network+1
A multi-homed firewall offers what advantage? Protecting your trusted network even if the DMZ is compromised Providing adequate bandwidth even when attacked by a Denial of Service attack Supporting your company's e-commerce traffic Providing an efficient system to distribute files to external users
A
A relatively new employee in the data entry cubical farm was assigned a user account similar to that of all of the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred? Privilege escalation Man-in-the-middle attack Social engineering Smurf attack
A
A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internet-facing interface. This is an example of what form of attack? Spoofing Snooping Spamming Sniffing
A
Access control lists can be used as security mechanisms to manage all but which of the following activities? Physical entry into a building Use of a service protocol Communications over a specific TCP port Access to read the contents a file resource
A
As a BCP or DRP plan evolves over time, what is the most important task to perform when rolling out a new version of the plan? Collect and destroy all old plan copies Obtain senior management approval Redefine all roles and responsibilities Perform new awareness sessions
A
Backups and software originals should be stored in a media cabinet to prevent or protect against all but which of the following? Availability Damage Theft Corruption
A
Custodians are primarily responsible for? Ensuring the protection of the CIA of assets Verifying compliance with security policy Designing security Classifying resources
A
Determining the site or location of your secured facility is important. Which of the following is the least important factor when selecting a new geographic site to build a secure facility? Cost Severe weather occurrences Earthquakes Proximity to emergency services
A
Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack? Buffer overflow Dictionary Superzapping Denial of service
A
How often should anti-virus scanning software be updated? Daily Weekly Monthly Quarterly
A
If a worker sees someone in their secured work area whom they do not recognize, which of the following is the best action for them to take? Report the issue to their supervisor or the security staff Ignore it as the company is large and there are lots of unknown personnel Talk to your work area neighbor to see if they know who the person is Confront the unknown person and ask for identification
A
If water lines run through the building near where the mission-critical server room is located, what security feature should be installed? Emergency shutoff valves Positive pressure systems Flood alarms Dry pipe sprinklers
A
If your organization relies on high-end customized software developed by an external company, what security precaution should be implemented to protect yourself against the software developer going out of business? Code escrow Biometric access control Outsourcing Service level agreement
A
In a government or military classification scheme, what is usually the most important factor in making a determination as to what level of classification to assign to a resource? Level damage due to disclosure Value loss due to destruction Capability loss due to inaccessibility Productivity loss due to alteration
A
In addition to natural disasters, what other serious threat should be considered when designing physical security? Man-made issues Eavesdropping Espionage Electronic intrusion
A
Network-based intrusion detection is most suited to detect and prevent which types of attacks? Bandwidth-based denial of service Brute force password attack Buffer overflow exploitation of software Application implementation flaw
A
Network-based intrusion detection is most suited to detect and prevent which types of attacks? Bandwidth-based denial of service Buffer overflow exploitation of software Brute force password attack Application implementation flaw
A
On wireless networks, which technology is employed to provide the same type of protection that cables provide on a wired network? WEP (Wired Equivalent Privacy) SSL (Secure Sockets Layer) L2TP (Layer 2 Tunneling Protocol) TACACS (Terminal Access Controller Access Control System) WPP (Wireless Protection Protocol)
A
Over the last month you have noticed a significant increase in the occurrence of inappropriate activities performed by employees. What is the best first response step to take in order to improve or maintain the security level of the environment? Improve and hold new awareness sessions Reduce all employee permissions and privileges Initiate stronger auditing Terminate all offenders
A
S/FTP (Secure FTP) uses which mechanism to provide security for authentication and data transfer? SSL (Secure Sockets Layer) Token devices IPSec (Internet Protocol Security) Multi-factor authentication
A
What are the requirements for a fence in order for it to be considered an intruder deterrent? 8' high made of wire mesh with barbed wire 4' high made of wire mesh 10' high made of cement blocks 6' high made of wood planks
A
What aspect of business continuity planning addresses or calculates the potential losses to the organization due to a disruption of production? Business impact analysis Recovery plan maintenance Data processing continuity planning Scope and plan initiation
A
What can be used to actively prevent piggybacking in a mantrap? Install a scale that evaluates current weight with that stored in the user's account profile Post a warning sign stating that only one person is allowed in the mantrap at a time Make the mantrap room the size of a telephone booth Use a video camera
A
What do biometrics use to perform authentication of identity? Human characteristics Ability to perform tasks Possession of a device Knowledge of passwords
A
What document encourages IT professions to "provide diligent and competent service to principals"? ISC2 Code of Ethics Ten Commandments of Computer Ethics Generally Accepted Systems Security Principles (GASSP) Ethics and the Internet (RFC 1087)
A
What does perturbation protect against? Aggregation Authenticity attacks Denial of service Semantic integrity loss
A
What does the Mandatory Access Control (MAC) method use to control access? Sensitivity labels Geographic location Job descriptions User accounts
A
What feature of database systems allows for two objects of the same type to be created, but with each being at a different sensitivity level in order to combat inferencing? Polyinstantiation Perturbation Attribute domain validation Tuple sorting
A
What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal? Turnstiles Locked doors with interior unlock push-bars Electronic access control doors Egress mantraps
A
What is mutual authentication? A process by which each party in an online communication verifies the identity of the other party The use of two or more authentication factors Deploying CHAP and EAP on remote access connections Using a CA (certificate authority) to issue certificates
A
What is the absolute best way to verify that a disaster recovery plan is sufficient and has no significant deficiencies? Full interruption test Perform both quantitative- and qualitative-based business impact analysis Use an external auditor Obtain senior management approval
A
What is the best means to prevent a worm from infecting a system or spreading from your system to others? System isolation Anti-virus software Pre-scanning all removable media User behavior modification
A
What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found? Virus Java applet Windows Messenger Trojan horse
A
What is the goal of a TCP/IP hijacking attack? Executing commands or accessing resources on a system the attacker does not otherwise have authorization to access Destroying data Preventing legitimate authorized access to a resource Establishing an encryption tunnel between two remote systems over an otherwise secured network
A
What is the last phase of BCP/DRP design and development just before distribution and implementation? Senior management approval Downtime estimation Drilling Awareness
A
What is the minimum number of people that can be processed by a biometric authentication entry device in order for it to be considered generally acceptable? 10 subjects per minute 6 subjects per 2 minutes 6 subjects per 10 minutes 1 subject per 2 minutes
A
What is the most common mechanism used for perimeter boundary protection? Lighting Fencing Guard dogs Security guards
A
What is the most important aspect of a biometric device? Accuracy Throughput Size of the reference profile Enrollment time
A
What is the primary benefit of CCTV? Expands the area visible by security guards Increases security protection throughout an environment Reduces the need for locks and sensors on doors Provides a corrective control
A
Which of the following are backed up during a differential backup? Only files that have changed since the last full backup. Only files that are new since the last full or incremental backup. Only files that have changed since the last full or incremental backup. Only files that have changed since the last full or differential backup.
A
Which of the following are denial of service attacks? (Select two.) Salami Fraggle Smurf Hijacking
A
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle? Buffer overflow Data diddling Smurf Time of check/time of use (TOC/TOU)
A
Which of the following attacks will typically take the longest amount of time to complete? Brute force attack Impersonation attack Dictionary attack Replay attack
A
What is the primary goal of business continuity planning? Maintaining business operations with reduced or restricted infrastructure capabilities or resources Minimizing the risk to the organization from delays and interruptions in providing services Protecting an organization from major computer services failure Minimize decision making during the development process
A
What is the primary purpose of separation of duties? Prevent conflicts of interest Inform managers that they are not trusted Increase the difficulty in performing administration Grant a greater range of control to senior management
A
What is the primary purpose of source code escrow? To obtain change rights over software after the vendor goes out of business To obtain resale rights over software after the vendor goes out of business To provide a backup copy of software to use for recovery in the event of a disaster To hold funds in reserve for unpredicted costs before paying the fees of the programmer
A
What is the security concept that states that users should only have the access necessary to perform their work tasks and no more? Principle of least privilege Separation of duties Need to know Two-man control
A
What is the weakest point in an organization's security infrastructure? People Technology Physical structure Procedures
A
What must be updated each time it is presented to the same employees in order to make it effective? Awareness Security policy Emergency response training Acceptable use policy
A
When a SYN flood is altered so that the SYN packets are spoofed in order to define the source and destination address as a single victim IP address, the attack is now called what? Land attack Analytic attack Impersonation Fraggle attack
A
When a SYN flood is altered so that the SYN packets are spoofed in order to define the source and destination address as a single victim IP address, the attack is now called what? Land attack Fraggle attack Analytic attack Impersonation
A
When a civil law court finds a defendant guilty, what form of punishment cannot be assigned? Imprisonment Statutory Punitive Compensatory
A
When a procedure does not exist, what should be used in a fully secure environment in order to accomplish a new task? Guidelines Personal knowledge Best business practice Open source handbook
A
When designing security, what is often the least important in terms of making a business decision about which security measure to implement? Accuracy Legal issues Internal politics Cost
A
When informing an employee that they are being terminated, what is the most important activity? Disabling their network access Allowing them to collect their personal items Allowing them to complete their current work projects Giving them two week's notice
A
When is an escort required? When a visitor tours the computer room When a stranger enters the visiting area When a high-clearance level technician enters into the low-clearance level work area When a temporary employee visits the HR department
A
When law enforcement is involved in a computer crime investigation, the victim organization's security officials have? Increased constraints Do not require search warrants Complete control over the investigation Greater ability to collect evidence
A
When securing a workstation for use on a secured network, which of the following system hardening activities should be performed first? Install OS-specific patches and updates Configure auditing Apply security templates Install application patches and updates
A
Which three of the following IP addresses belong to the Class A network 114.0.0.0? ( Assume the network is indicated by the default portion of the IP address.)
114.0.0.15 114.122.66.12 114.58.12.0
What is the maximum data rate of an ISDN BRI line?
128 Kbps
The session keys employed by SSL (Secure Socket Layer) are available in what bit lengths
128 bit and 40 bit
Which of the following IP addresses have a default subnet mask of 255.255.0.0?
129.0.0.1 191.168.2.15 168.16.5.1
A host on the network has an IP address of 129.11.99.78 using the default subnet mask. How would you identify the address and mask using CIDR notation?
129.11.99.78/16
Your network has been assigned the Class B address of 130.15.0.0. Which of the following is not an address you can assign to a node on your network?
130.16.61.3
Which three of the following IP addresses are Class B addresses?
132.12.0.0 190.65.2.0 129.0.0.0
In an IP addressing scheme using default subnet masks, which of the following IP addresses can you assign to a host?
132.70.254.15
Which three of the following are not valid IP address?
145.8.260.7 257.0.122.55 45.22.156.256
What is the speed of an OC-3 connection?
155 mbps
Which port number is used by SNMP?
161
Which of the following is the first IP address that can be assigned to hosts on the 166.70.0.0 network using the default subnet mask?
166.70.0.1
Which of the following is the last IP address that can be assigned to hosts on the 1676.70.0.0 using the default subnet mask?
166.70.255.254
Your network has been assigned the Class B network address of 179.113.0.0 Which three of the following can be assigned to hosts on your network?
179.113.89.0 179.113.65.12 179.113.0.118
Passive tags have ranges from about 1/3 inch to ____ feet.
19
Which three of the following IP addresses are Class C addresses?
192.15.5.55 223.16.5.0 225.55.0.0
When should a hardware device be replaced in order to minimize downtime? Just before it's MTBF is reached When its performance drops below 75% efficiency Once every year Only after its first failure
A
When should security-related patches and upgrades be applied to a system? As quickly as possible after testing Only after other organizations have reported success or failure with the patch Only during quarterly-scheduled maintenance periods Only after experiencing the problem they address
A
Your network uses the following backup strategy: Full backups every Sunday night Differential backups Monday through Saturday nights Thursday morning the storage system fails. How many restore operations will you need to perform to recover all of the data?
2
Your network uses the following backup strategy: Full backup every Sunday night, Differential backup Monday through Saturday nights. Thursday morning the storage system fails. How many restore operations will you need to perform to recover all the data
2
Which of the following is a valid IP address?
2.2.2.2 172.16.1.26
Your network has been assigned the Class C address of 200.78.151.0. Which three of the following addresses can be assigned to hosts on your network?
200.78.151.252 200.78.151.12 200.78.151.111
After installing a new 2.4GHz cordless phone system in your office, you notice that wireless network performance is adversely affected. Which of the following wireless networking standards are you most likely to be using? (Select two.)
802.11b 802.11g
You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4 GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the wireless standards could the network be using? (Select two.)
802.11b Bluetooth
Which of the following specifications identiy security that can be added to wireless networks? 802.11a 802.3 802.11i 802.5 802.1x
802.11i 802.1x
You want to increase the security of your network by allowing only authenticated users to be able to access network devices through a switch? Which one of the following should you implement?
802.1x
You need to configure a wireless network. You want to use WPA Enterprise. Which of the following components will be a part of your design?
802.1x TKIP encryption
According to the Federal Bureau of Investigation (FBI), almost ____ percent of crimes committed today leave behind digital evidence that can be retrieved through computer forensics.
85
A CISSP candidate who violates the ISC2 Code of Ethics is subject to? Revocation of certification Arrest and 1 year imprisonment 120 hours of community service Statutory financial penalties
A
A SYN attack or a SYN flood exploits or alters which element of the TCP three-way handshake? ACK FIN or RES SYN SYN/ACK
A
A Smurf attack requires all but which of the following elements to be implemented? Padded cell Victim computer or network Amplification or bounce network Attacker system
A
A data warehouse contains? Normalized database copies Offline database backups Database meta data Live database systems
A
Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database? Signature-based Anomaly analysis-based Heuristics-based Stateful inspection-based
A
Which IEEE standard defines the technologies used in wireless LAN networking? 802.11 802.3 802.8 802.5
A
Which form of access control enforces security based on user identities and allows individual users to define access controls over owned resources? DAC (Discretionary Access Control) MAC (Mandatory Access Control) RBAC (Role-based Access Control) TBAC (Task-based Access Control)
A
Which form of artificial intelligence system design employs the processing of degrees of uncertainty through the use of fuzzy logic? Expert system Directory service Neural network Intrusion detection system
A
Configuring a Central Store of ADMX files help solve the problem of ________.
"SYSVOL bloat"
Which form of intrusion detection system is best against zero day attacks? Network-focused, anomaly detection Network-focused, pattern matching Host-focused, pattern matching Host-focused, neural network based
A
Which form of scavenging attacks can recover data from purged media? Laboratory level Dumpster diving Keyboard level Brute force scanning
A
Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring? Denial of service attack Man-in-the-middle attack Privilege escalation Brute force attack
A
Which of the following best describes the concept of due care or due diligence? Reasonable precautions, based on industry best practices, are utilized and documented. Security through obscurity is best accomplished by port stealthing. Availability supersedes security unless physical harm is likely. Legal disclaimers are consistently and conspicuously displayed on all systems.
A
Which of the following common network monitoring or diagnostic activity can be used as a passive malicious attack? Sniffing Logic bombs Packet capture, edit, and re-transmission Denial of service
A
Which of the following drive configurations is fault-tolerant? RAID 5 Expanded volume set RAID 0 Disk striping
A
Which of the following fax machine types should be replaced due to security concerns? Ribbon-based fax machine Ink jet fax machine Laser jet fax machine Fax to PDF e-mail attachment system
A
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network? Smurf Session hijacking Fraggle Fingerprinting
A
Which of the following is a security mechanism that adds ACLs to individual ports? TCP wrapper IDS Fingerprinting Ping scanner
A
Which of the following is a text file provided by a Web site to a client that is stored on a user's hard drive in order to track and record information about the user? Cookie Certificate Digital signature Mobile code
A
Which of the following is a type of coaxial cable? 10Base5 10BaseT UTP STP
A
Which of the following is a valid listing of the elements of the CIA triad? Availability, Confidentiality, Integrity Confidentiality, Integrity, Authenticity Integrity, Access Control, Confidentiality Authorization, Confidentiality, Integrity
A
Which of the following is an example of a single sign-on authentication solution? Kerberos Biometrics RADIUS Digital Certificates
A
Which of the following is an example of a standard? Building code requirements Detailed step-by-step of how to implement a solution General instructions on how to install concepts of products Visionary statement of the goals of company security
A
Which of the following is not a VPN tunnel protocol? IPSec RADIUS L2TP PPTP
A
Which of the following is not a benefit of NAT? Improving the throughput rate of traffic Hiding the network infrastructure from external entities Using fewer public IP addresses Preventing traffic initiations from outside the private network
A
Which of the following is not a form of social engineering? Impersonating a user by logging on with stolen credentials Impersonating a utility repair technician A virus hoax e-mail message Impersonating a manager over the phone
A
Which of the following is not a means to perform secure fax transmissions? Always send a cover page with CONFIDENTIAL boldly displayed. Use a fax machine that is capable of cryptographic transmission. Only send faxes to organizations that do not automatically print received documents in a public location. Employ an encrypted telephone line.
A
Which of the following is not a protection against session hijacking? DHCP reservations Anti IP spoofing Time stamps Packet sequencing
A
Which of the following is not a reason to implement a classification system? Prevent intrusions and malicious code infection Justification and support for security solution expense Regulatory requirements Display of the importance of security to the organization
A
Which of the following is not a threat to physical security? Hybrid password attacks Chlorine poured into A/C intake vents Piggybacking Sabotage
A
Which of the following is not a valid form of qualitative risk analysis? Cost/benefit analysis Delphi technique Checklists Scenarios
A
Which of the following is not an example of a service level agreement? Security policy design Replacement of hardware within 24 hours Internet connectivity services Source code escrow
A
Which of the following is not used to oversee and/or improve the security performance of employees? Exit interviews Annual supervisor reviews Mandatory vacations Awareness
A
Which of the following is the best complimentary product to a firewall? IDS (Intrusion Detection System) RAS (Remote Access Server) PBX (Private Branch eXchange) Switch
A
Which of the following is the least reliable means to clean or purge media? Degaussing OS low-level formatting Drive controller hardware level formatting Overwriting every sector with alternating 1's and 0's
A
Which of the following is the most effective protection against IP packet spoofing on a private network? Anti-virus scanners Host-based IDS Ingress and egress filters Digital signatures
A
Which of the following methodologies most closely reflects the goals and missions of a commercial organization while maintaining a secure operating environment? Top-down approach Incident reports that assign blame Rigid data classification system Negligence avoidance
A
Which of the following remote access authentication technologies allows for the use of multi-factor authentication? TACACS+ (Terminal Access Controller Access Control System Plus) SLIP (Serial Line Interface Protocol) L2F (Layer 2 Forwarding Protocol) PPTP (Point to Point Tunneling Protocol) RADIUS (Remote Authentication and Dial-In User Service )
A
Which of the following should be performed in regards to evidence? Store media in static proof bags Store media in plastic bags Write identification file tags to media Defragment evidence media
A
Which of the following statements is not true in regards to security guards? They are a cost effective option to replace CCTV Background screening of security guards is not foolproof They cannot be used in all environments and situations Security guards can recognize zero day physical attacks
A
A user reports that she cant connect to a server on your network. You check the problem and find out that all users are having the same problem. What should you do next?
Determine what has changed.
A network connected using a full physical mesh topology. the link between device A and device B is broken. What happens to communications?
Device A will be able to communicate will all other devices.
You have a network connected using a full physical mesh topology. The link between device A and device B is broken. Which of the following best describes what happens to network communications?
Device A will be able to communicate with all other devices.
You have a network using a full physical mesh topology. The link between device A and device B is broken. Which of the following best describes what happens to network communications?
Device A will be able to communicate with all other devices.
Which of the following best describes the concept of a virtual LAN?
Devices on the same network logically grouped as if they were grouped on separate networks.
Which of the following best describes the concept of virtual LAN?
Devices on the same network logically grouped as if they were on separate networks.
Which of the following is NOT an example of a special identity?
Dialup Service
Which backup strategy backs up only files which have the archive bit set, but does not mark them as having backed up
Differential
Which backup strategy backs up only files which have the archive bit set, but does not mark them as having been backed up?
Differential
Which of the following is used for secure exchange of symmetric encryption keys
Diffie-Hellaman
Which of the following is used for secure exchange of symmetric encryption keys?
Diffie-Hellman
Which of the following algorithms are used in asymmetric encryption? (Select two.)
Diffie-Hellman RSA
Which of the following algorithms are used in asymmetric encryption (Select two.)
Diffie-Hellman, RSA
Which of the following is a minimal requirement in order to employ S/MIME?
Digital certificate
Which of the following is a direct protection of integrity
Digital signature
What is the most obvious means of providing non-repudiation in a cryptography system
Digital signatures
On your way into the back entrance of the building at work one morning, a man dressed as a plumber ask you to let him in so he can "fix the restroom." What should you do
Direct him to the front entrance and to check in with the receptionist.
Which of the following is the best protection to prevent attacks on mobile phones through the Bluetooth protocol?
Disable Bluetooth on the phone
Which of the following is the best protection to prevent attack on mobile phone through the Bluetooth protocol?
Disable Bluetooth on the phone.
When informing an employee that they are being terminated, what is the most important activity
Disabling their network access
When informing an employee that they are being terminated, what is the most important activity?
Disabling their network access
During a recent site survey, you find a rogue wireless access point on your network. Which of the following actions should you take first to protect your network, while still preserving the evidence?
Disconnect the access point from the network
During a recent site survey, you find a rouge wireless access point on your network. Which of the following actions should you take first to protect your network, while still preserving evidence
Disconnect the access point from the network
If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network?
Disconnect the intruder
If maintaining confidentiality is of the utmost importance to your organization, which is the best response when an intruder is detected on your network
Disconnect the intruder
Which of the following functions can a port scanner provide?
Discover unadvertised servers, Determining which ports are open on a firewall
Which of the following functions can a port scanner provide? (Select two.)
Discovering unadvertised servers. Determining which ports are open on a firewall.
You manage the website for your company. The Web 1 server hosts the website. This server has the following configuration:..........Which component is a single point of failure for the website
Disk Controller
You manage the website for your company. The Web1 server hosts the website. This server has the following configuration: • Dual core processor • Dual power supplies • RAID 4 volume • One RAID controller • Two 1000 Mbps network adapters Which component is a single point of failure for the website?
Disk controller
When conducting a forensic investigation, and assuming that the attack has been stopped, which of the following actions should you perform first
Document what's on screen
When conducting a forensic investigation, and assuming that the attack has been stopped, which of the following actions should you perform first?
Document what's on the screen.
Which of these groups would an administrator use to assign permissions to resources in the same domain?
Domain local groups
Using the Netstat command you notice that a remote system has made a connection to your Windows server 2003 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing ?
Downloading a file
Using the Netstat command, you notice that a remote system has made a connection to your Windows Server 2003 system using TCP/IP port 21. Which of the following actions is the remote system most likely to be performing?
Downloading a file.
Which of the following security measures encrypts the entire contents of a hard drive
Drive Lock
When you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the window to see what the problem is. Later, you find out that the window has installed spyware on your system. What type of attack has occurred?
Drive-by download
Which of the following security measures encrypts the entire contents of a hard drive?
DriveLock
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. There is no default route configured on the router. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Drop the packet.
Which of the following is the employment of two separate key pairs in order to separate the security functions of confidentiality and integrity in a communication system
Dual key pair
Which of the following are examples of social engineering? (Select Two)
Dumpster diving, Shoulder surfing
A user reports that network access from her workstation is very slow. The problem does not seem to be affecting any other users. Which of the following conditions is most likely the cause?
Duplex mismatch
U user reports that network access from her workstation is very slow. The problem does not seem to be effecting any other users. What condition is likely the cause.
Duplex mismatch
A user reports that network access from her workstation is very slow. The problem does not seem to be affecting any other ways. Which of the following conditions is the most likely cause?
Duplex mismatch.
____ is the time it takes for a key to be pressed and then released.
Dwell time
What is the official NIST standard for using lighting as perimeter boundary protection? Critical areas should be lighted by 5 candle feet of power from a height of 3.5 feet Critical areas should be lighted by 3.5 candle feet of power from a height of 12 feet Critical areas should be lighted by 8 candle feet of power from a height of 2 feet Critical areas should be lighted by 2 candle feet of power from a height of 8 feet
D
What is the primary difference between impersonation and masquerading? One is used against administrator accounts, the other against end user accounts One is easily detected, the other is subtle and stealthy One is a real-time attack, the other is an asynchronous attack One is more active, the other is more passive
D
What is the primary purpose of forcing employees to take mandatory one-week minimum vacations every year? To test their knowledge of security To cut costs on travel To prevent the build up of significant vacation time To perform job reviews in their absence
D
What is the purpose of audit trails? Prevent security breaches Restore systems to normal operations Problem correction Detect security-violating events
D
What must be completed in order to move on from BCP scope definition to the prioritization of critical processes? Outline response options Estimate downtime Assign recovery team roles to personnel Senior management approval
D
What standard discriminator is used to determine whether a subject may be the perpetrator of a crime? Finding witnesses Computer generated records Circumstantial evidence Establish the motive, opportunity, and means of the suspect
D
What types of environments are often more vulnerable and susceptible to Trojan horse attacks? Distributed environments Mandatory environments Centralized environments Discretionary environments
D
What vulnerability can allow for arbitrary code execution? Allowing the source and destination address in a packet header to be the same Lacking a stateful inspection firewall Using short key lengths Not performing input limit checks
D
When a malicious user captures authentication traffic and replays it against the network later, what is the security problem you are most concerned about? Spam Denial of service Bandwidth consumption An unauthorized user gaining access to sensitive resources
D
When a removable media device is brought into the office from any outside location, what is the first step in using that media on the secured company LAN? Format the media before use Directly connect it to a server, rather than a client Get written permission from your supervisor Process it on the sheep dip system
D
When a removable media is to be re-used in the same security environment, what action should be taken? Sanitation Purging Destruction Cleaning
D
When an incident is suspected, what is the best action to take as an end user? Attempt to pinpoint the source of the session Disconnect the affected system from the network Turn on additional auditing features Report the event
D
When an unauthorized intruder wishes to impersonate a legitimate client on your private network, which of the following actions will take place first? Recording of incident by an IDS Access violation Spoofing Sniffing
D
When building a new facility or selecting an existing building, in addition to prevention and protection against forcible entry, which is the second most important security concern? Cost Proper grounding Location Fire resistance
D
When can a risk analysis not be only quantitative? It is cost effective It consumes too much time It's a federal regulation Some assets are intangible
D
When conducting a forensic investigation, which of the following initial actions is appropriate for preserving evidence? Turn off the system Remove the hard drive Stop all running processes Document what's on the screen
D
When designing a new secure facility, what is the most important? Asset protection Prevention of trespass Sustaining availability Safety of personnel
D
When designing a security plan, what is the best methodology to adopt in the early design phase? Top down Outside in Bottom up From mission-critical assets out
D
When do typical employees have real privacy? When performing personal tasks on a work computer When performing work tasks on a work computer When performing work tasks on a personal computer When performing personal tasks on a personal computer
D
When is a BCP or DRP design and development actually completed? Once senior management approves Only after implementation and distribution Only after testing and drilling Never
D
When the TCP/IP session state is manipulated so that a third party is able to insert alternate packets into the communication stream, what type of attack has occurred? Replay Spamming Masquerading Hijacking
D
Where are the goals and mission of an organization defined? Business continuity policy Certificate practice statement Statement of roles and responsibilities Strategic security policy
D
Which access control model manages rights and permissions based on job descriptions and responsibilities? Task Based Access Control (TBAC) Mandatory Access Control (MAC) Discretionary Access Control (DAC) Role Based Access Control (RBAC)
D
Which is an example of a direct physical threat to the integrity of stored data? Theft of the access keyboards Premature removal of power Unauthorized disclosure Loss of physical access control
D
Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence? File directory listing Serial number notation Photographs Hashing
D
Which of the elements of the fire triangle would be most beneficial to eliminate or remove in the event of a fire in the mission critical server room? Chemical reaction of combustion Fuel Heat Oxygen
D
Which of the following are backed up during an incremental backup? Only files that have changed since the last full backup. Only files that have changed since the last full or differential backup. Only files that are new since the last full or incremental backup. Only files that have changed since the last full or incremental backup.
D
Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity? Impersonation Sniffing Replay attack Spam
D
Which of the following disaster recovery plan testing types could be performed at the same time as any of the others listed? Full interruption Simulation Parallel Structured walk-through
D
Which of the following is a collection of recorded data that may include details about logons, object access, and other activities deemed important by your security policy that is often used to detect unwanted and unauthorized user activity? CPS (certificate practice statement) Chain of custody Syslog Audit trail
D
Which of the following is a common interface API to allow components written in different programming languages to interact as well as provides seamless interoperability between products from different vendors? DCOM COM ORB CORBA
D
Which of the following is a direct protection of integrity? Digital envelope Symmetric encryption Asymmetric encryption Digital signature
D
Which of the following is a form of denial of service attack that subverts the TCP three-way handshake process by attempting to open numerous sessions on a victim server but intentionally failing to complete the session by not sending the final required packet? Ping of death Session hijacking Teardrop SYN attack
D
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network? Session hijacking Fingerprinting Fraggle Smurf
D
Which of the following is a protection against PBX fraud and abuse? Limiting toll charge calls to business hours Training personnel regarding secure phone procedures Placing dial-in modems on non-PBX managed phone lines Direct Inward System Access (DISA)
D
Which of the following is a recovery site that may have electricity connected, but there are no servers installed and no high-speed data lines present? Reciprocal agreement Hot site Warm site Cold site
D
Which of the following is a security service that monitors network traffic in real time or reviews the audit logs on servers looking for security violations? Switch Padded cell Firewall IDS
D
Which of the following is an example of privilege escalation? Separation of duties Principle of least privilege Mandatory vacations Creeping privileges
D
Which of the following is likely to be located in a DMZ (demilitarized zone) or a buffer subnet? Domain controller User workstations Backup server FTP server
D
Which of the following is most important to include in a security policy? Callback must be caller defined All dial-up connections must use PAP Only 56K modems should be used No active modems while connected directly to the LAN
D
Which of the following is not a characteristic of Kerberos? End-to-end security Symmetric key cryptography Data Encryption Standard Peer-to-peer relationships between entities
D
Which of the following is not a concern when selecting the location of a secured facility? Visibility Local crime rate Accessibility Window translucence
D
Which of the following is not a means to reduce or stop piggybacking? Have door-closed sensors with time-out alarms on secured doors Locked screen savers launch in 5 minutes Use a scale in mantraps Perform covert channel analysis
D
Which of the following is not a primary characteristic of a worm? It is able to self-replicate It seeks out other systems to infect It does not require a host file It infects the MBR of a hard drive
D
Which of the following is not a true statement about risk? Quantitative risk analysis is often performed via software. Outsourcing can be a valid risk response. The difference between avoiding risk and accepting risk is a signed decision document. All risks of an environment can be mitigated.
D
Which of the following is not an appropriate application of a neural network? Weather prediction Voice and face recognition Exploration of models of consciousness and thinking Route scheduling
D
Which of the following is not an element of an exit interview? Disable all network access Closed-door meeting Return company property Dissolution of the NDA
D
Which of the following is not an important aspect of password management? Prevent use of personal information in a password Training users to create complex passwords that are easy to remember Always store passwords in a secure medium Enable account lockout
D
Which of the following is not one of the ranges of IP addresses defined in RFC 1918 that are commonly used behind a NAT server? 176.16.0.0 - 172.31.255.255 192.168.0.0 - 192.168.255.255 10.0.0.0 - 10.255.255.255 169.254.0.0 - 169.254.255.255
D
Which of the following is not true in regards to the mission-critical server vault or data center room? Can use an oxygen-removing fire suppression system Needs 1-hour minimum fire rated walls Can be maintained at a colder temperature than the rest of the facility Can serve as an emergency shelter
D
Which of the following is stronger than any biometric authentication factor? A USB device hosting PKI certificates A 47-character password A dynamic asynchronous token device without a PIN A two-factor authentication
D
Which of the following is the biggest disadvantage to using a traditional signature-based Intrusion Detection System (IDS)? Anomaly detection requires significant hardware resources Excessive protocol analysis of inbound IMAP traffic File integrity checks do not track changes in server configuration False positives generated by poorly written signatures
D
Which of the following is the strongest form of multi-factor authentication? A password and a biometric scan Two-factor authentication Two passwords A password, a biometric scan, and a token device
D
Which of the following is typically not considered active content? Java applets ActiveX controls JavaScript code Perl scripts
D
Which of the following terms identifies the process of reviewing log files for suspicious activity and threshold compliance? Phishing Scanning CompSec Auditing
D
Which of the following uses hacking techniques to proactively discover internal vulnerabilities? Inbound scanning Reverse engineering Intrusion Detection System (IDS) Penetration testing
D
Which security mechanism describes valid pathways across a network that a packet can take and is used to juggle network traffic to provide the most efficient communications based upon current available knowledge of each path's status? Firewall Acceptable use policy Network topology Router ACL
D
SIP (Session Initiation Protocol)
A protocol suite codified by the IETF (in RFC 2543) as a set of Session layer signaling and control protocols for multiservice, packet-based networks. With few exceptions, SIP performs much the same functions as the H.323 signaling protocols perform. SIP was developed as a more efficient alternative to H.323 before H.323 was revised to expedite its call setup functions. But although SIP is more efficient, because it was released later, it has never enjoyed the same widespread usage as H.323.
