Security + Exam 2
What is the minimum number of load balancers needed to configure active/active load balancing?
2
What is a virtual firewall?
A firewall that runs in the cloud
Which is an IPsec protocol that authenticates that packets received were sent from the source?
AH
In which of the following configurations are all the load balancers always active?
Active-active
which choice identifies attributes required for an x.509 compliant digital certificate?
All of these
Which firewall rule action implicitly denies all other traffic unless explicitly allowed?
Allow
Which feature of Windows 10 establishes a persistent virtual private network (VPN) connection when there is Internet connectivity?
Always On VPN
Which type of monitoring methodology looks for statistical deviations from a baseline?
Anomaly monitoring
Which of the following is NOT a means by which a newly approved root digital certificate is distributed?
Application updates
Which of the following can be used to detect malicious activities? [Choose all that apply]
CCTV Cameras Alarms
What is the name of the device protected by a digital certificate?
CN
Which block cipher mode of operating requires that both the message sender and receiver access a counter that computes a new value whenever a ciphertext block is exchanged?
CTR
What is the name of the fields in an X.509 digital certificate that are used when the parties negotiate a secure connection?
Certificate attributes
A centralized directory of digital certificates is called a(n) _____.
Certificate repository (CR)
Which of the following should be mentioned by a network diagram? [Choose all that apply.]
Connectivity between the devices Devices present on the network IP addresses and names of the devices
Which of the following does NOT describe an area that separates threat actors from defenders?
Containment space
Which of the following relates to the term Data Sovereignty?
Country specific laws and regulations
What entity calls in crypto modules to perform cryptographic tasks?
Crypto service provider
Which of the DLP sensor choices requires communication with the DLP server?
DLP agent
Which of the following attack is also known as DNS spoofing?
DNS poisoning
Tomaso is explaining to a colleague the different types DNS attacks. Which DNS attack would only impact a single user?
DNS poisoning attack
Maja has been asked to investigate DDoS mitigations. Which of the following should Maja consider?
DNS sinkhole
Which of these is NOT used in scheduling a load balancer?
Data within the application message itself
One way to secure data is through Data Loss Prevention (DLP). Which of the choices is not a data type protected by DLP?
Data-to-disclose
In an organization, in which of the following places would you avoid installing a fire suppression system? [Choose all that apply]
Datacenter Server Room
Which of the following type of security controls involves installing bollards?
Deterrent
Which of the following type of security control are CCTV cameras? [Choose all that apply]
Deterrent Detective
What is the strongest technology that would assure Alice that Bob is the sender of a message?
Digital certificate
What does the arp -a command do?
Displays arp cache
What is the difference between a DoS and a DDoS attack?
DoS attacks use fewer computers than DDoS attacks.
Juan needs a certificate that must only authenticate that a specific organization has the right to use a particular domain name. What type of certificate does he need?
Domain validation
How is confidentiality achieved through IPsec?
ESP
When setting up a data center in a particular geography, which of the following points must be considered? [Choose all that apply]
Fiber backbone availability Type of connectivity available Internet service provider's presence Locations of the customers Power availability
Which of the following functions does a network hardware security module NOT perform?
Fingerprint authentication
Which device intercepts internal user requests and then processes those requests on behalf of the users?
Forward proxy server
Which of the following contains honeyfiles and fake telemetry?
High-interaction honeypot
Calix was asked to protect a system from a potential attack on DNS. What are the locations he would need to protect?
Host table and external DNS server
In the lab, which of the choices was installed?
Host-based firewall
Which of the following term relates to the accuracy and consistency of data?
Integrity
Which of the following is NOT a reason that threat actors use PowerShell for attacks?
It can be invoked prior to system boot.
Which statement regarding a demilitarized zone (DMZ) is NOT true?
It contains servers that are used only by internal network users.
How does BPDU guard provide protection?
It detects when a BPDU is received from an endpoint.
Which of the following is NOT true about VBA?
It is being phased out and replaced by PowerShell.
Which of the following is NOT correct about L2TP?
It must be used on HTML5 compliant devices.
Which refers to a situation in which keys are managed by a third party, such as a trusted CA?
Key escrow
Which of the following is globally unique in the system?
MAC address
Which of the following is not a basic configuration management tool?
MAC address schema
Deacon has observed that the switch is broadcasting all packets to all devices. He suspects it is the result of an attack that has overflowed the switch MAC address table. Which type of attack is this?
MAC flooding attack
Which of the following can be triggered when a document opens?
Macro
Which of the following offerings can be provided by a Cloud Access Service Broker (CASB)? [Choose all that apply]
Malware prevention Threat prevention Cloud governance Data Loss Prevention (DLP) Identity and Access Management (IAM)
Which attack intercepts communications between a web browser and the underlying OS?
Man-in-the-browser (MITB)
Hanna has received a request for a data set of actual data for testing a new app that is being developed. She does not want the sensitive elements of the data to be exposed. What technology should she use?
