Security MCQ: August 2017

Archive for August 2017

______ is an IP-based storage networking standard for linking data storage facilities.

a. Internet Small Computer System Interface (iSCSI)
b. Internet Control Message Protocol (ICMP)
c. Simple Network Management Protocol (SNMP)
d. Network Basic Input/Output System (NetBIOS)

Answer: A

An Internet Protocol version 6 (IPv6) address is _______ in length.

a. 128 bits
b. 64 bytes
c. 32 bytes
d. 32 bits

Answer: A

An Internet Protocol version 4 (IPv4) address is _______ in length.

a. 64 bits
b. 64 bytes
c. 32 bytes
d. 32 bits

Answer: D

In a(n) _______ attack, a malformed ICMP ping that exceeds the size of an IP packet is sent to the victim's computer potentially causing the host to crash.

a. network discovery
b. smurf
c. ICMP redirect
d. ping of death

Answer: D

In a(n) _______ attack, an Internet Control Message Protocol (ICMP) redirect packet is sent to the victim that asks the host to send its packets to another "router," which is actually a malicious device.

a. network discovery
b. smurf
c. ICMP redirect
d. ping of death

Answer: C

Communications between different IP devices on a network is handled by one of the core protocols of TCP/IP, namely, _______.

a. Internet Control Message Protocol (ICMP)
b. Network Basic Input/Output System (NetBIOS)
c. Telnet
d. Simple Network Management Protocol (SNMP)

Answer: A

Which statement describes a limitation of Secure Copy Protocol (SCP)?

a. SCP can only operate in the Windows environment.
b. SCP cannot encrypt commands.
c. SCP is being replaced by Remote Copy Protocol (RCP).
d. A file transfer cannot be interrupted and then resumed in the same session.

Answer: D

Which protocol is used for file transfers?

a. Internet Small Computer System Interface (iSCSI)
b. Network Basic Input/Output System (NetBIOS)
c. Secure Network Management Protocol (SNMP)
d. Secure Copy Protocol (SCP)

Answer: D

Which protocol uses TLS and SSL to secure Hypertext Transport Protocol (HTTP) communications between a browser and a web server?

a. FTP Secure (FTPS)
b. Secure Shell (SSH)
c. Hypertext Transport Protocol Secure (HTTPS)
d. Internet Protocol Security (IPsec)

Answer: C

A weakness of FTPS is that although the control port commands are encrypted, the data port (_______) may or may not be encrypted.

a. port 20
b. port 21
c. port 25
d. port 80

Answer: A

Which statement accurately describes a characteristic of FTP Secure (FTPS)?

a. FTPS is an entire protocol itself.
b. FTPS is a combination of two technologies (FTP and SSL or TLS).
c. FTPS uses a single TCP port.
d. FTPS encrypts and compresses all data and commands.

Answer: B

TCP/IP uses its own four-layer architecture that includes _______ layers.

a. Network Interface, Internet, Transport, and Application
b. Network Interface, Network, Transport, and Application
c. Network Interface, Internet, Transport, and Authentication
d. Network Interface, Network, Transport, and Authentication

Answer: A

What is the most common protocol used today for both local area networks (LANs) and the Internet?

a. Transmission Control Protocol/Internet Protocol (TCP/IP)
b. Secure Sockets Layer (SSL)
c. Hypertext Transport Protocol Secure (HTTPS)
d. Domain Name System (DNS)

Answer: A

Which common cryptographic transport algorithm was developed by Netscape in 1994 in response to the growing concern over Internet security?

a. Hypertext Transport Protocol Secure (HTTPS)
b. Secure Shell (SSH)
c. Secure Sockets Layer (SSL)
d. Transport Layer Security (TLS)

Answer: C

______ is a cryptographic transport algorithm.

a. Secure Shell (SSH)
b. Data Encryption Standard (DES)
c. Advanced Encryption Standard (AES)
d. Transport Layer Security (TLS)

Answer: D

A newer secure version of DNS known as _______ allows DNS information to be digitally signed so that an attacker cannot forge DNS information.

a. Domain Name System Security (DNSS)
b. Advanced Domain Name System (ADNS)
c. Domain Name System2 (DNS2)
d. Domain Name System Security Extensions (DNSSEC)

Answer: D

Which protocol is a TCP/IP protocol that resolves (maps) a symbolic name (www.cengage.com) with its corresponding IP address (69.32.133.11)?

a. Internet protocol (IP)
b. Internet Control Message Protocol (ICMP)
c. Domain Name System (DNS)
d. Hypertext Transport Protocol Secure (HTTPS)

Answer: C

_____ is an encrypted alternative to the Telnet protocol that is used to access remote computers.

a. Internet Control Message Protocol (ICMP)
b. Internet Small Computer System Interface (iSCSI)
c. Secure Shell (SSH)
d. Secure Network Management Protocol (SNMP)

Answer: C

Which protocol is used to manage network equipment and is supported by most network equipment manufacturers?

