7462094
Question 1
Question
An administrator is configuring a new Linux web server where each user account is confined to a cheroot jail.
Which of the following describes this type of control?
Answer
-
SysV
-
Sandbox
-
Zone
-
Segmentation
Question 2
Question
A company must send sensitive data over a non-secure network via web services. The company suspects that competitors are actively trying to intercept all transmissions. Some of the information may be valuable to competitors, even years after it has been sent. Which of the following will help mitigate the risk in the scenario?
Answer
-
Digitally sign the data before transmission
-
Choose steam ciphers over block ciphers
-
Use algorithms that allow for PFS
-
Enable TLS instead of SSL
-
Use a third party for key escrow
Question 3
Question
An administrator requests a new VLAN be created to support the installation of a new SAN. Which of the following data transport?
Answer
-
Fibre Channel
-
SAS
-
Sonet
-
ISCSI
Question 4
Question
Which of the following can be mitigated with proper secure coding techniques?
Answer
-
Input validation
-
Error handling
-
Header manipulation
-
Cross-site scripting
Question 5
Question
When implementing a mobile security strategy for an organization which of the following is the MOST influential concern that contributes to that organization's ability to extend enterprise policies to mobile devices?
Answer
-
Support for mobile OS
-
Support of mobile apps
-
Availability of mobile browsers
-
Key management for mobile devices
Question 6
Question
A recent audit has revealed that all employees in the bookkeeping department have access to confidential payroll information, while only two members of the bookkeeping department have job duties that require access to the confidential information. Which of the following can be implemented to reduce the risk of this information becoming compromised in this scenario? (Select TWO)
Answer
-
Rule-based access control
-
Role-based access control
-
Data loss prevention
-
Separation of duties
-
Group-based permissions
Question 7
Question
A project manager is evaluating proposals for a cloud computing project. The project manager is particularly concerned about logical security controls in place at the service provider's facility. Which of the following sections of the proposal would be MOST important to review, given the project manager's concerns?
Answer
-
CCTV monitoring
-
Perimeter security lighting system
-
Biometric access system
-
Environmental system configuration
Question 8
Question
Joe notices there are several user accounts on the local network generating spam with embedded malicious code. Which of the following technical control should Joe put in place to BEST reduce these incidents?
Answer
-
Account lockout
-
Group Based Privileges
-
Least privilege
-
Password complexity
Question 9
Question
A forensics analyst is tasked identifying identical files on a hard drive. Due to the large number of files to be compared, the analyst must use an algorithm that is known to have the lowest collision rate. Which of the following should be selected?
Answer
-
MD5
-
RC4
-
SHA1
-
AES-256
Question 10
Question
In an effort to reduce data storage requirements, a company devices to hash every file and eliminate duplicates. The data processing routines are time sensitive so the hashing algorithm is fast and supported on a wide range of systems. Which of the following algorithms is BEST suited for this purpose?
Answer
-
MD5
-
SHA
-
RIPEMD
-
AES
Want to create your own Quizzes for free with GoConqr? Learn more.