Which of the following pseudocodes can be used to handle program exceptions?

Which of the following pseudocodes can be used to handle program exceptions?



A. If program detects another instance of itself, then kill program instance.

B. If user enters invalid input, then restart program.

C. If program module crashes, then restart program module.

D. If user's input exceeds buffer length, then truncate the input.



Answer: C

Which of the following could cause a browser to display the message below? "The security certificate presented by this website was issued for a different website's address."

Which of the following could cause a browser to display the message below? "The security certificate presented by this website was issued for a different website's address."



A. The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs.

B. The website is using a wildcard certificate issued for the company's domain.

C. HTTPS://127.0.01 was used instead of HTTPS://localhost.

D. The website is using an expired self-signed certificate.




Answer: C

Which of the following would Pete, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers?

Which of the following would Pete, a security administrator, MOST likely implement in order to allow employees to have secure remote access to certain internal network services such as file servers?



A. Packet filtering firewall

B. VPN gateway

C. Switch

D. Router



Answer: B

Matt, the security administrator, notices a large number of alerts on the NIDS. Upon further inspection, it is determined that no attack has really taken place. This is an example of a:

Matt, the security administrator, notices a large number of alerts on the NIDS. Upon further inspection, it is determined that no attack has really taken place. This is an example of a:




A. false negative.

B. true negative.

C. false positive.

D. true positive.




Answer: C

An encrypted message is sent using PKI from Sara, a client, to a customer. Sara claims she never sent the message. Which of the following aspects of PKI BEST ensures the identity of the sender?

An encrypted message is sent using PKI from Sara, a client, to a customer. Sara claims she never sent the message. Which of the following aspects of PKI BEST ensures the identity of the sender?



A. CRL

B. Non-repudiation

C. Trust models

D. Recovery agents




Answer: B

Sara, a company's security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Sara should immediately implement which of the following?

Sara, a company's security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Sara should immediately implement which of the following?



A. Acceptable Use Policy

B. Physical security controls

C. Technical controls

D. Security awareness training


Answer: D

Matt, a developer, recently attended a workshop on a new application. The developer installs the new application on a production system to test the functionality. Which of the following is MOST likely affected?

Matt, a developer, recently attended a workshop on a new application. The developer installs the new application on a production system to test the functionality. Which of the following is MOST likely affected?



A. Application design

B. Application security

C. Initial baseline configuration

D. Management of interfaces



Answer: C

After Matt, a user enters his username and password at the login screen of a web enabled portal, the following appears on his screen:

After Matt, a user enters his username and password at the login screen of a web enabled portal, the following appears on his screen:


`Please only use letters and numbers on these fields'

Which of the following is this an example of?


A. Proper error handling

B. Proper input validation

C. Improper input validation

D. Improper error handling




Answer: B

An administrator wants to minimize the amount of time needed to perform backups during the week. It is also acceptable to the administrator for restoration to take an extended time frame. Which of the following strategies would the administrator MOST likely implement?

An administrator wants to minimize the amount of time needed to perform backups during the week. It is also acceptable to the administrator for restoration to take an extended time frame. Which of the following strategies would the administrator MOST likely implement?




A. Full backups on the weekend and incremental during the week.

B. Full backups on the weekend and full backups every day.

C. Incremental backups on the weekend and differential backups every day.

D. Differential backups on the weekend and full backups every day.


Answer: A

A system administrator is using a packet sniffer to troubleshoot remote authentication. The administrator detects a device trying to communicate to TCP port 49. Which of the following authentication methods is MOST likely being attempted?

A system administrator is using a packet sniffer to troubleshoot remote authentication. The administrator detects a device trying to communicate to TCP port 49. Which of the following authentication methods is MOST likely being attempted?



A. RADIUS

B. TACACS+

C. Kerberos

D. LDAP


Answer: B

Why is it important for a penetration tester to have established an agreement with management as to which systems and processes are allowed to be tested?

Why is it important for a penetration tester to have established an agreement with management as to which systems and processes are allowed to be tested?





