Which one of the following formulas best describes the relationship among the concepts of risk, threat, and vulnerability?

Which one of the following formulas best describes the relationship among the concepts of risk, threat, and vulnerability? a. Threat = Vulnerability...

What type of risk management is used when a risk is identified and evaluated, but it is determined that the cost of the technology needed to reduce the risk is too expensive and will not be purchased?

What type of risk management is used when a risk is identified and evaluated, but it is determined that the cost of the technology needed to reduce...

What category of common control categories does a locked door belong to?

What category of common control categories does a locked door belong to? a. Administrative b. Logical c. Physical d. Technical Answer: c....

Assume you have developed a new cryptosystem that uses 4-bit keys. How many possible keys exist in your cryptosystem?

Assume you have developed a new cryptosystem that uses 4-bit keys. How many possible keys exist in your cryptosystem? a. 8 b. 16 c. 32 d. 64 Answer: b....

Which of the following is not a disaster recovery facility?

Which of the following is not a disaster recovery facility? a. Hot site b. Warm site c. Cold site d. Cool site Answer: d. Cool sit...

Which of the following terms describes the expected loss each time a given risk occurs?

Which of the following terms describes the expected loss each time a given risk occurs? a. ALE b. AV c. SLE d. EF Answer: c. SL...

There are two IP header fields that are important in datagram fragmentation and reassembly. One is Total Length, what is the other?

There are two IP header fields that are important in datagram fragmentation and reassembly. One is Total Length, what is the other? a. Type of Service b....

What is the term used to describe a set of external circumstances that may allow a vulnerability to be exploited?

What is the term used to describe a set of external circumstances that may allow a vulnerability to be exploited? a. Vulnerability b. Risk c. Threat d....

What option of managing risk is used when an administrator takes preventative measures to reduce the risk posed to an asset?

What option of managing risk is used when an administrator takes preventative measures to reduce the risk posed to an asset? a. Risk avoidance b....

What type of authentication do you use when you withdraw cash from an ATM?

What type of authentication do you use when you withdraw cash from an ATM? a. Type 1 and Type 2 b. Type 1 and Type 3 c. Type 1 d. Type 2 Answer: a....

What term is used to describe the condition where users change roles within an organization but retain the access rights of their previous positions?

What term is used to describe the condition where users change roles within an organization but retain the access rights of their previous positions? a....

If you want to send a message to someone using an asymmetric cryptosystem what key should you use to encrypt the message?

If you want to send a message to someone using an asymmetric cryptosystem what key should you use to encrypt the message? a. Your public key b....

A hacker gaining access to your system and reading confidential information is an action that constitutes which DAD component?

A hacker gaining access to your system and reading confidential information is an action that constitutes which DAD component? a. Disclosure b....

Access control supports data confidentiality and what other security component?

Access control supports data confidentiality and what other security component? a. Integrity b. Denial c. Availability d. Disclosure Answer: a....

What classification label is often applied to information that a company deems does not require classification protections?

What classification label is often applied to information that a company deems does not require classification protections? a. Unclassified b. Proprietary c....

What cryptographic goal attempts to prove that a message was sent from the person that sent it and was not forged?

What cryptographic goal attempts to prove that a message was sent from the person that sent it and was not forged? a. Confidentiality b. Nonrepudiation c....

Which of the security approach involves creating layers of security beginning with the points of access to a network and continuing with cascading layers of security at various points?

Which of the security approach involves creating layers of security beginning with the points of access to a network and continuing with cascading layers...

Which protocol is utilized by the ping command to determine whether a host is active on the network?

Which protocol is utilized by the ping command to determine whether a host is active on the network? a. UDP b. FTP c. ICMP d. IP Answer: c....

If you receive a digitally signed message, what cryptographic key should you use to verify the digital signature?

If you receive a digitally signed message, what cryptographic key should you use to verify the digital signature? a. The sender's public key b....

What is the default port used for a DNS server?

What is the default port used for a DNS server? a. 23 b. 53 c. 43 d. 63 Answer: b. 5...

What layer of the OSI model includes the encryption and decryption data transmitted over the network?

What layer of the OSI model includes the encryption and decryption data transmitted over the network? a. Application b. Presentation c. Transport d....

Access and activity monitoring supports what security principle?

Access and activity monitoring supports what security principle? a. Availability b. Least privilege c. Accountability d. Liability Answer: c....

Which of the security components of CIA fails when disclosure occurs?

Which of the security components of CIA fails when disclosure occurs? a. Confidentiality b. Availability c. Integrity d. None of the above Answer: a....

Which CIA component involves protecting data from alteration by unauthorized users?

Which CIA component involves protecting data from alteration by unauthorized users? a. Confidentiality b. Integrity c. Availability d. Alteration Answer: b....

Which one of the types of policies we learned about should provide broad categories of data that will be protected under the policy?

Which one of the types of policies we learned about should provide broad categories of data that will be protected under the policy? a. Backup policy b....

What type of policy should outline where the backup media should be stored?

What type of policy should outline where the backup media should be stored? a. Backup policy b. Data retention policy c. Acceptable use policy d....

Which one of the following types of attacks is not normally considered a malicious code object?

Which one of the following types of attacks is not normally considered a malicious code object? a. Virus b. DoS c. Worm d. Trojan horse Answer: b....

What are the mechanisms we put in place to allow or disallow object access called?

What are the mechanisms we put in place to allow or disallow object access called? a. subjects b. objects c. keys d. controls Answer: d....

Which of the following is not a hash function?

Which of the following is not a hash function? a. SHA-256 b. MD4 c. PGP d. MD5 Answer: c. PG...

What type of extinguisher should be used on fires involving combustible metals?

What type of extinguisher should be used on fires involving combustible metals? a. Class A b. Class B c. Class C d. Class D Answer: d....

What is an SSO system?

What is an SSO system? a. Single sign-on b. Single secure opening c. Secure signal operation d. Single secure operation Answer: a. Single...