a. Simple Network Management Protocol (SNMP)
b. Internet Control Message Protocol (ICMP)
c. Secure Copy Protocol (SCP)
d. Transmission Control Protocol/Internet Protocol (TCP/IP)

Answer: A

What two encryption modes are supported by Internet Protocol Security (IPsec)?

a. Electronic code book (ECB) and cipher block chaining (CBC)
b. Kerberos and Secure Shell (SSH)
c. Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
d. Transport and tunnel

Answer: D

______ is a protocol suite for securing Internet Protocol (IP) communications.

a. Internet Small Computer System Interface (iSCSI)
b. Internet Control Message Protocol (ICMP)
c. Internet Protocol Security (IPsec)
d. Hypertext Transport Protocol Secure (HTTPS)

Answer: C

Another name for layered security is _______.

a. network separation
b. VPN tunneling
c. Unified threat management (UTM)
d. defense in depth

Answer: D

A _______ cloud is a cloud that is open only to specific organizations that have common concerns.

a. community
b. public
c. hybrid
d. private

Answer: A

A _______________ cloud is a combination of public and private clouds.

a. community
b. hybrid
c. mixed
d. connected

Answer: B

A _______________ cloud is one in which the services and infrastructure are offered to all users with access provided remotely through the Internet.

a. private
b. public
c. hybrid
d. community

Answer: B

A _______________ cloud offers the highest level of security and control.

a. public
b. community
c. private
d. hybrid

Answer: C

Which cloud computing service model provides the customer the highest level of control?

a. Application as a Service (AaaS)
b. Software as a Service (SaaS)
c. Platform as a Service (PaaS)
d. Infrastructure as a Service (IaaS)

Answer: D

In the _______________ model, the cloud computing vendor provides access to the vendor's software applications running on a cloud infrastructure.

a. Infrastructure as a Service (IaaS)
b. Application as a Service (AaaS)
c. Software as a Service (SaaS)
d. Platform as a Service (PaaS)

Answer: C

Which cloud computing service model allows the consumer to install and run their own specialized applications on the cloud computing network without requiring the consumer to manage or configure any of the underlying cloud infrastructure?

a. Application as a Service (AaaS)
b. Infrastructure as a Service (IaaS)
c. Software as a Service (SaaS)
d. Platform as a Service (PaaS)

Answer: D

Which term refers to a pay-per-use computing model in which customers pay only for the online computing resources they need?

a. Host computing
b. Cloud computing
c. Patch computing
d. Server computing

Answer: B

Which term refers to the expansion and contraction of random access memory (RAM) or hard drive space as needed?

a. On-demand computing
b. Host computing
c. Host availability
d. Host elasticity

Answer: D

In _______________ virtualization, an entire operating system environment is simulated.

a. host
b. network
c. application
d. cloud

Answer: A

Which term describes a means of managing and presenting computer resources by function without regard to their physical layout or location?

a. Port mirroring
b. Virtualization
c. Cloud computing
d. Virtual LAN (VLAN) management

Answer: B

The goal of _______________ is to prevent computers with suboptimal security from potentially infecting other computers through the network.

a. network access control (NAC)
b. virtualization
c. captive portals
d. port security

Answer: A

Which statement accurately describes IP telephony?

a. IP telephony requires an increase in infrastructure requirements.
b. IP telephony convergence provides the functionality of managing and supporting a single network for all applications.
c. New IP telephony applications can take a long time to develop.
d. The cost of convergence technologies is high in comparison to startup costs for new traditional telephone equipment.

Answer: B

Which term describes the concept of using a data based IP network to add digital voice clients and new voice applications onto the IP network?

a. IP telephony
b. Virtualization
c. Loop protection
d. Captive portals

Answer: A

______ refers to any combination of hardware and software that enables remote users to access a local internal network.

a. Virtual LAN (VLAN) management
b. Cloud computing
c. Unified threat management (UTM)
d. Remote access

Answer: D

By using _______________, instead of giving each outgoing packet a different IP address, each packet is given the same IP address but a different TCP port number.

a. port address translation (PAT)
b. network access control (NAC)
c. network address translation (NAT)
d. port mirroring

Answer: A

Which term describes a technique that allows private IP addresses to be used on the public Internet?

a. Network address translation (NAT)
b. Port address translation (PAT)
c. Network access control (NAC)
d. Loop protection

Answer: A

Segmenting a network by separating devices into logical groups is known as creating a _______________.

a. cloud
b. virtual LAN (VLAN)
c. flood guard
d. unified threat management (UTM) system

Answer: B

_ switches reside at the top of the hierarchy and carry traffic between switches, while _________ switches are connected directly to the devices on the network.

a. Workgroup; core
b. Core; workgroup
c. Public; private
d. Private; public

Answer: B

Networks are usually segmented by using _______________ to divide the network into a hierarchy.

a. hubs
b. routers
c. switches
d. proxies

Answer: C

With subnetting, rather than simply having networks and hosts, networks can effectively be divided into three parts: _______________.

