Download Cybersecurity Concepts and Practices and more Exams Computer Science in PDF only on Docsity! Sec+ 401 Certified for High Academic Standards Tested and Reliable Exam Strategies From Leading Educators Around the World Graded questions with answers Which of the following concepts is a term that directly relates to customer privacy considerations? A. Data handling policies B. Personally identifiable information C. Information classification D. Clean desk policies - -correct ans- -Answer: B Which of the following is a Data Loss Prevention (DLP) strategy and is MOST useful for securing data in use? A. Email scanning B. Content discovery C. Database fingerprinting D. Endpoint protection - -correct ans- -Answer: D Which of the following is a concern when encrypting wireless data with WEP? A. WEP displays the plain text entire key when wireless packet captures are reassembled B. WEP implements weak initialization vectors for key transmission C. WEP uses a very weak encryption algorithm D. WEP allows for only four pre-shared keys to be configured - -correct ans- -Answer: B A security administrator is tasked with calculating the total ALE on servers. In a two year period of time, a company has to replace five servers. Each server replacement has cost the company 4,000 dollars with downtime costing 3,000 dollars. Which of the following is the ALE for the company? A. 7,000 dollars B. 10,000 dollars C. 17,500 dollars D. 35,000 dollars - -correct ans- -Answer: C ABC company has a lot of contractors working for them. The provisioning team does not always get notified that a contractor has left the company. Which of the following policies would prevent contractors from having access to systems in the event a contractor has left? A. Annual account review B. Account expiration policy C. Account lockout policy D. Account disablement - -correct ans- -Answer: B The practice of marking open wireless access points is called which of the following? A. War dialing B. War chalking C. War driving D. Evil twin - -correct ans- -Answer: B A. Whole disk encryption B. SSH C. Telnet D. MD5 - -correct ans- -Answer: D QUESTION 484 Ann, a security analyst, has been notified that trade secrets are being leaked from one of the executives in the corporation. When reviewing this executive's laptop she notices several pictures of the employee's pets are on the hard drive and on a cloud storage network. When Ann hashes the images on the hard drive against the hashes on the cloud network they do not match. Which of the following describes how the employee is leaking these secrets? A. Social engineering B. Steganography C. Hashing D. Digital signatures - -correct ans- -Answer: B QUESTION 485 A malicious user is sniffing a busy encrypted wireless network waiting for an authorized client to connect to it. Only after an authorized client has connected and the hacker was able to capture the client handshake with the AP can the hacker begin a brute force attack to discover the encryption key. Which of the following attacks is taking place? A. IV attack B. WEP cracking C. WPA cracking D. Rogue AP - -correct ans- -Answer: C QUESTION 486 Which of the following protocols is used by IPv6 for MAC address resolution? A. NDP B. ARP C. DNS D. NCP - -correct ans- -Answer: A QUESTION 487 Which of the following provides dedicated hardware-based cryptographic functions to an operating system and its applications running on laptops and desktops? A. TPM B. HSM C. CPU D. FPU - -correct ans- -Answer: A QUESTION 488 Which of the following tests a number of security controls in the least invasive manner? A. Vulnerability scan B. Threat assessment C. Penetration test D. Ping sweep - -correct ans- -Answer: A QUESTION 489 When using PGP, which of the following should the end user protect from compromise? (Select TWO). A. Private key B. CRL details C. Public key D. Key password E. Key escrow F. Recovery agent - -correct ans- -Answer: AD QUESTION 490 Which of the following disaster recovery strategies has the highest cost and shortest recovery time? A. Warm site B. Hot site C. Cold site D. Co-location site - -correct ans- -Answer: B QUESTION 491 In the case of a major outage or business interruption, the security office has documented the expected loss of earnings, potential fines and potential consequence to customer service. Which of the following would include the MOST detail on these objectives? A. Business Impact Analysis QUESTION 497 Which of the following types of wireless attacks would be used specifically to impersonate another WAP in order to gain unauthorized information from mobile users? A. IV attack B. Evil twin C. War driving D. Rogue access point - -correct ans- -Answer: B QUESTION 498 Which of the following types