401 (con't)

Questão 1

Questão

Which of the following technologies uses multiple devices to share work?

Responda

Switching
Load balancing
RAID
VPN concentrator

Questão 2

Questão

Which of the following protocols uses an asymmetric key to open a session and then establishes a symmetric key for the remainder of the session?

Responda

SFTP
HTTPS
TFTP
TLS

Questão 3

Questão

Which of the following describes how Sara, an attacker, can send unwanted advertisements to a mobile device?

Responda

Man-in-the-middle
Bluejacking
Bluesnarfing
Packet sniffing

Questão 4

Questão

Pete, an employee, is terminated from the company and the legal department needs documents from his encrypted hard drive. Which of the following should be used to accomplish this task? (Select TWO).

Responda

Private hash
Recovery agent
Public key
Key escrow
CRL

Questão 5

Questão

Which of the following mitigation strategies is established to reduce risk when performing updates to business critical systems?

Responda

Incident management
Server clustering
Change management
Forensic analysis

Questão 6

Questão

Which of the following can Pete, a security administrator, use to distribute the processing effort when generating hashes for a password cracking program?

Responda

RAID
Clustering
Redundancy
Virtualization

Questão 7

Questão

Which of the following should Jane, a security administrator, perform before a hard drive is analyzed with forensics tools?

Responda

Identify user habits
Disconnect system from network
Capture system image
Interview witnesses

Questão 8

Questão

Jane, an administrator, needs to make sure the wireless network is not accessible from the parking area of their office. Which of the following would BEST help Jane when deploying a new access point?

Responda

Placement of antenna
Disabling the SSID
Implementing WPA2
Enabling the MAC filtering

Questão 9

Questão

Which of the following allows Pete, a security technician, to provide the MOST secure wireless implementation?

Responda

Implement WPA
Disable SSID
Adjust antenna placement
Implement WEP

Questão 10

Questão

Which of the following is a management control?

Responda

Logon banners
Written security policy
SYN attack prevention
Access Control List (ACL)

Questão 11

Questão

Which of the following security strategies allows a company to limit damage to internal systems and provides loss control?

Responda

Restoration and recovery strategies
Deterrent strategies
Containment strategies
Detection strategies

Questão 12

Questão

In order for Sara, a client, to logon to her desktop computer, she must provide her username, password, and a four digit PIN. Which of the following authentication methods is Sara using?

Responda

Three factor
Single factor
Two factor
Four factor

Questão 13

Questão

Using proximity card readers instead of the traditional key punch doors would help to mitigate:

Responda

Impersonation
Tailgating
Dumpster diving
Shoulder surfing

Questão 14

Questão

Which of the following application attacks is used to gain access to SEH?

Responda

Cookie stealing
Buffer overflow
Directory traversal
XML injection

Questão 15

Questão

Which of the following is an authentication service that uses UDP as a transport medium?

Responda

TACACS+
LDAP
Kerberos
RADIUS

Questão 16

Questão

Which of the following can be used on a smartphone to BEST protect against sensitive data loss if the device is stolen? (Select TWO)

Responda

Tethering
Screen lock PIN
Remote wipe
Email password
GPS tracking
Device encryption

Questão 17

Questão

Jane, a security analyst, is reviewing logs from hosts across the Internet which her company uses to gather data on new malware. Which of the following is being implemented by Jane's company?

Responda

Vulnerability scanner
Honeynet
Protocol analyzer
Port scanner

Questão 18

Questão

Which of the following should Pete, a security manager, implement to reduce the risk of employees working in collusion to embezzle funds from their company?

Responda

Privacy Policy
Least Privilege
Acceptable Use
Mandatory Vacations

Questão 19

Questão

Which of the following will allow Pete, a security analyst, to trigger a security alert because of a tracking cookie?

Responda

Network based firewall
Anti-spam software
Host based firewall
Anti-spyware software

Questão 20

Questão

Which of the following protocols allows for secure transfer of files? (Select TWO).

Responda

ICMP
SNMP
SFTP
SCP
TFTP

Questão 21

Questão

Which of the following passwords is the LEAST complex?

Responda

MyTrain!45
Mytr@in!!
MyTr@in12
MyTr@in#8

Questão 22

Questão

During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection to an internal router, but not successfully log in to it. Which ports and protocols are MOST likely to be open on the firewall? (Select FOUR).

