Practice Test A
You are the administrator for a school district network. Primarily end users (students, teachers, and administrators) will only use the network during normal business hours. You want to prevent after hours hacking attempts. What is the most effective way to ensure this?
Create security policies with time of day restrictions.
You work as a technician for Tech Perfect Inc. You are troubleshooting an Internet name resolution issue. You ping your ISP's DNS server address and find that the server is down. You want to continuously ping the DNS address until you have stopped the command. Which of the following commands will you use?
ping -t
You work as a security analyst and need an encryption methodology for your company's network. You want that the solution must use public key encryption keyed to the user's email address. Which of the following will you select to accomplish this?
PGP
Sam, a security administrator, wants to keep vulnerabilities safe from being exploited by a malicious user. Which of the following should he implement to accomplish this task?
Patching
James works as a security administrator for a company. He wants to actively test that an application's security controls are in place or not. Which of the following assessments will he perform to test this?
Penetration test
Martha receives an e-mail message containing a notice that appears to be from her bank, asking her to call and update her password. Which type of attack is this?
Phishing
An attacker uses a compromised host as a platform to spread an attack to other points in the network. Which type of attack is this?
Pivoting
David works as a network administrator for a large company. The company is deciding to allow trusted third-party vendors to access the corporate intranet. What should David do to secure intranet?
Place intranet servers in a DMZ so that both corporate users and trusted vendors can access it.
You, as a team leader have to use the right type of cloud service that can help your application developers team by providing programming elements such as runtime environments. Which service will you recommend?
Platform as a Service (PaaS)
Which of the following technologies protects data through deep content inspection and contextual security analysis of transaction?
Data loss prevention
A common attack pattern of an intruder who is able to log on as a normal user account is to increase the capabilities of the compromised account to facilitate further actions and attacks. What is this attack pattern called?
Privilege escalation
A user can obtain access to additional resources or functionality that they are normally not allowed to access. This is best described as what type of an attack?
Privilege escalation
Max, the security administrator, wants to quantify all traffic on his network. Which of the following tools will be best for him to use?
Protocol analyzer
Rex, a security administrator, wants to discover the type, source, and flags of the packet crossing a network for troubleshooting purposes. Which of the following will best help him to do so?
Protocol analyzer
Which of the following radio frequencies is used by an IEEE 802.11g wireless network?
2.4 GHz
Beverly uses asymmetric cryptography for her company's e-commerce site. The private key has been released on the internet. What is the result of this?
A new public/private key should be generated; the current is no longer usable.
Which mechanism or process is used to enable or disable access to a network resource based on an IP address?
ACL
Rena works as an employee in an organization. She has a corporate workstation that has been compromised due to several visits to P2P sites. She claimed that she was not aware of any company policy that prohibits the use of such web sites. Which of the following is the best method to obviate employees from the improper use of the company's information systems?
Acceptable use policy
John works as a network administrator for uCertify Inc. He wants to facilitate communication and provide enhanced security to wireless devices of his company. Which of following devices will he use?
Access point
You work as a security analyst for a company. After analyzing the company employees' activities from multiple sensors, you've determined that a group from a high-risk country is responsible for the breach of the company network and continuous administration of targeted attacks for the past three months. However, the attack went unnoticed till now. This is an example of which type of an attack?
Advanced persistent threat
James, an employee, is interchanging encrypted email with another party. He encrypts the initial email with a key. When James receives a response in return, he is not able to decrypt the response with the same key he used earlier. Which of the following would explain this scenario?
Asymmetric encryption
Jay goes through a biometric test to enter in a government restricted location. Biometric devices play a role in access control. Which of the following services do they perform?
Authentication
Which of the following is a password attack that doesn't try to decrypt any information but continues to try every possible valid combination for a key or password?
Brute force attack
Which of the following is referred to employees who bring their personal devices into the company network environment?
BYOD
Anna, a cybersecurity analyst, recently discovered a Trojan on a server. She is now concerned about a security breach that still exists on a server and allows unauthorized people to access data. So, for this, she should be looking for the presence of which of the following threats?
Backdoor
Martha reports that she is getting unsolicited messages on her mobile device whenever she switches on Bluetooth. Which type of attack is this?
Bluejacking
A network technician reports to a compromised workstation. The technician secures the area, documents the scene, checks the compromised machines by taking them offline and then leaves them there without making any record. Which of the following steps in the incident handling has not been performed correctly by the network technician?
Chain of custody
Which of the following attacks involves multiple compromised systems to attack a single target?
DDoS attack
Andrew, a server technician, wants to apply a strong magnetic field to wipe the data from his hard drive. Which of the following techniques will he use?
