Term
QUESTION NO: 101
A technician is rebuilding the infrastructure for an organization. The technician has been tasked
with making sure that the virtualization technology is implemented securely. Which of the following
is a concern when implementing virtualization technology?
A. The technician should verify that the virtual servers are dual homed so that traffic is securely
separated.
B. The technician should verify that the virtual servers and the host have the latest service packs
and patches applied.
C. The technician should subnet the network so each virtual server is on a different network
segment.
D. The technician should perform penetration testing on all the virtual servers to monitor
performance. |
|
Definition
|
|
Term
QUESTION NO: 102
A technician is reviewing the logical access control method an organization uses. One of the
senior managers requests that the technician prevent staff members from logging on during nonworking
days.
Which of the following should the technician implement to meet managements request?
A. Enforce Kerberos
B. Deploy smart cards
C. Time of day restrictions
D. Access control lists |
|
Definition
|
|
Term
QUESTION NO: 103
How would a technician implement a security patch in an enterprise environment?
A. Download the patch from the vendors secure website and install it on the most vulnerable
workstation.
B. Download the patch from the vendors secure website, test the patch and install it on all
workstations.
C. Download the patch from the vendors secure website and install it as needed.
D. Download the patch from the Internet, test the patch and install it on all of the
productionservers.WBerlin
Sans |
|
Definition
|
|
Term
QUESTION NO: 104
Which of the following is considered the weakest encryption?
A. AES
B. DES
C. SHA
D. RSA |
|
Definition
|
|
Term
QUESTION NO: 105
Which of the following encryption schemes is the public key infrastructure based on?
A. Quantum
B. Elliptical curve
C. Asymmetric
D. Symmetric |
|
Definition
|
|
Term
QUESTION NO: 106
Which of the following BEST describes the term war driving?
A. Driving from point to point with a laptop and an antenna to find unsecured wireless access
points.
B. Driving from point to point with a wireless scanner to read other users emails through the
access point.
C. Driving from point to point with a wireless network card and hacking into unsecured wireless
access points.
D. Driving from point to point with a wireless scanner to use unsecured access points. |
|
Definition
|
|
Term
QUESTION NO: 107
Which of the following statements BEST describes the implicit deny concept?
A. Blocks everything and only allows privileges based on job description
B. Blocks everything and only allows explicitly granted permissions
C. Blocks everything and only allows the minimal required privileges
D. Blocks everything and allows the maximum level of permissions |
|
Definition
|
|
Term
QUESTION NO: 108
When is the BEST time to update antivirus definitions?
A. At least once a week as part of system maintenance
B. As the definitions become available from the vendor
C. When a new virus is discovered on the system
D. When an attack occurs on the network |
|
Definition
|
|
Term
QUESTION NO: 109
Why would a technician use a password cracker?
A. To look for weak passwords on the network
B. To changea users passwords when they leave the company
C. To enforce password complexity requirements
D. To change users passwords if they have forgotten them |
|
Definition
|
|
Term
QUESTION NO: 110
Users on a network report that they are receiving unsolicited emails from an email address that
does not change. Which of the following steps should be taken to stop this from occurring?
A. Configure a rule in eachusers router and restart the router.
B. Configure rules on the users host and restart the host.
C. Install an anti-spam filter on the domain mail servers and filter the email address.
D. Install an ACL on the firewall to block traffic from the sender and filter the IP address. |
|
Definition
|
|
Term
QUESTION NO: 111
Which of the following is a true statement with regards to a NIDS?
A. A NIDS monitors and analyzes network traffic for possible intrusions.
B. A NIDS is installed on the proxy server.
C. A NIDS prevents certain types of traffic from entering a network.
D. A NIDS is normally installed on the email server. |
|
Definition
|
|
Term
QUESTION NO: 112
A technician suspects that a piece of malware is consuming too many CPU cycles and slowing
down a system. Which of the following will help determine the amount of CPU cycles that are
being consumed?
A. Install HIDS to determine the CPU usage.
B. Run performance monitor to evaluate the CPU usage.
C. Install malware scanning software.
D. Use a protocol analyzer to find the cause of the traffic. |
|
Definition
|
|
Term
QUESTION NO: 113
Which of the following are characteristics of a hash function? (Select TWO).
A. One-way
B. Encrypts a connection
C. Ensures data can be easily decrypted
D. Fixed length output
E. Requires a key |
|
Definition
|
|
Term
QUESTION NO: 114
Which of the following is the MOST secure alternative for administrative access to a router?