What government security classification applies to materials that if disclosed to unauthorized individuals, would cause damage to the national security of the United States?

What government security classification applies to materials that if disclosed to unauthorized individuals, would cause damage to the national security...

Which type of attack uses a list of common passwords to gain unauthorized access to sensitive objects?

Which type of attack uses a list of common passwords to gain unauthorized access to sensitive objects? a. Brute force attack b. Spoofing attack c....

Which cryptographic algorithm was designed to replace the outdated Data Encryption Standard?

Which cryptographic algorithm was designed to replace the outdated Data Encryption Standard? a. RSA b. IDEA c. PGP d. AES Answer: d. AE...

What is the rate at which a biometric device rejects valid subjects?

What is the rate at which a biometric device rejects valid subjects? a. FAR b. FRR c. CER d. CDC Answer: b. FR...

Which valuation method puts a dollar value on an asset corresponding to the cost the organization would incur if the asset had to be replaced at market prices?

Which valuation method puts a dollar value on an asset corresponding to the cost the organization would incur if the asset had to be replaced at market...

Which of the following threats is commonly considered to be the most dangerous?

Which of the following threats is commonly considered to be the most dangerous? a. Hackers b. Malicious code c. Insiders d. Natural disasters Answer: c....

Which general security principle dictates that no single user should have enough authority to commit a serious computer crime?

Which general security principle dictates that no single user should have enough authority to commit a serious computer crime? a. Defense in depth b....

T/F: The checklist review is the simplest and least labor-intensive of the DRP tests.

T/F: The checklist review is the simplest and least labor-intensive of the DRP tests. Answer: Tr...

T/F: The TCP protocol operates at the Data Link OSI layer.

T/F: The TCP protocol operates at the Data Link OSI layer. Answer: Fal...

T/F: Warm sites contain all of the hardware, software, and data necessary to assume primary processing responsibility.

T/F: Warm sites contain all of the hardware, software, and data necessary to assume primary processing responsibility. Fal...

T/F: Asymmetric cryptosystems make use of both private and public keys.

T/F: Asymmetric cryptosystems make use of both private and public keys. Tr...

T/F: Electronic emanations pose a significant threat to data confidentiality.

T/F: Electronic emanations pose a significant threat to data confidentiality. Tr...

T/F: A TCP header includes information about that destination port used for the communication.

T/F: A TCP header includes information about that destination port used for the communication. Tr...

T/F: Symmetric cryptosystems can be used to achieve non repudiation.

T/F: Symmetric cryptosystems can be used to achieve non repudiation. Answer: Fal...

Alan is a security administrator responsible for the protection of his company's Web site. He's particularly worried about the potential that malicious individuals might conduct a defacement attack and replace text somewhere on his site with information that might damage his company's reputation. What tool can best assist Alan in the detection of defacement attack?

Alan is a security administrator responsible for the protection of his company's Web site. He's particularly worried about the potential that malicious...

Which of the following activities does SAINT perform when conducting a security assessment?

Which of the following activities does SAINT perform when conducting a security assessment? (Choose all that apply.) a. Scan for active hosts. b....

What is the best source for obtaining vulnerability checklists for a particular operating system?

What is the best source for obtaining vulnerability checklists for a particular operating system? a. Friends and family b. The operating system...

What is the main purpose of the Tripwire security tool?

What is the main purpose of the Tripwire security tool? a. Integrity assurance b. Intrusion detection c. Perimeter protection d. Vulnerability...

What information security tool is designed specifically to detect services running on networked systems and has the capability to "fingerprint" those systems and services?

What information security tool is designed specifically to detect services running on networked systems and has the capability to "fingerprint" those...

Which one of the following vulnerability scanning tools is specifically designed to detect security deficiencies in systems running the Windows operating system?

Which one of the following vulnerability scanning tools is specifically designed to detect security deficiencies in systems running the Windows operating...

Which one of the following vulnerability scanning tools uses an open-source scripting language that allows administrators around the world to easily write vulnerability tests and share them with other security professionals?

Which one of the following vulnerability scanning tools uses an open-source scripting language that allows administrators around the world to easily...

What type of checklist provides high-level guidance on the conduct of a security audit for specific classes of systems?

What type of checklist provides high-level guidance on the conduct of a security audit for specific classes of systems? a. Audit checklist b. Debug...

What type of checklist provides detailed information on the software that should be installed on different types of systems?

What type of checklist provides detailed information on the software that should be installed on different types of systems? a. Audit checklist b....

What type of UNIX syslog event is primarily of interest to software developers troubleshooting application?

What type of UNIX syslog event is primarily of interest to software developers troubleshooting application? a. LOG_CRIT b. LOG_ALERT c. LOG_EMERG d....

What type of UNIX syslog event normally requires the immediate notification of all system users?

What type of UNIX syslog event normally requires the immediate notification of all system users? a. LOG_CRIT b. LOG_ALERT c. LOG_EMERG d. LOG_WARN e....

_______ are commonly used to create an unalterable hard copy of system log files.

_______ are commonly used to create an unalterable hard copy of system log files. Answer: Printer loggi...

Which of the following log security technologies is prone to unauthorized interim modification of the log files?

Which of the following log security technologies is prone to unauthorized interim modification of the log files? a. Printer logging b. Remote logging c....

Which of the following are critical questions that must be addressed when developing a log analysis policy?

Which of the following are critical questions that must be addressed when developing a log analysis policy? (Choose all that apply.) a. What anomalies...

Which of the following would be used to log the successful starting of a Windows service in Event Viewer?

Which of the following would be used to log the successful starting of a Windows service in Event Viewer? a. Information event b. Auditing event c....

Which one of the following events may be triggered by an unsuccessful Windows logon attempt?

Which one of the following events may be triggered by an unsuccessful Windows logon attempt? a. Information event b. Auditing event c. Error event d....

Which of the following Event Viewer log files are found on all systems running the Windows operating system?

Which of the following Event Viewer log files are found on all systems running the Windows operating system? (Choose all that apply.) a. Directory...