A. Penetration test results are posted publicly, and some systems tested may contain corporate secrets.

B. Penetration testers always need to have a comprehensive list of servers, operating systems, IP subnets, and department personnel prior to ensure a complete test.

C. Having an agreement allows the penetration tester to look for other systems out of scope and test them for threats against the in-scope systems.

D. Some exploits when tested can crash or corrupt a system causing downtime or data loss.




Answer: D

Elliptic curve cryptography: (Select TWO)

Elliptic curve cryptography: (Select TWO)



A. is used in both symmetric and asymmetric encryption.

B. is used mostly in symmetric encryption.

C. is mostly used in embedded devices.

D. produces higher strength encryption with shorter keys.

E. is mostly used in hashing algorithms.



Answer: C & D.

In the initial stages of an incident response, Matt, the security administrator, was provided the hard drives in question from the incident manager. Which of the following incident response procedures would he need to perform in order to begin the analysis? (Select TWO).

In the initial stages of an incident response, Matt, the security administrator, was provided the hard drives in question from the incident manager. Which of the following incident response procedures would he need to perform in order to begin the analysis? (Select TWO).



A. Take hashes

B. Begin the chain of custody paperwork

C. Take screen shots

D. Capture the system image

E. Decompile suspicious files



Answer: A & D.

In which of the following scenarios is PKI LEAST hardened?

In which of the following scenarios is PKI LEAST hardened?



A. The CRL is posted to a publicly accessible location.

B. The recorded time offsets are developed with symmetric keys.

C. A malicious CA certificate is loaded on all the clients.

D. All public keys are accessed by an unauthorized user.



Answer: C

Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?

Matt, an administrator, notices a flood fragmented packet and retransmits from an email server. After disabling the TCP offload setting on the NIC, Matt sees normal traffic with packets flowing in sequence again. Which of the following utilities was he MOST likely using to view this issue?



A. Spam filter

B. Protocol analyzer

C. Web application firewall

D. Load balancer


Answer: B

Which of the following is a difference between TFTP and FTP?

Which of the following is a difference between TFTP and FTP?



A. TFTP is slower than FTP.

B. TFTP is more secure than FTP.

C. TFTP utilizes TCP and FTP uses UDP.

D. TFTP utilizes UDP and FTP uses TCP.



Answer: D

Jane, the security administrator, needs to be able to test malicious code in an environment where it will not harm the rest of the network. Which of the following would allow Jane to perform this kind of testing?

Jane, the security administrator, needs to be able to test malicious code in an environment where it will not harm the rest of the network. Which of the following would allow Jane to perform this kind of testing?



A. Local isolated environment

B. Networked development environment

C. Infrastructure as a Service

D. Software as a Service



Answer: A

Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic?

Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic?



A. Connect the WAP to a different switch.

B. Create a voice VLAN.

C. Create a DMZ.

D. Set the switch ports to 802.1q mode.



Answer: B

To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation?

To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation?



A. Management

B. Administrative

C. Technical

D. Operational


Answer: C

Sara, a user, downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware?

Sara, a user, downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware?



A. Logic bomb

B. Worm

C. Trojan

D. Adware




Answer: C

A user in the company is in charge of various financial roles but needs to prepare for an upcoming audit. They use the same account to access each financial system. Which of the following security controls will MOST likely be implemented within the company?

A user in the company is in charge of various financial roles but needs to prepare for an upcoming audit. They use the same account to access each financial system. Which of the following security controls will MOST likely be implemented within the company?



A. Account lockout policy

B. Account password enforcement

C. Password complexity enabled

D. Separation of duties




Answer: D

The security administrator wants each user to individually decrypt a message but allow anybody to encrypt it. Which of the following MUST be implemented to allow this type of authorization?

The security administrator wants each user to individually decrypt a message but allow anybody to encrypt it. Which of the following MUST be implemented to allow this type of authorization?



A. Use of CA certificate

B. Use of public keys only

C. Use of private keys only

D. Use of public and private keys




Answer: D

A security administrator needs to update the OS on all the switches in the company. Which of the following MUST be done before any actual switch configuration is performed?

A security administrator needs to update the OS on all the switches in the company. Which of the following MUST be done before any actual switch configuration is performed?