A. SSH
B. Telnet
C. rlogin
D. HTTP |
|
Definition
|
|
Term
QUESTION NO: 115
Which of the following might an attacker resort to in order to recover discarded company
documents?
A. Phishing
B. Insider theft
C. Dumpster diving
D. Shoulder surfing |
|
Definition
|
|
Term
QUESTION NO: 116
Which of the following creates a security buffer zone between two rooms?
A. Mantrap
B. DMZ
C. Turnstile
D. Anti-pass back |
|
Definition
|
|
Term
QUESTION NO: 117
Which of the following tools would be used to review network traffic for clear text passwords?
A. Port scanner
B. Protocol analyzer
C. Firewall
D. Password cracker |
|
Definition
|
|
Term
QUESTION NO: 118
Kerberos uses which of the following trusted entities to issue tickets?
A. Ticket Granting System
B. Certificate Authority
C. Internet Key Exchange
D. Key Distribution Center |
|
Definition
|
|
Term
QUESTION NO: 119
Which of the following specifies a set of consistent requirements for a workstation or server?
A. Vulnerability assessment
B. Imaging software
C. Patch management
D. Configuration baseline |
|
Definition
|
|
Term
QUESTION NO: 120
A companys website allows customers to search for a product and display the current price and
quantity available of each product from the production database. Which of the following would
invalidate an SQL injection attack launched from the lookup field at the web server level?
A. Security template
B. Buffer overflow protection
C. NIPS
D. Input validation |
|
Definition
|
|
Term
QUESTION NO: 121
Which of the following virtual machine components monitors and manages the various virtual
instances?
A. VMOS
B. VCPU
C. Hypervisor
D. Virtual supervisor |
|
Definition
|
|
Term
QUESTION NO: 122
A smurf attack is an example of which of the following threats?
A. ARP Poisoning
B. DoS
C. TCP/IP Hijacking
D. Man-in-the-middle |
|
Definition
|
|
Term
QUESTION NO: 123
Which of the following is the BEST tool for allowing users to go to approved business-related
websites only?
A. Internet content filter
B. Firewall
C. ACL
D. Caching server |
|
Definition
|
|
Term
QUESTION NO: 124
Which of the following is a security trait of a virtual machine?
A. Provides additional resources for testing
B. Provides real-time access to all system processes
C. Provides a read-only area for executing code
D. Provides a restricted environment for executing code |
|
Definition
|
|
Term
QUESTION NO: 125
An unauthorized user intercepted a users password and used this information to obtain the
companys administrator password. The unauthorized user can use the administrators password to
access sensitive information pertaining to client data. Which of the following is this an example of?
A. Session hijacking
B. Least privilege
C. Privilege escalation
D. Network address translation |
|
Definition
|
|
Term
QUESTION NO: 126
Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is
concerned that sensitive files can be copied to the USB drives. Which of the following mitigation
techniques would address this concern? (Select TWO).
A. Disable the USB root hub within the OS.
B. Install anti-virus software on the USB drives.
C. Disable USB within the workstations BIOS.
D. Apply the concept of least privilege to USB devices.
E. Run spyware detection against all workstations. |
|
Definition
|
|
Term
QUESTION NO: 127
An administrator has developed an OS install that will implement the tightest security controls
possible. In order to quickly replicate these controls on all systems, which of the following should
be established?
A. Take screen shots of the configuration options.
B. Create an image from the OS install.
C. Create a boot disk for the operating system.
D. Implement OS hardening procedures. |
|
Definition
|
|
Term
QUESTION NO: 128
After registering an email address on a website, a user starts receiving messages from unknown
sources. The email account is new, and therefore the user is concerneD. This type of message
traffic is referred to as:
A. instant messagetraffiC.
B. SPIM.
C. S/MIME.
D. spam. |
|
Definition
|
|
Term
QUESTION NO: 129
A technician is testing the security of a new database application with a website front-end. The
technician notices that when certain characters are input into the application it will crash the
server. Which of the following does the technician need to do?
A. Utilize SSL on the website
B. Implement an ACL
C. Lock-down the database
D. Input validation |
|
Definition
|
|
Term
QUESTION NO: 130
An administrator in a small office environment has implemented an IDS on the network perimeter
to detect malicious traffic patterns. The administrator still has a concern about traffic inside the
network originating between client workstations. Which of the following could be implemented?
A. HIDS
B. A VLAN
C. A network router
D. An access list |
|
Definition
|
|
Term
QUESTION NO: 131
A user is redirected to a different website when the user requests the DNS record
www.xyz.comptiA. com. Which of the following is this an example of?
