Security MCQ: December 2017

A. Disable the wired ports

B. Use channels 1, 4 and 7 only

C. Enable MAC filtering

D. Disable SSID broadcast

E. Switch from 802.11a to 802.11b

Answer: CD

Remote employees login to the network using a device displaying a digital number which changes every five minutes. This is an example of which of the following?

A. Block cipher

B. One-time pad

C. Stream cipher

D. Digital signature

Answer: B

Which of the following is being used when a message is buried within the pixels of an image?

A. Steganography

B. Block cipher

C. Encryption

D. Hashing

Answer: A

A new AP has been installed and there are problems with packets being dropped. Which of the following BEST explains the packet loss?

A. EMI

B. XML injection

C. DDoS

D. Botnet

Answer: A

Which of the following techniques describes the use of application isolation during execution to prevent system compromise if the application is compromised?

A. Least privilege

B. Sandboxing

C. Black box

D. Application hardening

Answer: B

Which of the following security methods should be used to ensure mobile devices are not removed by unauthorized users when the owner is away from their desk?

A. Screen lock

B. Biometrics

C. Strong passwords

D. Cable lock

Answer: D

A security administrator wants to scan an infected workstation to understand how the infection occurred. Which of the following should the security administrator do FIRST before scanning the workstation?

A. Make a complete hard drive image

B. Remove the memory

C. Defragment the hard drive

D. Delete all temporary Internet files

Answer: A

The lead security engineer has been brought in on a new software development project. The software development team will be deploying a base software version and will make multiple software revisions during the project life cycle. The security engineer on the project is concerned with the ability to roll back software changes that cause bugs and/or security concerns. Which of the following should the security engineer suggest to BEST address this issue?

A. Develop a change management policy incorporating network change control.

B. Develop a change management policy incorporating hardware change control.

C. Develop a change management policy incorporating software change control.

D. Develop a change management policy incorporating oversight of the project lifecycle.

Answer: C

A new wireless network was installed in an office building where there are other wireless networks. Which of the following can the administrator disable to help limit the discovery of the new network?

A. DHCP

B. Default user account

C. MAC filtering

D. SSID broadcast

Answer: D

Which of the following protocols uses TCP instead of UDP and is incompatible with all previous versions?

A. TACACS

B. XTACACS

C. RADIUS

D. TACACS+

Answer: D

A trojan was recently discovered on a server. There are now concerns that there has been a security breach that allows unauthorized people to access data. The administrator should be looking for the presence of a/an:

A. logic bomb.

B. backdoor.

C. adware application.

D. rootkit.

Answer: B

An administrator notices that former temporary employees' accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from happening?

A. Implement a password expiration policy.

B. Implement an account expiration date for permanent employees.

C. Implement time of day restrictions for all temporary employees.

D. Run a last logon script to look for inactive accounts.

Answer: D

In an enterprise environment, which of the following would be the BEST way to prevent users from accessing inappropriate websites when AUP requirements are constantly changing?

A. Deploy a network proxy server.

B. Configure Internet content filters on each workstation.

C. Deploy a NIDS.

D. Deploy a HIPS.

Answer: A

An administrator might choose to implement a honeypot in order to:

A. provide load balancing for network switches.

B. distract potential intruders away from critical systems.

C. establish a redundant server in case of a disaster.

D. monitor any incoming connections from the Internet.

Answer: B

Jane, the administrator of a small company, wishes to track people who access the secured server room, which is secured only by a simple hardware key lock. Jane does not have much of a budget or the approval to make significant construction changes. Given the limitations, which of the following can she do in the meantime?

A. Implement an access log and a security guard

B. Install a 24/7 closed-circuit camera system

C. Install a separate hardware lock with limited keys

D. Implement a cipher key lock

Answer: D

Which of the following is a hardware-based security technology included in a computer?

A. Symmetric key

B. Asymmetric key

C. Whole disk encryption

D. Trusted platform module

Answer: D

Which of the following BEST describes a SQL Injection attack?

A. The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information.

B. The attacker attempts to have the receiving server run a payload using programming commonly found on web servers.

C. The attacker overwhelms a system or application, causing it to crash and bring the server down to cause an outage.

D. The attacker overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload.

Answer: A

Digital Signatures provide which of the following?

