testout final - foundations of cybersecurity
Electromagnetic emissions
A Faraday cage is used to prevent what from leaving an area?
Support secured communications over an untrusted network
A VPN is primarily used for which of the following purposes?
Air gap
A computer or small network that is not connected to the rest of the network or the internet is known as:
VPN concentrator
A group of salesmen would like to remotely access your private network through the internet while they are traveling. You want to control access to the private network through a single server. Which solution should you implement?
Credential Manager
A manager has told you she is concerned about her employees writing their passwords for websites, network files, and database resources on sticky notes. Your office runs exclusively in a Windows environment. Which tool could you use to prevent this behavior?
Sender's public key
A receiver wants to verify the integrity of a message received from a sender. A hashing value is contained within the digital signature of the sender. Which of the following must the receiver use to access the hashing value and verify the integrity of the transmission?
Authentication and authorization
A remote access user needs to gain access to resources on the server. Which of the following processes are performed by the remote access server to control access to resources?
Configure the browser to send HTTPS requests through the VPN connection Configure the VPN connection to use IPsec
A salesperson in your organization spends most of her time traveling between customer sites. After a customer visit, she must complete various managerial tasks, such as updating your organization's order database. Because she rarely comes back to your home office, she usually accesses the network from her notebook computer using Wi-Fi access provided by hotels, restaurants, and airports. Many of these locations provide unencrypted public Wi-Fi access, and you are concerned that sensitive data could be exposed. To remedy this situation, you decide to configure her notebook to use a VPN when accessing the home network over an open wireless connection. Which key steps should you take when implementing this configuration? (Select two.)
Biometric template original
A smart card can be used to store all but which of the following items?
Remote wipe
A smartphone was lost at the airport. There is no way to recover the device. Which of the following ensures data confidentiality on the device?
Ticket-granting ticket
A user has just authenticated using Kerberos. Which object is issued to the user immediately following login?
Switch
A virtual LAN can be created using which of the following?
Private keys
Above all else, what must be protected to maintain the security and benefit of an asymmetric cryptographic solution, especially if it is widely used for digital certificates?
Recovery
After a security event that involves a breach of physical security, what is the term used for the new measures, incident review, and repairs meant to stop a future incident from occurring?
Relay
An attacker has intercepted near-field communication (NFC) data and is using that information to masquerade as the original device. Which type of attack is being executed?
Implementing client-side validation
An attacker inserts SQL database commands into a data input field of an order form used by a web-based application. When submitted, these commands are executed on the remote database server, causing customer contact information from the database to be sent to the malicious user's web browser. Which practice would have prevented this exploit?
DDoS
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack?
SCP SFTP
As a network administrator, you are asked to recommend a secure method for transferring data between hosts on a network. Which of the following protocols would you recommend? (Select two.)
Anti-phishing software
As the security analyst for your organization, you have noticed an increase in emails that attempt to trick users into revealing confidential information. Which web threat solution should you implement to protect against these threats?
Virus scanner Spam filters
As the security analyst for your organization, you have noticed an increase in user computers being infected with malware. Which two solutions should you implement and configure to remedy this problem? (Select two.)
Pop-up blocker
As you browse the internet, you notice that when you go to some sites, multiple additional windows are opened automatically. Many of these windows contain advertisements for products that are inappropriate for your family to view. Which tool can you implement to prevent these windows from showing?
Create a separate VLAN for each department.
As you go through the process of making your network more manageable, you discover that employees in the sales department are on the same network segment as the human resources department. Which of the following steps can be used to isolate these departments?
Detective
Audit trails produced by auditing activities are which type of security control?
Paper
Burning, pulping, and shredding are three ways to securely dispose of data in which form?
Add a separate A/C unit in the server room.
Components within your server room are failing at a rapid pace. You discover that the humidity in the server room is at 60% and the temperature is at 80 degrees. What should you do to help reduce problems?
Confidentiality Non-repudiation
Cryptographic systems provide which of the following security services? (Select two.)
Network DLP
DLP can be implemented as a software or hardware solution that analyzes traffic in an attempt to detect sensitive data that is being transmitted in violation of an organization's security policies. Which of the following DLP implementations analyzes traffic for data containing such things as financial documents, social security numbers, or key words used in proprietary intellectual property?
File-level DLP
DLP can be used to identify sensitive files in a file system and then embed the organization's security policy within the file. Which of the following DLP implementations travels with sensitive data files when they are moved or copied?
Document Your Network
Documenting procedures and processes are part of which milestone in the NSA's Manageable Network Plan?
SSL
FTPS uses which mechanism to provide security for authentication and data transfer?
SSH
For Milestone 4 (Reach Your Network), which of the following would be considered a secure protocol to use to reach your network?