IPV4LL (IP version 4 Local Link)
A protocol the manages automatic address assignment among locally connected nodes. IPv4LL is part of the Zeroconf group of protocols.
MEGACO
A protocol used between media gateway controllers and media gateways. MEGACO is poised to replace MGCP on modern converged networks, as it supports a broader range of network technologies, including ATM. Also known as H.248.
MGCP (Media Gateway Control Protocol)
A protocol used for communication between media gateway controllers and media gateways. MGCP is defined in RFC 2507 but it was never officially adopted as a standard. MGCP is currently the most popular media gateway control protocol used on converged networks.
How does a proxy server differ from a packet filtering firewall?
A proxy server operates at the Application layer, while a packet filtering firewall operates at the Network layer.
How does a proxy server differ from a packet filtering firewall?
A proxy server operates at the Application layer, while a packet filtering firewall operates t the Network layer.
dynamic ARP table entry
A record in an ARP table that is created when a client makes an ARP request that cannot be satisfied by data already in the ARP table.
static ARP table entry
A record in an ARP table that someone has manually entered using the ARP utility. Static ARP table entries remain the same until someone manually modifies them with the ARP utility.
Which of the following information are you likely to find in a policy document?
A requirement for using encrypted communication for Web transactions.
Which of the following information are you likely to find in a policy document?
A requirement for using encrypted communications for Web transactions.
name server
A server that contains a database of TCP/IP host names and their associated IP addresses. It supplies a resolver with the requested information. If it cannot resolve the IP address, the query passes to a higher-level name server.
APIPA (Automatic Private IP Addressing)
A service available on computers running the Windows 98, ME, 2000, XP, Vista, Server 2003, or Server 2008 operating system that automatically assigns the computer's network interface an IP address from the range of 169.254.0.0 to 169.254.255.255 if an IP address hasn't benn assigned to that interface.
video-on-demand
A service in which a video is stored as an encoded file is delivered to a viewer upon his request.
IPTV (IP television)
A service in which television signals from broadcast or cable networks travel over packet-switched networks.
streaming video
A service in which video signals are compressed and delivered over the Internet in a continuous stream so that a user can watch and listen even before all the data has been transmitted.
VoDSL (voice over DSL)
A service that relies on a DSL connection to transmit packetized voice signals.
FoIP (fax over IP)
A service that transmits faxes over TCP/IP network.
VoATM (voice over ATM)
A service that uses the ATM network access method (and ATM cells) to transmit voice signals over a network.
H.225
A session layer call signaling protocol defined as part of ITU's H.323 multiservice network architecture. H.225 is responsible for call or videoconference setup between nodes on a VoIP or video-over-IP network, indicating node status, requesting additional bandwidth and call termination.
H.245
A session layer control protocol defined as part of ITU's H.323 multiservice network architecture. H.245 is responsible for controlling a session betwenn two nodes. For example, it ensures that the two nodes are communicating in the same format.
SS7 (Signaling System 7)
A set of standards established b the ITU for handling call signaling on the PSTN (public switch telephone network).
What type of key or keys are used in symmetric cryptography
A shared private key
What type of key or keys are used in symmetric cryptography?
A shared private key
NTP (Network Time Protocol)
A simple Application Layer protocol in the TCP/IP suite used to syncronize the clocks of computers on a network. This depends on UDP for Transport layer services.
Which of the following correctly describes the T1 carrier system?(select two)
A single T1 channel can transfer data at 64 Kbps, T1 lines use pairs of copper wire
Which of the following best describes high amplification when applied to hashing algorithms?
A small change in the message results in a big change in the hash value.
Which of the following best describes high amplifications when applied to hashing algorithms
A small change in the message results in a big change in the hash value.
Webcast
A streaming video, either on demand or live, that is delivered via the Web.
TCP/IP (Transmission Control Protocol/Internet Protocol)
A suite of networking protocols that includes TCP, IP, UDP, and many others. Provides the foundation for data exchange across the internet.
host name
A symbolic name that describes a TCP/IP device.
DiffServ (Differentiated Service)
A technique for ensuring QoS by prioritizing traffic. DiffServ places information in the DiffServ field in an IPv4 datagram. In IPv6 datagrams, DiffServ uses a similar field known as the Traffic Class field. The information indicates to the network routers how the data stream should be forwarded.
PBX (private branch exchange)
A telephone switch used to connect calls within a provate organization.
IP telephone
A telephone used for VoIP on a TCP/IP-based network. IP telephones are designed to transmit and receive only digital signals.
hop
A term used to describe each trip a unit of data takes from one connectivity device to another. Typically, this is used in the context of router-to-router communications.
Telnet
A terminal emulation protocol used to log on to remote hosts using the TCP/IP protocol. Resides in the Application layer of the OSI model.
host file
A text file that associates TCP/IP host names with IP addresses.
country code TLD
A top-level domain that corresponds to a country. For example, the country code TLD for Canada is .ca, and the country code TLD for Japan is .jp.
RTP (Real-time Transport Protocol)
A transport layer protocol used with voice and video transmission. RTP operates on top of UDP and provides information about packet sequenceto help receiving nodes detect delay and packet loss. It also assigns packets a timestamp that corresponds to when the data in the packet was sampled from the voice and video stream. This timestamp helps the receiving node synchronize incoming data.
address resource record
A type of DNS data record that maps the IP address of an Internet-connected device to its domain name.
unicast address
A type of IPv6 address the represents a single interface on a device. An IPv6 unicast address begins with either FFC0 or FF80.
multicast address
A type of address in the IPv6 that represents multiple interfaces, often on multiple nodes, An IPv6 one of these begins with the following hexadecimal field: FF0x, where x is a character that identifies the address's group scope.
anycast address
A type of address specified in IPv6 that represents a group of interfaces, any one of which (and usually the first available of which) can accept a transmission. At this time, this is not designed to be assigned to hosts, such as servers or workstations, but rather to routers.
video phone
A type of phone that includes a screen and can decode compressed video and interpret transport and signaling protocols necesary for conducting videoconference session.
Format Prefix
A variable-length field at the beginning of an IPv6 address that indicates what type of address it is (for example, unicast, anycast, or multicast).
diskless workstation
A workstation that doesn't contain a hard disk, but instead relies on a small amount of read-only memory to connect to a network and to pick up its system files.
What is the main difference between a worm and a virus?
A worm can replicate itself and does not need a host for distribution.
A SYN attack or a SYN flood exploits or alters which element of the TCP three-way handshake?
ACK
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
ACL
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped?
ACL.
You want to encrypt data on a removable storage device. Which encryption method would you choose to use the strongest method possible
AES
You want to encrypt data on a removable storage device. Which encryption method would you choose to use the strongest method possible?
AES
IPsec is implemented through two separate protocols. What are these protocols called? (Select Two)
AH, ESP
IPSec is implemented through two separate protocols. What are these protocols called?
AH. ESP.
Which of the following attacks tried to associate an incorrect MAC address with a known IP address?
ARP Poisoning
Which of the following attacks tries to associate an incorrect MAC address with a known IP address?
ARP poisoning
Which of the following is a policy that defines appropriate activities and usage for company resources, assets, and communications
Acceptable use policy
Which of the following is a policy that defines appropriate and inappropriate activities and usage for company resources, assets, and communications?
Acceptable use policy
Which of the following methods helps to detect lost packets? (Select two.)
Acknowledgements Sequencing
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do to help reduce problems?
Add a separate A/C unit in the server room
Components within your server room are failing at rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do the help reduce problems
Add a separate A/C unit in the server room
A private key has been stolen. What action should be taken to deal with this crisis
Add the digital certificate to the CRL
A private key has been stolen. What action should be taken to deal with this crisis?
Add the digital certificate to the CRL.
ARP stands for:
Address Resolution Protocol
Which of the following are characteristics of MLPS?(Select Two)
Adds labels to data units, Supports variable-length data units
Which option in Control Panel is used to review your Windows 7 computer's status and resolve issues?
Administrative Tools
What is the purpose of the Audit Policy section of a local GPO?
Administrators can log successful and failed security events, such as loss of data, account access, and object access.
While browsing the Internet, you notice that the browser displays ads that are targeted towards recent keyword searches you have performed. What is this an example of?
Adware
You have a network connected using a physical star topology. One of the drop cables connecting a workstation is removed. Which of the following best describes what happens to network communications?
All devices except the device connected to the drop cable will be able to communicate.
You have a network connected to a physical star topology. One of the drop cables connecting a workstation is removed. What best describes what happens to communications?
All devices except the device connected with the drop cable will be able to communicate
You have a network connected using a physical star topology. One of the drop cables connecting a workstation is removed. Which of the following best describes what happens to network communications?
All devices except the device connected with the drop cable will be able to communicate.
During a network infrastructure upgrade, you have replaced two 10 Mbps hubs with switches and upgraded from Category 3 UTP cable to Category 5e. During the process, you accidentally cut the Cat 5e patch cable that stretches from the network printer to the upgraded switch. What is the impact on the network?
All network nodes, with exception of the printer, will be available.
During a network infrastructure upgrade, you have replace two 10 Mbps hubs with switches and upgraded from Category 3 UTP cable to Category 5e. During the process, you accidentally cut the Cat 5e patch cable that stretches from the network printer to the upgraded switch. What is the impact on the network?
All network nodes, with the exception of the printer, will be available.
Which of the following is a characteristic of static routing when compared to dynamic routing?
All routes must be manually updated on the router.
You want to allow e-commerce Web sites that you visit to keep track of your browsing history for shopping carts and other information, but want to prevent that information from being tracked by sites linked to the sites you explicitly visit. How should you configure the browser settings?
Allow first party cookies but block third-party cookies.
NNTP (Network News Transfer Protocol or Network News Transport Protocol)
An Application layer protocol in the TCP/IP suite that facilitates the exchange of newsgroup messages, or articles, between multiple servers and users.
DHCP (Dynamic Host Configuration Protocol)
An Application layer protocol in the TCP/IP suite that manages the dynamic distribution of IP addresses on a network.
BOOTP (Bootstrap Protocol)
An Application layer protocol in the TCP/IP suite that uses a central list of IP addresses and their associated devices' MAC addresses to assign IP addresses to clients dynamically. It was the precursor to DHCP.
Which of the following best describes the ping of death?
An ICMP packet that is larger than 65,536 bytes
loopback address
An IP address reserved for communicating from a node to itself (used mostly for troubleshooting purposes). The IPv4 loopback address is always cited as 127.0.0.1, although in fact, transmitting to any IP address whose first octet is 127 will contact the originating device. In IPv6, the loopback address is represented a ::1.
dynamic IP address
An IP address that is assigned to a device upon request and may change when the DHCP lease expires or is terminated. BOOTP and DHCP are two ways of assigning this.
static IP address
An IP address that is manually assigned to a device and remains constant until it is manually changed.
H.323
An ITU standard that describes an architecture and a suite of protocols for establishing and managing multimedia services sessions on a packet-switched network.
newsgroup
An Internet-based forum for exchanging messages on a particular topic. These rely on NNTP for the collection an dissemination of messages.
Which of the following best describes an evil twin?
An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information
Which of the following best describes an evil twin?
An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information.
Which of the following defines an acceptable use agreement
An agreement which identifies the employees rights to use company property such as Internet access and computer equipment for personal use.
FTP (File Transfer Protocol)
An application layer protocol used to send and receive files via TCP/IP.
loopback test
An attempt to contact one's own machine for troubleshooting purposes.
ATA (analog telephone adapter)
An interal or externally attached adapter that converts analog telephone signals into packet-switched voice signals and vice-versa.
When a malicious user captures authentication traffic and replays it against the network later, what is the security problem you are most concerned about?
An unauthorized user gaining access to sensitive resources
You want to implement an IDS system that uses rules or statistical analysis to detect attacks. Which type of IDS should you deploy?
Anomaly
You are concerned about protecting your network from network based attacks from the Internet. Specifically, you are concerned about "zero day" attacks (attacks that have not yet been identified or that do not have prescribed protections).
Anomaly based IDS
You are concerned about protecting your network from network-based attacks from the Internet. Specifically, you are concerned about "zero day" attacks (attacks that have not yet been identified or that do not have prescribed protections). Which type of device should you use?
Anomaly based IDS.
What is the most common form of host based IDS that employs signature or pattern matching detection methods?
Anti-virus software
Which of the following measures are you most likely to implement in order to protect against a worm or a Trojan horse?
Anti-virus software
Which of the following statements about the use of anti-virus software is correct?
Anti-virus software should be configured to download updated virus definition files as soon as they become available.
What is the most common form of host based IDS that employs signature or pattern matching detection methods?
Anti-virus software.
Which of the following measures are you most likely to implement in order to protect against a worm or Trojan horse?
Anti-virus software.
resolver
Any host on the Internet that needs to look up domain name information.
video over IP
Any type of video service, including IPTV, videoconferencing, and streaming video, that delivers video signals over packet-switched networks using the TCP/IP protocol suite.
Rendezvous
Apple Computer's implementation of the Zeroconf group of protocols.
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?
Application level.
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install?
Application level.
You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem?
Application log
You have installed a new application on a network device. During testing, it appears as if the software is causing other services running on the device to stop responding. Which tool should you consult to identify the problem?
Application log.
You have just purchased a new network device and are getting ready to connect it to your network. Which of the following should you do to increase its security? (Select two.)
Apply all patches patches and updates. Change default account passwords.
To detect failures, clustered servers regularly poll each other on the network, asking:
Are you still there?
RSVP (Resource Reservation Protocol)
As specified in RFC 2205, a QoS technique that attempts to reserve a specific amount of network resources for a transmission before the transmission occurs.
A PKI is a method for managing which type of encryption
Asymmetric
Which of the follow are characteristics of ECC? (Select two.)
Asymmetric encryption Uses a finite set of values within an algebraic field.
Which of the follow are characteristics of ECC (Select two.)
Asymmetric encryption, Uses a finite set of values within an algebraic field.
Which of the following statements is true when comparing symmetric and asymmetric cryptography
Asymmetric key cryptography is used to distribute symmetric keys.
To increase your ability to recover from a disaster, where should you store backup tapes
At the vice president's home
To increase your ability to recover from a disaster, where should you store backup tapes?
At the vice president's home
You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat6e cable to connect the wiring closet to the shipping building. Which of the following conditions are you most likely to experience?
Attenuation
You are creating an Ethernet network for your company. the shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat6e cable to connect the wiring closet to the shipping building what conditions are you most likely to experience?
Attenuation Loss of signal strength from one end of the cable to another. The longer the cable, the more attentuation
You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat6e cable to connect the wiring closet to the shipping building. Which of the following are you most likely to experience?
Attenuation.
What are the most common network traffic packets captured and used in a replay attack?
Authentication
Which of the following are improvements to SNMP that are included within SNMP version 3? (Select two)
Authentication for agents and managers, Encryption of SNMP messages
What is the primary countermeasure to social engineering
Awareness
What is the primary countermeasure to social engineering?
Awareness
What is the primary countermeasure to social engineering?
Awareness.
A SYN packet is received by a server. The SYN packet has the exact same address for both the sender and receiver addresses, which is the address of the server. This is an example of what type of attack? Teardrop attack Land attack SYN flood Ping of death
B
A code of ethics provides for all but which of the following? Establishes a baseline for managing complex situations Clearly defines courses of action to take when a complex issue is encountered Improves the professionalism of your organization as well as your profession Serves as a reference for the creation of acceptable use policies
B
A programmer that fails to check the length of input before processing leaves his code vulnerable to what form of common attack? Privilege escalation Buffer overflow Session hijacking Backdoor
B
A system failure has occurred. Which of the following restoration processes would result in the fastest restoration of all data to its most current state? Restore the full backup and all differential backups Restore the full backup and the last differential backup Restore the full backup and all incremental backups Restore the full backup and the last incremental backup
B
After an intrusion has occurred and the intruder has been removed from the system, which of the following is the best next step or action to take? Restore and repair any damage Back up all logs and audits regarding the incident Update the security policy Deploy new countermeasures
B
All of the 802.11x standards for wireless networking support which type of communication path sharing technology? CSMA/CD (Carrier Sense Multiple Access with Collision Detection) CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) Polling Token passing
B
Although this type of evidence is generally inadmissible in court, it is allowed when the evidence is an audit report that is produced as a regular business activity. What type of evidence is this? Best Hearsay Direct Secondary
B
As the victim of a Smurf attack, what protection measure is the most effective during the attack? Blocking all attack vectors with firewall filters Communicating with your upstream provider Updating your anti-virus software Turning off the connection to the ISP
B
At the end of the useful lifetime of a storage media which was used in a top secret mandatory access control environment, which of the following is not appropriate? Physical crushing Sanitization Incineration Acid dipping
B
At what level of power loss does the ANSI definition allow for the claim of a brownout? 3.5 percent drop between the power source and the voltage meter 8 percent drop between the power source and the voltage meter 5 percent drop between the voltage meter and the wall outlet 8 percent drop between the voltage meter and the wall outlet
B
Audit trails produced by auditing activities are considered what type of security control? Directive Detective Deterrent Preventative
B
By assigning access permissions so that users can only access those resources which are required to accomplish their specific work tasks, you would be in compliance with? Job rotation Principle of least privilege Need to know Cross training
B
Discretionary Access Control (DAC) manages access to resources using what primary element or aspect? Age Identity Rules Classification
B
Employees often pursue which form of knowledge obtaining process outside of the organization? Training Education Awareness Job skill improvement
B
How often should a security assessment take place? At least once a month As often as necessary based on the sensitivity of your resources No more than once a year Only once after initial implementation
B
If a security vulnerability is discovered while a system is being processed through accreditation, what action is mandated? Reconstitute the system, then restart the accreditation process from the current point Restart the accreditation process from the beginning after correcting the discovered issue Restart the accreditation process from the current point after correcting the discovered issue Reconstitute the system, then restart the accreditation process from the beginning
B
If an employee repeatedly performs risky behavior even after attending several security awareness sessions and having received several job action warnings, what is the next best step to take in order to maintain or improve the security of the organization? Job rotation Reduce permissions Exit interview Mandatory vacation
B
If an intrusion detection system is connected to a central station system, what is the recommended setting for the local alarm sound? Must be heard up to 400 feet away Silent local alarm, notification at monitoring station only Triggered only upon interior intrusion detection, not perimeter breach detection Must be heard up to 1200 feet away
B
If people are the last line of defense, then what is the first line of defense? Logical protections Physical boundary protections Technical mechanisms Administrative controls
B
If your mission critical services have a maximum tolerable downtime (MTD) (or a recovery time objective (RTO)) of 36 hours, what would be the optimum form of recovery site you should choose? Cold Warm Mobile Hot
B
In an organization that employs WEP (Wired Equivalent Privacy) to control access to WAP (Wireless Access Points), what is a significant vulnerability that must be repeatedly looked for? Brute force login attacks Unauthorized access points Eavesdropping War driving
B
In which phase of the system life cycle is accreditation performed? System Design Specifications Maintenance Software Development Installation
B
Lock picking is legally classified under? Loitering Shimming Theft Trespassing
B
Need to know is required to access what types of resources? High-security resources Compartmentalized resources Low-security resources Resources with unique ownership
B
One of the most significant database threats, even to modern DBMS solutions, is? Dead lock Integrity violations Concurrency Relational formula errors
B
PPTP (Point to Point Tunneling Protocol) is quickly becoming obsolete because of what VPN protocol? L2F (Layer 2 Forwarding Protocol) L2TP (Layer 2 Tunneling Protocol) TACACS (Terminal Access Controller Access Control System) SLIP (Serial Line Interface Protocol)
B
Routers operate at what level of the Open System Interconnect model? Layer 2 Network layer Transport layer Layer 5
B
The backup solution imposed on this network is designed to provide protection for what security service? Non-repudiation Availability Confidentiality Integrity
B
The best way to initiate solid administrative control over an organization's employees is to have what element in place? Mandatory vacations in one-week increments Distinct job descriptions An acceptable use policy Rotation of duties
B
The business impact analysis phase of business continuity development should address all but which of the following activities? Estimate the potential financial loss due to a disruption Recommend recovery measures or responses Identify all of the business units within the organization Define critical support areas and dependencies
B
The chain of custody is used for what purposes? Identifying the owner of evidence Listing people coming into contact with evidence Retaining evidence integrity Detailing the timeline between creation and discovery of evidence
B
The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following actions is most likely to destroy critical evidence? Copying the contents of memory to removable media Rebooting the system Restricting physical access to the system Disconnecting the system from the network
B
The primary security feature that can be designed into a network's infrastructure to protect and support availability is? Switches instead of hubs Redundancy Fiber optic cables Periodic backups
B
The process of walking around an office building with an 802.11 signal detector is known as what? War dialing War driving Driver signing Daemon dialing
B
Usually when privacy is discussed, especially when privacy has been violated, what security issue is involved? Revealing of incriminating evidence Prevention of unauthorized knowledge of activities Protection of embarrassing information Hiding of unauthorized actions
B
WEP (Wired Equivalent Privacy) should be deployed for what purpose? Prevent denial of service attacks by bandwidth consuming NICs Restrict use of wireless access points Extend the effective range of a wireless network Managing network resource inventory
B
What do host-based intrusion detection systems often rely upon to perform their detection activities? Remote monitoring tools Host system auditing capabilities External sensors Network traffic
B
What form of access control is based on job descriptions? Mandatory access control (MAC) Role-based access control (RBAC) Location-based access control (LBAC) Discretionary access control (DAC)
B
What is a security baseline? A set of configuration settings that must be imposed on a system A standard with which all systems in an organization must comply The results of a penetration test The list of vulnerabilities found in a system
B
What is a service level agreement (SLA)? A contract with an ISP for a specific level of bandwidth A guarantee of a specific level of service A contract with a legal entity to limit your asset loss liability An agreement to support another company in the event of a disaster
B
What is another term for the type of logon credentials provided by a token device? Biometric One-time password Two-factor authentication Mutual authentication
B
What is the RFC that modern day RADIUS was first based on? RFC 1087 RFC 2138 RFC 1492 RFC 1918
B
What is the average number of times that a specific risk is likely to be realized? Exposure factor Annualized Rate of Occurrence Annualized Loss Expectancy Estimated Maximum Downtime
B
What is the best and only means to provide security for Internet-based e-mail communications? Strong ACLs on client systems Message encryption Auditing e-mail activity Delivery receipts
B
What is the best definition of a security incident? Compromise of the CIA of resources Violation of security policy Interruption of productivity Criminal activity
B
What is the estimated cost percentage to an organization if an important asset is compromised? Annualized Rate of Occurrence Exposure factor Annualized Loss Expectancy Single Loss Expectancy
B
What is the greatest threat to the confidentiality of data in most secure organizations? Operator error Portable devices Malware Hacker intrusion
B
What is the mandatory access control equivalent to the discretionary access control mechanism known as the principle of least privilege? Separation of duties Need to know Clearance Ownership
B
What is the most common form of host-based IDS that employs signature or pattern matching detection methods? Motion detectors Anti-virus software Firewalls Honey pots
B
What is the most common means of virus distribution? Floppy disks E-mail Commercial software CDs Downloading music files from the Internet
B
What is the most common method of facility based fire detection systems? Flame actuated Fixed temperature Ionization detection Rate of rise
B
What is the most common type of host-based intrusion detection system (IDS)? Honey pots or padded cells Anti-virus software Firewalls Penetration or vulnerability testing
B
What is the most essential element necessary to support and maintain your IT network? Access to patches and updates Electricity A security template Trained users
B
What is the most widely deployed VPN technology? TCP/IP (Transmission Control Protocol/Internet Protocol) IPSec (Internet Protocol Security) RADIUS (Remote Authentication Dial-in User Service) PPTP (Point to Point Tunneling Protocol)
B
What is the primary difference between provisional and full accreditation? One is conditional on the nature of the mission or goals of the organization, one is independent of any such factors. One is temporary and requires specific changes, the other is permanent and does not require additional changes. One is based on low-end systems, the other is based on high-end systems. One is focused on individual systems comprising an environment, while the other provides a site accreditation for all systems in a specific geographic location.
B
What is the primary distinguishing characteristic between a worm and a logic bomb? Spread via e-mail Self-replication Masquerades as a useful program Incidental damage to resources
B
What is the primary purpose of a library-based inventory control for removable media in a secured facility? Keep media costs to a minimum Thwart data confidentiality breaches Prevent theft of media for personal use Protect against users installing software
B
What is the primary purpose of change control? Increase security Prevent unmanaged change Keep senior management apprised of the organization's state of security Create detailed documentation
B
What is the primary purpose or point in calculating the ALE (annualized loss expectancy) for every individual asset and every individual risk facing those assets? Making budgetary plans Prioritize focus of countermeasure selection Designing media spin techniques to use in the event of a loss Estimating insurance coverage needs
B
What is the primary security vulnerability of networking systems using 802.11 technology as opposed to non-802.11 networks? Denial of service Eavesdropping Limited bandwidth Replay attacks
B
What is the primary use of tunneling? Protecting passwords Supporting private traffic through a public communication medium Improving communication throughput Deploying thin clients on a network
B
What is the process called when a new employee has a user account created when the secured environment uses fingerprint scanners as an authentication factor? Polyinstantiation Enrollment Accreditation Registration
B
What is the source of common laws? Administrative agencies Judicial branch of the government Legislative branch of government Grassroots efforts of the community
B
What is the threat called when a user can learn information from a higher level of security than that which they are cleared to access based solely on extrapolation from a single database entry? Contamination Inferencing Salami attack Aggregation
B
What job role has the task of verifying that personnel are performing their work tasks in compliance with security policies? Owner Auditor InfoSec Officer Custodian
B
What other security design activity is similar to business impact analysis (BIA)? Violation analysis Risk analysis Intrusion detection Availability protection implementation
B
What security mechanism uses a unique list for each object embedded directly in the object itself that defines which subjects have access to certain objects and the level or type of access allowed? Hashing User ACL Kerberos Mandatory access control
B
What type of access control focuses on assigning privileges based on security clearance and data sensitivity? TBAC (Task-based Access Control) MAC (Mandatory Access Control) RBAC (Role-based Access Control) DAC (Discretionary Access Control)
B
When a building collapses, what security aspect of your environment and hosted data is lost? Authenticity Availability Integrity Confidentiality
B
When a penetration test is to be performed against an environment with senior management approval by a zero knowledge team, who needs to be informed of the impending attack? Department managers Senior staff End users Security staff
B
When duplicating a drive for forensic investigative purposes, which of the following copying methods is most appropriate? Drive mirroring Bit-level cloning Active sector cloning File-by-file copying
B
When first deploying a new system in a secure environment, which of the following is the best baseline to start from? Pre-configured access controls based on a vendor-supplied template Default no access to everyone Default full access to everyone Inherited access controls from a master system
B
When recovery is being performed due to a disaster, what services are to be stabilized first? Outside communications Mission-critical Least business-critical Financial support
B
Which VPN protocol typically employs IPSec as its data encryption mechanism? L2F (Layer 2 Forwarding Protocol) L2TP (Layer 2 Tunneling Protocol) PPTP (Point to Point Tunneling Protocol) PPP (Point to Point Tunneling Protocol)
B
Which area of a typical organization should be the most restricted area? Administrative offices Data server room Human resource department Cubical farm
B
Which document, that a user must read and sign, eliminates the false assumption of privacy on a secure network? Business continuity plan Acceptable use Security guideline Security template
B
Which form of authentication solution employs a hashed form of the user's password that has an added time stamp as a form of identity? Certificates Kerberos Biometrics Directory Service
B
Which is performed last (as opposed to earlier in the implementation process of a secure environment)? Risk management Security assessment System implementation Obtaining senior management approval
B
Which of the following best describes the ping of death? Sending multiple spoofed ICMP packets to the victim An ICMP packet that is larger than 65,536 bytes Partial IP packets with overlapping sequencing numbers Redirecting echo responses from an ICMP communication
B
Which of the following can be used to stop piggybacking that has been occurring at a front entrance where employees should swipe their smart cards to gain entry? Use key locks rather than electronic locks Deploy a mantrap Use weight scales Install security cameras
B
Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity? Replay attack Spam Sniffing Impersonation
B
Which of the following is a benefit of security guards? Require illness absence and vacation compensation Offer incident adjusted responses Can be a target of social engineering attacks Do not fully understand nor support company wide security efforts
B
Which of the following is a privately controlled portion of a network that is accessible to some specific external entities? Intranet Extranet Internet MAN
B
Which of the following is best suited to detect perimeter breach rather than interior motion detection? Ultrasonic sensor Photoelectric sensor Heat sensing sensor Wave pattern sensor
B
Which of the following is most vulnerable to a brute force attack? Two-factor authentication Password authentication Biometric authentication Challenge-response token authentication
B
Which of the following is not a VPN tunnel protocol? IPSec RADIUS L2TP PPTP
B
Which of the following is not a countermeasure against dictionary attacks? Using three or four different keyboard character types (i.e. lowercase, uppercase, numerals, and symbols) Using short passwords Avoiding industry acronyms Avoiding common words
B
Which of the following is not a form of biometric? Retina scan Token device Face recognition Fingerprint
B
Which of the following is not a method of detecting an intruder as they gain access to your building? Capacitance change detectors Cable locks on portable devices Dry contact switches Laser tripwires
B
Which of the following is not a protection against collusion? Two-man control Cross training Principle of least privilege Separation of duties
B
Which of the following is not a requirement to obtain a search warrant? Probable cause that evidence exists at a specific location Written permission of the accused to search their premises Expectation that evidence of a crime exists Probable cause that a crime has been committed
B
Which of the following is not a true statement about computer crime evidence? It may require an expert to collect and protect It never requires a search warrant It is often easily destroyed or lost It is often intangible
B
Which of the following is not an effective or reasonable safeguard to implement on network clients in order to reduce the risk of virus infection? Scan e-mail attachments System isolation Disable removable drives User behavior modification
B
Which of the following is not an example of wireless networking communications? 2.4GHz radio waves DSL Infrared 802.1x
B
Which of the following is the best protection against security violations? Fortress mentality Bottom up decision making Defense in depth Monolithic security
B
Which of the following is the correct order of a standard or basic government classification scheme? Public, for official use only, confidential, sensitive, private, classified Unclassified, sensitive, classified, secret, top secret Top secret, secret, restricted, classified, sensitive, unclassified Public, for internal use only, proprietary, private
B
Which of the following is the least effective power loss protection for computer systems? Uninterruptible power supply Surge protector Backup power generator Secondary power source
B
Which of the following is the least secure activity when performing voice communications? Using a VOIP system Using your cell phone while in a public place Using an encrypted PBX Using a cell phone with a PKI SID card
B
Which of the following is the most effective protection against IP packet spoofing on a private network? Host-based IDS Ingress and egress filters Digital signatures Anti-virus scanners
B
Which of the following is the worst option for obtaining a value for EF (Exposure Factor) and/or ARO (Annualized Rate of Occurrence)? Purchase from a risk management organization Educated guess Estimate from internal organizational historical records Obtain from open source risk management groups who perform statistical analysis on public records about compromises
B
Which of the following items is not considered an improvement to the security of a system? Requiring multi-factor authentication The presence of a removable hard drive Use of encrypted communication protocols Enforcing strong password policies
B
Which of the following protocols is most likely to be used when connecting into an extranet? HTTP IPSec MPPP NetBIOS
B
Which of the following should not be performed when collecting evidence of a computer crime? Photograph the images on monitors Gracefully power down computers Collect all printouts Collect all removable media
B
Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack? Split Knowledge team Zero knowledge team Full knowledge team Partial knowledge team
B
Which type of password attack employs a list of pre-defined passwords that it tries against a logon prompt or a local copy of a security accounts database? Salami Dictionary Asynchronous Brute force
B
Which types of laws are based on precedent? Statutory law Common law Civil law Islamic law
B
Who should be allowed to enter into the mission-critical server room? Any and all administrators Only administrators with specific work tasks Any user Only senior management
B
Who should not be informed when a significant security breach has occurred? Recovery team End users Law enforcement Senior management
B
Why it is important to inspect the slack space of a hard drive? It contains a copy of every file ever stored on the drive It could contain hidden or deleted data It contains the master file directory It is where all criminals hide their secret plans
B
Your company security policy requires separation of duties for all network security matters. Which of the following scenarios best describes this concept? Security policy authors may never fraternize with system administration personnel The sysadmin configures remote access privileges and the CISO reviews and activates each account Only the CISO can implement new border router rulesets Every change to the default sysimage requires concurrent processing by multiple domain controllers
B
Which of the following are examples of social engineering? (Select two.) War dialing Dumpster diving Shoulder surfing Port scanning
B & C
What actions can a typical passive Intrusion Detection System (IDS) take when it detects an attack? (Select two.) LAN-side clients are halted and removed from the domain An alert is generated and delivered via e-mail, the console, or an SNMP trap The IDS configuration is changed dynamically and the source IP address is banned The IDS logs all pertinent data about the intrusion
B & D
Which of the following routing protocols is used by routers on the Internet for learning and sharing routes?
