Elise Berg
Quiz by , created more than 1 year ago

Quiz on Security + Practice, created by Elise Berg on 07/10/2014.

172
7
0
Tags
Elise Berg
Created by Elise Berg over 5 years ago
Close
  • Security + Practice

    Question 1 of 75

    1

    Which of the following BEST describes both change and incident management?

    Select one of the following:

    • Incident management is not a valid term in IT, however change management is

    • Change management is not a valid term in IT, however incident management is

    • Incident management and change management are interchangeable terms meaning the same thing

    • Incident management is for unexpected consequences, change management is for planned work

    Question 2 of 75

    1

    Which of the following account policy controls requires a user to enter a 15 character alpha-numerical password?

    Select one of the following:

    • Disablement

    • Length

    • Expiration

    • Password complexity

    Question 3 of 75

    1

    Which of the following information types would be considered personally identifiable information?

    Select one of the following:

    • First name and home address

    • Social security number

    • Date of birth

    • Full name, date of birth and address

    Question 4 of 75

    1

    Which of the following is the benefit of single file versus full disk encryption?

    Select one of the following:

    • Encryption is preserved in full disk encryption when a file is copied from one media to another

    • Encryption is preserved in single file encryption when a file is copied from one media to another

    • Single file encryption provides better security when decrypting single files than full disk encryption when properly implemented and used

    • Full disk encryption provides better security when decrypting single files than single file encryption when properly implemented and used

    Question 5 of 75

    1

    Which of the following is another name for a CAC?

    Select one of the following:

    • Token

    • RFID

    • MAC

    • PIV

    Question 6 of 75

    1

    Which of the following systems offers Trusted OS capabilities by default?

    Select one of the following:

    • Windows Vista

    • Windows 7

    • SE Linux

    • Backtrack

    Question 7 of 75

    1

    Which of the following describes a common operational problem when using patch management software that results in a false sense of security?

    Select one of the following:

    • Conflicts with vulnerability scans impede patch effectiveness

    • Distributed updates may fail to apply or may not be active until a reboot

    • Vendor patches are released too frequently consuming excessive network bandwidth

    • It is resource intensive to test all patches

    Question 8 of 75

    1

    Which of the following is BEST identified as an attacker who has or is about to use a Logic bomb?

    Select one of the following:

    • Grey hat

    • Malicious insider

    • White hat

    • Black box

    Question 9 of 75

    1

    Which of the following is the BEST choice in regards to training staff members on dealing with PII?

    Select one of the following:

    • PII requires public access but must be flagged as confidential

    • PII data breaches are always the result of negligent staff and punishable by law

    • PII must be handled properly in order to minimize security breaches and mishandling

    • PII must be stored in an encrypted fashion and only printed on shared printers

    Question 10 of 75

    1

    Which of the following processes are used to avoid employee exhaustion and implement a system of checks and balances?

    Select one of the following:

    • Job rotation

    • Incident response

    • Least privilege

    • On-going security

    Question 11 of 75

    1

    When designing secure LDAP compliant applications, null passwords should NOT be allowed because:

    Select one of the following:

    • null password can be changed by all users on a network

    • a null password is a successful anonymous bind

    • null passwords can only be changed by the administrator

    • LDAP passwords are one-way encrypted

    Question 12 of 75

    1

    A security administrator visits a remote data center dressed as a delivery person. Which of the following is MOST likely being conducted?

    Select one of the following:

    • Social engineering

    • Remote access

    • Vulnerability scan

    • Trojan horse

    Question 13 of 75

    1

    Mobile devices used in the enterprise should be administered using:

    Select one of the following:

    • encrypted networks and system logging

    • full disk encryption and central password management

    • vendor provided software update systems

    • centrally managed update services and access controls

    Question 14 of 75

    1

    The Chief Information Officer (CIO) wants to implement widespread network and hardware changes within the organization. The CIO has adopted an aggressive deployment schedule and does not want to bother with documentation, because it will slow down the deployment. Which of the following are the risks associated with not documenting the changes?

    Select one of the following:

    • Undocumented networks might not be protected and can be used to support insider attacks

    • Documenting a network hinders production because it is time consuming and ties up critical resources

    • Documented networks provide a visual representation of the network for an attacker to exploit

    • Undocumented networks ensure the confidentiality and secrecy of the network topology

    Question 15 of 75

    1

    Which of the following could mitigate shoulder surfing?

    Select one of the following:

    • Privacy screens

    • Hashing

    • Man traps

    • Screen locks

    Question 16 of 75

    1

    Which of the following passwords is the MOST complex?