a. network, subnet, and port
b. port, subnet, and IP address
c. network, port, and host
d. network, subnet, and host

Answer: D

Allowing an IP address to be split anywhere within its 32 bits is known as _______________.

a. splitting
b. spanning
c. subnetting
d. IP spraying

Answer: C

A _____ functions as a separate network that rests outside the secure network perimeter.

a. gateway
b. segment
c. virtual private network (VPN)
d. demilitarized zone (DMZ)

Answer: D

An integrated device that combines several security functions is called a(n) _______________ security product.

a. demilitarized zone (DMZ)
b. unified threat management (UTM)
c. virtual private network (VPN)
d. application-aware IPS

Answer: B

What item is considered to be the biggest obstacle to log management?

a. Offsite storage accessibility
b. Very large volume of data
c. Multiple devices generating logs
d. Different log formats

Answer: D

A security _______________ log can provide details regarding requests for specific files on a system.

a. event
b. administration
c. audit
d. access

Answer: D

One way to provide network separation is to physically separate users by connecting them to different _______________.

a. switches and routers
b. hubs
c. mirrored ports
d. operating systems

Answer: A

_____________ in access control means that if a condition is not explicitly met, the request for access is rejected.

a. Static allow
b. Explicit allow
c. Implicit deny
d. Dynamic deny

Answer: C

Loop protection uses the _______________ standard spanning-tree algorithm (STA).

a. IEEE 801.2d
b. IEEE 802.3
c. IEEE 802.11n
d. IEEE 802.1d

Answer: D

One defense against DoS and DDoS SYN flood attacks is to use a flood guard. A flood guard is a feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack. _________ can be prevented with loop protection.

a. IP address spoofing
b. Man-in-the-middle attacks
c. Denial of service (DoS) attacks
d. Broadcast storms

Answer: D

A _______________ is a feature that controls a device's tolerance for unanswered service requests and helps to prevent a denial of service (DoS) attack.

a. flood guard
b. virtual local area network (VLAN)
c. network intrusion detection system (NIDS)
d. virtual private network (VPN) concentrator

Answer: A

The IEEE 802.1x standard provides the highest degree of port security by implementing port-based _______________.

a. encryption
b. authentication
c. auditing
d. integrity

Answer: B

Ports can be secured through disabling unused interfaces, using _______________, and through IEEE 802.1x.

a. media access control (MAC) limiting and filtering
b. virtual private network (VPN) tunneling
c. packet sniffers
d. virtual local area networks (VLANs)

Answer: A

Which statement accurately describes an access control list characteristic?

a. Access control lists are efficient.
b. Access control lists are simple to manage in an enterprise setting.
c. The structure behind an access control list table can be complex.
d. Access control lists are used extensively with UNIX systems but not on Windows operating systems.

Answer: C

Which statement represents a best practice for securing router configurations?

a. Allow remote configuration for dynamic installation in case of an emergency.
b. Store the router configuration on a public network for easy access in case of an emergency.
c. Store the router configuration on a USB drive for compact storage.
d. Perform changes in the router configuration from the console.

Answer: D

What statement accurately describes a best practice for managing a virtual LAN (VLAN)?

a. Configure empty switch ports to connect to a used VLAN.
b. Keep all default VLAN names.
c. Configure the ports on the switch that pass tagged VLAN packets to explicitly forward specific tags.
d. Configure VLANs so that public devices are on a private VLAN.

Answer: C

Within a firewall rule, the _______________ describes the TCP/IP port number being used to send packets of data through.

a. source port
b. destination port
c. source address
d. destination address

Answer: A

Each firewall rule is essentially a separate instruction with a(n) _______________ construction.

a. FOR-EACH
b. DO-UNTIL
c. IF-THEN
d. WHILE-DO

Answer: C

Which of the following is not an example of the principles of influence used in social engineering attacks?

a. Authority
b. Intimidation
c. Scarcity and urgency
d. Authenticity and authorization
e. Trust

Answer: D

Which of the following should you deploy within your PKI to provide a method for initially verifying a user's identity so that a certificate may be issued?

a. Certificate authority (CA)
b. Registration authority (RA)
c. Certificate practice statement (CPS)
d. Certificate registration list (CRL)

Answer: B

Which of the three principles of security is supported by an offsite tape backup system?

a. Confidentiality
b. Integrity
c. Availability
d. Sanitization

Answer: C

Which of the following describes a simple form of social engineering in which an unauthorized individual follows closely behind someone who has authorized physical access to an environment?

a. Tailgating
b. Piggybacking
c. Answers A and B
d. None of the above

Answer: C

What is the minimum number of drives necessary to provide a RAID 5 redundant with distributed parity disk array?

a. 1
b. 2
c. 3
d. 5

Answer: C

Your organization has organized a trade show in the United States. With the goal of increasing revenue, you decide to operate a Wi-Fi hotspot for a fee. Which of the following are reasons your organization could use wireless jamming? (Select all correct answers.)

a. To maximize revenue
b. To prevent degraded service
c. To prevent attendees from operating their own Wi-Fi hot spots
d. To prevent attacks

Answer: B & D.

