Not/Applicable
Test por , creado hace más de 1 año

6251808272-1_50

20
0
0
Not/Applicable
Creado por Not/Applicable hace alrededor de 10 años
Cerrar

6251808272-1_50

Pregunta 1 de 50

1

An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?

Selecciona una de las siguientes respuestas posibles:

  • TCP/IP

  • SSL

  • SCP

  • SSH

Explicación

Pregunta 2 de 50

1

A Chief Information Security Officer (CISO) wants to implement two-factor authentication within the company. Which of the following would fulfill the CISO's requirements?

Selecciona una de las siguientes respuestas posibles:

  • Username and password

  • Retina scan and fingerprint scan

  • USB token and PIN

  • Proximity badge and token

Explicación

Pregunta 3 de 50

1

Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended?

Selecciona una de las siguientes respuestas posibles:

  • Screen lock

  • Voice encryption

  • GPS tracking

  • Device encryption

Explicación

Pregunta 4 de 50

1

Which of the following would a security administrator implement in order to identify a problem between two systems that are not communicating properly?

Selecciona una de las siguientes respuestas posibles:

  • Protocol analyzer

  • Baseline report

  • Risk assessment

  • Vulnerability scan

Explicación

Pregunta 5 de 50

1

Which of the following can result in significant administrative overhead from incorrect reporting?

Selecciona una de las siguientes respuestas posibles:

  • Job rotation

  • Acceptable usage policies

  • False positives

  • Mandatory vacations

Explicación

Pregunta 6 de 50

1

A security administrator wants to perform routine tests on the network during working hours when certain applications are being accessed by the most people. Which of the following would allow the security administrator to test the lack of security controls for those applications with the least impact to the system?

Selecciona una de las siguientes respuestas posibles:

  • Penetration test

  • Vulnerability scan

  • Load testing

  • Port scanner

Explicación

Pregunta 7 de 50

1

Which of the following risk concepts requires an organization to determine the number of failures per year?

Selecciona una de las siguientes respuestas posibles:

  • SLE

  • ALE

  • MTBF

  • Quantitative analysis

Explicación

Pregunta 8 de 50

1

A system security analyst using an enterprise monitoring tool notices an unknown internal host exfiltrating files to several foreign IP addresses. Which of the following would be an appropriate mitigation technique?

Selecciona una de las siguientes respuestas posibles:

  • Disabling unnecessary accounts

  • Rogue machine detection

  • Encrypting sensitive files

  • Implementing antivirus

Explicación

Pregunta 9 de 50

1

Three of the primary security control types that can be implemented are?

Selecciona una de las siguientes respuestas posibles:

  • Supervisory, subordinate, and peer.

  • Personal, procedural, and legal.

  • Operational, technical, and management.

  • Mandatory, discretionary, and permanent.

Explicación

Pregunta 10 de 50

1

The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST appropriate as a FIRST response?

Selecciona una de las siguientes respuestas posibles:

  • Recovery

  • Follow-up

  • Validation

  • Identification

  • Eradication

  • Containment

Explicación

Pregunta 11 de 50

1

Which of the following protocols operates at the HIGHEST level of the OSI model?

Selecciona una de las siguientes respuestas posibles:

  • ICMP

  • IPSec

  • SCP

  • TCP

Explicación

Pregunta 12 de 50

1

Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server?

Selecciona una de las siguientes respuestas posibles:

  • $500

  • $5,000

  • $25,000

  • $50,000

Explicación

Pregunta 13 de 50

1

Which of the following should an administrator implement to research current attack methodologies?

Selecciona una de las siguientes respuestas posibles:

  • Design reviews

  • Honeypot

  • Vulnerability scanner

  • Code reviews

Explicación

Pregunta 14 de 50

1

Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks?

Selecciona una de las siguientes respuestas posibles:

  • Intrusion Detection System

  • Flood Guard Protection

  • Web Application Firewall

  • URL Content Filter

Explicación

Pregunta 15 de 50

1

Which of the following means of wireless authentication is easily vulnerable to spoofing?

Selecciona una de las siguientes respuestas posibles:

  • MAC Filtering

  • WPA - LEAP

  • WPA - PEAP

  • Enabled SSID

Explicación

Pregunta 16 de 50

1

The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) are to: (Select TWO).

Selecciona una o más de las siguientes respuestas posibles:

  • permit redirection to Internet-facing web URLs.

  • ensure all HTML tags are enclosed in angle brackets, e.g., "<" and ">".

  • validate and filter input on the server side and client side.

  • use a web proxy to pass website requests between the user and the application.

  • restrict and sanitize use of special characters in input and URLs.

Explicación

Pregunta 17 de 50

1

Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication. Which of the following is an authentication method Jane should use?

Selecciona una de las siguientes respuestas posibles:

  • WPA2-PSK

  • WEP-PSK

  • CCMP

  • LEAP

Explicación

Pregunta 18 de 50

1

Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time. Which of the following does this illustrate?