Which of the following are commonly used criteria to determine when log files should be overwritten? (Choose all that apply.)

Which of the following are commonly used criteria to determine when log files should be overwritten? (Choose all that apply.) a. Chronological time b....

Which of the following are major reasons that extraneous events should not be logged? (Choose all that apply.)

Which of the following are major reasons that extraneous events should not be logged? (Choose all that apply.) a. Overlogging can degrade system...

_______ provide an easy way to standardize procedures for the performance of routine tasks (such as configuring a system) throughout an organization.

_______ provide an easy way to standardize procedures for the performance of routine tasks (such as configuring a system) throughout an organizatio...

What type of assessments should you perform when assessing your company's security risks?

What type of assessments should you perform when assessing your company's security risks? (Choose all that apply.) a. Qualitative b. Quality assurance c....

If your main goal in risk assessment is to find out the top five most critical risks to your organization, which method would you most likely choose?

If your main goal in risk assessment is to find out the top five most critical risks to your organization, which method would you most likely choose? a....

What common threat is pervasive in UNIX and Windows and most often overlooked, but should be easy to fix?

What common threat is pervasive in UNIX and Windows and most often overlooked, but should be easy to fix? a. IIS Web server vulnerabilities b. RPC...

Which of the following are valid uses for keystroke monitoring?

Which of the following are valid uses for keystroke monitoring? (Choose all that apply.) a. Surveillance of a user suspected of inappropriate activity b....

Which common operating system threat is nearly always due to sloppy programming practices?

Which common operating system threat is nearly always due to sloppy programming practices? a. Impersonation b. Malicious code c. Back doors d....

Which of the following describes a system backup? (Choose all that apply.)

Which of the following describes a system backup? (Choose all that apply.) a. The only way to recover from data loss b. Possibly your best insurance c....

What structure does UNIX use to store file access permissions?

What structure does UNIX use to store file access permissions? a. Mode field b. Group Policy object c. Domain d. Trusted hosts file Answer: a....

What is a Windows domain?

What is a Windows domain? a. Trusted computers with exclusive user lists b. A logical grouping of directory objects that can share security information c....

UNIX security design is based on what basic concept?

UNIX security design is based on what basic concept? a. Large market structure b. Active Directory c. File permissions d. Access control lists Answer: c....

Windows security design is based on what basic concept?

Windows security design is based on what basic concept? a. Large market structure b. Active Directory c. File permissions d. Access control lists Answer: b....

What is a control?

What is a control? a. A physical device that authenticates users b. Any software that limits access to an object c. A policy that provides information...

What is the common term for increasing the security level of a system by addressing all known vulnerabilities?

What is the common term for increasing the security level of a system by addressing all known vulnerabilities? a. Securing b. Hardening c. Anchoring d....

What layer of software intercepts all resources access requests to perform authorization of the request?

What layer of software intercepts all resources access requests to perform authorization of the request? a. Control b. Security object service c....

What was the first area of security that many older operating systems addressed?

What was the first area of security that many older operating systems addressed? a. Confidentiality b. Integrity c. Availability d. Encryption Answer: a....

What resources do operating systems manage?

What resources do operating systems manage? a. Encryption keys, storage devices, and network software b. Primary and secondary storage, software...

Which one of the following rules protects the firewall itself from external attack?

Which one of the following rules protects the firewall itself from external attack? a. Stealth rule b. Denial rule c. Cleanup rule d. Firewall...

Which one of the following rules enforces the "Deny everything that is not explicitly allowed" policy?

Which one of the following rules enforces the "Deny everything that is not explicitly allowed" policy? a. Stealth rule b. Denial rule c. Cleanup...

Which one of the following firewall action results in an error message being returned to the originator of a packet?

Which one of the following firewall action results in an error message being returned to the originator of a packet? a. Deny b. Ignore c. Log d....

How many connections should exist between a screened subnet and the protected internal network?

How many connections should exist between a screened subnet and the protected internal network? a. 0 b. 1 c. 2 d. 3 or more Answer: a....

Which one of the following ports is likely to be the source port of a client request to view a Web page?

Which one of the following ports is likely to be the source port of a client request to view a Web page? a. 25 b. 80 c. 110 d. 2194 Answer: d....

Which of the following firewall topologies may be implemented with the use of only one firewall system?

Which of the following firewall topologies may be implemented with the use of only one firewall system? (Choose all that apply.) a. Dual firewall b....

What type of firewall always monitors a connection for the three-way handshaking process?

What type of firewall always monitors a connection for the three-way handshaking process? a. Hardware firewall b. Packet filtering firewall c....

In a typical client/server communication, where the client requests a Web page from a server, how many different ports are involved?

In a typical client/server communication, where the client requests a Web page from a server, how many different ports are involved? a. 1 b. 2 c....

Which of the following statements are true?

Which of the following statements are true? a. Only hardware firewalls are capable of performing stateful inspection. b. Only software firewalls...

Angie is the network administrator for a small e-commerce business. Her organization uses a screened subnet firewall approach. She's installing a Web server that contains information that should be accessible to external users. Where should she place the server?

Angie is the network administrator for a small e-commerce business. Her organization uses a screened subnet firewall approach. She's installing a Web...

Which of the following benefits are achieved by a proxy server?

Which of the following benefits are achieved by a proxy server? (Choose all that apply.) a. Optimizes use of network bandwidth b. Prevents denial...

John is the security administrator for a network that has exclusive use of the 129.83.0.0 IP address range. The network is connected to a trusted network in another city that uses the 129.84.0.0 address range. He would like to configure egress filtering on his network. Which one of the following rules achieves that goal?

John is the security administrator for a network that has exclusive use of the 129.83.0.0 IP address range. The network is connected to a trusted network...

Which of the following security activities may be carried out by a router?

Which of the following security activities may be carried out by a router? (Choose all that apply.) a. Packet filtering b. Stateful inspection c....

Which one of the following is NOT commonly used to prevent malicious activity from entering a network?

