Security+ 151-200 – Flashcards
Unlock all answers in this set
Unlock answersquestion
Based on the logs from file servers, remote access systems, and IDS, a malicious insider was stealing data using a personal laptop to determine loss, but the insider's lawyer insists the laptop cannot be identified. Which of the following would BEST be used to identify the specific computer used by the insider?
answer
MAC address
question
Acritical system in the datacenter is not connected to a UPS. The security administrator has coordinated an authorized service interruption to resolve this issue. This is an example of which of the following?
answer
Fault tolerance
question
Which of the following methods BEST describes the use of hiding data within other files?
answer
Steganography
question
Which of the following BEST describes the function of TPM?
answer
Hardware chip that stores encryption keys
question
Which of the following is a security vulnerability that can be disabled for mobile device users?
answer
GPS tracking
question
Which of the following security threats does shredding mitigate?
answer
Dumpster diving
question
Which of the following web application security weaknesses can be mitigated by preventing the use of HTML tags?
answer
Cross-site scripting
question
Which of the following wireless security controls can be easily and quickly circumvented using only a network sniffer?
answer
MAC filtering - Disabled SSID broadcast
question
A company needs to be able to prevent entry, at all times, to a highly sensitive area inside a public building. In order to ensure the BEST type of physical security, which of the following should be implemented?
answer
Mantrap
question
Which of the following BEST describes an intrusion prevention system?
answer
A system that stops an attack in progress
question
The fundamental difference between symmetric and asymmetric key cryptographic systems is the symmetric key cryptography uses:
answer
the same key on each end of the transmission medium
question
A company that purchases insurance to reduce risk is an example of which of the following?
answer
Risk transference
question
Which of the following should a security administrator implement to prevent users from disrupting network connectivity, if a user connects both ends of a network cable to different switch ports?
answer
Loop protection
question
A security administrator is asked with ensuring that all servers are highly available and that hard drive failure will not affect an individual server. Which of the following configurations will allow for high availability?(
answer
Hardware RAID 5 - Software RAID 1
question
Which of the following logical controls does a flood guard protect against?
answer
SYN attacks
question
Which of the following malware types is an antivirus scanner MOST unlikely to discover?(
answer
Pharming - Logic bomb
question
Which of the following allows a security administrator to set device traps?
answer
SNMP
question
Centrally authenticating multiple systems and applications against a federated user database is an example of:
answer
single sign-on
question
A security administrator working for a health insurance company needs to protect customer data by installing an HVAC system and a mantrap in the datacenter. Which of the following are being addressed?(
answer
Confidentiality - Availability
question
Which of the following provide the HIGHEST level of wireless network security?
answer
WPA2
question
Which of the following protocols can be implemented to monitor network devices?
answer
SNMP
question
Which of the following access control technologies provides a rolling password for one-time use?
answer
RSA tokens
question
WEP is seen as an unsecure protocol based on its improper use of which of the following?
answer
RC4
question
Webmail is classified under which of the following cloud-based technologies?
answer
Software as a Service (SaaS)
question
With which of the following is RAID MOST concerned?
answer
Availability
question
Which of the following is a technique designed to obtain information from a specific person?
answer
Spear phishing
question
MAC filtering is a form of which of the following?
answer
Network Access Control
question
A penetration test shows that almost all database servers were able to be compromised through a default through a default password. Which of the following is MOST likely missing from the operational procedures?
answer
Application hardening
question
Which of the following is a removable device that may be used to encrypt in a high availability clustered environment?
answer
HSM
question
A security administrator is implementing a solution that can mitigate an existing server and provide encryption capabilities. Which of the following would meet this requirement?
answer
HSM
question
Which of the following is a management control type?
answer
Vulnerability scanning
question
Which of the following is the MAIN reason to require data labeling?
answer
To ensure that staff understands what data they are hardening and processing
question
Which of the following is a best practice when securing a switch from physical access?
answer
Disable unused ports
question
Which of the following is true about hardware encryption?(
answer
It is faster than software encryption - It is available on computers using TPM
question
Which of the following is a method to prevent ad-hoc configuration mistakes?
answer
Implementing a change management strategy
question
If a security administrator wants to TELNET into a router to make configuration changes, which of the following ports would need to be open by default?
answer
23
question
A security administrator with full administrative rights on the network is forced to temporarily take time off of their duties. Which of the following describes this form of access control?
answer
Mandatory vacation
question
Which of the following can a security administrator implement to help identify smurff attacks?
answer
NIDS
question
Which of the following are the BEST reasons to use HSM?(
answer
Generate keys - Store keys
question
The security administrator is tasked with authenticating users to access an encrypted database. Authentication takes place using PKI and the encryption of the database uses a separate cryptographic process to decrease latency. Which of the following would describe the use of encryption in this situation?
answer
Public key encryption to authenticate users and private keys to encrypt the database
question
Which of the following does a TPM allow for?
answer
Full disk encryption
question
The security administrator implemented privacy screens, password protected screen savers, and hired a secure shredding and disposal service. Which of the following attacks is the security administrator trying to mitigate?(
answer
Dumpster diving - Shoulder surfing
question
Which of the following is a dective security control?
answer
CCTV
question
Which of the following represents the complexity of a password policy which enforces lower case password using letters from 'a' through 'z' is the password length?
answer
26n
question
Which of the following devices is used to optimize and distribute data workloads across multiple computers or networks?
answer
Load balancer
question
A security engineer is troubleshooting a server in the DMZ, which cannot be reached from the Internet or the internal network. All other servers on the DMZ are able to communicate with this server. Which of the following is the MOST likely cause?
answer
The server is missing the default gateway
question
Which of the following identifies some of the running servies on a system?
answer
Determine open ports
question
Determine open ports
answer
Mandatory vacations
question
Mandatory vacations
answer
Secure code review
question
A company has remote workers with laptops that house sensitive data. Which of the following can be implemented to recover the laptops if they are lost?
answer
GPS tracking