A. DNS poisoning
B. DoS
C. DNS caching
D. Smurf attack |
|
Definition
|
|
Term
QUESTION NO: 132
A company wants to host public servers on a new network. These servers will include a website
and
mail server.Which of the following should be implemented on the network to isolate these public
hosts from the rest of the network?
A. IPv6
B. IPSec
C. DMZ
D. VLAN |
|
Definition
|
|
Term
QUESTION NO: 133
A user has decided that they do not want an internal LAN segment to use public IP addresses.
The user wants to translate them as private IP addresses to a pool of public IP addresses to
identify them on the Internet. Which of the following does the user want to implement?
A. IPSec
B. NAT
C. SSH
D. SFTP |
|
Definition
|
|
Term
QUESTION NO: 134
An administrator has been studying stateful packet inspection and wants to implement this security
technique on the network. Which of the following devices could the administrator use to BEST
utilize stateful packet inspection?
A. Hub
B. IDS
C. Switch
D. Firewall |
|
Definition
|
|
Term
QUESTION NO: 135
Which of the following is the primary purpose of a honeypot?
A. Translate addresses at the perimeter
B. To provide a decoy target on the network
C. Provide cryptography for the network
D. Work as a network proxy |
|
Definition
|
|
Term
QUESTION NO: 136
An administrator wants to ensure that that no equipment is damaged when there is a fire or false
alarm in the server room. Which of the following type of fire suppression systems should be used?
A. Carbon Dioxide
B. Hydrogen Peroxide
C. Wet pipe sprinkler
D. Deluge sprinkler |
|
Definition
|
|
Term
QUESTION NO: 137
Which of the following is a CRL composed of?
A. Public Key Infrastructure (PKI)
B. Expired or revoked certificates
C. Certificate authorities
D. Expired user accounts |
|
Definition
|
|
Term
QUESTION NO: 138
Which of the following is the primary purpose of a CA?
A. LANMAN validation
B. Encrypt data
C. Kerberos authentication
D. Issue private/public keys |
|
Definition
|
|
Term
QUESTION NO: 139
An administrator wants to replace telnet with a more secure protocol to manage a network device.
Which of the following should be implemented on the network?
A. SMTP
B. SNMP
C. SFTP
D. SSH |
|
Definition
|
|
Term
QUESTION NO: 140
A user is attempting to receive digitally signed and encrypted email messages from a remote
office.
Which of the following protocols does the system need to support?
A. SMTP
B. S/MIME
C. ISAKMP
D. IPSec |
|
Definition
|
|
Term
QUESTION NO: 141
An administrator does not want anyone to VPN from inside the network to a remote office or
network. Which of the following protocols should be blocked outbound on the network?
A. TPM
B. OVAL
C. SNMP
D. ISAKMP |
|
Definition
|
|
Term
QUESTION NO: 142
An administrator is implementing a public website and they want all client connections to the server to be encrypted via their web browser. Which of the following should be implemented?
A. SSL
B. SHA-1
C. Blowfish
D. 3DES |
|
Definition
|
|
Term
QUESTION NO: 143
Which of the following is MOST likely provided by asymmetric key cryptography?
A. Performance
B. A pre-shared key
C. Kiting
D. Confidentiality |
|
Definition
|
|
Term
QUESTION NO: 144
All of the following are symmetric key algorithms EXCEPT:
A. ECC.
B. Rijndael.
C. 3DES.
D. RC4 |
|
Definition
|
|
Term
QUESTION NO: 145
Which of the following is true about ECC algorithms?
A. It is the algorithm used in PGP.
B. It is implemented in portable devices.
C. It is a private key algorithm.
D. It is CPUintensivE. |
|
Definition
|
|
Term
QUESTION NO: 146
Which of the following is a way to encrypt session keys using SSL?
A. Session keys are sentunencrypteD.
B. Session keys are encrypted using an asymmetric algorithm.
C. Session keys are sent in clear text because they are private keys.
D. Session keys are encrypted using a symmetric algorithm. |
|
Definition
|
|
Term
QUESTION NO: 147
Which of the following can reduce the risk associated with password guessing attacks? (Select TWO).
A. Implement single sign-on.
B. Implement shared passwords.
C. Implement account-lockout thresholds.
D. Implement shadow passwords.
E. Implement stronger password complexity policies. |
|
Definition
|
|
Term
QUESTION NO: 148
Which of the following is a common practice in forensic investigation?