Which one of the following is NOT commonly used to prevent malicious activity from entering a network? a. Router b. Intrusion detection system c....

What is the minimum total number of network interface cards used in a dual firewall topology?

What is the minimum total number of network interface cards used in a dual firewall topology? a. 2 b. 3 c. 4 d. 6 Answer: c. ...

Which type of attack involves an attempt to convince an authorized user to disclose secure data or allow unauthorized access?

Which type of attack involves an attempt to convince an authorized user to disclose secure data or allow unauthorized access? a. Man-in-the-middle b....

Which type of attack tries every possible combination of characters to guess a password?

Which type of attack tries every possible combination of characters to guess a password? a. DoS b. Brute force c. Scanning d. Man-in-the-middle Answer: b....

What characteristic makes a logic bomb different from a worm?

What characteristic makes a logic bomb different from a worm? a. A logic bomb contains at least one virus, whereas a worm is a standalone program. b....

What is the main difference between a virus and a worm?

What is the main difference between a virus and a worm? a. A virus can do more damage than a worm. b. Worms work only in background mode. c. A...

Which is the best description of information system forensics?

Which is the best description of information system forensics? a. The analysis of a system with the purpose of finding evidence of criminal activity b....

What is evidence?

What is evidence? a. Any hardware, software, or data that can be used to verify the identity or activity of an attacker b. Any hardware, software,...

What is malicious code?

What is malicious code? a. Executable code that contains hidden entry points for developers to use to bypass access controls b. Any program, procedure,...

What is a system compromise?

What is a system compromise? a. Any unauthorized access to a system b. Unauthorized access to a system that results in data modification c. Unauthorized...

What is a scanning incident?

What is a scanning incident? a. Systematically searching a computer system for installed software b. Systematically dialing telephone numbers to...

What is an incident?

What is an incident? a. Any violation of the security policy b. Any violation of a law or regulation that involves a computer c. Any attack that...

Which of the following are common types of attacks?

Which of the following are common types of attacks? (Choose all that apply.) a. Fun attacks b. Financial attacks c. Iterative attacks d. Nonlinear...

What is a computer crime?

What is a computer crime? a. Any violation of the security policy b. Any attack that results in losses exceeding $5,000 c. Any attack that involves...

What are the main goals of an attacker?

What are the main goals of an attacker? a. To bring about data confidentiality, integrity, and availability b. To bring about data disclosure, integrity,...

What is an attack?

What is an attack? a. An attempt to damage information system hardware b. An attempt to gain unauthorized access to a system or to deny authorized...

Which one of the following ports is likely to be the source port of a client request to view a Web page?

Which one of the following ports is likely to be the source port of a client request to view a Web page? a. 25 b. 80 c. 110 d. 2194 Answer: d....

All of the following avenues of accessing a firewall's management interface should be limited, restricted, or disabled except:

All of the following avenues of accessing a firewall's management interface should be limited, restricted, or disabled except: A. Wireless B. Telnet C....

The most important configuration element related to a firewall's management interface is:

The most important configuration element related to a firewall's management interface is: A. Access over wireless is prevented. B. Access through...

What is the name of a single device that is based on a firewall but that has been expanded and improved to perform a wide variety of services, such as filtering, IPS, antivirus scanning, anti-spam filtering, VPN endpoint hosting, content filtering, load-balancing, and detailed logging?

What is the name of a single device that is based on a firewall but that has been expanded and improved to perform a wide variety of services, such...

What is the primary factor used to distinguish a great firewall enhancement from a marketing gimmick used to drive up sales?

What is the primary factor used to distinguish a great firewall enhancement from a marketing gimmick used to drive up sales? A. Does the enhanced firewall...

What form of encryption allows a firewall to filter based on the original source and destination address?

What form of encryption allows a firewall to filter based on the original source and destination address? (Assume the firewall is located along the...

When a firewall is able to process packets, filter malicious code, and transmit authorized communications onward to their destination without introducing latency or lag, this is known as operating at

When a firewall is able to process packets, filter malicious code, and transmit authorized communications onward to their destination without introducing...

Which of the following limitations or potential weaknesses of a firewall cannot be fixed or corrected with the application of an update or patch?

Which of the following limitations or potential weaknesses of a firewall cannot be fixed or corrected with the application of an update or patch? A....

The performance of what type of communication session can be improved using caching on a firewall?

The performance of what type of communication session can be improved using caching on a firewall? A. Instant messaging B. Remote access C. E-mail D....

Which of the following is not related to improving or maintaining the performance of a firewall?

Which of the following is not related to improving or maintaining the performance of a firewall? A. Native antivirus scanning B. Round-robin task...

Which of the following is not a limitation or potential weakness of a firewall?

Which of the following is not a limitation or potential weakness of a firewall? A. Firewalking B. Software bugs or flaws C. Using first match apply...

What is the biggest issue or problem with an IDS?

What is the biggest issue or problem with an IDS? A. False positives B. Failing to operate at wirespeed C. False negatives D. Keeping the pattern...

Which of the following is an event found in a firewall log file that is a symptom of a rogue host operating within the private network?

Which of the following is an event found in a firewall log file that is a symptom of a rogue host operating within the private network? A. Packets...

All of the following events appearing in a firewall log warrant investigation by an administrator except:

All of the following events appearing in a firewall log warrant investigation by an administrator except: A. Firewall host reboot B. A connection...

Which of the following is a highly recommended method or technique for keeping firewall logs secure and uncorrupted?

Which of the following is a highly recommended method or technique for keeping firewall logs secure and uncorrupted? A. Storing them in binary form B....

You can use firewall logging to perform all of the following activities except:

You can use firewall logging to perform all of the following activities except: A. Discovering new methods or techniques of attack B. Creating a...

When an organization first deploys a firewall and chooses to begin logging activity, what should you include in the log file?

When an organization first deploys a firewall and chooses to begin logging activity, what should you include in the log file? A. Only malicious...