Buffer overflow attack
Having poor software development practices and failing to program input validation checks during development of custom software can result in a system vulnerable to which type of attack?
ESP AH
IPsec is implemented through two separate protocols. What are these protocols called? (Select two.)
Read the file.
If Mark has a read-write permission to the share \\fileserver\securefiles and a read-only permission to the file coolstuff.docx on the NTFS file system shared by the file share, he is able to perform which action?
Biometric locks
If a fingerprint or retina scan is required to open a secured door, which kind of physical security has been implemented?
Encapsulating Security Payload (ESP)
In addition to Authentication Header (AH), IPsec is comprised of what other service?
Map Your Network
In which milestone should you use a network scanner and then confirm the scan manually with a room-by-room walkthrough?
Low-trust zone
In which of the following zones would a web server most likely be placed?
Deploy
In which phase of the Microsoft Intune application life cycle would you assign an app to users and/or devices you manage and monitor them on the Azure portal?
Electromagnetic interference
It is important to follow correct procedures when running electrical cables next to data cables in order to protect against which environmental concern?
John has a local standard user account.
John, a user, is attempting to install an application but receives an error that he has insufficient privileges. Which of the following is the MOST likely cause?
Blowfish GPG
KWalletManager is a Linux-based credential management system that stores encrypted account credentials for network resources. Which encryption methods can KWalletManager use to secure account credentials? (Select two.)
She is still a member of the Project Management group, which has been denied permission to this system. Deny permissions always override Allow permissions.
Lori Redford, who has been a member of the Project Management group, was recently promoted to manager of the team. She has been added as a member of the Managers group. Several days after being promoted, Lori needs to have performance reviews with the team she manages. However, she cannot access the performance management system. As a member of the Managers group, she should have the Allow permission to access this system. What is MOST likely preventing her from accessing this system?
Have Marcus log off and log back in.
Marcus White has just been promoted to a manager. To give him access to the files that he needs, you make his user account a member of the Managers group, which has access to a special shared folder. Later that afternoon, Marcus tells you that he is still unable to access the files reserved for the Managers group. What should you do?
Sam's public key
Mary wants to send a message to Sam in such a way that only Sam can read it. Which key should be used to encrypt the message?
Mary needs to log in with a Microsoft account.
Mary, a user, is attempting to access her OneDrive from within Windows and is unable to. Which of the following would be the MOST likely cause?
Remotely install and uninstall apps
Mobile application management (MAM) provides the ability to do which of the following?
Track the device
Mobile device management (MDM) provides the ability to do which of the following?
Hot aisle
Most equipment is cooled by bringing cold air in the front and ducting the heat out of the back. What is the term for where the heat is sent in this type of scenario?
Active attack
Perpetrators attempt to compromise or affect the operations of a system, Attempting to find the root password on a web server by brute force.
Infrastructure
Power, heating, ventilation, air conditioning systems (HVAC), and utilities are all components of which term?
Have a printed hard copy kept in a secure location.
Prepare to Document means establishing the process you will use to document your network. Which of the following makes this documentation more useful?
Geotagging was enabled on her smartphone.
Recently, a serious security breach occurred in your organization. An attacker was able to log in to the internal network and steal data through a VPN connection using the credentials assigned to a vice president in your organization. For security reasons, all individuals in upper management in your organization have unlisted home phone numbers and addresses. However, security camera footage from the vice president's home recorded someone rummaging through her garbage cans prior to the attack. The vice president admitted to writing her VPN login credentials on a sticky note that she subsequently threw away in her household trash. You suspect the attacker found the sticky note in the trash and used the credentials to log in to the network. You've reviewed the vice president's social media pages. You found pictures of her home posted, but you didn't notice anything in the photos that would give away her home address. She assured you that her smartphone was never misplaced prior to the attack. Which security weakness is the MOST likely cause of the security breach?
SSH
SFTP uses which mechanism to provide security for authentication and data transfer?
Passive attack
Sniffing network packets or performing a port scan, Attempting to gather information without affecting the flow of information on the network.
You can control security by isolating wireless guest devices within this VLAN.
The IT manager has asked you to create a separate VLAN to be used exclusively for wireless guest devices to connect to. Which of the following is the primary benefit of creating this VLAN?
Nothing. They are reserved and cannot be used or deleted.
The IT manager has asked you to create four new VLANs for a new department. As you are going through the VLAN configurations, you find some VLANs numbered 1002-1005. However, they are not in use. What should you do with these VLANs?
In the Admin portal, select Policy > Add Policy.
The IT manager has tasked you with configuring Intune. You have enrolled the devices and now need to set up the Intune policies. Where would you go to set up the Intune policies?
Network closet
The IT manager has tasked you with installing the new wireless LAN controller (WLC). Where should you install the controller?