A. Performing aGutman sanitization of the drive
B. Performing a binary copy of the systems storage media
C. Performing a file level copy of the systems storage media
D. Performing a sanitization of the drive |
|
Definition
|
|
Term
QUESTION NO: 149
Which of the following is done to ensure appropriate personnel have access to systems and
networks? (Select TWO).
A. Conduct periodic penetration testing assessments.
B. Conduct periodic personnel employment verifications.
C. Conduct rights review of users and groups.
D. Conduct virus scan.
E. Conduct vulnerability assessments. |
|
Definition
|
|
Term
QUESTION NO: 150
Antivirus software products detect malware by comparing the characteristics of known instances
against which of the following type of file sets?
A. Signature
B. Text
C. NIDS signature
D. Dynamic Library |
|
Definition
|
|
Term
QUESTION NO: 151
Which of the following type of fire suppression tools would cause the MOST damage to electrical
equipment?
A. Water
B. Carbon Dioxide
C. Halon
D. Foam |
|
Definition
|
|
Term
QUESTION NO: 152
Which of the following is the BEST process of removing PII data from a disk drive before reuse?
A. Destruction
B. Sanitization
C. Reformatting
D. Degaussing |
|
Definition
|
|
Term
QUESTION NO: 153
When assigning permissions, which of the following concepts should be applied to enable a person to perform their job task?
A. Rule based
B. Discretionary access control (DAC)
C. Least privilege
D. Role based |
|
Definition
|
|
Term
QUESTION NO: 154
While conducting a review of the system logs, a user had attempted to log onto the network over
250 times. Which of the following type of attacks is MOST likely occurring?
A. Brute force
B. Phishing
C. Spamming
D. DNS spoofing |
|
Definition
|
|
Term
QUESTION NO: 155
Users do not want to enter credentials to each server or application to conduct their normal work.Which of the following type of strategies will resolve this issue?
A. Smart card
B. Two-factor authentication
C. Biometrics
D. SSO |
|
Definition
|
|
Term
QUESTION NO: 156
A user was trying to update an open file but when they tried to access the file they were denied. Which of the following would explain why the user could not access the file?
A. Audit only access
B. Execute only access
C. Rights are not set correctly
D. Write only access |
|
Definition
|
|
Term
QUESTION NO: 157
Accessing a system or application using permissions from another users account is a form of
which of the following?
A. Phishing
B. Domain kiting
C. ARP spoofing
D. Privilege escalation |
|
Definition
|
|
Term
QUESTION NO: 158
Which of the following is an important reason for password protecting the BIOS?
A. To maintain password complexity requirements
B. To prevent system start-up without knowing the password
C. To keep a user from changing the boot order of the system
D. To keep a virus from overwriting the BIOS |
|
Definition
|
|
Term
QUESTION NO: 159
Which of the following is a software bundle containing multiple security fixes?
A. Patch management
B. Ahotfix
C. Service pack
D. A patch |
|
Definition
|
|
Term
QUESTION NO: 160
A company uses a policy of assigning passwords to users, by default the passwords are based off of the word $ervicexx, where xx is the last two numbers of the users cell phone number. The users are not required to change this password. Which of the following is this an example of?
A. Default accounts
B. Known plain text
C. Back door
D. Weak passwords |
|
Definition
|
|
Term
QUESTION NO: 161
Which of the following is an installable package that includes several patches from the same
vendor for various applications?
A. Hotfix
B. Patch template
C. Service pack
D. Patch rollup |
|
Definition
|
|
Term
QUESTION NO: 162
Which of the following is a best practice to prevent users from being vulnerable to social
engineering?
A. Have a solid acceptable use policy in place with a click through banner.
B. Provide thorough and frequent user awareness training.
C. Haveuser sign both the acceptable use policy and security based HR policy.
D. Provide a service level agreement that addresses social engineering issues. |
|
Definition
|
|
Term
QUESTION NO: 163
The RAS logs on a server show 100 errors in a two minute time period from an attempt to access an account. The error log shows unknown username or password. Which of the following is this an
example of?
A. The local firewall is blocking GRE packets.
B. An unauthorized attempt to access the server.
C. The end users ISPis having issues with packet loss.
D. One of the users forgot their password and kept trying to login. |
|
Definition
|
|
Term
QUESTION NO: 164
An administrator notices that former temporary employees accounts are still active on a domain.
Which of the following can be implemented to increase security and prevent this from happening?