What mechanism allows a firewall to hand off authentication to a dedicated service hosted on a different system?

What mechanism allows a firewall to hand off authentication to a dedicated service hosted on a different system? A. IEEE 802.11 B. RFC 1918 C....

The default-deny rule appears where in the rule set?

The default-deny rule appears where in the rule set? A. First B. After any explicit Allow rules C. Anywhere D. Last E. After any explicit Deny...

Which of the following is a default-deny rule?

Which of the following is a default-deny rule? A. TCP ANY ANY ANY ANY Deny B. TCP 192.168.42.0/24 ANY ANY ANY Deny C. TCP ANY 192.168.42.0/24 ANY...

Which of the following is a firewall rule that prevents internal users from accessing public FTP sites?

Which of the following is a firewall rule that prevents internal users from accessing public FTP sites? A. TCP ANY ANY ANY FTP Deny B. TCP 192.168.42.0/24...

What is the primary purpose of a post-mortem assessment review?

What is the primary purpose of a post-mortem assessment review? A. Reducing costs B. Adding new tools and resources C. Placing blame on an individual D....

The purpose of a post-mortem assessment review is to learn from mistakes, improve the process in future events, and avoid a recurrence of the same mistakes. True or False

The purpose of a post-mortem assessment review is to learn from mistakes, improve the process in future events, and avoid a recurrence of the same mistakes....

What is the key factor that determines how valuable and relevant a vulnerability assessment's report is?

What is the key factor that determines how valuable and relevant a vulnerability assessment's report is? A. Timeliness of the database B. Whether...

Vulnerability scanning focuses on mitigating known exploitable weaknesses or vulnerabilities in deployed systems. True or False?

Vulnerability scanning focuses on mitigating known exploitable weaknesses or vulnerabilities in deployed systems. True or False? Answer: Fal...

Which of the following is not typically considered a form of network security assessment in terms of how well existing security stands up to current threats?

Which of the following is not typically considered a form of network security assessment in terms of how well existing security stands up to current...

Which of the following is a true statement with regard to compliance auditing?

Which of the following is a true statement with regard to compliance auditing? A. Compliance auditing is a legally mandated task for every organization. B....

Which of the following is not a potential hazard when installing patches or updates?

Which of the following is not a potential hazard when installing patches or updates? A. Resetting configuration back to factory defaults B. Reducing...

The purpose of a security checklist is:

The purpose of a security checklist is: A. To keep an inventory of equipment in the event of a disaster B. To create a shopping list for replacement...

The best network security management tools include all of the following except:

The best network security management tools include all of the following except: A. Complete inventory of equipment B. Written security policy C....

All of the following are common mistakes or security problems that should be addressed in awareness training except:

All of the following are common mistakes or security problems that should be addressed in awareness training except: A. Opening e-mail attachments...

What is the only protection against data loss?

What is the only protection against data loss? A. Integrity checking B. Encryption C. Traffic filtering D. Backup and recovery E. Auditing ...

Which of the following types of security components are important to install on all hosts?

Which of the following types of security components are important to install on all hosts? A. Firewall B. Antivirus C. Whole hard drive encryption D....

The task of compartmentalization is focused on assisting with what overarching security concern?

The task of compartmentalization is focused on assisting with what overarching security concern? A. Limiting damage caused by intruders B. Filtering...

Incident response is the planned reaction to negative situations or events. Which of the following is not a common step or phase in an incident response?

Incident response is the planned reaction to negative situations or events. Which of the following is not a common step or phase in an incident response? A....

A complete and comprehensive security approach needs to address or perform two main functions. The first is to secure assets and the second is:

A complete and comprehensive security approach needs to address or perform two main functions. The first is to secure assets and the second is: A....

The purpose of physical security access control is to:

The purpose of physical security access control is to: A. Grant access to external entities. B. Prevent external attacks from coming through the...

A firewall host that fails and reverts to a state where all communication between the Internet and the DMZ is cut off displays a type of defense known as:

A firewall host that fails and reverts to a state where all communication between the Internet and the DMZ is cut off displays a type of defense known...

Which of the following cannot be performed adequately using an automated tool?

Which of the following cannot be performed adequately using an automated tool? A. Checking for current patches B. Confirming configuration settings C....

All of the following are elements of an effective network security installation except:

All of the following are elements of an effective network security installation except: A. Backup and restoration B. User training and awareness C....

All of the following are examples of network security management best practices except:

All of the following are examples of network security management best practices except: A. Using multifactor authentication B. Backing up C. HavBacking...

All of the following are examples of network security management best practices except:

All of the following are examples of network security management best practices except: A. Avoiding remote access B. Purchasing equipment from a...

All of the following are examples of network security management best practices except:

All of the following are examples of network security management best practices except: A. Writing a security policy B. Obtaining senior management...

When configuring node security on a switch, all of the following are important elements except:

When configuring node security on a switch, all of the following are important elements except: A. Enabling keystroke logging B. Limiting access...

When performing node security on a router, all of the following are important concerns, except:

When performing node security on a router, all of the following are important concerns, except: A. Blocking all directed IP broadcasts B. Disabling...

Which of the following is a protection against a single point of failure?

Which of the following is a protection against a single point of failure? A. Encryption B. Filtering C. Auditing D. Redundancy E. VPNs Answe...

A remote host has all of the following additional security issues or concerns in comparison with a local host except:

A remote host has all of the following additional security issues or concerns in comparison with a local host except: A. Potential exposure to unfiltered...

What is the essential purpose or function of encryption?

What is the essential purpose or function of encryption? A. Verifying integrity B. Proving the identity of endpoints C. Protecting content from...

What is the essential purpose or function of accounting?

What is the essential purpose or function of accounting? A. Detecting intrusions B. Proving identity C. Controlling access to assets D. Recording...

What is the essential purpose or function of authorization?

What is the essential purpose or function of authorization? A. Granting or denying access to resources B. Checking policy compliance C. Identifying...

What is the essential purpose or function of authentication?

