Testout network – Flashcards

Unlock all answers in this set

Unlock answers
question
Which of the following measures will make your wireless network invisible to the casual attacker performing war driving
answer
Disable SSID broadcast
question
Which remote access authentication protocol allows for the use of smart cards for authentication
answer
EAP
question
Which of the following do switches and wireless access points use to control access through the device
answer
MAC Filtering
question
You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication
answer
On a RADIUS Server
question
You are the wireless network admin for your org. As the size of the org has grown, you've decided to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. You've decided to use LEAP to authenticate wireless clients. To do this, you configured a Cisco RADIUS server and installed the neccessary Cisco client software on each RADIUS client. Which of the following is true concerning this implementation
answer
The system is vulnerable because LEAP is susceptible to dictionary attacks.
question
You are the wireless network admin for your org. As the size of the org has grown, you've decided to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. To do this, you need to configure a RADIUS Server and RADIUS clients. You want the server and the clients to mutually authenticate with each other. What should you do
answer
(Select two. Each response is part of the complete solution) Configure the RADIUS server with a server certificate
question
Which implementation is most secure
answer
EAP-TLS
question
Which of the following features on a wireless network allows or rejects client connections based on the hardware address
answer
MAC address filtering
question
You've just finished installing a wireless access point for a client. What should you do to prevent unauthorized users from accessing the access point (AP) configuration utility
answer
Change the administrative password on the AP.
question
You are concerned about sniffing attacks on your wireless network. Which of the following implementations offers the best countermeasure to sniffing
answer
WPA2 and AES
question
What is the least secure place to locate an access point with an omni-directional antenna when creating a wireless cell
answer
Near a window
question
What purpose does a wireless site survey serve
answer
(Choose two) To identify existing or potential sources of interference.
question
You need to place a wireless access point in your two story building. While trying to avoid interference, which of the following is the best location for the access point
answer
In the top floor
question
The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for guests. The owner has asked that you implement security controls such that only paying guests are allowed to use the wireless network. She wants guests to be presesnted with a loging page when they initially connect to the WLAN. After entering a code provided at check in, guests should then be allowed full access to the Internet. If a user does not provide the correct code, they should not be allowed access to the internet. What should you do
answer
Implement a captive portal
question
Which of the following measures will make your wireless network invisible to the casual attacker performing war driving
answer
Disable SSID broadcast
question
Which remote access authentication protocol allows for the use of smart cards for authentication
answer
EAP
question
Which of the following do switches and wireless access points use to control access through the device
answer
MAC Filtering
question
You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication
answer
On a RADIUS Server
question
You are the wireless network admin for your org. As the size of the org has grown, you've decided to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. You've decided to use LEAP to authenticate wireless clients. To do this, you configured a Cisco RADIUS server and installed the neccessary Cisco client software on each RADIUS client. Which of the following is true concerning this implementation
answer
The system is vulnerable because LEAP is susceptible to dictionary attacks.
question
You are the wireless network admin for your org. As the size of the org has grown, you've decided to upgrade your wireless network to use 802.1x authentication instead of pre-shared keys. To do this, you need to configure a RADIUS Server and RADIUS clients. You want the server and the clients to mutually authenticate with each other. What should you do
answer
(Select two. Each response is part of the complete solution) Configure the RADIUS server with a server certificate
question
Which implementation is most secure
answer
EAP-TLS
question
Which of the following features on a wireless network allows or rejects client connections based on the hardware address
answer
MAC address filtering
question
You've just finished installing a wireless access point for a client. What should you do to prevent unauthorized users from accessing the access point (AP) configuration utility
answer
Change the administrative password on the AP.
question
You are concerned about sniffing attacks on your wireless network. Which of the following implementations offers the best countermeasure to sniffing
answer
WPA2 and AES
question
What is the least secure place to locate an access point with an omni-directional antenna when creating a wireless cell
answer
Near a window
question
What purpose does a wireless site survey serve
answer
(Choose two) To identify existing or potential sources of interference.
question
You need to place a wireless access point in your two story building. While trying to avoid interference, which of the following is the best location for the access point
answer
In the top floor
question
Which of the following attacks is a form of software exploitation that transmits or submits a longer stream of data than the input variable is designed to handle
answer
Buffer overflow
question
You have worked as the network administrator for a company for seven months. One day all picture files on the server become corrupted. You discover that a user downloaded a virus from the Internet onto his workstation, and it propagated to the server. You successfully restore all files from backup, but your boss is adamant that this situation does not reoccur. What should you do
answer
Install a network virus detection software solution.
question
An attacker sets up 100 drone computers that flood a DNS server with invalid requests. This is an example of which kind of attack
answer
DDoS
question
Which is a form of attack that either exploits a software flaw or floods a system with traffic in order to prevent legitimate activities or transactions from occurring
answer
Denial of service attack
question
Which of the following is a form of denial of service attack that uses spoofed ICMP packets to flood a victim with echo requests using a bounce/amplification network
answer
Smurf
question
A Smurf attack requires all but which of the following elements to be implemented
answer
Padded cell
question
What is the common name for a program that has no useful purpose, but attempts to spread itself to other systems and often damages resources on the systems where it is found
answer
Virus
question
Which of the following is not a primary characteristic of a worm
answer
It infects the MBR of a hard drive
question
Which of the following is the best countermeasure against man-in-the middle attacks
answer
IPsec
question
Which of the following describes a man-in-the-middle attack
answer
A false server intercepts communications from a client by impersonating the intended server.
question
What is the main difference between a worm and a virus
answer
A worm can replicate itself and does not need a host for distribution.
question
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this
answer
Rogue access point
question
An attacker is trying to compromise a wireless network that has been secured using WPA2-PSK and AES. She first tried using AirSnort to capture packets, but found that she couldn't break the encryption. As an alternative, she used software to configure her laptop to function as an access point. She configured the fake access point with the same SSID as the wireless network she is trying to break into. When wireless clients connect to her access point, she presents them with a web page asking them to enter the WPA2 passphrase. When they do, she then uses it to connect a wireless client to the real access point. What attack techniques did the attacker use in this scenario
answer
(Select two.) Pharming
question
A senior executive reports that she received a suspicious email concerning a sensitive, internal project that is behind production. The email is sent from someone she doesn't know and he is asking for immediate clarification on several of the project's details so the project can get back on schedule. Which type of an attack best describes the scenario
answer
Whaling
question
Which of the following is a common form of social engineering attack
answer
Hoax virus information e-mails.
