Testout 4

Flashcard maker : Lily Taylor
To help prevent browser attacks, users of public computers should do which of the following?
Clear the browsing cache
Which of the following will enter random data to the inputs of the application?
Fuzzing
Which of the following is specifically meant to ensure that a program operates on clean, correct, and useful data?
Input Validation
During the application development cycle, an application tester creates multiple virtual machines on a hypervisor, each with a different version and edition of Windows installed. She then installs the latest build of the application being developed on each virtual machine and evaluates them for security vulnerabilities.
Which assessment technique was used for this scenario?
Configuration Testing
You have recently experienced a security incident with one of your servers. After some research, you determine that the hotfix #568994 that has recently been released would have protected the server.
Which of the following recommendations should you have followed when applying the hotfix?
Test the hotfix, then apply it to all servers.
Which of the following measures are you most likely to implement to protect against a worm or Trojan horse?
Antivirus Software
Which of the following statements about the use of anti-virus software is correct?
Anti-virus software should be configured to download update virus definition files as soon as they become available.
If your anti-virus software does not detect and remove a virus, which should you try first?
Update your virus detection software.
As you browse the internet, you notice that when you go to some sites, multiple additional windows are opened automagically. Many of these windows contain advertisements for naughty products.
Which tool can you implement to stop these from showing?
Pop-up Blocker
You have a development machine that contains sensitive information relative to your business. You are concerned that spyware and malware might get installed while browsing websites and could compromise your system or pose a confidentiality risk.
Which of the following would best protect your system?
Run the browser within a virtual environment.
Which of the following is an advantage of a virtual browser?
Protects the host operating system from malicious downloads
You have just purchased a new network device and are getting ready to connect it to your network. Which of the following should you do to increase its security? (Select two)
Change default passwords.
Apply all patches/updates.
Which of the following tools can you use on a Windows network to automagically distribute and install software and operating system patches on workstations? (Select two)
WSUS, Group Policy
You have contracted with a vendor to supply a custom application that runs on Windows workstations. As new application versions and patches are released, you want to be able to automagically apply these to multiple computers. What tool would be the best choice?
Group policy.
You have installed anti-virus software on the computers on your network. You update the definition and engine files and configure the software to update those files everyday. What else should you do to protect your systems from malware. (Select two)
Educate users about malware
Schedule regular full system scans.
To tightly control the anti-malware settings of your computer, you elect to update the signature file manually. Even though you vigilantly update the signature file, the machine becomes infected with a new type of malware. Which of the following actions would best prevent this from occurring again?
Configure the software to automagically download the virus definition files as soon as they become available.
You have 5 salesmen who work out of your office and who frequently leave their laptops lying on their desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best protection to implement to address your concerns?
Use cable locks to chain the laptops to the desks.
Which of the following terms describes a Windows OS patch that corrects a specific problem and is released on a short term, periodic basis (usually monthly)?
Hotfix
Which of the following is the best recommendation for applying hotfixes to your servers?
Apply only the hotfixes that apply to software running on your systems.
Which of the following are advantages of virtualization (select two)?
Centralized Administration.
Easy migration of systems to different hardware.
A smart phone was lost at the airport. There is no way to recover the device. Which of the following will ensure data confidentiality on the device?
Remote wipe.
Which of the following are NOT reasons to remote wipe a mobile device?
When the device is inactive for a period of time.
Which of the following mobile device security consideration will disable the ability to use the device after a short period of inactivity?
Screen lock
You are an application dev. You use a hypervisor with multiple VMs installed to test your applications on various OS versions and editions. Currently, all of your testing VMs are connected to the production network through the HV’s network interface. However, you are concerned that the latest application you are working on could possibly adversely impact the other network hosts if mistakes or errors exist in the code. To prevent this, you decide to isolate the VMs from the production network. However, they still need to be able to communicate directly with each other. What should you do (Select two. Both responses have to be part of the complete solution)
Create a new virutal switch configured for host-only networking.