A. The request needs to be sent to the incident management team.

B. The request needs to be approved through the incident management process.

C. The request needs to be approved through the change management process.

D. The request needs to be sent to the change management team.




Answer: C

A certificate authority takes which of the following actions in PKI?

A certificate authority takes which of the following actions in PKI?



A. Signs and verifies all infrastructure messages

B. Issues and signs all private keys

C. Publishes key escrow lists to CRLs

D. Issues and signs all root certificates



Answer: D

Which of the following BEST describes a common security concern for cloud computing?

Which of the following BEST describes a common security concern for cloud computing?




A. Data may be accessed by third parties who have compromised the cloud platform

B. Antivirus signatures are not compatible with virtualized environments

C. Network connections are too slow

D. CPU and memory resources may be consumed by other servers in the same cloud



Answer: A

Which of the following BEST describes a protective countermeasure for SQL injection?

Which of the following BEST describes a protective countermeasure for SQL injection?




A. Eliminating cross-site scripting vulnerabilities

B. Installing an IDS to monitor network traffic

C. Validating user input in web applications

D. Placing a firewall between the Internet and database servers



Answer: C

A security administrator is observing congestion on the firewall interfaces and a high number of half open incoming connections from different external IP addresses. Which of the following attack types is underway?

A security administrator is observing congestion on the firewall interfaces and a high number of half open incoming connections from different external IP addresses. Which of the following attack types is underway?



A. Cross-site scripting

B. SPIM

C. Client-side

D. DDoS





Answer: D

Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network. Which of the following describes this access control type?

Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network. Which of the following describes this access control type?



A. Smartcard

B. Token

C. Discretionary access control

D. Mandatory access control





Answer: A

In regards to secure coding practices, why is input validation important?

In regards to secure coding practices, why is input validation important?



A. It mitigates buffer overflow attacks.

B. It makes the code more readable.

C. It provides an application configuration baseline.

D. It meets gray box testing standards.


Answer: A

After verifying that the server and database are running, Jane, the administrator, is still unable to make a TCP connection to the database. Which of the following is the MOST likely cause for this?

After verifying that the server and database are running, Jane, the administrator, is still unable to make a TCP connection to the database. Which of the following is the MOST likely cause for this?



A. The server has data execution prevention enabled

B. The server has TPM based protection enabled

C. The server has HIDS installed

D. The server is running a host-based firewall




Answer: D

In order to provide flexible working conditions, a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access? (Select TWO).

In order to provide flexible working conditions, a company has decided to allow some employees remote access into corporate headquarters. Which of the following security technologies could be used to provide remote access? (Select TWO).



A. Subnetting

B. NAT

C. Firewall

D. NAC

E. VPN



Answer: C & E.

A password history value of three means which of the following?

A password history value of three means which of the following?




A. Three different passwords are used before one can be reused.

B. A password cannot be reused once changed for three years.

C. After three hours a password must be re-entered to continue.

D. The server stores passwords in the database for three days.




Answer: A

The length of an encryption key is important because:

The length of an encryption key is important because:



a. The length determines the maximum number of possible keys that an attacker will have to try before the correct key is discovered
b. Every additional bit of data added to the key makes it easier to discover the correct encryption key
c. The length determines the method that has to be used when attempting to decrypt data
d. None of the above



Answer: A

Which of the following is an example of a brute force attack?

Which of the following is an example of a brute force attack?



a. Using known facts about the person in an effort to guess the correct password/key
b. Contacting a responsible party (like a 'help desk' or customer support) and attempting to use deception in the hopes that someone will divulge the correct password/key
c. Trying every combination of letters and numbers until the correct password/key is found
d. Analyzing the encrypted data in an effort to deduce the correct password/key




Answer: C

What is a public key?