question
A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent
answer
Botnet
question
Which of the following is a characteristic of a virus
answer
Requires an activation mechanism to run
question
You have heard about a new malware program that presents itself to users as a virus scanner. When users run the software, it installs itself as a hidden program that has administrator access to various operating system components. The program then tracks system activity and allows an attacker to remotely gain administrator access to the computer. Which of the following terms best describes this software
answer
Rootkit
question
Which of the following is undetectable software that allows administrator-level access
answer
Rootkit
question
What is the greatest threat to the confidentiality of data in most secure organizations
answer
USB devices
question
A relatively new employee in the data entry cubical farm was assigned a user account similar to that of all of the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred
answer
Privilege escalation
question
Which of the following attacks tries to associate an incorrect MAC address with a known IP address
answer
ARP poisoning
question
A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internet-facing interface. This is an example of what form of attack
answer
Spoofing
question
What is modified in the most common form of spoofing on a typical IP packet
answer
Source address
question
Which type of Denial of Service (DoS) attack occurs when a name server receives malicious or misleading data that incorrectly maps host names and IP addresses
answer
DNS poisoning
question
Which of the following is an example of an internal threat
answer
A user accidentally deletes the new product designs
question
An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware. What kind of attack has occurred in this scenario
answer
Spam
question
An attacker uses an exploit to push a modified hosts file to client systems. This hosts file redirects traffic from legitimate tax preparation sites to malicious sites to gather personal and financial information. What kind of exploit has been used in this scenario
answer
(Choose two. Both responses are different names for the same exploit.) Pharming
question
While developing a network application, a programmer adds functionally that allows her to access the running program, without authentication, to capture debugging data. The programmer forgets to remove this functionality prior to finalizing the code and shipping the application. What type of security weakness does this represent
answer
Backdoor
question
When you browse to a website, a pop-up window tells you that your computer has been infected with a virus. You click on the window to see what the problem is. Later, you find out that the window has installed spyware on your system. What type of attack has occurred
answer
Drive-by download
question
While using a web-based order form, an attacker enters an unusually large value in the Quantity field. The value entered is large enough to exceed the maximum value supported by the variable type used to store the quantity in the web application. This causes the value of the quantity variable to wrap around to the minimum possible value, which is a negative number. As a result, the web application processes the order as a return instead of a purchase, and the attacker's account is refunded a large sum of money. What type of attack has occurred in this scenario
answer
Integer overflow
question
Purchasing insurance is what type of response to risk
answer
Transference
question
Over the last month you have noticed a significant increase in the occurrence of inappropriate activities performed by employees. What is the best first response step to take in order to improve or maintain the security level of the environment
answer
Improve and hold new awareness sessions
question
Which of the following uses hacking techniques to proactively discover internal vulnerabilities
answer
Penetration testing
question
Which of the following activities are typically associated with a penetration test
answer
(Select two.) Attempting social engineering
question
What is the main difference between vulnerability scanning and penetration testing
answer
Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.
question
Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack
answer
Zero knowledge team
question
A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to the wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario
answer
Active fingerprinting
question
A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario
answer
Passive fingerprinting
question
When recovery is being performed due to a disaster, which services are to be stabilized first
answer
Mission critical
question
In business continuity planning, what is the primary focus of the scope
answer
Business processes
question
What is the primary goal of business continuity planning
answer
Maintaining business operations with reduced or restricted infrastructure capabilities or resources
question
Which of the following network strategies connects multiple servers together such that if one server fails, the others immediately take over its tasks, preventing a disruption in service
answer
Clustering
question
What is the primary security feature that can be designed into a network's infrastructure to protect and support availability
answer
Redundancy
question
You manage a website for your company. The website uses three servers configured in a cluster. Incoming requests are distributed automatically between the three servers. All servers use a shared storage device that holds the website contents. Each server has a single network connection and a single power supply. Considering the availability of your website, which component represents a single point of failure
answer
Website storage
question
You manage the website for your company. The website uses a cluster of two servers with a single shared storage device. The shared storage device uses a RAID 1 configuration. Each server has a single connection to the shared storage, and a single connection to your ISP. You want to provide redundancy such that a failure in a single component does not cause the website to be unavailable. What should you add to your configuration to accomplish this
answer
Connect one server through a different ISP to the Internet.
question
Even if you perform regular backups, what must be done to ensure that you are protected against data loss
answer
Regularly test restoration procedures
question
Which encryption method is used by WPA for wireless networks
answer
TKIP
question
You want to implement 802.1x authentication on your wireless network. Which of the following will be required
answer
RADIUS
question
You want to implement 802.1x authentication on your wireless network. Where would you configure passwords that are used for authentication
answer
On a RADIUS server
question
Which of the following wireless security methods uses a common shared key configured on the wireless access point and all wireless clients
answer
WEP, WPA Personal, and WPA2 Personal
question
You want to connect your client computer to a wireless access point connected to your wired network at work. The network administrator tells you that the access point is configured to use WPA2 Personal with the strongest encryption method possible. SSID broadcast is turned off. Which of the following must you configure manually on the client
answer
(Select three.) Preshared key
question
Which of the following authentication protocols uses a three-way handshake to authenticate users to the network
answer
(Choose two.) MS-CHAP
question
Which type of device is required to implement port authentication through a switch
answer
RADIUS server
question
You want to increase the security of your network by allowing only authenticated users to be able to access network devices through a switch. Which of the following should you implement
answer
802.1x
question
Which of the following applications typically use 802.1x authentication
answer
(Select two.) Controlling access through a switch
question
Which of the following attacks, if successful, causes a switch to function like a hub
answer
MAC flooding
question
You just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires an ID card to gain access. You backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using a Telnet client with a username of admin and a password of admin. You used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device
answer
(Select two.) Use an SSH client to access the router configuration.
question
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration interface from your notebook computer using an SSH client with a user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device
answer
Move the router to a secure server room.
question
You run a small network for your business that has a single router connected to the Internet and a single switch. You keep sensitive documents on a computer that you would like to keep isolated from other computers on the network. Other hosts on the network should not be able to communicate with this computer through the switch, but you still need to access the network through the computer. What should you use for this situation
answer
VLAN
question
When using Kerberos authentication, which of the following terms is used to describe the token that verifies the identity of the user to the target system
answer
Ticket
question
You have been contracted by a firm to implement a new remote access solution based on a Windows Server 2003 system. The customer wants to purchase and install a smartcard system to provide a high level of security to the implementation. Which of the following authentication protocols are you most likely to recommend to the client
answer
EAP
question
Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of those accounts
answer
RADIUS
question
Which of the following is a mechanism for granting and validating certificates
answer
PKI
question
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access
answer
(Select two.) RADIUS
question
You want to implement an authentication method that uses public and private key pairs. Which authentication method should you use
answer
EAP
question
You have a web server that will be used for secure transactions for customers who access the website over the Internet. The web server requires a certificate to support SSL. Which method would you use to get a certificate for the server
answer
Obtain a certificate from a public PKI.
question
Which of the following authentication methods uses tickets to provide single sign-on
answer
Kerberos
question
Which of the following are used when implementing Kerberos for authentication and authorization
answer
(Select two.) Ticket granting server
question
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the following would be a required part of your configuration
answer
Configure the remote access servers as RADIUS clients.
question
Which of the following are characteristics of TACACS+
answer
(Select two.) Uses TCP
question
Which of the following is a feature of MS-CHAP v2 that is not included in CHAP
answer
Mutual authentication
question
Which of the following specifications identify security that can be added to wireless networks
answer
(Select two.) 802.11i
question
Which of the following is the best action to take to make remembering passwords easier so that she no longer has to write the password down
answer
Implement end-user training.
question
Which of the following is the most common form of authentication
answer
Password
question
Which of the following is an example of two-factor authentication
answer
A token device and a PIN
question
Which of the following is an example of three-factor authentication
answer
Token device, keystroke analysis, cognitive question
question
Which of the following best describes one-factor authentication
answer
Multiple authentication credentials may be required, but they are all of the same type
question
You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this
answer
Client-side scripts
question
Which of the following actions should you take to reduce the attack surface of a server
answer
Disable unused services.
question
You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do
answer
(Select two. Each response is a complete solution.) Conduct a site survey.
question
If your anti-virus software does not detect and remove a virus, what should you try first
answer
Update your virus detection software.