of application attacks would be used to identify malware causing security breaches that have NOT yet been identified by any trusted sources? A. Zero-day B. LDAP injection C. XML injection D. Directory traversal - -correct ans- -Answer: A QUESTION 499 Which of the following is built into the hardware of most laptops but is not setup for centralized management by default? A. Whole disk encryption B. TPM encryption C. USB encryption D. Individual file encryption - -correct ans- -Answer: B QUESTION 500 Which of the following is true about the recovery agent? A. It can decrypt messages of users who lost their private key. B. It can recover both the private and public key of federated users. C. It can recover and provide users with their lost or private key. D. It can recover and provide users with their lost public key. - -correct ans- -Answer: A QUESTION 501 Which of the following MOST specifically defines the procedures to follow when scheduled system patching fails resulting in system outages? A. Risk transference B. Change management C. Configuration management D. Access control revalidation - -correct ans- -Answer: B QUESTION 502 A review of the company's network traffic shows that most of the malware infections are caused by users visiting gambling and gaming websites. The security manager wants to implement a solution that will block these websites, scan all web traffic for signs of malware, and block the malware before it enters the company network. Which of the following is suited for this purpose? A. ACL B. IDS C. UTM D. Firewall - -correct ans- -Answer: C QUESTION 503 Which of the following would the security engineer set as the subnet mask for the servers below to utilize host addresses on separate broadcast domains? Server 1: 192.168.100.6 Server 2: 192.168.100.9 Server 3: 192.169.100.20 A. /24 B. /27 C. /28 D. /29 E. /30 - -correct ans- -Answer: D QUESTION 504 Which of the following offerings typically allows the customer to apply operating system patches? A. Software as a service B. Public Clouds C. Cloud Based Storage D. Infrastructure as a service - -correct ans- -Answer: D QUESTION 505 A technician is unable to manage a remote server. Which of the following ports should be opened on the firewall for remote server management? (Select TWO). D. Implicit deny - -correct ans- -Answer: D QUESTION 511 Joe, a security administrator, believes that a network breach has occurred in the datacenter as a result of a misconfigured router access list, allowing outside access to an SSH server. Which of the following should Joe search for in the log files? A. Failed authentication attempts B. Network ping sweeps C. Host port scans D. Connections to port 22 - -correct ans- -Answer: D QUESTION 512 Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model? A. Packet Filter Firewall B. Stateful Firewall C. Proxy Firewall D. Application Firewall - -correct ans- -Answer: B QUESTION 513 A security analyst needs to logon to the console to perform maintenance on a remote server. Which of the following protocols would provide secure access? A. SCP B. SSH C. SFTP D. HTTPS - -correct ans- -Answer: B QUESTION 514 The network administrator has been tasked to rebuild a compromised web server. The administrator is to remove the malware and install all the necessary updates and patches. This represents which of the following stages of the Incident Handling Response? A. Lessons Learned B. Plan of action C. Eradication D. Reconstitution - -correct ans- -Answer: C QUESTION 515 Management has been informed of an increased number of tailgating violations into the server room. Which of the following is the BEST method of preventing future violations? A. Security Guards B. Man Traps C. Proximity Cards D. Biometrics authentication - -correct ans- -Answer: B QUESTION 516 Ann, a newly hired human resource employee, sent out confidential emails with digital signatures, to an unintended group. Which of the following would prevent her from denying accountability? A. Email Encryption B. Steganography C. Non Repudiation D. Access Control - -correct ans- -Answer: C QUESTION 517 Ann would like to forward some Personal Identifiable Information to her HR department by email, but she is worried about the confidentiality of the information. Which of the following will accomplish this task securely? A. Digital Signatures B. Hashing C. Secret Key D. Encryption - -correct ans- -Answer: D QUESTION 518 Ann, a technician, is attempting to establish a remote terminal session to an end user's computer using Kerberos authentication, but she cannot connect to the destination machine. Which of the following default ports should Ann ensure is open? A. 22 B. 139 C. 443 D. 3389 - -correct ans- -Answer: D QUESTION 519