Selecciona una de las siguientes respuestas posibles:

  • System image capture

  • Record time offset

  • Order of volatility

  • Chain of custody

Explicación

Pregunta 19 de 50

1

A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department?

Selecciona una de las siguientes respuestas posibles:

  • Time of day restrictions

  • Group based privileges

  • User assigned privileges

  • Domain admin restrictions

Explicación

Pregunta 20 de 50

1

Which of the following is being tested when a company's payroll server is powered off for eight hours?

Selecciona una de las siguientes respuestas posibles:

  • Succession plan

  • Business impact document

  • Continuity of operations plan

  • Risk assessment plan

Explicación

Pregunta 21 de 50

1

A security analyst, Ann, is reviewing an IRC channel and notices that a malicious exploit has been created for a frequently used application. She notifies the software vendor and asks them for remediation steps, but is alarmed to find that no patches are available to mitigate this vulnerability. Which of the following BEST describes this exploit?

Selecciona una de las siguientes respuestas posibles:

  • Malicious insider threat

  • Zero-day

  • Client-side attack

  • Malicious add-on

Explicación

Pregunta 22 de 50

1

A security administrator has concerns about new types of media which allow for the mass distribution of personal comments to a select group of people. To mitigate the risks involved with this media, employees should receive training on which of the following?

Selecciona una de las siguientes respuestas posibles:

  • Peer to Peer

  • Mobile devices

  • Social networking

  • Personally owned devices

Explicación

Pregunta 23 de 50

1

A network administrator is responsible for securing applications against external attacks. Every month, the underlying operating system is updated. There is no process in place for other software updates. Which of the following processes could MOST effectively mitigate these risks?

Selecciona una de las siguientes respuestas posibles:

  • Application hardening

  • Application change management

  • Application patch management

  • Application firewall review

Explicación

Pregunta 24 de 50

1

A software developer is responsible for writing the code on an accounting application. Another software developer is responsible for developing code on a system in human resources. Once a year they have to switch roles for several weeks. Which of the following practices is being implemented?

Selecciona una de las siguientes respuestas posibles:

  • Mandatory vacations

  • Job rotation

  • Least privilege

  • Separation of duties

Explicación

Pregunta 25 de 50

1

A network engineer is designing a secure tunneled VPN. Which of the following protocols would be the MOST secure?

Selecciona una de las siguientes respuestas posibles:

  • IPsec

  • SFTP

  • BGP

  • PPTP

Explicación

Pregunta 26 de 50

1

Which of the following implementation steps would be appropriate for a public wireless hot-spot?

Selecciona una de las siguientes respuestas posibles:

  • Reduce power level

  • Disable SSID broadcast

  • Open system authentication

  • MAC filter

Explicación

Pregunta 27 de 50

1

Which of the following is a step in deploying a WPA2-Enterprise wireless network?

Selecciona una de las siguientes respuestas posibles:

  • Install a token on the authentication server

  • Install a DHCP server on the authentication server

  • Install an encryption key on the authentication server

  • Install a digital certificate on the authentication server

Explicación

Pregunta 28 de 50

1

Which of the following controls would allow a company to reduce the exposure of sensitive systems from unmanaged devices on internal networks?

Selecciona una de las siguientes respuestas posibles:

  • 802.1x

  • Data encryption

  • Password strength

  • BGP

Explicación

Pregunta 29 de 50

1

Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host?

Selecciona una de las siguientes respuestas posibles:

  • Installing anti-malware

  • Implementing an IDS

  • Taking a baseline configuration

  • Disabling unnecessary services

Explicación

Pregunta 30 de 50

1

A security manager must remain aware of the security posture of each system. Which of the following supports this requirement?

Selecciona una de las siguientes respuestas posibles:

  • Training staff on security policies

  • Establishing baseline reporting

  • Installing anti-malware software

  • Disabling unnecessary accounts/services

Explicación

Pregunta 31 de 50

1

Deploying a wildcard certificate is one strategy to:

Selecciona una de las siguientes respuestas posibles:

  • Secure the certificate's private key.

  • Increase the certificate's encryption key length.

  • Extend the renewal date of the certificate.

  • Reduce the certificate management burden.

Explicación

Pregunta 32 de 50

1

The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented?

Selecciona una de las siguientes respuestas posibles:

  • Implicit deny

  • VLAN management

  • Port security

  • Access control lists

Explicación

Pregunta 33 de 50

1

Which of the following ports is used for SSH, by default?

Selecciona una de las siguientes respuestas posibles:

  • 23

  • 32

  • 12

  • 22

Explicación

Pregunta 34 de 50

1

A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN?

Selecciona una de las siguientes respuestas posibles:

  • WPA2 CCMP

  • WPA

  • WPA with MAC filtering

  • WPA2 TKIP

Explicación

Pregunta 35 de 50

1

A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IPs:

10.10.3.16
10.10.3.23
212.178.24.26
217.24.94.83

These attempts are overloading the server to the point that it cannot respond to traffic. Which of the following attacks is occurring?