question
Which remote access authentication protocol allows for the use of smart cards for authentication
answer
EAP
question
Which of the following do switches and wireless access points use to control access through the device
answer
MAC filtering
question
Telnet is inherently insecure because its communication is in plain text and is easily intercepted. Which of the following is an acceptable alternative to Telnet
answer
SSH
question
Which security protocols use RSA encryption to secure communications over an untrusted network
answer
(Select two.) Transport Layer Security
question
Which of the following networking devices or services prevents the use of IPsec in most cases
answer
NAT
question
Which of the following protocols are often added to other protocols to provide secure transmission of data
answer
(Select two.) TLS
question
A network switch detects a DHCP frame on the LAN that appears to have come from a DHCP server that is not located on the local network. In fact, it appears to have originated from outside the organization's firewall. As a result, the switch drops the DHCP message from that server. Which security feature was enabled on the switch to accomplish this
answer
DHCP snooping
question
What security feature was enabled on the switch to accomplish this
answer
Dynamic ARP Inspection
question
You have just downloaded a file. You create a hash of the file and compare it to the hash posted on the website. The two hashes match. What do you know about the file
answer
Your copy is the same as the copy posted on the website.
question
Which security-related recommendations should you make to this client
answer
(Select two.) Relocate the switch to the locked server closet.
question
What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal
answer
Turnstiles
question
You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose
answer
PTZ
question
Which of the following allows for easy exit of an area in the event of an emergency, but prevents entry
answer
(Select two.) Turnstile
question
Which security-related recommendations should you make to this client
answer
(Select two.) Relocate the switch to the locked server closet.
question
Which of the following is the most important thing to do to prevent console access to a network switch
answer
Keep the switch in a room that uses a cipher lock.
question
Which of the following does a router acting as a firewall use to control which packets are forwarded or dropped
answer
ACL
question
You have a router that is configured as a firewall. The router is a layer 3 device only. Which of the following does the router use for identifying allowed or denied packets
answer
IP address
question
You want to allow traveling users to connect to your private network through the Internet. Users will connect from various locations including airports, hotels, and public access points such as coffee shops and libraries. As such, you won't be able to configure the firewalls that might be controlling access to the Internet in these locations. Which of the following protocols would be most likely to be allowed through the widest number of firewalls
answer
SSL
question
Which protocol does HTTPS use to offer greater security in Web transactions
answer
SSL
question
You are the administrator of your company's network. You want to prevent unauthorized access to your intranet from the Internet. Which of the following should you implement
answer
Firewall
question
You have been given a laptop to use for work. You connect the laptop to your company network, use it from home, and use it while traveling. You want to protect the laptop from Internet-based attacks. Which solution should you use
answer
Host-based firewall
question
You manage a small network at work. Users use workstations connected to your network. No portable computers are allowed. As part of your security plan, you would like to implement scanning of e-mails for all users. You want to scan the e-mails and prevent any e-mails with malicious attachments from being received by users. Your solution should minimize administration, allowing you to centrally manage the scan settings. Which solution should you use
answer
Network based firewall
question
Your company has a connection to the Internet that allows users to access the Internet. You also have a Web server and an e-mail server that you want to make available to Internet users. You want to create a DMZ for these two servers. Which type of device should you use to create the DMZ
answer
Network based firewall
question
You have just installed a packet-filtering firewall on your network. Which options will you be able to set on your firewall
answer
(Select all that apply.) Source address of a packet
question
You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use
answer
Circuit-level
question
Which of the following are characteristics of a circuit-level gateway
answer
(Select two.) Filters based on sessions
question
Which of the following are characteristics of a packet filtering firewall
answer
(Select two.) Filters IP address and port
question
You provide Internet access for a local school. You want to control Internet access based on user, and prevent access to specific URLs. Which type of firewall should you install
answer
Application-level
question
You have a company network that is connected to the Internet. You want all users to have Internet access, but need to protect your private network and users. You also need to make a Web server publicly available to Internet users. Which solution should you use
answer
Use firewalls to create a DMZ. Place the Web server inside the DMZ, and the private network behind the DMZ.
question
You have used firewalls to create a demilitarized zone. You have a Web server that needs to be accessible to Internet users. The Web server must communicate with a database server for retrieving product, customer, and order information. How should you place devices on the network to best protect the servers
answer
(Select two.) Put the database server on the private network.
question
Which type of firewall should you install
answer
Application level
question
You have just installed a packet-filtering firewall on your network. What options will you be able to set on your firewall
answer
Select all that apply. Destination address of a packet
question
Which of the following describes how access lists can be used to improve network security
answer
An access list filters traffic based on the IP header information such as source or destination IP address, protocol, or socket numbers.
question
Of the following security zones, which one can serve as a buffer network between a private secured network and the untrusted Internet
answer
DMZ
question
Which of the following is likely to be located in a DMZ
answer
FTP server
question
When designing a firewall, what is the recommended approach for opening and closing ports
answer
Close all ports; open only ports required by applications inside the DMZ.
question
In which of the following situations would you most likely implement a demilitarized zone (DMZ)
answer
You want to protect a public Web server from attack.
question
You join the UTM device to the company's Active Directory domain. The company's traveling sales force will use the VPN functionality provided by the UTM device to connect to the internal company network from hotel and airport public WiFi networks. What weaknesses exist in this implementation
answer
The UTM represents a single point of failure.
question
An all-in-one security appliance is best suited for which type of implementation
answer
A remote office with no on-site technician.
question
Which of the following features are common functions of an all-in-one security appliance
answer
(Select two.) Spam filtering
question
You want to configure the device so you can access it from the main office. You also want to make sure the device is as secure as possible. Which of the following tasks should you carry out
answer
(Select two.) Change the default username and password.
question
Members of the Sales team use laptops to connect to the company network. While traveling, they connect their laptops to the Internet through airport and hotel networks. You are concerned that these computers will pick up viruses that could spread to your private network. You would like to implement a solution that prevents the laptops from connecting to your network unless anti-virus software and the latest operating system patches have been installed. Which solution should you use
answer
NAC
question
You have a company network with a single switch. All devices connect to the network through the switch. You want to control which devices will be able to connect to your network. For devices that do not have the latest operating system patches, you want to prevent access to all network devices except for a special server that holds the patches that the computers need to download. Which of the following components will be part of your solution
answer
(Select two.) 802.1x authentication
question
A network utilizes a Network Access Control (NAC) solution to protect against malware. When a wired or wireless host tries to connect to the network, a NAC agent on the host checks it to make sure it has all of the latest operating system updates installed and that the latest antivirus definitions have been applied. What is this process called
answer
Posture assessment
question
The outside sales reps from your company use notebook computers, tablets, and phones to connect to the internal company network. While traveling, they connect their devices to the Internet using airport and hotel networks. You are concerned that these devices will pick up viruses that could spread to your private network. You would like to implement a solution that prevents devices from connecting to your network unless antivirus software and the latest operating system patches have been installed. When a host tries to connect to the network, the host should be scanned to verify its health. If the host is not healthy, then it should be placed on a quarantine network where it can be remediated. Once healthy, the host can then connect to the production network. Which solution should you use
answer
NAC
question
The owner of a hotel has contracted with you to implement a wireless network to provide Internet access for patrons. The owner has asked that you implement security controls such that only paying patrons are allowed to use the wireless network. She wants them to be presented with a login page when they initially connect to the wireless network. After entering a code provided by the concierge at check-in, they should then be allowed full access to the Internet. If a patron does not provide the correct code, they should not be allowed to access the Internet. Under no circumstances should patrons be able to access the internal hotel network where sensitive data is stored. What should you do
answer
Implement a guest network
question
What is the most important element related to evidence in addition to the evidence itself
answer
Chain of custody document
question
The chain of custody is used for what purposes
answer
Listing people coming into contact with evidence
question
You have been asked to draft a document related to evidence gathering that contains details about personnel in possession and control of evidence from the time of discovery up through the time of presentation in court. What type of document is this
answer
Chain of custody
question
What does hashing of log files provide
answer
Proof that the files have not been altered
question
You want to store your computer-generated audit logs in case they are needed in the future for examination or to be used as evidence in the event of a security incident. Which method can you use to ensure that the logs you put in storage have not been altered when you go to use them in the future
answer
Create a hash of each log.
