All of the following provide confidentiality protection as part of the underlying protocol EXCEPT:
L2TP.
Which of the following allows an attacker to manipulate files by using the least significant bit(s) to secretly embed data?
Steganography
Which of the following type of attacks would allow an attacker to capture HTTP requests and send back a spoofed page?
TCP/IP hijacking
How should a company test the integrity of its backup data?
By restoring part of the backup
Which of following can BEST be used to determine the topology of a network and discover unknown devices?
Network mapper
When should a technician perform penetration testing?
When the technician has permission from the owner of the network
An administrator has implemented a new SMTP service on a server. A public IP address translates to the internal SMTP server. The administrator notices many sessions to the server, and gets notification that the server’s public IP address is now reported in a spam real-time block list. Which of the following is wrong with the server?
SMTP open relaying is enabled
Which of the following is MOST efficient for encrypting large amounts of data?
Symmetric key algorithms
Which of the following is a reason why a company should disable the SSID broadcast of the wireless access points?
War driving
Which of the following BEST describes ARP?
Discovering the MAC address of a device from the IP address
Which of the following would be BEST to use to apply corporate security settings to a device?
A security template
A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply antimalware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If the antimalware software is purchased, which of the following is the expected net savings?
$2,290
Which of the following is the main objective of steganography?
Hide information
Which of the following would allow for secure key exchange over an unsecured network without a
Pre-shared key?
DHECC
Which of the following improves security in a wireless system?
MAC filtering
A user wants to implement secure LDAP on the network. Which of the following port numbers secure LDAP use by default?
636
On which of the following is a security technician MOST likely to find usernames?
Application logs
How many keys are utilized with asymmetric cryptography?
Two
During a risk assessment it is discovered that only one system administrator is assigned several tasks critical to continuity of operations. It is recommended to cross train other system administrators to perform these tasks and mitigate which of the following risks?
Single point of failure
Which of the following network filtering devices will rely on signature updates to be effective?
NIDS
Which of the following is a single server that is setup in the DMZ or outer perimeter in order to distract attackers?
Honeypot
Which of the following encryption algorithms is decrypted in the LEAST amount of time?
AES
An administrator is trying to secure a network from threats originating outside the network. Which of the following devices provides protection for the DMZ from attacks launched from the Internet?
Firewall
Which of the following is a way to manage operating system updates?
Change management
Which of the following is a list of discrete entries that are known to be benign?
Whitelist
Which of the following increases the collision resistance of a hash?
Salt
A programmer has decided to alter the server variable in the coding of an authentication function for a proprietary sales application. Before implementing the new routine on the production application server, which of the following processes should be followed?
Change management
When deploying 50 new workstations on the network, which of following should be completed FIRST?
Apply the baseline configuration
Which of the following should be implemented to have all workstations and servers isolated in their own broadcast domains?
VLANs
End users are complaining about receiving a lot of email from online vendors and pharmacies. Which of the following is this an example of?
Spam
Which of the following BEST describes a private key in regards to asymmetric encryption?
The key owner has exclusive access to the private key.
Which of the following logs might reveal the IP address and MAC address of a rogue device within the local network?
DHCP logs
Which of the following is commonly used in a distributed denial of service (DDOS) attack?
Botnet
Which of the following practices is MOST relevant to protecting against operating system security flaws?
Patch management
Which of the following is a best practice for coding applications in a secure manner?
Input validation
Which of the following technologies can be used as a means to isolate a host OS from some types of security threats?
Virtualization
Which of the following network tools would provide the information on what an attacker is doing to compromise a system?
Honeypot
Assigning proper security permissions to files and folders is the primary method of mitigating which of the following?
Trojan
Which of the following logical access controls would be MOST appropriate to use when creating an account for a temporary worker?
Account expiration
Which of the following may be an indication of a possible system compromise?
A performance monitor indicates a recent and ongoing drop in speed, disk space or memory utilization from the baseline.
An administrator suspects that files are being copied to a remote location during off hours. The file server does not have logging enabled. Which of the following logs would be the BEST place to look for information?
Firewall logs
Which of the following access control methods gives the owner control over providing permissions?
Discretionary Access Control (DAC)
Which of the following access control methods includes switching work assignments at preset intervals?
Job rotation
Which of the following access control methods grants permissions based on the users position in the company?
Role-Based Access Control (RBAC)
Which of the following authentication methods would MOST likely prevent an attacker from being able to successfully deploy a replay attack?
Kerberos
Which of the following would an attacker use to footprint a system?
Port scanner
Which of the following ensures a user cannot deny having sent a message?
Nonrepudiation
Which of the following allows an attacker to embed a rootkit into a picture?
Steganography
Which of the following is a publication of inactivated user certificates?