Implement a captive portal
The owner of a hotel has contracted with you to implement a wireless network to provide internet access for guests. The owner has asked that you implement security controls so that only paying guests are allowed to use the wireless network. She wants guests to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, guests should then be allowed full access to the internet. If a user does not provide the correct code, he or she should not be allowed to access the internet. What should you do?
443
To increase security on your company's internal network, the administrator has disabled as many ports as possible. However, now you can browse the internet, but you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?
20 21
To transfer files to your company's internal network from home, you use FTP. The administrator has recently implemented a firewall at the network perimeter and disabled as many ports as possible. Now, you can no longer make the FTP connection. You suspect the firewall is causing the issue. Which ports need to remain open so you can still transfer the files? (Select two.)
Protects data on its server with authentication and authorization protocols Replaces actual data with a randomly generated alphanumeric character set
Tokenization is another effective tool in data loss prevention. Tokenization does which of the following? (Select two.)
Encryption
Travis is sending a highly confidential email to Craig that contains sensitive data. Which of the following should Travis implement to ensure that only Craig is able to read the email?
External attack
Unauthorized individuals try to breach a network from off-site.
VAN
What is a virtual LAN that runs on top of a physical LAN called?
Sandboxing
What is isolating a virtual machine from the physical network to allow testing to be performed without impacting the production environment called?
A process by which each party in an online communication verifies the identity of the other party.
What is mutual authentication?
Accuracy
What is the MOST important aspect of a biometric device?
Unlimited
What is the limit of virtual machines that can be connected to a virtual network?
Generate and store cryptographic keys
What is the main function of a TPM hardware chip?
500
What is the minimum number of users needed in a Windows Enterprise agreement for Intune to be included?
Digital signature
What is the most obvious means of providing non-repudiation in a cryptography system?
Cloud-access security broker
What is the on-premises, cloud-based software tool that sits between an organization and a cloud service provider called?
Create a security association between communicating partners.
What is the primary function of the IKE Protocol used with IPsec?
Prevent conflicts of interest
What is the primary purpose of separation of duties?
Authorization
What is the process of controlling access to resources such as computers, files, or printers called?
50%
What is the recommended humidity level for server rooms?
Integration
What is the system that connects application repositories, systems, and IT environments in a way that allows access and exchange of data over a network by multiple devices and locations called?
Passphrase
What type of password is maryhadalittlelamb?
Unauthorized users are prevented from viewing or accessing the resource.
When a cryptographic system is used to protect data confidentiality, what actually takes place?
Non-repudiation
When a sender encrypts a message using their own private key, which security service is being provided to the recipient?
Switch port
When configuring VLANs on a switch, what is used to identify which VLAN a device belongs to?
Kerberos
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the user's identity to the target system?
The current date and time must fall within the server's certificate-validity period.
When using SSL authentication, what does the client verify first when checking a server's identity?
5
Which 802.1Q priority is IP phone traffic on a voice VLAN tagged with by default?
Masking
Which DLP method works by replacing sensitive data with realistic fictional data?
EAP-TLS
Which EAP implementation is MOST secure?
ESP
Which IPSec subprotocol provides data encryption?
Microsoft Security Compliance Toolkit
Which Microsoft tool can be used to review a system's security configuration against recommended settings?
HTTPS
Which TCP/IP protocol is a secure form of HTTP that uses SSL as a sub-layer for security?
Site-to-site VPN
Which VPN implementation uses routers on the edge of each site?
L2TP
Which VPN protocol typically employs IPsec as its data encryption mechanism?
Split
Which VPN tunnel style routes only certain types of traffic?
Attribute-Based Access Control (ABAC)
Which access control model is based on assigning attributes to objects and using Boolean logic to grant access based on the attributes of the subject?
Entry points
Which area of focus do public-facing servers, workstations, Wi-Fi networks, and personal devices fall under?
Documentation
Which area of focus helps to identify weak network architecture or design?
Fat
Which class of wireless access point (WAP) has everything necessary to manage clients and broadcast a network already built into its functionality?
Passive
Which classification of attack type does packet sniffing fall under?
Blackout
Which deviation in power is the longest in duration?
PDS
Which device is often employed by power companies to protect cabling infrastructure from having cables added or removed and to prevent emissions from being retrieved from the air?
USB data blocker
Which device is used to allow a USB device to charge but blocks the data transfer capabilities of the device?
Uninterruptible power supply
Which device is used to ensure power to a server or network device during short power outages?
Symmetric key cryptography
Which form of cryptography is best suited for bulk encryption because it is so fast?
Uptime/uptime + downtime
Which formula is used to determine a cloud provider's availability percentage?
Smart card
Which kind of access control technology allows more than just the identity of an individual to be transmitted wirelessly to either allow or deny access?
Workload balancing
Which load balancing method distributes a workload across multiple computers?
