Who should be contacted FIRST in the event of a security breach?

Who should be contacted FIRST in the event of a security breach? A. Forensics analysis team B. Internal auditors C. Incident response team D. Software...

A database server has been compromised via an unpatched vulnerability. An investigation reveals that an application crashed at the time of the compromise. Unauthorized code appeared to be running, although there were no traces of the code found on the file system. Which of the following attack types has MOST likely occurred?

A database server has been compromised via an unpatched vulnerability. An investigation reveals that an application crashed at the time of the compromise....

Which of the following would Sara, a security administrator, utilize to actively test security controls within an organization?

Which of the following would Sara, a security administrator, utilize to actively test security controls within an organization? A. Penetration test B....

Which of the following would Jane, a security administrator, take advantage of to bypass security controls and gain unauthorized remote access into an organization?

Which of the following would Jane, a security administrator, take advantage of to bypass security controls and gain unauthorized remote access into...

The finance department is growing and needs additional computers to support growth. The department also needs to ensure that their traffic is separated from the rest of the network. Matt, the security administrator, needs to add a new switch to accommodate this growth. Which of the following MUST Matt configure on the switch to ensure proper network separation?

The finance department is growing and needs additional computers to support growth. The department also needs to ensure that their traffic is separated...

Sara, a security administrator, has recently implemented a policy to ban certain attachments from being sent through the corporate email server. This is an example of trying to mitigate which of the following?

Sara, a security administrator, has recently implemented a policy to ban certain attachments from being sent through the corporate email server. This...

Jane, the security administrator, sets up a new AP but realizes too many outsiders are able to connect to that AP and gain unauthorized access. Which of the following would be the BEST way to mitigate this issue and still provide coverage where needed? (Select TWO).

Jane, the security administrator, sets up a new AP but realizes too many outsiders are able to connect to that AP and gain unauthorized access. Which...

Remote employees login to the network using a device displaying a digital number which changes every five minutes. This is an example of which of the following?

Remote employees login to the network using a device displaying a digital number which changes every five minutes. This is an example of which of the...

Which of the following is being used when a message is buried within the pixels of an image?

Which of the following is being used when a message is buried within the pixels of an image? A. Steganography B. Block cipher C. Encryption D....

A new AP has been installed and there are problems with packets being dropped. Which of the following BEST explains the packet loss?

A new AP has been installed and there are problems with packets being dropped. Which of the following BEST explains the packet loss? A. EMI B. XML...

Which of the following techniques describes the use of application isolation during execution to prevent system compromise if the application is compromised?

Which of the following techniques describes the use of application isolation during execution to prevent system compromise if the application is compromised? A....

Which of the following security methods should be used to ensure mobile devices are not removed by unauthorized users when the owner is away from their desk?

Which of the following security methods should be used to ensure mobile devices are not removed by unauthorized users when the owner is away from their...

A security administrator wants to scan an infected workstation to understand how the infection occurred. Which of the following should the security administrator do FIRST before scanning the workstation?

A security administrator wants to scan an infected workstation to understand how the infection occurred. Which of the following should the security...

The lead security engineer has been brought in on a new software development project. The software development team will be deploying a base software version and will make multiple software revisions during the project life cycle. The security engineer on the project is concerned with the ability to roll back software changes that cause bugs and/or security concerns. Which of the following should the security engineer suggest to BEST address this issue?

The lead security engineer has been brought in on a new software development project. The software development team will be deploying a base software...

A new wireless network was installed in an office building where there are other wireless networks. Which of the following can the administrator disable to help limit the discovery of the new network?

A new wireless network was installed in an office building where there are other wireless networks. Which of the following can the administrator disable...

Which of the following protocols uses TCP instead of UDP and is incompatible with all previous versions?

Which of the following protocols uses TCP instead of UDP and is incompatible with all previous versions? A. TACACS B. XTACACS C. RADIUS D. TACACS+ Answer:...

A trojan was recently discovered on a server. There are now concerns that there has been a security breach that allows unauthorized people to access data. The administrator should be looking for the presence of a/an:

A trojan was recently discovered on a server. There are now concerns that there has been a security breach that allows unauthorized people to access...

An administrator notices that former temporary employees' accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from happening?

An administrator notices that former temporary employees' accounts are still active on a domain. Which of the following can be implemented to increase...