Responda

21
22
23
69
3389
SSH
Terminal services
Rlogin
Rsynce
Telnet

Questão 23

Questão

Which of the following is an application security coding problem?

Responda

Error and exception handling
Patch management
Application hardening
Application fuzzing

Questão 24

Questão

An IT security technician needs to establish host based security for company workstations. Which of the following will BEST meet this requirement?

Responda

Implement IIS hardening by restricting service accounts
Implement database hardening by applying vendor guidelines
Implement perimeter firewall rules to restrict access
Implement OS hardening by applying GPOs

Questão 25

Questão

Which of the following is the MOST specific plan for various problems that can arise within a system?

Responda

Business Continuity Plan
Continuity of Operation Plan
Disaster Recovery Plan
IT Contingency Plan

Questão 26

Questão

Which of the following BEST describes the weakness in WEP encryption?

Responda

The initialization vector of WEP uses a crack-able RC4 encryption algorithm. Once enough packets are captured an XOR operation can be performed and the asymmetric keys can be derived.
The WEP key is stored in plain text and split in portions across 224 packets of random data. Once enough packets are sniffed the IV portion of the packets can be removed leaving the plain text key.
The WEP key has a weak MD4 hashing algorithm used. A simple rainbow table can be used to generate key possibilities due to MD4 collisions.
The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key.

Questão 27

Questão

Sara, the Chief Security Officer (CSO), has had four security breaches during the past two years. Each breach has cost the company $3,000. A third party vendor has offered to repair the security hole in the system for $25,000. The breached system is scheduled to be replaced in five years. Which of the following should Sara do to address the risk?

Responda

Accept the risk saving $10,000
Ignore the risk saving $5,000
Mitigate the risk saving $10,000
Transfer the risk saving $5,000

Questão 28

Questão

Which of the following is an authentication and accounting service that uses TCP for connecting to routers and switches?

Responda

DIAMETER
RADIUS
TACACS+
Kerberos

Questão 29

Questão

Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production system?

Responda

Input validation
Network intrusion detection system
Anomaly-based HIDS
Peer review

Questão 30

Questão

Pete, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection?

Responda

Sign in and sign out logs
Mantrap
Video surveillance
HVAC

Questão 31

Questão

Which of the following should be connected to the fire alarm system in order to help prevent the spread of a fire in a server room without data loss to assist in an FM-200 deployment?

Responda

Water base sprinkler system
Electrical
HVAC
Video surveillance

Questão 32

Questão

Matt, a security consultant, has been tasked with increasing server fault tolerance and has been given no budget to accomplish his task. Which of the following can Matt implement to ensure servers will withstand hardware failure?

Responda

Hardware load balancing
RAID
A cold site
A host standby

Questão 33

Questão

Which of the following fire suppression systems is MOST likely used in a datacenter?

Responda

FM-200
Dry-pipe
Wet-pipe
Vacuum

Questão 34

Questão

A security administrator has installed a new KDC for the corporate environment. Which of the following authentication protocols is the security administrator planning to implement across the organization?

Responda

LDAP
RADIUS
Kerberos
XTACACS

Questão 35

Questão

While opening an email attachment, Pete, a customer, receives an error that the application has encountered an unexpected issue and must be shut down. This could be an example of which of the following attacks?

Responda

Cross-site scripting
Buffer overflow
Header manipulation
Directory traversal

Questão 36

Questão

Jane has recently implemented a new network design at her organization and wishes to passively identify security issues with the new network. Which of the following should Jane perform?

Responda

Vulnerability assessment
Black box testing
White box testing
Penetration testing

Questão 37

Questão

A security technician is working with the network firewall team to implement access controls at the company's demarc as part of the initiation of configuration management processes. One of the network technicians asks the security technician to explain the access control type found in a firewall. With which of the following should the security technician respond?

Responda

Rule based access control
Role based access control
Discretionary access control
Mandatory access control

Questão 38

Questão

Jane, a security administrator, has been tasked with explaining authentication services to the company's management team. The company runs an active directory infrastructure. Which of the following solutions BEST relates to the host authentication protocol within the company's environment?

Responda

Kerberos
Least privilege
TACACS+
LDAP

Questão 39

Questão

Pete, the compliance manager, wants to meet regulations. Pete would like certain ports blocked only on all computers that do credit card transactions. Which of the following should Pete implement to BEST achieve this goal?