question
Which method can be used to verify that a bit-level image copy of a hard drive is an exact clone of the original hard drive collected as evidence
answer
Hashing
question
The immediate preservation of evidence is paramount when conducting a forensic analysis. Which of the following actions is most likely to destroy critical evidence
answer
Rebooting the system
question
When duplicating a drive for forensic investigative purposes, which of the following copying methods is most appropriate
answer
Bit-level cloning
question
How can a criminal investigator ensure the integrity of a removable media device found while collecting evidence
answer
Create a checksum using a hashing algorithm
question
You manage the network for your company. You have recently discovered information on a computer hard drive that might indicate evidence of illegal activity. You want to perform forensic activities on the disk to see what kind of information it contains. What should you do first
answer
Make a bit-level copy of the disk
question
After an intrusion has occurred and the intruder has been removed from the system, which of the following is the best next step or action to take
answer
Back up all logs and audits regarding the incident
question
If maintaining confidentiality is of the utmost importance to your organization, what is the best response when an intruder is detected on your network
answer
Disconnect the intruder.
question
Your company security policy states that wireless networks are not to be used because of the potential security risk they present to your network. One day you find that an employee has connected a wireless access point to the network in his office. What type of security risk is this
answer
A rogue access point
question
Which of the following describes marks that attackers place outside a building to identify an open wireless network
answer
Warchalking
question
The process of walking around an office building with an 802.11 signal detector is known as what
answer
Wardriving
question
Which of the following describes Bluesnarfing
answer
Unauthorized viewing calendar, emails, and messages on a mobile device
question
Which of the following sends unsolicited business cards and messages to a Bluetooth device
answer
Bluejacking
question
Which of the following is the best protection to prevent attacks on mobile phones through the Bluetooth protocol
answer
Disable Bluetooth on the phone
question
You are troubleshooting a wireless connectivity issue in a small office. You determine that the 2.4 GHz cordless phones used in the office are interfering with the wireless network transmissions. If the cordless phones are causing the interference, which of the following wireless standards could the network be using
answer
(Select two) Bluetooth and 802.11g
question
Your organization uses an 802.11g wireless network. Recently, other tenants installed the following equipment in your building:....since this equipment was installed, your wireless network has been experiencing significant interference. Which system is to blame
answer
The wireless TV system
question
Which of the following best describes an evil twin
answer
An access point that is configured to mimic a valid access point to obtain logon credentials and other sensitive information
question
Network packet sniffing is often used to gain the information needed to conduct more specific and detailed attacks. Which of the following is the best defense against packet sniffing
answer
Encryption
question
Which of the following common network monitoring or diagnostic activity can be used as a passive malicious attack
answer
Sniffing
question
You are concerned that wireless access points may have been deployed within your organization without authorization. What should you do
answer
(Select two. Each response is a complete solution. Check the MAC addresses of devices connected to your wired switch
question
The attacker has hidden an NFC reader behind an NFC-based kiosk in an airport. The attacker uses the device to capture NFC data in transit between end-user devices and the reader in the kiosk. She then uses that information later on to masquerade as the original end-user device and establish an NFC connection to the kiosk. What kind of attack has occurred in this scenario
answer
NFC Relay Attack
question
You are implementing a wireless network in a dentist's office. The dentist's practice is small, so you choose an inexpensive, consumer grade access point. While reading the documentation, you notice that the access point supports Wi-Fi protected Setup (WPS) using a PIN. You are concerned about the security implications of this functionality. What should you do to reduce the risk
answer
Disable WPS in the access point's configuration
question
On a wireless network that is employing WEP, which type of users are allowed to authenticate through the access points
answer
Users with the correct WEP key.
question
Which method should you implement
answer
WPA2
question
Which of the following wireless security methods uses common shared key configured on the wireless access point and all wireless clients
answer
WEP, WPA Personal, and WPA2 Personal
question
On wireless networks, which technology is employed to provide the same type of protection that cables provide on a wired network
answer
WEP
question
You want to implement 802.1x authentication on your wireless network. Which of the following will be required
answer
RADIUS
question
Which of the following specifications identify security that can be added to wireless networks
answer
802.11i
question
What encryption method is used by WPA for wireless networks
answer
TKIP
question
Which of the following protocols or mechanisms is not used to provide security on a wireless network
answer
RDP
question
How should you configure the access points
answer
Same SSID, different channel.
question
What should you do
answer
Configure a profile on the wireless client.
question
What should you do
answer
Decrease the beacon interval.
question
You need to configure a wireless network. You want to use WPA Enterprise. Which of the following components will be a part of your design
answer
802.1x
question
You have purchased a used wireless access point and want to set up a small wireless network at home. The access point only supports WEP. You want to configure the most secure settings on the access point. Which of the following would you configure
answer
Open authentication
question
You want to connect a laptop computer to the wireless network. Which of the following parameters will you need to configure on the laptop
answer
SSID
question
Which of the following must you configure manually on the client
answer
SSID
question
You have a small home wireless network that uses WEP. The access point is configured as the DHCP server and a NAT router that connects to the Internet. You do not have a RADIUS server. Which authentication method should you use
answer
Open
question
If the SONET (OC-1) base data rate is 51.84 Mbps, how much data can the Optical Carrier level 12 (OC-12) transfer in one second
answer
622.08 Mb
question
To access the Internet through the PSTN, what kind of connectivity device must you use
answer
Modem
question
Which of the following are characteristics of ATM
answer
(Select Two) Uses fixed-length cells of 53-bytes
question
Which four of the following are the responsibility of the WAN service provider
answer
CO
question
Which type of network divides data to be transmitted into small units and routes these units from the originating system to the destination system, allowing multiple, concurrent communications on the network medium
answer
Packet-switched
question
Which of the following WAN technologies provides packet switching over high-quality digital lines that speeds up to 1.544 Mbps or greater
answer
Frame Relay
question
Which WAN connection types use digital communications over public telephones
answer
DSL ISDN
question
Which of the following is true of Multiprotocol Label Switching
answer
(Elect two.) It can carry ATM, SONET, and Ethernet traffic.
question
What is the maximum data rate of an ISDN BRI line
answer
128 Kbps
question
Which three of the following are characteristics of ISDN
answer
It provides enough bandwidth to transmit data at much higher speeds than standard modems and analog lines
question
You have a series of WAN links that connects your site to multiple other sites. Each remote site is connected to your site using a dedicated link What type of connection is being used
answer
Point-to-point
question
Which of the following devices is used on a WAN to convert synchronous serial signals into digital signals
answer
CSU/DSU
question
You are configuring your computer to dial up to the Internet. What protocol should you use
answer
PPP
question
Which of the following are characteristics of TACACS +
answer
Allowing for a possible of three different servers, one each for authentication, authorization, and accounting.
