Which of the following operates on the HIGHEST layer of the OSI model, and is the most effective at blocking application attacks?

Which of the following operates on the HIGHEST layer of the OSI model, and is the most effective at blocking application attacks? A.IDS B. Router C....

Network administrators connect to a legacy server using Telnet. They want to secure these transmissions using encryption at a lower layer of the OSI model. What could they use?

Network administrators connect to a legacy server using Telnet. They want to secure these transmissions using encryption at a lower layer of the OSI...

Your organization hosts a web server and wants to increase its security. You need to separate all web-facing traffic from internal network traffic. Which of the following provides the BEST solution?

Your organization hosts a web server and wants to increase its security. You need to separate all web-facing traffic from internal network traffic....

Your organization wants to combine some of the security controls used on the network. What could your organization implement to meet this goal?

Your organization wants to combine some of the security controls used on the network. What could your organization implement to meet this goal? A....

Your organization wants to prevent users from accessing file sharing web sites. Which of the following choices will meet this need?

Your organization wants to prevent users from accessing file sharing web sites. Which of the following choices will meet this need? A.Content inspection B....

You have detected DNS requests and zone transfer requests coming through the firewall and you need to block them. Which of the following would meet this goal? (Select TWO. Each answer is a full solution)

Your network currently has a dedicated firewall protecting access to a web server. It is currently configured with the following two rules in the ACL...

Your organization frequently has guests visiting in various conference rooms throughout the building. These guests need access to the Internet via wall jacks, but should not be able to access internal network resources. Employees need access to both the internal network and the Internet. What would BEST meet this need?

Your organization frequently has guests visiting in various conference rooms throughout the building. These guests need access to the Internet via wall...

A network technician incorrectly wired switch connections in your organization's network. It effectively disabled the switch as though it was a victim of a denial-of-service attack. What should be done to prevent this in the future?

A network technician incorrectly wired switch connections in your organization's network. It effectively disabled the switch as though it was a victim...

Your organization is increasing security and wants to prevent attackers from mapping out the IP addresses used on your internal network. Which of the following choices is the BEST option?

Your organization is increasing security and wants to prevent attackers from mapping out the IP addresses used on your internal network. Which of the...

You need to reboot your DNS server. Of the following choices, which type of server are you MOST likely to reboot?

You need to reboot your DNS server. Of the following choices, which type of server are you MOST likely to reboot? A. Unix server B. Apache server C....

You need to divide a single Class B IP address range into several ranges. What would you do?

You need to divide a single Class B IP address range into several ranges. What would you do?  A. Subnet the Class B IP address range. B. Create...

Lisa wants to manage and monitor the switches and routers in her network. Which of the following protocols would she use?

Lisa wants to manage and monitor the switches and routers in her network. Which of the following protocols would she use? A. Telnet B. SSH C. SNMP(Simple...

You need to enable the use of NetBIOS through a firewall. Which ports should you open?

You need to enable the use of NetBIOS through a firewall. Which ports should you open? A. 137 through 139 B. 20 and 21 C. 80 and 443 D. 22 and 33...

You need to prevent the use of TFTP through your firewall. Which port would you block?

You need to prevent the use of TFTP through your firewall. Which port would you block? A.TCP 69 B. UDP 69 C. TCP 21 D. UDP 21 Answer: ...

You recently learned that a network router has TCP ports 22 and 80 open, but the organization's security policy mandates that these should not be accessible. What should you do?

You recently learned that a network router has TCP ports 22 and 80 open, but the organization's security policy mandates that these should not be accessible....

Your organization is planning to establish a secure link between one of your mail servers and a business partner's mail server. The connection will use the Internet. What protocol is the BEST choice?

Your organization is planning to establish a secure link between one of your mail servers and a business partner's mail server. The connection will...

You need to send several large files containing proprietary data to a business partner. Which of the following is the BEST choice for this task?

You need to send several large files containing proprietary data to a business partner. Which of the following is the BEST choice for this task? A....

You are configuring a host-based firewall so that it will allow SFTP(Secure file transfer protocol)connections. Which of the following is required?

