In a(n) _______ attack, an Internet Control Message Protocol (ICMP) redirect packet is sent to the victim that asks the host to send its packets to another "router," which is actually a malicious device.

In a(n) _______ attack, an Internet Control Message Protocol (ICMP) redirect packet is sent to the victim that asks the host to send its packets to another "router," which is actually a malicious device.




a. network discovery
b. smurf
c. ICMP redirect
d. ping of death




Answer: C

Which statement describes a limitation of Secure Copy Protocol (SCP)?

Which statement describes a limitation of Secure Copy Protocol (SCP)?




a. SCP can only operate in the Windows environment.
b. SCP cannot encrypt commands.
c. SCP is being replaced by Remote Copy Protocol (RCP).
d. A file transfer cannot be interrupted and then resumed in the same session.





Answer: D

Which protocol is used for file transfers?

Which protocol is used for file transfers?



a. Internet Small Computer System Interface (iSCSI)
b. Network Basic Input/Output System (NetBIOS)
c. Secure Network Management Protocol (SNMP)
d. Secure Copy Protocol (SCP)






Answer: D

Which statement accurately describes a characteristic of FTP Secure (FTPS)?

Which statement accurately describes a characteristic of FTP Secure (FTPS)?



a. FTPS is an entire protocol itself.
b. FTPS is a combination of two technologies (FTP and SSL or TLS).
c. FTPS uses a single TCP port.
d. FTPS encrypts and compresses all data and commands.





Answer: B

TCP/IP uses its own four-layer architecture that includes _______ layers.

TCP/IP uses its own four-layer architecture that includes _______ layers.



a. Network Interface, Internet, Transport, and Application
b. Network Interface, Network, Transport, and Application
c. Network Interface, Internet, Transport, and Authentication
d. Network Interface, Network, Transport, and Authentication






Answer: A

______ is a cryptographic transport algorithm.

______ is a cryptographic transport algorithm.



a. Secure Shell (SSH)
b. Data Encryption Standard (DES)
c. Advanced Encryption Standard (AES)
d. Transport Layer Security (TLS)






Answer: D

What two encryption modes are supported by Internet Protocol Security (IPsec)?

What two encryption modes are supported by Internet Protocol Security (IPsec)?




a. Electronic code book (ECB) and cipher block chaining (CBC)
b. Kerberos and Secure Shell (SSH)
c. Secure Sockets Layer (SSL) and Transport Layer Security (TLS)
d. Transport and tunnel





Answer: D

______ is a protocol suite for securing Internet Protocol (IP) communications.

______ is a protocol suite for securing Internet Protocol (IP) communications.



a. Internet Small Computer System Interface (iSCSI)
b. Internet Control Message Protocol (ICMP)
c. Internet Protocol Security (IPsec)
d. Hypertext Transport Protocol Secure (HTTPS)






Answer: C

Another name for layered security is _______.

Another name for layered security is _______.




a. network separation
b. VPN tunneling
c. Unified threat management (UTM)
d. defense in depth





Answer: D

Which cloud computing service model allows the consumer to install and run their own specialized applications on the cloud computing network without requiring the consumer to manage or configure any of the underlying cloud infrastructure?

Which cloud computing service model allows the consumer to install and run their own specialized applications on the cloud computing network without requiring the consumer to manage or configure any of the underlying cloud infrastructure?



a. Application as a Service (AaaS)
b. Infrastructure as a Service (IaaS)
c. Software as a Service (SaaS)
d. Platform as a Service (PaaS)






Answer: D

Which statement accurately describes IP telephony?

Which statement accurately describes IP telephony?



a. IP telephony requires an increase in infrastructure requirements.
b. IP telephony convergence provides the functionality of managing and supporting a single network for all applications.
c. New IP telephony applications can take a long time to develop.
d. The cost of convergence technologies is high in comparison to startup costs for new traditional telephone equipment.






Answer: B

By using _______________, instead of giving each outgoing packet a different IP address, each packet is given the same IP address but a different TCP port number.

By using _______________, instead of giving each outgoing packet a different IP address, each packet is given the same IP address but a different TCP port number.




a. port address translation (PAT)
b. network access control (NAC)
c. network address translation (NAT)
d. port mirroring





Answer: A

One defense against DoS and DDoS SYN flood attacks is to use a flood guard. A flood guard is a feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack. _________ can be prevented with loop protection.

One defense against DoS and DDoS SYN flood attacks is to use a flood guard. A flood guard is a feature that controls a device's tolerance for unanswered service requests and helps to prevent a DoS attack. _________ can be prevented with loop protection.




a. IP address spoofing
b. Man-in-the-middle attacks
c. Denial of service (DoS) attacks
d. Broadcast storms





Answer: D

A _______________ is a feature that controls a device's tolerance for unanswered service requests and helps to prevent a denial of service (DoS) attack.