What is a public key?



a. An encryption key that is made by a publicly available software utility
b. An encryption key that is accidentally exposed to the public
c. An encryption key published on a network
d. An encryption key that is deliberately made available to anyone that wants it so that they may transmit encrypted data to the key's owner/creator




Answer: D

It is important to use reputable certificate authorities since:

It is important to use reputable certificate authorities since:



a. An attacker could trick a less-known certificate authority into giving them customer information
b. Only those that have been in business long enough actually have the appropriate resources to encrypt and decrypt data
c. An attacker could pose as a certificate authority or a certificate authority could be in alliance with an attacker
d. None of the above





Answer: C

Which of the following is true?

Which of the following is true?





a. Keys that are longer than 8 bits require considerable processing time, making them unattractive for most applications
b. Key length does not affect modern security
c. A key length of 128 bits provides significant security for most applications
d. A key length of 32 bits is highly effective for most security applications





Answer: C

Which of the following is true?

Which of the following is true?



a. Software encryption is much more secure than hardware encryption
b. Hardware encryption is more vulnerable to tampering than software encryption
c. Software encryption is more vulnerable to tampering than hardware encryption
d. None of the above




Answer: C

What happens when signing a document with a digital signature?

What happens when signing a document with a digital signature?



a. A person's message is encrypted with a private key and then hashed to a message digest to form the actual signature
b. A person's message is hashed to a message digest and then compared to a newly created message digest. Both digests are encrypted with a private key to form the actual signature
c. A person's message is hashed to a message digest and then encrypted with a private key to form the actual signature
d. None of the above





Answer: C

Why must a private key not be stored with the data it has encrypted?

Why must a private key not be stored with the data it has encrypted?



a. The preferred place to store a private key is on the same system as the data it has encrypted.
b. To prevent the key from accidentally being lost due to human error
c. To prevent the key from being accessed by untrusted employees
d. If an attacker is able to hack into that system, they will have everything they need to read the sensitive information.




Answer: D

A(n) ______ function takes data and a secret key as input and uses the secret key to scramble/encode the data, producing ciphertext that cannot be deciphered by anyone other than the appropriate parties.

A(n) ______ function takes data and a secret key as input and uses the secret key to scramble/encode the data, producing ciphertext that cannot be deciphered by anyone other than the appropriate parties.



a. decryption
b. encryption
c. hash
d. cleartext




Answer: B

Certificate Authorities assure involved parties that the right people are sending or receiving the correct information by:

Certificate Authorities assure involved parties that the right people are sending or receiving the correct information by:



a. Distributing public and private keys with digital signatures to the sender and the receiver to be verified during the transfer process
b. Distributing symmetric keys to the sender and the receiver to be verified during the transfer process
c. Requesting digital signatures of both the sender and the receiver to be sent for verification during the initialization of the communication process
d. None of the above




Answer: A

What is a certificate authority (CA)?

What is a certificate authority (CA)?



a. An organization that offers free encryption and decryption services
b. An organization that offers free digital signature services
c. An organization that certifies public keys as being legitimate by signing public keys with their private key
d. A third party that certifies organizations as having appropriate information security policies



Answer: C

A hash function is:

A hash function is:




a. A one-way function that mathematically manipulates the input data to create an output value
b. A one-way function that uses a cipher to produce a piece of data that helps to encrypt other data
c. A one-way function that creates a random number as a digital signature
d. A two-way function that, used in conjunction with a key, takes cleartext and encrypts it into ciphertext



Answer: A

Which of the following statements is true?

Which of the following statements is true?



a. Symmetric key encryption uses the same key while public key encryption uses two different keys for each person
b. Symmetric key encryption requires that keys are distributed ahead of time, while public key encryption requires that keys are discovered during the communications process
c. In public key encryption, one key is available for the public to encrypt their messages, but only the creator of that public key can decrypt the messages with their private key
d. All of the above are correct




Answer: D

A cracked encryption key is a key that:

A cracked encryption key is a key that:




a. Has been entered into the cipher or encryption system
b. Has been discovered by some method and is now compromised
c. Has been delivered by some method to a second party for safe communications
d. Has been encrypted by a cipher and is now safe from the discovery of others




Answer: B

Regarding cryptography, what is a private key?