You are configuring a host-based firewall so that it will allow SFTP(Secure file transfer protocol)connections. Which of the following is required?  A.Allow...

What is the default port for SSH(Secure shell)?

What is the default port for SSH(Secure shell)? A.22 B. 23 C. 25 D. 80 Answer: ...

What protocol does IPv6 use for hardware address resolution?

What protocol does IPv6 use for hardware address resolution? A. ARP B. NDP C. RDP D. SNMP Answer: ...

Of the following choices, which one is a cloud computing option that allows customers to apply patches to the operating system?

Of the following choices, which one is a cloud computing option that allows customers to apply patches to the operating system? A. Hybrid cloud B.Software...

Management wants to ensure that employees do not print any documents that include customer PII. Which of the following solutions would meet this goal?

Management wants to ensure that employees do not print any documents that include customer PII. Which of the following solutions would meet this goal?  A....

You are comparing different encryption methods. Which method includes a storage root key?

You are comparing different encryption methods. Which method includes a storage root key?  A. HSM B. NTFS C.VSAN D. TPM Answer: ...

Bart copied an encrypted file from his desktop computer to his USB drive and discovered that the copied file isn't encrypted. He asks you what he can do to ensure file he's encrypted remain encrypted when he copies them to a USB drive. What would you recommend as the BEST solution to this problem?

Bart copied an encrypted file from his desktop computer to his USB drive and discovered that the copied file isn't encrypted. He asks you what he can...

Your organization hosts a web site with a back-end database. The database stores customer data, including credit card numbers. Which of the following is the BEST way to protect the credit card data?

Your organization hosts a web site with a back-end database. The database stores customer data, including credit card numbers. Which of the following...

Your company is planning on implementing a policy for users so that they can connect their mobile devices to the network. However, management wants to restrict network access for these devices. They should have Internet access and be able to access some internal servers, but management wants to ensure that they do not have access to the primary network where company-owned devices operate. Which of the following will BEST meet this goal?

Your company is planning on implementing a policy for users so that they can connect their mobile devices to the network. However, management wants...

Which of the following represents a primary security concern when authorizing mobile devices on a network?

Which of the following represents a primary security concern when authorizing mobile devices on a network? A. Cost of the device B. Compatibility C....

Key personnel in your organization have mobile devices, which store sensitive information. What can you implement to prevent data loss from these devices if a thief steals one?

Key personnel in your organization have mobile devices, which store sensitive information. What can you implement to prevent data loss from these devices...

Your company provides electrical and plumbing services to home owners. Employees use tablets during service calls to record activity, create invoices, and accept credit card payments. Which of the following would BEST prevent disclosure of customer data if any of these devices are lost or stolen?

Your company provides electrical and plumbing services to home owners. Employees use tablets during service calls to record activity, create invoices,...

Which of the following is the MOST likely negative result if administrators do not implement access controls correctly on an encrypted USB hard drive?

Which of the following is the MOST likely negative result if administrators do not implement access controls correctly on an encrypted USB hard drive? A....

Your company has recently provided mobile devices to several employees. A security manager has expressed concerns related to data saved on these devices. Which of the following would BEST address these concerns?

Your company has recently provided mobile devices to several employees. A security manager has expressed concerns related to data saved on these devices....

Homer noticed that several generators within the nuclear power plant have been turning on without user interaction. Security investigators discovered that an unauthorized file was installed and causing these generators to start at timed intervals. Further,they determined this file was installed during a visit by external engineers. What should Homer recommend to mitigate this threat in the future?

Homer noticed that several generators within the nuclear power plant have been turning on without user interaction. Security investigators discovered...

Administrators ensure server operating systems are updated at least once a month with relevant patches, but they do not track other software updates. Of the following choices, what is the BEST choice to mitigate risks on these servers?

Administrators ensure server operating systems are updated at least once a month with relevant patches, but they do not track other software updates....

A recent risk assessment identified several problems with servers in your organization. They occasionally reboot on their own and the operating systems do not have current security fixes. Administrators have had to rebuild some servers from scratch due to mysterious problems. Which of the following solutions will mitigate these problems?