Degaussing
While testing, a security manager finds that several disruptions are due to a lack of redundancy in the disk controller configuration. Which of the following features will the security manager look for in a new configuration to correct this?
Disk duplexing
Lisa is a network security administrator for a cloud computing vendor. What is the primary data protection security issue?
Ensuring that customer data is segregated
Although a vulnerability scan report shows no vulnerabilities have been discovered, the following penetration test reveals vulnerabilities on the network. Which of the following has been reported by the vulnerability scan?
False negative
Which of the following threat actors is an attacker motivated by a social issue or political cause?
Hacktivists
What form of cryptography is primarily labeled as a one-way function?
Hashing
You work as security administrator for a company. You need to secure a sales manager's computer to prevent intrusion. Which of the following will you use to accomplish the task?
Host-based firewall
Juan is the network administrator for XYZ company. He needs to place the web server somewhere on the company's network. From a security perspective, what is the best place to locate the network?
In the DMZ
Martha, a server technician, needs to perform a backup operation to copy or back up only those files that changed since the last full backup, which can also take the shortest time to complete the backup process. Which of the following backup methods should she use?
Incremental
What backup operation will copy or back up only those files that changed since the last full backup and will reset the archive bit?
Incremental
As a network administrator of a corporate network, you want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process. What will you do?
Install a network-based IDS.
John, a network administrator, wants to provide Internet access to users. He is concerned about virus threats and wants to protect the network against potential virus attacks from the Internet. Which of the following steps will he take to minimize the potential virus attacks?
Install anti-malware software on each workstation.
Ann, a pen tester, wants to list host information like host operating system and IP addresses of all the active hosts on a network. Which of the following tools would be suited for this task?
Nmap
Which of the following are the characteristics of a password as defined in the password policy? Each correct answer represents a complete solution. Choose all that apply.
It should include a unicode character. It should contain at least one capital letter.
Anna and Joe work as employees for an organization. Anna is responsible for writing the code on an accounting application, whereas Joe is responsible for writing code on a HR based application. But, once a year they have to switch roles for several weeks. Which of the following practices is being implemented in this scenario?
Job rotation
An organization wants to allow a certificate authority to gain access to the encrypted data and create digital signatures on behalf of the user. The data is encrypted using the public key from a user's certificate. Which of the following processes fulfills the above requirements?
Key escrow
Which of the following enables a company to keep a sensitive PKI component with a trusted third party?
Key escrow
Which protocol is based on an earlier X.500 specification and enables either unencrypted or encrypted authentication using TLS?
LDAP
Your web server crashes at exactly the point where it reaches 1 million total visits. You discover that the cause of the server crash is a malicious code. Which of the following best fits this description?
Logic bomb
You are a security consultant on assignment for a client regarding the encryption and hashing algorithms. The in-house network administrator tells you that the current hashing algorithm is an older one with known weaknesses and is not collision resistant. Which algorithm are they most likely using for hashing?
MD5
What kind of physical access device restricts access to a small number of individuals at one time?
Mantrap
In which of the following authentications do a client process and server need to prove their identities to each other before performing an application function?
Mutual
An incident response report discovers a virus that was introduced through a remote host connected to corporate resources. A security analyst has been asked for a recommendation to solve this issue. Which of the following should the analyst apply to accomplish the task?
NAC
You work as a security administrator for Dreams Unlimited Inc. While testing an application, before installing it for your production environment, you are required to determine if the application is sending a password in clear-text. Which of the following tools will help you the most?
Protocol analyzer
You work as a security administrator for Perfect World Inc. You are required to put a device on a network through which you can view IP headers on data packets passing through it. Which of the following devices will you use?
Protocol analyzer
Mark is attempting to evaluate the potential impact of a firewall breach at his company. He is only looking at the relationship between the threats, vulnerabilities, and controls to evaluate the impact of a hypothetical breach. What type of approach to risk analysis is this?
Qualitative
Jennifer, a network administrator, is implementing disk redundancy in all database servers. She also wants to use minimum number of disks. Which of the following RAID configurations will she use to complete implementation?
RAID 1
A storage administrator needs to select the appropriate RAID level that can recover the lost data if the server's hard drive crashes. Which of the following RAID levels provide fault tolerance to a database? Each correct answer represents a complete solution. Choose all that apply.
RAID 5 RAID 1 RAID 10
Which of the following are available on a cold site? Each correct answer represents a complete solution. Choose all that apply.
Space for furniture Electricity
Which of the following password attacks calculates all the possible hashes for a set of characters and stores them in a table?
Rainbow
Eric is a security administrator for uCertify Inc. John, a sales manager, reports Eric about an e-mail through which an attacker is asking for money to decrypt the source code that he has encrypted. Which of the following type of malware is it?