BGP
What does a differential backup do during the backup
Back up all files with the archive bit set; does not reset the archive bit
After an intrusion has occurred and the intruder has been removed from the system, which of the following is the best next step or action to take
Back up all logs and audits regarding the incident
After an intrusion has occurred and the intruder has been removed from the system, which of the following is the best next step or action to take?
Back up all logs and audits regarding the incident
Developers in your company have created a Web application that interfaces with a database server. During development, programmers created a special user account that bypasses the normal security. What is this an example of?
Backdoor
Which of the following are typically associated with human resource security policies? (Select two.)
Background checks Termination
Which of the following is an important aspect of evidence gathering
Backing up all log files and audit trails
Which of the following is an important aspect of evidence gathering?
Backing up all log files and audit trails
What does an incremental backup do during the backup
Backs up all file with the archived bit set; resets the archive bit.
What does an differential backup do during the backup?
Backs up all files with the archive bit set; does not reset the archive bit.
What does an incremental backup do during the backup?
Backs up all files with the archive bit set; resets the archive bit.
What should you do (if possible) before flashing the BIOS? (Select two.)
Backup CMOS settings. Connect the computer to a UPS.
Network based intrusion detection is most suited to detect and prevent which types of attacks?
Bandwidth-based denial of service
You are concerned about the amount of traffic that passed through a router on your network. You want to see how the amount of traffic has changed over time. Which document would help in identifying past average network traffic?
Baseline
You are in the habit of regularly monitoring performance statistics for your devices. You find that this month a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect the change?
Baseline
You are concerned about the amount of traffic that passed through a router on your network. You want to see how the amount of traffic has changed over time. Which document would help in identifying past average network traffic?
Baseline.
You are in the habit of regularly monitoring performance statistics for your devices. You find that this month a specific server has averaged a higher number of active connections than last month. Which type of document should you update to reflect the change?
Baseline.
When duplicating a drive for forensic investigation purposes, which of the following copying methods is most appropriate
Bit-level cloning
When duplicating a drive for forensic investigative purposes, which of the following copying methods is most appropriate?
Bit-level cloning
You want a security solution that protects the entire hard drive, preventing access even when it is moved to another system. Which solution would you choose
BitLocker
Which of the following are performed by proxies?
Block employees from accessing certain Web sites. Cache web pages.
Which of the following functions are performed by proxies? (Select two.)
Block employees from accessing certain Web sites. Cache web pages.
Which of the following algorithms are used in symmetric encryption (Select three.)
Blowfish, AES, 3DES
Which of the following sends unsolicited business cards and messages to a Bluetooth device?
Bluejacking
You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standards could the network be using? (Select two.)
Bluetooth 802.11b
You are troubleshooting a wireless issue in a small office. You determine that the 2.4 GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the flowing wireless standards could the network be using?(select two)
Bluetooth, 802.11b
Which of the following lists of devices is a list of Layer 2 devices?
Bridge, network interface card, switch
An attacker is conducting passive reconnaissance on a targeted company. Which of the following could he be doing? (#2)
Browsing the organization's website.
Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack?
Buffer overflow
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?
Buffer overflow
Which type of attack is the act of exploiting a software program's free acceptance of input in order to execute arbitrary code on a target?
Buffer overflow
In business continuity planning, what is the primary focus of the scope
Business processes
In business continuity planning, what is the primary focus of the scope?
Business processes
The phone line to one office is not working. You have identified the location of the phone line in a 66 block in the wiring closet. what tool do you use to connect to the phone line at the punchdown block to see if yuo can make and receive calls?
Butt set
The phone line to one office is not working. You have identified the location of the phone line in a 66 block in the wiring closet. Which tool would you use to connect to the phone line at the punch down block to see if you can make and receive calls?
Butt set.
The phone line to one office is not working. You have identified the location of the phone line in a 66 block in the wiring closet. Which tool would you use to connect to the phone line at the punchdown block to see if you can make or receive calls?
Butt set.
A Smurf attack requires all but which of the following elements to be implemented? Attacker system Amplification or bounce network Padded cell Victim computer or network
C
A disaster recovery plan should include all but which of the following? Risk assessment Criticality prioritization Penetration testing Documented resource dependencies
C
A recreation of historical events is made possible through? Penetration testing Incident reports Audit trails Audits
C
A smart card can be used to store all but which of the following items? Cryptography keys Identification codes Biometric template original Digital signature
C
A virtual LAN can be created using which of the following? Router Gateway Switch Hub
C
After an external auditor has submitted the final audit report back to the organization, who is responsible for implementing the recommendations in that report? Internal auditors InfoSec officers Senior management End users
C
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack? Replay Backdoor Denial of Service Spamming
C
As the victim of a Smurf attack, what protection measure is the most effective during the attack? Blocking all attack vectors with firewall filters Turning off the connection to the ISP Communicating with your upstream provider Updating your anti-virus software
C
By what means do ActiveX controls indicate where they originated from? Execution pathname Source code Digital signature URL
C
CHAP (Challenge Handshake Authentication Protocol) performs which of the following security functions? Links remote systems together Protects usernames Periodically verifies the identity of a peer using a three-way handshake Allows the use of biometric devices
C
Even if you perform regular backups, what must be done to ensure that you are protected against data loss? Restrict restoration privileges to system administrators Write-protect all backup media Regularly test restoration procedures Store the backup media in an onsite fireproof vault
C
From a corporate perspective, which of the following security services is usually the most important? Redundancy Confidentiality Availability Non-repudiation
C
HIPAA is a set of federal regulations that define security guidelines that enforce the protection of what? Integrity Availability Privacy Non-repudiation
C
IPSec, unlike most security protocols, functions at what layer of the OSI model? Application (Layer 7) Session (Layer 5) Network (Layer 3) Data Link (Layer 2)
C
If an organization shows sufficient due care, which burden is eliminated in the event of a security breach? Liability Asset loss Negligence Investigation
C
If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network? Record audit trails about the intruder Delay the intruder Disconnect the intruder Monitor the intruder's actions
C
In a high security environment, what is the most important concern when a removable media is no longer needed? Purging Re-use Destruction Labeling
C
In a variation of the brute force attack, an attacker may use a predefined list (dictionary) of commonly used usernames and passwords to gain access to existing user accounts. Which countermeasure best addresses this issue? 3DES Encryption AES Encryption A strong password policy VLANs
C
In business continuity planning, what is the primary focus of the scope? Company assets Human life and safety Business processes Recovery time objective
C
In order to verify that an employee has the correct skills for a specific job, what is needed? Annual awareness courses Enforcement of the principle of least privilege Detailed job description Exhaustive system activity logging
C
In the event that a change unintentionally diminishes security, an effective change control process will allow which one of the following responses? Patch implementation Increased logging Rollback Reconstitution
C
In violation analysis, at what point are errors recorded into a log file? At specific periodic time intervals When exceeding 20% When above the clipping level When below the defined threshold
C
In which phase of the system life cycle is security integrated into the product? Software Development Installation Project Initiation Maintenance
C
Once a DITSCAP accreditation is completed and an approval to operate is issued, what mandatory element must be maintained? Job rotation and cross training Role-based access controls Change control management Replacing hardware before reaching its MTTR
C
Once the scope of business continuity planning is defined, what is the next step? Outline response options Estimating downtime Criticality prioritization Identification of resource dependencies
C
Passwords submitted during logon can be encrypted using which of the following? TCP Wrappers L2TP (Layer Two Tunneling Protocol) CHAP (Challenge Handshake Authentication Protocol) Certificates
C
RADIUS (Remote Authentication Dial-In User Service) is primarily used for what purpose? Managing RAID fault-tolerant drive configurations Managing access to a network over a VPN Pre-authenticating remote clients before access to the network is granted Controlling entry gate access using proximity sensors
C
Telnet is inherently insecure because its communications is in plain text and easily intercepted. Which of the following is an acceptable alternative to Telnet? SHTTP (Secure Hypertext Transfer Protocol) SLIP (Serial Line Interface Protocol) SSH (Secure Shell) Remote Desktop
C
The auditing feature of an operating system serves as what form of control when users are informed that their actions are being monitored? Detective Corrective Preventative Directive
C
The security function of auditing the activities of user accounts on a secured system is considered what type of security control? Recovery Corrective Preventative Detective
C
Under regulatory law, who can be punished? Both the officers and the stockholders Only the officers Both the organization and the officers Only the organization
C
What are the most common network traffic packets captured and used in a replay attack? DNS query File transfer Authentication Session termination
C
What category (CAT) level of UTP cable is rated to support 100 Mbps of throughput at a maximum distance of 100 meters? CAT3 CAT4 CAT5 CAT7
C
What does the application of the prudent man rule provide? Security expenditures equating to a specific percentage of company budget Cutting edge security technology Best business practices Deployment of impenetrable security measures
C
What form of water-based fire suppression system is most suitable for a data center where your mission critical servers are located? Wet pipe Dry pipe Preaction Deluge
C
What forms of analysis are used in a true business impact analysis? Qualitative Quantitative Both quantitative and qualitative Neither quantitative or qualitative
C
What is a form of learning that is designed for groups of employees with similar job roles and which is usually offered by the organization directly? Awareness Certification Training Education
C
What is a program that appears to be a legitimate application, utility, game, or screensaver and that performs malicious activities surreptitiously? Outlook Express Worm Trojan horse ActiveX control
C
What is another term to describe the attacks of impersonation or spoofing? Session hijacking Inferencing Social engineering Denial of service
C
What is needed to perform certification and/or accreditation? Automated patch management system Mandatory access controls Evaluation criteria Multi-factor authentication
C
What is spoofing? Sending a victim unwanted and unrequested e-mail messages Capturing network packets in order to examine the contents of communications Changing or falsifying information in order to mislead or re-direct traffic Spying into private information or communications
C
What is the first step in developing a security plan? Selecting countermeasures and safeguards Deploying security measures Performing a risk assessment Getting senior management signoff
C
What is the most important element related to evidence in addition to the evidence itself? Photographs of the crime scene Completeness Chain of custody document Witness testimony
C
What is the official department of defense accreditation process called? National Information Assurance Certification and Accreditation Process Trusted Computer System Evaluation Criteria Defense Information Technology Security Certification and Accreditation Process Common Criteria
C
What is the primary countermeasure to social engineering? Heavy management oversight Traffic filters Awareness A written security policy
C
What is the primary difference between STP and UTP? Number of wires within the cable Number of twists per inch Foil Throughput capability
C
What is the primary means by which supervisors can determine whether or not employees are complying with the organization's security policy? Keystroke logging Awareness sessions Auditing Job action warnings
C
What is the primary purpose of data classification? Assigning value Justification of security expense Defining needed security protections Controlling user access
C
What is the primary purpose of imposing software life cycle management concepts? Reduce product returns Increase interoperability Increase the quality of software Decrease development overhead
C
What is the primary purpose of penetration testing? Evaluate newly deployed firewalls Assess the skill level of new IT security staff Test the effectiveness of your security perimeter Infiltrate a competitor's network
C
What is the worst place to position mission-critical servers in areas with excessive snowfall? Middle of the building Ground floor Basement First floor
C
What security mechanism can be used to detect attacks originating on the Internet or from within an internal trusted subnet? Biometric system Security alarm IDS Firewall
C
When a business continuity plan is triggered, what is one of the most commonly used recovery techniques? Redesign topology and physical layout Change WAN connection service providers Restore files from backup Reconfigure DNS
C
When a claim is made that privacy has been violated, what security feature has usually been violated as well? Availability Integrity Confidentiality Authenticity
C
When a photo ID is used, which of the following is not possible? An appraisal of the general look and vibe of a visitor Looking up of the person's name on an access roster Automated identity verification Comparison of the photo with the person
C
When a security assessment is being performed, what type of testing group is going to provide the most unbiased review? Full-knowledge team Partial-knowledge team Zero-knowledge team Blackhat-knowledge team
C
When an unauthorized person enters into a mantrap, what is the desired result? Automatic release back into the public area Allowing the interior lock to be disabled in less than 15 minutes Apprehension of the person by authorities Valid authorization which unlocks the interior door
C
When developing the totality of security policy documentation, what type of policy document will contain instructions or information on remaining in compliance with regulations and industry standards? Procedures Top-level policy Standards Guidelines
C
When does the salvage team start their work? Immediately after the disaster occurs Within 48 hours after the disaster Only when it is deemed safe to return to the primary site Only after the recovery team's tasks are complete
C
When hiring new personnel, what must come first? Resume review Background check Job description Budgetary review
C
When returning to the rebuilt primary site, the salvage team will restore or return what processes first? External communication Mission-critical Least business-critical Financial services
C
When the issue of "tort reform" is discussed, what form of law is being focused on for improvement or change? Islamic Administrative Civil Criminal
C
Which form of alternate site is the cheapest, but may not allow an organization to recover before reaching their maximum tolerable downtime? Warm site Hot site Reciprocal agreement Service bureau
C
Which is not a true statement in regards to a decision support system? A decision support system assists with making business decisions. A decision support system often presents information graphically. A decision support system is based upon a neural network. A decision support system is an operational application.
C
Which is the most common cause of unplanned downtime? Human error Power loss Equipment failure Misconfiguration
C
Which of the following best describes the ping of death? Sending multiple spoofed ICMP packets to the victim Partial IP packets with overlapping sequencing numbers An ICMP packet that is larger than 65,536 bytes Redirecting echo responses from an ICMP communication
C
Which of the following can be an impedance to supporting high availability? Clustered servers Redundant high-speed communication links A primary firewall Switched networks
C
Which of the following can be defined as a WAN to support VPNs? DMZ Extranet Internet Intranet
C
Which of the following can you be sure of when allowing a signed applet to execute on your system? The applet will not cause a system crash The applet was written efficiently The applet is from its reputed source The applet was developed using quality development processes
C
Which of the following describes a logic bomb? A program that appears to be a legitimate application, utility, game, or screensaver which performs malicious activities surreptitiously A program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found A program that performs a malicious activity at a specific time or after a triggering event A type of malicious code, similar to a virus, whose primary purpose is to duplicate itself and spread, while not necessarily intentionally damaging or destroying resources
C
Which of the following describes a man-in-the-middle attack? A person over the phone convinces an employee to reveal their logon credentials. An IP packet is constructed which is larger than the valid size. A false server intercepts communications from a client by impersonating the intended server. Malicious code is planted on a system where it waits for a triggering event before activating.
C
Which of the following has the greatest affect on the level of physical boundary protections and defenses that can be erected around a facility? Road accessibility Need to blend in and obtain obscurity Residential area proximity Visibility and line-of-site issues caused by the terrain
C
Which of the following is a failure of confidentiality protection? Unauthorized intruder is unable to delete a file Authorized user is unable to access the home directory of another user Authorized user is able to delete a system file Unauthorized intruder is allowed to open no data files
C
Which of the following is a form of denial of service attack that subverts the TCP three-way handshake process by attempting to open numerous sessions on a victim server but intentionally failing to complete the session by not sending the final required packet? Ping of death Teardrop SYN attack Session hijacking
C
Which of the following is a valid formula for ALE (Annualized Loss Expectancy)? EF x SLE (Exposure Factor x Single Loss Expectancy) ARO x AV (Annualized Rate of Occurrence x Asset Value) ARO x EF x AV (Annualized Rate of Occurrence x Exposure Factor x Asset Value) EF X SLE x AV (Exposure Factor x Single Loss Expectancy x Asset Value)
C
Which of the following is an important aspect of evidence gathering? Purging transaction logs Restoring damaged data from backup media Backing up all log files and audit trails Monitoring user access to compromised systems
C
Which of the following is considered a backdoor? An unattended active workstation An entry gate with a broken lock The CON port on the back of a router A weak password
C
Which of the following is defined as a contract which prescribes the technical support or business parameters that a provider will bestow to its client? Mutual aid agreement Certificate practice statement Service level agreement Final audit report
C
Which of the following is not a part of the ISC2 Code of Ethics? All CISSP candidates should protect society, the commonwealth, and the infrastructure All CISSP candidates should adhere to the highest ethical standards of behavior All CISSP candidates are required by law to uphold the ISC2 Code of Ethics A condition of CISSP certification is adherence to the ISC2 Code of Ethics
C
Which of the following is not a standard component of an electronic access control lock? Credential reader Door-closed sensor with timeout alarm Video camera Electromagnetic lock
C
Which of the following is not a term associated with availability protection? Adequate performance Sufficient throughput Changelessness Timeliness
C
Which of the following is not a valid category of locks that use a physical key? Conventional Preset Shimming-proof Pick-resistant
C
Which of the following is not a valid concept to associate with integrity? Ensure your systems record the real information when collecting data Protect your environment so it maintains the highest source of truth Control access to resources to prevent unwanted access Prevent the unauthorized change of data
C
Which of the following is not a valid security practice for visitors to a secured facility? Verify approval from senior management of the visitor's appointment Notify security personnel of the visitor's presence and purpose Allowed to roam the environment alone Sign in with valid picture ID
C
Which of the following is not a valid security precaution for voice communications? Classification of data and resources Asking for proof of a caller's identity Changing of passwords based upon voice only request Prevention of communication of sensitive data over the phone
C
Which of the following is not an example of a physical barrier access control mechanism? Biometric locks Fences One-time passwords Mantrap
C
Which of the following is not an option to perform on software after the end of its Maintenance phase from the software life cycle? Retire Replace Release Revise
C
Which of the following is not provided by e-mail security based on encryption? Confidentiality Non-repudiation Availability Integrity
C
Which of the following is not true regarding cookies? They can aid a hacker in spoofing a user's identity They can retain connection and session information They operate within a security sandbox They can collect user information
C
Which of the following is the best countermeasure against man-in-the middle attacks? MIME e-mail PPP IPSec UDP
C
Which of the following is the best device to deploy to protect your private network from a public untrusted network? Hub Router Firewall Gateway
C
Which of the following is the best protection against security violations? Fortress mentality Bottom up decision making Defense in depth Monolithic security
C
Which of the following is the least appropriate response to protect your facility from natural disasters? Earthquake proof the building Install flood protection Select a grandfathered facility Purchase hazard insurance
C
Which of the following is the least effective protection against malicious mobile code? Limiting the features of applet execution Allowing only approved site applets User education and awareness Blocking non-signed applets
C
Which of the following is the least effective protection against zero day malicious code? User education Blocking e-mail attachments Anti-virus software Using hashing to check file changes
C
Which of the following is the most effective protection against IP packet spoofing on a private network? Anti-virus scanners Host-based IDS Ingress and egress filters Digital signatures
C
Which of the following statements about ActiveX is true? ActiveX is programming language dependant. ActiveX is platform independent. ActiveX controls are saved to the hard drive. ActiveX operates within a security sandbox.
C
Which of the following statements is not true? Accidental release of a suppression medium can be more damaging than an actual fire. Even without a major fire, smoke damage can be significant. Paper products are only damaged at or above 451 degrees Fahrenheit. Loss of cooling systems can result in server hardware damage.
C
Which remote access authentication protocol periodically and transparently re-authenticates during a logon session by default? Certificates PAP CHAP EAP
C
Which security context is used when an ActiveX control is downloaded from a Web site to a client system? The system level security context A restricted security context limited to the Web browser The security contexts of the current user account The original security context of the Web server process
C
Which statement best describes IPSec when used in tunnel mode? Packets are routed using the original headers, only the payload is encrypted The identities of the communicating parties are not protected The entire data packet, including headers, is encapsulated IPSec in tunnel mode may not be used for WAN traffic
C
Which type of cable is most resistant to tapping and eavesdropping? 10Base2 10BaseT Fiber optic ThickNet
C
Who is assigned the task of judging the security of a system or network and granting it an approval to operate? InfoSec officer Custodian Designated Approving Authority Senior management
C
Who is generally in charge of assessing the state of security on a regular basis? Senior management Custodian Auditor InfoSec officer
C
Who is responsible for performing the steps of the business continuity plan or disaster recovery plan in the event of an emergency? Security officers Salvage team Recovery team Senior management
C
Why should backup media be stored offsite? To reduce the possibility of theft It is a government regulation To prevent the same disaster from affecting the both network and the backup media It improves the efficiency of the restoration process
C
A Service Level Agreement (SLA) defines the relationship between, and the contractual responsibilities of, providers and recipients of services. Which of the following characteristics are most important when designing an SLA? (Select two.) Industry standard templates are used, without deviation, for all SLAs to ensure corporate compliance Employee vetting procedures are never applied to contract labor Detailed provider responsibilities for all continuity and disaster recovery mechanisms Clear and detailed descriptions of penalties if the level of service is not provided
C & D
Which of the following activities are considered passive in regards to the functioning of an intrusion detection system? (Choose two.) Transmitting FIN or RES packets to an external host Disconnecting a port being used by a zombie Monitoring the audit trails on a server Listening to network traffic
C & D
Which of the following is a disadvantage of biometrics? (Choose two.) They require time synchronization. They can be circumvented using a brute force attack. They have a potential for numerous false rejections. Biometric factors for identical twins will be the same. When used alone or solely, they are no more secure than a strong password.
C & E
Which of the following statements is true in regards to highly secure and efficient object-oriented programming? Objects which have high cohesion perform tasks alone and have low coupling Objects which have high cohesion require lots of assistance from other objects to perform tasks and have high coupling Objects which have low cohesion require lots of assistance from other objects to perform tasks and have high coupling Objects which have low cohesion perform tasks alone and have low coupling
A
Which of these hazards is likely to have the least effect on the facility's physical security? Activist protests Earthquakes Floods Excessive snowfall
A
Which phase or step of a security assessment is a passive activity? Reconnaissance Privilege escalation Enumeration Vulnerability mapping
A
Which security principle prevents any one administrator from having sufficient access to compromise the security of the overall IT solution? Separation of duties Principle of least privilege Dual administrator accounts Need to know
A
Which type of activity changes or falsifies information in order to mislead or re-direct traffic? Spoofing Sniffing Spamming Snooping
A
Who has the responsibility for the development of a security policy? Senior management Security administrator Human resources supervisor Site manager A
A
Who has the responsibility to return the organization back to normal operations after a disaster has occurred? Salvage team Recovery team Security officers Senior management
A
Who is responsible for placing objects in the correct security container/domain based upon the object's assigned classification? Custodian InfoSec officer Senior management Owner
A
You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this? Chain of custody FIPS-140 Rules of evidence CPS (certificate practice statement)
A
The default root directory of the Microsoft Internet Information Services (IIS) Web server is ____.
C:\Inetpup/wwwroot
A(n) ____ serves as the trusted third-party agency that is responsible for issuing the digital certificates.
CA
Using video cameras to transmit a signal to a specific and limited set of receivers is called ____.
CCTV
Which of the following authentication protocols uses a three-way handshake to authenticate users to the network? (Choose two)
CHAP, MS-CHAP
Certificates can be invalidated by the trusted third-party that originally issued the certificate. What is the name of the mechanism that is used to distribute information about invalid certificates
CRL
Which of the following generates the key pair used in asymmetric cryptography
CSP
What must install between your network and a T1 line for your network to use the T1 line?
CSU/DSU
What must you install between networks and a T1 line for your networks to use the T1 line?
CSU/DSU
Which of the following devices is used on a WAN to convert synchronous serial signals into digital signals?
CSU/DSU
Which of the following services are available regardless of whether the telephone company network is available?
Cable modem
Which of the following functions are performed by proxies? (select two)
Cache web pages, Block employees from accessing certain websites.
Which of the following fire extinguisher suppressant types is best use for electrical fires that might result when working with computer components
Carbon dioxide (CO2)
Which of the following fire extinguisher suppressant types is best used for electrical fires that might result when working with computer components?
Carbon dioxide (CO2)
Cabling that is UTP, that contains four wire pairs, and that can support up to 16 Mbps throughput is:
Cat 4
You're responsible for implementing network cabling in a new Gigabit Ethernet network installation. The cabling will be installed in a manufacturing environment where there is a great deal of electromagnetic interference (EMI). Which type of cabling would operate best in this environment? (Choose two.)
Category 5 shielded twisted pair cable Fiber-optic cable
You're responsible for implementing network cabling in a new Gigabit Ethernet network installation. The cabling will be installed in a manufacturing environment where there is a great deal of electromagnetic interference (EMI). Which type of cabling would operate best in this environment (Choose two.)
Category 5 shielded twisted pair cable, Fiber-optic cable
In what form of key management solution is key recovery possible
Centralized
Which of the following are advantages of virtualization? (Select two.)
Centralized administration Easy migration of systems to different hardware
Which of the following conditions does not result in a certificate being added to the certificate revocation list
Certificate expiration
You manage a network that uses 1000BaseT Ethernet. You find that one device communicates on the network at only 100 Mbps. Which tool should you use to test the drop cable and the connection to the network?
Certifier
You manage a network that uses 1000BaseT Ethernet. You find that one device communicates on the network at only 100 Mbps. Which tool should you use to test the drop cable and the connection to the network?
Certifier.
You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this
Chain of custody
You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this?
Chain of custody
What is the most important element related to evidence in addition to the evidence itself
Chain of custody document
What is the most important element related to evidence in addition to the evidence itself?
Chain of custody document
You are troubleshooting a workstation connection to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update?
Change documentation
Your organization has three different levels of security classification for its workers. Which is the best method to prevent shoulder surfing between different classification levels. Separate work areas by floor-to-ceiling walls with locked doors Use cubicles with three different color-coded areas for the three classification levels Have regular awareness meetings to discuss the problem of disclosure Point all monitors away from doorways and entrances
A
You are troubleshooting a workstation to the network. During your troubleshooting, you replace the drop cable connecting the computer to the network. Which type of document should you update?
Change documentation.
You plan to implement a new security device on your network. Which of the following policies outlines the process you should follow before implementing that device?
Change management
What is spoofing?
Changing or falsifying information in order to mislead or re-direct traffic.
Which of the following methods can be used to secure modem-based remote access connections? (Select two.) Callback War dialing Caller ID Reverse PBX
A & C
An active IDS system often performs which of the following actions? (Select two.) Perform reverse lookups to identify an intruder Trap and delay the intruder until the authorities arrive Request a second logon test for users performing abnormal activities Update filters to block suspect traffic
A & D
How can an organization help prevent social engineering attacks? (Select two.) Educate employees on the risks and countermeasures Implement IPSec on all critical systems Utilize 3DES encryption for all user sessions Publish and enforce clearly-written security policies
A & D
root server
A DNS server maintained by ICANN and IANA that it is an authority on how to contact top-level domains, such as those ending with .com, .edu, .net, .us, and so on. ICANN oversees the operation of 13 root servers around the world.
TFTP (Trivial File Transfer Protocol)
A TCP/IP Application layer protocol that enables file transfers between computers. Unlike FTP, it relies on UDP at the Transport layer and does not require a user to log on to the remote host.
ifconfig
A TCP/IP configuration and management utility used with UNIX and Linux systems.
IGMP (Internet Group Management Protocol or Internet Group Multicast Protocol)
A TCP/IP protocol used to manage multicast transmissions. Routers use this to determine which nodes belong to a multicast group, and nodes use this to join or leave a multicast group.
PING (Packet Internet Groper)
A TCP/IP troubleshooting utility that can verify that TCP/IP is installed, bound to the NIC, configured correctly, and communicating with the network. This uses ICMP to send echo request and echo reply messages that determine the validity of an IP address.
Select the statement that best describes a broadcast storm.
A broadcast storm occurs when there are so many broadcast messages on the network that they approach or exceed the network bandwidth.
what is a broadcast storm?
A broadcast storm occurs when there are so many broadcast messages on the network that they approach or exceed the network bandwidth.
Select the statement that best describes a broadcast storm.
A broadcast storm occurs where there are many broadcast messages on the network that they approach or exceed the network bandwidth.
label
A character string that represents a domain (either top-level, second-level, or third-level).
network class
A classification for TCP/IP-based networks that pertains to the network's potential size and is indicated by an address's network ID and subnet mask. Network Classes A, B, and C are commonly used by clients on LANs; network Classes D and E are reserved for special purposes.
H.323 zone
A collection of H.323 terminals, gateways, and MCU's that are managed by a single H.323 gatekeeper.
You have just finished upgrading the CPU in your desktop system. After running the system for about 15 minutes, the system spontaneously shuts down. What should you do first to troubleshoot the problem? (Select two.)
Check the thermal shutdown threshold in the BIOS. Check the CPU fan power.
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Circuit-level
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
Circuit-level.
Which type of network establishes a dedicated connection between two hosts who need to communicate on the network, not allowing any other host to use the medium until the communication is complete?
Circuit-switched
Zeroconf (Zero Configuration)
A collection of protocols designed by the IETF to simplify the setup of nodes on a TCP/IP network. It assigns a node an IP address, resolves the node's host name and IP address without requiring a DNS server, and discovers services, such as print services, available to the node, also without requiring a DNS server.
RTCP (Real-time Transport Control Protocol)
A companion protocol to RTP, defined in RFC 3550 by the IETF, RTCP provides feedback on the quality of a call or videoconference to its participants.
Which of the following are disadvantages to server virtualization? A compromise of the host system might affect multiple servers. Increased hardware costs. Systems are isolated from each other and cannot interact with other systems. A compromise of a guest system might affect multiple servers.
A compromise of the host system might affect multiple servers.
MCU (multipoint control unit)
A compter that provides support for multiple H.323 terminals (for example, serveral workstations participating in a videoconference) and manages communication between then. An MCU is also known as a video bridge.
softphone
A computer configured to act like an IP telephone. Softphones present the caller with a graphical representation of a telephone dial pad and can connect to a network via a LAN, WAN, PPP dial-up connection, or leased lined.
MGC (Media Gateway Controller)
A computer that manages multiple media gateways and facilitates the exchange of call control information between these gateways.
ARP (Address Resolution Protocol)
A core protocol in the TCP/IP suite that belongs in the Network layer of the OSI model. It obtains the MAC (physical) address of a host, or node, and then creates a local database that maps the MAC address to the host's IP (logical) address.
RARP (Reverse Address Resolution Protocol)
A core protocol in the TCP/IP suite that belongs in the Network layer of the OSI model. It relies on a RARP table to associate the IP (logical ) address of a node with its MAC (physical) address. It can be used to supply IP addresses to diskless workstations.
ICMP (Internet Control Message Protocol)
A core protocol in the TCP/IP suite that notifies the sender that something has gone wrong in the transmission process and that packets were not delivered.
UDP (User Datagram Protocol)
A core protocol in the TCP/IP suite that sits in the Transprot layer of the OSI model. It is a connectionless transport service.
TCP (Transmission Control Protocol)
A core protocol of the TCP/IP suite. TCP belongs to the Transport layer and provides reliable date delivery sevices.
toll bypass
A cost-saving benefit that results from organizations completing long-distance telephone calls over their packet-switched networks, thus bypassing tolls charged by common carriers on comparable PSTN calls.
ARP table
A database of records that maps MAC addresses to IP addresses. It is stored on a computer's hard disk where it is used by the ARP utility to supply the MAC addresses of network nodes, given their IP addresses.
Which of the following would you find on a CPS
A declaration of security that the organization is implementing for all certificates
Which type of network establishes a dedicated physical connection between two hosts who need to communicate on the network, not allowing any other host to use the medium until the communication is complete?
Circuit-switched
Consider the following IP address. 1. 124.77.8.5 2. 131.11.0.9 3. 190.66.250.10 4. 196.5.89.44 Which list represents the IP address class of each listed IP address?
Class 1, Class B, Class B, Class C.
Which of the following fire extinguisher types is best used for electrical fires that might result when working with computer components?
Class C
Which of the following fire extinguishers types is best for electrical fires that might result when working with computer components
Class C
Which of the following are often synonymous with or made possible by CIDR?
Classless VLSM
You manage a server that uses an IP address of 192.168.255.188 with a mask of 255.255.0.0. Which of the following describes the address type?
Classless.
Which of the following are disadvantages to server virtualization? A failure in one hardware component could affect multiple servers A compromise of a guest system might affect multiple servers Increased hardware costs Systems are isolated from each other and cannot interact with other systems.
A failure in one hardware component could affect multiple servers.
Which of the following best dedscribes a man-in-the-middle attack?
