SEC+ Training Camp

Ace your homework & exams now with Quizwiz!

Which of the following is a systematic way of ensuring that changes to the network infrastructure and applications are performed in an orderly fashion

Change management

Which of the following protocols are included in IP Security?

- Authentication Headers (AH) _ Layer 2 Tunneling Protocol (L2TP)

Which of the following properly defines supervisory control and data acquisition (SCADA)?

A system designed to control automated systems in cyber-physical environments

Which of the following is an LDAP directory service that is used in a Windows environments?

Active Directory

You are setting up a test lab for your organization for software development. You need to ensure none of the development code can accidentally be placed on production systems. What should you implement in order to achieve this goal?

Air gap

Which of the following is the best solution if you wish to harden a web server?

Allow list

Which of the following is not a natural threat to an organization?

Arson

Which of the following would be considered a man-made external threat?

Competitor stealing data off a web server

Which of the following cryptographic elements is used to make the relationship between the encryption key and the ciphertext as complex as possible?

Confusion

Which of the following is an older symmetric encryption algorithm that used a 56-bit-key and should no longer be used?

DES

Which of the following is most likely an authentication issue that might arise on today's network?

Domain controllers unavailable

Which of the following types of attacks target the careless disposal of sensitive information?

Dumpster diving

Which of the following is a vulnerability tool that is used to identify operating system information and running services?

Fingerprinting tools

Which of the following security tool is actually used to lure attackers in an effort to study their approach and efforts to breach the system

Honeypot

Which of the following is used to ensure single sign on capabilities across multiple platforms and organizational boundaries?

Identity federation

Which of the following would cause an issue accessing an encrypted file or folder?

Inaccessible private key

Which of the following is a record of the events that occurred in relation to a security incident and the output from the IRP?

Incident report

You are assessing vulnerabilities. Which of the following is not considered an account vulnerability?

Lack of proper off-boarding and on-boarding controls

You are in a new position in your organization. Which of the following sources would be the best to use to connect with peers on threat intelligence information?

Local industry groups

Which of the following is a type of access control method where data is given a particular security classification?

MAC

You are concerned about the level of security for passwords that are passed between remote clients and your VPN server running Windows Server 2008 R2. All remote clients are running Windows Vista or later Microsoft operating systems. You want to ensure the highest level of security is used for the passwords in transit over the network. Which of the following authentication protocols should you choose?

MS-CHAPv2

You are troubleshooting a company web application that is having issues. The application seems to run fine for approximately a week before it starts to crash. As you examine the server you notice the RAM utilization continues to climb every day until the server is completely out of memory. Which of the following is the application suffering from?

Memory leak

You need to get specific information on a particular threat. You found out about the threat reading an online newsfeed on your mobile device. Which of the following would be the best source for detailed information?

Open source intelligence

Which of the following is a term used in computer forensics to represent the need to gather certain information immediately before it is potentially lost from the attack system?

Order of volatility

You need to test systems against weak passwords, and you use a program that tests all accounts using the top 100 commonly used passwords. What type of test is this?

Password spraying

Which of the following should not be overlooked as it provides necessary security to operating systems in relation to code vulnerabilities that are found?

Patch management

Which of the following should be installed to improve network performance while Internet websites, as well as control the types of sites users are able to visit?

Proxy server

Which of the following is usually related to the frequency of backups that are performed for a specific application?

RPO

Which of the following software vulnerabilities occurs when certain events fail to execute in the intended order?

Race condition

You are testing a new application for your company. During testing, its been identified that when three or more people click submit on a specific form simultaneously, the application crashes. This is an example of what?

Race condition

Which of the following is the process of implementing additional components to prevent the loss of a single component from reducing the availability of the system?

Redundancy

Which of the following is the best protection method for IP-based CCTV against DDOS attacks?

Relocate all CCTV components on a seperate network

When an attacker captures network traffic and resends it at a later time, what type of attack is being utilized?

Replay attack

End users in your organization are calling an saying that wifi access is down. After performing discovery in relation to the problem you find that all who are affected are connected to an access point that you dont recognize. What type of attack is this?

Rogue Access Point

Which of the following should be used if you need to recycle or repurpose a drive and need to ensure that existing data is inaccessible?

Sanitation

Which of the following logs contains auditing events in Windows Server 2016 operating system?

Security

You need to configure NTFS permissions on a file share. Which of the following property pages will you use on a Windows Server 2016 file share?

Security

Which of the following types of keys is always a single use symmetric key?

Session

What type of attack would involve the attacker putting a layer of additional code between the original device driver for a video card and the operating system?

Shimming

Which of the following are accurate statements about the strengths of stream and block ciphers?

Stream ciphers are typically faster Block ciphers are typically more secure

Which of the following would be considered a physical attack?

Tailgating

T/F: A low MTD for a business application might result in the implementation of failover clustering to ensure the failure of individual components did not result in an outage

True

T/F: A security vulnerability is defined as any condition that leaves an information system open to harm

True

T/F: Perfect Forward Security (PFS) ensures that a compromise of long-term encryption keys will not compromise data encrypted by those keys

True

T/F: The lack of password complexity requirements in your organization is a type of account vulnerability

True

T/F: data exfiltration is the process an attacker uses to take data inside a local network and move it to an external network

True

Which of the following is not considered a type 1 hypervisor?

VMWare Workstation

Which of the following should be used to control the types of traffic inbound and outbound on a Windows 10 client system operating in a Windows domain?

Windows Firewall

Which of the following DMZ configuration provides the highest level of security while still allowing Internet access for LAN computers without the use of protocol switching?

back to back

An end user is having difficulty logging in to their personal Yahoo email account. You look at the browser and notice the user has typed www.yaho.com and the page looks very similar to the actual Yahoo page. What type of attack is this?

typosquatting


Related study sets

Chapter 14 smart book Management

View Set

Psychology Chapter 3 reading quiz

View Set

ATI mental health retake (focused review)

View Set

Ethics and Law in Dental Hygiene Practice Quiz Questions

View Set

AP Psychology AP Classroom Unit 2 Multiple Choice

View Set

Different forms of business and the advantages and disadvantages of each (Sole proprietorship, partnership, corporations, LLCs, cooperatives, joint venture, franchise)

View Set