Which of the following is a cloud-based security solution mainly found in private data centers?

a. VPC
b. HSM
c. TPM
d. PKI

Answer: A

Which of the following provides government-grade security by implementing the AES encryption algorithm and 802.1X-based authentication?

a. WPA2
b. WEP
c. WPA
d. WAP

Answer: A

Which of the following statements best describes nonrepudiation?

a. A set of mathematical rules used in encryption
b. A means of proving that a transaction occurred
c. A method of hiding data in another message
d. A drive technology used for redundancy and performance improvement

Answer: B

Which of the following does not describe techniques for assessing threats and vulnerabilities?

a. Understanding attack surface
b. Baseline reporting
c. Reviews of architecture, design, and code
d. System hardening

Answer: D

Which of the following would best mitigate the risks associated with allowing organizational network access required by the terms of a joint project with a business partner?

a. Captive portal
b. Access control lists
c. Network segmentation
d. Log analysis

Answer: C

Which of the following would be implemented for secure communications when the organization is using an application that authenticates with Active Directory Domain Services (AD DS) through simple BIND?

a. TACACS+
b. SAML
c. Secure LDAP
d. XTACACS

Answer: C

Which one of the following controls are physical security measures? (Select all correct answers.)

a. Motion detector
b. Antivirus software
c. CCTV
d. Fence

Answer: A, C & D.

Buffer overflows, format string vulnerabilities, and utilization of shell-escape codes can be mitigated by which of the following practices?

a. Fuzzing
b. Testing
c. Input validation
d. Browser initiated token request

Answer: C

Which of the following are used to verify the status of a certificate? (Select two correct answers.)

a. OCSP
b. CRL
c. OSPF
d. ACL

Answer: A & B.

What is the last step in the access control process?

a. Identification
b. Authentication
c. Authorization
d. Access control

Answer: D

Which of the following is the best measure to prevent divulging sensitive information through dumpster diving? (Select two correct answers.)

a. A firewall
b. Antivirus software
c. Proper disposal policy
d. Training and awareness

Answer: C & D.

Which form of media sanitization might be required for flash-based solid state drives to be considered fully sanitized?

a. Declassification
b. Degaussing
c. Destruction
d. Overwriting

Answer: C

Which of the following describes a type of algorithm where data is broken into several units of varying sizes (dependent on algorithm) and encryption is applied to those chunks of data?

a. Symmetric encryption algorithm
b. Elliptic curve
c. Block cipher
d. All of the above

Answer: C

In which of the following types of fuzzing are forged packets sent to the tested application and then replayed?

a. Application fuzzing
b. Protocol fuzzing
c. File format fuzzing
d. Web page fuzzing

Answer: B

When a certificate authority revokes a certificate, notice of the revocation is distributed via what?

a. Certificate revocation list
b. Certificate policy
c. Digital signature
d. Certificate practice statement

Answer: A

Which of the following would be used to detect unauthorized or unintentional access or escalation of privileges?

a. Change management
b. Incident management
c. Auditing
d. Data-loss prevention

Answer: C

Which of the following is the most effective method that can be used to prevent data from being accessed in the event the device is lost or stolen?

a. GPS tracking
b. Device encryption
c. Remote wipe
d. Passcode policy

Answer: B

Which type of power variation includes short-term decreases in voltage levels?

a. Spikes
b. Surges
c. Brownouts
d. Blackouts

Answer: C

You are conducting a penetration test on an application for a client. The client provides you with no details about the source code and development process. What type of test will you likely be conducting?

a. Black box
b. White box
c. Vulnerability
d. Answers A and C

Answer: A

Which of the following models is useful for individuals and businesses that want to have the right to access a certain application without having to purchase a full license?

a. PaaS
b. IaaS
c. SaaS
d. DaaS

Answer: C

Which one of the following is an indication that a system might contain spyware?

a. The system is slow, especially when browsing the Internet.
b. It takes a long time for the Windows desktop to come up.
c. Clicking a link does nothing or goes to an unexpected website.
d. All of the above.

Answer: D

Which of the following provide a "sandboxed" system that can be used to investigate malware?

a. Virtualization
b. Network storage
c. Host software baselining
d. Application baselining

Answer: A

The new biometric authentication system has been identified as having a high FAR. What does this mean?

a. Authorized users are being allowed access.
b. Unauthorized users are being allowed access.
c. Authorized users are being denied access.
d. Unauthorized users are being denied access.