A recent risk assessment identified several problems with servers in your organization. They occasionally reboot on their own and the operating systems...

You are preparing to deploy a new application on a virtual server. The virtual server hosts another server application that employees routinely access. Which of the following is the BEST method to use when deploying the new application?

You are preparing to deploy a new application on a virtual server. The virtual server hosts another server application that employees routinely access....

An IT department recently had its hardware budget reduced, but the organization still expects them to maintain availability of services. Of the following choices, what would BEST help them maintain availability with a reduced budget?

An IT department recently had its hardware budget reduced, but the organization still expects them to maintain availability of services. Of the following...

Your organization wants to ensure that employees do not install or play operating system games, such as solitaire and FreeCell, on their computers. Which of the following is the BEST choice to prevent?

Your organization wants to ensure that employees do not install or play operating system games, such as solitaire and FreeCell, on their computers....

Maggie is compiling a list of approved software for desktop operating systems within a company. What is the MOST likely purpose of this list?

Maggie is compiling a list of approved software for desktop operating systems within a company. What is the MOST likely purpose of this list? A....

You need to monitor the security posture of several servers in your organization and keep a security administrator aware of their status. Which of the following tasks will BEST help you meet this goal?

You need to monitor the security posture of several servers in your organization and keep a security administrator aware of their status. Which of the...

Your organization wants to improve the security posture of internal database servers. Of the following choices, what provides the BEST solution?

Your organization wants to improve the security posture of internal database servers. Of the following choices, what provides the BEST solution? A.Opening...

Which of the following choices provide authentication services for remote users and devises? (Select TWO)

Which of the following choices provide authentication services for remote users and devises? (Select TWO) A. Kerberos B. RADIUS C. Secure LDAP D....

Users in your organization access your network from remote locations. Currently, the remote access solution uses RADIUS. However, the organization wants to implement a stronger authentication service that supports EAP. Which of the following choices BEST meets this goal?

Users in your organization access your network from remote locations. Currently, the remote access solution uses RADIUS. However, the organization wants...

Which of the following provides authentication services and uses PPP?

Which of the following provides authentication services and uses PPP? A. Diameter and biometrics B. Kerberos and LDAP C. SAML and SSPO D. PAP and...

Your organization recently made an agreement with third parties for the exchange of authentication and authorization information. The solution uses an XML- based open standard. Which of the following is the MOSt likely solution being implemented?

Your organization recently made an agreement with third parties for the exchange of authentication and authorization information. The solution uses...

When you log on to your online bank account, you are also able to access a partners credit card site, check-ordering services, and a mortgage site without entering your credentials again. What does this describe?

When you log on to your online bank account, you are also able to access a partners credit card site, check-ordering services, and a mortgage site without...

Your network used authentication based on the X.500 specification. When encrypted, it uses TLS. Which authentication service is your network using?

Your network used authentication based on the X.500 specification. When encrypted, it uses TLS. Which authentication service is your network using? A....

A network includes a ticket-granting ticket server. Which of the following choices is the primary purpose of this server?

A network includes a ticket-granting ticket server. Which of the following choices is the primary purpose of this server? A. Authentication B. Identification C....

Which of the following authentication services use tickets for user credentials?

Which of the following authentication services use tickets for user credentials? A. RADIUS B. Diameter C. Kerberos D. LDAP Answer: ...

Your network infrastructure requires users to authenticate with something they are and something they know. Which of the following choices BEST describes this authentication method?

Your network infrastructure requires users to authenticate with something they are and something they know. Which of the following choices BEST describes...

The security manager at your company recently updated the security policy. One of the changes requires dual-factor authentication. Which of the following will meet this requirement?

The security manager at your company recently updated the security policy. One of the changes requires dual-factor authentication. Which of the following...

When users log on to their computers, they are required to enter a username, a password, and a PIN. Which of the following choices BEST describes this?

When users log on to their computers, they are required to enter a username, a password, and a PIN. Which of the following choices BEST describes this? A....

Which type of authentication is a fingerprint scan?