Connect the virtual network interfaces in the virtual machines to the virtual switch
What is the main function of a TPM hardware chip?
Generate and store cryptographic keys
You would like to implement BitLocker to encrypt data on a hard disk even if it is moved to another system. You want the system to boot automagically without providing a startup key on an external USB device. What should you do?
Enable the TPM in the BIOS
You want to protect data on the hard drives for users with Laptops. You want the drive to be encrypted, and you want to prevent the laptops from booting unless a special USB Drive is inserted. In addition, the system should not boot if a change is detected in any of the boot files.
What should you do?
Implement BitLocker with a TPM
Which of the following functions are performed by the TPM?
Create a hash of system components.
Which of the following security measures encrypts the entire contents of an HDD?
Drivelock
You want a security solution that protects the entire hard drive, preventing access even when it is moved to another system. Which solution would you chose?
Bitlocker
Which of the following security solutions would prevent a user from reading a file which she did not create?
EFS
Which type of Data Loss Prevention system is usually installed near the network perimeter to detect sensitive data that is being transmitted in violation of organizational security policies?
Network DLP
Which types of data loss prevention system can be configured to block unauthorized email messages being sent to prevent them from being subject to e-mail retention rules?
Endpoint DLP
You’ve used BitLocker to implement full volume encryption on a notebook system. The notebook motherboard does not have a TPM chip, so you’ve used an external USB flash drive to store the BitLocker startup Key. Which system components are encrypted in this scenario?
Master Boot Record.
C: Volume
You’ve used Bitlocker to implement full volume encryption on a notebook system. The notebook motherboard does not have a TPM chip, so you’ve used an external USB flash drive to store BitLocker startup key. You’ve used EFS to encrypt the C:Secrets folder and its contents. Which of te following is true in this scenario? (2)
Only the user who encrypted the C:Secretsconfidential.docx files will be able to open it by default.
If the C:secretsconfidential.docx file is copied into an external USB flash drive, it will be saved in an unencrypted state.
You’ve been assigned to evaluate NoSQL databases as part of a big data analysis initiative in your organization. You’ve downloaded an Open Source NoSQL database form the Internet and installed it on a test system in an isolated lab environment. Which two of the following are likely to be true about this test system?
The database admin user has no password assigned.
Data will be stored in the database in unecrypted format.
You’ve been assigned to evaluate NoSQL as part of a big data analysis initiative in your organization. You’ve downloaded an Open Source NoSQL database from the Internet and installed it on a test system in an isolated lab environment. What should you do to harden this database before implementing it in a production environment? (2)
Disable anonymous access.
Implement an Application layer protocol to encrypt data prior to saving it in the database.
You manage several Windows systems. Desktop users access an in-house application that is hosted on your intranet web server. When a user clicks a specific option in the application, they receive an an error message that the pop-up was blocked. You need to configure the security setting so that users can see the pop-up without compromising overall security. What should you do?
Add the URL of the website to the local intranet zone.
You manage several windows systems. All computers are part of a domain. You use an internal website that uses Integrated Windows Authentication. You attempt to connect to the website and are prompted for authentication. You verify that your user account has permission to access the website. You need to ensure that you are automagically authenticated when you connect to the website. What should you do?
Add the internal website to the local intranet zone.
You are responsible for maintaining Windows workstation OS’s in your organization. Recently, an update was automagically installed on your workstations that caused an application that was developed in-house to stop working. To keep this from happening again, you decided to test all updates on VMs before allowing them to be installed on production workstations. Currently, all of your testing VMs do not have network connection. However, they need to be able to connect to the update servers at Microsoft to download and install updates. What should you do? (2)
Connect the virtual network interfaces in the VMs to the virtual switch.
Create a new virtual switch for bridged networking.