Answer: B

Which of the following is a non-proprietary protocol that provides authentication and authorization as well as accounting of access requests against a centralized service for authorization of access requests?

a. TACACS+
b. SAML
c. Secure LDAP
d. XTACACS

Answer: A

Which of the following is a hardware solution typically attached to the circuit board of the system used for greater security protection for processes such as digital signing, mission-critical applications, and businesses where high security is required?

a. Full disk encryption
b. HSM
c. TPM
d. File-level encryption

Answer: C

Which of the following types of attacks is characterized by client-side vulnerabilities presented by ActiveX or JavaScript code running within the client's browser?

a. Buffer overflow
b. Cross-site request forgery (XSRF)
c. Cross-Site Scripting (XSS)
d. Input validation error

Answer: C

Which of the following is not one of the vulnerabilities of LDAP authentication services?

a. Buffer overflow vulnerabilities can be used to enact arbitrary commands on the LDAP server.
b. Loss of time synchronization between the service, client, and KDC prevents communication.
c. Format string vulnerabilities might result in unauthorized access to enact commands on the LDAP server or impair its normal operation.
d. Improperly formatted requests might be used to create an effective denial-of-service (DoS) attack against the LDAP server.

Answer: B

Which password standard provides the best opportunity to detect and react to a high-speed, brute-force password attack?

a. Password length
b. Account lockout
c. Password expiration
d. Logon banner

Answer: B

Which form of access control relies on labels for access control management?

a. MAC
b. DAC
c. Role-based (RBAC)
d. Rule-based (RBAC)

Answer: A

Which of the following is not focused on recovering after loss of function?

a. RTO
b. DRP
c. RPO
d. BCP

Answer: D

Which of the following best describes the difference between phishing and whaling?

a. They are the same.
b. Whaling makes use of the voice channel, whereas phishing uses email.
c. Whaling uses SMS, whereas phishing uses email.
d. Whaling is similar to phishing but specifically targets high-profile individuals.

Answer: D

Which of the following best describes a host-based intrusion detection system (HIDS)?

a. Examines the information exchanged between machines
b. Collects and analyzes data that originates on the local machine
c. Controls the information coming in and out of the host machine
d. Attempts to prevent network attacks in real time

Answer: B

Which of the following services/protocols operate on port 22?

a. DNS
b. HTTPS
c. SSH
d. RDP

Answer: C

Which of the following algorithms is now known as the Advanced Encryption Standard (AES)?

a. Rijndael
b. 3DES
c. RC6
d. Twofish

Answer: A

Which of the following is the length of time a device or product is expected to last in operation?

a. RTO
b. MTBF
c. RPO
d. MTTF

Answer: D

Which of the following is commonly used in the banking sector to secure numerous large bulk transactions?

a. Full disk encryption
b. HSM
c. TPM
d. File-level encryption

Answer: B

Which utility allows the identification of all devices conducting network traffic both to and from a network segment?

a. Port scanner
b. Vulnerability scanner
c. Protocol analyzer
d. Network mapper

Answer: C

Which of the following is widely used as a controlled access measure in businesses that offer free Wi-Fi hotspots to Internet users such as hotels and restaurants?

a. Captive portal
b. Site survey
c. VPN (over open wireless)
d. Omnidirectional antenna

Answer: A

Which of the following statements is true about SSL?

a. SSL provides security for both the connection and the data after it is received.
b. SSL only provides security for the connection, not the data after it is received.
c. SSL only provides security for the data when it is received, not the connection.
d. SSL does not provide security for either the connection or the data after it is received.

Answer: B

What is the minimal level of alternative site that includes live networking?

a. Cold
b. Warm
c. Hot
d. Remote

Answer: B

If an asset is valued at 100,000, the threat exposure factor of a risk affecting that asset is 25%, and the annualized rate of occurrence is 20%, what is the ALE?

a. $5,000
b. $20,000
c. $25,000
d. $45,000

Answer: A

Which type of biometric authentication system is not subject to false rejection due to illness or minor injury?

a. Fingerprint
b. Voiceprint
c. Facial recognition
d. Retina

Answer: C

Which of the following is the most useful when you're dealing with machines that are being taken on the road by traveling executives, sales managers, or insurance agents?

a. Full disk encryption
b. File-level encryption
c. Media-level encryption
d. Application-level encryption

Answer: A

You are setting up a switched network in which each department requires a logical separation. Which of the following meets these requirements?

a. DMZ
b. VPN
c. VLAN
d. NAT

Answer: C

A certificate authority discovers it has issued a digital certificate to the wrong person. What needs to be completed?

a. Certificate practice statement (CPS)
b. Revocation
c. Private key compromise
d. Fraudulent practices statement (FPS)

Answer: B

Which of the following is a method that can be used to prevent data from being accessed in the event the device is lost or stolen?

a. GPS tracking
b. Voice encryption
c. Remote wipe
d. Asset tracking

Answer: C

Which of the following provides the output for an example of banner grabbing?

a. http://www.example.com/index.htm
b. This is a government computer system. Authorized access only.
c. Server Apache 2.0.46 (Red Hat Linux)
d. Welcome to our FTP site

Answer: C

Which of the following should be implemented if the organization wants to monitor unauthorized transfers of confidential information?

a. Content inspection
b. Proxy server
c. Protocol analyzer
d. Packet-filtering firewall

Answer: A

Which of the following is not a common quality of quantitative risk analysis?

a. Difficult for management to understand
b. Less precise
c. Labor intensive
d. Time-consuming

Answer: B

What is a potential concern to weaker encryption algorithms as time goes on? (Select the best answer.)

a. Performance of the algorithm worsens over time
b. Keys generated by users start to repeat on other users' systems
c. Hackers using distributed computing might be able to finally crack algorithms.
d. All options are correct.

