c.Security log d.Maintenance log

Security Log

Which of the following is not an example of a default hidden share? a.IPC$ b.Security$ c.Admin$ d.C$

Security$

Which of the following is the most basic form of IDS? a.Anomaly-based b.Behavior-based c.Signature-based d.Statistical-based

Signature-Based

Which of the following can be defined as the loss of value in dollars based on a single incident? a.SLE b.ARO c.ALE d.MAC

Single Loss Expectancy SLE

Which type of certificate is most commonly used by communications sessions? a.Single-sided certificate b.Dual-sided certificate c.Web of trust d.Certificate authority

Single sided certificate

Which of the following scenarios would not use a PKI? a.E-commerce and web logins b.E-mail and other communications c.Symmetric key algorithms d.Virtual private networks

Symmetric key algorithms

What do hackers use malicious port scanning to accomplish? a.The "fingerprint" of the operating system b.The topology of the network c.All the computer names on the network d.All the usernames and passwords

The "fingerprint" of the operating system

Which of the following are examples of penetration testing methods? (Select the two best answers.) a.The Open Source Security Testing Methodology Manual b.OVAL c.NIST penetration testing d.CERDEC

The Open Source Security Testing Methodology Manual, NIST penetration testing

What is the main reason to frequently view the logs of a DNS server? a.To defend against DoS attacks b.To prevent domain name kiting c.To monitor unauthorized zone transfers d.To create aliases

To monitor unauthorized zone transfers

Which of the following data sensitivity classifications is often broken into sections on a need-to-know basis? a.Public information b.Confidential information c.Internal information d.Top secret information

Top secret information

A CO2 fire extinguisher displaces the oxygen needed for a fire to burn. True False

True

A Class D fire extinguisher should be used in a chemical laboratory. True False

True

A UPS combines the functionality of a surge suppressor and a battery backup. True False

True

A blackout is when a total loss of power occurs for a prolonged period. True False

True

A cryptanalysis attack is a type of password cracking method. True False

True

A fire extinguisher denoted by a green triangle should be used for ash fires. True False

True

A key is an essential piece of information that determines the output of a cipher. True False

True

A single point of failure is an element, object, or part of a system that, if it fails, can cause the entire system to fail. True False

True

Active Directory Users and Computers can be used to add organizational units to a domain. True False

True

An NMS is the software run on one or more servers that control the monitoring of network-attached devices and computers. True False

True

Baselining is the process of measuring changes in networking. True False

True

Battery-inverter generators use lead-acid batteries. True False

True

Cryptography is the practice and study of hiding the meaning of a message. True False

True

DAC is an access control policy generally determined by the owner. True or False

True

Due process refers to the principle that an organization must respect and safeguard personnel's rights. True False

True

FM-200 systems use a clean agent fire extinguishant. True False

True

Failure-resistant disk systems protect against data loss due to disk failure. An example of this would be RAID 1 mirroring. True False

True

Full control is a type of NTFS permission that might be enabled within an access control list. True False

True

If a child folder is inheriting its permissions from a parent folder, it could be said that the parent is propagating those permissions to the child. True False

True

If a key pair is generated at a local computer, it is considered to be decentralized. True False

True

In a signature-based monitoring environment, network traffic is analyzed for predetermined attack patterns True False

True

In data sensitivity classifications, information available to anyone is called public information. True False

True

In the five steps of vulnerability management, prioritizing vulnerabilities should happen before mitigation of vulnerabilities. True False

True

Most certificates are based on the X.509 standard. True False

True

NMAP is a type of vulnerability scanner. True False

True

PKIs manage, store, and revoke digital certificates. True False

True

Public key cryptography uses asymmetric keys alone or in addition to symmetric keys. True False

True

RAID 0+1 combines the advantages of RAID 0 and RAID 1. True False

True

Risk management can be defined as the identification, assessment, and prioritization of risks. True False

True

Security monitoring can be augmented by using a SIEM solution. True False

True

Separation of duties is when more than one person is required to complete a task. True False

True

Social engineering is the act of manipulating users into revealing confidential information. True False

True

Symmetric key algorithms are a type of cipher that uses a single key, identical keys, or closely related keys. True False

True

Symmetric key algorithms require a secure initial exchange of one or more secret keys. True False

True

The Sarbanes-Oxley (SOX) act governs the disclosure of financial and accounting information. True False

True

The ultimate goal of risk management is to reduce all risk to a level acceptable to the organization. True False

True

To change permissions on a file in Linux, you would use the chmod command. True False

True

When a Faraday cage is applied to an entire room, electromagnetic energy will not pass through the walls in either direction. True False

True

What device should be used to ensure that a server does not shut down when there is a power outage? a.RAID 1 box b.UPS c.Redundant NIC d.Hot site

Uninterruptable Power Supply

Which of the following should be included in a password to make it complex? (Select the three best answers.) a. Uppercase letters b. Numbers c. Special characters d. Function keys

Uppercase letters Numbers Special Characters

Which of the following keeps every user in a standard user mode instead of as an administrator, even if the user is a member of the administrators group? a.Password policy b.Administrator policy c.Vista access control d.User Account Control

User Access Control

Of the following, what are two good ways to protect the computer? (Select the two best answers.) a.Verify that the guest account is disabled. b.Rename and password protect the administrator account. c.Delete the administrator account. d.Remove password policies.

Verify that the guest account is disabled, Rename and password protect the administrator account

Which of the following questions should you take into account when securing log files? (Select the two best answers.) a.Were the log files encrypted and hashed? b.Are the logs stored in multiple locations? c.Were the log files encrypted in a Kerberos system? d.How big are the log files?

Were the log files encrypted and hashed? Are the logs stored in multiple locations?

Which of the following best describes dumpster diving? a.When a person literally scavenges for private information in the garbage b.When a malicious individual leaves infected removable media lying in the garbage c.When an unauthorized person tags along with an authorized person to gain entry to a restricted area d.When a person looks for important data by phishing in a lake

When a person literally scavenges for private information in the garbage

Which of the following is a protocol analyzer? Select one: a.Nessus b.Cain & Abel c.Wireshark d.John the Ripper

Wireshark