Question | Answer |
What's the protocol for port number 20/21? | File Transfer (FTP) |
What's the protocol for port number 22? | Secure Shell (SSH) |
What's the protocol for port number 23? | Telnet |
What's the protocol for port number 25? | Simple Mail Transfer Protocol (SMTP) |
What's the protocol for port number 53? | Domain Name System (DNS) |
What's the protocol for port number 67/68? | Dynamic Host Configuration Protocol (DHCP) |
What's the protocol for port number 69? | Trivial File Transfer Protocol (TFTP) |
What's the protocol for port number 80? | HyperText Transfer Protocol (HTTP) |
What's the protocol for port number 110? | Post Office Protocol (POP) |
What's the protocol for port number 123? | Network Time Protocol (NTP) |
What's the protocol for port number 137,138,139? | NetBios |
What's the protocol for port number 143? | Internet Message Access Protocol (IMAP) |
What's the protocol for port number 161,162? | Simple Network Management Protocol (SNMP) |
When verifying file integrity on a remote system that is bandwidth limited, which of the following tool combinations provides the STRONGEST confidence? | MD5 and SHA-1 |
Which of the following would MOST likely belong in the DMZ? | Web servers & SMTP gateways |
When integrating source material from an open source project into a highly secure environment, which of the following precautions should prevent hidden threats? | Code review |
Which of the following is used by Matt, a security administrator, to lower the risks associated with electrostatic discharge, corrosion, and thermal breakdown? | Temperature and humidity controls |
An administrator values transport security strength above network speed when implementing an SSL VPN. Which of the following encryption ciphers would BEST meet their needs? | AES128 |
Which of the following would verify that a threat does exist and security controls can easily be bypassed without actively testing an application? | Vulnerability scan |
A perimeter survey finds that the wireless network within a facility is easily reachable outside of the physical perimeter. Which of the following should be adjusted to mitigate this risk? | Power level controls |
The security administrator has scanned every workstation and is documenting which applications are out-of-date and could be exploited. The security administrator is determining the: | Attack surface. |
In the Windows world, what tool is used to disable a port? | Windows Firewall |
If you don't know the MAC address of a Windows-based machine, what command-line utility can you use to ascertain it? | ipconfig |
Which of the following is another, more common, name for EAPOL? | 802.1X |
Which of the following policies could be implemented to help prevent users from displaying their login credentials in open view for everyone to see? | Clean desk |
Jane, a security administrator, wants to harden the web server. Which of the following could she perform to accomplish this task? | Disable unnecessary services |
The administrator would like to implement hardware assisted full disk encryption on laptops. Which of the following would MOST likely be used to meet this goal? | TPM |
Which of the following is designed to ensure high availability of web based applications? | Load balancers |
A customer has provided an email address and password to a website as part of the login process. Which of the following BEST describes the email address? | Identification |
Chief Information Security Officer (CISO) does not allow personally owned devices into the company facilities. Which of the following represents how the CISO should respond? | Company A views personally owned devices as creating an unacceptable risk to the organizational IT systems. |
It staff member asks an individual to see their badge and the individual refused and ran off into the datacenter. Which of the following should the IT staff member do NEXT? | Contact the onsite physical security team with a description of the individual |
A recent computer breach has resulted in the incident response team needing to perform a forensics examination. Upon examination, the forensics examiner determines that they cannot tell which captured hard drive was from the device in question. | Evidence labeling |
Which of the following digital certificate management practices will ensure that a lost certificate is not compromised? | CRL |
Which of the following protocols provides fast, unreliable file transfer? | TFTP |
Which of the following must a security administrator implement to isolate public facing servers from both the corporate network and the Internet? | DMZ |
Power and data cables from the network center travel through the building's boiler room. Which of the following should be used to prevent data emanation? | EMI shielding |