




























































































Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
Sec..Outstanding Grades Sec..Outstanding Grades
Typology: Exams
1 / 489
This page cannot be seen from the preview
Don't miss anything!





























































































A targeted email attack sent to Sara, the company's Chief Executive Officer (CEO), is known as which of the
following? A. Whaling B. Bluesnarfing C. Vishing
In regards to secure coding practices, why is input validation important? A. It mitigates buffer overflow attacks. B. It makes the code more readable. C. It provides an application configuration baseline.
Which of the following steps should follow the deployment of a patch? A. Antivirus and anti-malware deployment B. Audit and verification C. Fuzzing and exploitation
Which of the following would be used when a higher level of security is desired for encryption key storage?
A security administrator is observing congestion on the firewall interfaces and a high number of half open incoming connections from different external IP addresses. Which of the following attack types is underway? A. Cross-site scripting B. SPIM C. Client-side
Which of the following application security testing techniques is implemented when an automated system generates random input data? A. Fuzzing B. XSRF C. Hardening
Which of the following BEST describes a protective countermeasure for SQL injection? A. Eliminating cross-site scripting vulnerabilities B. Installing an IDS to monitor network traffic
C. Validating user input in web applications D. Placing a firewall between the Internet and database servers -
A certificate authority takes which of the following actions in PKI? A. Signs and verifies all infrastructure messages B. Issues and signs all private keys C. Publishes key escrow lists to CRLs
Use of a smart card to authenticate remote servers remains MOST susceptible to which of the following attacks? A. Malicious code on the local system B. Shoulder surfing C. Brute force certificate cracking
A security administrator needs to update the OS on all the switches in the company. Which of the following MUST be done before any actual switch configuration is performed?
likely be implemented within the company? A. Account lockout policy B. Account password enforcement C. Password complexity enabled
An employee is granted access to only areas of a network folder needed to perform their job. Which of the following describes this form of access control? A. Separation of duties B. Time of day restrictions C. Implicit deny
Sara, a user, downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware? A. Logic bomb B. Worm C. Trojan
Which of the following may significantly reduce data loss if multiple drives fail at the same time? A. Virtualization B. RAID C. Load balancing
To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation? A. Management B. Administrative C. Technical
Pete, a network administrator, is capturing packets on the network and notices that a large amount of the traffic on the LAN is SIP and RTP protocols. Which of the following should he do to segment that traffic from the other traffic?
of the network. Which of the following would allow Jane to perform this kind of testing? A. Local isolated environment B. Networked development environment C. Infrastructure as a Service
Which of the following transportation encryption protocols should be used to ensure maximum security between a web browser and a web server? A. SSLv B. SSHv C. RSA
Developers currently have access to update production servers without going through an approval process. Which of the following strategies would BEST mitigate this risk? A. Incident management B. Clean desk policy C. Routine audits
To reduce an organization's risk exposure by verifying compliance with company policy, which of the following should be performed periodically? A. Qualitative analysis B. Quantitative analysis C. Routine audits
Which of the following is a difference between TFTP and FTP? A. TFTP is slower than FTP. B. TFTP is more secure than FTP. C. TFTP utilizes TCP and FTP uses UDP.
A system administrator decides to use SNMPv3 on the network router in AuthPriv mode. Which of the following algorithm combinations would be valid? A. AES-RC B. 3DES-MD C. RSA-DSA
A. Anti-spam B. Anti-virus C. Host-based firewalls
Which of the following would MOST likely ensure that swap space on a hard disk is encrypted? A. Database encryption B. Full disk encryption C. Folder and file encryption
Which of the following access controls enforces permissions based on data labeling at specific levels? A. Mandatory access control B. Separation of duties access control C. Discretionary access control
A username provides which of the following? A. Biometrics
B. Identification C. Authorization
Use of group accounts should be minimized to ensure which of the following? A. Password security B. Regular auditing C. Baseline management
Privilege creep among long-term employees can be mitigated by which of the following procedures? A. User permission reviews B. Mandatory vacations C. Separation of duties
In which of the following scenarios is PKI LEAST hardened? A. The CRL is posted to a publicly accessible location.
Which of the following would be used to identify the security posture of a network without actually exploiting any weaknesses? A. Penetration test B. Code review C. Vulnerability scan
A security administrator has just finished creating a hot site for the company. This implementation relates to which of the following concepts? A. Confidentiality B. Availability C. Succession planning
In the initial stages of an incident response, Matt, the security administrator, was provided the hard drives in question from the incident manager. Which of the following incident response procedures would he need to perform in order to begin the analysis? (Select TWO) A. Take hashes
B. Begin the chain of custody paperwork C. Take screen shots D. Capture the system image
Which of the following is used to certify intermediate authorities in a large PKI deployment? A. Root CA B. Recovery agent C. Root user
Which of the following components MUST be trusted by all parties in PKI? A. Key escrow B. CA C. Private key
Which of the following should Matt, a security administrator, include when encrypting smartphones? (Select TWO) A. Steganography images
A. Buffer overflow prevention B. Input validation C. CSRF prevention
Why is it important for a penetration tester to have established an agreement with management as to which systems and processes are allowed to be tested? A. Penetration test results are posted publicly, and some systems tested may contain corporate secrets. B. Penetration testers always need to have a comprehensive list of servers, operating systems, IP subnets, and department personnel prior to ensure a complete test. C. Having an agreement allows the penetration tester to look for other systems out of scope and test them for threats against the in-scope systems. D. Some exploits when tested can crash or corrupt a system
A system administrator is using a packet sniffer to troubleshoot remote authentication. The administrator detects a device trying to communicate to TCP port 49. Which of the following authentication methods is MOST likely being attempted? A. RADIUS B. TACACS+ C. Kerberos
An administrator wants to minimize the amount of time needed to perform backups during the week. It is also acceptable to the administrator for restoration to take an extended time frame. Which of the following strategies would the administrator MOST likely implement? A. Full backups on the weekend and incremental during the week. B. Full backups on the weekend and full backups every day. C. Incremental backups on the weekend and differential backups every day. D. Differential backups on the weekend and full backups every