A false server intercepts communications from a client by impersonating the intended server
What describes a man-in-the-middle attack?
A false server intercepts communications from a client by impersonating the intended server.
Which of the following describes a main-in-the-middle attack?
A false server intercepts communications from a client by impersonating the intended server.
Which of the following describes a man-in-the -middle?
A false server intercepts communications from a client by impersonating the intended server.
Which of the following describes a man-in-the-middle attack?
A false server intercepts communications from a client by impersonating the intended server.
What is a cookie?
A file saved on your hard drive that tracks Web site preferences and use.
media gateway
A gateway capable of accepting connections from multiple devices (for example, IP telephones, traditional telephones, IP fax machines, traditional fax machines, and so on) and translating analog signals into packetized, digital signals, and vice versa.
fax gateway
A gateway that can translate IP fax data into analog fax data and vice versa. A fax gateway can also emulate and interpret conventional fax signaling protocols when communicating with a conventional fax machine.
domain
A group of computers that belong to the same organization and have part of their IP addresses in common.
DNS (Domain Name System or Domain Name Service)
A hierarchical way of tracking domain names and their addresses, devised in the mid-1980s. Its database does not rely on one file or even one server, but rather is distributed over several key computers across the Internet to prevent catastrophic failure if one or a few computers go down. It is a TCP/IP service that belongs to the Application layer of the OSI model.
What is a PKI
A hierarchy of computers for issuing certificates
fully qualified host name
A host name plus domain name. For example, a host belonging to the loc.gov domain might be called Jasmine, making this Jasmine.loc.gov.
Which of the following best describes the content of the CRL
A list of all revoked certificates
socket
A logical address assigned to a specific process running on a computer. Some are reserved for operating system functions.
multicasting
A means of transmission in which one device sends data to a specific group of devices (not necessarily the entire network segment) in a point-to-multipoint fashion.
DDNS (Dynamic DNS)
A method of dynamically updating DNS records for a host. Its client computers are configured to notify a service provider when their IP addresses change, then the service provider propagates the DNS record change across the Internet automatically.
Host
A network device with an IP address.
IPv6 (IP version 6)
A newer standard for IP addressing that will replace the current IPv4 (IP version 4). Most notably, it uses a newer, more efficient header in its packets and allows for 128-bit source and destination IP addresses. The use of longer addresses will allow for many more IP addresses to be in circulation.
alias
A nickname for a node's host name. This can be specified in a local host file.
TTL (Time to Live)
A number that indicates the maximun time that a datagram or packet can remain on the network before it is discarded. Although this field was originally meant to represent units of time, on modern networks it represents the number of router hops a datagram has endured. The TTL for datagrams is variable and configurable, but is usually set at 32 or 64. Each time a datagram passes through a router, its TTL is reduced by 1. When a router receives a datagram with a TTL equal to 1, the router discards that datagram.
subnet
A part of a network in which all nodes share a network addressing component and a fixed amount of bandwidth.
IP-PBX
A private switch that accepts and interprets both analog and digital voice signals (although some IP-PBXs do not accept analog lines). It can connect with both traditional PSTN lines and data networks. An IP-PBX transmits and receives IP-based voice signals to and from other network connectivity devices, such as a router or gateway.
A service level agreement (SLA) defines the relationship between, and the contractual responsibilities of providers and recipients of service. Which of the following characteristics are most important when designing an SLA (Select two)
Clear and detailed description of penalties if the level of service is not provided. Detailed provider responsibilities for continuity and disaster recovery mechanisms.
To help prevent browser attacks, users of public computers should do which of the following?
Clear the browser cache
A code of ethics provides for all but which of the following
Clearly defines course of action to take when a complex issue is encountered.
You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this?
Client-side scripts
When designing a firewall, what is the recommended approach for opening and closing ports?
Close all ports; open only ports required by applications inside the DMZ.
Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service
Clustering
Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service?
Clustering
____ is related to the perception, thought process, and understanding of the user.
Cognitive biometrics
Which of the following is a recovery site that may have electricity connected, but there are no servers installed and no high-speed data lines present
Cold site
Which of the following is a recovery site that may have electricity connected, but there are no servers installed and no high-speed data lines present?
Cold site
When two different messages produce the same hash value, what has occurred
Collision
When two different messages produce the same hash value, what has occurred?
Collision
You manage a network with a single switch. On each switch port, a hub connects multiple devices to the switch. Which condition are you most likely to experience on the network?
Collisions
You manage a single switch. On each switch port, a hub connects multiple devices to the switch. What condition are you most likely to experience on the networks?
Collisions
You manage a network with a single switch. On each switch port, a hub connects multiple devices to the switch. Which condition are you most likely to experience on the network?
Collisions.
Which of the following is not a reason to use subnets on a network?
Combine different media type on to the same subnet.
You have just installed a new keyboard that includes special programmable buttons. You installed the custom driver that came with the keyboard. Now you want to configure what the special keyboard buttons do. Which windows utility wold most likely let you manage these settings?
Control Panel.
Which of the following applications typically use 802.1x authentication? (Select Two)
Controlling access through a switch, Controlling access though a wireless access point
You have a network configured to use the OSPF routing protocol. Which of the following describes the state when OSPF routers have learned about all other routes in the network?
Convergence.
Which of the following is a text file provided by a Web site to a client that is stored on a user's hard drive in order to track and record information about the user?
Cookie
Use of which of the following is a possible violation of privacy?
Cookies
How can a criminal investigator ensure the integrity of a removable media device found while collecting evidence
Create a checksum using a hashing algorithm
You want to store your computer-generated audit logs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future?
Create a hash of each log.
You want to store your computer-generated audits logs in case they are needed in the future examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future
Create a hash of each log.
Which of the following functions are performed by the TPM
Create a hash of system components
Hashing algorithms are use to perform what activity
Create a message digest
Hashing algorithms are used to perform what activity?
Create a message digest
Which statement is not true in regards to business continuity plan development? The BCP defines and prescribes responsibilities, roles, awareness, drills, and prevention techniques The BCP obtains decisions, responses, and instructions from senior management The BCP is a procedural document (a type of security policy) that defines how to respond, perform, and act in the event of an emergency The business impact assessment output is the actual BCP document
D
Who is responsible for assigning a classification to resource and objects? InfoSec officer Custodian Senior management Owner
D
Who is responsible for identifying the value of resources? Auditors Senior management Custodians Owners
D
Who is responsible for initiating the business continuity plan or disaster recovery plan in the event of an emergency? Salvage team Recovery team Security officers Senior management
D
Who is the best person to review a company's security status or condition? Senior management InfoSec officer End users External auditor
D
Why are brute force attacks always successful? They can be performed in a distributed parallel processing environment They are fast They are platform independent They test every possible valid combination
D
Why is security assessment important? It supports the decisions made by senior management. It supports the tenants of previous security expenditures. It is a legal requirement. Untested security is unreliable.
D
Your company is facing a deadline for a major project. You need one specific software application in order to complete the work, but if you order it through typical commercial options it will arrive one week late. You discover the application is available for download through a pirated software FTP site. If the deadline is missed, your company will loose 50% of the contract fee and you may loose your job. What should you do? Demand an extension by lying about a personal family illness or death in order to buy time to obtain the legitimate commercial software Download the pirated version of the software now, but go ahead and purchase the commercial version Download the pirated version of the software now, since you will only need the software for this specific project Purchase the commercial version and ask for an extension by explaining the situation
D
A SYN packet is received by a server. The SYN packet has the exact same address for both the sender and receiver addresses, which is the address of the server. This is an example of what type of attack? Teardrop attack SYN flood Ping of death Land attack
D
A VPN (Virtual Private Network) is used primarily for what purpose? Support the distribution of public Web documents Allow remote systems to save on long distance charges Allow the use of network-attached printers Support secured communications over an untrusted network
D
A honey pot is used for what purpose? To entrap intruders To disable an intruder's system To prevent sensitive data from being accessed To delay intruders in order to gather auditing data
D
A process performed in a controlled environment by a third-party which verifies that an IS meets a specific set of security standards before being granted the approval to operate is known as? Perturbation External auditing Penetration testing Accreditation
D
An attacker monitors the habits of your facility's security guards over several weeks. The attacker learns that there are two security guards that walk around the perimeter of the facility in opposite directions. It takes both guards approximately 25 minutes to circumnavigate the property. There is a location near the right front corner of the building that is not viewable by either guard for 12 minutes during each round. Which attack method was used to discover this information? War driving Port scanning Social engineering Traffic analysis
D
At what stage of a fire is smoke not visible? Flame Heat Smoldering Incipient
D
Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern? Passive logging Distributed denial of service Spamming Man-in-the-middle attack
D
Change control should be used to oversee and manage changes over what aspect of an organization? IT hardware and software Physical environment Personnel and policies Every aspect
D
Data that is evidence of a computer crime may exist on the same system as corporate data. What is this condition known as? Collusion Polymorphism Disclosure Co-mingling
D
Dictionary attacks are often more successful when performed after what reconnaissance action? Cutting the network cable Site survey ARP flooding Social engineering
D
Dumpster diving is a low-tech means of gathering information that may be useful in gaining unauthorized access, or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving? Create a strong password policy Secure all terminals with screensaver passwords Mandate the use of Integrated Windows Authentication Establish and enforce a document destruction policy
D
FTP (File Transfer Protocol) and NNTP (Network News Transport Protocol) can both be secured using which of the following? ICMP (Internet Control Message Protocol) SLIP (Serial Line Interface Protocol) SNMP (Simple Network Management Protocol) SSL (Secure Sockets Layer)
D
Flashcards and memory drives pose a security threat due to all but which of the following? Ease of use Physical size Removable functionality Storage capacity
D
How many business continuity plans should exist for a large organization? Separate plans for each geographic location As many separate plans as needed Separate plans for each logical department regardless of physical characteristics One fully-integrated plan
D
How often should awareness be re-presented to the same employees? Only after an incident Once every three years At least once a month Once a year at a minimum
D
If an expert system is used to determine if a given hypothesis is valid, such as when there are few inputs and many outputs, what process is used? Experiential learning Forward chaining Deductive reasoning Backward chaining
D
In order to maintain business continuity, which of the following activities is most important? Physical barrier access logging Vulnerability assessments Service level agreements Backups
D
In what form of access control environment is access controlled by rules rather than by identity? Most client-server environments Discretionary access control (DAC) Access control lists (ACLs) Mandatory access control (MAC)
D
In which of the following malicious activities or attacks is data disclosed unintentionally by internal personnel? Fraud Espionage Embezzlement Social engineering
D
In which phase of the system life cycle is software testing performed? Functional Design Analysis and Planning System Design Specifications Installation Software Development
D
NetBus and Back Orifice are remote control tools. They allow you to connect to a remote system over a network and operate it as if you were sitting at its local keyboard. Unfortunately, these two programs are also examples of what type of security concern? Packet sniffers Viruses IPSec filters Backdoor trojans
D
Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted Internet? Extranet Intranet Padded Cell DMZ
D
Once a fire is detected, what is the best first response option that would cause the least amount of overall damage to the facility and personnel? Instigating a fire department response Spraying water Releasing an oxygen-removing gas throughout the building Using a hand-held fire extinguisher
D
Properly configured passive IDS and system audit logs are an integral part of a comprehensive security plan. What step must be taken to insure that the information is useful in maintaining a secure environment? The accounting department must compress the logs on a quarterly basis. All logs should be deleted and refreshed monthly. All files must be verified with the IDS checksum. Periodic reviews must be conducted to detect malicious activity or policy violations.
D
The most important pre-disaster preparation step that makes or breaks the recovery efforts of both the recovery team and the salvage team is? Maintaining electronic copies of the recovery plan Establishing a hot site Training personnel in CPR Reliable offsite backups
D
The presence of unapproved modems on desktop systems gives rise to the LAN being vulnerable to which of the following? Masquerading Social engineering Packet sniffing War dialing
D
The twisting of wire pairs within 10BaseT wiring is a countermeasure against? Eavesdropping Attenuation Termination Crosstalk
D
Use of which of the following is a possible violation of privacy? FTP Java VPNs Cookies
D
What informational element is always protected under privacy restrictions? Web surfing Hard drive contents Personal e-mail Medical data
D
What is an incident response policy designed to address? Users who fail to adhere to an organization's acceptable use policy The prevention of external intruders Minor disasters that affect mission critical business operations Security policy violations
D
What is another name for a logic bomb? Pseudo flaw Trojan horse DNS poisoning Asynchronous attack
D
What is modified in the most common form of spoofing on a typical IP packet? Protocol type field value Destination address Hash total Source address
D
What is not a goal of disaster recovery planning? Minimizing decision making during an emergency Protecting an organization from major computer services failure Minimizing the risk to the organization from delays and interruptions in providing services Maintaining business operations with reduced or restricted infrastructure capabilities or resources
D
What is the IEEE standard for Bluetooth? 802.5 802.11 802.16 802.15
D
What is the Web application mechanism that allows server-side scripts, such as Perl, to be used to accept user input, process that input, and return results to users via Web browsers? Cookies TLS (Transport Layer Security) HTTPS (Hypertext Transfer Protocol over Secure Socket Layer) CGI (Common Gateway Interface)
D
What is the area of security that awareness is designed to address? Proper performance of assigned job tasks Creating strong passwords Implementation of the principle of least privilege The weakest link in an organization's security, namely people
D
What is the best level of humidity for the mission critical server vault? 10% - 30% 60% - 100% 0% - 40% 40% - 60%
D
What is the biggest issue with guard dogs? Lack of perimeter protection Maintenance Cost Insurance and liability
D
What is the first step of managing a needed change under a change control process? Thorough testing Post-deployment verification and documentation Implementation Approval
D
What is the most common attack waged against Web servers? Birthday Brute force Data diddling Buffer overflow
D
What is the most common programming language used to write CGI (Common Gateway Interface) scripts? Java ActiveX JavaScript Perl
D
What is the most important task to perform when implementing vulnerability scanning? Develop an activity plan Collect the attack tools Fingerprint the target systems Get senior management approval
D
Which form of access control enforces security based on user identities and allows individual users to define access controls over owned resources?
DAC
You have a system that allows the owner of a file to identify users and their permissions to the file. Which type of access control model is implemented?
DAC
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attacks?
DDoS
Which of the following is the weakest symmetric encryption method
DES
Which of the following is weakest symmetric encryption method?
DES
Which of the following is not a protection against session hijacking?
DHCP reservations
You are troubleshootin a network connectivity issue on a Unix system. You are able to connect to remote systems by using their IP address, but unable to connect using the hostname. You check the TCP/IP configuration, and note that a DNS serve IP address is configured You decide to run some manual resolution queries to ensure that the communication between the Unix system and the DNS server are working correctly. Which utilities cna you use to do this?
DIG nslookup
Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted Internet?
DMZ
Which type of Denial of Server (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses?
DNS poisoning
While using the Internet, you type the URL of one of your favorite sites in the browser. Instead of going to the correct site, however, the browser displays a completely different website. When you use the IP address of the Web server, the correct site is displayed. Which type of attack has likely occurred?
DNS poisoning.
Which of the following Internet connection technologies requires that the location be within a limited distance of the telephone company central office?
DSL
The following items describe the functions performed at various OSI model layers. 1. Logical topology, hardware addresses, media access, framing. 2. Logical device identification, path identification and selection. 3. Flow control, reliable data transfer, windowing, segmentation, and sequencing. 4. Convert data to 0s and 1s, bit signaling and synchronization. Which of the following correctly identifies the layers that perform each of the functions listed here?
Data Link, Network, Transport, Physical
You have a computer with three hard disks.............Disk 2 fails. Which of the following is true
Data on the RAID 1 volume is accessible; data on the RAID 0 volume is not.
Which of the following defines an object as used in access control?
Data, applications, systems, networks, and physical space.
Which of the following are subject to SQL injection attacks?
Database servers
You have configured a wireless access point to create a small network. You have configured all necessary parameters. Wireless clients seem to take a long time to find the wireless access point. You want to reduce the time it takes for the clients to connect. What should you do?
Decrease the beacon interval.
You have just connected a new computer to your network. The network uses static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having a problem. What configuration values would you most likely need to change?
Default Gateway used for sending packets to other subnets
You have just connected a new computer to your network. The network uses static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having a problem. Which of the configuration values would you most likely need to change?
Default gateway
You have just connected a new computer to your network. The network user static IP addressing. You find that the computer can communicate with hosts on the same subnet, but not with hosts on a different subnet. No other computers are having a problem Which of the configuration values would you most likely need to change?
Default gateway.
Which of the following are functions of the MAC sublayer?
Defining a unique hardware address for each device on the network. Letting devices on the network have access to the LAN
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?
Denial of Service
Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?
Denial of Service attack
Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring?
Denial of service attack
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?
Denial of service.
Soft skills encompass:
Dependability
Which of the following can be used to stop piggybacking that has been occurring at a front entrance where employees should swipe their smart cards to gain entry?
Deploy a mantrap.
Which of the following information are you likely to find in a procedure document?
Details on how to test and deploy patches.
What is the purpose of the CRC in network communications?
Detect data errors
Users report that the network is down. After some investigation, you determine that a specific router is configured such that a routing loop exists. What should you do next?
Determine if escalation is needed
Users report that the network is down. After some investigation, you determine that a specific router is configured such that a routing loop exists. What should you do next?
Determine if escalation is needed.
A user reports that she can't connect to a server on your network. You check the problem and find out that all users are having the same problem. What should you do next?
Determine what has changed.
Your organization uses the following tape rotation strategy for its backup tapes: 1. The first set of tapes is used for daily backups. 2. At the end of each week, the latest daily backup tape is promoted to be the weekly backup tape. 3. At the end of each month, one of the weekly backup tapes is promoted to be the monthly backup tape. What kind of backup tape rotation strategy is being used?
Grandfather
How do groups differ from OUs?
Groups are security principals, meaning you assign access permissions to a resource based on membership in a group. OUs are for organization and for assigning Group Policy settings.
Which protocol is used for securely browsing a Web site
HTTPS
which protocol is used for securely browsing a Web site?
HTTPS
Which of the following fire extinguisher types poses a safety risk to users in the area? (Select two.)
Halon CO2
Which of the following fire extinguisher types poses a safety risk to users in the area (Select tow)
Halon, C02
You need to configure settings for a USB printer that you have just connected to your Windows 7 system. Which option in Control Panel should you use to do this?
Hardware and Sound
Which of the following is used to verify that a downloaded file has not been altered
Hash
Which of the following is used to verify that a downloaded file has not been altered?
Hash
Which method can be use to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence
Hashing
Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence?
Hashing
When the ACT shows a steady light, this is an indication that the NIC is experiencing:
Heavy Traffic Volume
Which of the following are characteristics of a rootkit? (Select two.)
Hides itself from detection. Requires administrator-level privileges for installation.
When the TCP/IP session state is manipulated so that a third party is able to insert alternate packets into the communication stream, what type of attack has occurred?
Hijacking
Which of the following is a common form of social engineering attack
Hoax virus information e-mails.
As a security precaution, you have implemented IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of the encrypted traffic to prevent any malicious attacks. Which solution should you implement?
Host based IDS
As a security precaution, you have implemented an IPsec that is used between any two devices on your network. IPsec provides encryption for traffic between devices. You would like to implement a solution that can scan the contents of encrypted traffic to prevent any malicious attacks. Which solution should you implement?
Host based IDS
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use?
Host based firewall
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use?
Host based firewall.
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use?
Host based firewall.
You have been asked to deploy a network solution that requires an alternate location where operational recovery is provided within minutes of a disaster. Which of the following strategies would you choose
Hot site
You have been asked to deploy a network solution that requires an alternate location where operational recovery is provided within minutes of a disaster. Which of the following strategies would you choose?
Hot site
Which of the following devices does NOT segment the network?
Hub
Which of the following devices does not segment the network?
Hub
What security mechanism can be used to detect attacks originating on the Internet or from within an internal trusted subnet?
IDS
Which of the following devices can monitor a network and detect potential security attacks?
IDS
Which of the following is a security service that monitors network traffic in real time or reviews the audit logs on servers looking for security violations?
IDS
Which of the following are security devices that perform stateful inspection of packet data, looking for patterns that indicate malicious code? (Select two.)
IDS IPS
Which of the following devices can monitor a network and detect potential security attacks?
IDS.
You have a private network connected to the Internet. Your routers will not share routing information about your private networkwith Internet routers. Which of the following best describes the type of routing protocol you would use?
IGP
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets.
IP address
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets?
IP address.
Which of the following devices is capable of detecting and responding to security threats?
IPS
You are concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack. Which tool should you use?
IPS
Which of the following devices is capable of detecting and responding to security threats?
IPS.
You are concerned about attacks directed at your network firewall. You want to be able to identify and be notified of any attacks. In addition, you want the system to take immediate action when possible to stop or prevent the attack. Which tool should you use?
IPS.
Which of following network layer protocols provides authentication and encryption services for IP based network traffic?
IPSec
Which of the following is the best countermeasure against man-in-the-middle attacks
IPSec
Which of the following is the best countermeasure against man-in-the-middle attacks?
IPSec
Which of the following network layer protocol provides authentication and encryption services for IP based network traffic?
IPSec
Which of the following network layer protocols provides authentication and encryption services of IP based network traffic
IPSec
Which of the following can be used to encrypt Web, e-mail, telnet, file transfer, and SNMP traffic
IPSec (Internet protocol security)
Which of the following is the best countermeasure against man-in-the-middle attacks?
IPSec.
Which WAN connection types use digital communications over POTS?(Select two)
ISDN, DSL
To obtain a digital certificate and participate in a Public Key Infrastructure (PKI), what must be submitted and where should it be submitted
Identify data and a certification request to the registration authority (RA)
A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online. After doing some research you find that the most likely cause of the problem is a bug in the router's software. A new patch is available from the manufacturer that is supposed to eliminate the problem. What should you do next?
Identify possible effects of the solution.
A router periodically goes offline. Once it goes offline, you find that a simple reboot puts the router back online. After doing some research you find that the most likely cause of the problem is a bug in the router software. A new patch is available from the manufacturer that is supposed to eliminate the problem. What should you do next?
Identify possible effects of the solution.
A user reports that he can't connect to a specific Web site. You go to the user's computer and reproduce the problem. What should you do next?
Identify the affected areas of the network.
A user reports that he cant connect to a specific Web site. You go to the user's computer and reproduce the problem. What should you do next?
Identify the affected areas of the network.
Which of the following tests can be performed by a TDR? (Select two.)
Identify the location of a fault on a cable. Measure the length of a cable.
A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verity that it works. What should you do next?
Identify the results and effects of the solution
A user is unable to connect to the network. You investigate the problem and determine that the network adapter is defective. You replace the network adapter and verify that it works. What should you do next?
Identify the results and effects of the solution.
To obtain a digital certificate and participate in a Public Key Infrastructure (PKI), what must be submitted and where should it be submitted?
Identifying data and a certification request to the registration authority (CA).
Under which of the following circumstances might you implement BGP on your company network and share routes with Internet routers?
If the network is connected to the Internet using multiple ISPs.
What do you use to look up the IP address for a linux server?
Ifconfig
you are troubleshooting a connectivity problem on a linux server. You are able to connect to another system on the local network, but are not able to connect to a server on the remote network. You suspect that the default gateway information for the system may be configured incorrectly. Which of the following commands would you use to view the default gateway information on the Linux server?
Ifconfig
Which of the following is not a form of social engineering
Impersonating a user by logging on with stolen credentials
You want to protect data on hard drives for users with laptops. You want to drive to be encrypted, and you want to prevent the laptops from booting unless a special USB drive is inserted. In addition, the system should not boot if a change is detected in any of the boot files. What should you do
Implement BitLocker with a TPM
You manage a local area network with several switches. A new employee has started today so you connect her workstation to a switch port. After connecting the workstation, you find that the workstation cannot get an IP address from the DHCP server. You check the link and status lights and the connection is working properly. A ping to the local loopback address on the workstation succeeds. No other computers seem to have a problem. Which of the following is the most likely cause of the problem?
Incorrect VLAN assignment.
A user calls to report that she is experiencing intermittent problems wile accessing the wireless network from her laptop computer. While she normally works from her office, today she is trying to access the wireless network from a conference room which is across the hall from the elevator. What is the most likely cause of her connection problem?
Interference is affecting the wireless signal
You have been called in to troubleshoot a connectivity problem on a newly installed windows Server 2003 system. The system is operating satisfactorily and is able to communicate with other systems on the local network. However it is unable to access any systems on other segments of the corporate network. You suspect that the default gateway parameter for the system has not been configured, or may be configured incorrectly. Which of the following utilitis are you most likely to use to view the default gate way information for the system
Ipconfig
You want to be able to view the DNS server address that a computer is using. Which of the following utilities would you use? (Select two.)
Ipconfig Ifconfig
You want to be able to view the DNS server address that a computer is using. Which of the following utilities would you use
Ipconfig windows ifconfig linux
DDNS is a reliable way of locating a host as long as the host's IP address:
Is static
A Parallel Backbone:
Is the most robust type of network backbone
Which of the following is NOT a primary characteristic of a worm?
It infects the MBR of a hard drive
Which of the following is NOT a primary characteristic of a worm?
It infects the MBR of a hard drive.
Which of the following best describes spyware?
It monitors the actions you take on your machine and sends the information back to its originating source.
Which three of the following are characteristics of ISDN?
It provides enough bandwidth to transmit data at much higher speeds than standard modems and analog lines, It is a dial-up service that uses existing copper wires for the local loop, It lets you transmit voice, video, and data over the same lines.
When should a hardware device be replaced in order to minimize downtime
Just before it's a MTBF is reached
Which of the following authentication methods uses tickets to provide single sign on?
Kerberos
You are concerned that if a private key is lost, all documents encrypted using your private key will be inaccessible. Which service should you use to solve this problem
Key escrow
You are concerned that if a private key is lost, all documents encrypted using your private key will be inaccessible. Which service should you use to solve this problem?
Key escrow
Which of the following is not true concerning symmetric key cryptography
Key management is easy when implemented on a large scale.
Which of the following is not true concerning symmetric key cryptography?
Key management is easy when implemented on a large scale.
Which of the following protocols can your portable computer use to connect to your company's network via a tunnel through the Internet? (Select two)
L2TP
What is the most common failure of a security policy in an environment
Lack of user awareness
What is the most common failure of a security policy in an environment?
Lack of user awareness
A SYN packet is received by a server. The SYN packet has the exact same address for both the sender and receiver addresses, which is the address of the server. This is an example of what type of attack?
Land Attack
Which of the following devices is capable of performing routing of IP packets at wire speeds using an ASIC module instead of the CPU or software?
Layer 3 switch
When returning to the rebuilt primary site, the salvage team will restore or return what process first.
Least business-critical
When returning to the rebuilt primary site, the salvage team will restore or return what processes first?
Least business-critical
Which of the following describes a false positive when using an IPS device?
Legitimate traffic being flagged as malicious
You are troubleshooting an IP addressing issue, and so issue a command to view the TCP/IP configuration of the system. The command you use produces the following output: fxp0: flags=8843<UP, BROADCAST, RUNNING, SIMPLEX, MULTICAST> mtu 1500 inet6 fe80: :2a0:83ff:fe30:57a%fxp0 prefixlen 64 scopeid 0x1 inet 192.168.1.235 netmask 0xfffffx00 broadcast 255.255.255..255 ether 00:a0:83:30:05:7a media: Ethernet autoselect (100BaseTX <full-duplex>) status: active 1o0: flags=8049<UP, LOOPBACK, RUNNING, MULTICAST> mtu 16384 inet6 : : 1prefixlen 128 inet6 fe90: : 1%1o0 prefixlen 64 scopeid 0x7 inet 127.0.0.1 netmask 0xff000000 Which of the following operating systems are you working on?
Linux
The chain of custody is used for what purposes
Listing people coming into contact with evidence
The chain of custody is used for what purposes?
Listing people coming into contact with evidence
Which of the following devices accepts incoming client requests and distributes those requests to specific servers?
Load balance
Which of the following devices accept incoming client requests and distributes those requests to specific servers?
Load balancer.
You have a Web server on your network that hosts the public Web site for your company. You want to make sure that the Web site will continue to be available even if a NIC, hard drive, or other problem prevents the server from responding. Which solution should you implement?
Load balancing
You manage a server that runs your company Web site. The Web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that a second server can respond to requests for Web site content. Which solution should you implement?
Load balancing
You manage a server that runs your company Web site. The Web server has reached its capacity, and the number of clients requests is greater than the server can handle. You would like to find a solution so that a second server can respond to requests for Web site content. Which solution should you implement?
Load balancing
___ is a technology that can help to evenly distribute work across a network.
Load balancing
You have a Web server on your network that hosts the public Web site for your company. You want to make sure that the Web site will continue to be available even in a NIC, hard drive, or other problem prevents the server from responding. Which solution should you implement?
Load balancing.
You manage a server that runs your company Web site. The Web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that the second server can respond to requests for Web site content. Which solution should you implement?
Load balancing.
You have a Web site that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before performance is negatively impacted. Which tool should you use?
Load tester
You have a Web site that customers use to view product information and place orders. You would like to identify the maximum number of simultaneous sessions that this server can maintain before the performance is negatively impacted. Which tool should you use?
Load tester.
Which of the following controls is an example of a physical access control method?
Locks on doors
In what form of access control environment is access controlled by rules rather than by identity?
MAC
What type of access control focuses on assigning privileges based on security clearance and data sensitivity.
MAC
Which of the following do switches and wireless access points use to control access through the device?
MAC filtering
Which of the following do switches and wireless access points use to control access through the device?
MAC filtering.
Which of the following attacks, if successful, causes a switch to function like a hub?
MAC flooding
Which of the following is the weakest hashing algorithm
MD-5
Which of the following is the weakest hashing algorithm?
MD-5
Which of the following technologies uses variable-length packets and adds labels to packets as they enter the WAN cloud, with the labels being used to switch packets and prioritize traffic?
MPLS
The most popular attack toolkit, which has almost half of the attacker toolkit market is ____.
MPack
What is the primary goal of business continuity planning
Maintaining business operations with reduced or restricted infrastructure capabilities or resources
What is the primary goal of business continuity planning?
Maintaining business operations with reduced or restricted infrastructure capabilities or resources.
What is another name for a backdoor that was left in a product by the manufacturer by accident?
Maintenance hook.
You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activates on the disk to see what kind of information it contains. What should you do first
Make a bit-level copy of the disk
You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activities on the disk to see what kind of information it contains. What should you do first?
Make a bit-level copy of the disk
You walk by the server room and notice a fire has started. What should you do first
Make sure everyone has cleared the area.
You walk by the server room and notice a fire has started. What should you do first?
Make sure everyone has cleared the area.
Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern?
Man-in-the-middle attack
Capturing packets as they travel from one host to another with the with the intent of altering the contents of the packets is a form of which security concern?
Man-in-the-middle attack
To be most effective, an anti-malware policy should be authorized and supported by the organization:
Management
You have a router configured to share routing information using RIP. In addition, you have a single static route that identifies a default route for all other networks. The next hop router for the default route has changed. You need to make changes with the least amount of effort possible. What should you do?
Manually configure the default route to point to the next hop router.
Mary wants to send a message to Sam. She wants to digitally sign the message to prove that she sent it. Which key would Mary use to create the digital signature
Mary's private key
Which of the following tests can be performed by a TDR?
Measure the length of a cable. Identify the location of a fault on a cable.
You connect a packet sniffer to a switch to monitor frames on your local area network. However, the packet sniffer is only able to see broadcast frames and frames addressed specifically to the host device. Which feature should you enable on the switch so you can see frames from all devices connected to the switch?
Mirroring
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device which is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router. When you run the software, you see only frames addressed to the four stations but not to the router. Which feature should you configure?
Mirroring
You connect a packet sniffer to a switch to monitor frames on your local area network. However, the packet sniffer is only able to see broadcast frames and frames addressed specifically to the host device. Which feature should you enable on the switch so you can see frames from all devices connected to the switch?
Mirroring.
You decide to use a packet sniffer to identify the type of traffic sent to the router. You run the packet sniffing software on a device which is connected to a hub with three other computers. The hub is connected to the same switch that is connected to the router. When you run the software, you only see frames addressed to the four workstations but not to the router. Which feature should you configure?
Mirroring.
You have decided to conduct a business meeting at a local coffee shop. The coffee shop you chose has a wireless hotspot for its customers who want Internet access. You decide to check your e-mail before the meeting begins, but when you open the browser you cannot gain Internet access. Other customers are on the Internet and because you use a wireless connection at work, you are sure your laptops wireless adapter works. What is the likely cause of this problem?
Mismatched SSID
You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the Internet. you investigate the problem and find that she can access all hosts on the private network, but no hosts on the Internet. Which of the following is likely the cause of the problem?
