Security + Practice Exam 1
Your company has recently decided to implement a Kerberos environment for user authentication. What is the most important component in a Kerberos environment?
The Key Distribution Center (KDC)
Your company contracts with a third-party janitorial service to clean the offices every night. Which one of these policies presents the greatest risk to the organization if it is NOT implemented?
Clean desk policy
Your company issues mobile devices to certain personnel. You enable a screen lock on each of the devices that requires users to enter a code. You need to ensure that the device cannot be used if a wrong code is entered five times in a row. What should you do?
Enable lockout.
Your company decides to implement a RAID-5 array on several file servers. Which feature is provided by this deployment?
High availability
Which of the following would be an example of a design weakness?
Not including a DMZ
You need to examine some additional information about a key. Specifically, you want to validate the address information of the certificate owner. What could you examine to accomplish this?
OID (Object identifiers)
You have recently implemented a new public key infrastructure (PKI) for your organization. You need to back up the entity that is responsible for certifying the public key pair of the root CA. Which entity must you back up?
Root CA
Recently, your organization implemented a new security policy which states that watermarks must be used for all copyrighted material. Which statement is true of a watermark?
A watermark can enable you to detect copyright violations.
You suspect that several users are attempting to install unauthorized software. Upon researching, you discover that the attempts were unsuccessful. What tool did you implement that logged those attempts and identified the users?
Application whitelisting
The business continuity team is interviewing users to gather information about business units and their functions. Which part of the business continuity plan includes this analysis?
BIA (business impact analysis)
Match the descriptions on the left with the malware types on the right.
Backdoor - a developer hook in a system or application that allows developers to circumvent normal authentication Logic bomb - a program that executes when a certain predefined event occurs Spyware - a program that monitors and tracks user activities Trojan horse - a program that infects a system under the guise of another legitimate program
You are building a public-access WiFi system for a new hotel. You want to require the users to accept a fair use policy before connecting to the Internet. Which of the following should you implement?
Captive portal
What is typically part of an information policy?
Classification of information
The client's specifications dictate that you use a Base64 ASCII-encoded certificate. Which of the following certificate types would NOT be acceptable?
DER (Distinguished Encoding Rules)
Your company deploys several LDAP servers, which is used to allow users to locate resources. What contains LDAP entries?
DIT (direct ory information tree)
Which spyware technique inserts a dynamic link library into a running process's memory?
DLL injection
An advanced user has recently had several new peripheral devices added to his desktop computer. You are concerned about peripheral devices becoming infected with malware. Which peripheral devices should you examine? (Choose all that apply.)
Digital camera External storage devices WiFi enabled micro SD cards
What type of documentation includes rules for ISO compliance, adhering to NIST guidelines, and conforming to PCIDSS and other standards?
General-purpose guides only
You are aware that any system in the demilitarized zone (DMZ) can be compromised because the DMZ is accessible from the Internet. What should you do to mitigate this risk?
Implement every computer on the DMZ as a bastion host.
While developing an incident response plan for your client, you outline the roles and responsibilities of a cyberresponse team. You also describe the establishment and formation of that team. What time frame should you specify for the formation of a cyber-incident response team?
In advance of an incident occurring
Which part of the forensic process deals with collecting information to be used during legal proceedings, as well as locating information that may be used by the opposition against you?
Intelligence gathering
You are investigating the authentication protocols used on your network. You discover that several authentication protocols are being used on your network. Which authentication protocol is the oldest?
LANMan
Your company is establishing new employment candidate screening processes. Which of the following should be included? (Choose all that apply.)
Perform a background check. Review military records and experience. Check all references. Verify all education.
You have two wireless networks in your building. The wireless networks do not overlap. Both of them use Wi-Fi Protected Access (WPA). You want to ensure that no unauthorized wireless access points are established. What should you do?
Periodically complete a site survey.
You perform a server scan and find that you have a high amount of Telnet traffic. You have installed several new peripheral devices on the server. Which newly installed peripheral device is most likely causing this problem?
Printer
Your client's HR practices include promotion from within, and transferring people between offices on a regular basis. It seems like the most common question you hear when employees talk on the phone is "What office are you working at now and what are you doing?" What practice will ensure that a user's permissions are relevant and current?
