An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?
TCP/IP
SSL
SCP
SSH
A Chief Information Security Officer (CISO) wants to implement two-factor authentication within the company. Which of the following would fulfill the CISO’s requirements?
Username and password
Retina scan and fingerprint scan
USB token and PIN
Proximity badge and token
Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended?
Screen lock
Voice encryption
GPS tracking
Device encryption
Which of the following would a security administrator implement in order to identify a problem between two systems that are not communicating properly?
Protocol analyzer
Baseline report
Risk assessment
Vulnerability scan
Which of the following can result in significant administrative overhead from incorrect reporting?
Job rotation
Acceptable usage policies
False positives
Mandatory vacations
A security administrator wants to perform routine tests on the network during working hours when certain applications are being accessed by the most people. Which of the following would allow the security administrator to test the lack of security controls for those applications with the least impact to the system?
Penetration test
Load testing
Port scanner
Which of the following risk concepts requires an organization to determine the number of failures per year?
SLE
ALE
MTBF
Quantitative analysis
A system security analyst using an enterprise monitoring tool notices an unknown internal host exfiltrating files to several foreign IP addresses. Which of the following would be an appropriate mitigation technique?
Disabling unnecessary accounts
Rogue machine detection
Encrypting sensitive files
Implementing antivirus
Three of the primary security control types that can be implemented are.
Supervisory, subordinate, and peer
Personal, procedural, and legal
Operational, technical, and mamagement
Mandatory, discretionary, and permanent
The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST appropriate as a FIRST response?
Recovery
Follow-up
Validation
Identification
Eradication
Containment
Which of the following protocols operates at the HIGHEST level of the OSI model?
ICMP
IPSec
TCP
Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server?
$500
$5,000
$25,000
$50,000
Which of the following should an administrator implement to research current attack methodologies?
Design reviews
Honeypot
Vulnerability scanner
Code reviews
Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks?
Intrusion Detection System
Flood Guard Protection
Web Application Firewall
URL Content Filter
Which of the following means of wireless authentication is easily vulnerable to spoofing?
MAC Filtering
WPA - LEAP
WPA - PEAP
Enabled SSID
The BEST methods for a web developer to prevent the website application code from being vulnerable to cross-site request forgery (XSRF) are to: (Select TWO).
permit redirection to Internet-facing web URLs
ensure all HTML tags are enclosed in angle brackets, e.g. "<" and ">"
validate and filter input on the server side and client side
use a web proxy to pass website requests between the user and the application
restrict and sanitize use of special characters in input and URLs
Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication. Which of the following is an authentication method Jane should use?
WPA2-PSK
WEP-PSK
CCMP
LEAP
Computer evidence at a crime scene is documented with a tag stating who had possession of the evidence at a given time. Which of the following does this illustrate?
System image capture
Record time offset
Order of volatitility
Chain of custody
A network administrator is configuring access control for the sales department which has high employee turnover. Which of the following is BEST suited when assigning user rights to individuals in the sales department?
Time of day restrictions
Group based privileges
User assigned privileges
Domain admin restrictions
Which of the following is being tested when a company’s payroll server is powered off for eight hours?
Succession plan
Business impact document
Continuity of operations plan
Risk assessment plan
A security analyst, Ann, is reviewing an IRC channel and notices that a malicious exploit has been created for a frequently used application. She notifies the software vendor and asks them for remediation steps, but is alarmed to find that no patches are available to mitigate this vulnerability. Which of the following BEST describes this exploit?
Malicious insider threat
Zero-day
Client-side attack
Malicious add-on
A security administrator has concerns about new types of media which allow for the mass distribution of personal comments to a select group of people. To mitigate the risks involved with this media, employees should receive training on which of the following?
Peer to Peer
Mobile devices
Social Networking
Personally owned devices
A network administrator is responsible for securing applications against external attacks. Every month, the underlying operating system is updated. There is no process in place for other software updates. Which of the following processes could MOST effectively mitigate these risks?
Application hardening
Application change management
Application patch management
Application firewall review
A software developer is responsible for writing the code on an accounting application. Another software developer is responsible for developing code on a system in human resources. Once a year they have to switch roles for several weeks. Which of the following practices is being implemented?