Your organization’s security policy specifies that peer-to-peer file sharing is not allowed. Recently, you received an anonymous tip that an employee has been using a BitTorrent client to download copyrighted material at work. You research BitTorrent and find that it uses TCP ports 6881-6889 by default. You check your perimeter firewall configuration and only ports 80 and 443 are open. However, you check your firewall logs and see that no network traffic on ports 6881-6889 has been blocked. What should you do?
Implement an application control solution.
You are implementing a new application control solution. Prior to enforcing your application whitelist, you want to monitor user traffic for a period of time to discover user behaviours and log violations for later review. How should you configure the application control software to handle applications not contained in the whitelist?
Flag
Your organization recently purchased 30 tablet devices for your traveling sales force. These devices have RT preinstalled on them. To increase the security of those devices, you want to apply a default set of security-related configuration settings. what is the best approach to accomplish this? (2)
Enroll the devices in a mobile device management system.
Configure and apply the security policy setting in a mobile device management system.
Your organization recently purchased 18 iPads for use by the organizations management team. These devices have iOS preinstalled on them. To increase the security of these devices, you want to apply a default set of security related configuration settings. What is the best approach to take to accomplish this? (2)
Enroll the devices in a mobile device management system.
Configure and apply the security policy setting in a mobile device management system.
Recently, a serious security breach occurred in your organization. An attacker was able to log in to the internal network and steal data through a VPN connection using the credentials assigned to a vice president in your organization. For security reasons, all individuals in upper management in your organizations have unlisted home phone numbers and addresses. However, security camera footage from the VP’s home recorded someone rummaging thorugh her garbage cans prior to the attack. The VP admitted to writing her VPN login credentials on a dticky note that she subsequently threw away in her household trash. You suspect the attacker found the sticky note in the trash and used the credentials to log into the network. you’ve reviewed the vice president’s social media pages and you’ve found pictures of her home posted, but nothing that would give away her home address. She assured you her smart phone was never misplaced prior to the attack. What likely caused the breached?
Geo-tagging was enabled on her smartphone.
Your organization is formulating a BYOD security policy for mobile devices. Which of the following statement should be considered as you formulate your policy?
You can’t use domain-based group policies to enforce security settings on mobile devices.
Your organization’s security policy specifies that any mobile devices (Regardless of ownership) that connects to your internal network must have remote wipe enabled. If this device is lost or stolen, then it must be wiped to remove any sensitive data from it.
Your organization has recently purchased several Windows RT tablets. What should you do?
Sign up for a Windows InTune account to manage the tablets.
Your organization provides its sales force with Windows RT 8.1 tablets to use while visiting customer sites. You manage these devices by enrolling them in your cloud based Windows Intune account. One of your sales representatives left her tablet at an airport. The device contains sensitive information and you need to remove it in case the device is compromised. What intune portal should you use to perform remote wipe?
Admin portal.
Your organization provides its sales force with Windows RT 8.1 tablets to use while visiting customer sites. you manage these devices by enrolling them with the cloud based Windows Intune account. One of your sales representatives left her notebook at a customer’s site. The device contains sensitive information and you want to change the password to prevent the date from being compromised. Which intune portal should you use to remotely change the password?
Admin portal
Your organizations has recently purchased 20 tablet devices for the HR department to use for training sessions. You are concerned that these devices could represent a security risk to your network and want to strengthen their security profiles as much as posssible. Which actions should you take? (2)
Imlement storage segmentation.
Enable device encryption.
Over the last several years, the use of mobile devices within your organization has increased dramatically. Unfortunately, many department heads circumvented your Information Systems procurement policies and directly purchased tablets and smartphones for their employees without authorization. As a result there is a proliferation of devices within your organization without accountability. You need to get things under control and begin tracking the devices that are owned by your organization. How do you do this?
Imlement a mobile endpoint management (MEM) solution.
You are an IT consultant and are visiting a new client’s site to become familiar with their network. As you walk around their facility, you note the following:
When you enter the facility, a receptionist greets you and directs you down the hallway to the manager’s cubicle. The receptionist uses a notebook system that is secured to her desk with a cable lock.