Missing default route on a router
You manage a network of multiple subnets connected to the Internet. A user reports that she can't access the Internet. You investigate the problem and find that she can access all hosts on the private network, but no hosts on the Internet. Which of the following is likely the cause of the problem?
Missing default route on a router.
A user reports that she can't access the Internet. You investigate the problem and find that she can access all hosts on the private network, but no hosts on the Internet. What is most likely the cause of the problem?
Missing default route on the router
You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the Internet. You investigate the problem and find that she can access all hosts on the private network, but no hosts on the Internets. What is likely the cause of the problem.
Missing default route on the router
You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the new server used in the accounting department. You check the problem and find out that her computer cannot access any server on that subnet, however the computer does access other computers on other subnets as well as the internet. Which of the following is most likely the cause of the problem?
Missing route on the default gateway router
You manage a network with multiple subnets connected to the Internet. A user reports that she can't access the new server used in the accounting department. You check the problem and find out that her computer cannot access any server on the subnet, however the computer does access other computers on other subnets as well as the Internet. Which of the following is most likely the cause of the problem?
Missing route on the default gateway router.
When a recovery is being performed due to a disaster, what services are to be stabilized first
Mission critical
When recovery is being performed due to a disaster, what services are to be stabilized first?
Mission-critical
To access the Internet through the PSTN, what kind of connectivity device must you use?
Modem
You have configured a remote access server to accept dial-up connections for remote access clients. Remote clients are able to connect successfully and access resources on the remote access server. However, the remote clients are not able to connect to other devices located on the same subnet where the remote access server is located. Which action would likely correct the problem?
Enable proxy ARP cache on the LAN connection for the remote access server
You have a remote access server to accept dial-up connections for remote access clients. Remote clients are able to connect successfully and access resources on the remote access server. However, the remote clients are not able to connect to other devices located on the same subnet where the remote access server is located. Which action would likely correct the problem?
Enable proxy arp on the LAN connection for the remote access server.
You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. What will help reduce the effects of a broadcast storm?
Enable spanning tree on all the switches
You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. Which of the following will help reduce the effects of a broadcast storm?
Enable spanning tree on the switches
You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. What will help reduce the effects of a broadcast storm?
Enable spanning tree on the switches it is a protocol on a switch that allows the switch to maintain multiple paths between switches within a subnet
You manage a network with multiple switches. You find that your switches are experiencing heavy broadcast storms. Which of the following will help reduce the effects of a broadcast storm?
Enable spanning tree on the switches.
You want to implement BitLocker to encrypt data on a hard disk even if it is moved to another system. You want the system to boot automatically without providing a startup key on an external USB device. What should you do
Enable the TPM in the BIOS
Which IPSec sub protocol provides data encryption
Encapsulating Security Payload (ESP)
Which of the following is not a valid example of steganography
Encrypting a data file with an encryption key
Which of the following is not a valid example of steganography?
Encrypting a data file with an encryption key.
Network packet sniffing is often used to gain the information needed to conduct more specific and detailed attacks. Which of the following is the best defense against packet sniffing?
Encryption
Which of the following are solutions that address physical security? (Select two.)
Escort visitors at all times. Require identification and name badges for all employees.
Dumpster diving is a low-tech mean of gathering information that may be useful in gaining unauthorized access, or as a starting point for more advanced attacks. How can a company reduce the risk associated with dumpster diving
Establish and enforce a document destruction policy
You are a network administrator for your company. A frantic user calls you one morning exclaiming that "nothing is working". What should you do next in your troubleshooting strategy?
Establish the symptoms.
You are a network administrator for your computer. A frantic user calls you one morning exclaiming that "nothing is working." What should you do next in your troubleshooting strategy?
Establish the symptoms.
You have a Web server on your network that hosts the public Web site for your company. You want to make sure that a failure of the NIC in the server does not prevent the Web site from being accessible on the Internet. Which solution should you implement?
Ethernet bonding
You have a network server with two network interface cards. You want both network adapters to be sued at the same time to connect to the same network to double the amount of data the server can send. Which feature would you use?
Ethernet bonding
You have a Web server on your network that hosts the public Web site for your company. You want to make sure that a failure of the NIC in the server does not prevent the Web site from being accessible on the Internet. Which solution should you implement?
Ethernet bonding.
You have a network server with two network interface cards. You want both network adapters to be used at the same time to connect the same network to double the amount of data the server can send. Which feature would you use?
Ethernet bonding.
You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?
Event log
You manage a firewall that connects your private network to the Internet. You would like to see a record of every packet that has been rejected by the firewall in the past month. Which tool should you use?
Event log.
What is the goal of a TCP/IP hijacking attack?
Executing commands or accessing resources on a system the attacker does not otherwise have authorization to access.
Which of the following is not used to oversee and/or improve the security performance of employees
Exit interviews
Which of the following is not used to oversee and/or improve the security performance of employees?
Exit interviews
What is the primary benefit of CCTV?
Expands the area visible by security guards
Which of the following is a privately controlled portion of a network that is accessible to some specific external entities?
Extranet
Which of the following are denial of service attacks? (Select two.) Salami Fraggle Smurf Hijacking
FRAGGLE AND SMURF
Which of the following is likely to be located in a DMZ?
FTP server.
You have just connected four new computer systems to an Ethernet switch using spare patch cables. 3 out of 4 of are working. You replace the nic, but still no connection. what could be the possible cause?
Failed patch cable
You are moving a client to a new location within an Ethernet network. Previous to the move, the client system did not have difficulty accessing the network. during the relocation, you attach a patch cable from the client system to the wall jack and from the patch panel to the switch. Once connected you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known working one but you can still not connect. what might you suspect as the problem?
Failed patch cable between the client system and the wall jack
You are moving a client to a new location within an Ethernet network. Previous to the move, the client system did not have any difficulty accessing the network. During the relocation, you attach a patch cable from the client system to the wall jack and from the patch panel to the switch. Once connected you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known working one but you can still not connect. Which of the following might you suspect as the problem?
Failed patch cable between the client system and the wall jack.
You are moving a client to a new location within an Ethernet network. Previous to the move, the client system did not have difficulty accessing the network. During the relocation, you attach a patch cable from the client system to the wall jack and from the patch panel to the switch. Once connected you do not get a link light on the network card or the switch. You swap out the cable running between the patch panel and the switch with a known working one but you can still not connect. Which of the following might you suspect as the problem?
Failed patch cable between the client system and the wall jack.
You have just connected four new computer systems to an Ethernet switch using spare patch cables. After the installation only three systems are able to access the network. You verify all client network settings and replace the network card in the failed system. The client is still unable to access the network. Which of the following might you suspect as the real cause of the problem?
Failed patch cable.
You have just connected four new computer systems to an Ethernet switch using spare patch cables. After the installation only three systems are able to access the network. You verify all client settings and replace the network card in the failed system. The client is still unable to access the network. Which of the following might you suspect as the real cause of the problem?
Failed patch cable.
A "brownout" is a momentary decrease in voltage; also know as a "lag."
False
A subset of business continuity planning and testing is disaster recovery, also known as IT recovery planning.
False
Cryptography cannot protect data as it is being transported across a network.
False
Each Ethernet frame contains a 14-byte header, which includes a destination address, and source address - having no additional fields.
False
Education in an enterprise is limited to the average employee.
False
Given information sensitivity, a documented backup strategy is for IT Administrator eyes only. No other IT staff member has a need to know.
False
On a data network, information can be transmitted via an analog or video signaling method.
False
Servers will not become more fault-tolerant by supplying them with redundant components.
False
TCP/IP's roots lie with the University of Chicago, which developed TCP/IP for advanced research.
False
The top or seventh layer of the OSI model is the Session layer.
False
Trusted OSs have been used since the late 1960s, initially for government and military applications.
False
Using a rainbow table to crack a password requires three steps.
False
Vulnerability scans are usually performed from outside the security perimeter.
False
When a network must handle high volumes of network traffic, users benefit from a performance management technique known as Traffic Controlling.
False
You have configured a NIDS to monitor network traffic. Which of the following describes an attack that is not detected by the NIDS device?
False negative
You have configured a NIDS to monitor network traffic. Which of the following describes harmless traffic that has been identified as a potential attack by the NIDS device?
False positive
Upon conducting a visual inspection of the server room, you see that a switch displays LED collision lights that are continually lit. You check the LED on the corresponding workstation and see that it is flashing rapidly even though it is not sending or receiving network traffic at that time. What is the cause of the network collisions?
Fault network card.
Upon conducting a visual inspection of the server room, you see that a switch displays LED collision lights that are continually lit. You check the LED on the corresponding workstation and see that it is flashing rapidly even though it is not sending or receiving network traffic at that time. What is the cause of the network collisions?
Faulty network card Sometimes when a NIC fails, it doesn't just stop working but begins to flood the network with transmissions called jabbering, a single network card can slow down and entire network by its continual transmissions onto the network.
Upon conducting a visual inspection of the server room, you see that a switch displays LED collision lights that are continually lit. You check the LED on the corresponding workstation and see that it is flashing rapidly even though it is not sending or receiving network traffic at that time. What is the cause of the network collision?
Faulty network card.
Which of the following are characteristics of a packet filtering firewall? (Select Two)
Filters IP address and port, Stateless
Which of the following are characteristics of a circuit-level gateway? (Select Two)
Filters based on sessions, Stateful
Which of the following are characteristics of a circuit-level gateway?
Filters based on sessions. Stateful.
Click the View Lab button and use the tracert command from the IT Administrator workstation (named ITAdmin) to answer the following question. From the IP addresses listed on the left, drag the addresses of the routers in the path between ITAdmin and a computer on the internet which has an IP address of 38.78.213.28. Make sure each address is listed in order from top to bottom, and use only the addresses that are necessary to identify the routers in the path.
First hop 192.168.0.5 Second hop 198.28.56.108 Third hop 12.34.58.32 Fourth hop 163.39.174.88
Local GPOs contain fewer options than domain GPOs. Local GPOs do not support ______.
Folder redirection or Group Policy software installation.
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configured to use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The router is also configured with a static route of 0.0.0.0 with a mask of 0.0.0.0. The router receives a packet addressed to network 10.1.0.0/16. What will the router do with the packet?
Forward the packet to the next hop router specified by the route to network 0.0.0.0
Which backup strategy backs up all files from a computer's file system regardless of whether the file's archive bit is set or not and marks them as having been backed up?
Full
Which backup strategy backsup all files from a computer's file system regardless of whether the file's archive bit is set or not and marks them as having been backed up
Full
Which of the following will enter random data to the inputs of an application?
Fuzzing
What is the purpose of the dxdiag tool?
Gather information about your computer and to diagnose issues with your computer.
What is the main function of a TPM hardware chip
Generate and store cryptographic keys
You organization uses the following tape rotation strategy for its backup tapes: 1. The first set of tapes is used for daily backups 2. At the end of each week, the latest daily backup tape is promoted to be the weekly backup tape 3. At the end of the each month, one of the weekly backup tapes is promoted to be the monthly backup tape. What kind of backup ration strategy is being used
Grandfather
A system failure has occurred. Which of the following restoration processes would result in the fastest restoration of all data to its most current state?
Restore the full backup and the last differential backup
A system failure has occurred. Which of the following restoration process would result in the fastest restoration of all data t its most current state
Restore the full backup and the last differential backup.
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?
Rogue access point
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this?
Rogue access point.
Which access control model manages rights and permissions based on job descriptions and responsibilities?
Role Based Access Control (RBAC)
In the certificate authority trust model known as hierarchy, where does trust start
Root CA
A ____ is a set of software tools used by an attacker to hide the actions or presence of other types of malicious software, such as Trojans, viruses, or worms.
Rootkit
You have heard about a new malware program that presents itself to users as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to the computer. Which of the following terms best describes this software?
Rootkit
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network office. What type of security risk is this?
Rouge access point
You manage a network with two switches. The switches are connected together through their Gigabit uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in the VLAN 1 needs to communicate with a device on the same switch which is in VLAN 2. What should you configure so that the two devices can communicate?
Routing
You are troubleshooting access to a server in a remote network. You use the tracert command and see the following: Tracing route to 192.168.2.250 over a maximum of 30 hops: 1 2 ms 2 ms 2 ms 192.168.12.11 2 2 ms 2 ms 2 ms 192.168.11.1 3 5 ms 5 ms 3 ms 192.168.10.15 4 2 ms 2 ms 2 ms 192.168.9.1 5 5 ms 5 ms 3 ms 192.168.11.1 6 2 ms 2 ms 2 ms 192.168.10.15 7 5 ms 5 ms 3 ms 192.168.9.1 ... additional output omitted What is the problem?
Routing loop
You are troubleshooting access to a server in a remote network. You use the tracert command and see the following: Trace route to 192.168.2.250 over a maximum of 30 hops: 1 2 ms 2 ms 2 ms 192.168.12.11 2 2 ms 2 ms 2ms 192.168.11.1 3 5 ms 5 ms 3 ms 192.168.10.15 4 2 ms 2 ms 2 ms 192.168.9.1 5 5 ms 5 ms 3 ms 192.168.11.1 6 2 ms 2 ms 2 ms 192.168.10.15 7 5 ms 5 ms 3 ms 192.168.9.1 ...additional output omitted What is the problem?
Routing loop.
You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the same switch which is in VLAN 2. What should you configure so that the two devices can communicate?q
Routing.
You have installed anti-malware software on a computer that only you use. You want to protect the computer from files that you download from the Internet. What should you do next to make sure that there aren't any existing files on your system that are infected?
Run a full scan
You have a development machine that contains sensitive information relative to your business. You are concerned that spyware and malware installed while browsing websites could compromise your system or pose a confidentiality risk. Which of the following would best protect your system?
Run the browser within a virtual environment.
You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do?
Run the packet sniffer application on Host B
You have a small network of devices connected together using a switch. You want to capture the traffic that is sent from Host A to Host B. On Host C, you install a packet sniffer that captures network traffic. After running the packet sniffer, you cannot find any captured packets between Host A and Host B. What should you do?
Run the packet sniffer application on Host B.
Which of the following Internet services provides equal upload and download bandwidth?
SDSL
Which of the following is the strongest hashing algorithm
SHA-1
Which of the following is the strongest hashing algorithm?
SHA-1
Because of an unexplained network slowdown on your network, you decide to install monitoring software on several key network hosts to locate the problem. You will then collect and analyze the data from a central network host. What protocol will the software use to detect the problem?
SNMP.
Which protocol uses traps to send notifications from network devices?
SNMP.
Which of the following is WAN technology that allows for interoperability of vendor hardware for fiber optic networking?
SONET
Which of the following is an WAN technology that allows for interoperability of vendor hardware for fiber optic networking?
SONET
You have a website that accepts input from users for creating customer accounts. Input on the form is passed to a database server where the user account information is stored. An attacker is able to insert database commands in the input fields and have those commands execute on the server. Which type of attack has occurred?
SQL injection
Telenet is inherently insecure because its a communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet?
SSH
Telnet is inherently insecure its communications is in plain text and easily intercepted. Which of the following is an acceptable alternative to Telnet
SSH
Which of the following protocols can be used to securely manage a network device from a remote connection
SSH
Which of the following protocols can be used to securely manage a network device from a remote connection?
SSH
You want to connect your client computer to a wireless access point connected to your wired network at work. The network administrator tells you that the access point is configured using WPA2 Personal with the strongest encryption method possible. SSID broadcast is turned off. Which of the following must you configure manually on the client?
SSID AES Preshared key
You have a small wireless network that uses multiple access points. The network currently uses WEP. You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop?
SSID Preshared key
Which protocol does HTTPS use to offer greater security in Web transactions
SSL
Which protocol does HTTPS use to offer greater security in Web transactions?
SSL
You are purchasing a hard disk over the Internet from an online retailer. What does your browser use to ensure the other cannot see your credit card number on the Internet
SSL
You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations.
SSL
You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports,hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls?
SSL
You want to allow traveling users to connect to your private network through the internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls?
SSL
Which of the following protocols are often added to other protocols to provide secure transmission of data
SSL, TLS
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two)
SSL, TLS
____ holds the promise of reducing the number of usernames and passwords that users must memorize.
SSO
Mary wants to send a message to Sam so the only Sam can read it. Which key would be used to encrypt the message
Sam's public key
You are configuring a wireless network with two wireless access points. Both access points connect to the same wired network. You want wireless users to be able to connect to either access point, and to be able to roam between the two access points. How should you configure the access points?
Same SSID, different channel.
Which type of media preparation is sufficient for media that will be reused in a different security context within your organization
Sanitization
You have purchased new computers and will be disposing of your old computers. Instead of recycling the computers, you decide to resell them through a local liquidator. Computers were previously not used for storing sensitive information. What should you do prior to getting rid of the computers
Sanitize the hard drives
A healthcare organization provides mobile clinics throughout the world. Which network technology should you select to transfer patient statistical data to a central database via the Internet to ensure network connectivity for any clinic located anywhere in the world, even remote areas?
Satellite
Which of the following is the most susceptible to interference related to atmospheric conditions?
Satellite
The Srv1 server runs Hyper-V and has several virtual servers installed. Currently, most virtual servers are used for testing purposes. The physical system is running out of memory because of all the virtual machines that are currently active. You want to stop three virtual machines to free up more system resources. You want to stop the virtual machines so that when they start again, all open applications are still open and running. What should you do?
Save the virtual machine.
Which of the following mobile device security consideration will disable the ability to use the device after a short period of inactivity?
Screen lock
Which of the following is NOT a group scope?
Security groups.
You want to use CCTV as a preventative security measure. Which of the following is a requirement for your plan?
Security guards.
Which of the following is not an example of a service level agreement
Security policy design
What is a collection of configuration settings stored as a text file with an .inf extension?
Security template
A switch receives a frame addressed to the MAC address FF:FF:FF:FF:FF:FF. What will the switch do with the frame?
Send it out all ports except for the port it was received on.
A receiver wants to verify the integrity of a message received from a sender. A hashing value is contained within the digital signature of the sender. What must the receiver use to access the hashing value to the verify the integrity of the transmission
Sender's public key
A receiver wants to verify the integrity of a message received from a sender. A hashing value is contained within the digital signature of the sender. What must the receiver use to access the hashing value to verify the integrity of the transmission?
Sender's public key
What does the MAC method use to control access?
Sensitivity labels
____ certificates enable clients connecting to the Web server to examine the identity of the server's owner.
Server digital
Which of the following is defined as a contract which prescribes the technical support or business parameters that a provider will bestow to its clients
Service level agreement
Which of the following is defined as a contract which prescribes the technical support parameters that a provider will bestow to its client?
Service level agreement
A client computer starts to download some files from an FTP server named FTPSrv1. While the first download is in progress, the user opens a second instance of the FTP program and initiates a second download. What does the server and the client use to keep each download separate?
Session ID
____ is an attack in which an attacker attempts to impersonate the user by using his session token.
Session hijacking
You're responsible for implementing network cabling in a new network installation. The cabling will be installed in a manufacturing environment where there is a great deal of electromagnetic interference. What cabling would operate best in this environment?
Shielded twist pair fiber optic
You're responsible for implementing network cabling in a new network installation. The cabling will be installed in a manufacturing environment where there is a great deal of electromagnetic interference. (EMI). Which type of cabling would operate best in this environment? (Choose two.)
Shielded twisted pair cable Fiber-optic cable
You're responsible for implementing network cabling in a new network installation. The cabling will be installed in a manufacturing environment where there is a great deal of electromagnetic interface (EMI). Which type of cabling would operate best in this environment?
Shielded twisted pair cable. Fiber-optic cable.
You use Cat5e twisted pair cable on your network. cables are routed through walls and the ceiling. a user puts a screw in the wall to hang a picture and pierces the cable such that a signal sent on pin 1 arrives on the cable connected to pin 7. What term describes this condition?
Short circuit is when electrical signals take a different path other than the intended path.
You use Cat5e twisted pair cable on your network. Cables are routed through walls and the ceiling. A user puts a screw in the wall to hang a picture and pierces the cable such that a signal sent on pin 1 arrives on the cable connected to pin 7. What term describes this condition?
Short circuit.
Which of the following are examples of social engineering (Select two)
Shoulder surfing, Dumpster diving
You have a set of DVD-RW discs that have been used to archive files for your latest development project. You need to dispose of the discs. Which of the following methods should you use to best prevent extracting data from the discs
Shredding
You have a set of DVD-RW discs that have been used to archive files for your latest development project. You need to dispose of the discs. Which of the following methods should you use to best prevent extracting data from the discs?
Shredding
After arriving early this morning, you turn on your computer to begin your work. Instantly you see smoke and smell a strange odor coming from the computer. What should you do?
Shut off the system immediately.
Which of the following is the most common detection method used by and IDS?
Signature
Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities list in a database?
Signature based
Which IDS method searches for intrusion or attack attempts by recognizing patterns or identities listed in a database?
Signature based.
Of the following cables, which offer the best protection against EMI?
Single mode fiber optic
Of the following cables, which offer the best protection against EMI
Single mode fiber optic cable
Users report that the Internet is nolonger accessible. You suspect that the line connecting your building to the internet is not working properly. What allows the service provider to remotely test the local loop?
Smart Jack is a special loopback plug installed at the demarc point for a WAN service. Technicians at the central office can send diagnostic commands to the smart plug to test connectivity between the central office and the demarc
Which Hyper-V feature found in Windows Server 2012 provides temporary memory to allow a virtual machine to restart even when there is not enough physical memory available?
Smart Paging
Users report that the Internet is no longer accessible. You suspect that the line connecting your building to the Internet is not working properly. Which of the following allows the service provider to remotely test the local loop?
Smart jack
Users report that the Internet is no longer accessible. You suspect that the line connecting your building to the Internet is not working properly. Which of the following allows the service provider to remotely test the local loop?
Smart jack.
Which of the following is a form of denial of service attack that uses spoofed ICMP PACKETS TO FLOOD A VICTIM WITH ECHO REQUESTs USING A BOUNCE/AMPLIFICATION network?
Smurf
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?
Smurf
Which of the following are denial of service attacks? (Select two.) Salami Smurf Hijacking Fraggle
Smurf and Fraggle
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network?
Smurf.
What type of attack is most likely to succeed against communications between Instant Messaging clients?
Sniffing
Which of the following common network monitoring or diagnostic activity can be used as a passive malicious attack?
Sniffing
What is modified in the most common form of spoofing on a typical IP packet?
Source address
Which of the following could easily result in a denial of service attack if the victimized system had too little free storage capacity?
Spam
Which of the following features dynamically places switch ports in blocking or forwarding states
Spanning Tree.
Which of the following features dynamically places switch ports in blocking or forwarding states?
Spanning tree
Which of the following solutions would you implement to eliminate switching loops?
Spanning tree
You manage a network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternate path is available. Which feature should your switch support?
Spanning tree
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches?
Spanning tree
Which of the following solutions would you implement to eliminate switching loops?
Spanning tree.
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature prevents switching loops and ensures there is only a single active path between any two switches?
Spanning tree.
You manage a small network that uses multiple switches. You want to provide multiple paths between switches so that if one link goes down, an alternative path is available. Which feature should you switch support?
Spanning tree.
Which of the following correctly describes the T1 carrier system?
T1 lines use two pairs of copper wires. A single T1 channel can transfer data at 64 Kbps.
You are implementing Internet connectivity for a new start-up company. Your client will provide on-line storefronts for retailers. To do this, they have calculated that their Internet connection must provide a data rate of at least 20 - 30 Mbps. Which type of service should you implement?
T3
You are implementing Internet connectivity for a new start-up company. Your client will provide on-line storefronts for retailers. To do this, they have calculated that their Internet connection must provide a data rate of at least 20 - 30 Mbps. Which type of service should you implement?
T3
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access? (Select two)
TACACS+, RADIUS
Which of the following is the name of the type of port scan which does not complete the full three-way handshake of TCP, but rather listens only for either SYN/ACK or RST/ACK packets?
TCP SYN scan
Dynamic Ports
TCP/IP ports in the range of 49,152 through 65,535, which are open for use without requiring administrative privileges on a host or approval from IANA.
You have been asked to document the wiring in your building. You would like to identify the length of each Cat5 cable to verify that it meets Ethernet standards. You need to identify the length of the cables, but most cables run through walls and ceilings, making them difficult to trace. Which tool should you use?
TDR
You have been asked to document the wiring in your building. You need to identify the length of the cables, but most cables run through walls and ceilings, making them difficult to trace. What tool do you use?
TDR a special device that sends electrical pulses on a wire in order to discover information about the cable. It measures impedance discontinuities, or in other words the echo received on the same wire in response to a signal on the wire.: Length of wire cable impedance location of splices and connectors on the wire shorts and open circuits and location of the fault
You have been asked to document the wiring in the building. You would like to identify the length of each Cat5 cable to verify that it meets Ethernet standards. You need to identify the length of the cables, but most cables run through walls and ceilings, making them difficult to trace. Which tool should you use?
TDR.
Which of the following network services or protocols uses TCP/IP port 69.
TFTP
Which of the following network services or protocols uses TCP/IP port 69?
TFTP.
What encryption method is used by WPA for wireless networks?
TKIP uses rotating keys for added security over WEP
Which of the following technologies is based upon SSL (Secure Socket Layer)
TLS (Transport Layer Security)
___ use multiple infrared beams that are aimed across a doorway and positioned so that as a person walks through the doorway some beams are activated.
Tailgate sensors
Which of the following Denial of Service (DoS) attacks does the victim's system rebuild invalid UDP packets, causing the system to crash or reboot?
Teardrop
You are an administrator for a large company. You are setting up a computer at a worker's home so he can telecommute while he recovers from surgery. You want to connect to the UNIX server at the office to update his account information. Which utility should you use to accomplish this task?
Telnet
You are an administrator for a large company. You are setting up a computer at a worker's house so he can telecommute while he recovers from surgery. You want to connect to the UNIX server at the office to update his account information Which utility should you use to accomplish this task?
Telnet.
Which of the following are typically associated with human resource security policies (Select two)
Termination, Background checks
You are a network administrator for your company. A user calls and tells you that after stepping on the network cable in her office, that she can no longer access the network. You go to the office and see that one of the user's stiletto heels has broken and exposed some of the wiring in the Cat 5 network cable. You make another cable and attach it from the wall plate to the user's computer. What should you do next in your troubleshooting strategy?
Test the solution.
You are a network administrator for your company. A user calls and tells you that after stepping on the network cable in her office, that she can no longer access the network. You go to the office and see that one of the user's stiletto heels has broken and exposed some of the wires in the Cat 5 network cable. You make another cable and attach it from the wall plate to the user's computer. What should you do next in your troubleshooting strategy?
Test the solution.
You manage a single domain running Windows Server 2012. You have configured a Restricted Group policy as shown in the image. When this policy is applied, which action will occur? The image shows "Desktop Admins" in the bottom box (This group is a member of:).
The Backup Operators group will be made a member of the Desktop Admins group.
An SSL client has determined that the Certificate Authority (CA) issuing a server's certificate is on its list of trusted CAs. What is the next step in verifying the server's identity?
The CA's public key must validate must validate the CA's digital signature on the server certificate.
An SSL client has determined that the Certificate Authority (CA) issuing a server's certificate is on its list of trusted CAs. What is the next step in verifying the server's identity
The CA's public key must validate the CA's digital signature on the server certificate
When you try to boot your computer, it hangs after the POST. When you access the CMOS setup program, you see that the date is several years behind and the time is set to 12:01 am. What is the most likely problem?
The CMOS battery has failed.
You manage a single domain running Windows Server 2012. You have configured a Restricted Group policy as shown in the image. When this policy is applied, which actions will occur? (Select two.) The image shows "Desktop Admins" in the top box (Members of this group:).
The Desktop Admins group will be made a member of the Backup Operators group. Any other members of the Backup Operators group will be removed.
Certificate revocation should occur under all but which of the following conditions
The certificate owner has held the certificate beyond the established lifetime timer
Certificate revocation should occur under all but which of the following conditions?
The certificate owner has held the certificate beyond the established lifetime timer.
What action is taken when the private key associated with a digital certificate becomes compromised
The certification is revoked and added to the Certificate Revocation List
A user on your network has been moved to another office down the hall. After the move she calls you complaining that she has only occasional network access through her wireless connection. Which of the following is most likely the cause of the problem?
The client system has moved too far away from the access point.
After installing a new DHCP server on the network, you need to verify that the network devices are receiving IP addresses via DHCP. You reboot a Windows XP client system and using the ipconfig command, receive the following information: Ethernet adapter Local Area Connection 1: Description: CardBus-II 10/100 PC Card Physical Address : 02-00-4C-3F-50 DHCP Enabled : Yes Auto configuration Enabled : Yes Auto configuration IP Address : 169.254.25.129 Subnet : 255.255.0.0 Default Gateway: DNS Servers: Which of the following statements are true?
The client system is unable to reach the DHCP server. The client system is configured to use DHCP.
Due to widespread network expansion, you have decided to upgrade the network by configuring a DHCP server for the network. The network uses Linux, Windows, and Mac OS X client systems. You configure the server to distribute IP addresses from 132.168.2.1 to 192.168.2.100. You use the subnet mask of 255.255.255.0. After making all setting changes on the DHCP server, you reboot each client system but they are not able to obtain an IP address from the DHCP server. Which of the following would explain the failure?
The clients must be configured to obtain IP addressing from a DHCP server.
IPv4 (IP version 4)
The current standard for IP addressing that specifies 32-bit addresses composed of four octets.
namespace
The database of Internet IP addresses and their associated names distributed over DNS name servers worldwide.
resource record
The element of a DNS database stored on a name server that contains information about TCP/IP host names and their addresses.
signaling
The exchange of information between the components of a network or system for the purposes of establishing, monitoring, or releasing connections as well as controlling system operations.
What information does the next hop entry in the routing table indentify?
The first router in the path to the destination network.
TLD (top-level domain)
The highest-level catagory used to distinguish domain names--for example, .org, .com, and .net. A TLD is also known as the domain suffix.
switch
The letters or words added to a command that allow you to customize a utility's output. Switches are usually preceded by a hyphen or forward slash character.
TCP/IP core protocols
The major subprotocols of the TCP/IP suite, including IP, TCP, and UDP.
hosts
The name of the host file used on UNIX, Linux, and Windows systems. On a UNIX- or Linux-based computer, it is found in the /etc directory. On a Windows-based computer, it is found in the %systemroot%\system32\drivers\etc folder.
H.323 gatekeeper
The nerve center for networks that adhere to H.323. Gatekeepers authorize and authenticate terminals and gateways, manage bandwidth, and oversee call routing, accounting, and billing. Gatekeepers are optional on H.323 networks.
network ID
The portion of an IP address common to all nodes on the same network or subnet.
Which of the following would require that a certificate be placed on the CRL
The private key is compromised.
Which of the following would require that a certificate be placed on the CRL?
The private key is compromised.
subnetting
The process of subdividing a single class of network into multiple, smaller networks.
routable
The protocols that can span more than one LAN because they carry Network layer and addressing information that can be interpreted by a router.
VoIP (voice over IP)
The provision of telephone service over a packet-switched network running the TCP/IP protocol suite.
Internet telephony
The provision of telephone service over the Internet.
videoconferencing
The real-time reception and transmission of images and audio among two or more locations.
echo request
The request for a response generated when one device pings another device.
echo reply
The response signal sent by a device after another device pings it.
dotted decimal notation
The shorthand convention used to represent IPv4 addresses and make them more easily readable by humans. In it, a decimal number between 0 and 255 represents each binary octet. A period, or dot, separates each decimal.
subprotocols
The specialized protocols that work together and belong to a protocol suite.
domain name
The symbolic name that identifies a domain. Usually, it is associated with a company or other type of organization, such as a university or military unit.
You suspect that an Xmas tree attack is occurring on a system. Which of the following could result if you do not stop the attack?(Select two)
The system will be unavailable to respond to legitimate requests AND the threat agent will obtain information about open ports on the system
A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While talking to her, you discover that she is trying to work from the coffee rom two floors above the floor where she normally works. What is the most likely cause of her connectivity problem?
The user is out of the effective range of the wireless access point on her floor.
ipconfig
The utility used to display TCP/IP addressing and domain name information in the Windows NT, Windows 2000, Windows XP, and Windows Vista client operating systems.
You used BitLocker to encrypt the hard drive of a laptop. The laptop stores the startup key in the TPM, and a PIN is also required to start the system. Because of a hardware failure, the system will not boot. You want to gain access to the data on the hard drive. What should you do
Move the hard drive to another system. Use the recovery key to unlock the disk.
You are in the process of configuring a new computer. The motherboard has six memory slots and supports triple channel memory. You install two memory modules. When you booth the computer, the BIOS recognizes both modules, but the memory only runs dual channel mode. What should you do? (Select two.)
Move the modules to the correct motherboard slots. Install a third, identical memory module.
Which utility lets you customize which files are processed at startup on Windows 7 systems?