Which type of authentication is a fingerprint scan? A. Something you have B. Biometric C. PAP D. One-time password Answer: ...

Your organization is planning to implement remote access capabilities. Management wants strong authentication and wants to ensure that passwords expire after a predefined time interval. Which of the following choices BEST meets this requirement?

Your organization is planning to implement remote access capabilities. Management wants strong authentication and wants to ensure that passwords expire...

A user calls into the help desk and asks the help-desk professional to reset his password. Which of the following choices is the BEST choice for what the help-desk professional should do before resetting the password ?

A user calls into the help desk and asks the help-desk professional to reset his password. Which of the following choices is the BEST choice for what...

Your organization has a password policy with a password history value of 12. What does this indicated?

Your organization has a password policy with a password history value of 12. What does this indicated?  A.Your password must be at least 12...

You are logging on to your bank's web site using your email address and a password. What is the purpose of the email address in this example?

You are logging on to your bank's web site using your email address and a password. What is the purpose of the email address in this example? A....

Management at your company recently decided to implement additional lighting and fencing around the property. Which security goal is your company MOST likely pursing?

Management at your company recently decided to implement additional lighting and fencing around the property. Which security goal is your company MOST...

Your organization recently implemented two servers that act as failover devices for each other. Which security goal is your organization pursuing?

Your organization recently implemented two servers that act as failover devices for each other. Which security goal is your organization pursuing? A.Safety B.Integrity C....

You want to ensure that messages sent from administrators to managers arrive unchanged. Which security goal are you addressing?

You want to ensure that messages sent from administrators to managers arrive unchanged. Which security goal are you addressing?  A. Confidentiality B....

Homer needs to send an email to his HR department with an attachment that includes PII. He wants to maintain the confidentiality of this attachment. Which of the following choices is the BEST choice to meet his needs?

Homer needs to send an email to his HR department with an attachment that includes PII. He wants to maintain the confidentiality of this attachment....

Of the various forms of standardized RAIDs, which two are the most commonly implemented?

Of the various forms of standardized RAIDs, which two are the most commonly implemented? A) RAIDs 1 and 2 B) RAIDs 3 and 5 C) RAIDs 1 and 5 D) RAIDs...

At a minimum, RAID 3 requires ________ drive(s).

At a minimum, RAID 3 requires ________ drive(s).  A) 2 B) 3 C) 1 D) 5 Answer: B)...

Unlike RAID 1, which has no automated error correcting mechanism, RAID ________ uses parity for data recovery.

Unlike RAID 1, which has no automated error correcting mechanism, RAID ________ uses parity for data recovery. A) 1 B) 2 C) 3 D) 5 Answer: C)...

ECC stands for ________.

ECC stands for ________. A) enhanced communications control B) end communications center C) error correcting code D) error control code Answer: C)...

Unlike a mirrored RAID 1, a ________ RAID 1 has separate hard drive controllers for each hard drive.

Unlike a mirrored RAID 1, a ________ RAID 1 has separate hard drive controllers for each hard drive. A) triple B) duplexed C) copied D) single Answer: B)...

_______ uses data stripping at the byte level, but with the addition of parity checking.

_______ uses data stripping at the byte level, but with the addition of parity checking.  A) RAID 0 B) RAID 1 C) RAID 2 D) RAID 3 Answer: D)...

In a mirrored RAID 1, a single hard drive controller is used to manage ________ hard drive(s).

In a mirrored RAID 1, a single hard drive controller is used to manage ________ hard drive(s). A) 2 B) 3 C) 1 D) more than 4 Answer: A)...

____ can be implemented with disk mirroring or disk duplexing.

______ can be implemented with disk mirroring or disk duplexing.  A) RAID 1 B) RAID 2 C) RAID 3 D) RAID 4 Answer: A) RAID...

A ________ is preferred for large data records because multiple drives can be read in parallel if a large record spans more than one drive.

A ________ is preferred for large data records because multiple drives can be read in parallel if a large record spans more than one drive. A) block-level...

Simple disk stripping usually uses block-level stripping but can also be configured for ________-level stripping.