Answer: C

Which of the following types of cloud computing is designed to meet industry-specific needs such as healthcare, public sector, or energy?

a. Public
b. Private
c. Hybrid
d. Community

Answer: D

Which of the following are types of updates applied to systems? (Select all correct answers.)

a. Hotfix
b. Service packs
c. Patches
d. Coldfix

Answer: A, B & C.

A CA with multiple subordinate CAs would use which of the following PKI trust models?

a. Cross-certified
b. Hierarchical
c. Bridge
d. Linked

Answer: C

You are setting up an FTP server that needs to be accessed by both the employees and external contractors. What type of architecture should you implement?

a. VLAN
b. DMZ
c. NAT
d. VPN

Answer: A, B & C.

Which of the following are advantages of honeypots and honeynets? (Select all correct answers.)

a. Attackers are diverted to systems that they cannot damage.
b. Administrators are allotted time to decide how to respond to an attack.
c. Attackers' actions can more easily be monitored and resulting steps taken to improve system security.
d. Well-defined legal implications.
e. Provides a structure that requires fewer security administrators.

Answer: B

Which of the following is a term describing the process of registering an asset and provisioning the asset so it can be used to access the corporate network?

a. Mobile application management
b. Onboarding
c. Mobile device management
d. Device access controls

Answer: B

Which of the following is not a certificate trust model for the arranging of certificate authorities?

a. Bridge CA architecture
b. Sub-CA architecture
c. Single-CA architecture
d. Hierarchical CA architecture

Answer: B

Which one of the following best identifies the system of digital certificates and certification authorities used in public key technology?

a. Certificate practice system (CPS)
b. Public key exchange (PKE)
c. Certificate practice statement (CPS)
d. Public key infrastructure (PKI)

Answer: D

Which of the following is true of Pretty Good Privacy (PGP)? (Select the two best answers.)

a. It uses a web of trust.
b. It uses a hierarchical structure.
c. It uses public key encryption.
d. It uses private key encryption.

Answer: A & C.

What type of algorithm is SHA-1?

a. Asymmetric encryption algorithm
b. Digital signature
c. Hashing algorithm
d. Certificate authority

Answer: C

Your organization provides a secure web portal. You discover another portal that mimics your organization's portal look and feel. This portal has a similar URL but is different by one letter. Which of the following are most likely true? (Select two correct answers.)

a. This is an example of transitive access.
b. This is typo squatting.
c. The site is collecting usernames and passwords.
d. The site is a result of a malicious insider.

Answer: B & C.

Which is the best access control constraint to protect against accidental unauthorized access?

a. Implicit denial
b. Least privilege
c. Separation of duties
d. Account expiration

Answer: A

Which category of authentication includes your ATM card?

a. Something you are
b. Something you do
c. Somewhere you are
d. Something you have

Answer: D

If Bob wants to send a secure message to Val using public key encryption without sender validation, what does Val need?

a. Bob's private key
b. Bob's public key
c. Val's private key
d. Val's public key

Answer: C

Which of the following is the most useful when you're dealing with data that is stored in a shared cloud environment?

a. Full disk encryption
b. File-level encryption
c. Media-level encryption
d. Application-level encryption

Answer: D

Which of the following is the formal process of assessing risk involved in discarding particular information?

a. Sanitization
b. Declassification
c. Degaussing
d. Overwriting

Answer: B

An organization is looking for a basic mobile solution which will be used to prevent unauthorized access to users' phones. Which of the following fulfills this requirement?

a. GPS tracking
b. Voice encryption
c. Remote wipe
d. Passcode policy

Answer: D

Which of the following applications should be used to properly protect a host from malware? (Select two correct answers.)

a. Antispam software
b. Antivirus software
c. Content-filtering software
d. Web-tracking software

Answer: A & B.

In which of the following phases should code security first be implemented?

a. Testing
b. Review
c. Implementation
d. Design

Answer: D

An organization has had a rash of malware infections. Which of the following can help mitigate the number of successful attacks?

a. Application baselining
b. Patch management
c. Network monitoring
d. Input validation

Answer: B

An organization has agreed to collaborate on a business project with another organization. Which of the following documents would outline the terms and details of an agreement between parties, including each party's requirements and responsibilities?

a. SLA
b. BPA
c. MOU
d. ISA

Answer: C

Which of the following best describes why a requesting device might believe that incoming ARP replies are from the correct devices?

a. ARP requires validation.
b. ARP does not require validation.
c. ARP is connection oriented.
d. ARP is connectionless.