Regarding cryptography, what is a private key?




a. An encryption key that is kept confidential and used to decrypt data that has been encrypted with the corresponding public key in public key cryptography
b. An encryption key that is purposely made available to anyone that wants it so that they may transmit encrypted data to the key's creator
c. An encryption key that is created and shared between two or more parties for secure communication
d. None of the above



Answer: A

When encrypting a storage device, which is the most secure place to store a key?

When encrypting a storage device, which is the most secure place to store a key?





a. On a separate (from the encrypted device) and secured storage device
b. A key should not be stored
c. On the storage device, unencrypted with the encrypted data
d. On the storage device, encrypted along with the data



a. On a separate (from the encrypted device) and secured storage device

In order to avoid using a certificate authority that is in alliance with an attacker, it is recommended that you:

In order to avoid using a certificate authority that is in alliance with an attacker, it is recommended that you:




• Avoid using certificate authorities
• Use certificate authorities that implement symmetric key encryption
• Use certificate authorities that are well known and reputable
• Use certificate authorities that originate in your local area



Answer: Use certificate authorities that are well known and reputable

How does symmetric key cryptography differ from public key cryptography?

How does symmetric key cryptography differ from public key cryptography?




• Symmetric key uses the same key for encryption and decryption
• Symmetric key uses two different keys for encryption and decryption
• Public key secures data so it can travel over public networks
• Symmetric key always ensures the data is preserved after decryption



Answer: Symmetric key uses the same key for encryption and decryption

The ideal location to store a private key is:

The ideal location to store a private key is:




• On a stand-alone computer system that is not networked
• On the same network as the cipher
• It is not safe to store a private key
• On the same server as the data decryption software



Answer: On a stand-alone computer system that is not networked

What is a private key?

What is a private key?




• An encryption key that is accidentally exposed to the public
• An encryption key kept secret by the owner
• An encryption key that is made by a publicly available software utility
• An encryption key purposefully made available to transmit encrypted data



Answer: An encryption key kept secret by the owner

What is a digital signature?

What is a digital signature?




• A cryptographic value attached to data to certify the integrity of the data
• A certified public key used for public key encryption
• A name typed on a document
• A scanned copy of a person's signature



Answer: A cryptographic value attached to data to certify the integrity of the data

In order to double the amount of time it would take an attacker to crack an encryption key, you could:

In order to double the amount of time it would take an attacker to crack an encryption key, you could:




• Add one bit to the length of the encryption key
• Remove one bit from the encryption key length
• You can only do this by adding a second encryption key
• Create a new encryption key once a week



Answer: Add one bit to the length of the encryption key

Which of the following is one definition of the word "cipher"?

Which of the following is one definition of the word "cipher"?




• Data that has been successfully encrypted AND decrypted
• The data that is output from the encryption function/process
• The algorithm or method used to encrypt/decrypt data
• The data is output from a hashing function


Answer: The algorithm or method used to encrypt/decrypt data

Plaintext or cleartext is the term for:

Plaintext or cleartext is the term for:




• The algorithm used to encrypt or decrypt data or text
• The data or text that has been encrypted
• Data used to encrypt or decrypt other data or text
• The data or text that is not encrpted
• The data or text that is not encrypted

A hash function is:

A hash function is:




a. A one-way function that uses a cipher to produce a piece of data that helps to encrypt other data
b. A two-way function that, used in conjunction with a key, takes cleartext and encrypts it into ciphertext
c. A one-way function that creates a random number as a digital signature
d. A one-way function that mathematically manipulates the input data to create an output value



Answer: D

The encryption of storage devices is desired because:

The encryption of storage devices is desired because:




a. It is cheaper than encryption of a few specific files
b. The encryption performed by software is extremely unreliable
c. It is important to ensure data will not be exposed to unauthorized parties
d. None of the above



Answer: C

Ideally, where should encryption keys be stored?

Ideally, where should encryption keys be stored?




a. On a physically separate system from the encrypted data
b. On the same system as the encrypted data
c. On a non-networked, physically secured storage device
d. On a seperate CD/DVD, clearly labeled and available for anyone that wants to use it




Answer: C

How is public key cryptography different than symmetric key cryptography?