Responda

A host-based intrusion prevention system
A host-based firewall
Antivirus update system
A network-based intrusion detection system

Questão 40

Questão

Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal?

Responda

Firewall
Switch
URL content filter
Spam filter

Questão 41

Questão

Pete, the system administrator, wishes to monitor and limit users' access to external websites. Which of the following would BEST address this?

Responda

Block all traffic on port 80
Implement NIDS
Use server load balancers
Install a proxy server

Questão 42

Questão

Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure?

Responda

PAT
NAP
DNAT
NAC

Questão 43

Questão

Matt, a security analyst, needs to select an asymmetric encryption method that allows for the same level of encryption strength with a lower key length than is typically necessary. Which of the following encryption methods offers this capability?

Responda

Twofish
Diffie-Hellman
ECC
RSA

Questão 44

Questão

Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach?

Responda

$1,500
$3,750
$15,000
$75,000

Questão 45

Questão

Methods to test the responses of software and web applications to unusual or unexpected inputs is known as:

Responda

Brute force
HTML encoding
Web crawling
Fuzzing

Questão 46

Questão

Pete needs to open ports on the firewall to allow for secure transmission of files. Which of the following ports should be opened on the firewall?

Responda

TCP 23
UDP 69
TCP 22
TCP 21

Questão 47

Questão

Sara, a security architect, has developed a framework in which several authentication servers work together to increase processing power for an application. Which of the following does this represent?

Responda

Warm site
Load balancing
Clustering
RAID

Questão 48

Questão

Which statement is TRUE about the operation of a packet sniffer?

Responda

It can only have one interface on a management network
They are required for firewall operation and stateful inspection
The Ethernet card must be placed in promiscuous mode
It must be placed on a single virtual LAN interface

Questão 49

Questão

Which of the following firewall rules only denies DNS zone transfers?

Responda

deny udp any any port 53
deny ip any any
deny tcp any any port 53
deny all dns packets

Questão 50

Questão

Which of the following BEST explains the use of an HSM within the company servers?

Responda

Thumb drives present a significant threat which is mitigated by HSM
Software encryption can perform multiple functions required by HSM
Data loss by removable media can be prevented with DLP
Hardware encryption is faster than software encryption

Questão 51

Questão

Which of the following technologies can store multi-tenant data with different security requirements?

Responda

Data loss prevention
Trusted platform module
Hard drive encryption
Cloud computing

Questão 52

Questão

Matt, a security analyst, needs to implement encryption for company data and also prevent theft of company data. Where and how should Matt meet this requirement?

Responda

Matt should implement access control lists and turn on EFS
Matt should implement DLP and encrypt the company database
Matt should install Truecrypt and encrypt the company server
Matt should install TPMs and encrypt the company database

Questão 53

Questão

Which of the following types of encryption will help in protecting files on a PED?

Responda

Mobile device encryption
Transport layer encryption
Encrypted hidden container
Database encryption

Questão 54

Questão

Which of the following does full disk encryption prevent?

Responda

Client side attacks
Clear text access
Database theft
Network-based attacks

Questão 55

Questão

Pete, a security analyst, has been informed that the development team has plans to develop an application which does not meet the company's password policy. Which of the following should Pete do NEXT?

Responda

Contact the Chief Information Officer and ask them to change the company password policy so that the application is made compliant
Tell the application development manager to code the application to adhere to the company's password policy
Ask the application development manager to submit a risk acceptance memo so that the issue can be documented
Inform the Chief Information Officer of non-adherence to the security policy so that the developers can be reprimanded

Questão 56

Questão

Sara, a security manager, has decided to force expiration of all company passwords by the close of business day. Which of the following BEST supports this reasoning?

Responda

A recent security breach in which passwords were cracked
Implementation of configuration management processes
Enforcement of password complexity requirements
Implementation of account lockout procedures

Questão 57

Questão

Which of the following presents the STRONGEST access control?

Responda

MAC
TACACS
DAC
RBAC

Questão 58

Questão

Which of the following encompasses application patch management?

Responda

Configuration management
Policy management
Cross-site request forgery
Fuzzing

Questão 59

Questão

Sara, an application developer, implemented error and exception handling alongside input validation. Which of the following does this help prevent?

Responda

Buffer overflow
Pop-up blockers
Cross-site scripting
Fuzzing

Questão 60

Questão

Which of the following is the LEAST volatile when performing incident response procedures?