What is the essential purpose or function of authentication? A. Controlling access to resources B. Monitoring for security compliance C. Watching...

Which of the following is not usually part of the system hardening process?

Which of the following is not usually part of the system hardening process? A. Updating hardware firmware or BIOS B. Installing additional RAM C....

System hardening should be applied to all of the following except:

System hardening should be applied to all of the following except: A. Clients B. Servers C. Switches D. Routers E. Cable adapters Answer:...

All of the following are true statements about system hardening except:

All of the following are true statements about system hardening except: A. System hardening is a one-time process that does not need to be repeated...

All of the following are elements of system hardening except:

All of the following are elements of system hardening except: A. Removing unnecessary protocols, services, and applications B. Implement ingress...

What is a primary benefit of system hardening?

What is a primary benefit of system hardening? A. It reduces user performance. B. It increases network throughput. C. It decreases the attack surface. D....

Which of the following is a flaw or weakness that both static and dynamic addressing share?

Which of the following is a flaw or weakness that both static and dynamic addressing share? A. The assignment server can go offline. B. Changes...

How can static addresses be simulated with DHCP?

How can static addresses be simulated with DHCP? A. Round robin assignment B. Manual configuration on each host C. Duplicate MAC addresses D....

Why would a network implement public addresses internally instead of private addresses?

Why would a network implement public addresses internally instead of private addresses? A. To avoid the use of NAT B. To be able to custom subnet C....

Which of the following is a benefit of private addressing that is not present in public addressing?

Which of the following is a benefit of private addressing that is not present in public addressing? A. Isolation from the Internet B. Subnetting C....

Personal bias, tradition, and sunk cost should always guide your security design decisions. If it isn't broken, don't fix it. True or False?

Personal bias, tradition, and sunk cost should always guide your security design decisions. If it isn't broken, don't fix it. True or False? Answ...

All of the following are elements of network design except:

All of the following are elements of network design except: A. Satisfying security goals B. Understanding of the seven domains of IT infrastructure C....

Which of the following is not an important factor when included as part of network design?

Which of the following is not an important factor when included as part of network design? A. Usability B. Capacity C. Obscurity D. Growth E....

Which IT infrastructure domain does not require firewalls to be included as part of its network design?

Which IT infrastructure domain does not require firewalls to be included as part of its network design? A. Workstation Domain B. LAN Domain C. User...

What is the purpose of suspending a digital certificate rather than revoking it?

What is the purpose of suspending a digital certificate rather than revoking it? Answer: To limit use of a certificate after an employee temporarily...

How does an attacker successfully alter a message that was sent with a digital certificate?

How does an attacker successfully alter a message that was sent with a digital certificate? Answer: By intercepting a message, creating imposter...

What is concerning about entry-level certificates?

What is concerning about entry-level certificates? Answer: They only authenticate that an institution has a specific domain nam...

On which of the following devices is IPsec likely to be implemented?

On which of the following devices is IPsec likely to be implemented? a. Network Analyzer b. Router c. Hub d. Switch Answer: Route...

Which of the following is used to digitally sign a certificate?

Which of the following is used to digitally sign a certificate? a. RA b. CA Private key c. CSR d. CA Public key Answer: b. CA Private ke...

If a browser cannot connect to the OSCP responder, what does the browser receive in return?

If a browser cannot connect to the OSCP responder, what does the browser receive in return? Answer: Soft-fai...

Why would an administrator NOT renew a key?

Why would an administrator NOT renew a key? Answer: Renewing keys continues their lifespan, making them less reliabl...

What is involved in key escrow?

What is involved in key escrow? Answer: The key is split in two halves, then encrypted by a third part...

A hierarchical trust model signs digital certificate authorities with how many keys?

A hierarchical trust model signs digital certificate authorities with how many keys? Answer: ...

PKI consists of all of the following EXCEPT what?

PKI consists of all of the following EXCEPT what? a. Software b. Practices c. People d. Procedures Answer: b. Practice...

Which of the following does a digital certificate NOT contain?

Which of the following does a digital certificate NOT contain? a. Name of the issuer b. Expiration date of the public key c. Serial number of the...

How can an EV SSL help users avoid dangerous sites?

How can an EV SSL help users avoid dangerous sites? Answer: By displaying the address bar in re...

Why is a pre-master secret an important component of a web browser and web server handshake?

Why is a pre-master secret an important component of a web browser and web server handshake? Answer: The pre-master secret is used to create...

Why would an administrator choose to use multiple Registration Authorities when processing certificate requests?

Why would an administrator choose to use multiple Registration Authorities when processing certificate requests? Answer: Using one CA can be...

Public Key Cryptography Standards are based on which of the following?

Public Key Cryptography Standards are based on which of the following? a. TLS/SSL b. Blowfish hash c. Digital Signatures d. RSA public key algorithm Answer: d....

Where are private keys NOT stored?

Where are private keys NOT stored? Answer: Within digital certificate...

How are TLS and SSL currently different in regards to security?

How are TLS and SSL currently different in regards to security? Answer: TLS v1.2 is considered more secure than any version of SS...

What is the biggest difference between a CA and an RA?

What is the biggest difference between a CA and an RA? Answer: Certificate Authorities can generate public key certificate...

Which of the following is provided by a server digital certificate?

Which of the following is provided by a server digital certificate? a. Authentication the author of a book b. Integrity of the cryptographic connection c....

Which of the following explains the importance of a "facilitator?"

Which of the following explains the importance of a "facilitator?" a. A facilitator simplifies the use of digital certificates to end users b. A...

NTRUEncrypt is based on which cryptography method?

NTRUEncrypt is based on which cryptography method? Answer: Lattice-base...

"Plaintext" is a term that is best described as what?

"Plaintext" is a term that is best described as what? Answer: Data in an unencrypted for...

Which of the following is an advantage of the Keccak algorithm?

Which of the following is an advantage of the Keccak algorithm? Answer: It is a compact algorithm that could be considered ideal for smaller...