    Select one of the following:

    • 5@rAru99

    • CarL8241g

    • j1l!1b5

    • l@ur0

    Question 17 of 75

    1

    Which of the following is being utilized when the BIOS and operating system’s responsibility is platform integrity?

    Select one of the following:

    • SSL

    • USB encryption

    • Data loss prevention

    • TPM

    Question 18 of 75

    1

    Which of the following BEST describes a Buffer Overflow attack that allows access to a remote system?

    Select one of the following:

    • The attacker attempts to have the receiving server run a payload using programming commonly found on web servers

    • The attacker overwhelms a system or application, causing it to crash and bring the server down to cause an outage

    • The attacker attempts to have the receiving server pass information to a back-end database from which it can compromise the stored information

    • The attacker overwhelms a system or application, causing it to crash, and then redirects the memory address to read from a location holding the payload

    Question 19 of 75

    1

    A company fails to monitor and maintain the HVAC system in the datacenter. Which of the following is the MOST likely to affect availability of systems?

    Select one of the following:

    • Employee productivity in a hot datacenter

    • Premature failure of components

    • Decreased number of systems in the datacenter

    • Increased utility costs

    Question 20 of 75

    1

    Which of the following protocols is defined in RFC 1157 as utilizing UDP ports 161 and 162?

    Select one of the following:

    • SNMP

    • IPSec

    • SSL

    • TLS

    Question 21 of 75

    1

    Which of the following is LEAST likely to have a legitimate business purpose?

    Select one of the following:

    • Metasploit

    • Vulnerability scanner

    • Steganography

    • Port scanner

    Question 22 of 75

    1

    Which of the following does full disk encryption on a laptop computer NOT protect against?

    Select one of the following:

    • Confidentiality of the data

    • Key loggers

    • Theft of the data

    • Disclosure of the data

    Question 23 of 75

    1

    Which of the following passwords exemplifies the STRONGEST complexity?

    Select one of the following:

    • Passw0rd

    • P@ssw0rd

    • Passwrd

    • passwordpassword

    Question 24 of 75

    1

    Which following port ranges would give a technician the MOST comprehensive port scan of a server?

    Select one of the following:

    • 1024-15000

    • 0-99999

    • 0-65535

    • 0-1024

    Question 25 of 75

    1

    Which of the following attacks steals contacts from a mobile device?

    Select one of the following:

    • Bluesnarfing

    • Smurf attack

    • Session hijacking

    • Bluejacking

    Question 26 of 75

    1

    Which of the following attacks sends unwanted messages to a mobile device?

    Select one of the following:

    • Session hijacking

    • Smurf attack

    • Bluejacking

    • Bluesnarfing

    Question 27 of 75

    1

    A smurf attack relies on which protocol to perform a Denial of Service?

    Select one of the following:

    • DNS

    • SNMP

    • SMTP

    • ICMP

    Question 28 of 75

    1

    Which of the following allows for multiple operating systems to run on a single piece of hardware?

    Select one of the following:

    • Virtualization

    • Port security

    • Remote access

    • DMZ

    Question 29 of 75

    1

    A user name is an example of which of the following?

    Select one of the following:

    • Identification

    • Authentication

    • Authorization

    • Access

    Question 30 of 75

    1

    The CRL contains a list of:

    Select one of the following:

    • private keys

    • public keys

    • root certificates

    • valid certificates

    Question 31 of 75

    1

    Which of the following fall into the category of physical security measures? (Select all that apply)

    Select one or more of the following:

    • Honeypot

    • Mantrap

    • Vulnerability scanner

    • Hardware lock

    Question 32 of 75

    1

    Software that performs unwanted and harmful actions in disguise of a legitimate and useful program is also referred to as:

    Select one of the following:

    • Adware

    • Logic bomb

    • Spyware

    • Trojan horse

    Question 33 of 75

    1

    The term Trusted OS refers to an operating system:

    Select one of the following:

    • Admitted to a network through NAC

    • That has been authenticated on the network

    • Implementing patch management

    • With enhanced security features

    Question 34 of 75

    1

    Which of the following would be fastest in validating a digital certificate?