question
Which of the following is a platform independent authentication system that maintains a database of user accounts and passwords that centralizes the maintenance of those accounts
answer
RADIUS
question
You want to set up a service to allow multiple users to dial in to the office server from modems on their home computers. What service should you implement
answer
RAS
question
Which of the following would be a required part of your configuration
answer
Configure the remote access servers as RADIUS clients.
question
Which of the following protocols would be used to provide authentication, authorization, and accounting for the Internet connection
answer
PPPoE
question
Which of the following are differences between RADIUS and TACACS+
answer
Radius combines authentication and authorization into a single function. TACAS+ allows these services to be split between different servers.
question
Which of the following are methods for providing centralized authentication, authorization, and accounting for remote access
answer
TACACS+
question
Which of the following protocols or services is commonly used on cable Internet connections for user authentication
answer
PPPoE
question
You want the connection to be as secure as possible. Which type of connection will you need
answer
Remote access
question
Which of the ff. is the term process of validating a subject's identity
answer
Authentication
question
Which is the star property of Bell-LaPadula
answer
No write down
question
Which of the ff. is used for identification
answer
Username
question
You have implemented an access control method that allows only users who are managers to access specific data. Which type of access control model is used
answer
RBAC
question
Which access control model manages rights and permissions based on job description and responsibilities
answer
Role Based Access Control (RBAC)
question
Which form of access control enforces security based on user identities and allows individual users to define access controls over owned resources
answer
DAC
question
Which type of access control focuses on assigning privileges based on security clearance and data sensitivity
answer
MAC
question
Which form of access control is based on job descriptions
answer
Role-based access control (RBAC)
question
In which form of access control environment is access controlled by rules rather than by identity
answer
MAC
question
The Brewer-Nash model is designed primarily to prevent
answer
Conflicts of interest
question
Which of the ff. defines an object as used in access control
answer
Data, applications, systems, networks, and physical space.
question
A remote access user needs to gain access to resources on the server. Which of the processes are performed by the remote access server to control access to resources
answer
Authentication and authorization.
question
The Clark-Wilson model is primarily based on
answer
Controlled intermediary access applications
question
Discretionary Access Control (DAC) manages access to resources using what primary element or aspect
answer
Identity
question
You have a system that allows the owner of a file to identify users and their permissions to the file. Which type of access control model is implemented
answer
DAC
question
Which of the ff. is an example of two-factor authentication
answer
A Token device and a PIN
question
Which of the ff. Identification and authentication factors are often well-known or easy to discover by others on the same network or system
answer
Username
question
Which of the ff. is stronger than any biometric authentication factor
answer
A two-factor authentication
question
Which of the ff. advantages can Single Sign-On (SSO) provide
answer
(Select two). Access to all authorized resources with a single instance of authentication,
question
Which of the ff. is a hardware device that contains identification information and which can be used to control building access or computer logon
answer
Smart Card
question
Which of the ff. defines the crossover rate for evaluating biometric systems
answer
The point where the number of false positives matches the number of false negatives in a biometric system.
question
Which of the ff. terms is used to describe an event in which a person is denied access to a system when they should be allowed to enter
answer
False negative
question
Which of the ff. is the most common form of authentication
answer
Password
question
Which of the ff. is a password that relates to things that people know, such as a mother's maiden name, or the name of a pet
answer
Cognitive
question
Which of the ff. authentication methods uses tickets to provide single sign-on
answer
Kerberos
question
Which of the ff. is an example of three-factor authentication
answer
Token device, Keystroke analysis, Cognitive question
question
Which of the ff. are examples of Type II authentication credentials
answer
(Select two). Photo ID, Smart card
question
Which of the ff. is the strongest form of multi-factor authentication
answer
A password, a biometric scan, and a token device
question
A device which is synchronized to an authentication server is which type of authentication
answer
Synchronous token
question
Mr. White has just been promoted to a manager. To give him access to the files that he needs, you make his user account a member of the Managers group to access to a special folder. Later that afternoon, Marcus tells you that he is still unable to access the files reserved for the Managers group. What should you do
answer
Have Mr. White log off and log back on
question
Which of the ff. information is typically not included in an access token
answer
User account password
question
Which of the ff. terms describes the component that is generated ff. authentication and which is used to gain access to resources following logon
answer
Access token
question
Which security mechanism uses a unique list for each object embedded directly in the object itself that defines which subjects have access to certain objects and the level or type of access allowed
answer
User ACL
question
Which of the ff. principles is implemented in a mandatory access control model to determine access to an object using classification levels
answer
Need to know
question
You are concerned that the accountant in your organization might have the chance to modify the books and steal from the company. You want to periodically have another person take over all accounting responsibilities to catch any irregularities. Which solution should you implement
answer
Job rotation
question
You want to make sure that any reimbursement checks issued by your company cannot be issued by a single person. Which principle should you implement to accomplish this goal
answer
Separation of duties
question
Which type of media preparation is sufficient for media that will be reused in a different security context within your organization
answer
Sanitization
question
Which of the ff. is an example of privilege escalation
answer
Creeping privileges
question
What is the primary purpose of separation of duties
answer
Prevent conflicts of interest
question
Which security principle prevents any one administrator from having sufficient access to compromise the security of the overall IT solution
answer
Separation of duties
question
Need to know is required to access which types of resources
answer
Compartmentalized resources
question
Separation of duties is an example of which type of access control
answer
Preventive
question
An access control list (ACL) contains a list of users and allowed permissions. What is it called if the ACL automatically prevents access to anyone not on the list
answer
Implicit deny
question
By assigning access permissions so that users can only access those resources which are required to accomplish their specific work tasks, you would be in compliance with
answer
Principle of least privilege
question
Which of the ff. is an example of a decentralized privilege management solution
answer
Workgroup
question
What should be done to a user account if the user goes on an extended vacation
answer
Disable the account
question
A user with an account name of larry has just been terminated from the company. There is good reason to believe that the user will attempt to access and damage the files in the system in the very near future. Which command below will disable or remove the user account from the system and remove his home directory
answer
userdel -r larry
question
One of your users, Karen Scott, has recently married and is now Karen Jones. She has requested that her username be changed from kscott to kjones, but no other values change. Which of the ff. commands will accomplish this
answer
usermod -l kjones kscott
question
Which of the ff. utilities would you typically use to lock a user account
answer
(Select two). passwd, usermod
question
You have performed an audit and have found active accounts from employees who no longer work for the company. You want to disable those accounts. What command example will disable a user account
answer
usermod -L joer
question
An employee named Bob Smith, with a user name of bsmith, has left the company. You have been instructed by your supervisor to delete his user account along with his home directory. Which of the ff. commands would produce the required outcome
answer
(Choose all that apply.) userdel -r bsmith, userdel bsmith; rm -rf /home/bsmith
question
Due to a merger with another company, standardization is now being imposed throughout the company. As a result of this, the sales group must be renamed marketing. Which of the ff. commands will accomplish this
answer
groupmod -n marketing sales
question
You suspect that the gshant user account is locked. Which command will show the status of user account
answer
(Tip: Enter the command as if at the command prompt.) passwd -S gshant
question
You are the administrator for a small company. You need to add a new group user, named sales, to the system. Which command will accomplish this
answer
groupadd sales
question
You have a group named temp_sales on your system. The group is no longer needed, and you should remove the group. Which of the ff. commands should you use
answer
groupdel temp_sales
question
In the /etc/shadow file, which character in the password field indicates that a standar user account is locked
answer
!
question
What is the effect of the ff. command
answer
chage -M 60 -W 10 jsmith? Sets the password for jsmith to expire after 60 days and gives a warning 10 days before it expires.
