Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
30 Cards in this Set
- Front
- Back
|
The helpdesk reports increased calls from clients reporting spikes in malware infections on their systems. Which of the following phases of incident response is MOST appropriate as a FIRST response?
A. Recovery B. Follow-up C. Validation D. Identification E. Eradication F. Containment |
D. Identification |
|
|
Which of the following protocols operates at the HIGHEST level of the OSI model?
A. ICMP B. IPSec C. SCP D. TCP |
C. SCP |
|
|
Which of the following can be implemented in hardware or software to protect a web server from cross-site scripting attacks?
A. Intrusion Detection System B. Flood Guard Protection C. Web Application Firewall D. URL Content Filter |
C. Web Application Firewall |
|
|
Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication.
Which of the following is an authentication method Jane should use?
A. WPA2-PSK B. WEP-PSK C. CCMP D. LEAP |
D. LEAP |
|
|
Which of the following is being tested when a company's payroll server is powered off for eight hours?
A. Succession plan B. Business impact document C. Continuity of operations plan D. Risk assessment plan |
C. Continuity of operations plan |
|
|
A network engineer is designing a secure tunneled VPN. Which of the following protocols would be the MOST secure?
A. IPSec B. SFTP C. BGP D. PPTP |
A. IPSec |
|
|
Which of the following implementation steps would be appropriate for a public wireless hot-spot?
A. Reduce power level B. Disable SSID broadcast C. Open system authentication D. MAC filter |
C. Open system authentication |
|
|
Which of the following is a step in deploying a WPA2-Enterprise wireless network?
A. Install a token on the authentication server B. Install a DHCP server on the authentication server C. Install an encryption key on the authentication server D. Install a digital certificate on the authentication server |
D. Install a digital certificate on the authentication server |
|
|
Deploying a wildcard certificate is one strategy to:
A. Secure the certificate's private key. B. Increase the certificate's encryption key length. C. Extend the renewal date of the certificate. D. Reduce the certificate management burden. |
D. Reduce the certificate management burden. |
|
|
Which of the following ciphers would be BEST used to encrypt streaming video?
A. RSA B. RC4 C. SHA1 D. 3DES |
B. RC4 |
|
|
A bank has a fleet of aging payment terminals used by merchants for transactional processing. The terminals currently support single DES but require an upgrade in order to be compliant with security standards. Which of the following is likely to be the simplest upgrade to the aging terminals which will improve in-transit protection of transactional data?
A. AES B. 3DES C. RC4 D. WPA2 |
B. 3DES |
|
|
Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model?
A. WAF B. NIDS C. Routers D. Switches |
A. WAF |
|
|
After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will reduce the risk of another data leak. Which of the following would be MOST effective in reducing data leaks in this situation?
|
A. Information Security Awareness |
|
|
Which of the following is used to verify data integrity?
|
A. SHA |
|
|
By default, which of the following uses TCP port 22? (Select THREE).
|
D. SCP, G. SSH, and H. SFTP |
|
|
Access mechanisms to data on encrypted USB hard drives must be implemented correctly |
D. the security controls on the USB drive can be bypassed. |
|
|
A security administrator is segregating all web-facing server traffic from the internal network and restricting it to a single interface on a firewall. Which of the following BEST describes this new network?
|
D. DMZ |
|
|
Which of the following was based on a previous X.500 specification and allows either unencrypted authentication or encrypted authentication through the use of TLS? |
D. LDAP |
|
|
Which of the following has a storage root key? |
C. TPM |
|
|
The concept of rendering data passing between two points over an IP based network impervious B. Transport encryption |
B. Transport encryption |
|
|
On Monday, all company employees report being unable to connect to the corporate wireless |
D. The Remote Authentication Dial-In User Service server certificate has expired. |
|
|
A recent audit has discovered that at the time of password expiration clients are able to recycle the |
A. Password age, D. Password history |
|
|
A system administrator is configuring UNIX accounts to authenticate against an external server. The configuration file asks for the following information DC=ServerName and DC=COM. Which of the following authentication services is being used? |
D. LDAP |
|
|
In Kerberos, the Ticket Granting Ticket (TGT) is used for which of the following?
|
C. Authentication |
|
|
Which of the following network design elements allows for many internal devices to share one
|
B. PAT |
|
|
Which of the following components of an all-in-one security appliance would MOST likely be |
B. URL filter |
|
|
When considering a vendor-specific vulnerability in critical industrial control systems which of the |
B. Incorporating diversity into redundant design |
|
|
During the information gathering stage of a deploying role-based access control model, which of |
B. Matrix of job titles with required access privileges |
|
|
A security technician is attempting to improve the overall security posture of an internal mail |
B. Disabling unnecessary services |
|
|
During the analysis of a PCAP file, a security analyst noticed several communications with a |
B. DNS |