    Select one of the following:

    • IPX

    • OCSP

    • OSPF

    • CRL

    Question 35 of 75

    1

    HTTPS runs on TCP port:

    Select one of the following:

    • 80

    • 137

    • 143

    • 443

    Question 36 of 75

    1

    Paper shredder would help in preventing what kind of threats? (Select all that apply)

    Select one or more of the following:

    • Tailgating

    • Dumpster diving

    • Social engineering

    • Zero-day attack

    Question 37 of 75

    1

    Penetration test with the prior knowledge on how the system that is to be tested works is also known as:

    Select one of the following:

    • Black box

    • White box

    • Sandbox

    • White hat

    Question 38 of 75

    1

    What type of protocols ensure the privacy of a VPN connection?

    Select one of the following:

    • OSPF

    • Tunneling

    • Telnet

    • IPv6

    Question 39 of 75

    1

    Zero-day attack exploits:

    Select one of the following:

    • Vulnerability that is present in already released software but unknown to the software developer

    • Patched software coding errors

    • Well known vulnerabilities

    • New accounts

    Question 40 of 75

    1

    An authentication subsystem that enables a user to access multiple, connected system components (such as separate hosts on a network) after a single login at only one of the components is also referred to as:

    Select one of the following:

    • SSO

    • SSL

    • WAP

    • TLS

    Question 41 of 75

    1

    What is tailgating?

    Select one of the following:

    • Gaining unauthorized access to restricted areas by following another person

    • Looking over someone's shoulder in order to get information

    • Manipulating a user into disclosing confidential information

    • Scanning for unsecured wireless networks while driving in a car

    Question 42 of 75

    1

    Which of the following are symmetric-key algorithms? (Select all that apply)

    Select one or more of the following:

    • Diffie-Hellman

    • 3DES

    • DES

    • RSA

    • AES

    Question 43 of 75

    1

    TCP port 22 is used by default by: (Select all that apply)

    Select one or more of the following:

    • SFTP

    • SCP

    • FTP

    • SSH

    • SMTP

    Question 44 of 75

    1

    A maximum acceptable period of time within which a system must be restored after failure is also known as:

    Select one of the following:

    • Recovery Time Objective (RTO)

    • Maximum Tolerable Period of Disruption (MTPOD)

    • Meantime Between Failures (MTBF)

    • Meantime To Restore (MTTR)

    Question 45 of 75

    1

    Which of the following authentication protocols offer(s) countermeasures against replay attacks? (Select all that apply)

    Select one or more of the following:

    • Kerberos

    • PAP

    • CHAP

    • NTP

    Question 46 of 75

    1

    A policy outlining ways of collecting and managing personal data is also known as:

    Select one of the following:

    • Data loss prevention

    • Acceptable use policy

    • Audit policy

    • Privacy policy

    Question 47 of 75

    1

    Which of the following solutions is used for controlling temperature and humidity?

    Select one of the following:

    • EMI shielding

    • HVAC

    • UART

    • Faraday cage

    Question 48 of 75

    1

    Sticky note with a password kept on sight in the user's cubicle would be a violation of which of the following policies?

    Select one of the following:

    • User account policy

    • Clean desk policy

    • Data labeling policy

    • Password complexity

    Question 49 of 75

    1

    TCP port 23 is used by:

    Select one of the following:

    • TFTP

    • Telnet

    • SMTP

    • SSH

    Question 50 of 75

    1

    A chronological record outlining persons in possession of an evidence is also referred to as:

    Select one of the following:

    • Information classification

    • Evidence timeline

    • Data handling chain

    • Chain of custody

    Question 51 of 75

    1

    Which of the following acronyms refers to any type of information pertaining to an individual that can be used to uniquely identify that individual?

    Select one of the following:

    • ID

    • PII

    • Password

    • PIN

    Question 52 of 75

    1

    Which of the following terms refers to a rogue access point?

    Select one of the following:

    • Trojan horse

    • Backdoor

    • Evil twin

    • Worm

    Question 53 of 75

    1

    A group of computers running malicious software under control of a hacker is also referred to as:

    Select one of the following:

    • Ethernet

    • Intranet

    • Botnet

    • Subnet

    Question 54 of 75

    1

    Which IPsec mode provides whole packet encryption?

    Select one of the following:

    • Host-to-host

    • Payload

    • Transport

    • Tunnel

    Question 55 of 75

    1

    Security measures that can be applied to mobile devices include: (Select all that apply)

    Select one or more of the following:

    • Load balancing

    • Remote sanitation

    • Encryption and passwords

    • Voice encryption

    • Quality of Service (QoS)

    Question 56 of 75

    1

    Which of the following is the BEST approach to perform risk mitigation of user access control rights?

    Select one of the following:

    • Conduct surveys and rank the results.

    • Perform routine user permission reviews.