Masking
Which of the following tools can be used to conduct a Distributed Denial-of-Service (DDoS) attack? [Choose all that apply]
Nemesy UDP Flooder HTTP Unbearable Load King (HULK) DAVOSET
Which of the following can be used to detect if a Trojan has infected a system?
Netstat
You want to view the arp cache. Which command would you use?
None of these
Elton needs his application to perform a real-time lookup of a digital certificate's status. Which technology would he use?
Online Certificate Status Protocol (OCSP)
You want the latest status of a digital certificate. Which technology or protocol would you use?
Online Certificate Status Protocol (OCSP)
Theo uses the Python programming language and does not want his code to contain vulnerabilities. Which of the following best practices would Theo NOT use?
Only use compiled and not interpreted Python code.
Which of the following is an open source toolkit used to implement the SSLv3 and TLS v1 protocols?
OpenSSL
Proteus has been asked to secure endpoints that can be programmed and have an IP address so that they cannot be used in a DDoS attack. What is the name for this source of DDoS attack?
Operational Technology
What is the file extension for a Cryptographic Message Syntax Standard based on PKCS#7 that defines a generic syntax for defining digital signature and encryption?
P7B
Which device is connected to a port on a switch in order to receive network traffic?
Passive IDS
Which of the following are ways of configuring access control lists (ACL)? [Choose all that apply]
Per-group basis Per-user basis Using an effective right mask
Leah is researching information on firewalls. She needs a firewall that allows for more generic statements instead of creating specific rules. What type of firewall should Leah consider purchasing that supports her need?
Policy-based firewall
If you are using a USB data blocker, which type of security control are you using?
Preventive
Which of the following sensors can detect an object that enters the sensor's field?
Proximity
Who verifies the authenticity of a CSR?
Registration authority
A mail gateway can have many functions. Which choice is NOT one of those functions?
Require full tunnel
Which of the following is used to target SSL-enabled sessions and non-SSL-enabled links to sniff their contents?
SSL Strip
Of the choices listed, which is the correct protocol to access a remote computer and execute commands?
Secure Shell (SSH)
Which is a protocol for securely accessing a remote computer in order to issue a command?
Secure Shell (SSH)
_____ are symmetric keys to encrypt and decrypt information exchanged during the session and to verify its integrity
Session keys
Sofie needs to configure the VPN to preserve bandwidth. Which configuration would she choose?
Split tunnel
Which of the following is not a basic configuration management tool?
Split tunnel
Emilie is reviewing a log file of a new firewall. She notes that the log indicates packets are being dropped for incoming packets for which the internal endpoint did not initially create the request. What kind of firewall is this?
Stateful packet filtering
Which of the following is a tool for editing packets and then putting the packets back onto the network to observe their behavior?
Tcpreplay
What is the result of an ARP poisoning attack?
The ARP cache is compromised.
Which of the following statements describe the implications of IPv6? [Choose all that apply]
The adoption of IPv6 is still missing with many organizations Devices and operating systems need to be upgraded Networks need to be upgraded or redesigned IPv6 addresses are long and difficult to remember
What is Bash?
The command-language interpreter for Linux/UNIX OSs
Olivia is explaining to a friend about digital certificates. Her friend asks what two entities a digital certificate associates or binds together. What would Olivia say?
The user's identity with their public key
Which is the first step in a key exchange?
The web browser sends a message ("ClientHello") to the server.
What is the purpose of certificate chaining?
To group and verify digital certificates
Which of the following can a digital certificate NOT be used for?
To verify the authenticity of the CA
Which of the following is NOT a Microsoft defense against macros?
Trusted domain
Estevan has recommended that the organization hire and deploy two security guards in the control room to limit the effect if one of the guards has been compromised. What is Estevan proposing?
Two-person integrity/control
Which of these appliances provides the broadest protection by combining several security functions?
UTM
Which of the following is NOT a NAC option when it detects a vulnerable endpoint?
Update Active Directory to indicate the device is vulnerable.
Which of the following tasks can be performed using the out-of-band management feature in network devices? [Choose all that apply]
Upgrade the firmware Perform maintenance Power-on the network device Reinstall the operating system Reboot the network device
Which of the following is NOT a firewall rule parameter?
Visibility
Which of the following tool can be used to automate the setup of an evil twin?
Wi-Fi Pineapple
You want to clear the arp cache. Which command would you use?
arp -d
You want to add an entry to the ARP table. Which command would you use?
arp -s (IP address and MAC address)
Eros wants to change a configuration file on his Linux computer. He first wants to display the entire file contents. Which tool would he use?
cat
Which utility sends custom TCP/IP packets?
hping
Which of the following nmap command is used for file-exclusion?
nmap -iL /tmp/scanlist.txt --excludefile /tmp/exclude.txt
Which of the following command is used to detect OS on a target?
nmap -o
Which of the following command is used to perform FIN scan?
nmap -sF
Which of the following command is used to perform xmas tree scan?
nmap -sX -v
Which of the following is a third-party OS penetration testing tool?
sn1per
Gregory wants to look at the details about the patch a packet takes from his Linux computer to another device. Which Linux command-line utility will he use?
traceroute