Msconfig
Which tool can you use to view, but not modify, hardware and configuration information for your computer?
Msinfo32
Which Windows component lets you modify system parameters stored in the registry using a GUI interface?
Msinfo32.exe
You want to measure the voltage, amps, and ohms of various devices. Which tool should you use?
Multimeter
You want to measure the voltage, amps, and ohms of various devices. what do you use?
Multimeter is a device for testing various electrical properties.
You want to measure the voltage, amps, and ohms of various devices. Which tool should you use?
Multimeter.
Which of the following is a feature of MS-CHAP v2 that is not included in CHAP?
Mutual authentication
Which of the following best describes the condition where a signal sent on one wire is received on another wire within the same connector?
NEXT
What best describes the condition where a signal sent on one wire is received on another wire within the same connector
NEXT near end crosstalk measured on the same end as the transmitter.
Which of the following best describes the condition where a signal sent on one wire is received on another wire within the same connector?
NEXT.
Which of the following locations will contribute the greatest amount of interference for a wireless access point? (Select two.)
Near cordless phones Near backup generators.
Which of the following principles is implemented in a mandatory access control model to determine access to an object using classification levels?
Need to know
If an organization shows sufficient due care, which burden is eliminated in the event of a security breach
Negligence
The third layer of the OSI model is the:
Network Layer
You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to implement scanning of emails for all users. You want to scan the emails and prevent any emails with malicious attachments from being received by users. Your solution should minimize administration, allowing you to centrally manage the scan settings. Which solution should you use?
Network based firewall
Your company has a connection to the Internet that allows users to access the Internet. You also have a web server and an email server that you want to make available to Internet users. You want to create a DMZ for these servers. Which type of device should you use to create the DMZ?
Network based firewall
You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan the e-mails and prevent any e-mails with malicious attachments from being received by users. Your solution should minimize administration, allowing you to centrally manage the scan settings. Which solution should you use?
Network based firewall.
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?
Network based firewall.
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ?
Network based firewall.
In troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet addresses of each connected subnet. Which type of document would most likely have this information?
Network diagram
In troubleshooting a router, you want to identify which other devices are connected to the router, as well as the subnet addresses of each connected subnet. Which type of document would most likely have this information?
Network diagram.
You have a network connected using a physical bus topology. One of the cables connecting a workstation to the bus breaks. Which of the following best describes what happens to network communications?
No device is able to communicate.
You have a network connected using a physical bus topology. One of the cables connecting a workstation to the bus breaks. Which of he following best describes what happens to network communications?
No devices will be able to communicate.
By definition, which security concept uses the ability to prove that a sender sent an encrypted message
Non-repudiation
By definition, which security concept uses the ability to prove that a sender sent an encrypted message?
Non-repudiation
When a sender encrypts a message using their own private key, what security service is being provided to the recipient
Non-repudiation
When a sender encrypts a message using their own private key, what security service is being provided to the recipient?
Non-repudiation
You are testing the power supply in a PC system by measuring the voltage available on the 4-pin Molex connector. The voltage on the red wire is +5.2 volts. What should you do?
Nothing, the power supply is working normally.
Which type of active scan turns off all flags in a TCP header?
Null
Which of the following routing protocols divides the network into areas, with all networks required to have an area of 0 (area 0 identifying the backbone area)?
OSPF
Which of the following routing protocols are classified as link state routing protocols?
OSPF IS-IS
Which of the following best describes OSPF?
OSPF is a classless link-state routing protocol.
What are the main differences between the OSPF and IS-IS routing protocols?
OSPF requires an area 0, while IS-IS does not.
You are working with an existing fiber optic installation in your building. You want to know how long each length of cable is that runs through walls. Which tool should you use?
OTDR
You are working with an existing fiber optic installation in your building. You want to know how long each length of cable is that runs through walls. Which tool should you use?
OTDR
You are working with an existing fiber optic installation in your building. You want to know how long each length of cable is that runs through walls. Which tool do you use?
OTDR Optical Time domain reflector
You have a Web server that will be used for secure transactions for customers who access the Web site over the Internet. The Web server requires a certificate to support SSL. Which method would you use to get a certificate for the server
Obtain a certificate from a public PKI
You have a Web server that will be used for secure transactions for customers who access the Web site over the Internet. The Web server requires a certificate to support SSL. Which method would you use to get a certificate for the server?
Obtain a certificate from public PKI
You are setting up a wireless hotspot in a local coffee shop. For best results, you want to disperse the radio signals evenly throughout the coffee shop. Which of the following types of antennas would you use on the AP to provide a 360-degree dispersed wave pattern?
Omni-directional
You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?
On a RADIUS server
redirect server
On a SIP network, a server that accepts and responds to requests from user agents and SIP proxy servers for location information on recipients that belong to external domains.
proxy server
On a SIP network, a server that accepts requests for location information from user agents, then queries the nearest registrar server on behalf of those user agents. If the recipient user agent is in the SIP proxy server's domain, then that server will also act as a go-between for calls established and terminated between the requesting user agent and the recipient user agent.
registrar server
On a SIP network, a server that maintains a database containing information about the locations (network addresses) of each user agent in its domain. When the user agent joins a SIP network, it transmits its location information to the SIP registrar server.
H.323 gateway
On a network following the H.323 standard, a gateway that provides translation between network devices running H.323 signaling protocols and devices running other types of signaling protocols (for example, SS7 on te PSTN).
H.323 terminal
On a network following the H.323 standard, any node that provides audio, visual, or data information to another node.
Which of the following paths opens the Computer Management tool? (Select two.)
On the Start menu, right-click Computer and select Manage. In the Control Panel, open Admistrative Tools, then double0click the Computer Management icon.
How many keys are used with symmetric key cryptography
One
How many keys are used with symmetric key cryptography?
One
Which two of the following describe the channels and the data transfer rates used for ISDN BRI(Select Two)
One D channel operating at 16 Kbps, Two B channels operating at 64 Kbps each
What is the primary difference between impersonating and masquerading
One is more active, the other is more passive
octet
One of the four bytes that are separated by periods and together make up an IPv4 address.
Which of the following is not an example of a physical barrier access control mechanism?
One time passwords
Which of the following encryption methods combines a random value with the plaintext to produce the cipher text
One-time pad
Which of the following encryption methods combines a random value with the plaintext to produce the cipher text?
One-time pad
What technology was developed to help improve the efficiency and reliability of checking the validity status of certificates in large complex environments
Online Certificate Status Protocol
Which of the following are backed up during a differential backup
Only file that have changed since the last full backup.
Which of the following are backed up during a differential backup?
Only files that have changed since the last full backup.
Which of the following are backed up during an incremental backup
Only files that have changed since the last full or incremental backup.
Which of the following are backed up during an incremental backup?
Only files that have changed since the last full or incremental backup.
You have a small home wireless network that uses WEP. The access point is configured as the DHCP server and a NAT router that connects to the Internet. You do not have a RADIUS server. Which authentication method should you use?
Open
You have purchased a used wireless access point and want to set up a small wireless network at home. The access point only supports WEP. You want to configure the most secure settings on the access point. Which of the following would you configure?
Open authentication Preshared key
You are the administrator for a secure network that uses firewall filtering. Several network users have requested to access Internet Usenet groups but are unable. What needs to be done to allow users to access the newsgroups?
Open port 119 to allow NNTP service.
After blocking a number of ports to secure your server, you are unable to send e-mail. To allow e-mail service which of the following needs to be done?
Open port 25 and allow STMP service.
After blocking a number of ports to secure your server, you are unable to send e-mail. To allow e-mail service which of the following needs to be done?
Open port 25 to allow SMTP service.
Lately your computer is spontaneously rebooting and freezing. What is the most likely cause?
Overheated CPU.
Lately your computer is spontaneously shutting down after only a few minutes of use. What is the most likely cause? (Select two.)
Overheated CPU. Cooling fans clogged with dust.
You have been hired to troubleshoot a wireless connectivity issue for two separate networks located within a close proximity. Both networks use a WAP from the same manufacturer and all settings, with the exception of SSIDs, remain configured to the default. Which of the following might you suspect as the cause of the connectivity problems?
Overlapping channels
____ networks are typically used for connecting devices on an ad hoc basis for file sharing of audio, video, and data, or real-time data transmission such as telephony traffic.
P2P
____ is typically used on home routers that allow multiple users to share one IP address received from an Internet service provider (ISP).
PAT
Devices that receive power from a PSE (power sourcing equipment) are known as:
PD
Which of the following is a mechanism for granting and validating certificates?
PKI
Which of the following describes the lines used in local loop for dial-up telephone access?
POTS
Which of the following describes the lines used in the local loop for dial-up telephone access?
POTS
You are configuring your computer to dial up to the Internet. What protocol should you use?
PPP
Which of the following protocols of services is commonly used on cable Internet connections for user authentication?
PPPoE
You have just signed up for Internet access using a local provider that gives you a fiber optic line into your house. From there, Ethernet and wireless connections are used to create a small network within your home. Which of the following protocols would be used to provide authentication, authorization, and accounting for the Internet connection?
PPPoE
You want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network.
PPTP
You want to use a protocol that can encapsulate other LAN protocols and carry the data securely over an IP network. Which of the following protocols is suitable for this task?
PPTP.
Which of the following protocols can your portable computer use to connect to your company's network via a virtual tunnel through the Internet?
PPTP. L2TP.
Which of the following terms identifies the network of dial-up telephone and the long-distance lines?
PSTN
You are traveling throughout North America to many metropolitan and rural areas. Which single form of Internet connectivity provides the greatest potential connectivity wherever you travel?
PSTN
You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?
PTZ
Which of the following is a firewall function?
Packet filtering.
You want to install a firewall that can reject packets that are not part of the active session. Which type of firewall should you use?
Packet filtering.
You are concerned about attacks directed against the firewall on your network. You would like to examine the content of individual frames sent to the firewall. Which tool should you use?
Packet sniffer
You want to know what protocols are being used on your network. You'd like to monitor network traffic and sort traffic based on protocol. Which tool should you use?
Packet sniffer
You are concerned about attacks directed against your firewall on your network. You would like to examine the content of individual frames sent to the network. Which tool should you use?
Packet sniffer.
You want to know what protocols are being used on your network. You'd like to monitor network traffic and sort traffic based on protocol. Which tool should you use?
Packet sniffer.
Which type of network divides data to be transmitted into small units and routes these units from the originating system to the destination system, allowing multiple, concurrent communications on the network medium?
Packet-switched
Which type of network divides data to be transmitted into small units and then routes these units from the originating system to the destination system, allowing multiple, concurrent communications on the network medium?
Packet-switched
A Smurf attack requires all but which of the following elements to be implemented?
Padded cell
A Smurf attack requires all but which of the following elements to be implemented?
Padded cell.
What common design feature among Instant Messaging clients make them more insecure than other means of communicating over the Internet?
Peer-to-peer networking
A disaster recovery plan should include all but which of the following
Penetration testing
A disaster recovery plan should include all but which of the following?
Penetration testing
The disaster recovery plan calls for having tape backups stored at a different location. The location is a safe deposit box at the local back. Because of this, the disaster recovery plan specifies to choose a method that uses the fewest tapes, but is also quick to back up and restore files. Which backup strategy would best meet the disaster recovery plan for tape backups
Perform a full backup once a week with a differential backup the other days of the week.
The disaster recovery plan calls for having tape backups stored at a different location. The location is a safe deposit box at the local bank. Because of this, the disaster recovery plan specifies to choose a method that uses the fewest tapes, but it also quick to back up and restore files. Which backup strategy would best meet the disaster recovery plan for tape backups?
Perform a full backup once a week with a differential backup the other days of the week.
You have discovered a computer that is connected to your network that was used for an attack. You have disconnected the computer form the network to isolate it from the network and stop the attack. What should you do next
Perform a memory dump
You have discovered a computer that is connected to your network that was used for an attack. You have disconnected the computer from the network to isolate it from the network and stop the attack. What should you do next?
Perform a memory dump
Which of the following methods should you use to prevent SQL injection attacks?
Perform input validation
You manage a Windows 7 system. You want to view information about all of the programs running on your system and sort each program based on the amount of memory and CPU that the program uses. Which tool would you use?
Performance Monitor
You manage a Windows 7 system. You want to view information about your computer including the CPU utilization percentage and information about disk read operations. Which tools could you use to do this? (Select two.)
Performance Monitor msconfig.exe
Users on your network report that they have received an email stating that the company has just launched a new website for employees, and to access the Web site they need to go there and enter their user name and password information. No one in your company has sent this email. What type of attack is this?
Phishing
Which of the following is a form of attack that tricks victims into providing confidential information, such as identity information or logon credentials, through e-mails or Web sites that impersonate an online entity that the victim trusts, such as a financial institution or well known e-commerce site
Phishing
Users on your network report that they have received an e-mail stating that the company has just launched a new Web site for employees, and to access the Web site they need to go there and enter their username and password information. No one in your company has sent this e-mail. What type of attack is this?
Phishing.
What output shows you the results of four echo request/reply contacts with destination host?
Ping
You work in an office that uses NetWare servers and Wind. nt 4 servers. The network uses both the TCp/Ip and IPX/SPX protocols. You are sitting at a workstation that uses Windows 95 OSR2. an application you are using is unable to contact a Windows NT server named FileSrvr2. What command can you use to determine whether your computer can still contact the server?
Ping
Which of the following Denial of Service (DoS) attacks uses ICMP packets and will only be successful if the victim has less bandwidth than the attacker?
Ping Flood
To test a power supply, you want to use a multimeter to measure the voltage on a Molex hard disk connector. To do this, you need to turn the power supply on. Which pins on the 24-pin motherboard connector coming from the power supply can be shunted to turn the power supply on? (Select two.)
Pins 16 and 17 Pins 15 and 16
Which of the following recommendations should you follow when placing access points to provide wireless access for users within your company building?
Place access points above where most clients are.
Which switch features are typically used with VoIP? (Select Two)
PoE, VLAN
You have a site in your network that is connected to multiple other sites. A single virtual circuit is used to connect to all other sites.
Point-to-multipoint
You have site in your network that is connected to multiple other sites. A single virtual circuit is used to connect all other sites. What type of connection is being used?
Point-to-multipoint
You have a series of WAN links that connects to your site to multiple other sites. Each remote site is connected to your site using a dedicated line. What type of connection is being used?
Point-to-point
You have a series of WAN links that connects your site to multiple other sites. Each remote site is connected to your site using a dedicated link What type of connection is being used?
Point-to-point
A new law was recently passed that states that all businesses must keep a history of all e-mails sent between members of the board of directors. You need to ensure that your organization complies with this law. Which document type would you update first in response to this new law?
Policy
A new law was recently passed that states that all businesses must keep a history of all e-mails sent between members of the board of directors. You need to ensure that your organization complies with the law. Which document type would you update first in response to this new law?
Policy.
As you browse the Internet, you notice that when you go to some sites, multiple additional windows are opened automatically. Many of these windows contain advertisements for products that are inappropriate for your family to view. Which tool can you implement to prevent these windows from showing?
Pop-up blocker
You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug in their computers to the free network jacks and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
Port authentication
You manage a network that uses switches. In the lobby of your building are three RJ-45 ports connected to a switch. You want to make sure that visitors cannot plug their computers to the free network and connect to the network. However, employees who plug into those same jacks should be able to connect to the network. What feature should you configure?
Port authentication.
An Internet server has a single network interface that has been assigned an IP address. The server is running both the FTP and HTTP services. A client computer initiates a session with the HTTP server. How is the HTTP request from the client routed to the correct service running on the server?
Port or socket number
When performing a vulnerability assessment, many organizations use ____ software to search a system for any port vulnerabilities.
Port scanner
You want to make sure that a set of servers will only accept traffic for specific network services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?
Port scanner
You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services Which tool should you use?
Port scanner
You want to make sure that a set of servers will only accept traffic for specific network services. You have verified that the servers are only running the necessary services, but you also want to make sure that the servers will not accept packets sent to those services. Which tool should you use?
Port scanner.
You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting the availability of the network. Which of the following should you implement?
Positive pressure system
You maintain the network for an industrial manufacturing company. You are concerned about the dust in the area into server components and affecting the availability of the network. Which of the following should you implement
Positive pressure system
To prevent server downtime, which of the following components should be installed redundantly in a server system
Power supply
To prevent server downtime, which of the following components should be installed redundantly in a server system?
Power supply
HIPAA is a set of federal regulations that define security guidelines that enforce the protection of what?
Privacy
Instant Messaging does not provide which of the following?
Privacy
Which of the following policies specifically protects PII?
Privacy
CorpServ is a small company with 14 client systems and network printer. Because there are only a limited number of networked systems, you decide to us APIPA addressing for the network. With APIPA configured, all systems are able to communicate with each other but you are having rouble configuring Internet access. What is the likely cause of the problem?
Private addresses cannot directly communicate to hosts outside the local subnet
CorpServ is a small company with 14 client systems and a network printer. Because there are only a limited number of networked systems, you decide to use APIPA addressing for the network. With APIPA configured, all systems are able to communicate with each other but you are having trouble configuring Internet access. What is the likely cause of the problem?
Private addresses cannot directly communicate to hosts outside the local subnet.
Above all else, what must be protect to maintain the security and benefit of a asymmetric cryptographic solution, especially if it is widely used for digital certificates
Private keys
A relatively new employee in the data entry cubical farm was assigned a user account similar to that of all the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has access data in restricted areas. This situation indicates which of the following has occurred?
Privilege escalation
An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions?
Privilege escalation
On a Windows system, which Task Manager tab would you use to adjust the priority given to a specific program?
Processes
A ____ virus infects program executable files.
Program
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device which is connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation and not other devices. Which feature should you configure?
Promiscuous mode
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffing software on a device which is connected to the same hub that is connected to the router. When you run the software, you see only frames addressed to the workstation and not other devices. Which feature should you configure?
Promiscuous mode
You decide to use a packet sniffer to identify the type of traffic sent to a router. You run the packet sniffer software on a device which is connected to the same hub that is connected to the router. When you run the software, you only see frames addressed to the workstation and not other devices. Which feature should you configure?
Promiscuous mode.
Besides protecting a computer from under voltages, a typical UPS also performs which two actions:
Protects from over voltages Conditions the power signal
Besides protecting a computer from under voltages, typical UPS also performs which two actions
Protects from over voltages, Conditions the power signal
Which of the following is an advantage of a virtual browser?
Protects the operating system from malicious downloads.
You have recently reconfigured FTP to require encryption of both passwords and data transfers. You would like to check network traffic to verify that all FTP passwords and data are being encrypted. Which tool should you use?
Protocol analyzer
You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use?
Protocol analyzer
You want to be able to identify traffic that is being generated and sent through the network by a specific application running on a device. Which tool should you use?
Protocol analyzer.
What is the purpose of the Microsoft Management Console (MMC)? (Select two.)
Provide a shell for running snap-ins Provide a common user interface for performing system administrative tasks
What is the purpose of using Ethernet bonding?
Provides a fail over solution for network adapters. Increases network performance.
Which of the following allows you to save frequently-accessed Web sites on your local network for later retrieval?
Proxy
You manage a server that runs your company Web site. The Web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that the static Web content can be offloaded to a different server, while the Web server continues to process dynamic content. Which solution should you implement?
Proxy Server.
You manage a server that runs your company Web site. The Web server has reached its capacity, and the number of client requests is greater than the server can handle. You would like to find a solution so that static Web content can be offloaded to a different server, while the Web server continues to process dynamic content. Which solution should you implement?
Proxy server
Which of the following allows you to save frequently accessed Web sites on your local network for later retrieval?
Proxy.
Which of the following is the best countermeasure for man-in-the-middle attacks?
Public Key Infrastructure (PK)
Which of the following is the best countermeasure for man-in-the-middle attacks
Public Key Infrastructure (PKI)
How can organization help prevent social engineering attacks (Select two)
Publish and enforce clearly-written security polices, Educate employees on the risk and countermeasures
How can an organization help prevent social engineering attacks (Select two)
Publish and enforce clearly-written security policies, Educate employees on the risk and countermeasures
How can an organization help prevent social engineering attacks? (Select two.)
Publish and enforce clearly-written security policies. Educate employees on the risks and countermeasures.
You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accessible to Internet users. The Web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers? (Select two.)
Put the database server on the private network. Put the Web server inside the DMZ.
You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accessible to Internet users. The Web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers?
Put the database server on the private network. Put the Web server on the DMZ.
Your network conducts training sessions for high-profile clients. As part of the training, clients connect to get a video feed of the instructor and other class activities. You want to make sure that video traffic related to the training is not delayed on the network. Which solution should you implement?
QoS
Your network conducts training sessions for high-profile clients. As part of the training, clients connect to get a video feed of the instructor and other class activities. You want to make sure that the video traffic related to the training is not delayed on the network. Which solution should you implement?
QoS.
Which of the following solutions are most likely implemented with VoIP to ensure timely deliver of voice data?
QoS. Traffic shaper.
Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of those accounts?
RADIUS
Which of the following are differences between RADIUS and TACACS+?
RADIUS combines authentication and authorization into a single function; TACACS+ allows these services to be split between different servers.
Which type of devices is required to implement port authentication through the switch?
RADIUS server
Which type of device is required to implement port authentication throughout a switch?
RADIUS server.
Which of the following disk configurations can sustain a loss of any two disks
RAID 1+0
Which of the following disk configurations might sustain losing two disks? (Select two.)
RAID 1+0 RAID 0+1
Which of the following drive configuration is fault tolerant
RAID 5
What is an advantage of RAID 5 over RAID 1
RAID 5 improves performance over RAID 1
What is an advantage of RAID 5 over RAID 1?
RAID 5 improves performance over RAID 1.
You want to set up a service to allow multiple users to dial into the office server from modems on their home computers. What service should you implement?
RAS
You have implemented an access control method that allows only users who are managers to access specific data. Which type of access control model is used?
RBAC
A router access control list uses information in a packet such as the destination IP address and port number to make allow or deny forwarding decisions. This is an example of which kind of access control model?
RBAC (based on rules)
Which of the following protocols or services would you associate with Window's Remote Desktop Services network traffic?
RDP
You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save files on the server, and print files to a printer connected to a computer at home. Which protocol should you use?
RDP
You are in the middle of a big project at work. All of your work files are on a server at the office. You want to be able to access the server desktop, open and edit files, save the files on the server, and print to a printer connected to a computer at home. Which protocol should you use?
RDP
Which of the following protocols or services would you associate with Windows Remote Desktop Services network traffic?
RDP.
ID badges that can be detected by a proximity reader are often fitted with tiny radio ____ tags.
RFID
Which of the following protocosl has a limit of 15 hops between any two networks?
RIP
What is the main difference between RIP and RIPv2?
RIP is a classful protocol, while RIPv2 is a classless protocol.
Which of the following statements about RIP is true?
RIP uses hop counts as the cost metric.
Which of the following protocols can TLS for key exchange (Select two.)
RSA, Diffie- Hellman
Which of the following drive configurations is fault tolerant?
Raid 5
Which of the following best describes the concept of due care or due diligence?
Reasonable precautions, based on industry best practices, are utilized and documented.
The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following actions is most likely to destroy critical evidence
Rebooting the system
The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following actions is most likely to destroy critical evidence?
Rebooting the system
Which form of alternate site is the cheapest but may not allow an organization to recover before reaching their maximum tolerable downtime?
Reciprocal agreement
Which form of alternate site is the cheapest but my not allow an organization to recover before reaching their maximum tolerable downtime
Reciprocal agreement
Which of the following identifies someone who can retrieve private keys from storage
Recovery agent
You have lost the private key that you have used to encrypt files. You need to get a copy of the private key to open some encrypted files. Who should you contact
Recovery agent
You have lost the private key that you have used to encrypt files. You need to get a copy of the private key to open some encrypted files. Who should you contact?
Recovery agent
Who is responsible for performing the steps of the business continuity plan or disaster recovery plain in the event of an emergency
Recovery team
Who is responsible for performing the steps of the business continuity plan or disaster recovery plan in the event of an emergency?
Recovery team
QoS provides which of the following on a network?
Reduces latency of time-sensative traffic.
QoS provides which of the following on a network?
Reduces latency of time-sensitive traffic.
What is the primary security feature that can be designed into a network's infrastructure to protect and support availability
Redundancy
What is the primary security feature that can be designed into a network's infrastructure to protect and support availability?
Redundancy
Which tool lets you view and directly edit the registry?
Regedit
Which of the following is an entity that accepts and validates information contained within a request for certificate
Registration authority
Even if you perform regular backups, what must be done to ensure that you are protected against data loss
Regularly test restoration procedures
Even if you perform regular backups, what must be done to ensure that you are protected against data loss?
Regularly test restoration procedures
You need to find out what kind of laws might apply to the design and operation of your network. Which type of document would you consult?
Regulation
You need to find out what kind of laws might apply to the design and operation of your network. Which type of document would you consult?
Regulation.
You have an existing computer that you've been using for years. You decide to upgrade the processor. You check the motherboard documentation and purchase the fastest processor that is supported by the motherboard. When you start the computer, it beeps regularly but nothing is shown on the screen and it doesn't start. What should you do? (Select two.)
Reinstall the old processor in the motherboard. Flash the BIOS.
You often travel away from the office. While traveling, you would like to use a modem on your laptop computer to connect directly to a server in your office and access files on that server that you need. You want the connection to be as secure as possible. Which type of connection will you need?
Remote access
A smart phone was lost at the airport. There is no way to recover the device. Which if the following will ensure data confidentiality on the device?
Remote wipe
You have just installed several devices at once to a computer, but now the computer fails to boot properly. What should you do?
Remove all of the newly added devices and install them one at a time.
You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat 6e cable to connect the wiring closet to the shipping building. Which of the following should you in include in your plan?
Repeater
You are creating an ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single cat 6e cable to connect the wiring closet to the shipping building. What should you include in your plan?
Repeater regenerates the signal and removes the unwanted effects caused by attenuation
You are creating an Ethernet network for your company. The shipping department is located in a different building that is located 150 meters from the main wiring closet. You connect a single Cat 6e cable to connect the wiring closet to the shipping building. Which of the following should you include in your plan?
Repeater.
You are implementing a wireless network inside a local office. You require a wireless link to connect a laptop in the administrator's office directly to a system in the sales department. In the default configuration, the wireless AP uses a 360-dispersed RF wave design. After installed, the signal between the two systems is weak as many obstacles interfere with the signal. Which of the following strategies could you try to increase signal strength?
Replace the Omni-directional antenna with a directional antenna
A user from the Sales department calls to report that he is experiencing problems connecting to the sales file server all users in the sales department connect to the sales server through a single ethernet switch. No other users have reported problems connecting to the sales server. what troubleshooting actions are you most likely to perform first?
Replace the network card in the user's computer
A user from the Sales department calls to report that he is experiencing problems connecting to the Sales file server. All users in the Sales department connect to the Sales server through a single Ethernet switch. No other users have reported problems connecting to the Sales server. Which of the following troubleshooting actions are you most likely to perform first?
Replace the network card in the user's computer.
You are testing the power supply in a PC system by measuring the voltage available on the 4-pin Molex connector. The voltage on the yellow wire is +10.1 volts. What should you do?
Replace the power supply.
Viruses and worms are said to be self-____.
Replicating
A ____ virus is loaded into random access memory (RAM) each time the computer is turned on and infects files that are opened by the user or the operating system.
Resident
Your organization uses 802.11b wireless network. Recently, other tenants installed the following equipment in your building: Wireless television system running 2.4 GHz Wireless phone system running 5.8 GHz Wireless phone system running 900 MHz An 802.11a wireless network running in the 5.725-5.850 GHz frequency range 802.11j wireless network running in the 4.9-5.0 GHz frequency range Since this equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame?
The wireless TV system
Your organization uses an 802.11b wireless network.Recently, other tenants installed the following equipment in your building: A wireless television distribution system running at 2.4 GHz A wireless phone system running at 5.8 GHz A wireless phone system running at 900 MHz An 802.11a wireless network running in the 5.725 - 5.850 GHz frequency range An 802.11j wireless network running in the 4.9 - 5.0 GHz frequency range. Since this equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame?
The wireless TV system
Your organization uses an 802.11b wireless network. Recently, other tenants installed the following equipment in your building: A wireless television distribution system running at 2.4 GHz. A wireless phone system running at 900 MHz. An 802.11a wireless network running in the 5.725 - 5.850 GHz frequency range. An 802.11j wireless network running in the 4.9 - 5.0 GHz frequency range. Since the equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame?
The wireless TV system.
Which of the following is not true regarding cookies?
They operate within a security sandbox.
You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use?
Throughput tester
You have a WAN link that connects two sites. The WAN link is supposed to provide 1.5 Mbps of bandwidth. You want to perform a test to see the actual bandwidth of the link. Which tool should you use?
Throughput tester.
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the identity of the user to the target system?
Ticket
Which of the following are used when implementing Kerberos for authentication and authorization? (Select Two)
Time server, Ticket granting
What is the primary purpose of forcing employees to take mandatory on-week minimum vacations every-year
To check for evidence of fraud
What purposes does a wireless site survey serve? (Choose two.)
To identify existing or potential sources of interference. To identify the coverage area and preferred placement of access points.
Which of the following is a good reason to install a firewall?
To prevent hackers from accessing your network.
Why should backup media be stored offsite
To prevent the same disaster from affecting the both network and the backup media.
Why should backup media be stored offsite?
To prevent the same disaster from affecting the both network and the backup media.
What is the purpose of key escrow
To provide a means to recover from a lost private key
ping
To send an echo request signal from one node on a TCP/IP-based network to another, using the PING utility.
internetwork
To transverse more than one LAN segment and more than one type of network through a router.
You are the network administrator of a branch office of your company. The branch office network is part of a WAN that covers most of the US. The office has two Windows 2000 servers, tow UNIX servers, on Windows NT server, 90 Windows 98 clients, 40 Windows 2000 Professional clients, and five Macintosh clients. Users ahve been complaining that they are unable to access resources over the VAN at the main headquarters. You suspect that one of the routers between your office and the main headquarters is not working proplerly What TCP/IP utility can you use to see if a router is not working properly?
Tracert
You manage a server that runs your company Web Site. The Web site includes streaming video that shows features of some of your products. The link connecting your server to the Internet charges based o bandwidth use. When the bandwidth spikes, so does your bill. You would like to implement a solution to prevent the amount of traffic sent over the WAN link from exceeding a specific level. Which solution should you implement?
Traffic shaper
Which of the following solutions are most likely implemented with VoIP to ensure timely delivery of voice data? (Select two.)
Traffic shaper QoS
You manage a server that runs your company Web site. The Web site includes streaming video that shows features of some of your products. The link connecting your server to the Internet charges based on bandwidth use. When the bandwidth spikes, so does your bill. You would like to implement a solution to prevent the amount of traffic sent over the WAN link from exceeding a specific level. Which solution should you implement?
Traffic shaper.
You have just installed anti-virus software on all computers on your company network. Which additional actions should you take to help protect systems from malicious software? (Select two.)
Train users to scan removable storage devices before copying files. Train users to update the virus definition files frequently.
Which of the following are characteristics of SONET? (Select Two)
Transport protocol used for other traffic types, dual counter-rotating fiber optic rings
Which of the following are characteristics of SONET?
Transport protocol used for other traffic types. Dual counter-rotating fiber optic rings.
What is a program that appears to be a legitimate application, utility, game, or screensaver and that performs malicious activities surreptitiously?
Trojan horse.
A LAN is a network of computers and other devices that is confined to a relatively small place.
True
A Patch is a correction, improvement, or enhancement to a particular piece of a software application.
True
A Token is a special control frame that indicates to the rest of the network that a particular node has the right to transmit data.
True
A healthy security posture results from a sound and workable strategy toward managing risks.
True
ANSI is an organization composed of more than 1000 representatives who together determine standards for electronics industry in addition to other fields.
True
Backbones usually are capable of more throughput than the cabling that connects workstations to hubs.
True
Behavior-based monitoring attempts to overcome the limitations of both anomaly-based monitoring and signature-based monitoring by being more adaptive and proactive instead of reactive.
True
Computers can be positioned on a network in different ways relative to each other.
True
Data, once restricted to papers in the office filing cabinet, now flows freely both in and out of organizations, among employees, customers, contractors, and business partners.
True
Digital signatures actually only show that the public key labeled as belonging to person was used to encrypt the digital signature.
True
Most metadata about a file is generated and recorded automatically without the user's knowledge.
True
Most organizations follow a three-phase cycle in the development and maintenance of a security policy.
True
Network management is a general term that means different things to different networking professionals.
True
Public keys can be stored by embedding them within digital certificates, while private keys can be stored on the user's local system.
True
Software keyloggers are programs that silently capture all keystrokes, including passwords and sensitive information.
True
System availability is often expressed as a percentage of uptime in a year.