    • Implement periodic vulnerability scanning.

    • Disable user accounts that have not been used within the last two weeks.

    Question 57 of 75

    1

    Which of the following devices is BEST suited for servers that need to store private keys?

    Select one of the following:

    • Hardware security module

    • Hardened network firewall

    • Solid state disk drive

    • Hardened host firewall

    Question 58 of 75

    1

    All of the following are valid cryptographic hash functions EXCEPT:

    Select one of the following:

    • RIPEMD.

    • RC4.

    • SHA-512.

    • MD4.

    Question 59 of 75

    1

    In regards to secure coding practices, why is input validation important?

    Select one of the following:

    • It mitigates buffer overflow attacks.

    • It makes the code more readable.

    • It provides an application configuration baseline.

    • It meets gray box testing standards.

    Question 60 of 75

    1

    Which of the following would be used when a higher level of security is desired for encryption key storage?

    Select one of the following:

    • TACACS+

    • L2TP

    • LDAP

    • TPM

    Question 61 of 75

    1

    A security administrator needs to determine which system a particular user is trying to login to at
    various times of the day. Which of the following log types would the administrator check?

    Select one of the following:

    • Firewall

    • Application

    • IDS

    • Security

    Question 62 of 75

    1

    Which of the following MUST be updated immediately when an employee is terminated to prevent unauthorized access?

    Select one of the following:

    • Registration

    • CA

    • CRL

    • Recovery agent

    Question 63 of 75

    1

    Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network. Which of the following describes this access control type?

    Select one of the following:

    • Smartcard

    • Token

    • Discretionary access control

    • Mandatory access control

    Question 64 of 75

    1

    Which of the following devices would MOST likely have a DMZ interface?

    Select one of the following:

    • Firewall

    • Switch

    • Load balancer

    • Proxy

    Question 65 of 75

    1

    Which of the following application security testing techniques is implemented when an automated system generates random input data?

    Select one of the following:

    • Fuzzing

    • XSRF

    • Hardening

    • Input validation

    Question 66 of 75

    1

    Which of the following can be used by a security administrator to successfully recover a user’s forgotten password on a password protected file?

    Select one of the following:

    • Cognitive password

    • Password sniffing

    • Brute force

    • Social engineering

    Question 67 of 75

    1

    A security administrator wants to check user password complexity. Which of the following is the
    BEST tool to use?

    Select one of the following:

    • Password history

    • Password logging

    • Password cracker

    • Password hashing

    Question 68 of 75

    1

    Certificates are used for: (Select TWO).

    Select one or more of the following:

    • Client authentication.

    • WEP encryption.

    • Access control lists.

    • Code signing.

    • Password hashing.

    Question 69 of 75

    1

    Which of the following is a hardware based encryption device?

    Select one of the following:

    • EFS

    • TrueCrypt

    • TPM

    • SLE

    Question 70 of 75

    1

    Which of the following BEST describes a protective countermeasure for SQL injection?

    Select one of the following:

    • Eliminating cross-site scripting vulnerabilities

    • Installing an IDS to monitor network traffic

    • Validating user input in web applications

    • Placing a firewall between the Internet and database servers

    Question 71 of 75

    1

    Which of the following MOST interferes with network-based detection techniques?

    Select one of the following:

    • Mime-encoding

    • SSL

    • FTP

    • Anonymous email accounts

    Question 72 of 75

    1

    A certificate authority takes which of the following actions in PKI?

    Select one of the following:

    • Signs and verifies all infrastructure messages

    • Issues and signs all private keys

    • Publishes key escrow lists to CRLs

    • Issues and signs all root certificates

    Question 73 of 75

    1

    Use of a smart card to authenticate remote servers remains MOST susceptible to which of the
    following attacks?

    Select one of the following:

    • Malicious code on the local system

    • Shoulder surfing

    • Brute force certificate cracking

    • Distributed dictionary attacks

    Question 74 of 75

    1

    Separation of duties is often implemented between developers and administrators in order to separate which of the following?

    Select one of the following:

    • More experienced employees from less experienced employees

    • Changes to program code and the ability to deploy to production

    • Upper level management users from standard development employees

    • The network access layer from the application access layer

    Question 75 of 75

    1

    A security administrator needs to update the OS on all the switches in the company. Which of the following MUST be done before any actual switch configuration is performed?

    Select one of the following:

    • The request needs to be sent to the incident management team.

    • The request needs to be approved through the incident management process.

    • The request needs to be approved through the change management process.

    • The request needs to be sent to the change management team.