Question 1
Question
Which of the following security tools can Jane, a security administrator, use to deter theft?
Answer
-
Visualization
-
Cable locks
-
GPS tracking
-
Device encryption
Question 2
Question
Which of the following can be implemented on a laptop hard drive to help prevent unauthorized access to data?
Answer
-
Full disk encryption
-
Key escrow
-
Screen lock
-
Data loss prevention
Question 3
Question
Which of the following network devices allows Jane, a security technician, to perform malware inspection?
Answer
-
Load balancer
-
VPN concentrator
-
Firewall
-
NIPS
Question 4
Question
Which of the following is a valid server-role in a Kerberos authentication system?
Question 5
Question
The accounting department needs access to network share A to maintain a number of financial reporting documents. The department also needs access to network share B in HR to view payroll documentation for cross-referencing items. Jane, an administrative assistant, needs access to view one document in network share A to gather data for management reports. Which of the following gives accounting and Jane the correct rights to these areas?
Answer
-
Accounting should be given read/write access to network share A and read access to network share B. Jane should be given read access for the specific document on network share A.
-
Accounting should be given read/write access to network share A and read access to network share B. Jane should be given read access to network share A.
-
Accounting should be given full access to network share A and read access to network share B. Jane should be given read/write access for the specific document on network share A.
-
Accounting should be given full access to network share A and read access to network share B. Jane should be given read/write access to network share A.
Question 6
Question
Which of the following creates ciphertext by changing the placement of characters?
Question 7
Question
Which of the following malware types uses stealth techniques to conceal itself, cannot install itself without user interaction, and cannot automatically propagate?
Answer
-
Rootkit
-
Logic bomb
-
Adware
-
Virus
Question 8
Question
When Pete, an employee, leaves a company, which of the following should be updated to ensure Pete's security access is reduced or eliminated?
Question 9
Question
Which of the following should Matt, an administrator, change FIRST when installing a new access point?
Answer
-
SSID broadcast
-
Encryption
-
DHCP addresses
-
Default password
Question 10
Question
A datacenter has two rows of racks which are facing the same direction. Sara, a consultant, recommends the racks be faced away from each other. This is an example of which of the following environmental concepts?
Question 11
Question
Which of the following password policies is the MOST effective against a brute force network attack?
Question 12
Question
Which of the following would BEST be used by Sara, the security administrator, to calculate the likelihood of an event occurring?
Question 13
Question
Which of the following should Matt, an administrator, implement in a server room to help prevent static electricity?
Answer
-
GFI electrical outlets
-
Humidity controls
-
ESD straps
-
EMI shielding
Question 14
Question
Sara, a company's security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building Sara should immediately implement which of the following?
Question 15
Question
Pete, an IT security technician, has been tasked with implementing physical security controls for his company's workstations. Which of the following BEST meets this need?
Answer
-
Host-based firewalls
-
Safe
-
Cable locks
-
Remote wipe
Question 16
Question
Which of the following creates ciphertext by replacing one set of characters for another?
Question 17
Question
Sara, the IT Manager, would like to ensure that the router and switches are only available from the network administrator's workstation. Which of the following would be the MOST cost effective solution to ensure that only the network administrator can access these devices?
Question 18
Question
A company is performing internal security audits after a recent exploitation on one of their proprietary applications. Sara, the security auditor, is given the workstation with limited documentation regarding the application installed for the audit. Which of the following types of testing methods is this?
Answer
-
Sandbox
-
White box
-
Black box
-
Gray box
Question 19
Question
A web server sitting in a secure DMZ has antivirus and anti-malware software which updates daily. The latest security patches are applied and the server does not run any database software. A day later, the web server is compromised and defaced. Which of the following is the MOST likely type of attack?
Answer
-
Header manipulation
-
Zero day exploit
-
Session hijacking
-
SQL injection