Responda

Registers
RAID cache
RAM
Hard drive

Questão 61

Questão

Pete, a developer, writes an application. Jane, the security analyst, knows some things about the overall application but does not have all the details. Jane needs to review the software before it is released to production. Which of the following reviews should Jane conduct?

Responda

Gray Box Testing
Black Box Testing
Business Impact Analysis
White Box Testing

Questão 62

Questão

The information security team does a presentation on social media and advises the participants not to provide too much personal information on social media web sites. This advice would BEST protect people from which of the following?

Responda

Rainbow tables attacks
Brute force attacks
Birthday attacks
Cognitive passwords attacks

Questão 63

Questão

Pete's corporation has outsourced help desk services to a large provider. Management has published a procedure that requires all users, when receiving support, to call a special number. Users then need to enter the code provided to them by the help desk technician prior to allowing the technician to work on their PC. Which of the following does this procedure prevent?

Responda

Collusion
Impersonation
Pharming
Transitive Access

Questão 64

Questão

Pete, the security engineer, would like to prevent wireless attacks on his network. Pete has implemented a security control to limit the connecting MAC addresses to a single port. Which of the following wireless attacks would this address?

Responda

Interference
Man-in-the-middle
ARP poisoning
Rogue access point

Questão 65

Questão

Which of the following can be implemented with multiple bit strength?

Responda

AES
DES
SHA-1
MD5

Questão 66

Questão

Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide?

Responda

No competition with the company's official social presence
Protection against malware introduced by banner ads
Increased user productivity based upon fewer distractions
Elimination of risks caused by unauthorized P2P file sharing

Questão 67

Questão

Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete's BEST option?

Responda

Use hardware already at an offsite location and configure it to be quickly utilized
Move the servers and data to another part of the company's main campus from the server room
Retain data back-ups on the main campus and establish redundant servers in a virtual environment
Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy

Questão 68

Questão

A network stream needs to be encrypted. Sara, the network administrator, has selected a cipher which will encrypt 8 bits at a time before sending the data across the network. Which of the following has Sara selected?

Responda

Block cipher
Stream cipher
CRC
Hashing algorithm

Questão 69

Questão

Which of the following is the BEST approach to perform risk mitigation of user access control rights?

Responda

Conduct surveys and rank the results
Perform routine user permission reviews
Implement periodic vulnerability scanning
Disable user accounts that have not been used within the last two weeks

Questão 70

Questão

Which of the following devices is BEST suited for servers that need to store private keys?

Responda

Hardware security module
Hardened network firewall
Solid state disk drive
Hardened host firewall

Questão 71

Questão

All of the following are valid cryptographic hash functions EXCEPT:

Responda

RIPEMD
RC4
SHA-512
MD4

Questão 72

Questão

In regards to secure coding practices, why is input validation important?

Responda

It mitigates buffer overflow attacks
It makes the code more readable
It provides an application configuration baseline
It meets gray box testing standards

Questão 73

Questão

Which of the following would be used when a higher level of security is desired for encryption key storage?

Responda

TACACS+
L2TP
LDAP
TPM

Questão 74

Questão

A security administrator needs to determine which system a particular user is trying to login to at various times of the day. Which of the following log types would the administrator check?

Responda

Firewall
Application
IDS
Security

Questão 75

Questão

Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network. Which of the following describes this access control type?

Responda

Smartcard
Token
Discretionary access control
Mandatory access control

Questão 76

Questão

Which of the following devices would MOST likely have a DMZ interface?

Responda

Firewall
Switch
Load balancer
Proxy

Questão 77

Questão

Which of the following application security testing techniques is implemented when an automated system generates random input data?

Responda

Fuzzing
XSRF
Hardening
Input validation

Questão 78

Questão

Which of the following can be used by a security administrator to successfully recover a user's forgotten password on a password protected file?

Responda

Cognitive password
Password sniffing
Brute force
Social engineering

Questão 79

Questão

A security administrator wants to check user password complexity. Which of the following is the BEST tool to use?

Responda

Password history
Password logging
Password cracker
Password hashing

Questão 80

Questão

Certificates are used for: (Select TWO).

Responda

Client authentication
WEP encryption
Access control lists
Code signing
Password hashing

Questão 81

Questão

An achievement in providing worldwide Internet security was the signing of certificates associated with which of the following protocols?

