Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
50 Cards in this Set
- Front
- Back
- 3rd side (hint)
|
Which of the following concepts describes the use of a one way transformation in order to validate the integrity of a program? |
A. Hashing |
A. Hashing B. Key escrow C. Non-repudiation D. Steganography |
|
|
A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN? |
A. WPA2 CCMP |
A. WPA2 CCMP B. WPA C. WPA with MAC filtering D. WPA2 TKIP |
|
|
Recent data loss on financial servers due to security breaches forced the system administrator to harden their systems. Which of the following algorithms with transport encryption would be implemented to provide the MOST secure web connections to manage and access these servers? |
B. TLS |
A. SSL B. TLS C. HTTP D. FTP |
|
|
Which of the following provides a static record of all certificates that are no longer valid? |
C. CRLS |
A. Private key B. Recovery agent C. CRLs D. CA |
|
|
A company requires that a user’s credentials include providing something they know and something they are in order to gain access to the network. Which of the following types of authentication is being described? |
D. Two-factor |
A. Biometrics C. Token D. Two-factor |
|
|
A company wants to ensure that all credentials for various systems are saved within a central database so that users only have to login once for access to all systems. Which of the following would accomplish this? |
D. Single Sign-On |
A. Multi-factor authentication B. Smart card access C. Same Sign-On D. Single Sign-On |
|
|
A server with the IP address of 10.10.2.4 has been having intermittent connection issues. The logs show repeated connection attempts from the following IP: |
C. DoS |
A. Xmas B. DDoS C. DoS D. XSS |
|
|
Physical documents must be incinerated after a set retention period is reached. Which of the following attacks does this action remediate? |
B. Dumpster Diving |
A. Shoulder Surfing B. Dumpster Diving C. Phishing D. Impersonation |
|
|
All executive officers have changed their monitor location so it cannot be easily viewed when passing by their offices. Which of the following attacks does this action remediate? |
C. Shoulder Surfing |
A. Dumpster Diving B. Impersonation C. Shoulder Surfing D. Whaling |
|
|
Which of the following protocols is vulnerable to man-in-the-middle attacks by NOT using end to end TLS encryption? |
C. WPA |
A. HTTPS B. WEP C. WPA D. WPA 2 |
|
|
A security administrator has been tasked with setting up a new internal wireless network that must use end to end TLS. Which of the following may be used to meet this objective? |
D. WPA 2 |
A. WPA B. HTTPS C. WEP D. WPA 2 |
|
|
After viewing wireless traffic, an attacker notices the following networks are being broadcasted by local access points: |
B. Evil twin C. Packet sniffing |
A. Blue snarfing B. Evil twin C. Packet sniffing D. War dialing E. Rogue access point |
|
|
A server administrator notes that a legacy application often stops running due to a memory error. When reviewing the debugging logs, they notice code being run calling an internal process to exploit the machine. Which of the following attacks does this describe? |
B. Buffer overflow |
B. Buffer overflow C. Cross site scripting D. Malicious add-on |
|
|
Key cards at a bank are not tied to individuals, but rather to organizational roles. After a break in, it becomes apparent that extra efforts must be taken to successfully pinpoint who exactly enters secure areas. Which of the following security measures can be put in place to mitigate the issue until a new key card system can be installed? |
B. Video surveillance |
A. Bollards B. Video surveillance C. Proximity readers D. Fencing |
|
|
After running into the data center with a vehicle, attackers were able to enter through the hole in the building and steal several key servers in the ensuing chaos. Which of the following security measures can be put in place to mitigate the issue from occurring in the future? |
D. Bollards |
A. Fencing B. Proximity readers C. Video surveillance D. Bollards |
|
|
Which of the following ciphers would be BEST used to encrypt streaming video? |
B. RC4 |
A. RSA B. RC4 C. SHA1 D. 3DES |
|
|
A CA is compromised and attacks start distributing maliciously signed software updates. Which of the following can be used to warn users about the malicious activity? |
D. Certificate revocation list |
A. Key escrow B. Private key verification C. Public key verification D. Certificate revocation list |
|
|
After encrypting all laptop hard drives, an executive officer’s laptop has trouble booting to the operating system. Now that it is successfully encrypted the helpdesk cannot retrieve the data. Which of the following can be used to decrypt the information for retrieval? |
A. Recovery agent |
A. Recovery agent B. Private key C. Trust models D. Public key |
|
|
Which of the following devices is MOST likely being used when processing the following? 1 PERMIT IP ANY ANY EQ 80 2 DENY IP ANY ANY |
A. Firewall |
A. Firewall B. NIPS C. Load balancer D. URL filter |
|
|
The security administrator at ABC company received the following log information from an external party: |
D. ABC company uses PAT. |
A. A NIDS was used in place of a NIPS. B. The log is not in UTC. C. The external party uses a firewall. D. ABC company uses PAT. |
|
|