How is public key cryptography different than symmetric key cryptography?




a. Public key cryptography secures data so that it can travel over public networks like the internet
b. Symmetric key cryptography uses the same key for both encryption and decryption
c. Symmetric key cryptography always ensures that the data is unchanged after decryption
d. None of the above


Answer: B

Why is the length of an encryption key important?

Why is the length of an encryption key important?




a. Shorter keys are less secure, meaning the data can be decrypted by an attacker
b. Key length doesn't matter
c. Data encrypted with longer keys can require more network bandwidth to transmit
d. Longer keys are less efficient, causing wasted space



Answer: A

Regarding cryptography, a private key should be kept secure since:

Regarding cryptography, a private key should be kept secure since:




a. It can be used to access sensitive information AND it can be used to encrypt data so that the original authors cannot read it
b. It can be used to access sensitive information
c. It can change daily, requiring the previous key to unlock it
d. It can be used to encrypt data so that the original authors cannot read it




Answer: B

Cryptography is:

Cryptography is:




a. A mathematical function that utilizes the data input to produce a value based on that data
b. The process of converting cleartext into ciphertext
c. The study of encoding data so that confidentiality of communications can be maintained between two parties
d. The encryption algorithm used to encrypt or decrypt a piece of data



Answer: C

A brute force attack works by:

A brute force attack works by:




a. Analyzing the encrypted data in an effort to deduce the correct password/key
b. Using a list of common words or expressions in an effort to guess the correct password/key
c. Using known facts about the person in an effort to guess the correct password/key
d. Trying every combination of letters and numbers until the correct password/key is found




Answer: D

How does a valid digital signature assure the recipient that the document has not been tampered with?

How does a valid digital signature assure the recipient that the document has not been tampered with?




a. The digital signature was encrypted using the recipient's public key
b. The digital signature is transmitted in a separate message from the document
c. A valid digital signature cannot assure the recipient the document has not been tampered with
d. The hash contained in the digital signature was encrypted with the sender's private key and could not have been modified without making the signature invalid. If the signature is valid, then the data must not have been tampered with.




Answer: D

Symmetric key encryption gets its name because:

Symmetric key encryption gets its name because:




a. Both parties must initiate the ciphering software in order to exchange data
b. The involved parties must use two keys derived from the same cipher in order to exchange data
c. The involved parties must use different encryption keys at the same time to exchange data
d. Both parties must use the same encryption key to exchange data


Answer: D

What happens when verifying a document with a digital signature?

What happens when verifying a document with a digital signature?




a. A message is decrypted with a corresponding public key to create a message digest, and then another message digest is created and compared to the received message digest to verify the sender
b. A message is decrypted with the receiver's private key to create a message digest, and then another message digest is created and compared to the received message digest to verify the sender
c. A message is decrypted with a public key and then hashed to determine if it is an authentic message from the proposed sender
d. A message is decrypted with a corresponding public key, and then the digital attachment is examined to see if it is in fact a scan of the sender's signature


Answer: A

What do digital signatures provide?

What do digital signatures provide?




a. Assurance that the stated author is the actual person that created the information
b. Security by ensuring that only the intended recipients will be able to read the data
c. Assurance that the data does not contain any viruses or malware
d. Assurance that the stated author is the actual person that created the information, as well as assurance that the information has not been modified


Answer: D

Two people can verify they are communicating with each other by using a ____________, which verifies each party's identity by being the distributor of public and private keys that both parties use. These keys are digitally signed so both parties can be assured they are communicating with each other.

Two people can verify they are communicating with each other by using a ____________, which verifies each party's identity by being the distributor of public and private keys that both parties use. These keys are digitally signed so both parties can be assured they are communicating with each other.




a. Hash Authority
b. Certificate Authority
c. Signature Authority
d. Digital Signature


Answer: B

When should a key or certificate be renewed?

When should a key or certificate be renewed?



a. Every year
b. Every quarter
c. Just before it expires
d. Just after it expires


Answer: C

Which of the following is a description of a key-stretching technique?

Which of the following is a description of a key-stretching technique?



a. Salting input before hashing
b. Generating a random number, and then using a trapdoor one-way function to derive a related key
c. Adding iterative computations that increase the effort involved in creating the improved result
d. Using a challenge-response dialogue


Answer: C

Certificates have what single purpose?