Peer-to-peer
Which networking model is based on peer-to-peer networking?
It can be used to control which users can see the actual data. It replaces original information with a mask that mimics the original in form and function.
Which of the following BEST describes dynamic data masking? (Select two.)
Endpoint DLP
Which of the following DLP implementations can be used to monitor and control access to physical devices on workstations or servers?
Company Portal
Which of the following Intune portals is used by end users to manage their own account and enroll devices?
PPTP
Which of the following VPN protocols is no longer considered secure?
Azure AD
Which of the following account types is a cloud-based identity and access management service that provides access to both internal and external resources?
Microsoft
Which of the following account types uses a single sign-on system that lets you access Windows, Office 365, Xbox Live, and more?
RSA Diffie-Hellman
Which of the following algorithms are used in asymmetric encryption? (Select two.)
Blowfish 3DES
Which of the following algorithms are used in symmetric encryption? (Select two.)
Turnstile Double-entry door
Which of the following allows an easy exit of an area in the event of an emergency, but also prevents entry? (Select two.)
Remote management
Which of the following app deployment and update methods allows an administrator to remove apps and clear all data from a device without affecting the device itself?
Remote management
Which of the following app deployment and update methods allows updates to be uploaded onto Intune where they can be pushed out to users within 24 hours?
App catalog
Which of the following app deployment and update methods can be configured to make available to specific users and groups only the apps that they have rights to access?
Easy migration of systems to different hardware Centralized administration
Which of the following are advantages of virtualization? (Select two.)
When used alone, they are no more secure than a strong password. They have the potential to produce numerous false negatives.
Which of the following are disadvantages of biometrics? (Select two.)
A compromised host system might affect multiple servers.
Which of the following are disadvantages of server virtualization?
Smart Card Photo ID
Which of the following are examples of Something You Have authentication controls? (Select two.)
Blocks email from specific senders Filters messages containing specific content
Which of the following are functions of gateway email spam filters? (Select two.)
Client server Workgroup
Which of the following are networking models that can be used with the Windows operating system? (Select two.)
Escort visitors at all times Require identification and name badges for all employees
Which of the following are solutions that address physical security? (Select two.)
Key length is 168 bits
Which of the following are true of Triple DES (3DES)?
Buffer overflow attack
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle?
Viewing calendar, emails, and messages on a mobile device without authorization
Which of the following best describes Bluesnarfing?
An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information.
Which of the following best describes an evil twin?
RC4
Which of the following can be classified as a stream cipher?
Deploy a mantrap
Which of the following can be used to stop piggybacking at a front entrance where employees should swipe smart cards to gain entry?
Cloud-access security broker
Which of the following can provide the most specific protection and monitoring capabilities?
Locks on doors
Which of the following controls is an example of a physical access control method?
Transparent Data Encryption (TDE)
Which of the following database encryption methods encrypts the entire database and all backups?
The point where the number of false positives matches the number of false negatives in a biometric system.
Which of the following defines the crossover error rate for evaluating biometric systems?
Virtual switch
Which of the following devices facilitates communication between different virtual machines by checking data packets before moving them to a destination?
Hypervisor
Which of the following devices is computer software, firmware, or hardware that creates and runs virtual machines?
Wi-Fi analyzer
Which of the following devices would you use to perform a site survey?
MAC address filtering
Which of the following do switches and wireless access points use to control access through a device?
DES
Which of the following encryption mechanisms offers the least security because of weak keys?
SCP SFTP
Which of the following file transfer protocols use SSH to provide confidentiality during the transfer? (Select two.)
Class C
Which of the following fire extinguisher types is best used for the electrical fires that might result when working with computer components?
Create a hash of system components
Which of the following functions are performed by a TPM?
Indicates that data has ended and a command is beginning
Which of the following functions does a single quote (') perform in an SQL injection?
Username
Which of the following identification and authentication factors are often well known or easily discovered by others on the same network or system?
Permissions
Which of the following identifies the type of access that is allowed or denied for an object?
Digital signature
Which of the following is a direct integrity protection?
Cloud-based firewall
Which of the following is a network device that is deployed in the cloud to protect against unwanted access to a private network?
Secure web gateway
Which of the following is a network security service that filters malware from user-side internet connections using different techniques?
Hyper-V
Which of the following is a network virtualization solution provided by Microsoft?
Cognitive
Which of the following is a password that relates to things that people know, such as a mother's maiden name or a pet's name?
User rights
Which of the following is a privilege or action that can be taken on a system?
Mobile device management (MDM)
Which of the following is a solution that pushes security policies directly to mobile devices over a network connection?
load balancing
Which of the following is a technique that disperses a workload between two or more computers or resources to achieve optimal resource utilization, throughput, or response time?