Responda

TCP/IP
SSL
SCP
SSH

Questão 82

Questão

A Chief Information Security Officer (CISO) wants to implement two-factor authentication within the company. Which of the following would fulfill the CISO's requirements?

Responda

Username and password
Retina scan and fingerprint scan
USB token and PIN
Proximity badge and token

Questão 83

Questão

Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended?

Responda

Screen lock
Voice encryption
GPS tracking
Device encryption

Questão 84

Questão

Which of the following would a security administrator implement in order to identify a problem between two systems that are not communicating properly?

Responda

Protocol analyzer
Baseline report
Risk assessment
Vulnerability scan

Questão 85

Questão

Which of the following can result in significant administrative overhead from incorrect reporting?

Responda

Job rotation
Acceptable usage policies
False positives
Mandatory vacations

Questão 86

Questão

A security administrator wants to perform routine tests on the network during working hours when certain applications are being accessed by the most people. Which of the following would allow the security administrator to test the lack of security controls for those applications with the least impact to the system?

Responda

Penetration test
Vulnerability scan
Load testing
Port scanner

Questão 87

Questão

Which of the following risk concepts requires an organization to determine the number of failures per year?

Responda

SLE
ALE
MTBF
Quantitative analysis

Questão 88

Questão

Three of the primary security control types that can be implemented are:

Responda

supervisory, subordinate, and peer
personal, procedural, and legal
operational, technical, and management
mandatory, discretionary, and permanent

Questão 89

Questão

The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST appropriate as a FIRST response?

Responda

Recovery
Follow-up
Validation
Identification

Questão 90

Questão

A company is trying to implement physical deterrent controls to improve the overall security posture of their data center. Which of the following BEST meets their goal?

Responda

Visitor logs
Firewall
Hardware locks
Environmental monitoring

Questão 91

Questão

A company's employees were victims of a spear phishing campaign impersonating the CEO. The company would now like to implement a solution to improve the overall security posture by assuring their employees that email originated from the CEO. Which of the following controls could they implement to BEST meet this goal?

Responda

Spam filter
Digital signatures
Antivirus software
Digital certificates

Questão 92

Questão

A security technician is attempting to improve the overall security posture of an internal mail server. Which of the following actions would BEST accomplish this goal?

Responda

Monitoring event logs daily
Disabling unnecessary services
Deploying a content filter on the network
Deploy an IDS on the network

Questão 93

Questão

A bank has recently deployed mobile tablets to all loan officers for use at customer sites. Which of the following would BEST prevent the disclosure of customer data in the event that a tablet is lost or stolen?

Responda

Application control
Remote wiping
GPS
Screen-locks

Questão 94

Questão

Which of the following is the primary security concern when deploying a mobile device on a network?

Responda

Strong authentication
Interoperability
Data security
Cloud storage technique

Questão 95

Questão

Which of the following technical controls is BEST used to define which applications a user can install and run on a company issued mobile device?

Responda

Authentication
Blacklisting
Whitelisting
Acceptable use policy

Questão 96

Questão

After a company has standardized to a single operating system, not all servers are immune to a well-known OS vulnerability. Which of the following solutions would mitigate this issue?

Responda

Host based firewall
Initial baseline configurations
Discretionary access control
Patch management system

Questão 97

Questão

A security administrator discovers an image file that has several plain text documents hidden in the file. Which of the following security goals is met by camouflaging data inside of other files?

Responda

Integrity
Confidentiality
Steganography
Availability

Questão 98

Questão

A company determines a need for additional protection from rogue devices plugging into physical ports around the building. Which of the following provides the highest degree of protection from unauthorized wired network access?

Responda

Intrusion Prevention Systems
MAC filtering
Flood guards
802.1x

Questão 99

Questão

A company is preparing to decommission an offline, non-networked root certificate server. Before sending the server's drives to be destroyed by a contracted company, the Chief Security Officer (CSO) wants to be certain that the data will not be accessed. Which of the following, if implemented, would BEST reassure the CSO? (Select TWO)

Responda

Disk hashing procedures
Full disk encryption
Data retention policies
Disk wiping procedures
Removable media encryption

Questão 100

Questão

During the analysis of a PCAP file, a security analyst noticed several communications with a remote server on port 53. Which of the following protocol types is observed in this traffic?

