Which of the following is a goal of penetration testing?
Passively assess web vulnerabilities
To check compliance of the router configuration
Provide a passive check of the networks security
Actively assess deployed security controls
Using a smartcard and a physical token is considered how many factors of authentication?
One
Two
Three
Four
Which of the following increases availability during periods of electromagnetic interference? (Select TWO)
Fiber optic cable
Straight-through cable
STP cable
Crossover cable
UTP cable
A computer is displaying an MBR error upon restart. The technician is told the user has just installed new software. Which of the following threats is the MOST likely cause of this error?
Distributed DoS
Boot sector virus
ActiveX
Trojan
Which of the following should be disabled to help prevent boot sector viruses from launching when a computer boots?
SNMP
DMZ
USB
Hard Drive
Which of the following video surveillance systems should be installed on an existing network?
Microwave
Analog
CCTV
IP
Which of the following has a 128-bit message digest?
NTLM
MD5
SHA
3DES
Which of the following is commonly used to secure HTTP and SMTP traffic?
SFTP
TLS
SCP
Which of the following uses an RC4 key that can be discovered by eavesdropping on plain text initialization vectors?
WEP
TKIP
SSH
WPA
A retinal scanner provides which of the following authentication types?
Biometric
Token
Two-factor
Optic
The accounting group, clinical group and operations group only have access to their own applications. The company often needs auditors to have access to all three groups applications with little notice. Which of the following would simplify the process of granting auditors permissions to all the applications?
Create an auditors group and merge the members of the accounting, clinical and operations groups
Create an auditors group and add each user to the accounting, clinical and operations groups individually
Create an auditors group and add each of the accounting, clinical and operations groups to the auditors group
Create an auditors group and add the group to each of the accounting, clinical and operations groups
Which of the following utilities would allow a system administrator to discover why an ISP is generating a large amount of TCP RST packets?
L0phtcrack
Wireshark
Nmap
Nessus
A large amount of continuous small transmissions are originating from multiple external hosts to the corporate web server, which is also inaccessible to users. Which of the following attacks is MOST likely the cause?
Spoofing
DNS poisoning
DDoS
DoS
A network security administrator is worried about potential man-in-the-middle attacks against users when they access a corporate website from their workstations. Which of the following is the BEST mitigation against this type of attack?
Implementing server-side PKI certificates for all connections
Mandating only client-side PKI certificates for all connections
Requiring client and server PKI certificates for all connections
Requiring strong authentication for all DNS queries
The security administrator at a small company is having trouble sending and receiving SMTP traffic from the network to the external gateway. Network utilization is very high with most traffic originating at one external IP address and ending at the SMTP server. Which of the following is MOST likely happening?
DoS attack
Open mail relays
Distributed DoS attack
Spear-phishing
The last company administrator failed to renew the registration for the corporate web site (e.g. https://www.comptia.org). When the new administrator tried to register the website it is discovered that the registration is being held by a series of small companies for very short periods of time. This is typical of which of the following?
TCP/IP hijacking
Domain name kiting
When used to encrypt transmissions, which of the following is the MOST resistant to brute force attacks?
AES256
Which of the following is the BEST choice for whole disk encryption when confidentiality is the primary concern?
PGP
DES
AES
The primary purpose of a hot site is to ensure which of the following?
Adequate HVAC to meet environmental initiatives
Recovery of operations within 30 days after a disaster
Transition of operations in a short time period in a disaster
Seamless operations in the event of a disaster
Which of the following is a component of a disaster recovery plan for a company that expects a site to be rendered non-usable during a disaster and needs a nearly transparent transfer of operations?
Warm site
Cold site
Hot site
Alternate site
Which of the following is the BEST mitigation method to implement when protecting against a discovered OS exploit?
NIDS
Patch
Antivirus update
HIDS
Which of the following MUST be taken into account when conducting risk assessments on necessary systems that are very old, costly to maintain, and very difficult to upgrade?
Likelihood vulnerability will be exploited
Frequency of patches published by the developer
Likelihood an attacker will notice the system
Maintenance costs associated with the system
Implicit deny is the practice of setting ACLs to which of the following conditions?
Verify all IP packets
Not allow by default
Transfer all traffic
Not allow by exception
Which of the following can virtualization technology provide with respect to availability?