Certificate revocation list
Which of the following is a method of encrypting email?
S/MIME
Which of the following risks would be reduced by implementing screen filters?
Shoulder surfing
Which of the following allows an attacker to hide the presence of malicious code by altering the systems process and registry entries?
Rootkit
Which of the following will propagate itself without any user interaction?
Worm
An administrator wants to setup their network with only one public IP address. Which of the following would allow for this?
NAT
An administrator wants to proactively collect information on attackers and their attempted methods of gaining access to the internal network. Which of the following would allow the administrator to do this?
Honeypot
Which of the following allows a technician to correct a specific issue with a solution that has not been fully tested?
Hotfix
A technician wants to regulate and deny traffic to websites that contain information on hacking. Which of the following would be the BEST solution to deploy?
Internet content filter
Which of the following is the LEAST intrusive way of checking the environment for known software flaws?
Vulnerability scanner
If a certificate has been compromised, which of the following should be done?
Put the certificate on the CRL.
Which of the following requires an update to the baseline after installing new software on a machine?
Behavior-based HIDS
Which of the following would be the MOST secure choice to implement for authenticating remote connections?
RADIUS
Which of the following is the BEST way to reduce the number of accounts a user must maintain?
SSO
Which of the following can be used as a means for dual-factor authentication?
Iris scan and proximity card
After implementing file auditing, which of the following logs would show unauthorized usage attempts?
Security
Which of the following type of attacks requires an attacker to sniff the network?
Man-in-the-Middle
If a user attempts to go to a website and notices the URL has changed, which of the following attacks is MOST likely the cause?
DNS poisoning
Which of the following attacks can be caused by a user being unaware of their physical surroundings?
Shoulder surfing
Which of the following actions should be performed upon discovering an unauthorized wireless access point attached to a network?
Unplug the Ethernet cable from the wireless access point.
Which of the following redundancy solutions contains hardware systems similar to the affected organization, but does not provide live data?
Warm site
During the implementation of LDAP, which of the following will typically be changed within the organizations software programs?
Authentication credentials
Which of the following would be MOST useful to determine why packets from a computer outside the network are being dropped on the way to a computer inside the network?
Firewall log
Which of the following security policies is BEST to use when trying to mitigate the risks involved with allowing a user to access company email via their cell phone?
The cell phone should require a password after a set period of inactivity.
An administrator has been asked to encrypt credit card data. Which of the following algorithms would be the MOST secure with the least CPU utilization?
AES
Which of the following algorithms is the LEAST secure?
LANMAN
Which of the following algorithms is MOST closely associated with the signing of email messages?
PGP
Which of the following algorithms is MOST closely associated with the signing of email messages?
PGP
An executive uses PKI to encrypt sensitive emails sent to an assistant. In addition to encrypting the body of the email, the executive wishes to encrypt the signature so that the assistant can verify that the email actually came from the executive. Which of the following asymmetric keys should the executive use to encrypt the signature?
Private
A technician needs to detect staff members that are connecting to an unauthorized website. Which of the following could be used?
Protocol analyzer
An administrator suspects that multiple PCs are infected with a zombie. Which of the following tools could be used to confirm this?
Antivirus
Which of the following is an example of security personnel that administer access control functions, but do not administer audit functions?
Separation of duties
A malware incident has just been detected within a company. Which of the following should be the administrator’s FIRST response?
Containment
Taking into account personal safety, which of the following types of fire suppression substances would BEST prevent damage to electronic equipment?
CO2
Which of the following describes the process of securely removing information from media (e.g. hard drive) for future use?
Sanitization
Which of the following principles should be applied when assigning permissions?
Least privilege
Which of the following type of strategies can be applied to allow a user to enter their username and password once in order to authenticate to multiple systems and applications?
Single sign-on
User A is a member of the payroll security group. Each member of the group should have read/write permissions to a share. User A was trying to update a file but when the user tried to access the file the user was denied. Which of the following would explain why User A could not access the file?
Rights are not set correctly
Which of the following threats is the MOST difficult to detect and hides itself from the operating system?
Rootkit
Which of the following methods is used to perform denial of service (DoS) attacks?
Botnet
Which of the following is an attack that is triggered by a specific event or by a date?
Logic bomb
Which of the following can an attacker use to gather information on a system without having a user ID or password?
Null session
Which of the following is a security threat when a new network device is configured for first time installation?
Use of default passwords
Which of the following is an exploit against a device where only the hardware model and manufacturer are known?
Default passwords
A technician is implementing a new wireless network for an organization. The technician should be concerned with all of the following wireless vulnerabilities EXCEPT:
802.11 mode
Which of the following tools will allow the technician to find all open ports on the network?
Network scanner

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>