Answer: B

A man-in-the-middle attack takes advantage of which of the following?

a. TCP handshake
b. UDP handshake
c. Juggernaut
d. All of the above

Answer: A

What aspect of disaster recovery planning details training requirements for managers, administrators, and users?

a. Impact and risk assessment
b. Disaster recovery plan
c. Disaster recovery policies
d. Service level agreements

Answer: B

Which element of business continuity planning (BCP) is most concerned with hot-site/cold-site planning?

a. Network connectivity
b. Facilities
c. Clustering
d. Fault tolerance

Answer: B

A video surveillance system is a form of which type of access control?

a. Quantitative
b. Management
c. Technical
d. Physical

Answer: D

Which risk management response is being implemented when a company decides to close a little-used legacy web application identified as vulnerable to SQL Injection?

a. Acceptance
b. Avoidance
c. Mitigation
d. Transference

Answer: B

Which of the following makes it difficult for an eavesdropper to spot patterns and contains a message integrity method to ensure that messages have not been tampered with?

a. ICMP
b. CCMP
c. WEP
d. LEAP

Answer: B

You manage a network on which there are mixed vendor devices and are required to implement a strong authentication solution for wireless communications. Which of the following would best meet your requirements?

a. EAP
b. WEP
c. LEAP
d. PEAP
a. EAP

Answer: D

Which of the following is considered best practice when formulating minimum standards for developing password policies?

a. Password length set to 6 characters
b. Require password change at 90 days
c. Maximum password age set to zero
d. Account lockout threshold set to zero

Answer: B

Which of the following methods of cloud computing enables the client to literally outsource everything that would normally be in a typical IT department?

a. SaaS
b. DaaS
c. PaaS
d. IaaS

Answer: D

Due to organizational requirements strong encryption cannot be used. Which of the following is the most basic form of encryption that can be used on 802.11-based wireless networks to provide privacy of data sent between a wireless client and its access point?

a. Wireless Application Environment (WAE)
b. Wireless Session Layer (WSL)
c. Wired Equivalent Privacy (WEP)
d. Wireless Transport Layer Security (WTLS)

Answer: C

Which risk reduction policy does not aid in identifying internal fraud?

a. Mandatory vacations
b. Least privilege
c. Separation of duties
d. Job rotation

Answer: B

If an organization takes a full backup every Sunday morning and a daily differential backup each morning, what is the fewest number of backups that must be restored following a disaster on Friday?

a. 1
b. 2
c. 5
d. 6

Answer: B

Bluejacking and bluesnarfing make use of which wireless technology?

a. Wi-Fi
b. Bluetooth
c. Blu-Fi
d. All of the above

Answer: D

Which one of the following is a holding area between two entry points that gives security personnel time to view a person before allowing him into the internal building?

a. Mantrap
b. Biometric
c. Honeypot
d. Honeynet

Answer: A

Which of the following is a security concern when implementing NoSQL databases?

a. NoSQL databases do not provide any authentication mechanisms.
b. The NoSQL design uses server-side validation.
c. NoSQL databases lack confidentiality and integrity.
d. NoSQL databases are lacking in areas of scalability and performance.

Answer: C

Which of the following methods can be used to locate a device in the event it is lost or stolen?

a. GPS tracking
b. Voice encryption
c. Remote wipe
d. Passcode policy

Answer: A

______ is an IP-based storage networking standard for linking data storage facilities.

An Internet Protocol version 6 (IPv6) address is _______ in length.

An Internet Protocol version 4 (IPv4) address is _______ in length.

In a(n) _______ attack, a malformed ICMP ping that exceeds the size of an IP packet is sent to the victim's computer potentially causing the host to crash.

In a(n) _______ attack, an Internet Control Message Protocol (ICMP) redirect packet is sent to the victim that asks the host to send its packets to another "router," which is actually a malicious device.

Communications between different IP devices on a network is handled by one of the core protocols of TCP/IP, namely, _______.

Which statement describes a limitation of Secure Copy Protocol (SCP)?

Which protocol is used for file transfers?

Which protocol uses TLS and SSL to secure Hypertext Transport Protocol (HTTP) communications between a browser and a web server?

A weakness of FTPS is that although the control port commands are encrypted, the data port (_______) may or may not be encrypted.

Which statement accurately describes a characteristic of FTP Secure (FTPS)?

TCP/IP uses its own four-layer architecture that includes _______ layers.

What is the most common protocol used today for both local area networks (LANs) and the Internet?

Which common cryptographic transport algorithm was developed by Netscape in 1994 in response to the growing concern over Internet security?

______ is a cryptographic transport algorithm.

A newer secure version of DNS known as _______ allows DNS information to be digitally signed so that an attacker cannot forge DNS information.

Which protocol is a TCP/IP protocol that resolves (maps) a symbolic name (www.cengage.com) with its corresponding IP address (69.32.133.11)?