True
The term "integrity" refers to the soundness of a network's programs, data, services, devices and connections.
True
The use of port numbers simplifies TCP/IP communication and ensures that data are transmitted to the correct application.
True
When a policy violation is detected by the DLP agent, it is reported back to the DLP server.
True
When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch?
Trunk ports
When configuring VLANs on a switch, what type of switch ports are members of all VLANs defined on the switch?
Trunk ports.
You manage a private network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1, and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch also in VLAN 1. What should you configure to allow communication between these two devices through the switches?
Trunking
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature allows the switches to pass VLAN traffic between the switches?
Trunking
you manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN1 and VLAN2 on each switch. A device on the first switch in VLAN1 needs to communicate with a device on the second switch also in VLAN 1. What should you configure to allow communication between these two devices through eh switches?
Trunking trunk port is used to connect two switches together
You manage a network with two switches. The switches are connected together through their Gigabit Ethernet uplink ports. You define VLAN 1 and VLAN 2 on each switch. A device on the first switch in VLAN 1 needs to communicate with a device on the second switch also in VLAN 1. What should you configure to allow communication between these two devices through the switches?
Trunking.
You manage a single subnet with three switches. The switches are connected to provide redundant paths between the switches. Which feature allows the switches to pass VLAN traffic between the switches?
Trunking.
Which of the following defines a method for one CA hierarchy to accept certificates issued by another CA hierarchy
Trusted model
Which aspect of certificates makes them a reliable and useful mechanism for providing the identity of a person, system, or service on the Internet
Trusted third-party
Which of the following allows for easy exit of an area in the event of an emergency, but prevents entry? (Select two.)
Turnstile Double-entry door
What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal?
Turnstiles
How many keys are used with asymmetric or public key cryptography
Two
How many keys are used with asymmetric or public key cryptography?
Two
Which protocol and port is used by BOOTP/DHCP?
UDP 67
Which protocol and port number is used by BOOTP/DHCP?
UDP 67
Which protocol and port number is used by TFTP?
UDP 69
Which protocol and port number is used by TFTP?
UDP 69.
When a cryptographic system is used to protect the confidentiality of data, what is actually protected?
Unauthorized users are prevented from viewing or accessing the resource
When a cryptographic system is used to protect confidentiality of data, what is actually protected
Unauthorized users are prevented from viewing or accessing the resource.
Which of the following best describes Bluesnarfing?
Unauthorized viewing calendar, e-mails, and messages on a mobile device.
Which of the following best describes Bluesnarfing?
Unauthorized viewing calendar, e-mails, and messages on mobile devices.
You administer a network with Windows 2000 and UNIX servers, and Windows 2000 Professional, Windows 98, and Macintosh clients. A user of a Windows 98 computer calls you one day and says he is unable to access resources on the network. You type ipconfig on the user's computer and receive the following output: 0 Ethernet adapter: IP address ........................:169.254.1.17 Subnet Mask......................:255.255.0.0 Default Gateway.................: You also check your NIC and see the link light on. What might the problem be?
Unavailable DHCP server
Which of the following are characteristics of VDSL? (Select Two)
Unequal download and upload speeds, Supports both data and voice at the same time
Which of these groups' membership is stored in the global catalog?
Universal groups
Your motherboard has two memory slots and supports a maximum of 8 GB of RAM. After installing two 4 GB modules and booting your system, you find that Windows only recognizes 3.5 GB of RAM. What should you do?
Upgrade to a 64-bit version of the operating system.
You have a desktop computer that uses a 250 watt power supply. You recently added a 4-disk RAID10 array to the system and now it spontaneously shuts down. What should you do?
Upgrade to a power supply that provides more watts.
While configuring a new 802.11g wireless network, you discover another wireless network within range that uses the same channel ID that you intend to use. Which of the following strategies are you most likely to adopt in order to avoid a conflict between the networks?
Use a different Channel ID.
You are troubleshooting a connectivity problem in which one client system is unable to connect to a server. Both the server and the client system are connected to the same Ethernet network switch. No other users have complained of a problem, and you suspect that faulty network cabling might be to blame. Which of the following troubleshooting steps are you most likely to perform first?
Use a media tester to test the cable between the computer and the network switch.
You are troubleshooting a connectivity problem in which one client system is unable to connect to a server. both the server and client system are connected to the same Ethernet network switch. No other users have complained of a problem, and you suspect that faulty network cabling might be to blame. Which of the following troubleshooting steps are you most likely to perform first?
Use a media tester to test the cable between the computer system and the network switch.
You are troubleshooting a connectivity problem in which one client system is unable to connect to a server. Both the server and client system are connected to the same Ethernet network switch. No other users have complained of a problem, and you suspect that faulty network cabling might be to blame. What steps will you perform first?
Use a media tester to test the cable between the computer system and the network switch. it is a hardware device that can be used to verify the correct operation of network cabling.
You have just been hired as a network administrator. a user has just changed offices and needs you to activate the network and telephone connections in his office. However, the wiring at the punch down block is labelled poorly and you are unable to tell which wires go to the user's office
Use a tone generator to locate the correct wiring This allows you to create a tone at on end of a wire and find the other and by testing alll connections at the location of the other end of the wire
You have just been hired as a network administrator. A user has just changed offices and needs you to activate the network and telephone communications in his office. However, the wiring at the punch down block is labeled poorly and you are unable to tell which wires go to the user's office. What should you do?
Use a tone generator to locate the correct wiring.
You have just been hired as a network administrator. A user has just changed offices and needs you to activate the network and telephone connections in his office. However, the wiring at the punch down block is labeled poorly and you are unable to tell which wires go to the user's office. What should you do?
Use a tone generator to locate the correct wiring.
You have a company network that is connected to the internet. You want all users to have internet access, but need to protect your private network and users. You also need to make private network and users. You also need to make a Web server publicly available to Internet users. Which solution should use?
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ
You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users. Which solution should you use?
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.
You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users. Which solution should you use?
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.
You are the administrator for WestSim Corporation. The network has a single domain, *westsim.com*. Five domain controllers, all running Windows 2008 server, are located on the network. The Active Directory Structure is shown in the image. All user and computer accounts have been placed in the department OUs. Main offices are located in Orlando, with additional offices in Boston and New York and a small branch office in Chicago. There are three departments within the company: Sales, Marketing, and Accounting. Employees from each department are at each location. You want to appoint an employee in each department to help with changing passwords for users within their department. They should not be able to perform any other tasks. What should you do?
Use the Delegation of Control wizard. Grant each user administrator permissions to modify passwords for their OU.
What are the two interfaces available for creating and managing user accounts in Windows Server 2012?
User Accounts control panel and the Local Users and Groups snap-in for MMC
You are the administrator for the *widgets.com* domain. Organizational Units (OUs) have been created for each company department. User and computer accounts for each department have been moved into their respective departmental OUs. You have two OUs that contain temporary users: TempSales and TempMarketing. For all users within these OUs, you want to restrict what the users are able to do. For example, you want to prevent them from shutting down the system or access computers through a network connection. Which GPO category would you edit to make the necessary changes?
User Rights
Select the policy node you would choose to configure who is allowed to manage the auditing and security logs.
User Rights Assignment
What is the most effective means of improving or enforcing security in any environment
User awareness training
What is the most effective means of improving or enforcing security in any environment?
User awareness training
Which of the following are characteristics TACACS+?(Chose Two)
Uses TCP, Allows for a possible of three different servers, one each for authentication, authorization, and accounting
Which of the following are characteristics of ATM?(Select Two)
Uses fixed-length cells of 53-bytes
Which of the following are characteristics of ATM?
Uses fixed-length cells of 53-bytes. Adds labels to data units.
You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?
VLAN
You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?
VLAN
Your company is a small start-up company that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides Internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?
VLAN
Which switch features are typically used with VoIP?
VLAN PoE
Your company is a small start-up company that has leased office space in a building shared by other businesses. All businesses share a common network infrastructure. A single switch connects all devices in the building to the router that provides Internet access. You would like to make sure that your computers are isolated from computers used by other companies. Which feature should you request to have implemented?
VLAN.
Which switch features are typically used with VoIP
VLAN. PoE.
You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain Internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access. Which feature should you implement?
VLANs
You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to a switch. You want to allow visitors to plug into these ports to gain Internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and Internet access. Which feature should you implement?
VLANs.
You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. You think you have the problem resolved, but you would like to be able to manage the server remotely in case there is a problem. Which of the following protocols would you use for remote management? (Select two.)
VNC ICA
You manage a server at work that has just been configured with a new application. Consequently, the server has crashed several times during the last week. You think you have the problem resolved, but you would like to be able to manage the server remotely in case there is a problem. Which of the following protocols would you use for remote management?q
VNC. ICA.
You have a group of salesman who would like to access your private network through the Internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?
VPN concentrator
You have a group of salesmen who would like to access your private network through the Internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?
VPN concentrator.
Which of the following items are contained in a digital certificate
Validity period, public key
Which of the following CCTV camera types lets you adjust the distance that the camera can see (i.e. zoom in or out)?
Varifocal
You have just received a generic-looking e-mail that is addressed as coming from the administrator of your company. The e-mail says that as part of a system upgrade, you are to go to a Web site and enter your username and password at a new Web site so you can manage your e-mail and spam using new services. What should you do
Verify that e-mail was sent by the administrator and that this new service is legitimate.
A user has called to complain that her computer won't boot. It stops at the BIOS startup screen right after the memory has been tested and displays a 301 keyboard error. What should you do first?
Verify that no keys are being pressed down during POST.
What is the purpose of the Services snap-in?
View and manage software processes running in the background.
What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it found?
Virus
What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found?
Virus.
Which of the following social engineering attacks use Voice over IP (VoIP) to gain sensitive information
Vishing
____ data is the most difficult type of data to capture.
Volatile
Which is slower a WAN or a LAN?
WAN
Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients? WEP,WPA PERSONAL, WPA ENTERPRISE, WPA2 PERSONAL, AND WPA2 ENTERPRISE OR WEP, WPA PERSONAL, AND WPA2 PERSONAL
WEP, WPA PERSONAL, AND WPA2 PERSONAL
You need to add security for your wireless network. you would like to use the most secure method. What method should you implement? -WPA -WPA2 -WEP KEBEROS
WPA2
A router is connected to network 192.168.1.0/24 and network 192.168.2.0/24. The router is configure dto use RIP and has learned of networks 192.168.3.0/24 and 192.168.4.0/24. The next hop router for network 192.168.3.0 has changed. You need to make the change with the least amount of effort possible. What should you do?
Wait for convergence to take place/
Which of the following describes marks that attackers place outside a building to identify an open wireless network
War chalking
Which of the following describes marks that attackers place outside a building to identify an open wireless network?
War chalking
Which of the following are examples of social engineering? (Select two.)
War dialing Shoulder surfing
The process of walking around an office building with an 802.11 signal detector is known as what?
War driving
If your mission critical services have a maximum tolerable downtime (MTD) (or a recovery time objective (RTO)) of 36 hours, what would be the optimum form of recovery site you should choose
Warm
If your mission critical services have a maximum tolerable downtime (MTD) (or a recovery time objective (RTO)) of 36 hours, what would be the optimum form of recovery site you should choose?
Warm
Daily backups are done at the ABD company location and only a weekly backup is maintained at another network location. Which of the following disaster recovery strategies is ABD using
Warm site
Daily backups are done at the ABD company location and only a weekly backup is maintained at antoher network location. Which of the following disaster recovery strategies is ABD using?
Warm site
You are configuring a firewall to allow access to a server hosted on the demilitarized zone of your network. You open TCP/IP ports 80, 25, 110, and 143. Assuming that no other ports on the firewall need to be configured to provide access, what applications are most likely to be hosted on the server?
Web server, e-mail server
You are configuring a firewall to allow access to a server hosted on the demilitarized zone on your network. You open TCP/IP ports 80, 25, 110, and 143. Assuming that no other ports on the firewall need to be configured to provide access, what applications are most likely to be hosted on the server?
Web server, e-mail server.
You manage a Web site for your company. The Web site three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure
Website storage
You manage a Web site for your company. The Web site uses three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure?
Website storage
A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind productions. The email is sent from someone she doesn't know and he is asking for immediate clarification on several of project's detail so the project can get back on schedule. What type of an attack best describes the scenario
Whaling
Which of the following are not reasons to remote wipe a mobile device?
When the device is inactive for a period of time
When would you need to create a user account through Control Panel?
When you join a computer to an AD DS domain, you can create new local user accounts with the Local Users and Groups snap-in. Control Panel is used when the computer is not a member of an AD DS domain.
What can a TDR Test
Wire length Identify fault location
In Windows Server 2012, after a user logs on to Active Directory, a(an) ________ is created that identifies the user and all the user's group memberships.
access token
during a network infrastructure upgrade, you have replaced two 10 Mbps hubs with switches and upgraded from Category 3 UTP cable to CAT5e during the process, you accidentally cut the Cat 5e patch cable that stretches from the network printer to the upgraded switch. What is the impact
all network nodes, with the exception of the printer, will be available
Which TCP/IP utility gives you the following output? Interface: 192.168.4.101 Internet Address Physical Address Type 192.168.1.23 00-d1-b6-b7-c2-af dynamic
arp
Which of the following tools would you use to view the MAC addresses associated with IP addresses that the local workstation has contacted recently?
arp
Which TCP/IP utility gives you the following output? Interface: 192.168.4.101 on Interface 0x3 Internet Address Physical Address Type 192.168.1.23 00-d1-b6-d7-c2-af dynamic
arp this output is displayed when you use the arp command to look at ARP cache
Which TCP/IP utility gives you the following output? Interface: 192.168.1.111 on Interface 0x2 Internet Address Physical Address Type 192.168.1.102 00-60-08-bd-62-5a dynamic 192.168.1.168 00-06-5b-1c-48-76 dynamic
arp -a
What shows the current entries in the computer's ARP cache?
arp-a
The ____ for software is the code that can be executed by unauthorized users.
attack surface
____ learners tend to sit in the middle of the class and learn best through lectures and discussions.
auditory
What you call the process of confirming a user's identity by using a known value such as a password, a smart card, or a fingerprint?
authentication
With the ____ model, there is one CA that acts as a "facilitator" to interconnect all other CAs.
bridge trust
A ____ can be inserted into the security slot of a portable device and rotated so that the cable lock is secured to the device, while a cable connected to the lock can then be secured to a desk or immobile object.
cable lock
You manage a network that uses 1000BaseT Ethernet. You find that one device communicates on the network at only 100mbps. What device should you use to test the drop cable and the connection to the network?
certifier is a multifunction tool that verifies or validates that a cable or an installation meets the requirements for a specific architecture implementation.
The set of letters, symbols, and characters that make up the password are known as a ____ set.
character
A(n) ____ policy is designed to produce a standardized framework for classifying information assets.
classification and information
A(n) ____ indicates that no process is listening at this port.
closed port
While the code for a program is being written, it is being analyzed by a ____.
code review
It is predicted that ____ could become a key element in authentication in the future.
cognitive biometrics
If a user typically accesses his bank's Web site from his home computer on nights and weekends, then this information can be used to establish a ____ of typical access.
computer footprint
After configuring the server to distribute ip addresses and DHCP server, what do you need to do next
configure client s to obtain IP addressing from the DHCP server
You have decided to implement Gigabit ethernet on your network. Each switch port is connected to a single device. Following the installation, you find a device connected to a switch that is only running a 100 mbps. What is the likely causes?
crosstalk
A user reports that she can't connect to a server on your network. You check the problem and find out that all users are having the same problem. what should you do next?
determine what has changed.
Consider the following output: ;; res option: init rescuers defnam dnsrch ;;got answer ;;->>HEADER;<<-opcode:QUERY, status; NOERROR, id:4 ;;flags: gr rd ra; QUERY:1, ANSWERS:1, AUTHORITY:2, ADDITIONAL:0 ;;QUERY SECTION: ;;westsimlll.com, type = A, class = IN ;;ANSWER SECTION; westsimlll.com. 7h33m IN A 76.141.43.129 ;;AUTHORITY SECTION: westsimlll.com. 7h33m IN NS dns1.deriact111.com. westsimlll.com. 7h33m IN NS dns2.deriact222.com. ;;Total query time: 78 sec ;;FROM: localhost.localdomain to SERVER: default -- 202.64.49.150 ;;WHEN: Tue Feb 6 23:21:24 2005 ;;MSG SIZE sent: 30 rcvd: 103 Which of the following utilities produced this output?
dig.
The ____ model is the basis for digital certificates issued to Internet users.
distributed trust
____ can be defined as the study of what a group of people understand to be good and right behavior and how people make those judgments.
ethics
At the ____ stage of the certificate life cycle, the certificate can no longer be used.
expiration
Windows Live ID was originally designed as a ____ system that would be used by a wide variety of Web servers.
federated identity management
In ____, a virtualized environment is created that simulates the central processing unit (CPU) and memory of the computer.
heuristic detection
A ____ is a network set up with intentional vulnerabilities.
honeynet
You are troubleshooting a connectivity problem on a Linux server. You are able to connect to another system on the local network, but are not able to connect to a server on a remote network. You suspect that the default gateway information for the system may be configured incorrectly. Which of the following commands would you use to view the default gateway information on the Linux server?
ifconfig
You work in an office that uses Linux servers, NetWare servers, and Windows NT 4.0 servers. The network uses both the TCP/IP and IPX/SPX protocols. The Linux server is used as an FTP server. Today you have received several calls from people who are unable to contact the Linux server at its known IP address. You are sitting at the Linux server and want to check its IP address. Which command should you use?
ifconfig
What do you call the process that after you link a GPO to a site with multiple domains, the Group Policy settings are applied to all the domains and the child objects beneath them?
inheritance
Which TCP/IP utility gives you the following output? Ethernet adapter Local Area Connection: Connection-specific DNS Suffix : testout.com IP Address................................. :192.168.1.111 Subnet Mask.............................. : 255.255.255.0 Default Gateway......................... : 192.168.1.1
ipconfig
You have been called in to troubleshoot a connectivity problem on a newly installed Windows Server 2003 system. The system is operating satisfactorily and is able to communicate with other systems on the local network. However it is unable to access any systems on other segments of the corporate network. You suspect that the default gateway parameter for the system has not been configured, or may be configured incorrectly. Which of the following utilities are you most likely to use to view the default gateway information for the system?
ipconfig
Which of the following is not a primary characteristic of a worm?
it infects the MBR of a hard drive
Capturing packets as they travel from one host to another with the intent of altering the contents of the packets is a form of which security concern?
man-in-the-middle attack
A(n) ____ backup is an evidence-grade backup because its accuracy meets evidence standards.
mirror image
What capability allows you to create specific GPO settings for one or more local users configured on a workstation?
multiple local GPOs
What shows you the resolved NetBIOS name cache for a computer or NetBIOS name-to-Ip address mappings for known remote computers.
nbstat-c
You administer a NetBIOS-based network that uses the TCP/IP protocol. You are trying to troubleshoot a computer that is unable to contact a server by it's NetBIOS name. Which command can you use to check the connection?
nbtstat
You administer a NetBIOS-based network that uses the TCP/IP protocol. You are trying to troubleshoot a computer that is unable to contact a server by its NetBIOS name. Which command can you use to check the connection?
nbtstat
Examine the following output: Active Connections Proto Local Address Foreign Address State TCP SERVER1:1036 localhost:4832 TIME_WAIT TCP SERVER1:4798 localhost:1032 TIME_WAIT TCP SERVER1:1258 pool-141-150-16-231.mad.east.ttr:24076 CLOSE_WAIT TCP SERVER1:2150 cpe-66-67-225-118 .roc.res.rr.com: 14100 ESTABLISHED TCP SERVER1:268 C872c-032-.cpe.net.cale.rers.com:46360 ESTABLISHED TCP SERVER1:2995 ip68-97-96-186.ok.ok.cox.net: 23135 Which of the following utilities produced this output?
netstat
Your computer is sharing information with a remote computer using the TCP/IP protocol. Suddenly, the connection stops working and appears to hang. Which command can you use to check the connection?
netstat
Your computer is sharing information with remote computer using the TCP/IP protocol. Suddenly, the connection stops working and appears to hang. Which command can you use to check the connection?
netstat checks the status of a TCP connection
Active connections Proto Local Address Foreign Address State TCP SERVER1:1036 localhost: 4832 TIME WAIT TCP SERVER1:4798 localhost:1032 TIME WAIT
netstat reports the TCP/IP ports open on the local system, as well identifying the protocol and remote host connected to that port. This information can be very useful when looking for security weaknesses, as TCP/IP port that is open to traffic unnecessarily represents a security risk.
Which TCP/IP utility gives you the following output? Active Connections Proto Local Address Foreign Address State TCP me:epmap me:0 LISTENING TCP me:microsoft-ds me:0 LISTENING TCP me:1025 me:0 LISTENING TCP me:1026 me:0 LISTENING TCP me:3372 me:0 LISTENING TCP me:netbios-ssn me:0 LISTENING TCP me:1028 wellw2k:netbios-ssn TIME_WAIT UDP me:epmap *:* UDP me:microsoft-ds *:* UDP me:1027 *:* UDP me:netbios-ns *:* UDP me:netbios-dgn *:* UDP me:isakmp *:*
netstat -a
Which TCP/IP utility gives you the following output? Local Area Connection: Node IpAddress: [192.168.1.111] Scope Id: [] NetBIOS Remote Cache Name Table Name Type Host Address Life [sec] NTIME.ES <54> UNIQUE 192.168.1.23 395 NTINE <20> UNIQUE 192.168.1.23 45 AUDIO <00> UNIQUE 192.168.1.168 585
netstat -c
Which TCP/IP utility gives you the following output? Route Table =================== Interface List 0x1........................MS TCP Loopback interface (etc. It's long).
netstat -r
Which command displays network activity statistics for TCP, UDP, and IP?
netstat -s
what shows you the status of all connections and listening ports.
netstat-a
What shows you the computer's route table?
netstat-r
Which command displays network activity statistics for TCP, USP, and IP?
netstat-s
A network connected using a physical bus topology. One of the cables connecting a workstation to the bus breaks. what happens to communications?
no devices will be able to communicate
Mary calls to tell you that she can't connect to tan intranet server called Srvr1. From her computer, you ping the server's IP address. The ping test is successful. Which tool would you use on her workstation next to troubleshoot the problem?
nslookup to troubleshoot name resolution problems. Because the ping test was successful, you know that both the client and the server can communicate using TCP/IP with IP addresses. This tells you that the problem is related to name resolution
Examine the following output: Server: helicuplar.xct.takro.net Address: 209.53.4.130 Name: westsim.com Address: 64.78.193.84 Which of the following utilities produced this output?
nslookup.
Mary calls to tell you that she can't to an intranet server called WebSrv1. From her computer, you ping the server's IP address. The ping test is successful. Which tool would you use on her workstation next to troubleshoot the problem?
nslookup.
You are troubleshooting a network connectivity issue on a UNIX system. You are able to connect to the remote system by using their IP address, but unable to connect using the hostname. You check the TCP/IP configuration, and note that a DNS server IP address is configured. You decide to run some manual resolution queries to ensure that the communication between the UNIX system and the DNS server are working correctly. Which utilities can you use to do this?
nslookup. dig.
You want to create a loopback plug using a single RJ-45 connector. How should you connect the wires in the connector?
pin 1 to 3 and 2 to 6
Examine the following output. Reply from 64.78.193.84: bytes=32 time=86ms TTL=115 Reply from 64.78.193.84: bytes=32 time=43ms TTL=115 Reply from 64.78.193.84: bytes=32 time=44ms TTL=115 Reply from 64.78.193.84: bytes=32 time=47ms TTL=115 Reply from 64.78.193.84: bytes=32 time=44ms TTL=115 Reply from 64.78.193.84: bytes=32 time=44ms TTL=115 Reply from 64.78.193.84: bytes=32 time=73ms TTL=115 Reply from 64.78.193.84: bytes=32 time=46ms TTL=115 Which of the following utilities produced this output?
ping
Which TCP/IP utility gives you the following output? Reply from 192.168.1.168: bytes=32 time<10ms TTL=128 Reply from 192.168.1.168: bytes=32 time<10ms TTL=128 Reply from 192.168.1.168: bytes=32 time<10ms TTL=128 Reply from 192.168.1.168: bytes=32 time<10ms TTL=128 Packets: Sent = 4, Received = 4, Lost = 0 <0% loss>, Approximate round trip times in milli-seconds: Minimum = 0ms, Maximum = 0ms, Average = 0ms
ping
You work in an office that uses NetWare servers and Windows NT 4.0 servers. The network uses both the TCP/IP and IPX/SPX protocols. You are sitting at a workstation that uses Windows 95 OSR2. An application you are using is unable to contact a Windows NT server named FileSrv2. Which command can you use to determine whether your computer can still contact the server?
ping.
A ____ is a document that outlines specific requirements or rules that must be met.
policy
A(n) ____ is hardware or software that captures packets to decode and analyze its contents.
protocol analyzer
The signal from an ID badge is detected as the owner moves near a ____, which receives the signal.
proximity reader
Although brute force and dictionary attacks were once the primary tools used by attackers to crack an encrypted password, today attackers usually prefer ____.
rainbow tables
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employees has connected a wireless access point to the network in his office. What type of security risk is this?
rogue access point
Which of the following utilities would you use to view the routing table?
route
Which of the following commands would display the output shown here? Route Table ========================================================================== Interface List 0x1 ................. MS TCP Loopback interface 0x2 ... 00 10 4b 73 0e 0e .... 3Com 3C90x Ethernet Adapter =========================================================================== =========================================================================== Active Routes: Network Destination Netmask Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.111 1 127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1 192.168.1.0 255.255.255.0 192.168.1.111 192.168.1.111 1 192.168.1.111 255.255.255.255 127.0.0.1 127.0.0.1 1 192.168.1.255 255.255.255.255 192.168.1.111 192.168.1.111 1 224.0.0.0 224.0.0.0 192.168.1.111 192.168.1.111 1 255.255.255.255 255.255.255.255 192.168.1.111 192.168.1.111 1 Default Gateway: 192.168.1.1 ============================================================================== Persistent Routes: None
route print
Which of the following commands would display the output shown here?
route print.
Which of the following utilities would you use to view the routing table?
route.
A ____ is a network device that can forward packets across computer networks.
router
you are troubleshooting access to a server in a remote network. You use the tracert command and see the following: Tracing route to 192.168.2.250 over a maximum of 30 hops 1 2 ms 2 ms 2 ms 192.168.12.11 2 2 ms 2 ms 2 ms 192.168.11.1 3 5 ms 5 ms 3 ms 192.168.10.15 4 2 ms 2 ms 2 ms 192.168.9.1 5 2 ms 2 ms 2 ms 192.168.11.1 6 2ms 2 ms 2 ms 192.168.10.15 7 5ms 5 ms 3 ms 192.168.9.1
routing loop
A ____ is a written document that states how an organization plans to protect the company's information technology assets.
security policy
A class 2 certificate is known as a ____ certificate.
server digital
A ____ is a service contract between a vendor and a client that specifies what services will be provided, the responsibilities of each party, and any guarantees of service.
service level agreement
A ____ is a component or entity in a system which, if it no longer functions, will disable the entire system.
single point of failure
Which of the following solutions would you implement to eliminate switching loops?
spanning tree used to select single path between two switches
An anti-climb collar is a ____ that extends horizontally for up to 3 feet (1 meter) from the pole to prevent anyone from climbing.
spiked collar
The end product of a penetration test is the penetration ____.
test report
A ____ trust refers to a situation in which two individuals trust each other because each trusts a third party.
third-party
What is the binary format for the following decimal IP address 131.9.202.11
10000011.00001001.11001010.01101111
There are almost ____ different Microsoft Windows file extensions that could contain a virus.
70
The SQL injection statement ____ determines the names of different fields in a database.
whatever' AND email IS NULL;--
When DNS servers exchange information among themselves it is known as a ____.
zone transfer
Haley configures a Web site using Windows 2000 default values. What are the HTTP port and SSL port settings?
80 for HTTP; 443 for SSL
Your network performs a full backup every night. Each Sunday, the previous night's backup tape is archived. Wednesday morning the storage system fails. How many restore operations will you need to perform to recover all of the data?
1
A host has the address 100.55.177.99/16. Which of the following is the broadcast address for the subnet?
100.55.255.255
You need to view resource usage for a Hyper-V virtual machine named AccServer running on a Windows Server 2012 system. Before you can actually retrieve resource usage information, you first need to turn resource metering on for the virtual machine. Which PowerShell command can you use to do this?
*Enable-VMResourceMetering -VMName AccServer*
You need to view resource usage for a Hyper-V virtual machine named AccServer running on a Windows Server 2012 system. Which PowerShell command can you use to do this?
*Measure-VM -VMName AccServer*
centralized WAN
...
client server network
...
distributed WAN
...
peer to peer network
...
The expression ____ up one directory level.
../traverses
Your network performs a full back every night. Each Sunday, the previous night's backup tape is archived. Wednesday morning the storage system fails. How many restore operations will you need to perform to recover all the data
1
Consider the following output for a dig command run on a Linux system. ; <<> DiG 82 <<>> westsimlll.com ;;res options;init recurs defnam dnsrch ;;got answer: ;;->>HEADER<<-opcode:QUERY, status: NOERROR, id:4 ;;flags: qr rd ra; QUERY:1 ANSWER:1, AUTHORITY:2, ADDITIONAL:0 ;;QUERY SECTION ;;westsimlll.com, type = A, class = IN ;;ANSWER SECTION: westsimlll.com 7h33m IN A 76.141.43.129 ;;AUTHORITY SECTION: westsimlll.com. 7h33m IN NS dns1.deriatct111.com. westsimlll.com. 7h33m IN NS dns2.deriatct222.com. ;;Total query time: 78 sec ;;FROM: localhost.localdomain to SERVER:default --202.64.49.150 ;;WHEN: Tue Feb 16 23:21:24 2005 ;;MSG SIZE sent: 30 rcvd:103 What is the IP address of the DNS server that performed this name resolution?
202.64.49.150
What is the decimal format for the following binary IP address?
206.58.170.67
Which of the following is the last IP address that can be assigned to hosts on the 211.70.0.0 network using the default subnet mask?
211.70.0.254
What port does Telnet use?
23
You are configuring a network firewall to allow SMTP outbound e-mail traffic, and POP3 inbound e-mail traffic. Which of the following TCP/IP ports should you open on the firewall? (Select two.)
25 110
You are configuring a network firewall to allow SMTP outbound email traffic, and POP3 inbound email traffic. Which of the following TCP/IP ports should you open on the firewall? (Select Two)
25, 110
You have been told to assign the IP address 21.155.67.188 to a host on the network using the default subnet mask. Which mask should you use?
255.0.0.0
You are configuring the IP address for a host and have been asked to use the address 192.160.99.110/16. What subnet mask value would you use?
255.255.0.0
What is the default subnet mask for the IP address 203.111.3.3?
255.255.255.0
You have been asked to implement a RAID 5 solution for RAID 5 solution for your network. What is the minimum number of hard disks that can be used to configure RAID 5
3
You have been asked to implement a RAID 5 solution for your network. What is the minimum number of hard disks that can be used to configure RAID 5?
3
Which of the following algorithms are used in symmetric encryption? (Select three.)
3DES Blowfish AES
Your network uses the following backup strategy: Full backups every Sunday night Incremental backups every Monday through Saturday nights Thursday morning the storage system fails. How many restore operations will you need to perform to recover all of the data?
4
Your network uses the following backup strategy: full backup every Sunday night, Incremental backups Monday through Saturday nights. Thursday morning the storage system fails. How many restore operations will you need to perform to recover all the data
4
Click the View Lab button and use the tracert command to identify the devices in the path between the IT Administrator workstation (named ITAdmin) and a remote computer on the internet which has an IP address of 189.36.78.83. How many routers in are in the path between ITAdmin and the remote computer? What is the default gateway address for ITAdmin? What is the IP address of the last router in the path between ITAdmin and the remote computer?
4 192.168.0.5 11.38.252.2
Ethernet networks may use one (or a combination) of:
4 kinds of data frames
To increase security on your company's internal network, the administrator has disabled as many ports as possible. Now, however, though you can brows the Internet, you are unable to secure credit card transactions. Which protocol needs to be enabled to allow secure transactions?
443
To increase security on your computer's internal network, the administrator has disabled as many ports as possible. Now, however, though you can browse the Internet, you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?
443.
What is the recommended humidity level for a server rooms
50%
What is the recommended humidity level for server rooms?
50%
You want to use CCTV to increase the physical security of your building. Which of the following camera types would offer the sharpest image at the greatest distance under the lowest lighting conditions?
500 resolution, 50mm, .05 LUX
You want to maintain tight security on your internal network, so you restrict access to the network through certain port numbers. If you want to allow users to continue to use DNS, which port should you enable?