question
Which file should you edit to limit the amount of concurrent logins for a specific user
answer
(Tip: Enter the full path to the file.) /etc/security/limits.conf
question
Which "chage" option keeps a user from changing password every two weeks
answer
-m 33
question
What "chage" command should you use to set the password for jsmith to expire after 60 days and give a warning 10 days before it expires
answer
(Tip: Enter the command as if at the command prompt.) chage -M 60 -W 10 jsmith
question
Computer policies include a special category called user rights. Which action do they allow an administrator to perform
answer
Identify users who can perform maintenance tasks on computers in the OU.
question
You want to ensure that all users in the Development OU use specific network communication security settings when transmitting files. Which method should you use
answer
Create a GPO computer policy for the computers in the Development OU.
question
Which statement is true regarding application of GPO settings
answer
If a settings is defined in the Local Group Policy on the computer and not defined in the GPO linked to the OU, the settings will be applied.
question
You are configuring the local security policy of a Windows 7 system. You want to require users to create passwords that are at least 10 characters long. You also want to prevent logon after three unsuccessful logon attemps. Which policies should you configure
answer
(Select two.) Minimum password length, Account lockout threshold
question
You have implemented lockout with a clipping level of 4. What will be the effect of this setting
answer
The account will be locked after 4 incorrect attempts.
question
You have just configured the password policy and set the minimum password age to 10. What will be the effect of this configuration
answer
User cannot change the password for 10 days.
question
Which of the ff. is not important aspect of password management
answer
Enable account lockout
question
Which of the ff. is the single best rule to enforce when designing complex passwords
answer
Longer passwords
question
For users on your network, you want to automatically lock their user accounts if four incorrect passwords are used within 10 minutes. What should you do
answer
Configure account lockout policies in Group Policy
question
You want to make sure that all users have passwords over 8 character and that passwords must be changed every 30 days. What should you do
answer
Configure account policies in Group policy
question
You have hired 10 new temporary workers who will be with the company for 3 months. You want to make sure that these users can only log on during regular business hours. What should you do
answer
Configure day/time restrictions in the user accounts
question
You are teaching new users about security and passwords. Which example of the passwords would be the most secure password
answer
T1a73gZ9
question
You are configuring the local security policy of a Windows 7 system. You want to prevent users from reusing old passwords. You also want to force them to use a new password for at least 5 days before changing it again. Which policies should you configure
answer
(Select two.) Enforce password history, Minimum password age
question
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the ff. would be a required part of your configuration
answer
Configure the remote access servers as RADIUS clients.
question
Chap performs which of the ff. security functions
answer
Periodically verifies the identity of a peer using a three-way handshake.
question
Which remote access authentication protocol periodically and transparently re-authenticates during a logon session by default
answer
CHAP
question
Which of the ff. protocols can be used to centralize remote access authentication
answer
TACACS
question
Which of the ff. authentication protocols uses a three-way handshake to authenticate users to the network
answer
(Choose two.) CHAP and MS-CHAP
question
Which of the ff. is a feature of MS-CHAP v2 that is not included in CHAP
answer
Mutual authentication
question
Which of the ff. is an example of a decentralized privilege management solution
answer
Workgroup
question
Which of the ff. are characteristics of TACACS+
answer
(Select two.) Uses TCP, Allows for a possible of three different servers, one each for authentication, authorization, and accounting.
question
Which of the ff. is the best example of remote access authentication
answer
A user establishes a dialup connection to a server to gain access to shared resources
question
Which of the ff. ports are used with TACACS
answer
49
question
RADUIS is primarily used for what purpose
answer
Authenticating remote clients before access to the network is granted
question
Which of the ff. are methods for providing centralized authentication, authorization for remote access
answer
(Select two.) TACACS+ , RADIUS
question
What does a remote access server use for authorization
answer
Remote access policies
question
Which of the ff. is a characteristic of TACACS+
answer
Encrypts the entire packet, not just authentication packets
question
Which of the ff. are differences between RADIUS and TACACS+
answer
RADIUS combines authentication and authorization into a single function; TACACS+ allows these services to be split between different servers.
question
Which of the ff. protocols uses ports 389 and 636
answer
LDAP
question
Which of the ff. are required when implementing Kerberos for authentication and authorization
answer
(Select two.) Time synchronization, Ticket granting server
question
Which ports does LDAP use by default
answer
(Select two.) 389 and 636
question
Your LDAP directory service solution uses simple authentication. What should you always do when using simple authentication
answer
Use SSL.
question
Which of the ff. protocols uses port 88
answer
Kerberos
question
When using Kerberos authentication, which of the ff. terms is used to describe the token that verifies the identity of the user to the target system
answer
Ticket
question
What is mutual authentication
answer
A process by which each party in an online communication verifies the identity of the other party
question
Which of the ff. authentication mechanisms is designed to protect a 9-character password from attacks by hashing the first seven characters into a single hash and then hashing the remaining two characters into another separate hash
answer
LANMAN
question
You want to deploy SSL to protect authentication traffic with you LDAP-based directory service. Which port would this use
answer
636
question
Which of the ff. are requirements to deploy Kerberos on a network
answer
(Select two.) A centralized database of users and password, Time synchronization between devices
question
You want to use Kerberos to protect LDAP authentication. Which authentication mode should you choose
answer
SASL
question
A user has just authenticated using Kerberos. What object is issued to the user immediately following logon
answer
Ticket granting ticket
question
In an Identity Management System, What is the function of the Identity Vault
answer
Ensure that each employee has the appropriate level of access in each system.
question
In an Identity Management System, What is the function of the Authoritative Source
answer
Specify the owner of a data item.
question
What securityrelated recommendations should you make to the client
answer
Implement a hardware checkout policy
question
Which of the following are solutions that address physical security
answer
Escort visitors at all times
question
What is a secure doorway that can be used in coordination with a mantrap to allow easy egress from a secured environment but which actively prevents re-entrance through the exit portal
answer
Turnstiles
question
Which of the following can be used to stop piggybacking that has been occurring at the front entrance where employees should swipe their smart cards to gain entry
answer
Deploy a man trap
question
You want to use CCTV to increase the physical security of your building. Which of the following camera types would offer the sharpest image at the greatest distance under the lowest lighting conditions
answer
500 resolution, 50mm, .05 LUX
question
You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose
answer
PTZ
question
You want to use CCTV as a preventative security measure. Which of the following is a requirement for your plan
answer
Security guards
question
Which of the following CCTV types would you use in areas with little or no lights
answer
Infrared
question
Which of the following CCTV camera types lets you adjust the distance that the camera can see
answer
Varifocal
question
Which of the following controls is an example of a physical access control method
answer
Locks on doors
question
You have 5 salesmen who work out of your office and who frequently leave their laptops laying on their desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best protection to implement to address your concerns
answer
Use cable locks to chain the laptops to the desks
question
Which security related recommendations should you make to this client
answer
Relocate the switch to the locked server closet
question
Which of the following is the most important thing to do to prevent console access to a network switch
answer
Keep the switch in a room that uses a cipher lock.