Responda

FTP
DNS
Email
NetBIOS

Questão 101

Questão

A compromised workstation utilized in a Distributed Denial of Service (DDOS) attack has been removed from the network and an image of the hard drive has been created. However, the system administrator stated that the system was left unattended for several hours before the image was created. In the event of a court case, which of the following is likely to be an issue with this incident?

Responda

Eye Witness
Data Analysis of the hard drive
Chain of custody
Expert Witness

Questão 102

Questão

During which of the following phases of the Incident Response process should a security administrator define and implement general defense against malware?

Responda

Lessons Learned
Preparation
Eradication
Identification

Questão 103

Questão

Due to hardware limitation, a technician must implement a wireless encryption algorithm that uses the RC4 protocol. Which of the following is a wireless encryption solution that the technician should implement while ensuring the STRONGEST level of security?

Responda

WPA2-AES
802.11ac
WPA-TKIP
WEP

Questão 104

Questão

Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify that the email came from Joe and decrypt it? (Select TWO).

Responda

The CA's public key
Ann's public key
Joe's private key
Ann's private key
The CA's private key
Joe's public key

Questão 105

Questão

Joe, a user, wants to send an encrypted email to Ann. Which of the following will Ann need to use to verify the validity's of Joe's certificate? (Select TWO).

Responda

The CA's public key
Joe's private key
Ann's public key
The CA's private key
Joe's public key
Ann's private key

Questão 106

Questão

A technician wants to implement a dual factor authentication system that will enable the organization to authorize access to sensitive systems on a need-to-know basis. Which of the following should be implemented during the authorization stage?

Responda

Biometrics
Mandatory access control
Single sign-on
Role-based access control

Questão 107

Questão

A security researcher wants to reverse engineer an executable file to determine if it is malicious. The file was found on an underused server and appears to contain a zero-day exploit. Which of the following can the researcher do to determine if the file is malicious in nature?

Responda

TCP/IP socket design review
Executable code review
OS Baseline comparison
Software architecture review

Questão 108

Questão

A recent spike in virus detections has been attributed to end-users visiting www.compnay.com. The business has an established relationship with an organization using the URL of www.company.com but not with the site that has been causing the infections. Which of the following would BEST describe this type of attack?

Responda

Typo squatting
Session hijacking
Cross-site scripting
Spear phishing

Questão 109

Questão

A company has proprietary mission critical devices connected to their network which are configured remotely by both employees and approved customers. The administrator wants to monitor device security without changing their baseline configuration. Which of the following should be implemented to secure the devices without risking availability?

Responda

Host-based firewall
IDS
IPS
Honeypot

Questão 110

Questão

An administrator has a network subnet dedicated to a group of users. Due to concerns regarding data and network security, the administrator desires to provide network access for this group only. Which of the following would BEST address this desire?

Responda

Install a proxy server between the users' computers and the switch to filter inbound network traffic.
Block commonly used ports and forward them to higher and unused port numbers.
Configure the switch to allow only traffic from computers based upon their physical address.
Install host-based intrusion detection software to monitor incoming DHCP Discover requests.

	Criado por maxwell3254 mais de 9 anos atrás

Próximo

401 (con't)

Descrição

Resumo de Recurso

Questão 1

Questão 2

Questão 3

Questão 4

Questão 5

Questão 6

Questão 7

Questão 8

Questão 9

Questão 10

Questão 11

Questão 12

Questão 13

Questão 14

Questão 15

Questão 16

Questão 17

Questão 18

Questão 19

Questão 20

Questão 21

Questão 22

Questão 23

Questão 24

Questão 25

Questão 26

Questão 27

Questão 28

Questão 29

Questão 30

Questão 31

Questão 32

Questão 33

Questão 34

Questão 35

Questão 36

Questão 37

Questão 38

Questão 39

Questão 40

Questão 41

Questão 42

Questão 43

Questão 44

Questão 45

Questão 46

Questão 47

Questão 48

Questão 49

Questão 50

Questão 51

Questão 52

Questão 53

Questão 54

Questão 55

Questão 56

Questão 57

Questão 58

Questão 59

Questão 60

Questão 61

Questão 62

Questão 63

Questão 64

Questão 65

Questão 66

Questão 67

Questão 68

Questão 69

Questão 70

Questão 71

Questão 72

Questão 73

Questão 74

Questão 75

Questão 76