Data loss prevention
Which of the following is a technology that tries to detect and stop sensitive data breaches, or data leakage incidents, in an organization?
Protects the host operating system from malicious downloads
Which of the following is an advantage of a virtual browser?
A logical grouping of devices based on service need, protocol, or other criteria.
Which of the following is an appropriate definition of a VLAN?
XSS
Which of the following is an attack that injects malicious scripts into web pages to redirect users to fake websites to gather personal information?
Privilege creep
Which of the following is an example of privilege escalation?
VLAN
Which of the following is an example of protocol-based network virtualization?
Router access control lists that allow or deny traffic based on the characteristics of an IP packet.
Which of the following is an example of rule-based access control?
Escape
Which of the following is an exploit in which malware allows the virtual OS to interact directly with the hypervisor?
VLANs
Which of the following is commonly created to segment a network into different zones?
Heat map
Which of the following is generated after a site survey and shows the Wi-Fi signal strength throughout the building?
Wireless access point
Which of the following is responsible for broadcasting information and data over radio waves?
Input validation
Which of the following is specifically meant to ensure that a program operates on clean, correct, and useful data?
Add
Which of the following is the first phase of the Microsoft Intune application life cycle?
Keep the router in a locked room.
Which of the following is the most important thing to do to prevent console access to the router?
Intune Standalone
Which of the following is the recommend Intune configuration?
VPN
Which of the following is used as a secure tunnel to connect two networks?
SACL
Which of the following is used by Microsoft for auditing in order to identify past actions performed by users on an object?
Username
Which of the following is used for identification?
SSID
Which of the following is used on a wireless network to identify the network name?
Replication
Which of the following methods can cloud providers implement to provide high availability?
UEM
Which of the following mobile device management (MDM) solutions allows an organization to manage all devices, including printers, workstations, and even IoT devices?
EMM
Which of the following mobile device management (MDM) solutions is hardware-agnostic and supports many different brands of mobile devices?
Screen lock
Which of the following mobile device security considerations disables the ability to use the device after a short period of inactivity?
Group
Which of the following objects identifies a set of users with similar access needs?
Need to Know
Which of the following principles is implemented in a mandatory access control model to determine object access by classification level?
TLS SSL
Which of the following protocols are often added to other protocols to provide secure transmission of data? (Select two.)
RSA Diffie-Hellman
Which of the following protocols can TLS use for key exchange? (Select two.)
HTTPS
Which of the following protocols uses port 443?
Citrix
Which of the following provides the network virtualization solution called XenServer?
EFS
Which of the following security solutions would prevent a user from reading a file that she did not create?
Bluejacking
Which of the following sends unsolicited business cards and messages to a Bluetooth device?
DRA
Which of the following should you set up to ensure encrypted files can still be decrypted if the original user account becomes corrupted?
Multiple virtual networks can be associated with a single physical network adapter. A virtual network is dependent on the configuration and physical hardware of the host operating system.
Which of the following statements about virtual networks is true? (Select two.)
Access token
Which of the following terms describes the component that is generated following authentication and is used to gain access to resources following login?
False Negative
Which of the following terms is used to describe an event in which a person who should be allowed access is denied access to a system?
Telnet SSH
Which of the following tools allow remote management of servers? (Select two.)
Instance awareness
Which of the following tools allows the user to set security rules for an instance of an application that interacts with one organization and different security rules for an instance of the application when interacting with another organization?
Transparent
Which of the following types of proxies can be used for web filtering?
Forward
Which of the following types of proxies would you use to remain anonymous when surfing the internet?
Passive
Which of the following types of site surveys should be performed first?
VFA
Which of the following virtual devices provides packet filtering and monitoring?
Expand the area visible by security guards
Which option is a benefit of CCTV?
389, 636
Which ports does LDAP use by default? (Select two.)
DRM
Which rights management category is applied to music, videos, and software that is sold to consumers?
User ACL
Which security mechanism uses a unique list that meets the following specifications: The list is embedded directly in the object itself. The list defines which subjects have access to certain objects. The list specifies the level or type of access allowed to certain objects.
DMZ
Which special network area is used to provide added protection by isolating publicly accessible servers?
The entire data packet, including headers, is encapsulated
Which statement BEST describes IPsec when used in tunnel mode?
Steganography
Which term means a cryptography mechanism that hides secret communications within various forms of data?
Active
Which type of RFID tag can send a signal over a long distance?
IV Attack
Which type of attack is WEP extremely vulnerable to?
Buffer overflow attack
Which type of attack is the act of exploiting a software program's free acceptance of input in order to execute arbitrary code on a target?
Application layer
Which type of firewall operates at Layer 7 of the OSI model?
Packet-filtering
Which type of firewall protects against packets coming from certain IP addresses?