Ransomware
Ron, a security analyst, found an unknown design flaw in a product. He notices that correcting the flaw would be cost prohibitive, and it is an unknown flaw that would only affect a very small number of customers. Rather than recalling the product, he decided to simply leave the product as it is. This is best described as what type of risk response technique?
Risk acceptance
A company has developed an application which is undergoing the testing process. According to the results of the testing process, some changes have been made to the application. The company now wishes to check whether the changes made in the application have caused the previously existing functionality to fail or not. Which test should the company perform?
Regression
Which of the following is a security concern to hosting applications in the cloud?
Regulatory compliance of the hosted servers
Bob is a network administrator of a company. Management is very concerned about the risk of smart phones introducing security risks to the network. However, many employees need these devices for their work. Bob decides to allow smart phones only if they meet specific security criteria. What is this an example of?
Risk mitigation
An organization wishes to update its network resources for which it provides access only to its network managers and other network experts. It also wants the entries in the database table to be monitored for which it provides access to a database administrator. Which of the following factors is the organization using for providing access to a specific entity based on the entity's responsibilities?
Role-based
An attacker has maintained his access in an organization's system over a long period of time. Which of the following exploits is the attacker using?
Rootkit
Which of the following algorithms produces 160-bit hash values?
SHA-1
Rex is a security administrator for a company. He wants to limit the security team's ability to remediate vulnerabilities. Which of the following business documents should he use for reference? Each correct answer represents a complete solution. Choose two.
SLA MOU
Roy, a cybersecurity analyst, is reviewing IDS logs and notices the following entry: where [email protected] and password= 'or 1==1' Which of the following attacks had Roy discovered?
SQL injection
You are purchasing a webmail service. Under which of the following cloud services does it fall?
SaaS
A network administrator is implementing a development environment and wants that three virtual servers are cloned and placed in a new virtual network isolated from the production network. Which of the following defines the environment the administrator is building?
Sandbox
A security analyst wants to test a sample of malicious software for security purpose. For this, he wants to run the sample in a controlled and monitored virtual machine to observe the software's behavior. Which of the following is best for him to implement in this case?
Sandbox
A user, Maria, asks a technician to suggest her a service on her Windows 10 system that will perform a backup while the system is running. Which of the following services should the technician suggest her?
Shadow Copy
As a security administrator, you have implemented privacy screens and password protected screen savers on all servers and client computers. Which of the following attacks are you trying to mitigate?
Shoulder surfing
You are concerned about the operating systems on your servers, particularly your Web server. Which of the following are critical operating system hardening techniques you would implement on your Web server? Each correct answer represents a complete solution. Choose two.
Shut down unneeded services Update patches
Which of the following authentication factors includes the password, PIN, and so on?
Something user knows
Which of the following viruses masks itself from applications or utilities to hide itself by detection of antivirus software?
Stealth
An employee is suspected of embedding classified data within picture files and sending it to a competitor. If true, what is this employee used to do so?
Steganography
John used to work as network administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses the image hide tool and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he's using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?
Steganography
Which of the following encryption methods uses a single key to encrypt and decrypt data?
Symmetric
Which of the following involves discussing possible security risks in a low-stress environment?
Tabletop
A company does not have sufficient resources to manage its large infrastructure. A security administrator wants to syndicate the security controls of some of the network devices in the company. Which of the following methods would best accomplish this goal?
Unified Threat Management
You are the network administrator for a college. Wireless access is widely used at the college. You want the most secure wireless connections you can have. Which of the following would you use?
WPA2
Your company is about to add wireless connectivity to the existing LAN. You are concerned about the security of wireless access and want to implement encryption. Which of the following would be the best option for you to use?
WPA2
You've tasked Rex, one of your network specialists, for configuring new wireless routers in the building to extend the range of your network. Which of the following wireless encryption protocols should you recommend him to use to keep your network secure?
WPA2 with WPS disabled
An attacker sends e-mails to the company's Director and CEO. Which of the following terms best describes such attacks?
Whaling
The CEO of a company receives an apprehensive voice mail warning of credit card fraud. No one else in the company received the voice mail. Which of the following best describes this attack?
Whaling
Which of the following refers to how data is removed from the media?
Wiping
A penetration tester wants to analyze the to and fro traffic from a company's network. Which of the following tools would the tester use?
Wireshark
Ann, a security analyst, discovers unusual network traffic from a workstation. She notices that the workstation is communicating with a known malicious site over an encrypted tunnel. A full antivirus scan with an updated antivirus signature file does not show any sign of this infection. Which of the following attacks has occurred on the workstation?
Zero-day attack
Which Windows command-line utility is used to determine the route data takes to get to a specific destination?
tracert