The office manager informs you that the organization’s servers are kept in a locked closet. Only she has the key to the closet. When you arrive on site, you will be required to get the key from her to access this closet.
She informs you that several backups are configured to run each night. A rotation of external USB hard disks are used as the backup media.
You notice that the organization’s network switch is kept in an empty cubicle adjacent to the office manager’s workspace.
You notice that a router/firewall/content filter all-in-one device has been implemented in the server closet to protect the internal network from external attacks.
Which security related recomendations should you make to this client? (2)
Control access to the work area with locking doors and card readers.
Relocate the switch to the locked server closet.
You are an IT consultant and are visiting a new client’s site to become familiar with their network. As you walk around their facility, you notice the following:
When you enter the facility, a receptionist greets you and escorts you through a locked door to the work area where the office manager sits.
The office manager informs you that the organization’s servers are kept in a locked closet. An access card is required to enter the server closet.
She informs you that the server backups are configured to run each night. A rotation of tapes are used as the backup media.
You notice the organization’s network switch is kept in the server closet.
You notice that a router/firewall/content all-in-one filter device has been implemented in the server closet to prevent the internal network from external attacks.
The office manager informs you that her desktop system will no longer boot and asks you to repair or replace it, recovering as much data as possible in the process. You carry the workstation out to your car and bring it back to your office to work on it.
What security related recommendations would you make to this client?
Implement a hardware check out system.
You manage the information systems for a large manufacturing firm. Supervisory control and data acquisition (SCADA) devices are used on the manufacturing floor to manage your organization’s automated factory equipment. The SCADA devices use embedded smart technology, allowing them to be managed using a mobile device app over an Internet connection.
You are concerned about the security of these devices. What can you do to increase their security posture? (2)
Verify that your network’s existing security infrastructure is working properly.
Install the latest firmware updates from the device manufacturer.
You manage the information systems for a large co-location data centre. Networked environmental controls are used to manage the temperature within the data centre. These controls use embedded smart technology allowing them to be managed using a mobile device app over an internet connection. You are concerned about the security of these devices. What can you do to increase their security posture? (2)
Install the latest firmware updates from the device manufacturer.
Verify that your network’s existing security infrastructure is working properly.
Why do attackers prefer static environment devices to conduct distributed network attacks? (2)
These devices are typically more difficult to monitor than traditional network devices.
These devices tend to employ much weaker security than traditional network devices.
You are implementing an iSCSI SAN that will be used by the file servers in your organization. You are concerned about security, so your design specifies that iSCSI initiators and targets must authenticate with each other before a connection over the SAN will be allowed. In addition, you want data being transferred over the SAN to be encrypted.
Which of the following are true in this scenario? (2)
The Internet Protocol Security (IPSec) protocol can be used to encrypt the in transit.
The Challenge-Handshake Authentication Protocol (CHAP) and Reverse CHAP can be used to mutually authenticate SAN hosts.
You are implementing a Fibre Channel SAN that will be used by the databases in your organization. You are concerned about security, so your design specifies that SAN hosts must authenticate with each other before a connection over the SAN will be allowed. In addition, you want data being transferred over the SAN to be encrypted.
Which of the following are true in this scenario? (2)
The Encapsulating Security Payload (ESP) protocol can be used to encrypt data in transit.
The Diffie-Hellman Challenge Handshake Authentication Protocol (DH-CHAP) can be used to mutually authenticate SAN hosts.
You are designing a Fibre Channel SAN implementation that will be used by the file servers in your organization. Multiple volumes will be configured on the SAN, each used by different departments in your organization. It is very important that only the appropriate server be able to connect to a given volume on the SAN. For example, the Sales and Marketing server must not be allowed to connect to the SAN volume used by HR. To enable this, you must use LUN masking. Which of the following is true of this scenario?
LUN masking provides weak security as it only obscures volumes on the SAN.

Get instant access to
all materials

Become a Member