Security
Which type of group can be used for controlling access to objects?
type 2
Which type of hypervisor runs as an application on the host machine?
EMI
Which type of interference is caused by motors, heavy machinery, and fluorescent lights?
Dictionary attack
Which type of password attack employs a list of pre-defined passwords that it tries against a login prompt?
Critical updates
Which type of update should be prioritized even outside of a normal patching window?
SOHO
Which type of wireless access point is generally used in a residential setting?
GPG
Which utility would you MOST likely use on OS X to encrypt and decrypt data and messages?
Implementing client-side validation Implementing server-side validation
While using a web-based order form, an attacker enters an unusually large value in the Quantity field. The value he or she entered is so large that it exceeds the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order as a return instead of a purchase, and the attacker's account is credited with a large sum of money. Which practices would have prevented this exploit? (Select two.)
Patch management
Windows Server Update Services (WSUS) is used to accomplish which part of a manageable network?
Workgroup Standalone
You are a contract support specialist managing the computers in a small office. You see that all the computers are only using local user accounts. Which of the following models could this office be using? (Select two.)
802.1Q
You are adding switches to your network to support additional VLANs. Unfortunately, the new switches are from a different vendor than the current switches. Which standard do you need to ensure that the switches are supported?
Implement a hardware checkout policy.
You are an IT consultant. You are visiting a new client's site to become familiar with their network. As you walk around their facility, you note the following: When you enter the facility, a receptionist greets you and escorts you through a locked door to the work area where the office manager sits. The office manager informs you that the organization's servers are kept in a locked closet. An access card is required to enter the server closet. She informs you that server backups are configured to run each night. A rotation of tapes are used as the backup media. You notice the organization's network switch is kept in the server closet. You notice that a router/firewall/content filter all-in-one device has been implemented in the server closet to protect the internal network from external attacks. The office manager informs you that her desktop system no longer boots and asks you to repair or replace it, recovering as much data as possible in the process. You take the workstation back to your office to work on it. Which security-related recommendations should you make to this client?
Create a new virtual switch configured for host-only (internal) networking. Connect the virtual network interfaces in the virtual machines to the virtual switch.
You are an application developer. You use a hypervisor with multiple virtual machines installed to test your applications on various operating systems' versions and editions. Currently, all of your virtual machines used for testing are connected to the production network through the hypervisor's network interface. However, you are concerned that the latest application you are working on could adversely impact other network hosts if errors exist in the code. To prevent issues, you decide to isolate the virtual machines from the production network. However, they still need to be able to communicate directly with each other. What should you do? (Select two. Both responses are part of the complete solution.)
Check the MAC addresses of devices connected to your wired switch. Conduct a site survey.
You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do? (Select two. Each response is a complete solution.)
Network ID... Change...
You are configuring a small workgroup. You open System Properties on each computer that will be part of the workgroup. Click the System Properties options you can use to configure each computer's workgroup association. (Select two. Each option is part of a complete solution.)
Web threat filtering
You are configuring web threat protection on the network and have identified a website that contains malicious content. Which of the following should you configure?
Spam filter
You are configuring web threat protection on the network and want to block emails coming from a specific sender. Which of the following should be configured?
Website filtering
You are configuring web threat protection on the network and want to prevent users from visiting www.videosite.org. Which of the following needs to be configured?
Client-server
You are consulting a small startup company that needs to know which kind of Windows computer network model they should implement. The company intends to start small with only 12 employees, but they plan to double or triple in size within 12 months. The company founders want to make sure they are prepared for growth. Which networking model should they implement?
switchport voice vlan [number]
You are creating a VLAN for voice over IP (VoIP). Which command should you use?
Enforcement of the organization's internet usage policy An increase in bandwidth availability
You are investigating the use of website and URL content filtering to prevent users from visiting certain websites. Which benefits are the result of implementing this technology in your organization? (Choose two.)
Configure devices to run in infrastructure mode Install a RADIUS server and use 802.1x authentication
You are replacing a wired business network with an 802.11g wireless network. You currently use Active Directory on the company network as your directory service. The new wireless network has multiple wireless access points, and you want to use WPA2 on the network. What should you do to configure the wireless network? (Select two.)
Networking Closet and Lobby
You are the security administrator for a small business. The floor plan for your organization is shown in the figure below. You've hired a third-party security consultant to review your organization's security measures. She has discovered multiple instances where unauthorized individuals have gained access to your facility, even to very sensitive areas. She recommends that you provide employees with access badges and implement access badge readers to prevent this from happening in the future. Click on the office locations where access badge readers would be most appropriate.
Active
You are the security analyst for your organization and have discovered evidence that someone is attempting to brute-force the root password on the web server. Which classification of attack type is this?