Selecciona una de las siguientes respuestas posibles:

  • XSS

  • DDoS

  • DoS

  • Xmas

Explicación

Pregunta 36 de 50

1

Which of the following ciphers would be BEST used to encrypt streaming video?

Selecciona una de las siguientes respuestas posibles:

  • RSA

  • RC4

  • SHA1

  • 3DES

Explicación

Pregunta 37 de 50

1

A user attempting to log on to a workstation for the first time is prompted for the following information before being granted access: username, password, and a four-digit security pin that was mailed to him during account registration. This is an example of which of the following?

Selecciona una de las siguientes respuestas posibles:

  • Dual-factor authentication

  • Multifactor authentication

  • Single factor authentication

  • Biometric authentication

Explicación

Pregunta 38 de 50

1

After analyzing and correlating activity from multiple sensors, the security administrator has determined that a group of very well organized individuals from an enemy country is responsible for various attempts to breach the company network, through the use of very sophisticated and targeted attacks. Which of the following is this an example of?

Selecciona una de las siguientes respuestas posibles:

  • Privilege escalation

  • Advanced persistent threat

  • Malicious insider threat

  • Spear phishing

Explicación

Pregunta 39 de 50

1

Which of the following is true about input validation in a client-server architecture, when data integrity is critical to the organization?

Selecciona una de las siguientes respuestas posibles:

  • It should be enforced on the client side only.

  • It must be protected by SSL encryption.

  • It must rely on the user's knowledge of the application.

  • It should be performed on the server side.

Explicación

Pregunta 40 de 50

1

A merchant acquirer has the need to store credit card numbers in a transactional database in a high performance environment. Which of the following BEST protects the credit card data?

Selecciona una de las siguientes respuestas posibles:

  • Database field encryption

  • File-level encryption

  • Data loss prevention system

  • Full disk encryption

Explicación

Pregunta 41 de 50

1

A bank has a fleet of aging payment terminals used by merchants for transactional processing. The terminals currently support single DES but require an upgrade in order to be compliant with security standards. Which of the following is likely to be the simplest upgrade to the aging terminals which will improve in-transit protection of transactional data?

Selecciona una de las siguientes respuestas posibles:

  • AES

  • 3DES

  • RC4

  • WPA2

Explicación

Pregunta 42 de 50

1

Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model?

Selecciona una de las siguientes respuestas posibles:

  • WAF

  • NIDS

  • Routers

  • Switches

Explicación

Pregunta 43 de 50

1

Which of the following is BEST used to capture and analyze network traffic between hosts on the same network segment?

Selecciona una de las siguientes respuestas posibles:

  • Protocol analyzer

  • Router

  • Firewall

  • HIPS

Explicación

Pregunta 44 de 50

1

After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will reduce the risk of another data leak. Which of the following would be MOST effective in reducing data leaks in this situation?

Selecciona una de las siguientes respuestas posibles:

  • Information Security Awareness

  • Social Media and BYOD

  • Data Handling and Disposal

  • Acceptable Use of IT Systems

Explicación

Pregunta 45 de 50

1

Which of the following functions provides an output which cannot be reversed and converts data into a string of characters?

Selecciona una de las siguientes respuestas posibles:

  • Hashing

  • Stream ciphers

  • Steganography

  • Block ciphers

Explicación

Pregunta 46 de 50

1

Which of the following encrypts data a single bit at a time?

Selecciona una de las siguientes respuestas posibles:

  • Stream cipher

  • Steganography

  • 3DES

  • Hashing

Explicación

Pregunta 47 de 50

1

Which of the following is used to verify data integrity?

Selecciona una de las siguientes respuestas posibles:

  • SHA

  • 3DES

  • AES

  • RSA

Explicación

Pregunta 48 de 50

1

By default, which of the following uses TCP port 22? (Select THREE).

Selecciona una o más de las siguientes respuestas posibles:

  • FTPS

  • STELNET

  • TLS

  • SCP

  • SSL

  • HTTPS

  • SSH

  • SFTP

Explicación

Pregunta 49 de 50

1

Access mechanisms to data on encrypted USB hard drives must be implemented correctly otherwise:

Selecciona una o más de las siguientes respuestas posibles:

  • user accounts may be inadvertently locked out.

  • data on the USB drive could be corrupted.

  • data on the hard drive will be vulnerable to log analysis.

  • the security controls on the USB drive can be bypassed.

Explicación

Pregunta 50 de 50

1

Maintenance workers find an active network switch hidden above a dropped-ceiling tile in the CEO's office with various connected cables from the office. Which of the following describes the type of attack that was occurring?

Selecciona una de las siguientes respuestas posibles:

  • Spear phishing

  • Packet sniffing

  • Impersonation

  • MAC flooding

Explicación