Certificates have what single purpose?



a. Proving identity
b. Proving quality
c. Providing encryption security
d. Exchanging encryption keys

Answer: A

Which of the following is an example of a Type 2 authentication factor?

Which of the following is an example of a Type 2 authentication factor?



a. Something you have, such as a smart card, an ATM card, a token device, or a memory card
b. Something you are, such as fingerprints, voice print, retina pattern, iris pattern, face shape, palm topology, or hand geometry
c. Something you do, such as type a passphrase, sign your name, or speak a sentence
d. Something you know, such as a password, personal identification number (PIN), lock combination, passphrase, mother's maiden name, or favorite color



Answer: A

Federation is a means to accomplish _____.

Federation is a means to accomplish _____.



a. Accountability logging
b. ACL verification
c. Single sign-on
d. Trusted OS hardening




Answer: C

Which of the following is not a benefit of single sign-on?

Which of the following is not a benefit of single sign-on?



a. The ability to browse multiple systems
b. Fewer usernames and passwords to memorize
c. More granular access control
d. Stronger passwords



Answer: C

LDAP operates over what TCP ports?

LDAP operates over what TCP ports?




a. 636 and 389
b. 110 and 25
c. 443 and 80
d. 20 and 21


Answer: A

Which is the strongest form of password?

Which is the strongest form of password?



a. More than eight characters
b. One-time use
c. Static
d. Different types of keyboard characters



Answer: B

Kerberos is used to perform what security service?

Kerberos is used to perform what security service?



a. Authentication protection
b. File encryption
c. Secure communications
d. Protected data transfer



Answer: A

Which of the following is not true in regards to NoSQL?

Which of the following is not true in regards to NoSQL?



a. Can support SQL expressions
b. It is a relational database
c. Supports hierarchies or multilevel nesting/referencing
d. Does not support ACID




Answer: B

What is an asset?

What is an asset?



a. An item costing more than $10,000
b. Anything used in a work task
c. A threat to the security of an organization
d. An intangible resource


Answer: B

A security template can be used to perform all but which of the following tasks?

A security template can be used to perform all but which of the following tasks?





a. Capture the security configuration of a master system
b. Apply security settings to a target system
c. Return a target system to its precompromised state
d. Evaluate compliance with security of a target system



Answer: C

A pirated movie-sharing service was discovered operating on company equipment. Administrators do not know who planted the service or who the users are. What technique could be used to attempt to trace the identity of the users?

A pirated movie-sharing service was discovered operating on company equipment. Administrators do not know who planted the service or who the users are. What technique could be used to attempt to trace the identity of the users?



a. Typo squatting
b. Integer overflow
c. Watering hole attack
d. Ransomware




Answer: C

You run a full backup every Monday. You also run a differential backup every other day of the week. You experience a drive failure on Friday. Which of the following restoration procedures should you use to restore data to the replacement drive?

You run a full backup every Monday. You also run a differential backup every other day of the week. You experience a drive failure on Friday. Which of the following restoration procedures should you use to restore data to the replacement drive?



a. Restore the full backup and then each differential backup.
b. Restore the full backup and then the last differential backup.
c. Restore the differential backup.
d. Restore the full backup.





Answer: B

An organization has a high-speed fiber Internet connection that it uses for most of its daily operations, as well as its offsite backup operations. This represents what security problem?

An organization has a high-speed fiber Internet connection that it uses for most of its daily operations, as well as its offsite backup operations. This represents what security problem?



a. Single point of failure
b. Redundant connections
c. Backup generator
d. Offsite backup storage


Answer: C

When is business continuity needed?

When is business continuity needed?



a. When new software is distributed
b. When business processes are interrupted
c. When a user steals company data
d. When business processes are threatened



Answer: D

A goal of NAC is which of the following?

A goal of NAC is which of the following?




a. Reduce social engineering threats
b. Map internal private addresses to external public addresses
c. Distribute IP address configurations
d. Reduce zero-day attacks


Answer: D