_____ is an encrypted alternative to the Telnet protocol that is used to access remote computers.

Which protocol is used to manage network equipment and is supported by most network equipment manufacturers?

What two encryption modes are supported by Internet Protocol Security (IPsec)?

______ is a protocol suite for securing Internet Protocol (IP) communications.

Another name for layered security is _______.

A _______ cloud is a cloud that is open only to specific organizations that have common concerns.

A _______________ cloud is a combination of public and private clouds.

A _______________ cloud is one in which the services and infrastructure are offered to all users with access provided remotely through the Internet.

A _______________ cloud offers the highest level of security and control.

Which cloud computing service model provides the customer the highest level of control?

In the _______________ model, the cloud computing vendor provides access to the vendor's software applications running on a cloud infrastructure.

Which cloud computing service model allows the consumer to install and run their own specialized applications on the cloud computing network without requiring the consumer to manage or configure any of the underlying cloud infrastructure?

Which term refers to a pay-per-use computing model in which customers pay only for the online computing resources they need?

Which term refers to the expansion and contraction of random access memory (RAM) or hard drive space as needed?

In _______________ virtualization, an entire operating system environment is simulated.

Which term describes a means of managing and presenting computer resources by function without regard to their physical layout or location?

The goal of _______________ is to prevent computers with suboptimal security from potentially infecting other computers through the network.

Which statement accurately describes IP telephony?

Which term describes the concept of using a data based IP network to add digital voice clients and new voice applications onto the IP network?

______ refers to any combination of hardware and software that enables remote users to access a local internal network.

By using _______________, instead of giving each outgoing packet a different IP address, each packet is given the same IP address but a different TCP port number.

Which term describes a technique that allows private IP addresses to be used on the public Internet?

Segmenting a network by separating devices into logical groups is known as creating a _______________.

_______ switches reside at the top of the hierarchy and carry traffic between switches, while _______________ switches are connected directly to the devices on the network.

Networks are usually segmented by using _______________ to divide the network into a hierarchy.

With subnetting, rather than simply having networks and hosts, networks can effectively be divided into three parts: _______________.

Allowing an IP address to be split anywhere within its 32 bits is known as _______________.

A _____ functions as a separate network that rests outside the secure network perimeter.

An integrated device that combines several security functions is called a(n) _______________ security product.

What item is considered to be the biggest obstacle to log management?

A security _______________ log can provide details regarding requests for specific files on a system.

One way to provide network separation is to physically separate users by connecting them to different _______________.

_____________ in access control means that if a condition is not explicitly met, the request for access is rejected.

Loop protection uses the _______________ standard spanning-tree algorithm (STA).

One defense against DoS and DDoS SYN flood attacks is to use a flood guard. A flood guard is a feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack. _________ can be prevented with loop protection.

A _______________ is a feature that controls a device's tolerance for unanswered service requests and helps to prevent a denial of service (DoS) attack.

The IEEE 802.1x standard provides the highest degree of port security by implementing port-based _______________.

Ports can be secured through disabling unused interfaces, using _______________, and through IEEE 802.1x.

Which statement accurately describes an access control list characteristic?

Which statement represents a best practice for securing router configurations?

What statement accurately describes a best practice for managing a virtual LAN (VLAN)?

Within a firewall rule, the _______________ describes the TCP/IP port number being used to send packets of data through.

Each firewall rule is essentially a separate instruction with a(n) _______________ construction.

Which of the following is not an example of the principles of influence used in social engineering attacks?

Which of the following should you deploy within your PKI to provide a method for initially verifying a user's identity so that a certificate may be issued?

Which of the three principles of security is supported by an offsite tape backup system?

Which of the following describes a simple form of social engineering in which an unauthorized individual follows closely behind someone who has authorized physical access to an environment?

What is the minimum number of drives necessary to provide a RAID 5 redundant with distributed parity disk array?

Your organization has organized a trade show in the United States. With the goal of increasing revenue, you decide to operate a Wi-Fi hotspot for a fee. Which of the following are reasons your organization could use wireless jamming? (Select all correct answers.)

Which of the following is a cloud-based security solution mainly found in private data centers?

Which of the following provides government-grade security by implementing the AES encryption algorithm and 802.1X-based authentication?

Which of the following statements best describes nonrepudiation?

Which of the following does not describe techniques for assessing threats and vulnerabilities?

Which of the following would best mitigate the risks associated with allowing organizational network access required by the terms of a joint project with a business partner?

Which of the following would be implemented for secure communications when the organization is using an application that authenticates with Active Directory Domain Services (AD DS) through simple BIND?

Which one of the following controls are physical security measures? (Select all correct answers.)

Buffer overflows, format string vulnerabilities, and utilization of shell-escape codes can be mitigated by which of the following practices?

_ switches reside at the top of the hierarchy and carry traffic between switches, while _________ switches are connected directly to the devices on the network.