A user attempting to log on to a workstation for the first time is prompted for the following information before being granted access: username, password, and a four-digit security pin that was mailed to him during account registration. This is an example of which of the following? |
C. Single factor authentication |
A. Dual-factor authentication B. Multifactor authentication C. Single factor authentication D. Biometric authentication |
|
|
The security administrator is implementing a malware storage system to archive all malware seen by the company into a central database. The malware must be categorized and stored based on similarities in the code. Which of the following should the security administrator use to identify similar malware? |
C. Fuzzy hashes |
A. TwoFish B. SHA-512 C. Fuzzy hashes D. HMAC |
|
|
The security administrator installed a newly generated SSL certificate onto the company web server. Due to a mis-configuration of the website, a downloadable file containing one of the pieces of the key was available to the public. It was verified that the disclosure did not require a reissue of the certificate. Which of the following was MOST likely compromised? |
B. The file containing the public key. |
A. The file containing the recovery agent’s keys. B. The file containing the public key. C. The file containing the private key. D. The file containing the server’s encrypted passwords. |
|
|
After analyzing and correlating activity from multiple sensors, the security administrator has determined that a group of very well organized individuals from an enemy country is responsible for various attempts to breach the company network, through the use of very sophisticated and targeted attacks. Which of the following is this an example of? |
B. Advanced persistent threat |
A. Privilege escalation B. Advanced persistent threat C. Malicious insider threat D. Spear phishing |
|
|
Which of the following was launched against a company based on the following IDS log? |
B. Buffer overflow attack |
A. SQL injection B. Buffer overflow attack C. XSS attack D. Online password crack |
|
|
The security administrator is analyzing a user’s history file on a Unix server to determine if the user was attempting to break out of a rootjail. Which of the following lines in the user’s history log shows evidence that the user attempted to escape the rootjail? |
A. cd ../../../../bin/bash |
A. cd ../../../../bin/bash B. whoami C. ls /root D. sudo -u root |
|
|
A software development company has hired a programmer to develop a plug-in module to an existing proprietary application. After completing the module, the developer needs to test the entire application to ensure that the module did not introduce new vulnerabilities. Which of the following is the developer performing when testing the application? |
C. Gray box testing |
A. Black box testing B. White box testing C. Gray box testing D. Design review |
|
|
A security administrator must implement all requirements in the following corporate policy: |
A. Account lockout D. Password complexity F. Minimum password length |
A. Account lockout B. Account expiration C. Screen locks D. Password complexity E. Minimum password lifetime F. Minimum password length |
|
|
Which of the following is a best practice for error and exception handling? |
A. Log detailed exception but display generic error message |
A. Log detailed exception but display generic error message B. Display detailed exception but log generic error message C. Log and display detailed error and exception messages D. Do not log or display error or exception messages |
|
|
A merchant acquirer has the need to store credit card numbers in a transactional database in a high performance environment. Which of the following BEST protects the credit card data? |
A. Database field encryption |
A. Database field encryption B. File-level encryption C. Data loss prevention system D. Full disk encryption |
|
|
A team of firewall administrators have access to a ‘master password list’ containing service account passwords. Which of the following BEST protects the master password list? |
A. File encryption |
A. File encryption B. Password hashing C. USB encryption D. Full disk encryption |
|
|
An SSL/TLS private key is installed on a corporate web proxy in order to inspect HTTPS requests. Which of the following describes how this private key should be stored so that it is protected from theft? |
C. Utilize a hardware security module |
A. Implement full disk encryption B. Store on encrypted removable media C. Utilize a hardware security module D. Store on web proxy file system |
|
|
An insurance company requires an account recovery process so that information created by an employee can be accessed after that employee is no longer with the firm. Which of the following is the BEST approach to implement this process? |
C. Authorized employees have the ability to reset passwords so that the data is accessible |
A. Employee is required to share their password with authorized staff prior to leaving the firm B. Passwords are stored in a reversible form so that they can be recovered when needed C. Authorized employees have the ability to reset passwords so that the data is accessible D. All employee data is exported and imported by the employee prior to them leaving the firm |
|
|
A small company has a website that provides online customer support. The company requires an account recovery process so that customers who forget their passwords can regain access. Which of the following is the BEST approach to implement this process? |
