Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
PT3
Practice Test 3
| Question | Answer |
|---|---|
| You're responsible for network protocols. The network time protocol has been failing periodically. What is the most affected? | Kerberos |
| Janet has to deploy and support a legacy application where the configuration for this application and the OS are very specific and cannot be changed. Of the following options, which is the best approach to deploy this software? A. Use an immutable server B. Use a VM C. Set permissions on the application so it cannot be changed D. Place the application on a separate VLAN | A. Use an immutable server |
| Larry is responsible for NIDS/NIPS in his company and has configured a new NIPS solution. What part of this device collects data? A. Sensor B. Data source C. Manager D. Analyzer | A. Sensor |
| James is sending an email to Bob. To ensure confidentially James needs to send the email in an encrypted format using PKI. What will James use to encrypt the email so Bob can decrypt it? A. James' public key B. Bob's public key C. Bob's private key D. James' private key | B. Bob's public key |
| Your employer is planning to place wireless devices at the entrance of their retail locations. The devices will use WiFi to connect to the store’s wireless network and use beams of light to detect when someone enters through the entrance. Other than WiFi, what type of wireless communication is being used? A. NFC B. Bluetooth C. Infrared D. 802.11 | C. Infrared |
| Choose the primary difference between an intrusive and a nonintrusive vulnerability scan: A. An intrusive scan is a penetration test B. A nonintrusive scan is just a document check C. An intrusive scan could potentially disrupt operations D. A nonintrusive scan will not find most vulnerabilities | C. An intrusive scan could potentially disrupt operations |
| You have been tasked with finding a standard for your company in order to implement consistent information security management systems. You’re looking for a standard that is international. Which of the following is the best option? A. ISO 27002 B. ISO 27017 C. NIST 800-12 D. NIST 800-14 | A. ISO 27002 |
| A junior security professional on your team is trying to export a public certificate and share it with a colleague outside of the IT department. They ask you if they should use a CER or PFX format. Which format should be used? A. PFX B. Neither are acceptable C. Both are acceptable D. CER | D. CER |
| Your wireless network has been breached and it seems as though the attacker has modified a portion of your data that is used with a stream cipher. This was used to expose wirelessly-encrypted data. What type of attack is this? A. Evil twin B. Rogue WAP C. IV attack D. WPS attack | C. IV attack IV attacks are used with stream ciphers. Nothing in this points to a rogue/evil twin and WPS uses a PIN to connect to a WAP. |
| An IV attack can be associated with which of the following? A. WEP B. WAP C. WPA D. WPA2 | A. WEP |
| Josh manages network security at his company and has noticed that NTP is not working correctly. What security protocol will be affected by this? A. Radius B. DNSSEC C. IPSec D. Kerberos | D. Kerberos |
| You’re responsible for network protocols. The network time protocol has been failing periodically. What is the most affected? A. Kerberos B. RADIUS C. CHAP D. LDAP | A. Kerberos |
| Which of the following options is a functionality or tool that disallows access to a wireless network based on the layer 2 address of the client device? A. ACL B. MAC address filtering C. WPA2 D. Split tunnel VPN | B. MAC address filtering |
| Laura is worried about an attacker getting information in regard to her company’s network resources. Which protocol should be implemented that would help mitigate this risk? A. LDAP B. TLS C. SNMP D. LDAPS | D. LDAPS |
| Frank is concerned about an attacker enumerating his entire network. What protocol could help mitigate this issue? A. HTTPS B. TLS C. IPSec D. LDAPS | D. LDAPS LDAPS mitigates the risk by securing the network directory. HTTPS secures web pages, TLS adds security if it’s applied to a directory protocol, and VPNs would not solve this issue. |
| Which method below was used as a native default for older versions of Microsoft Windows? A. PAP B. CHAP C. OAuth D. NTLM | D. NTLM |
| Grady is seeking access control methods that enforce authorization rules by the OS. Users cannot override authentication or access control policies. Which of the following best suits these needs? A. DAC B. MAC C. RBAC D. ABAC | MAC MAC (mandatory access control) best suits the requested needs by enforcing rules of the OS |
| Of the listed principles, which is not a part of password complexity? A. Using both uppercase and lowercase letters B. Minimum password length C. Using numbers D. Using symbols (such as $, *, &) | B. Minimum password length |
| Which of the following best describes what mobile content management (MCM) on a mobile device is used for? A. Limiting how much content can be stored on a device B. Limiting the type of content that can be accessed on the device C. Disabling the wireless network on the mobile device D. Digital signing of authorized content | B. Limiting the type of content that can be accessed on the device |
| Of the following, which is the correct term that is used to describe a virus that can infect both the program files and the boot sectors? A. Polymorphic B. Multipartite C. Stealth D. Multiple encrypting | B. Multipartite |