53
If the SONET (OC-1) base rate is 51.84 Mbps, how much data can the Optical Carrier level 12 (OC-12) transfer in one second?
622.06 Mb
If the SONET (OC-1) base data rate is 51.84 Mbps, how much data can the Optical Carrier level 12 (OC-12) transfer in one second?
622.08 Mb
A(n) ____ virus adds a program to the operating system that is a malicious copycat version to a legitimate program.
Companion
What does an IDS that uses signature recognition use for identifying attacks?
Comparison to a database of known attacks.
By definition, which security concept ensures that only authorized parties can access data
Confidentiality
By definition, which security concept ensures that only authorized parties can access data?
Confidentiality
You create a new document and save it to a hard drive on a file server on your company's network. Then, you employ an encryption tool to encrypt the file using AES. This activity is an example of accomplishing what security goal
Confidentiality
You create a new document and save it to a hard drive on a file server on your company's network. Then, you employ an encryption tool to encrypt the file using AES. This activity is an example of accomplishing what security goal?
Confidentiality
You want to make sure that the correct ports on a firewall have been opened or closed. Which document should you check?
Configuration documentation
You want to make sure that the correct ports on a firewall have been opened or closed. Which document should you check?
Configuration documentation.
You have configured a wireless access point to create a small network. For security, you have disabled SSID broadcast. From a client computer, you try to browse to find the access point. You see some other wireless networks in the area, but cannot see your network to connect to it. What should you do?
Configure a profile on the wireless client.
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization.
Configure the remote access servers as RADIUS servers.
To tightly control the anti-malware settings on your computer, you elect to upgrade the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware. Which of the following actions would best prevent the scenario from occurring again?
Configure the software to automatically download the virus definition files as soon as they become available.
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this?
Connect one server though a different ISP to the Internet.
You manage the website for your company. The website uses clusters of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this
Connect one server through a different ISP to the Internet.
You want to create a loopback plug using a single RJ-45 connector. How should you connect the wires in the connector?
Connect pin 1 to pin 3 and pin 2 to pin 6.
You have just replaced the motherboard in your computer. Your computer starts, but the hard disk light does not come on while the system is booting. What should you do?
Connect the hard disk LED to the motherboard.
You have recently discovered that a network attack has compromised your database server. In the process, customer credit card numbers might have been taken by the attacker. You have stopped the attack and put measures in place to prevent the same incident from occurring in the future. What else might you be legally required to do
Contact your customer to let them know of the security breach
You have recently discovered that a network attack has compromised your database server. In the process, customer credit card numbers might have been taken by an attacker. You have stopped the attack and put measures in place to prevent the same incident from occurring in the future. What else might you be legally required to do?
Contact your customers to let them know of the security breach
You have a Web site that uses multiple servers for different types of transactions. For example, one server is responsible for static Web content, while another is responsible for secure transactions. You would like to implement a device to speed up access to your Web content. The device should be able to distribute requests between various Web servers using specialized hardware and not just a software configuration. In addition, SSL sessions should use the hardware components in the device to create the SSL sessions. Which type of device should you choose?
Content switch.
You have a Web site that uses multiple servers for different types of transactions. For example, one server is responsible for static Web content, while another is responsible for secure transactions. You would like to implement a device to speed up access to your Web content. The device should be able to distribute requests between the various Web servers using specialized hardware and not just a software configuration. In addition, SSL sessions should use the hardware components in the device to create SSL sessions. Which type of device should you choose?
Content swtich
You are the administrator for the *westsim.com* domain. Organizational Units (OUs) have been created for each company department. User and computer accounts for each department have been moved into their respective department OUs. Computers in the Accounting department use a custom application. During installation, the application creates a local group named *AcctMagic*. This group is used to control access to the program. By default, the account used to install the application is made a member of the group. You install the application on each computer in the Accounting department. All Accounting users must be able to run the application on any computer in the department. You need to add each user as a member of the *AcctMagic* group. You create a domain group named *Accounting* and make each user a member of this group. You then create a GPO named *Acct Software* linked to the Accounting OU. You need to define the restricted group settings. What should you do?
Create a restricted group named *AcctMagic*. Add the *Accounting* domain group as a member.
What s the primary function of the IKE protocol use with IPSec
Create a security association between communicating partners
You re in charge of designing the Active Directory tree. You have a small company that has one location. You have determined that you will have approximately 500 objects in your completed tree. The tree design has been the subject of some controversy. In preliminary meetings, you have determined that there are four primary areas of the company: Accounting, Manufacturing, Sales, and Administration. Each are is autonomous and reports directly to the CEO. In meetings on the Active Directory tree design, the manager of each area wants to make sure that some management control of their users and resources remains in the department. What should you do?
Create an Organizational Unit object for each department. Train a member of each department to perform limited administrative duties. Use the Delegation of Control wizard to give a member of each OU enough rights to perform the necessary administrative tasks only in the appropriate OU.
A user reports that she can't connect to the Internet. After some investigation, you find that the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next?
Create an action plan.
A user reports that she cant connect to the internet. After some investigation, you find the wireless router has been misconfigured. You are responsible for managing and maintaining the wireless access point. What should you do next?
Create an action plan.
You are the network administrator for your company. Your company has three standalone servers that run Windows Server 2012. All servers are located in a single location. You have decided to create a single Active Directory domain for your network. Currently, each department has one employee designated as the department's computer support person. Employees in this role create user accounts and reset passwords for the department. As you design Active Directory, you want these users to maintain their responsibilities. You must not give these users more permission than they need. What should you do?
Create an organizational unit (OU) structure where each department has its own OU. Use the Delegation of Control wizard to grant each computer support user appropriate permissions to their department OUs.
Which of the following is an example of privilege escalation?
Creeping privileges
You have decided to implement Gigabit Ethernet on your network. Each switch port is connected to a single device. Following the installation, you find one device connected to a switch that is only running at 100 Mbps. Which of the following are likely causes?
Crosstalk
You have decided to implement Gigabit Ethernet on your network. Each switch port is connected to a single device. Following the installation, you find one device connected to a switch that is only running at 100 Mbps. Which of the following are likely causes?
Crosstalk.
You've just received an e-mail message that indicates a new serious malicious code threat is ravaging across the Internet. The message contains detailed information about the threat, its source code, and the damage it can inflict. The message states that you can easily detect whether or not you have already been a victim of this threat by the presence of three files in the /Windows/System32 folder. As a countermeasure, the message suggests that you delete these three files from your system to prevent further spread of the threat. What should your first action based on this message be? Delete the indicated files if present Distribute the message to everyone in your address book Perform a complete system backup Reboot the system Verify the information on well-known malicious code threat management Web sites
E
You have been contracted by a firm to implement a new remote access solution based on a Windows Server 2003 system. The customer wants to purchase and install a smart card system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client?
EAP
You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use?
EAP
Which of the following protocols are most likely used with digital signatures (Select two.)
ECC, RSA
Which of the following security solutions would prevent a user from reading a file which she did not create?
EFS
Which of the following security would prevent a user from reading a file which she did not create
EFS
Which of the following routing protocols is classified as a balanced hybrid routing protocol?
EIGRP
You are troubleshooting a client connectivity problem on an Ethernet network. The client system has intermittent connectivity to the network. You discover that the UTP patch cable is run 75 feet from the wall outlet, passes through the ceiling and over several florescent light fixtures before reaching the client system. Which of the following may be a cause of the connectivity problem?
EMI interfaace.
You are troubleshooting a client connectivity problem on an Ethernet network. The client system has intermittent connectivity to the network. You discover that the UTP patch cable is run 75 feet from the wall outlet, passes through the ceiling and over several florescent light fixtures before reaching the client system. Which of the following may be the cause of the connectivity problem?
EMI interference
Which of the following statements about ESD is not correct
ESD is more likely to occur when the relative humidity is above 50%
Which of the following statements about ESD is not correct?
ESD is much more likely to occur when the relative humidity is above 50%
IPSec is implemented through two separate protocols. What are these protocols called (Select two.)
ESP, AH
You have a cable Internet connection at home. The installer had connected the router near the outside wall of your house with RG-6 cable. You move the cable router a distance of 50 meters using RG-8 cables and special connector adapters. Which condition are you most likely to experience?
Echo
You have a cable internet connection at home. the installer had connected the router near the outsde wall of your house with RG-6cable you move the cable router a distance of 50meters using RG-8 cables and special connector adapters. What condition are you most likely to experience?
Echo An impedance mismatch (manifested by echo) occurs when you connect cables and devices that have a different impedance (resistance) rating. Impedance is mostly a factor in coaxial cables used for networking.
You have a cable Internet connection at home. The installer had connected the router near the outside wall of your house with RG-6 cable. You move the cable router a distance of 50 meters using RG-8 cables and special connector adapters. Which condition are you most likely to experience?
Echo.
You are the manager of the *eastsim.com* domain. Your Active Directory structure has organizational units (OUs) for each company department. You have several assistant administrators who help manage Active Directory objects. For each OU, you grant one of your assistants Full Control over the OU. You come to work one morning to find that while managing some user accounts, the administrator in charge of the Sales OU has deleted the entire OU. You restore the OU and all of its objects from a recent backup. You want to make sure that your assistants can't delete the OUs they are in charge of. What should you do? (Select two. Each choice is a possible solution.)
Edit the properties for each OU to prevent accidental deletion. Remove Full Control permissions from each OU. Run the Delegation of Control wizard for each OU, granting permissions to perform the necessary management tasks.
How can an organization help prevent social engineering attacks?
Educate employees on the risks and countermeasures Publish and enforce clearly-written security policies
How can an organization help prevent social engineering attacks?(Select Two)
Educate employees on the risks and countermeasures, Publish and enforce clearly written security policies.
You are troubleshooting a client connectivity problem on an Ethernet network. the client system has intermittent connectivity to the network. You discover that the UTP patch cable is run 75 feet from the wall outlet, passes though the ceiling and over several florescent light fixtures before reaching the client system. What is the cause of the connectivity problem
Emi interference
Which of the following is not part of security awareness training
Employee agreement documents.
Which of the following is not part of security awareness training?
Employee agreement documents.
You are the network administrator for *northsim.com*. The network consists of a single Active Directory domain. All the servers run Windows Server 2012 and all the clients run Windows 8. The company has offices throughout the United States, as well as international locations. You have two servers named HV2 and HV2 that are located in the New York office. Both servers have the Hyper-V role installed. Both servers have quad core processors and 16 GB of RAM. Hv1 hosts two virutal machines named APP1 and APP2: APP1 hosts an application used heavily by users in New York. APP2 hosts an application used heavily by users in London. During the day you observe poor performance on APP1 due to a shortage of memory. During the evening, APP1 performs fine. However, APP2 experiences poor performance during peak business hours in London due to a shortage of memory. There are no empty slots to add memory to the sever, and management reports that they will not have money in the budget to upgrade HV1 for at least 6 months. You need to improve performance for APP1 and APP2. using the least amount of administrative effort. What should you do?
Implement Dynamic Memory in the properties of APP1 and APP2.
As you are helping a user with a computer problem you notice that she has written her password on a note stuck to her computer monitor. You check the password policy of your company and find that the following settings are currently required: Minimum password length = 10 Minimum password age = 4 Maximum password age = 30 Password history = 6 Require complex passwords that include numbers and symbols Account lockout clipping level = 3 Which of the following is the best action to take to make remembering passwords easier so that she no longer has to write the password down?
Implement end-user training
As you are helping a user with a computer problem you notice that she has written her password on a note stuck to her computer monitor. You check the password policy of your company and find that the following settings are currently required: ...........Which of the following is best action to take to make remember passwords easier so that she no longer has to write the password down
Implement end-user training
You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
Implement version 3 SNMP
What is the simplest way to deploy a security template on several computers simultaneously?
Importing the security template into a GPO
Over the last month you have noticed a significant increase in the occurrence of inappropriate activities performed by employees. What is the best first response step to take in order to improve or maintain the security level of the environment
Improve and hold new awareness sessions
subnet mask
In IPv4 addressing, a 32-bit number that, when combined with a device's IP address, indicates what kind of subnet the device belongs to.
user agent server
In SIP terminology, a server that responds to user agent clients' requests for session initiation and termination.
user agent
In SIP terminology, a user agent client or user agent server.
endpoint
In SIP terminology, any client, server, or gateway communicating on the network.
user agent client
In SIP terminology, end-user devices such as workstations, PDAs, cell phones, or IP telephones. A user agent client initiates a SIP connection.
AF (Assured Forwarding)
In the DiffServ QoS technique, a forwarding specification that allows routers to assign data streams one of several prioritization levels. AF is specified in the DiffServ field in an IPv4 datagram.
EF (Expedited Forwarding)
In the DiffServ QoS technique, a forwarding specification that assigns each data stream a minimum departure rate from a given node. This technique circimvents delays that slow normal data from reaching its destination on time and in sequence. EF information is inserted in the DiffServ field of an IPv4 datagram.
set top box
In the context of IPTV, a device that decodes digital video signals and issues them to the television. Set top boxes also communicate with content servers to manage video delivery.
____ is the planning, coordination, communications, and planning functions that are needed in order to resolve an incident in an efficient manner.
Incident handling
a user reports that he can't browse the internet. You ping test the web server succeeds. A trace route test shows 17 hops to the destination web server. What is the likely cause
Incorrect DNS server address
A user reports that he can't browse to a specific Web site on the Internet. From his computer, you find that a ping test to the Web server succeeds. A trace route test shows that 17 hops to the destination Web server. What is the most likely cause of the problem?
Incorrect DNS server address.
You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation cannot communicate with any other host on the network. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix. : mydomain.local Description : Broadcom network adapter Physical Address : 00-AA-BB-CC-74-EF DHCP Enabled :No Autoconfiguration Enabled : Yes IPv4 Address : 192.168.2.102(Preferred) Subnet Mask :255.255.255.0 Default Gateway : 192.168.1.1 DNS Servers : 192.168.2.20 What is the most likely cause of the problem?
Incorrect IP address
You manage a local area network with several switches. A new employee has started today so you connect her workstation to a switch port. After connecting the workstation, you find that the workstation cannot get an IP address from the DHCP server. You check the link and status lights and the connection is working properly. A ping to the loopback address on the workstation succeeds. No other computers seem to have the problem. Which of the following is the most likely cause of the problem?
Incorrect VLAN assignment
You manage a local area network with several switches. anew employee has started today so you connect her workstation to a switch port. After connecting the workstation, you find that the workstation cannot get an IP address from the DHCP server. You check the link and status lights and the connection is working properly. A ping to the loopback address on the workstation succeeds. No other computers seem to have the problem.
Incorrect VLAN assignment
You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation can communicate with some hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix. : mydomain.local Description : Broadcom network adapter Physical Address : 00-AA-BB-CC-74-EF DHCP Enabled :No Autoconfiguration Enabled : Yes IPv4 Address : 192.168.1.102(Preferred) Subnet Mask :255.255.255.0 Default Gateway : 192.168.2.1 DNS Servers : 192.168.2.20 What is the most likely cause of the problem?
Incorrect default gateway
You manage a network that has multiple internal subnets. You connect a workstation to the 192.168.1.0/24 subnet. This workstation can communicate with some hosts on the private network, but not with other hosts. You run ipconfig /all and see the following: Ethernet adapter Local Area Connection: Connection-specific DNS Suffix. : mydomain.local Description : Broadcom network adapter Physical Address : 00-AA-BB-CC-74-EF DHCP Enabled :No Autoconfiguration Enabled : Yes IPv4 Address : 192.168.2.102(Preferred) Subnet Mask :255.255.0.0 Default Gateway : 192.168.1.1 DNS Servers : 192.168.1.20 192.168.1.27 What is the most likely cause of the problem?
Incorrect subnet mask
What is the purpose of using Ethernet bonding? (Select two.)
Increases network performance Provides a failover solution for network adapters
Which of the following activities assigns a security level to different types of data
Information classification
Which of the following CCTV types would you use in areas with little or no light?
Infrared
What is a key difference between a domain tree hierarchy and the organizational unit (OU) hierarchy within a domain?
Inheritance
Which of the following is specifically meant to ensure that a program operates on clean, correct and useful data?
Input validation
You have installed a new computer with a quad-core 64-bit processor, 7 GB of memory, and a PCIe video card with 512 MB of memory. After installing the operating system, you see less than 4 GB of memory showing as available in Windows. What should you do?
Install a 64-bit version of the operating system.
You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You discover that a user has downloaded virus from the Internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss is adamant that this situation does not reoccur. What do you do?
Install a network virus detection software solution.
You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You discover that a user downloaded a virus from the Internet onto his workstation and it propagated to the server. You successfully restore all files from backup but your boss is adamant that this situation does not reoccur. What should you do?
Install a network virus detection software solution.
You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You discover that user download a virus from the Internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss is adamant that this situation doe not occur. What should you do?
Install a network virus detection software solution.
Your company leases a very fast Internet connection and pays for it based on usage. You have been asked by the company president to reduce Internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection, without decreasing performance. What is the best way to do this?
Install a proxy server.
Your company leases a very fast Internet connection and pays for it based on usage. You have been asked by the company to reduce Internet line lease costs. You want to reduce the amount of web pages that are downloaded over the leased connection, without decreasing performance. What is the best way to do this?
Install a proxy server.
__________ is one general guideline for protecting your network.
Install redundant components
Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice that this only seems to happen when the elevator is running. What should you do
Install shielded cables near the elevator
Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice that this only seems to happen when the elevator is running. What should you do?
Install shielded cables near the elevator
Your company system is a participant in an asymmetric cryptography system. You've crafted a message to be sent another user. Before transmission, you hash the message, then encrypt the hashing using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. In this example, what protection does the hashing activity provide
Integrity
Your computer system is a participant in an asymmetric cryptography system. You've created a message to be sent to another user. Before transmission, you hash the message, then encrypt the hash using your private key. You then attach this encrypted hash t your message as a digital signature before sending it to the other user. In this example, what protection does the hashing activity provide?
Integrity
A user calls to report that she is experiencing intermittent problems while accessing the wireless network from her laptop computer. While she normally works form her office, today she is trying to access the wireless network form a conference room which is across the hall and next to the elevator. What is the most likely cause of her connectivity problem?
Interference is affecting the wireless signal
You need to configure when Windows updates are checked for and downloaded from Microsoft's update servers on a Windows 7 system. Which option in Control Panel should you use to do this?
System and Security
You are managing a Windows Server 2012 virtual machine on a Hyper=V hypervisor host. Dynamic Memory is enabled in the virtual machine's configuration. The virtual machine will run several web applications that are known to create system memory utilization spikes during heavy use. Because Dynamic Memory is enabled, you are concerned that memory could be unallocated from this virtual machine reallocated to another, resulting in insufficient memory should utilization suddenly increase. You need to ensure that some physical RAM is held in reserve to prevent this from happening. Click on the option you would use in the virtual machine's memory configuration to do this.
Specify the percentage of memory that Hyper-V should try to reserve as a buffer. Hyper-V uses the percentage and the current demand for memory to determine an amount of memory for the buffer. Memory buffer: 20%
A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received in the Internet-facing interface. This is an example of what form of attack? (#1)
Spoofing
A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internet-facing interface. This is an example of what form of attack?
Spoofing
Which type of activity changes or falsifies information in order to mislead or re-direct traffic?
Spoofing
When developing the totality of security policy documentation, what type of document will contain instructions or information on remaining compliance with regulations and industry standards
Standards
____ keeps a record of the state of a connection between an internal computer and an external device and then makes decisions based on the connection as well as the conditions.
Stateless packet filtering
What is the cryptography mechanism which hides secret communications within various forms of data
Steganography
What is the cryptography mechanism which hides secret communications within various forms of data?
Steganography
Amplitude indicates an analog wave's:
Strength
Which of the following best describes the purpose of using subnets?
Subnets divide an IP network address into multiple network addresses.
You manage a subnet that uses the following subnet address: 198.162.1.0/23. Which of the following best describes how addressing is configured for the subnet?
Supernetting.
A VPN is sued primarily for what purpose?
Support secured communications over a trusted network.
A VPN is used primarily for what purpose?
Support secured communications over an untrusted network.
Which of the following is a characteristic of SDSL?
Supports data traffic only (no voice)
Which of the following are characteristics of MPLS?
Supports variable-length data units. Adds labels to data units.
Which of the following is the least effective power loss protection for computer systems
Surge protector
Which of the following is the least effective power loss protection for computer systems?
Surge protector
In a(n) infection, a virus injects itself into the program's executable code instead of at the end of the file.
Swiss cheese
Angela is the network administrator for a rapidly growing company with a 100BaseT network. Users have recently complained about the slow file transfers. In a check of network traffic, Angela discovers a high number of collisions. Which connectivity device would best reduce the number of collisions and provide for future growth?
Switch
Which of the following connectivity hardware is used to create a LAN?
Switch
You want to reduce collisions by creating separate collision domains and virtual LANs. Which of the following devices should you choose?
Switch
When configuring VLANs on a switch, what is used to identify VLANs on a switch, what is used to identify VLAN membership of a device?
Switch port
When configuring VLANs on a switch, what is used to identify VLAN membership of a device?
Switch port.
Angela is the network administrator for a rapidly growing company with a 100BaseT network. Users have recently complained about slow file transfers. In a check of network traffic, Angela discovers a high number of collisions. Which connectivity device would best reduce the number of collisions and provide future growth?
Switch.
Which of the following connectivity hardware is used to create a VLAN?
Switch.
You want to reduce collisions by creating separate collision domains and virtual LANs Which of the following devices should you choose?
Switch.
When protection of the content of a message is required, which of the following cryptography solution should be employed
Symmetric encryption
When protection of the content of a message is required, which of the following cryptography solutions should be employed?
Symmetric encryption
What form of cryptography is best suited for bulk encryption because it is so fast
Symmetric key cryptography
What form of cryptography is best suited for bulk encryption because it is so fast?
Symmetric key cryptography
You administer a Web server on your network. The computer has multiple IP addresses. They are 192.168.23.8 to 192.168.23.17. The name of the computer is www.westsim.com. You configured the Web site as follows: IP address: 192.168.23.8, HTTP Port: 1030, SSL Port: 443. Users complain that they can't connect to the web site when they type www.westsim.com. What is the most likely source of the problem?
The HTTP port should be changed to 80.
You administer a Web server on your network. The computer has multiple IP addresses. They are 192.198.23.8 and 192.168.23.17. The name of the computer is www.westsim.com. You configured the Web site as follows: -IP address: 192.168.23.8 -HTTP Port: 1030 -SSL Port: 443 Users complain that they can't connect to the Web site when they type www.westsim.com. What is the most likely source of the problem?
The HTTP port should be changed to 80.
What actions can a typical passive Intrusion Detection System (IDS) take when it detects an attack? (Select two)
The IDS logs all pertinent data about the intrusion, An alert is generated and delivered via Email, the console, or an SNMP trap.
What actions can a typical passive Intrusion Detection System (IDS) take when it detects and attack? (Select two.)
The IDS logs all pertinent data about the intrusion. An alert is generated and delivered via Email, the console, or an SNMP trap.
IP datagram
The IP portion of a TCP\IP frame that acts as an envelope for data, holding information necessary for routers to transfer data between subnets.
Well Known Ports
The TCP/IP port numbers 0 to 1023, so named because they were long ago assigned by Internet authorities to popular services (for example, FTP and Telnet), and are, therefore, well known and frequently used.
Registered Ports
The TCP/IP ports in the range of 1024 to 49,151. These ports are accessible to network users and processes that do not have special administrative privileges.
release
The act of terminating a DHCP lease.
port number
The address on a host where an application makes itself available to incoming data.
lease
The agreement between a DHCP server and client on how long the client can use a DHCP-assigned IP address. DHCP services can be configured to provide lease terms equal to any amount of time.
unified messaging
The centralized management of multiple types of network-based communications, such as voice, video, fax, and messaging services.
Which action is taken when the private key associated with a digital certificate becomes compromised?
The certificate is revoked and added to the Certificate Revocation List.
You want to use a tool to see packets on a network, including the source and destination of each packet. Which tool should you use?
Wireshark
Which of the following documents would likely identify that drop cables on your network use the T568A standard?
Wiring schematic
Which type of documentation would you consult to find the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet?
Wiring schematic
You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update?
Wiring schematic
You are troubleshooting the connection of a computer in an office to the punchdown block in the distribution closet. Which document would you consult to identify the termination of the cable on the punchdown block based on the wall jack location in the office?
Wiring schematic
Which of the following documents would likely identify that drop cables on your network use the T568A standard?
Wiring schematic.
Which type of documentation would you consult to find the location of RJ-45 wall jacks and their endpoints in the intermediate distribution closet?
Wiring schematic.
You are troubleshooting a workstation connection to the network. During your troubleshooting, you move the cable in the wiring closet to a different port on the patch panel. Which type of document should you update?
Wiring schematic.
You are troubleshooting the connection of a computer in an office to punchdown block in the distribution closet. Which document would you consult to identify the termination of the cable on the punchdown block based on the wall jack location in the office?
Wiring schematic.
____ involves horizontally separating words, although it is still readable by the human eye.
Word splitting
Which of the following is an attack that injects malicious scripts into Web pages to redirect users to fake websites or gather personal information?
XSS
Can a domain user, who does not possess explicit object creation permissions, create computer objects?
Yes, authenticated users can create workstation, but not server objects
Can an administrator launch the Group Policy Management console from a workstation?
Yes, if the workstation is running the Remote Server Administration Tools package.
You are implementing a DHCP server for your segment. Your segment's IP address is 192.168.1.0. Your default gateway address is 192.168.1.254. Your DNS server address is 192.168.1.1. Your default gateway is configured as a NAT router to translate addresses between network segments. YOu configured the 03 Router option on your DHCP server so it can deliver the IP address of the default gateway to workstations. After configuring your workstations to get their IP address information dynamically, your users complain that they are unable to access web sites on the Internet. How can you resolve this problem?
You must configure your DHCP server with an option that delivers the IP address of the DNS server (Option 06).
You configure on o3 router on your DHCP server so it can deliver the IP address of the default gateway to workstations. After configuring your workstations to get their IP addressing information dynamically, your users complain that they are unable to access web sites on the internet. How can you fix this problem
You must configure your DHCP server with an option that delivers the IP address of the DNS server (option 06)
In which of the following situations would you most likely implement a demilitarized zone (DMZ)?
You want to protect a public Web server from the attack.
You're trying to access your office network with your Windows XP workstation from home using your organization's virtual private network (VPN). Your modem has dialed and connected to your ISP, but you can't connect to your office network. You issue the ipconfig command from the shell prompt and learn that your system has been assigned an IP address of 169.254.1.12 What's causing the problem?
Your ISP's DHCP server isn't working properly.
You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the Web site. The two hashes match. What do you know about the file
Your copy is the same as the copy posted on the website.
You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the Web site. The two hashes match. What do you know about the file?
Your copy is the same as the copy posted on the website.
You want to implement 802.1x authentication on your wireless network. What will be required?
a RADIUS server
While troubleshooting a problem on a Linux system, you run a utility that generates the following output: 5. s3232.gw.Seat.someisp.net (63.201.72.9) 38.433 ms 38.713 ms 39.085 ms 6. st11122.garl.Seat.someisp.net (211.242.9.121) 38.620 ms 38.593 ms 38.050 ms 7. oc48-6yy.Seat.someisp.net (14.248.154.129) 57.440 ms 56.678 ms 57.675 ms 8. t223hgh-ytry.swa.someisp.net (142.133.89.232) 103.041 ms 57.181 ms 56.619 ms 9. t8343mmd.cgssel.someisp.net (152.191.10261) 91.977 ms 93.971 ms 93.767 ms 10. twirem2.cgssfdl.ip.someisp.net (145.97.133.23) 92.453 ms 92.337 ms 93.523 ms 11. twerrm1.nfffsiny.ip.someisp.net (117.116.141.38) 106.000 ms 106.007 ms 106.007 ms 105.283 ms 12. gbed22repp0.n5ddsdsy.ip.someisp.net (123.194.132.8) 103.198 ms 105.447 ms 104.263 ms Which of the following utilities were you using?
traceroute
While working on a Linux server, you are unable to connect to Windows Server 2003 system across the Internet. You are able to ping the default gateway on your own network, so you suspect that the problem lies outside of the local network. What utility would you use to track the route a packet takes as it crosses the network?
traceroute.
While working on a Linux server, you are unable to connect to Windows Server 2003 system across the Internet. You are able to ping the default gateway on your own network, so you suspect the problem lies outside the local network. Which utility would you use to trace the route a packet takes as it crosses the network?
traceroute.
Examine the following output: 4 22 ms 21 ms 22 ms sttwa01gr02.bb.ispxy.com [124.11.10.62] 5 39 ms 39 ms 65 ms plalca01gr00.bb.ispxy.com [124.11.12.11] 6 39 ms 39 ms 39 ms Rwest.plalca01gr00.bb.ispxy.com [154.11.3.14] 7 40 ms 39 ms 46 ms sv1-core-03.inet.ispxy.net [205.171.205.28] 8 75 ms 117 ms 63 ms dia-core-01.inet.ispxy.net [205.171.142.1] Which of these commands produced this output?
tracert
What TCP/IP utility gives you the following output?
tracert
Which TCP/IP utility gives you the following output? 2 14 ms <10 ms 14 ms Loopback0.GW1.SLT1.ALTER.NET [137.39.2.123] 3 14 ms <10 ms 13 ms 122.at-6-0-0.XR1.SLT4.ALTER.NET [152.63.91.85] 4 <10 ms 14 ms <10 ms 0.so-0-1-0.TL1.SLT4.ALTER.NET [152.63.1.210] 5 41 ms 41 ms 41 ms 0.so-7-0-0.TL1.POR3.ALTER.NET [152.63.32.41] 6 42 ms 41 ms 41 ms 0.so-6-0-0.XL1.SEA1.ALTER.NET [152.63.38.82] 7 41 ms 41 ms 42 ms P0S6-0.GW11.SEA1.ALTER.NET [152.63.107.17]
tracert
You are the network administrator of a branch office of your company. The branch office network is part of a WAN that covers most of the United States. The office has two Windows 2000 servers, two UNIX servers, one Windows NT server, 90 Windows 98 clients, 40 Windows 2000 Professional clients, and five Macintosh clients. Users have been complaining that they are unable to access resources over the WAN at the main headquarters. You suspect that one of the routers between your office and the main headquarters is not working properly. What TCP/IP utility can you use to see if a router is not working properly?
tracert
Examine the following output: 4 22 ms 21 ms 22 ms sttlawa01gr02.bb.ispxy.com [154.11.10.62] 5 39 ms 39 ms 65 ms plalca01gr00.bb.ispxy.com [154.11.12.11] 6 39 ms 39 ms 39 ms Rwest.placa01gr00.bb.ispxy.com [154.11.3.14] 7 40 ms 39 ms 46 ms svl-core-03.inet.ispoxy.net [205.171.206.29] 8 75 ms 117 ms 63 ms dia-core-01.inet.ispxy.net [205.151.142.1] Which of the following produced this output?
tracert.
Which TCP/IP utility gives you the following output? 2 14 ms <10 ms 14 ms Loopback0.GWI.SLT1.ALTER.NET [137.39.2.123] 3 14 ms <10 ms 13 ms 122.at-6-0-0.XR1.SLT4.ALTER.NET [152.63.91.86] 4 <10 ms 14 ms <10 ms 0.so-0-1-0.TL1.SLT4.ALTER.NET [152.63.1.210] 5 41 ms 41 ms 41 ms 0.so-7-0-0.TL1.PQR3.ALTER.NET [152.63.32.41] 6 42 ms 41 ms 41 ms 0.so.6-0-0.XL1.SEA1.ALTER.NET [152.63.38.82] 7 41 ms 41 ms 41 ms PQS6-0.GW11.SEA1.ALTER.NET [152.63.107.17]
tracert.
You are the network administrator of a branch office of your company. The branch office network is part of a WAN that covers most of the United States. The office has two Windows 2000 servers, two UNIX severs, one Windows NT server, 90 Windows 98 clients, 40 Windows 2000 Professional clients, and five Macintosh clients. Users have been complaining that they are unable to access resources over the WAN at the main headquarters. You suspect that one of the routers between your office and the main headquarters is not working properly. What TCP/IP utility can you use to see if a router is not working properly?
tracert.
A(n) ____ is a device that maintains power to equipment in the event of an interruption in the primary electrical power source.
uninterruptible power supply
Resource access for individuals takes place through their ______.
user accounts
____ learners learn through taking notes, being at the front of the class, and watching presentations.
visual
A ____ in effect takes a snapshot of the current security of the organization.
vulnerability appraisal
The process of walking around an office building with an 802.11 signal detector is known as what?
war driving
A ____ has all of the equipment installed, but does not have active Internet or telecommunications facilities, and does not have current backups of data.
warm site