Jamming
You are the security analyst for your organization. Clients are complaining about being unable to connect to the wireless network. After looking into the issue, you have noticed short bursts of high-intensity RF signals are interfering with your wireless network's signal. Which type of attack are you most likely experiencing?
Principle of least privilege
You assign access permissions so that users can only access the resources required to accomplish their specific work tasks. Which security principle are you complying with?
Confidentiality
You create a new document and save it to a hard drive on a file server on your company's network. Then you employ an encryption tool to encrypt the file using AES. This activity is an example of accomplishing which security goal?
Run the browser within a virtual environment.
You have a development machine that contains sensitive information relative to your business. You are concerned that spyware and malware might be installed while users browse websites, which could compromise your system or pose a confidentiality risk. Which of the following actions would BEST protect your system?
NTFS and share permissions
You have a file server named Srv3 that holds files used by the development department. You want to allow users to access the files over the network and control access to files accessed through the network or through a local logon. Which solution should you implement?
Add Mark Mangum to the ACL for the Confidential.xls file with Deny permissions.
You have a shared folder named Reports. Members of the Managers group have been given Write access to the shared folder. Mark Mangum is a member of the Managers group. He needs access to the files in the Reports folder, but he should not have any access to the Confidential.xls file. What should you do?
SQL injection
You have a website that accepts input from users for creating customer accounts. Input on the form is passed to a database server where the user account information is stored. An attacker is able to insert database commands in the input fields and have those commands execute on the server. Which type of attack has occurred?
IRM
You have been offered a position as a security analyst for Acme, Inc. The position will be remote. Acme Inc. has sent you your employment contract using a system that only allows you to open and digitally sign the contract. Which rights management method is being used?
integrity
You have downloaded a file from the internet. You generate a hash and check it against the original file's hash to ensure the file has not been changed. Which information security goal is this an example of?
Configure account expiration in the user accounts.
You have hired 10 new temporary workers who will be with the company for three months. You want to make sure that the user accounts cannot be used for login after that time period. What should you do?
RBAC
You have implemented an access control method that only allows users who are managers to access specific data. Which type of access control model is being used?
SSID
You have physically added a wireless access point to your network and installed a wireless networking card in two laptops that run Windows. Neither laptop can find the network. You have come to the conclusion that you must manually configure the access point (AP). Which of the following values uniquely identifies the network AP?
Open ports 20 and 21 for inbound and outbound connections.
You have placed a File Transfer Protocol (FTP) server in your DMZ behind your firewall. The FTP server is to be used to distribute software updates and demonstration versions of your products. However, users report that they are unable to access the FTP server. What should you do to enable access?
Physically secure high-value systems. Identify and document each user on the network.
You have recently been hired as the new network administrator for a startup company. The company's network was implemented prior to your arrival. One of the first tasks you need to complete in your new position is to develop a manageable network plan for the network. You have already completed the first and second milestones, in which documentation procedures were identified and the network was mapped. You are now working on the third milestone, which is identifying ways to protect the network. Which tasks should you complete as a part of this milestone? (Select two.)
The file is unencrypted when moved.
You have transferred an encrypted file across a network using the Server Message Block (SMB) Protocol. What happens to the file's encryption?
Positive Pressure System
You maintain a network for an industrial manufacturing company. You are concerned about the dust in the area getting into server components and affecting network availability. Which of the following should you implement?
Centralized authentication Centralized configuration control
You manage a group of 20 Windows workstations that are currently configured as a workgroup. You have been thinking about switching to an Active Directory configuration. Which advantages would there be to switching to Active Directory? (Select two.)
VLANs
You manage a network that uses a single switch. All ports within your building connect through the single switch. In the lobby of your building are three RJ-45 ports connected to the switch. You want to allow visitors to plug into these ports to gain internet access, but they should not have access to any other devices on your private network. Employees connected throughout the rest of your building should have both private and internet access. Which feature should you implement?
WPA2
You need to add security for your wireless network, and you would like to use the most secure method. Which method should you implement?
AES encryption 802.1x
You need to configure a wireless network using WPA2-Enterprise. Which of the following components should be part of your design? (Select two.)
WLC
You need to implement a solution to manage multiple access points in your organization. Which of the following would you most likely use?
High-gain Parabolic
You need to implement a wireless network link between two buildings on a college campus. A wired network has already been implemented within each building. The buildings are 100 meters apart. Which type of wireless antenna should you use on each side of the link? (Select two.)
VLAN
You run a small network for your business that has a single router connected to the internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation?
Make sure everyone has cleared the area.
You walk by the server room and notice that a fire has started. What should you do first?
BitLocker
You want a security solution that protects the entire hard drive and prevents access even if the drive is moved to another system. Which solution should you choose?
135, 137-139
You want to close all ports associated with NetBIOS on your network's firewalls to prevent attacks directed against NetBIOS. Which ports should you close?
