Term
| Which of the following should Pete, a security manager, implement to reduce the risk of employees working in collusion to embezzle funds from their company? |
|
Definition
|
|
Term
| Which of the following will allow Pete, a security analyst, to trigger a security alert because of a tracking cookie? |
|
Definition
|
|
Term
| Which of the following protocols allows for secure transfer of files? |
|
Definition
|
|
Term
| Which of the following passwords is the LEAST complex? |
|
Definition
|
|
Term
| During a penetration test from the Internet, Jane, the system administrator, was able to establish a connection to an internal router, but not successfully log in to it. Which ports and protocols are MOST likely to be open on the firewall? |
|
Definition
|
|
Term
| Which of the following is an application security coding problem? |
|
Definition
| Error and exception handling |
|
|
Term
| An IT security technician needs to establish host based security for company workstations. Which of the following will BEST meet this requirement? |
|
Definition
| Implement OS hardening by applying GPOs. |
|
|
Term
| Which of the following is the MOST specific plan for various problems that can arise within a system? |
|
Definition
|
|
Term
| Which of the following BEST describes the weakness in WEP encryption? |
|
Definition
| The WEP key is stored with a very small pool of random numbers to make the cipher text. As the random numbers are often reused it becomes easy to derive the remaining WEP key. |
|
|
Term
| Sara, the Chief Security Officer (CSO), has had four security breaches during the past two years. Each breach has cost the company $3,000. A third party vendor has offered to repair the security hole in the system for $25,000. The breached system is scheduled to be replaced in five years. Which of the following should Sara do to address the risk? |
|
Definition
| Transfer the risk saving $5,000. |
|
|
Term
| Which of the following is an authentication and accounting service that uses TCP for connecting to routers and switches? |
|
Definition
|
|
Term
| Which of the following can BEST help prevent cross-site scripting attacks and buffer overflows on a production system? |
|
Definition
|
|
Term
| Pete, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection? |
|
Definition
|
|
Term
| Which of the following should be connected to the fire alarm system in order to help prevent the spread of a fire in a server room without data loss to assist in an FM-200 deployment? |
|
Definition
|
|
Term
| Matt, a security consultant, has been tasked with increasing server fault tolerance and has been given no budget to accomplish his task. Which of the following can Matt implement to ensure servers will withstand hardware failure? |
|
Definition
|
|
Term
| Which of the following fire suppression systems is MOST likely used in a datacenter? |
|
Definition
|
|
Term
| A security administrator has installed a new KDC for the corporate environment. Which of the following authentication protocols is the security administrator planning to implement across the organization? |
|
Definition
|
|
Term
| While opening an email attachment, Pete, a customer, receives an error that the application has encountered an unexpected issue and must be shut down. This could be an example of which of the following attacks? |
|
Definition
|
|
Term
| Jane has recently implemented a new network design at her organization and wishes to passively identify security issues with the new network. Which of the following should Jane perform? |
|
Definition
|
|
Term
| A security technician is working with the network firewall team to implement access controls at the company’s demarc as part of the initiation of configuration management processes. One of the network technicians asks the security technician to explain the access control type found in a firewall. With which of the following should the security technician respond? |
|
Definition
| Rule based access control |
|
|
Term
| Jane, a security administrator, has been tasked with explaining authentication services to the company’s management team. The company runs an active directory infrastructure. Which of the following solutions BEST relates to the host authentication protocol within the company’s environment? |
|
Definition
|
|
Term
| Pete, the compliance manager, wants to meet regulations. Pete would like certain ports blocked only on all computers that do credit card transactions. Which of the following should Pete implement to BEST achieve this goal? |
|
Definition
|
|
Term
| Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal? |
|
Definition
|
|
Term
| Pete, the system administrator, wishes to monitor and limit users’ access to external websites. Which of the following would BEST address this? |
|
Definition
|
|
Term
| Sara, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Sara configure? |
|
Definition
|
|