A _______________ is a feature that controls a device's tolerance for unanswered service requests and helps to prevent a denial of service (DoS) attack.



a. flood guard
b. virtual local area network (VLAN)
c. network intrusion detection system (NIDS)
d. virtual private network (VPN) concentrator






Answer: A

Which statement accurately describes an access control list characteristic?

Which statement accurately describes an access control list characteristic?






a. Access control lists are efficient.
b. Access control lists are simple to manage in an enterprise setting.
c. The structure behind an access control list table can be complex.
d. Access control lists are used extensively with UNIX systems but not on Windows operating systems.




Answer: C

Which statement represents a best practice for securing router configurations?

Which statement represents a best practice for securing router configurations?




a. Allow remote configuration for dynamic installation in case of an emergency.
b. Store the router configuration on a public network for easy access in case of an emergency.
c. Store the router configuration on a USB drive for compact storage.
d. Perform changes in the router configuration from the console.





Answer: D

What statement accurately describes a best practice for managing a virtual LAN (VLAN)?

What statement accurately describes a best practice for managing a virtual LAN (VLAN)?





a. Configure empty switch ports to connect to a used VLAN.
b. Keep all default VLAN names.
c. Configure the ports on the switch that pass tagged VLAN packets to explicitly forward specific tags.
d. Configure VLANs so that public devices are on a private VLAN.




Answer: C

Which of the following should you deploy within your PKI to provide a method for initially verifying a user's identity so that a certificate may be issued?

Which of the following should you deploy within your PKI to provide a method for initially verifying a user's identity so that a certificate may be issued?




a. Certificate authority (CA)
b. Registration authority (RA)
c. Certificate practice statement (CPS)
d. Certificate registration list (CRL)





Answer: B

Which of the following describes a simple form of social engineering in which an unauthorized individual follows closely behind someone who has authorized physical access to an environment?

Which of the following describes a simple form of social engineering in which an unauthorized individual follows closely behind someone who has authorized physical access to an environment?



a. Tailgating
b. Piggybacking
c. Answers A and B
d. None of the above






Answer: C

Your organization has organized a trade show in the United States. With the goal of increasing revenue, you decide to operate a Wi-Fi hotspot for a fee. Which of the following are reasons your organization could use wireless jamming? (Select all correct answers.)

Your organization has organized a trade show in the United States. With the goal of increasing revenue, you decide to operate a Wi-Fi hotspot for a fee. Which of the following are reasons your organization could use wireless jamming? (Select all correct answers.)





a. To maximize revenue
b. To prevent degraded service
c. To prevent attendees from operating their own Wi-Fi hot spots
d. To prevent attacks




Answer: B & D.

Which of the following statements best describes nonrepudiation?

Which of the following statements best describes nonrepudiation?




a. A set of mathematical rules used in encryption
b. A means of proving that a transaction occurred
c. A method of hiding data in another message
d. A drive technology used for redundancy and performance improvement





Answer: B

Which of the following would be implemented for secure communications when the organization is using an application that authenticates with Active Directory Domain Services (AD DS) through simple BIND?

Which of the following would be implemented for secure communications when the organization is using an application that authenticates with Active Directory Domain Services (AD DS) through simple BIND?



a. TACACS+
b. SAML
c. Secure LDAP
d. XTACACS





Answer: C

Which of the following describes a type of algorithm where data is broken into several units of varying sizes (dependent on algorithm) and encryption is applied to those chunks of data?

Which of the following describes a type of algorithm where data is broken into several units of varying sizes (dependent on algorithm) and encryption is applied to those chunks of data?



a. Symmetric encryption algorithm
b. Elliptic curve
c. Block cipher
d. All of the above





Answer: C

You are conducting a penetration test on an application for a client. The client provides you with no details about the source code and development process. What type of test will you likely be conducting?

You are conducting a penetration test on an application for a client. The client provides you with no details about the source code and development process. What type of test will you likely be conducting?



a. Black box
b. White box
c. Vulnerability
d. Answers A and C




Answer: A

Which one of the following is an indication that a system might contain spyware?

Which one of the following is an indication that a system might contain spyware?



a. The system is slow, especially when browsing the Internet.
b. It takes a long time for the Windows desktop to come up.
c. Clicking a link does nothing or goes to an unexpected website.
d. All of the above.




Answer: D

Which of the following is a non-proprietary protocol that provides authentication and authorization as well as accounting of access requests against a centralized service for authorization of access requests?

Which of the following is a non-proprietary protocol that provides authentication and authorization as well as accounting of access requests against a centralized service for authorization of access requests?




a. TACACS+
b. SAML
c. Secure LDAP
d. XTACACS





Answer: A

Which of the following is a hardware solution typically attached to the circuit board of the system used for greater security protection for processes such as digital signing, mission-critical applications, and businesses where high security is required?