What is a benefit of using a combination of symmetrical and asymmetrical cryptography when transferring data across the internet?

What is a benefit of using a combination of symmetrical and asymmetrical cryptography when transferring data across the internet? Answer: Asymmetrical...

Why is a homoalphabetic substitution considered a stream cipher?

Why is a homoalphabetic substitution considered a stream cipher? Answer: It encrypts one plaintext character at a tim...

Which of the following encryption algorithms has not been successfully attacked?

Which of the following encryption algorithms has not been successfully attacked? a. MD2 b. 3DES c. AES d. SHA-0 Answer: c. AE...

Which of the following best describes TPM?

Which of the following best describes TPM? a. An asymmetric key b. Uses a 16-bit key c. An advanced algorithm d. A chip on a motherboard Answer: d....

Which of the following is NOT a benefit of USB device encryption?

Which of the following is NOT a benefit of USB device encryption? a. Files moved to the USB are automatically encrypted b. Administrators can lock...

How is a hash algorithm limited in functionality?

How is a hash algorithm limited in functionality? Answer:  It cannot be decrypte...

OTPs were originally used by whom?

OTPs were originally used by whom? Answer: Resistance groups and operation teams during World War I...

Why would a security administrator use perfect forward secrecy instead of other key exchange solutions?

Why would a security administrator use perfect forward secrecy instead of other key exchange solutions? Answer: If compromised it can only expose...

An encrypted digest is produced from what?

An encrypted digest is produced from what? Answer: Hash algorith...

What is the disadvantage of RSA compared to most symmetrical algorithms?

What is the disadvantage of RSA compared to most symmetrical algorithms? Answer: RSA is complicated and slower than other algorithm...

Using asymmetric cryptography practices, Alex wants to send Jessica an encrypted message that he received from Joel. Additionally, Jessica wants to verify the message came from Alex by viewing his digital signature. Whose keys would be used for what in this scenario?

Using asymmetric cryptography practices, Alex wants to send Jessica an encrypted message that he received from Joel. Additionally, Jessica wants to...

What are the differences between a block cipher and a sponge function?

What are the differences between a block cipher and a sponge function? Answer: A block cipher encrypts plaintext at a fixed size d. A block cipher...

Which solution is ideal for encrypting an entire hard drive of a PC?

Which solution is ideal for encrypting an entire hard drive of a PC? Answer: BitLocke...

A digital signature does NOT provide which of the following?

A digital signature does NOT provide which of the following? a. Availability b. Redundancy c. Integrity d. Nonrepudiation Answer: b. Redu...

How does SHA-1 differ from the MD4 algorithm?

How does SHA-1 differ from the MD4 algorithm? Answer: MD4 creates a digest length of 128 bit whereas SHA-1's digest length is 160 bit...

What type of system is blowfish designed to run efficiently on?

What type of system is blowfish designed to run efficiently on? Answer: 32-bit system...

Why does RC4 consume more processing power than RC5?

Why does RC4 consume more processing power than RC5? Answer: RC4 is a stream cipher and RC5 is a block ciphe...

Why would an administrator allow an application exception through a software firewall instead of opening the application's port?

Why would an administrator allow an application exception through a software firewall instead of opening the application's port? Answer: The...

Cipher locks are susceptible to which security threat?

Cipher locks are susceptible to which security threat? Answer: Shoulder Surfin...

Passive RFID tags are powered by which of the following?

Passive RFID tags are powered by which of the following? a. A WiMax connection b. The signal coming from the transceiver c. A voltaic battery d....

Which of the following is considered OS hardening?

Which of the following is considered OS hardening? a. Turning on the latest OS features b. Using a cable lock c. Keeping all applications updated d....

What is a benefit of having an automated patch update service instead of configuring clients to install updates independently?

What is a benefit of having an automated patch update service instead of configuring clients to install updates independently? Answer: An automated...

Fuzzing inputs random data into a program to accomplish which of the following?

Fuzzing inputs random data into a program to accomplish which of the following? a. Input validation b. Output encoding c. Trap errors in the application...

A mantrap can be useful in physical security by preventing what?

A mantrap can be useful in physical security by preventing what? Answer: Tailgatin...

Televisions, HVAC controllers, and ATMs are all examples of what?

Televisions, HVAC controllers, and ATMs are all examples of what? Answer: Embedded system...

What is an advantage to an alarmed carrier PDS over a hardened carrier PDS?

What is an advantage to an alarmed carrier PDS over a hardened carrier PDS? Answer: An alarmed carrier PDS can sense vibrations with optical...

Which of the following can use fingerprinting to distinguish critical data from unimportant data?

Which of the following can use fingerprinting to distinguish critical data from unimportant data? a. Data Loss Prevention b. Proximity reader c....

Which of the following can use fingerprinting to distinguish critical data from unimportant data?

Which of the following can use fingerprinting to distinguish critical data from unimportant data? a. Data Loss Prevention b. Proximity reader c....

Which of the following can use fingerprinting to distinguish critical data from unimportant data?

Which of the following can use fingerprinting to distinguish critical data from unimportant data? a. Data Loss Prevention b. Proximity reader c....

Which of the following correctly describes the importance of eliminating marks that classify a master key?

Which of the following correctly describes the importance of eliminating marks that classify a master key? a. It is imperative to follow ideal key...

Why is dynamic heuristic detection considered more of a robust antivirus scanning method than static analysis?

Why is dynamic heuristic detection considered more of a robust antivirus scanning method than static analysis? Answer: Dynamic heuristic detection...

Why would a Server 2008 R2 DNS server have a different security baseline than a Windows XP client?

Why would a Server 2008 R2 DNS server have a different security baseline than a Windows XP client? Answer: If systems perform different functions,...

Which of the following is the most restrictive anti-spam technique?

Which of the following is the most restrictive anti-spam technique? a. Popup blocking b. Whitelisting c. Blacklisting d. Bayesian filtering Answer: b....

Which of the following security controls provides a substitute for normal controls that cannot be used?