Configure the connection with a pre-shared key and AES encryption.
You want to connect a laptop computer running Windows to a wireless network. The wireless network uses multiple access points and WPA2-Personal. You want to use the strongest authentication and encryption possible. SSID broadcast has been disabled. What should you do?
636
You want to deploy SSL to protect authentication traffic with your LDAP-based directory service. Which port does this action use?
Create a security group for the managers. Add all users as members of the group. Add the group to the file's DACL.
You want to give all managers the ability to view and edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove managers as their job positions change. What is the BEST way to accomplish this?
On a RADIUS server
You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication?
Implement BitLocker without a TPM.
You want to protect data on hard drives for users with laptops. You want the drive to be encrypted, and you want to prevent the laptops from booting unless a special USB drive is inserted. In addition, the system should not boot if a change is detected in any of the boot files. What should you do?
Back up Credentials
You want to protect the authentication credentials you use to connect to the LAB server in your network by copying them to a USB drive. Click the option you use in Credential Manager to protect your credentials.
PTZ
You want to use CCTV to increase your physical security, and you want the ability to remotely control the camera position. Which camera type should you choose?
SASL
You want to use Kerberos to protect LDAP authentication. Which authentication mode should you choose?
Enable the TPM in the BIOS.
You would like to implement BitLocker to encrypt data on a hard disk, even if it is moved to another system. You want the system to boot automatically without providing a startup key on an external USB device. What should you do?
Change the administrative password on the AP.
You've just finished installing a wireless access point for a client. What should you do to prevent unauthorized users from using the access point (AP) configuration utility?
By default, only the user who encrypted the C:\Secrets\confidential.docx file will be able to open it. If the C:\Secrets\confidential.docx file is copied to an external USB flash drive, the file will be saved in an unencrypted state.
You've used BitLocker to implement full volume encryption on a notebook system. The notebook motherboard does not have a TPM chip, so you've used an external USB flash drive to store the BitLocker startup key. You use EFS to encrypt the C:\Secrets folder and its contents. Which of the following is true in this scenario? (Select two.)
Use SSL
Your LDAP directory-services solution uses simple authentication. What should you always do when using simple authentication?
Use cable locks to chain the laptops to the desks.
Your company has five salesmen who work out of the office and frequently leave their laptops laying on their desks in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the BEST protection implementation to address your concerns?
Rogue access point
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day, you find that an employee has connected a wireless access point to the network in his office. Which type of security risk is this?
Non-repudiation
Your computer system is a participant in an asymmetric cryptography system. You've crafted a message to be sent to another user. Before transmission, you hash the message and then encrypt the hash using your private key. You then attach this encrypted hash to your message as a digital signature before sending it to the other user. Which protection does the private key-signing activity of this process provide?
Network segmentation
Your network devices are categorized into the following zone types: No-trust zone Low-trust zone Medium-trust zone High-trust zone Your network architecture employs multiple VLANs for each of these network zones. Each zone is separated by a firewall that ensures only specific traffic is allowed. Which of the following is the secure architecture concept that is being used on this network?
Place your networking equipment in a room that requires key card entry. Place your networking equipment in a locked cage.
Your networking closet contains your network routers, switches, bridges, and some servers. You want to make sure an attacker is not able to gain physical access to the equipment in the networking closet. You also want to prevent anyone from reconfiguring the network to set up remote access or backdoor access. Which of the following measures are the best ways to secure your networking equipment from unauthorized physical access? (Select two. Each measure is part of a complete solution.)
User education and training
Your organization has started receiving phishing emails. You suspect that an attacker is attempting to find an employee workstation they can compromise. You know that a workstation can be used as a pivot point to gain access to more sensitive systems. Which of the following is the MOST important aspect of maintaining network security against this type of attack?
Dynamic
Your organization is having a third party come in and perform an audit on the financial records. You want to ensure that the auditor has access to the data they need while keeping the customers' data secure. To accomplish this goal, you plan to implement a mask that replaces the client names and account numbers with fictional data. Which masking method are you implementing?
Configure and apply security policy settings in a mobile device management (MDM) system. Enroll the devices in a mobile device management (MDM) system.
Your organization recently purchased 18 iPad tablets for use by the organization's management team. These devices have iOS pre-installed on them. To increase the security of these devices, you want to apply a default set of security-related configuration settings. What is the BEST approach to take to accomplish this? (Select two. Each option is part of a complete solution.)
App whitelisting
Your organization recently purchased 20 Android tablets for use by the organization's management team. To increase the security of these devices, you want to ensure that only specific apps can be installed. Which of the following would you implement?
Intune
Your organization recently purchased 20 Android tablets for use by the organization's management team. You are using a Windows domain. Which of the following should you use to push security settings to the devices?