Which of the following is a hardware solution typically attached to the circuit board of the system used for greater security protection for processes such as digital signing, mission-critical applications, and businesses where high security is required?



a. Full disk encryption
b. HSM
c. TPM
d. File-level encryption




Answer: C

Which of the following is not one of the vulnerabilities of LDAP authentication services?

Which of the following is not one of the vulnerabilities of LDAP authentication services?




a. Buffer overflow vulnerabilities can be used to enact arbitrary commands on the LDAP server.
b. Loss of time synchronization between the service, client, and KDC prevents communication.
c. Format string vulnerabilities might result in unauthorized access to enact commands on the LDAP server or impair its normal operation.
d. Improperly formatted requests might be used to create an effective denial-of-service (DoS) attack against the LDAP server.




Answer: B

Which of the following best describes the difference between phishing and whaling?

Which of the following best describes the difference between phishing and whaling?




a. They are the same.
b. Whaling makes use of the voice channel, whereas phishing uses email.
c. Whaling uses SMS, whereas phishing uses email.
d. Whaling is similar to phishing but specifically targets high-profile individuals.



Answer: D

Which of the following best describes a host-based intrusion detection system (HIDS)?

Which of the following best describes a host-based intrusion detection system (HIDS)?




a. Examines the information exchanged between machines
b. Collects and analyzes data that originates on the local machine
c. Controls the information coming in and out of the host machine
d. Attempts to prevent network attacks in real time



Answer: B

Which of the following statements is true about SSL?

Which of the following statements is true about SSL?




a. SSL provides security for both the connection and the data after it is received.
b. SSL only provides security for the connection, not the data after it is received.
c. SSL only provides security for the data when it is received, not the connection.
d. SSL does not provide security for either the connection or the data after it is received.





Answer: B

Which of the following is the most useful when you're dealing with machines that are being taken on the road by traveling executives, sales managers, or insurance agents?

Which of the following is the most useful when you're dealing with machines that are being taken on the road by traveling executives, sales managers, or insurance agents?




a. Full disk encryption
b. File-level encryption
c. Media-level encryption
d. Application-level encryption




Answer: A

Which of the following are advantages of honeypots and honeynets? (Select all correct answers.)

Which of the following are advantages of honeypots and honeynets? (Select all correct answers.)




a. Attackers are diverted to systems that they cannot damage.
b. Administrators are allotted time to decide how to respond to an attack.
c. Attackers' actions can more easily be monitored and resulting steps taken to improve system security.
d. Well-defined legal implications.
e. Provides a structure that requires fewer security administrators.





Answer: B

What type of algorithm is SHA-1?

What type of algorithm is SHA-1?




a. Asymmetric encryption algorithm
b. Digital signature
c. Hashing algorithm
d. Certificate authority





Answer: C

Your organization provides a secure web portal. You discover another portal that mimics your organization's portal look and feel. This portal has a similar URL but is different by one letter. Which of the following are most likely true? (Select two correct answers.)

Your organization provides a secure web portal. You discover another portal that mimics your organization's portal look and feel. This portal has a similar URL but is different by one letter. Which of the following are most likely true? (Select two correct answers.)





a. This is an example of transitive access.
b. This is typo squatting.
c. The site is collecting usernames and passwords.
d. The site is a result of a malicious insider.




Answer: B & C.

An organization has agreed to collaborate on a business project with another organization. Which of the following documents would outline the terms and details of an agreement between parties, including each party's requirements and responsibilities?

An organization has agreed to collaborate on a business project with another organization. Which of the following documents would outline the terms and details of an agreement between parties, including each party's requirements and responsibilities?




a. SLA
b. BPA
c. MOU
d. ISA





Answer: C

You manage a network on which there are mixed vendor devices and are required to implement a strong authentication solution for wireless communications. Which of the following would best meet your requirements?

You manage a network on which there are mixed vendor devices and are required to implement a strong authentication solution for wireless communications. Which of the following would best meet your requirements?



a. EAP
b. WEP
c. LEAP
d. PEAP
a. EAP





Answer: D

Due to organizational requirements strong encryption cannot be used. Which of the following is the most basic form of encryption that can be used on 802.11-based wireless networks to provide privacy of data sent between a wireless client and its access point?

Due to organizational requirements strong encryption cannot be used. Which of the following is the most basic form of encryption that can be used on 802.11-based wireless networks to provide privacy of data sent between a wireless client and its access point?



a. Wireless Application Environment (WAE)
b. Wireless Session Layer (WSL)
c. Wired Equivalent Privacy (WEP)
d. Wireless Transport Layer Security (WTLS)







Answer: C

Which of the following is a security concern when implementing NoSQL databases?

Which of the following is a security concern when implementing NoSQL databases?




a. NoSQL databases do not provide any authentication mechanisms.
b. The NoSQL design uses server-side validation.
c. NoSQL databases lack confidentiality and integrity.
d. NoSQL databases are lacking in areas of scalability and performance.




Answer: C