Help
Options
Didn't know it?
click below
click below
Knew it?
click below
click below
Don't Know
Remaining cards (0)
Know
retry
shuffle
restart
0:00
Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.
Normal Size Small Size show me how
Normal Size Small Size show me how
NDE Mod 1&2
| Question | Answer |
|---|---|
| An administrator discovers that a user is accessing a newly established website that may be detrimental to company security. What action should the administrator take first in terms of the security policy? | Revise the AUP immediately and get all users to sign the updated AUP. |
| Which device in a layered defense-in-depth approach denies connections initiated from untrusted networks to internal networks, but allows internal users within an organization to connect to untrusted networks? | firewall |
| Which section of a security policy is used to specify that only authorized individuals should have access to enterprise data? | identification and authentication policy |
| What is the benefit of a defense-in-depth approach? | The effectiveness of other security measures is not impacted when a security mechanism fails. |
| In a defense-in-depth approach, which three options must be identified to effectively defend a network against attacks? (Choose three.) | threats to assets vulnerabilities in the system assets that need protection |
| Which device is usually the first line of defense in a layered defense-in-depth approach? | edge router |
| What three goals does a BYOD security policy accomplish? (Choose three.) | - describe the rights to access and activities permitted to security personnel on the device - identify safeguards to put in place if a device is compromised - identify which employees can bring their own devices |
| With the evolution of borderless networks, which vegetable is now used to describe a defense-in-depth approach? | artichoke |
| Which tool can be used to gather information about the different types of traffic that exist in a network? | protocol analyzer |
| What component of a security policy explicitly defines the type of traffic allowed on a network and what users are allowed and not allowed to do? | acceptable use policies |
| Mutual authentication can prevent which type of attack? | man-in-the-middle |
| A user has created a new program and wants to distribute it to everyone in the company. The user wants to ensure that when the program is downloaded that the program is not changed while in transit. | Create a hash of the program file that can be used to verify the integrity of the file after it is downloaded. |
| Which utility uses the Internet Control Messaging Protocol (ICMP)? | ping |
| Which technology can be used to protect VoIP against eavesdropping? | encrypted voice messages |
| A user is running a routine audit of the server hardware in the company data center. Several servers are using single drives to host operating systems and multiple types of attached storage solutions for storing data. | RAID |
| What two steps should be taken before connecting any IoT device to a home or business network? (Choose 2.) | Change all default administrator credentials. Update the device firmware with all relevant security patches. |
| What is the purpose of a DMZ? | It allows external hosts to access specific company servers while maintaining the security restrictions for the internal network. |
| Why is WPA2 better than WPA? | mandatory use of AES algorithms |
| Which service will resolve a specific web address into an IP address of the destination web server? | DNS |
| An administrator of a small data center wants a flexible, secure method of remotely connecting to servers.Which protocol would be best to use? | Secure Shell |
| A user was hired by a company to provide a highly available network infrastructure. The user wants to build redundancy into the network in case of a switch failure, but wants to prevent Layer 2 looping. What would the user implement in the network? | Spanning Tree Protocol |
| A company wants to implement biometric access to its data center. The company is concerned with people being able to circumvent the system by being falsely accepted as legitimate users. What type of error is false acceptance? | Type II |
| After a security audit for an organization, multiple accounts were found to have privileged access to systems and devices. Which three best practices for securing privileged accounts should be included in the audit report? (Choose three.) | Reduce the number of privileged accounts. Enforce the principle of least privilege Secure password storage. |
| Because of implemented security controls, a user can only access a server with FTP. Which AAA component accomplishes this? | authorization |
| An organization plans to implement security training to educate employees about security policies. What type of access control is the organization trying to implement? | administrative |
| A user has been asked to implement IPsec for inbound external connections. The user plans to use SHA-1 as part of the implementation. The user wants to ensure the integrity and authenticity of the connection. What security tool can the user use? | HMAC |
| What Windows utility should be used to configure password rules and account lockout policies on a system that is not part of a domain? | Local Security Policy tool |
| Which access control model assigns security privileges based on the position, responsibilities, or job classification of an individual or group within an organization? | role-based |
| When a security audit is performed at a company, the auditor reports that new users have access to network resources beyond their normal job roles. Additionally, users who move to different positions retain their prior permissions. What kind of violation | least privilege |
| Which three processes are examples of logical access controls? (Choose three. | biometrics to validate physical characteristics firewalls to monitor traffic intrusion detection system (IDS) to watch for suspicious network activity |
| Which type of access control applies the strictest access control and is commonly used in military or mission critical applications? | mandatory access control (MAC) |
| What is used to scan a BYOD device to verify that it is compliant with company security policies before the device is permitted to access the network? | NAC |
| Which component is a pillar of the zero trust security approach that focuses on the secure access of devices, such as servers, printers, and other endpoints, including devices attached to IoT? | workplace |
| What is the purpose of the network security accounting function? | to keep track of the actions of a user |
| Which AAA component can be established using token cards? | authentication |
| Match the type of multifactor authentication with the description. something you know something you have something you are | a password a security key a fingerprint scan |
Created by:
jxxnixx