| Amy found netcat installed on an employee’s computer, but the employee isn’t authorized to have netcat. What security concern is presented by this utility? A. It is a password cracker B. It is a packet sniffer C. It is a network communication utility D. It is a DoS tool | C. It is a network communication utility |
| Wayne works for a large law firm and manages network security. It’s common for guests who come to the law firm to need to connect to the WiFi. He wishes to ensure that he provides maximum security when these guests connect using their own devices, but also seeks to provide assurance to the guests that his company will have minimal impact on their devices. What is the best solution? A. Permanent NAC agent B. Agentless NAC C. Dissolvable NAC agent D. Implement COPE | C. Dissolvable NAC agent |
| Lori is concerned about DHCP starvation attacks, especially since learning that anyone can download a software called a “gobbler” and use it to execute a DHCP starvation attack. What technology would help mitigate this risk? A. Encrypt all DHCP communication with TLS B. FDE on the DHCP server C. Network Address Allocation D. IPSec for all DHCP communications | C. Network Address Allocation |
| Your employer has several thousand internal users all who need to access the internet on a daily basis to complete their work. What technology should be used to mask the internal IP addresses of these users and allow access to the internet through shared public IP addresses? A. NAT B. DNS C. DMZ D. Router | A. NAT Network Address Translation (NAT) allows many devices to share an IP when accessing another network |
| Your employer’s security policies state that all externally facing servers should only be accessible via ports that are absolutely required. Generally your company only has web servers that are accessible from outside the companies network. A recent security review showed that it was possible to ping several of these web servers. What protocol should be disabled using a firewall to ensure pings do not successfully contact the servers? A. SNMP B. TLS C. TCP D. ICMP | D. ICMP |
| You are currently employed by a social media website. You’re wanting to integrate users’ accounts with other resources from the web. In order to do so, you need to allow authentication to be used across different domains and while doing so, you mustn’t expose your users’ passwords to these services. Of the listed principles, which would be the most effective to accomplish this goal? A. Kerberos B. SAML C. OAuth D. OpenID | C. OAuth |
| Choose an example of PHI? A. Passport number B. Criminal record C. Fingerprints D. Name of school attended | C. Fingerprints |
| Jamie is worried some users on her network could be accessing some files they don’t have a reason to view, such as files not required for their job. Which of the following would best determine if this is happening? A. Usage audit and review B. Permissions auditing and review C. Account maintenance D. Policy review | A. Usage audit and review |
| Which listed technique attempts to predict the likelihood of a threat occurrence and assigns monetary values in the event of a loss? A. Change management B. Vulnerability management C. Qualitative risk assessment D. Quantitative risk assessment | Quantitative risk assessment |
| Which of the following options is a protocol used to check if a certificate has been revoked? A. OCSP B. PKI C. CSR D. MD5 | A. OCSP |
| atthew is working to select an authentication method for his company that will support REST as well as many web-based and mobile clients. Which of the following would be the best choice? A. Shibboleth B. RADIUS C. OpenID Connect D. OAuth | C. OpenID Connect |
| Pat is working to allocate appropriate numbers of IP addresses for various subnets in the network for his company. What would be the proper CIDR notation for an IP v4 subnet with 72 nodes? A. /27 B. /29 C. /24 D. /26 | C. /24 |
| Kaye works for a large insurance company and manages their cybersecurity. She’s concerned about insiders and wants to be able to detect malicious activity but wants the detection process to be invisible to the attacker. What technology best fits these needs? A. Hybrid NIDS B. Out-of-band NIDS C. NIPS D. NNIDS | B. Out-of-band NIDS |
| Josh works for a company that has branch offices that connect back to the main office via a VPN. Josh recently noticed the key used on the VPN has been compromised. What should be done to ensure it isn’t compromised in the future? | Enable perfect forward secrecy at the main office and branch office ends of the VPN |
| In asymmetric encryption, what is used to decrypt a file that was encrypted using a private key? A. Private key B. Public key C. Message digest D. Ciphertext | |
| Which method below was used as a native default for older versions of Microsoft Windows? A. PAP B. CHAP C. OAuth D. NTLM | |
| When issuing a ticket, which of the following does Kerberos use? A. Authentication service B. Certificate authority C. Ticket-granting service D. Key distribution center | Key distribution center |
| Matthew is working to select an authentication method for his company that will support REST as well as many web-based and mobile clients. Which of the following would be the best choice? A. Shibboleth B. RADIUS C. OpenID Connect D. OAuth | OpenID Connect |
| Kevin is concerned about authentication and permissions (he is responsible for database security for his company). Which should be his first step? A. Implement minimum password length B. Implement password lockout C. Conduct a permissions audit D. Ensure least privileges | C. Conduct a permissions audit |
Created by:
bgray8