Simple disk stripping usually uses block-level stripping but can also be configured for ________-level stripping. A) bit B) byte C) gigabit D) None...

RAID Level ________ is referred to as simple disk stripping.

RAID Level ________ is referred to as simple disk stripping.  A) 0 B) 1 C) 3 D) 5 Answer: A)...

The six standardized RAID levels are ________.

The six standardized RAID levels are ________.  A) 0 to 100 B) 1 to 20 C) 1 to 10 D) 0 to 5 Answer: D) 0 to...

For an added expense, RAID drive arrays can support ________ drives.

For an added expense, RAID drive arrays can support ________ drives.  A) midline swappable B) warm swappable C) hot swappable D) cold swappable Answer: C)...

SCSI stands for ________.

SCSI stands for ________. A) Sessioned Conversation Stateful Interaction B) Symmetrical Confidential Session Interface C) Small Computer System Interface D)...

RAID is also sometimes referred to as ________.

RAID is also sometimes referred to as ________.  A) Redundant Array of Independent Devices B) Responsive and Instrumental Devices C) Responsive...

RAID stands for ________.

RAID stands for ________. A) Responsive Asymmetrical Internal Devices B) Redundant Array of Inexpensive Devices C) Reactive Alternative Internal...

An integrated security system should incorporate preventive, detective, and ________ measures that are internal and external to the enterprise.

An integrated security system should incorporate preventive, detective, and ________ measures that are internal and external to the enterprise. A)...

In order for a Disaster Recovery Plan to work, some degree of ________ is required.

In order for a Disaster Recovery Plan to work, some degree of ________ is required. A) repudiation B) inconsistency C) redundancy D) scanning Answer: C)...

A network is both ________ and ________ vulnerable.

A network is both ________ and ________ vulnerable.  A) clerically, systematically B) sensically, instantly C) logically, physically D) publicly,...

Which of the following is NOT one of the four types of filtering that a firewall can perform?

Which of the following is NOT one of the four types of filtering that a firewall can perform?  A) application B) stateful packet inspection C)...

A successful cipher must make it difficult for an encrypted message to be viewed in its ________ form, without the use of the cryptographic key.

A successful cipher must make it difficult for an encrypted message to be viewed in its ________ form, without the use of the cryptographic key. A)...

______ is the science of ensuring that data and information cannot be easily understood or modified by unauthorized individuals.

______ is the science of ensuring that data and information cannot be easily understood or modified by unauthorized individuals. A) Cryptography B)...

Which of the following is NOT one of the CAIN components?

Which of the following is NOT one of the CAIN components? A) disaster protection B) confidentiality C) integrity D) access Answer: A) disaster...

A(n) ________ is an alternative facility where an organization can restore all or a portion of its business-critical systems within a short amount of time.

A(n) ________ is an alternative facility where an organization can restore all or a portion of its business-critical systems within a short amount of...

DRP stands for ________.

DRP stands for ________.  A) digital recovery plan B) dividing rumor protocol C) disaster recovery plan D) dichotic recovery protocol Answer: C)...

_______ is an application that searches out Internet-connected devices looking for open well-known port service accesses.

_______ is an application that searches out Internet-connected devices looking for open well-known port service accesses. A) Port scanning B) Proxy...

SPI stands for ________.

SPI stands for ________.  A) stateful packet inspection B) scan packet integration C) session packet inspection D) scanning proxy integration Answer: A)...

A(n) ________, also called a circuit-level gateway, evaluates not only a packet's source and destination addresses, but also the circuits that have been established for the packet's communication.

A(n) ________, also called a circuit-level gateway, evaluates not only a packet's source and destination addresses, but also the circuits that have...

________ are also called proxy firewalls or application-layer gateways.

________ are also called proxy firewalls or application-layer gateways.  A) Encryption firewalls B) Address firewalls C) Application firewalls D)...

What is the term for the attack that occurs when a filter is tricked into believing a packet is coming from an addressed device different from its true originating source?

What is the term for the attack that occurs when a filter is tricked into believing a packet is coming from an addressed device different from its true...