D. Web-based form that identifies customer by another mechanism, sets a temporary password and forces a password change upon first login. |
A. Replace passwords with hardware tokens which provide two-factor authentication to the online customer support site. B. Require the customer to physically come into the company’s main office so that the customer can be authenticated prior to their password being reset. C. Web-based form that identifies customer by another mechanism and then emails the customer their forgotten password. D. Web-based form that identifies customer by another mechanism, sets a temporary password and forces a password change upon first login. |
|
|
A bank has a fleet of aging payment terminals used by merchants for transactional processing. The terminals currently support single DES but require an upgrade in order to be compliant with security standards. Which of the following is likely to be the simplest upgrade to the aging terminals which will improve in-transit protection of transactional data? |
B. 3DES |
A. AES B. 3DES C. RC4 D. WPA2 |
|
|
A new MPLS network link has been established between a company and its business partner. The link provides logical isolation in order to prevent access from other business partners. Which of the following should be applied in order to achieve confidentiality and integrity of all data across the link? |
C. IPSec VPN tunnels on top of the MPLS link. |
A. MPLS should be run in IPVPN mode. B. SSL/TLS for all application flows. C. IPSec VPN tunnels on top of the MPLS link. D. HTTPS and SSH for all application flows. |
|
|
Which of the following authentication services should be replaced with a more secure alternative? |
B. TACACS |
A. RADIUS B. TACACS C. TACACS+ D. XTACACS |
|
|
A financial company requires a new private network link with a business partner to cater for realtime and batched data flows. Which of the following activities should be performed by the IT security staff member prior to establishing the link? |
B. Design review |
A. Baseline reporting B. Design review C. Code review D. SLA reporting |
|
|
A customer has provided an email address and password to a website as part of the login process. Which of the following BEST describes the email address? |
A. Identification |
A. Identification B. Authorization C. Access control D. Authentication |
|
|
Which of the following is designed to ensure high availability of web based applications? |
B. Load balancers |
A. Proxies B. Load balancers C. URL filtering D. Routers |
|
|
After a number of highly publicized and embarrassing customer data leaks as a result of social engineering attacks by phone, the Chief Information Officer (CIO) has decided user training will reduce the risk of another data leak. Which of the following would be MOST effective in reducing data leaks in this situation? |
A. Information Security Awareness |
A. Information Security Awareness B. Social Media and BYOD C. Data Handling and Disposal D. Acceptable Use of IT Systems |
|
|
Human Resources (HR) would like executives to undergo only two specific security training programs a year. Which of the following provides the BEST level of security training for the executives? (Select TWO). |
D. Phishing threats and attacks F. Information security awareness |
A. Acceptable use of social media B. Data handling and disposal C. Zero day exploits and viruses D. Phishing threats and attacks E. Clean desk and BYOD F. Information security awareness |
|
|
Which of the following provides data the best fault tolerance at the LOWEST cost? |
D. RAID 6 |
A. Load balancing B. Clustering C. Server virtualization D. RAID 6 |
|
|
The librarian wants to secure the public Internet kiosk PCs at the back of the library. Which of the following would be the MOST appropriate? (Select TWO). |
B. Antivirus D. Cable locks |
A. Device encryption B. Antivirus C. Privacy screen D. Cable locks E. Remote wipe |
|
|
Which of the following functions provides an output which cannot be reversed and converts data into a string of characters? |
A. Hashing |
A. Hashing B. Stream ciphers C. Steganography D. Block ciphers |
|
|
Which of the following encrypts data a single bit at a time? |
A. Stream cipher |
A. Stream cipher B. Steganography C. 3DES D. Hashing |
|
|
A system administrator wants to enable WPA2 CCMP. Which of the following is the only encryption used? |
D. AES |
A. RC4 B. DES C. 3DES D. AES |
|
|
Which of the following is used to verify data integrity? |
A. SHA |
A. SHA B. 3DES C. AES D. RSA |
|
|
Two programmers write a new secure application for the human resources department to store personal identifiable information. The programmers make the application available to themselves using an uncommon port along with an ID and password only they know. This is an example of which of the following? |
D. Backdoor |
A. Root Kit B. Spyware C. Logic Bomb D. Backdoor |
|
|
Everyone in the accounting department has the ability to print and sign checks. Internal audit has asked that only one group of employees may print checks while only two other employees may sign the checks. Which of the following concepts would enforce this process? |
A. Separation of Duties |
A. Separation of Duties B. Mandatory Vacations C. Discretionary Access Control D. Job Rotation |