The capability to manually transition hosts as hardware is added
The capacity to deploy more encrypted guests than hardware allows
The capability to automatically transition guests as hardware fails
The ability to provision more services during off peak hours
Which of the following is made possible by some commercial virtualization hosting applications?
Automatic redundancy for power in the event of a blackout
Seamless switching between telephony and IP telephony
Automatic transfer of applications when hardware fails
Transfer of network infrastructure components to meet demand
Cell phones with network access and the ability to store data files are susceptible to which of the following risks?
Input validation errors
SMTP open relays
Viruses
Logic bombs
If an administrator wanted to gather information about the tools and techniques used by attackers, which of the following could be used?
VLANs
Honeypot
Back door
Firewall
Shielded communications media is MOST often used to prevent electrical emanations from being detected and crosstalk between which of the following?
Networks
Cables
VPNs
To prevent unintentional DoS, which of the following should network users be restricted from doing?
Printing to non-local printers
Restarting their own print jobs
Installing print management software
Deleting jobs from the print queue
Which of the following would a network administrator implement to control traffic being routed between networks or network segments in an effort to preserve data confidentiality?
NAT
Group policies
Password policies
ACLs
An employee reports that while at the airport an unknown user was taking pictures of the employees screen. This is commonly known as which of the following?
Shoulder surfing
Phishing
Spyware
Dumpster diving
The director of finance is worried about information being seen while working on a laptop at the local coffee shop. Which of the following can be used to avoid shoulder surfing?
Antivirus
Privacy screen
Spam
A user needs to send bank account information to the Human Resource department for payroll. This type of information is considered which of the following?
Due care
Personally identifiable information
Due process
Classification of information
A user wants to send personally identifiable information to the security office via email, so they can perform a background check. Which of the following should be used to send the information to the security office?
Level of importance
Digital signature
Encryption
Signature line
A security administrator wants to prevent employees from sending unencrypted email with proprietary information. Which of the following can help mitigate this type of problem?
User awareness training
Change management policy
A technician needs to setup a secure room to enable a private VTC system. Which of the following should be installed to prevent devices from listening to the VTC?
Shielding
HVAC
MD5 hashing
A user reports that the workstation is going to obscure websites unexpectedly. Which of the following should a first responder do when arriving at the workstation?
Record the findings
Shutdown the workstation
Format the hard drive
Upgrade the operating system
A technician is setting up a secure laptop and wants to ensure that every log is captured for later evaluation. In which of the following locations would this information need to be noted?
Disaster recovery plan
Retention policy
Group policy
User review
The president of the company is trying to get to their banks website, and the browser is displaying that the webpage is being blocked by the system administrator.Which of the following logs would the technician review?
DNS
Performance
System
Content filter
A user reports that the spreadsheet they use for the department will not open. The spreadsheet is located on a server that was recently patched. Which of the following logs would the technician review FIRST?
Access
Which of the following allows a users private IP address to be displayed as the firewall IP address when browsing the Internet?
Screened subnet
Dual-homed
DHCP
A user reports that each time they attempt to go to a legitimate website, they are sent to an inappropriate website. The security administrator suspects the user may have malware on the computer, which manipulated some of the users files. Which of the following files on the users system would need to be checked for unauthorized changes?
SAM
LMhosts
Services
Hosts
A security administrator responds to a report of a web server that has been compromised. The security administrator observes the background has been changed to an image of an attacker group. Which of the following would be the FIRST step in the incident response process?
Run an antivirus scan
Disable the network connection
Power down the server
Print a copy of the background
While responding to a confirmed breach of the organizations web server, the security administrator determines the source of the attack was from a rival organizations IP address range.Which of the following should the security administer do with this information?
Notify the Help Desk
Notify ICANN
Notify management
Notify the rival organizations IT department
Which of the following organizational disaster recovery types would provide a building and network equipment but not current application data?
Field site
A security administrator is installing a new NIDS. For the NIDS to view all of the available traffic on a given segment, which of the following must the network administrator configure on the switch?
VLAN
Mirrored port
Management interface
Which of the following solutions will allow a security administrator to implement a white list of applications authorized on a users PC?
HIPS
Anti-spam
Which of the following is an authentication method that uses symmetric key encryption and a key distribution center?
MS-CHAP
Kerberos
802.1x
EAP