question
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a cubicle near your office. You've backed up the router configuration to a remote location in an encrypted file. You access the router configuration from your notebook computer using an SSH client with the user name of admin01 and a password of P@ssW0rd. You have used the MD5 hashing algorithm to protect the password. What should you do to increase the security of this device
answer
Move the router to a secure server room
question
which of the following attacks, if successful, causes a switch to function like a hub
answer
MAC flooding
question
You want to prevent your browser from running JavaScript commands that are potentially harmful. Which of the following would you restrict to accomplish this
answer
Client-side scripts
question
You've just deployed a new Cisco router that connects several network segments in your organization. The router is physically located in a server room that requires and ID card to gain access...What should you do to increase the security of this device
answer
Use a stronger administrative password
question
Which of the following is a text file provided by a website to a client that is stored on a user's hard drive in order to track and record information about the user
answer
Cookie
question
While using a web-based order form...The value entered is large enough to exceed the maximum value...A large sum of money. What type of attack has occurred in this scenario
answer
Integer overflow
question
In a variation of the brute force attack, an attacker may use a predefined list...best addresses this issue
answer
A strong password policy
question
Which of the following attacks is a form of software exploitation...input variable is designed to handle
answer
Buffer overflow
question
Which of the ff. is the term process of validating a subject's identity
answer
Authentication
question
Which is the star property of Bell-LaPadula
answer
No write down
question
Which of the ff. is used for identification
answer
Username
question
You have implemented an access control method that allows only users who are managers to access specific data. Which type of access control model is used
answer
RBAC
question
Which access control model manages rights and permissions based on job description and responsibilities
answer
Role Based Access Control (RBAC)
question
Which form of access control enforces security based on user identities and allows individual users to define access controls over owned resources
answer
DAC
question
Which type of access control focuses on assigning privileges based on security clearance and data sensitivity
answer
MAC
question
Which form of access control is based on job descriptions
answer
Role-based access control (RBAC)
question
In which form of access control environment is access controlled by rules rather than by identity
answer
MAC
question
The Brewer-Nash model is designed primarily to prevent
answer
Conflicts of interest
question
Which of the ff. defines an object as used in access control
answer
Data, applications, systems, networks, and physical space.
question
A remote access user needs to gain access to resources on the server. Which of the processes are performed by the remote access server to control access to resources
answer
Authentication and authorization.
question
The Clark-Wilson model is primarily based on
answer
Controlled intermediary access applications
question
Discretionary Access Control (DAC) manages access to resources using what primary element or aspect
answer
Identity
question
You have a system that allows the owner of a file to identify users and their permissions to the file. Which type of access control model is implemented
answer
DAC
question
Which of the ff. is an example of two-factor authentication
answer
A Token device and a PIN
question
Which of the ff. Identification and authentication factors are often well-known or easy to discover by others on the same network or system
answer
Username
question
Which of the ff. is stronger than any biometric authentication factor
answer
A two-factor authentication
question
Which of the ff. advantages can Single Sign-On (SSO) provide
answer
(Select two). Access to all authorized resources with a single instance of authentication,
question
Which of the ff. is a hardware device that contains identification information and which can be used to control building access or computer logon
answer
Smart Card
question
Which of the ff. defines the crossover rate for evaluating biometric systems
answer
The point where the number of false positives matches the number of false negatives in a biometric system.
question
Which of the ff. terms is used to describe an event in which a person is denied access to a system when they should be allowed to enter
answer
False negative
question
Which of the ff. is the most common form of authentication
answer
Password
question
Which of the ff. is a password that relates to things that people know, such as a mother's maiden name, or the name of a pet
answer
Cognitive
question
Which of the ff. authentication methods uses tickets to provide single sign-on
answer
Kerberos
question
Which of the ff. is an example of three-factor authentication
answer
Token device, Keystroke analysis, Cognitive question
question
Which of the ff. are examples of Type II authentication credentials
answer
(Select two). Photo ID, Smart card
question
Which of the ff. is the strongest form of multi-factor authentication
answer
A password, a biometric scan, and a token device
question
A device which is synchronized to an authentication server is which type of authentication
answer
Synchronous token
question
Mr. White has just been promoted to a manager. To give him access to the files that he needs, you make his user account a member of the Managers group to access to a special folder. Later that afternoon, Marcus tells you that he is still unable to access the files reserved for the Managers group. What should you do
answer
Have Mr. White log off and log back on
question
Which of the ff. information is typically not included in an access token
answer
User account password
question
Which of the ff. terms describes the component that is generated ff. authentication and which is used to gain access to resources following logon
answer
Access token
question
Which security mechanism uses a unique list for each object embedded directly in the object itself that defines which subjects have access to certain objects and the level or type of access allowed
answer
User ACL
question
Which of the ff. principles is implemented in a mandatory access control model to determine access to an object using classification levels
answer
Need to know
question
You are concerned that the accountant in your organization might have the chance to modify the books and steal from the company. You want to periodically have another person take over all accounting responsibilities to catch any irregularities. Which solution should you implement
answer
Job rotation
question
You want to make sure that any reimbursement checks issued by your company cannot be issued by a single person. Which principle should you implement to accomplish this goal
answer
Separation of duties
question
Which type of media preparation is sufficient for media that will be reused in a different security context within your organization
answer
Sanitization
question
Which of the ff. is an example of privilege escalation
answer
Creeping privileges
question
What is the primary purpose of separation of duties
answer
Prevent conflicts of interest
question
Which security principle prevents any one administrator from having sufficient access to compromise the security of the overall IT solution
answer
Separation of duties
question
Need to know is required to access which types of resources
answer
Compartmentalized resources
question
Separation of duties is an example of which type of access control
answer
Preventive
question
An access control list (ACL) contains a list of users and allowed permissions. What is it called if the ACL automatically prevents access to anyone not on the list
answer
Implicit deny
question
By assigning access permissions so that users can only access those resources which are required to accomplish their specific work tasks, you would be in compliance with
answer
Principle of least privilege
question
Which of the ff. is an example of a decentralized privilege management solution
answer
Workgroup
question
What should be done to a user account if the user goes on an extended vacation
answer
Disable the account
question
A user with an account name of larry has just been terminated from the company. There is good reason to believe that the user will attempt to access and damage the files in the system in the very near future. Which command below will disable or remove the user account from the system and remove his home directory
answer
userdel -r larry
question
One of your users, Karen Scott, has recently married and is now Karen Jones. She has requested that her username be changed from kscott to kjones, but no other values change. Which of the ff. commands will accomplish this
answer
usermod -l kjones kscott
question
Which of the ff. utilities would you typically use to lock a user account
answer
(Select two). passwd, usermod
question
You have performed an audit and have found active accounts from employees who no longer work for the company. You want to disable those accounts. What command example will disable a user account
answer
usermod -L joer
question
An employee named Bob Smith, with a user name of bsmith, has left the company. You have been instructed by your supervisor to delete his user account along with his home directory. Which of the ff. commands would produce the required outcome
answer
(Choose all that apply.) userdel -r bsmith, userdel bsmith; rm -rf /home/bsmith
question
Due to a merger with another company, standardization is now being imposed throughout the company. As a result of this, the sales group must be renamed marketing. Which of the ff. commands will accomplish this
answer
groupmod -n marketing sales
question
You suspect that the gshant user account is locked. Which command will show the status of user account
answer
(Tip: Enter the command as if at the command prompt.) passwd -S gshant
question
You are the administrator for a small company. You need to add a new group user, named sales, to the system. Which command will accomplish this
answer
groupadd sales
question
You have a group named temp_sales on your system. The group is no longer needed, and you should remove the group. Which of the ff. commands should you use
answer
groupdel temp_sales
question
In the /etc/shadow file, which character in the password field indicates that a standar user account is locked
answer
!
question
What is the effect of the ff. command
answer
chage -M 60 -W 10 jsmith? Sets the password for jsmith to expire after 60 days and gives a warning 10 days before it expires.