Recertification
You have been asked to implement the e-mail security method that is defined in RFC 2632 and RFC 2634. Which e-mail security method should you implement?
S/MIME
Your company needs to protect message integrity. Management decides that you need to implement an algorithm that uses 160-bit checksums. Which algorithm should you implement?
SHA (Secure Hashing Algorithm)
You have been hired as a security consultant for a new company named Verigon. Verigon needs guidance on which protocols to implement on the network. Match the protocols on the left with the correct description on the right.
Secure web access - HTTPS Secure time synchronization - Secure NTP Secure email download - Secure POP3 Secure domain name resolution - DNSSEC Network address allocation - DHCP
You need to incorporate SAML and SSO into a web application. Which of the following would you use?
Shibboleth
Which of the following secure coding techniques protects against injection attacks?
Stored procedures
Which of the following common use cases would address the issue of data leakage from a side-channel attack?
Supporting high resiliency
Your users often forget their passwords and ask for assistance. You send a link to reset the password. You would like to incorporate a time limit for the user to respond to the link. Which would you incorporate?
TOTP (Time-based One Time Passwords)
Your organization is designing a database warehouse. Database administrators are trying to decide between implementing database-level, application-level, or warehouse-level security for the data warehouse. Which statements are TRUE? (Choose all that apply.)
The security table will likely become the largest table within the warehouse. Application-level security secures both the data and the functions of the application. Database-level security is best if there will be more than 100 users for the data warehouse. Database-level security is best if more than one application is being used to access the data warehouse.
Your client operates a 24-hour call center. Several different employees may log in to the same workstation in the course of a week. Machine (computer) certificates are currently used, but they do not provide sufficient security safeguards because more than one employee logs in to each machine. You need to ensure that each employee has his or her own credential. What should you implement?
User certificate
You have recently been notified by an application vendor that the application includes a rootkit. The manufacturer has released a patch that will remove the vulnerability from the application. What is a rootkit?
a collection of programs that grants a hacker administrative access to a computer or network
An IT technician has been assigned to install a new embedded firewall. What statement best describes this type of firewall?
a firewall that is integrated into a router
As a security administrator, you are responsible for ensuring that your organization's IT staff understands the security mechanisms employed on the network. You are currently documenting the security mechanisms as part of the IT training. During the documentation, you realize that many of the IT staff does not understand the basic terms used in IT security. You need to document the terms and definitions that you will use. What is a mathematical formula that is used in cryptography to encrypt data?
algorithm
During a meeting, you present management with a list of the access controls used on your network. You explain that these controls include preventative, detective, and corrective controls. Which control is an example of a corrective control?
antivirus software
Your organization has recently adopted a new security policy. As part of this policy, you must implement the appropriate technologies to provide confidentiality. Which technology provides this?
asymmetric encryption
What is tailgating?
following someone through a door he just unlocked
Management has decided to purchase a new appliance firewall that will be installed between the public and private networks owned by your company. Which type of firewall is also referred to as an appliance firewall?
hardware
Which type of attack redirects you to a fake Web site?
hyperlink spoofing
You are designing an access control system for a new company. The company has asked that you ensure that users are authenticated with a central server. In addition, users should only have access to the files they need to perform their jobs. When implementing access control, what is the appropriate order?
identification, authentication, authorization
You have been asked to install a new firewall that only examines the packet header information. Which type of firewall are you installing?
packet-filtering firewall
You want to configure password policies that ensure password strength. Which password setting most affects a password's strength?
password complexity
Your manager suspects that your network is under attack. You have been asked to provide information regarding traffic flow and statistical information for your network. Which tool should you use?
protocol analyzer
Which two alternate data center facilities are the easiest to test? (Choose two.)
redundant site hot site
Your company's network consists of multiple subnetworks that each implements its own authentication system. Often users must log in separately to each subnetwork to which they want access. You have been asked to implement technology that allows users to freely access all systems to which their account has been granted access after the initial authentication. Which of the following should you implement?
single sign-on
Your company has decided to implement a biometric system to ensure that only authorized personnel is able to access several secure areas at the facility. However, management is concerned that users will have privacy concerns when the biometric system is implemented. You have been asked to recommend the least intrusive biometric system of the listed options. Which option is considered the least intrusive?
voice print