A. Run a last logon script to look for inactive accounts.
B. Implement an account expiration date for temporary employees.
C. Implement a password expiration policy.
D. Implement time of day restrictions for all temporary employees. |
|
Definition
|
|
Term
QUESTION NO: 165
Which of the following is the primary security risk with coaxial cable?
A. Diffusion of the core light source
B. Data emanation from the core
C. Crosstalk between the wire pairs
D. Refraction of the signal |
|
Definition
|
|
Term
QUESTION NO: 166
Which of the following is a collection of patches?
A. A security template
B. A service pack
C. A securityhotfix
D. A security baseline |
|
Definition
|
|
Term
QUESTION NO: 167
Which of the following would allow an administrator to find weak passwords on the network?
A. A networkmapper
B. A hash function
C. A password generator
D. A rainbow table |
|
Definition
|
|
Term
QUESTION NO: 168
Which of the following is the BEST place where the disaster recovery plan should be kept?
A. Printed out and kept in the desk of the CIO
B. At multiple offsite locations
C. Multiple copies printed out and kept in the server room
D. On the network file server |
|
Definition
|
|
Term
QUESTION NO: 169
Which of the following is established immediately upon evidence seizure?
A. Start the incident respond plan
B. Damage and loss control
C. Chain of custody
D. Forensic analysis |
|
Definition
|
|
Term
QUESTION NO: 170
Which of the following is a required privilege that an administrator must have in order to restore a
public/private key set on a certificate authority (CA)?
A. Recovery agent
B. Registration authority
C. Domain administrator
D. Group administrator |
|
Definition
|
|
Term
QUESTION NO: 171
Which of the following algorithms have the smallest key space?
A. IDEA
B. SHA-1
C. AES
D. DES |
|
Definition
|
|
Term
QUESTION NO: 172
Which of the following is the MOST recent addition to cryptography?
A. AES
B. DES
C. 3DES
D. PGP |
|
Definition
|
|
Term
QUESTION NO: 173
Which of the following requires a common pre-shared key before communication can begin?
A. Public key infrastructure
B. Symmetric key cryptography
C. Secure hashing algorithm
D. Asymmetric key cryptography |
|
Definition
|
|
Term
QUESTION NO: 174
Which of the following provides the MOST comprehensive redundancy for an entire site with the
least downtime?
A. A warm site
B. A cold site
C. A mobile site
D. A hot site |
|
Definition
|
|
Term
QUESTION NO: 175
Which of the following allows devices attached to the same switch to have separate broadcast
domains?
A. NAT
B. DMZ
C. NAC
D. VLAN |
|
Definition
|
|
Term
QUESTION NO: 176
Which of the following allows for notification when a hacking attempt is discovered?
A. NAT
B. NIDS
C. Netflow
D. Protocol analyzer |
|
Definition
|
|
Term
QUESTION NO: 177
When dealing with a 10BASE5 network, which of the following is the MOST likely security risk?
A. An incorrect VLAN
B. SSID broadcasting
C. A repeater
D. A vampire tap |
|
Definition
|
|
Term
QUESTION NO: 178
Which of the following allows a technician to scan for missing patches on a device without actually attempting to exploit the security problem?
A. A vulnerability scanner
B. Security baselines
C. A port scanner
D. Group policy |
|
Definition
|
|
Term
QUESTION NO: 179
Which of the following allows for proof that a certain person sent a particular email?
A. Steganography
B. Integrity
C. Trusted Platform Module
D. Non-repudiation |
|
Definition
|
|
Term
QUESTION NO: 180
Which of the following uses a key ring?
A. AES
B. DES
C. PGP
D. RSA |
|
Definition
|
|
Term
QUESTION NO: 181
Which of the following allows for the highest level of security at time of login?
A. Single sign-on
B. Two-factor authentication
C. One-factor authentication
D. NTLMv2 |
|
Definition
|
|
Term
QUESTION NO: 182
Sending a patch through a testing and approval process is an example of which of the following?
A. Disaster planning
B. Change management
C. Acceptable use policies
D. User education and awareness training |
|
Definition
|
|
Term
QUESTION NO: 183
Sending continuous TCP requests to a device and ignoring the return information until the device
ceases to accept new connections is an example of which of the following?
A. TCP/IP hijacking
B. DNS poisoning
C. Kiting
D. DoS |
|
Definition
|
|
Term
QUESTION NO: 184
Which of the following would use a group of bots to stop a web server from accepting new
requests?
A. DoS
B. DDoS
C. MAC
D. ARP |
|
Definition
|
|
Term
QUESTION NO: 185
Which of the following is the MOST likely to generate static electricity?