DMZ stands for ________.

DMZ stands for ________.  A) digital machine zone B) deviced machine zone C) demilitarized zone D) disaster machination zone Answer: C)...

As a barrier between the outside world and the enterprise, a(n) ________ is configured to keep out unauthorized individuals who are attempting to attack or penetrate the enterprise.

As a barrier between the outside world and the enterprise, a(n) ________ is configured to keep out unauthorized individuals who are attempting to attack...

PKI stands for ________.

PKI stands for ________.  A) Proxy Key Infrastructure B) Public Key Infrastructure C) Public Kinetic Infrastructure D) Private Key Infrastructure Answer: B)...

A(n) ________ key is a key pair that is renewed, or changed, periodically.

A(n) ________ key is a key pair that is renewed, or changed, periodically.  A) session B) plan C) packet D) integrated Answer: A) se...

With asymmetric ciphers, two separate keys are used. What are they?

With asymmetric ciphers, two separate keys are used. What are they? A) an integrated key and a non-integrated key B) a public key and a private key C)...

The two major branches of cryptography into which ciphers generally fall are ________.

The two major branches of cryptography into which ciphers generally fall are ________. A) integrated and non-integrated B) encrypted and unencrypted C)...

The Caesar cipher, or mapping, used what language as the alphabet?

The Caesar cipher, or mapping, used what language as the alphabet?  A) Gaelic B) Spanish C) Italian D) Latin Answer: D) Lat...

In combination with the cipher, what is used to encode and decode data?

In combination with the cipher, what is used to encode and decode data?  A) a card B) a key C) a signature D) a certificate Answer: B)...

A(n) ________ is the systematic attempt by an unauthorized individual to discover the cleartext form of the data from its encrypted form.

A(n) ________ is the systematic attempt by an unauthorized individual to discover the cleartext form of the data from its encrypted form. A) exchange B)...

What is the term used for a cryptographic method that uses a key pair, one key to encode data and a second different key to decode?

What is the term used for a cryptographic method that uses a key pair, one key to encode data and a second different key to decode? A) Session Key B)...

In order to transform the data from cleartext to a scrambled or "encrypted" form, ________ is used.

In order to transform the data from cleartext to a scrambled or "encrypted" form, ________ is used. A) a Session Key B) cleartext C) a Public Key...

Data in its raw form is referred to as being "plaintext" or ________.

Data in its raw form is referred to as being "plaintext" or ________.  A) alphabetical B) symmetrical C) cryptogram D) cleartext Answer: D)...

_____ is the science of ensuring that data and information cannot be easily understood or modified by unauthorized individuals.

_____ is the science of ensuring that data and information cannot be easily understood or modified by unauthorized individuals. A) Cryptology B)...

What is the term used for the activity of rendering data useless to anyone who might wrongfully intercept it?

What is the term used for the activity of rendering data useless to anyone who might wrongfully intercept it? A) de-scrambling B) mixing C) scrambling D)...

What two things are common means of providing for verification that those who are accessing enterprise data are authorized to do so?

What two things are common means of providing for verification that those who are accessing enterprise data are authorized to do so? A) scanning...

Every data communication has ________.

Every data communication has ________.  A) a digifier and a resender B) sender and a receiver C) a user and a recipient D) a scrambler and a...

In relation to enterprise security, ________ means that only those who have the right to do so can modify data and information.

In relation to enterprise security, ________ means that only those who have the right to do so can modify data and information. A) interrogation B)...

A common means of authentication is a requirement that each user of the enterprise has an authorized ________.

A common means of authentication is a requirement that each user of the enterprise has an authorized ________. A) name and userid B) userid and password C)...

One way to assure availability of data is to implement forms of ________ for fault tolerance.

One way to assure availability of data is to implement forms of ________ for fault tolerance.  A) scrambling B) redundancy C) communication D)...

______ confirms that the user attempting to use a networked resource has been given appropriate rights and privileges to that resource.

_______ confirms that the user attempting to use a networked resource has been given appropriate rights and privileges to that resource. A) Authentication B)...