Download Cybersecurity Best Practices and Techniques and more Exams Computer Science in PDF only on Docsity! Sec+ 401 Questions from World-Class Academics Questions from Top-Tier Universities From Esteemed Educators Worldwide Structured for Success in Every Examination Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete's BEST option? A. Use hardware already at an offsite location and configure it to be quickly utilized. B. Move the servers and data to another part of the company's main campus from the server room. C. Retain data back-ups on the main campus and establish redundant servers in a virtual environment. D. Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy. - -correct ans- -Answer: A A network stream needs to be encrypted. Sara, the network administrator, has selected a cipher which will encrypt 8 bits at a time before sending the data across the network. Which of the following has Sara selected? A. Block cipher B. Stream cipher C. CRC D. Hashing algorithm - -correct ans- -Answer: A Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator. Which of the following is configured in the RADIUS server and what technologies should the authentication protocol be changed to? A. PAP, MSCHAPv2 B. CHAP, PAP C. MSCHAPv2, NTLMv2 D. NTLM, NTLMv2 - -correct ans- -Answer: A Which of the following is an advantage of implementing individual file encryption on a hard drive which already deploys full disk encryption? A. Reduces processing overhead required to access the encrypted files B. Double encryption causes the individually encrypted files to partially lose their properties C. Individually encrypted files will remain encrypted when copied to external media D. File level access control only apply to individually encrypted files in a fully encrypted drive - -correct ans- -Answer: C An IT director is looking to reduce the footprint of their company's server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company. Which of the following BEST describes this arrangement? A. Infrastructure as a Service B. Storage as a Service Which of the following would satisfy wireless network implementation requirements to use mutual authentication and usernames and passwords? A. EAP-MD5 B. WEP C. PEAP-MSCHAPv2 D. EAP-TLS - -correct ans- -Answer: C Some customers have reported receiving an untrusted certificate warning when visiting the company's website. The administrator ensures that the certificate is not expired and that customers have trusted the original issuer of the certificate. Which of the following could be causing the problem? A. The intermediate CA certificates were not installed on the server. B. The certificate is not the correct type for a virtual server. C. The encryption key used in the certificate is too short. D. The client's browser is trying to negotiate SSL instead of TLS. - -correct ans- -Answer: A A security analyst needs to ensure all external traffic is able to access the company's front- end servers but protect all access to internal resources. Which of the following network design elements would MOST likely be recommended? A. DMZ B. Cloud computing C. VLAN D. Virtualization - -correct ans- -Answer: A A company's business model was changed to provide more web presence and now its ERM software is no longer able to support the security needs of the company. The current data center will continue to provide network and security services. Which of the following network elements would be used to support the new business model? A. Software as a Service B. DMZ C. Remote access support D. Infrastructure as a Service - -correct ans- -Answer: A Which of the following network devices is used to analyze traffic between various network interfaces? A. Proxies B. Firewalls C. Content inspection D. Sniffers - -correct ans- -Answer: D Layer 7 devices used to prevent specific types of html tags are called: A. Firewalls. B. Content filters. C. Routers. D. NIDS. - -correct ans- -Answer: B A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports? A. SNMP B. SNMPv3 C. ICMP D. SSH - -correct ans- -Answer: B QUESTION 166 A security administrator has been tasked to ensure access to all network equipment is controlled by a central server such as TACACS+. This type of implementation supports which of the following risk mitigation strategies? A. User rights and permissions review B. Change management C. Data loss prevention D. Implement procedures to prevent data theft - -correct ans- -Answer: A QUESTION 167 Company A sends a PGP encrypted file to company B. If company A used company B's public key to encrypt the file, which of the following should be used to decrypt data at company B? A. Registration B. Public key C. CRLs D. Private key - -correct ans- -Answer: D Given that the corporate wireless network has been standardized, which of the following attacks is underway? A. Evil twin B. IV attack C. Rogue AP D. DDoS - -correct ans- -Answer: A QUESTION 173 Input validation is an