In an enterprise environment, which of the following would be the BEST way to prevent users from accessing inappropriate websites when AUP requirements are constantly changing?

In an enterprise environment, which of the following would be the BEST way to prevent users from accessing inappropriate websites when AUP requirements...

An administrator might choose to implement a honeypot in order to:

An administrator might choose to implement a honeypot in order to: A. provide load balancing for network switches. B. distract potential intruders...

Jane, the administrator of a small company, wishes to track people who access the secured server room, which is secured only by a simple hardware key lock. Jane does not have much of a budget or the approval to make significant construction changes. Given the limitations, which of the following can she do in the meantime?

Jane, the administrator of a small company, wishes to track people who access the secured server room, which is secured only by a simple hardware key...

Which of the following is a hardware-based security technology included in a computer?

Which of the following is a hardware-based security technology included in a computer? A. Symmetric key B. Asymmetric key C. Whole disk encryption D....

Which of the following BEST describes a SQL Injection attack?

Which of the following BEST describes a SQL Injection attack? A. The attacker attempts to have the receiving server pass information to a back-end...

Digital Signatures provide which of the following?

Digital Signatures provide which of the following? A. Confidentiality B. Authorization C. Integrity D. Authentication E. Availability Answer:...

A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 802.1q trunks. Which of the following is MOST likely the reason for the sub-interfaces?

A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured...

A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this?

A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this? A....

Which of the following devices is typically used to provide protection at the edge of the network attack surface?

Which of the following devices is typically used to provide protection at the edge of the network attack surface? A. Firewall B. Router C. Switch D....

In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be classified?

In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be...

Which of the following network architecture concepts is used to securely isolate at the boundary between networks?

Which of the following network architecture concepts is used to securely isolate at the boundary between networks? A. VLAN B. Subnetting C. DMZ D....

Which of the following allows a network administrator to implement an access control policy based on individual user characteristics and NOT on job function?

Which of the following allows a network administrator to implement an access control policy based on individual user characteristics and NOT on job...

Layer 7 devices used to prevent specific types of html tags are called:

Layer 7 devices used to prevent specific types of html tags are called: A. firewalls. B. content filters. C. routers. D. NIDS. Answer: ...

A security analyst needs to ensure all external traffic is able to access the company's front-end servers but protect all access to internal resources. Which of the following network design elements would MOST likely be recommended?

A security analyst needs to ensure all external traffic is able to access the company's front-end servers but protect all access to internal resources....

Which of the following would satisfy wireless network implementation requirements to use mutual authentication and usernames and passwords?

Which of the following would satisfy wireless network implementation requirements to use mutual authentication and usernames and passwords? A. EAP-MD5 B....

Which of the following is an important implementation consideration when deploying a wireless network that uses a shared password?

Which of the following is an important implementation consideration when deploying a wireless network that uses a shared password? A. Authentication...

Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator. Which of the following is configured in the RADIUS server and what technologies should the authentication protocol be changed to?

Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator. Which of the following is configured in...

A network stream needs to be encrypted. Sara, the network administrator, has selected a cipher which will encrypt 8 bits at a time before sending the data across the network. Which of the following has Sara selected?

A network stream needs to be encrypted. Sara, the network administrator, has selected a cipher which will encrypt 8 bits at a time before sending the...

Jane, a network administrator, has configured a 48-port switch to isolate four different departments. Which of the following has Jane MOST likely configured on the switch?

Jane, a network administrator, has configured a 48-port switch to isolate four different departments. Which of the following has Jane MOST likely configured...

Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete's BEST option?

Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have...

Pete, the system administrator, is concerned about unauthorized access at all entrances into the building. PIN pad readers have been installed, but users have developed the habit of holding the door for others behind them. Which of the following would BEST prevent this?

Pete, the system administrator, is concerned about unauthorized access at all entrances into the building. PIN pad readers have been installed, but...

Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide?

Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally...

Pete, the system administrator, has instituted a policy banning personal digital music and video players from the company premises. Which of the following would be the BEST reason for such a policy?

Pete, the system administrator, has instituted a policy banning personal digital music and video players from the company premises. Which of the following...

Sara, the IT administrator, wants to control which devices can connect to the wireless network. Which of the following can she implement to accomplish this task?

Sara, the IT administrator, wants to control which devices can connect to the wireless network. Which of the following can she implement to accomplish...