Term
| Which of the following implementation steps would be appropriate for a public wireless hot-spot? |
|
Definition
| Open system authentication |
|
|
Term
| Which of the following is a step in deploying a WPA2-Enterprise wireless network? |
|
Definition
| Install a digital certificate on the authentication server |
|
|
Term
| Which of the following controls would allow a company to reduce the exposure of sensitive systems from unmanaged devices on internal networks? |
|
Definition
|
|
Term
| Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host? |
|
Definition
| Disabling unnecessary services |
|
|
Term
| A security manager must remain aware of the security posture of each system. Which of the following supports this requirement? |
|
Definition
| Establishing baseline reporting |
|
|
Term
| Deploying a wildcard certificate is one strategy to: |
|
Definition
| Reduce the certificate management burden |
|
|
Term
| The security administrator needs to manage traffic on a layer 3 device to support FTP from a new remote site. Which of the following would need to be implemented? |
|
Definition
|
|
Term
| Which of the following ports is used for SSH, be default? |
|
Definition
|
|
Term
| A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN? |
|
Definition
|
|
Term
A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IPs:
10.10.3.16
10.10.3.23
212.178.24.26
217.24.94.83
These attempts are overloading the server to the point that it cannot respond to traffic. Which of the following attacks is occurring? |
|
Definition
|
|
Term
| Which of the following ciphers would be BEST used to encrypt streaming video? |
|
Definition
|
|
Term
| A user attempting to log on to a workstation for the first time is prompted for the following information before being granted access: username, password and a four-digit security pin that was mailed to him during account registration. This is an example of which of the following? |
|
Definition
| Single factor authentication |
|
|
Term
| After analyzing an correlating activity from multiple sensors, the security administrator has determined that a group of very well organized individuals from an enemy country is responsible for various attempts to breach the company network, through the use of very sophisticated and targeted attacks. which of the following is this an example of? |
|
Definition
| Advanced persistent threat |
|
|
Term
| Which of the following is true about input validation in a client-server architecture, when data integrity is critical to the organization? |
|
Definition
| It should be performed on the server side. |
|
|
Term
| A merchant acquirer has the need to store credit card numbers in a transactional database in a high performance environment. which of the following BEST protects the credit card data? |
|
Definition
| Database field encryption |
|
|
Term
| A bank has a fleet of aging payment terminals used by merchants for transactional processing. The terminals currently support single DES but require an upgrade in order to be compliant with security standards. Which of the following is likely to be the simplest upgrade to the aging terminals which will improve in-transit protection of transactional data? |
|
Definition
|
|
Term
| Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model? |
|
Definition
|
|
Term
| Which of the following is BEST used to capture and analyze network traffic between hosts on the same network segment? |
|
Definition
|
|
Term
| After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will reduce the risk of another data leak. Which of the following would be most effective in reducing data leaks in this situation? |
|
Definition
| Information Security Awareness |
|
|
Term
| Which of the following functions provides an output which cannot be reversed and converts data into a string of characters? |
|
Definition
|
|
Term
| which of the following encrypts data a single bit at a time? |
|
Definition
|
|
Term
| Which of the following is used to verify data integrity? |
|
Definition
|
|
Term
| By default, which of the following uses TCP port 22? |
|
Definition
|
|
Term
| Access mechanisms to data on encrypted USB hard drives must be implemented correctly otherwise. |
|
Definition
| the security controls on the USB drive can be bypassed. |
|
|
Term
| Maintenance workers find an active network switch hidden above a dropped-ceiling tile in the CEO's office with various connected cables from the office. Which of the following describes the type of attack that was occurring? |
|
Definition
|
|