question
Which file should you edit to limit the amount of concurrent logins for a specific user
answer
(Tip: Enter the full path to the file.) /etc/security/limits.conf
question
Which "chage" option keeps a user from changing password every two weeks
answer
-m 33
question
What "chage" command should you use to set the password for jsmith to expire after 60 days and give a warning 10 days before it expires
answer
(Tip: Enter the command as if at the command prompt.) chage -M 60 -W 10 jsmith
question
Computer policies include a special category called user rights. Which action do they allow an administrator to perform
answer
Identify users who can perform maintenance tasks on computers in the OU.
question
You want to ensure that all users in the Development OU use specific network communication security settings when transmitting files. Which method should you use
answer
Create a GPO computer policy for the computers in the Development OU.
question
Which statement is true regarding application of GPO settings
answer
If a settings is defined in the Local Group Policy on the computer and not defined in the GPO linked to the OU, the settings will be applied.
question
You are configuring the local security policy of a Windows 7 system. You want to require users to create passwords that are at least 10 characters long. You also want to prevent logon after three unsuccessful logon attemps. Which policies should you configure
answer
(Select two.) Minimum password length, Account lockout threshold
question
You have implemented lockout with a clipping level of 4. What will be the effect of this setting
answer
The account will be locked after 4 incorrect attempts.
question
You have just configured the password policy and set the minimum password age to 10. What will be the effect of this configuration
answer
User cannot change the password for 10 days.
question
Which of the ff. is not important aspect of password management
answer
Enable account lockout
question
Which of the ff. is the single best rule to enforce when designing complex passwords
answer
Longer passwords
question
For users on your network, you want to automatically lock their user accounts if four incorrect passwords are used within 10 minutes. What should you do
answer
Configure account lockout policies in Group Policy
question
You want to make sure that all users have passwords over 8 character and that passwords must be changed every 30 days. What should you do
answer
Configure account policies in Group policy
question
You have hired 10 new temporary workers who will be with the company for 3 months. You want to make sure that these users can only log on during regular business hours. What should you do
answer
Configure day/time restrictions in the user accounts
question
You are teaching new users about security and passwords. Which example of the passwords would be the most secure password
answer
T1a73gZ9
question
You are configuring the local security policy of a Windows 7 system. You want to prevent users from reusing old passwords. You also want to force them to use a new password for at least 5 days before changing it again. Which policies should you configure
answer
(Select two.) Enforce password history, Minimum password age
question
You have decided to implement a remote access solution that uses multiple remote access servers. You want to implement RADIUS to centralize remote access authentication and authorization. Which of the ff. would be a required part of your configuration
answer
Configure the remote access servers as RADIUS clients.
question
Chap performs which of the ff. security functions
answer
Periodically verifies the identity of a peer using a three-way handshake.
question
Which remote access authentication protocol periodically and transparently re-authenticates during a logon session by default
answer
CHAP
question
Which of the ff. protocols can be used to centralize remote access authentication
answer
TACACS
question
Which of the ff. authentication protocols uses a three-way handshake to authenticate users to the network
answer
(Choose two.) CHAP and MS-CHAP
question
Which of the ff. is a feature of MS-CHAP v2 that is not included in CHAP
answer
Mutual authentication
question
Which of the ff. is an example of a decentralized privilege management solution
answer
Workgroup
question
Which of the ff. are characteristics of TACACS+
answer
(Select two.) Uses TCP, Allows for a possible of three different servers, one each for authentication, authorization, and accounting.
question
Which of the ff. is the best example of remote access authentication
answer
A user establishes a dialup connection to a server to gain access to shared resources
question
Which of the ff. ports are used with TACACS
answer
49
question
RADUIS is primarily used for what purpose
answer
Authenticating remote clients before access to the network is granted
question
Which of the ff. are methods for providing centralized authentication, authorization for remote access
answer
(Select two.) TACACS+ , RADIUS
question
What does a remote access server use for authorization
answer
Remote access policies
question
Which of the ff. is a characteristic of TACACS+
answer
Encrypts the entire packet, not just authentication packets
question
Which of the ff. are differences between RADIUS and TACACS+
answer
RADIUS combines authentication and authorization into a single function; TACACS+ allows these services to be split between different servers.
question
Which of the ff. protocols uses ports 389 and 636
answer
LDAP
question
Which of the ff. are required when implementing Kerberos for authentication and authorization
answer
(Select two.) Time synchronization, Ticket granting server
question
Which ports does LDAP use by default
answer
(Select two.) 389 and 636
question
Your LDAP directory service solution uses simple authentication. What should you always do when using simple authentication
answer
Use SSL.
question
Which of the ff. protocols uses port 88
answer
Kerberos
question
When using Kerberos authentication, which of the ff. terms is used to describe the token that verifies the identity of the user to the target system
answer
Ticket
question
What is mutual authentication
answer
A process by which each party in an online communication verifies the identity of the other party
question
Which of the ff. authentication mechanisms is designed to protect a 9-character password from attacks by hashing the first seven characters into a single hash and then hashing the remaining two characters into another separate hash
answer
LANMAN
question
You want to deploy SSL to protect authentication traffic with you LDAP-based directory service. Which port would this use
answer
636
question
Which of the ff. are requirements to deploy Kerberos on a network
answer
(Select two.) A centralized database of users and password, Time synchronization between devices
question
You want to use Kerberos to protect LDAP authentication. Which authentication mode should you choose
answer
SASL
question
A user has just authenticated using Kerberos. What object is issued to the user immediately following logon
answer
Ticket granting ticket
question
In an Identity Management System, What is the function of the Identity Vault
answer
Ensure that each employee has the appropriate level of access in each system.
question
In an Identity Management System, What is the function of the Authoritative Source
answer
Specify the owner of a data item.
question
You have decided to perform a double blind penetration test. Which of the following actions would you perform first
answer
Inform senior management
question
Which of the following activities are typically associated with penetration testing
answer
(select two) Attempting social engineering, Running a port scanner
question
Which of the following types of penetration test teams will provide you information that is most revealing of a real-world hacker attack
answer
Zero knowledge team
question
A security administrator is conducting a penetration test on a network. She connects a notebook system running Linux to a wireless network and then uses NMAP to probe various network hosts to see which operating system they are running. Which process did the administrator use in the penetration test in this scenario
answer
Active fingerprinting
question
A security administrator is conducting a penetration test on a network. She connects a notebook system to a mirror port on a network switch. She then uses a packet sniffer to monitor network traffic to try and determine which operating systems are running on network hosts. Which process did the administrator use in the penetration test in this scenario
answer
Passive fingerprinting
question
Drag each penetration test characteristic on the left to the appropriate penetration test name on the right
answer
White box test - The tester has detailed information about the target system prior to starting the test.
question
What is the main difference between vulnerability scanning and penetration testing
answer
Vulnerability scanning is performed within the security perimeter; penetration testing is performed outside of the security perimeter.
question
Which of the following is included in an operations penetration test
answer
(select three) 1. Looking through discarded papers or media for sensitive information 2.Eavesdropping or obtaining sensitive information from items that are not properly stored 3.Acting as an imposter with the intent to gain access or information
question
What is the primary purpose of penetration testing
answer
Test the effectiveness of your security perimeter
question
Which of the following identifies an operating system or network service based upon it response to ICMP messages
answer
Fingerprinting
question
Which of the following uses hacking techniques to proactively discover internal vulnerabilities
answer
Penetration testing
Get an explanation on any task
Get unstuck with the help of our AI assistant in seconds
New