A. Low humidity and high temperature
B. High humidity and low temperature
C. Low humidity and low temperature
D. High humidity and high temperature |
|
Definition
|
|
Term
QUESTION NO: 186
Using an asymmetric key cryptography system, where can a technician generate the key pairs?
A. A certificate authority
B. IETF
C. A key escrow service
D. A recovery agent |
|
Definition
|
|
Term
QUESTION NO: 187
Which of the following media is the LEAST likely to be successfully tapped into?
A. Unshielded twisted pair cable
B. Coaxial cable
C. Fiber optic cable
D. Shielded twisted pair cable |
|
Definition
|
|
Term
QUESTION NO: 188
Which of the following allows a person to find public wireless access points?
A. Weak encryption
B. 8021x
C. SSID broadcast
D. Data emanation |
|
Definition
|
|
Term
QUESTION NO: 189
Which of the following allows a file to have different security permissions for users that have the
same roles or user groups?
A. Mandatory Access Control (MAC)
B. Role-Based Access Control (RBAC)
C. Discretionary Access Control (DAC)
D. Rule-Based Access Control (RBAC) |
|
Definition
|
|
Term
QUESTION NO: 190
A DMZ has a fake network that a hacker is attacking. Which of the following is this an example of?
A. Firewall
B. Man-in-the-middle
C. Proxy server
D. Honeypot |
|
Definition
|
|
Term
QUESTION NO: 191
A company decides that the purchasing agent and the accounts receivable agent should exchange positions in order to allow for more oversight of past transactions. Which of the following is this an example of?
A. Least privilege
B. Implicit deny
C. Separation of duties
D. Job rotation |
|
Definition
|
|
Term
QUESTION NO: 192
A user complains that the color laser printer continuously gives an access denied message while attempting to print a text document. The administrator logs onto the PC and prints successfully. Which of the following should the administrator check FIRST?
A. That the printer has the correct size of paper in each of the trays
B. That the toner should be changed in the printer
C. That the user has sufficient rights to print to the printer
D. That the user is attempting to print to the correct printer tray |
|
Definition
|
|
Term
QUESTION NO: 193
Which of the following uses a sandbox to manage a programs ability to access system resources?
A. Java
B. ActiveX
C. JavaScript
D. Cold Fusion |
|
Definition
|
|
Term
QUESTION NO: 194
Which of the following allows a technician to view the security permissions of a file?
A. The access control list
B. The security baseline
C. The data emanation
D. The local security template |
|
Definition
|
|
Term
QUESTION NO: 195
A user is denied access to a file. The user had access to the file yesterday. Which of the following
is the FIRST action for the technician to take?
A. Deny the users request and forward to the human resources department.
B. Reboot the system.
C. Verify that theusers permissions are correct.
D. Grant access to the file. |
|
Definition
|
|
Term
QUESTION NO: 196
A user is convinced that someone is attempting to use their user account at night. Which of the
following should an administrator check FIRST in order to prove or disprove this claim?
A. The IDS logs
B. The security application logs
C. The local security logs
D. The firewall logs |
|
Definition
|
|
Term
QUESTION NO: 197
A user reports that a web based application is not working after a browser upgrade. Before the upgrade, a login box would appear on the screen and disappear after login. The login box does not appear after the upgrade. Which of the following BEST describes what to check FIRST?
A. That the software based firewall application trusts this site
B. That the pop-up blocker application trusts this site
C. That the antivirus application trusts this site
D. That the anti-spam application trusts this site |
|
Definition
|
|
Term
QUESTION NO: 198
An intrusion has been detected on a company's network from the Internet. Which of the following should be checked FIRST?
A. The firewall logs
B. The DNS logs
C. The access logs
D. The performance logs |
|
Definition
|
|
Term
QUESTION NO: 199
A user needs to verify that a patch file downloaded from a third party has not been modified since
the time that the original manufacturer released the patch. Which of the following is the BEST way to verify that the file has not been modified?
A. Compare the final MD5 hash with the original.
B. Download the patch file over an AES encrypted VPN connection.
C. Compare the final LANMAN hash with the original.
D. Download the patch file through a SSL connection. |
|
Definition
|
|
Term
QUESTION NO: 200
A technician suspects that one of the network cards on the internal LAN is causing a broadcast storm. Which of the following would BEST diagnose which NIC is causing this problem?
A. The NIDS log file
B. A protocol analyzer
C. The local security log file
D. The local firewall log file |
|
Definition
|
|
