Security + Questions 15

An investigator recently discovered that an attacker placed a remotely accessible CCTV camera in a public area overlooking several Automatic Teller Machines (ATMs). It is also believed that user accounts belonging to ATM operators may have been compromised. What attack has MOST likely taken place?

Shoulder Surfing

What protocols uses TCP instead of UDP and is incompatible with all previous versions?

TACACS+

How often, at a MINIMUM, should Sara, an administrator, review the accesses and right of the users on her system?

Annually

Which of the following symmetric key algorithms are examples of block ciphers? (Select THREE). A. RC4 B. 3DES C. AES D. MD5 E. PGP F. Blowfish

B,C,F

A trojan was recently discovered on a server. There are now concerns that there has been a security breach that allows unauthorized people to access data. The administrator should be looking for the presence of a/an:

Back

A user commuting to work via public transport received an offensive image on their smart phone from another commuter. What attack MOST likely took place?

Bluejacking

Which of the following is BEST carried out immediately after a security breach is discovered? A. Risk transference B. Access control revalidation C. Change management D. Incident management

D

What is best practice to put at the end of an ACL?

Implicit deny

Pete, an employee, attempts to visit a popular social networking site but is blocked. Instead, a page is displayed notifying him that this site cannot be visited. What is MOST likely blocking Pete's access to this site?

Internet Content Filter

An attacker attempted to compromise a web form by inserting the following input into the username field: admin)(|(password=*)). What attackwas attempted?

LDAP Injection

Which of the following devices is BEST suited to protect an HTTP-based application that is susceptible to injection attacks?

Layer7 Firewall

What must be kept secret for a public key infrastructure to remain secure?

Private Key

An administrator notices that former temporary employees' accounts are still active on a domain. What can be implemented to increase security and prevent this from happening?

Run a last logon script to look for inactive accounts.

An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?

SSL

See Question 285

See Question 285

See Question 286

See Question 286

See Question 295

See Question 295

See Question 296

See Question 296

What is a hardware-based security technology included in a computer?

Trusted Platform module

An administrator is concerned that a company's web server has not been patched. What would be the BEST assessment for the administrator to perform?

Vulnerability Scan