Which of the following security controls provides a substitute for normal controls that cannot be used? a. Deterrent controls b. Compensating controls c....

How is a hotfix different from other operating system fixes?

How is a hotfix different from other operating system fixes? Answer: A hotfix can relate to a specific custome...

Which of the following is NOT an advantage to utilizing wrapper functions?

Which of the following is NOT an advantage to utilizing wrapper functions? a. They allow programmers to concentrate on the essential purpose of the...

Seismic sensors are used for which of the following?

Seismic sensors are used for which of the following? a. Deterrent controls b. Motion detection c. Passive infrared light sensors d. Barriers Answer: b....

Your organization wants to ensure that security controls continue to function, helping to maintain an appropriate security posture. Which of the following is the BEST choice to meet this goal?

Your organization wants to ensure that security controls continue to function, helping to maintain an appropriate security posture. Which of the following...

Your organization's security policy states that administrators should follow the principle of least privilege. Which of the following tools can ensure that administrators are following the policy?

Your organization's security policy states that administrators should follow the principle of least privilege. Which of the following tools can ensure...

Your organization recently hired an outside security auditor to review internal processes. The auditor identified several employees who had permissions for previously held jobs within the company. What should the organization implement to prevent this in the future?

Your organization recently hired an outside security auditor to review internal processes. The auditor identified several employees who had permissions...

Security administrators have recently implemented several security controls to enhance the network's security posture. Management wants to ensure that these controls continue to function as intended. Which of the following tools is the BEST choice to meet this goal?

Security administrators have recently implemented several security controls to enhance the network's security posture. Management wants to ensure that...

While analyzing a packet capture log, you notice the following entry: 16:12:50, src 10.80.1.5:3389, dst 192.168.1.100:8080, syn/ack Of the following choices, what is the BEST explanation of this entry?

While analyzing a packet capture log, you notice the following entry: 16:12:50, src 10.80.1.5:3389, dst 192.168.1.100:8080, syn/ack Of the following...

A network administrator needs to identify the type of traffic and packet flags used in traffic sent from a specific IP address. Which of the following is the BEST tool to meet this need?

A network administrator needs to identify the type of traffic and packet flags used in traffic sent from a specific IP address. Which of the following...

A network administrator is troubleshooting a communication problem between a web server and a database server. Which of the following tools would MOST likely be useful in this scenario?

A network administrator is troubleshooting a communication problem between a web server and a database server. Which of the following tools would MOST...

Your organization has hired a group of external testers to perform a black box penetration test. One of the testers asks you to provide information about your internal network. What should you provide?

Your organization has hired a group of external testers to perform a black box penetration test. One of the testers asks you to provide information...

Testers do not have access to product documentation or any experience with an application. What type of test will they MOST likely perform?

Testers do not have access to product documentation or any experience with an application. What type of test will they MOST likely perform? A. Gray...

An organization has a legacy server within the DMZ. It is running older software that is not compatible with current patches, so it remains unpatched. Management accepts the risk on this system, but wants to know if attackers can access the internal network if they successfully compromise this server. Which of the following is the MOST appropriate test?

An organization has a legacy server within the DMZ. It is running older software that is not compatible with current patches, so it remains unpatched....

Your organization develops web application software, which it sells to other companies for commercial use. Your organization wants to ensure that the software isn't susceptible to common vulnerabilities, such as buffer overflow attacks and race conditions. What should the organization implement to ensure software meets this standard?

Your organization develops web application software, which it sells to other companies for commercial use. Your organization wants to ensure that the...

A recent vulnerability stream-7 can reported that a web application server is missing some patches. However, after inspecting the server, you realize that the patches are for a protocol that administrators removed from the server. Which of the following is the BEST explanation for this disparity?

A recent vulnerability stream-7 can reported that a web application server is missing some patches. However, after inspecting the server, you realize...

Lisa needs to identify if a risk exists on a web application and if attackers can potentially bypass security controls. However, she should not actively test the application. Which of the following is the BEST choice?

Lisa needs to identify if a risk exists on a web application and if attackers can potentially bypass security controls. However, she should not actively...

You need to perform tests on your network to identify missing security controls. However, you want to have the least impact on systems that users are accessing. Which of the following tools is the best to meet this need?

You need to perform tests on your network to identify missing security controls. However, you want to have the least impact on systems that users are...

You suspect that a database server used by a web application does not have current patches. Which of the following is the BEST action to take to verify the server has up-to-date patches?

You suspect that a database server used by a web application does not have current patches. Which of the following is the BEST action to take to verify...

You recently completed a vulnerability scan on your network. It reported that several servers are missing key operating system patches. However, after checking the servers, you've verified the servers have these patches installed. Which of the following BEST describes this?

You recently completed a vulnerability scan on your network. It reported that several servers are missing key operating system patches. However, after...

You want to identify all of the services running on a server. Which of the following tools is the BEST choice to meet this goal?

You want to identify all of the services running on a server. Which of the following tools is the BEST choice to meet this goal? A. Penetration test B....

You need to calculate the expected loss of an incident. Which of the following value combinations would you MOST likely use?

You need to calculate the expected loss of an incident. Which of the following value combinations would you MOST likely use? A. ALE and ARO B. ALE...

You need to calculate the ALE for a server. The value of the server is $3,000, but it has crashed 10 times in the past year. Each time it crashed, it resulted in a 10 percent loss. What is the ALE?

You need to calculate the ALE for a server. The value of the server is $3,000, but it has crashed 10 times in the past year. Each time it crashed, it...

Which of the following is most closely associated with residual risk?

Which of the following is most closely associated with residual risk? A. Risk acceptance B. Risk avoidance C. Risk deterrence D. Risk mitigation E....

Homer received an email advertising the newest version of a popular smartphone, which is not available elsewhere. It includes a malicious link. Which of the following principles is the email author using?

Homer received an email advertising the newest version of a popular smartphone, which is not available elsewhere. It includes a malicious link. Which...