Job roation
Least privilege
Separation of duties
A network engineer is designing a secure tunneled VPN. Which of the following protocols would be the MOST secure?
SFTP
BGP
PPTP
Which of the following implementation steps would be appropriate for a public wireless hot-spot?
Reduce power level
Disable SSID broadcast
Open system authentication
MAC filter
Which of the following is a step in deploying a WPA2-Enterprise wireless network?
Install a token on the authentication server
Install a DHCP server on the authentication server
Install an encryption key on the authentication server
Install a digital certificate on the authentication server
Which of the following controls would allow a company to reduce the exposure of sensitive systems from unmanaged devices on internal networks?
802.1x
Data encryption
Password strength
Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host?
Installing anti-malware
Implementing an IDS
Taking a baseline configuration
Disabling unnecessary services
A security manager must remain aware of the security posture of each system. Which of the following supports this requirement?
Training staff on security policies
Establishing baseline reporting
Installing anti-malware software
Disabling unnecessary accounts/services
Deploying a wildcard certificate is one strategy to:
Secure the certificates's private key
Increase the certificate's encryption key length
Extend the renewal date of the certificate
Reduce the certificate management burden
The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented?
Implicit deny
VLAN management
Port security
Access control lists
Which of the following ports is used for SSH, by default?
23
32
12
22
A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN?
WPA2 CCMP
WPA
WPA with MAC filtering
WPA2 TKIP
A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IPs: 10.10.3.16, 10.10.3.23, 212.178.24.26, 212.178.24.26, 217.24.94.83. These attempts are overloading the server to the point that it cannot respond to traffic. Which of the following attacks is occurring?
XSS
DDoS
DoS
XMAS
Which of the following ciphers would be BEST used to encrypt streaming video?
RSA
RC4
SHA1
3DES
A user attempting to log on to a workstation for the first time is prompted for the following information before being granted access: username, password, and a four-digit security pin that was mailed to him during account registration. This is an example of which of the following?
Dual-factor authentication
Multifactor authentication
Single factor authentication
Biometric authentication
After analyzing and correlating activity from multiple sensors, the security administrator has determined that a group of very well organized individuals from an enemy country is responsible for various attempts to breach the company network, through the use of very sophisticated and
targeted attacks. Which of the following is this an example of?
Privilege escalation
Advanced persistent threat
Spear phishing
Which of the following is true about input validation in a client-server architecture, when data integrity is critical to the organization?
It should be enforced on the client side only
It must be protected by SSL encryption
It must rely on the user's knowledge of the application
It should be performed on the server side
A merchant acquirer has the need to store credit card numbers in a transactional database in a high performance environment. Which of the following BEST protects the credit card data?
Database field encryption
File-level encryption
Data loss prevention system
Full disk encryption
A bank has a fleet of aging payment terminals used by merchants for transactional processing. The terminals currently support single DES but require an upgrade in order to be compliant with security standards. Which of the following is likely to be the simplest upgrade to the aging terminals which will improve in-transit protection of transactional data?
AES
WPA2
Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model?
WAF
NIDS
Routers
Switches
Which of the following is BEST used to capture and analyze network traffic between hosts on the same network segment?
Router
Firewall
HIPS
After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will reduce the risk of another data leak. Which of the following would be MOST effective in reducing data leaks in this situation?
Information Security Awareness
Social Media and BYOD
Data Handling and Disposal
Acceptable Use of IT Systems
Which of the following functions provides an output which cannot be reversed and converts data into a string of characters?
Hasing
Stream ciphers
Steganography
Block ciphers
Which of the following encrypts data a single bit at a time?
Stream cipher
Which of the following is used to verify data integrity?
SHA
By default, which of the following uses TCP port 22?
FTPS
STELNET
TLS
HTTPS
Access mechanisms to data on encrypted USB hard drives must be implemented correctly otherwise:
user accounts may be inadvertently locked out
data on the USB drive could be corrupted
data on the hard drive will be vulnerable to log analysis
the security controls on the USB drive can be bypassed
Maintenance workers find an active network switch hidden above a dropped-ceiling tile in the CEO’s office with various connected cables from the office. Which of the following describes the type of attack that was occurring?
Packet sniffing
Impersonation
MAC flooding