A. Confidentiality

B. Authorization

C. Integrity

D. Authentication

E. Availability

Answer: C

A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 802.1q trunks. Which of the following is MOST likely the reason for the sub-interfaces?

A. The network uses the subnet of 255.255.255.128.

B. The switch has several VLANs configured on it.

C. The sub-interfaces are configured for VoIP traffic.

D. The sub-interfaces each implement quality of service.

Answer: B

A malicious program modified entries in the LMHOSTS file of an infected system. Which of the following protocols would have been affected by this?

A. ICMP

B. BGP

C. NetBIOS

D. DNS

Answer: C

Which of the following devices is typically used to provide protection at the edge of the network attack surface?

A. Firewall

B. Router

C. Switch

D. VPN concentrator

Answer: A

In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be classified?

A. Security control frameworks

B. Best practice

C. Access control methodologies

D. Compliance activity

Answer: B

Which of the following network architecture concepts is used to securely isolate at the boundary between networks?

A. VLAN

B. Subnetting

C. DMZ

D. NAT

Answer: C

Which of the following allows a network administrator to implement an access control policy based on individual user characteristics and NOT on job function?

A. Attributes based

B. Implicit deny

C. Role based

D. Rule based

Answer: A

Layer 7 devices used to prevent specific types of html tags are called:

A. firewalls.

B. content filters.

C. routers.

D. NIDS.

Answer: B

A security analyst needs to ensure all external traffic is able to access the company's front-end servers but protect all access to internal resources. Which of the following network design elements would MOST likely be recommended?

A. DMZ

B. Cloud computing

C. VLAN

D. Virtualization

Answer: A

Which of the following would satisfy wireless network implementation requirements to use mutual authentication and usernames and passwords?

A. EAP-MD5

B. WEP

C. PEAP-MSCHAPv2

D. EAP-TLS

Answer: C

Which of the following is an important implementation consideration when deploying a wireless network that uses a shared password?

A. Authentication server

B. Server certificate

C. Key length

D. EAP method

Answer: C

Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator. Which of the following is configured in the RADIUS server and what technologies should the authentication protocol be changed to?

A. PAP, MSCHAPv2

B. CHAP, PAP

C. MSCHAPv2, NTLMv2

D. NTLM, NTLMv2

Answer: A

A network stream needs to be encrypted. Sara, the network administrator, has selected a cipher which will encrypt 8 bits at a time before sending the data across the network. Which of the following has Sara selected?

A. Block cipher

B. Stream cipher

C. CRC

D. Hashing algorithm

Answer: A

Jane, a network administrator, has configured a 48-port switch to isolate four different departments. Which of the following has Jane MOST likely configured on the switch?

A. NAC

B. 802.1x

C. VLAN

D. DMZ

Answer: C

Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete's BEST option?

A. Use hardware already at an offsite location and configure it to be quickly utilized.

B. Move the servers and data to another part of the company's main campus from the server room.

C. Retain data back-ups on the main campus and establish redundant servers in a virtual environment.

D. Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy.

Answer: A

Pete, the system administrator, is concerned about unauthorized access at all entrances into the building. PIN pad readers have been installed, but users have developed the habit of holding the door for others behind them. Which of the following would BEST prevent this?

A. Install mantraps at every unmanned entrance.

B. Replace the PIN pad readers with card readers.

C. Implement video and audio surveillance equipment.

D. Require users to sign conduct policies forbidding these actions.

Answer: A

Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide?

A. No competition with the company's official social presence

B. Protection against malware introduced by banner ads

C. Increased user productivity based upon fewer distractions

D. Elimination of risks caused by unauthorized P2P file sharing

Answer: B

Pete, the system administrator, has instituted a policy banning personal digital music and video players from the company premises. Which of the following would be the BEST reason for such a policy?

A. The company would be legally liable for any personal device that is lost on its premises.

B. It is difficult to verify ownership of offline device's digital rights management and ownership.

C. The media players may act as distractions during work hours and adversely affect user productivity.

D. If connected to a computer, unknown malware may be introduced into the environment.

Answer: D

Sara, the IT administrator, wants to control which devices can connect to the wireless network. Which of the following can she implement to accomplish this task?

A. WPA2 Enterprise with AES encryption

B. Decrease the WAP's power levels

C. Static IP addressing

D. MAC address filtering

Answer: D