important security defense because it: A. rejects bad or malformed data. B. enables verbose error reporting. C. protects mis-configured web servers. D. prevents denial of service attacks. - -correct ans- -Answer: A QUESTION 174 In order to maintain oversight of a third party service provider, the company is going to implement a Governance, Risk, and Compliance (GRC) system. This system is promising to provide overall security posture coverage. Which of the following is the MOST important activity that should be considered? A. Continuous security monitoring B. Baseline configuration and host hardening C. Service Level Agreement (SLA) monitoring D. Security alerting and trending - -correct ans- -Answer: A QUESTION 175 A recent audit of a company's identity management system shows that 30% of active accounts belong to people no longer with the firm. Which of the following should be performed to help avoid this scenario? (Select TWO). A. Automatically disable accounts that have not been utilized for at least 10 days. B. Utilize automated provisioning and de-provisioning processes where possible. C. Request that employees provide a list of systems that they have access to prior to leaving the firm. D. Perform regular user account review / revalidation process. E. Implement a process where new account creations require management approval. - - correct ans- -Answer: BD QUESTION 176 The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO's direction but has mandated that key authentication systems be run within the organization's network. Which of the following would BEST meet the CIO and CRO's requirements? A. Software as a Service B. Infrastructure as a Service C. Platform as a Service D. Hosted virtualization service - -correct ans- -Answer: A QUESTION 177 Which of the following provides the BEST application availability and is easily expanded as demand grows? A. Server virtualization B. Load balancing C. Active-Passive Cluster D. RAID 6 - -correct ans- -Answer: B QUESTION 178 An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL? A. Create three VLANs on the switch connected to a router B. Define three subnets, configure each device to use their own dedicated IP address range, and then connect the network to a router C. Install a firewall and connect it to the switch D. Install a firewall and connect it to a dedicated switch for each device type - -correct ans- -Answer: A QUESTION 179 Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card? D. The examiner should disclose the mistake and assess another area of the disc. - -correct ans- -Answer: C QUESTION 186 Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure? A. Trust Model B. Recovery Agent C. Public Key D. Private Key - -correct ans- -Answer: A QUESTION 187 Which of the following offers the LEAST secure encryption capabilities? A. TwoFish B. PAP C. NTLM D. CHAP - -correct ans- -Answer: B QUESTION 188 Which of the following network architecture concepts is used to securely isolate at the boundary between networks? A. VLAN B. Subnetting C. DMZ D. NAT - -correct ans- -Answer: C QUESTION 189 Datacenter access is controlled with proximity badges that record all entries and exits from the datacenter. The access records are used to identify which staff members accessed the data center in the event of equipment theft. Which of the following MUST be prevented in order for this policy to be effective? A. Password reuse B. Phishing C. Social engineering D. Tailgating - -correct ans- -Answer: D QUESTION 190 Elastic cloud computing environments often reuse the same physical hardware for multiple customers over time as virtual machines are instantiated and deleted. This has important implications for which of the following data security concerns? A. Hardware integrity B. Data confidentiality C. Availability of servers D. Integrity of data - -correct ans- -Answer: B QUESTION 191 When implementing fire suppression controls in a datacenter it is important to: A. Select a fire suppression system which protects equipment but may harm technicians. B. Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers. C. Integrate maintenance procedures to include regularly discharging the system. D. Use a system with audible alarms to ensure technicians have 20 minutes to evacuate. - - correct ans- -Answer: B QUESTION 192 Vendors typically ship software applications with security settings disabled by default to ensure a wide range of interoperability with other applications and devices. A security administrator should perform which of the following before deploying new software? A. Application white listing B. Network penetration testing C. Application hardening D. Input fuzzing testing - -correct ans- -Answer: C QUESTION 193 A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another? A. Implement a virtual firewall B. Install HIPS on each VM C. Virtual switches with VLANs D. Develop a patch management guide - -correct ans- -Answer: C