Network Security
Compliance and Operational Security
Threats and Vulnerabilities
Application, Data, Cryptography and Host Security
Access Control and Identity Management
100
A security administrator has configured FTP in passive mode. Which of the following ports should the security administrator allow on the firewall by default? A. 20 B. 21 C. 22 D. 23
B. 21
100
A company that purchased an HVAC system for the datacenter is MOST concerned with which of the following? A. Availability B. Integrity C. Confidentiality D. Fire suppression
A. Availability
100
Several bins are located throughout a building for secure disposal of sensitive information. Which of the following does this prevent? A. Dumpster diving B. War driving C. Tailgating D. War chalking
A. Dumpster diving
100
Which of the following can be used to mitigate risk if a mobile device is lost? A. Cable lock B. Transport encryption C. Voice encryption D. Strong passwords
D. Strong passwords
100
Which of the following presents the STRONGEST access control? A. MAC B. TACACS C. DAC D. RBAC
A. MAC
200
Jane, a security administrator, has observed repeated attempts to break into a server. Which of the following is designed to stop an intrusion on a specific server? A. HIPS B. NIDS C. HIDS D. NIPS
A. HIPS
200
Which of the following security concepts would Sara, the security administrator, use to mitigate the risk of data loss? A. Record time offset B. Clean desk policy C. Cloud computing D. Routine log review
B. Clean desk policy
200
The network-based vulnerability assessment is a type of test also referred to as
What is an active vulnerability assessment? A network-based vulnerability assessment tool/system either re-enacts system attacks, noting and recording responses to the attacks, or probes different targets to infer weaknesses from their responses.
200
Certificates are used for (select two): A. Client authentication B. WEP encryption C. Access Control lists D. Code Signing E. Password hashing
Client authentication and Code signing (A and C)
200
A security administrator wants to check user password complexity. Which of the following is the BEST tool to use? A. Password History B. Password Logging C. Password Cracker D.Password Hashing
C. Password Cracker
300
Which of the following protocols is used to authenticate the client and server’s digital certificate? A. PEAP B. DNS C. TLS D. ICMP
C. TLS
300
Which of the following concepts is BEST described as developing a new chain of command in the event of a contingency? A. Business continuity planning B. Continuity of operations C. Business impact analysis D. Succession planning
D. Succession planning
300
Users at a company report that a popular news website keeps taking them to a web page with derogatory content. This is an example of which of the following? A. Evil twin B. DNS poisoning C. Vishing D. Session hijacking
B. DNS poisoning
300
Which of the following is a hardware based encryption device? A. EFS B. TrueCrypt C. TPM D. SLE
C. TPM
300
A security technician is working with the network firewall team to implement access controls at the company’s demarc as part of the initiation of configuration management processes. One of the network technicians asks the security technician to explain the access control type found in a firewall. With which of the following should the security technician respond? A. Rule based access control B. Role based access control C. Discretionary access control D. Mandatory access control
A. Rule based access control
400
Matt, the IT Manager, wants to create a new network available to virtual servers on the same hypervisor, and does not want this network to be routable to the firewall. How could this BEST be accomplished? A. Create a VLAN without a default gateway. B. Remove the network from the routing table. C. Create a virtual switch. D. Commission a stand¬alone switch.
C. Create a virtual switch.
400
Which of the following security strategies allows a company to limit damage to internal systems and provides loss control? A. Restoration and recovery strategies B Deterrent strategies C. Containment strategies D. Detection strategies
C. Containment strategies
400
Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide? A. No competition with the company’s official social presence B. Protection against malware introduced by banner ads C. Increased user productivity based upon fewer distractions D. Elimination of risks caused by unauthorized P2P file sharing
B. Protection against malware introduced by banner ads
400
Which of the following is an application security coding problem? A. Error and exception handling B. Patch management C. Application hardening D. Application fuzzing
A. Error and exception handling
400
Jane, a security administrator, has been tasked with explaining authentication services to the company’s management team. The company runs an active directory infrastructure. Which of the following solutions BEST relates to the host authentication protocol within the company’s environment? A. Kerberos B. Least privilege C. TACACS+ D. LDAP
A. Kerberos
500
Which of the following should the security administrator implement to limit web traffic based on country of origin? (Select THREE). A. Spam filter B. Load balancer C. Antivirus D. Proxies E. Firewall F. NIDS G. URL filtering
D. Proxies E. Firewall G. URL Filtering
500
Which of the following defines a business goal for system restoration and acceptable data loss? A. MTTR B. MTBF C. RPO D. Warm site
C. RPO
500
Which of the following application attacks is used to gain access to SEH? A. Cookie stealing B. Buffer overflow C. Directory traversal D. XML injection
B. Buffer overflow
500
In regards to secure coding practices, why is input validation important? A. It mitigates buffer overflow attacks. B. It makes the code more readable. C. It provides an application configuration baseline. D. It meets gray box testing standards.
A. It mitigates buffer overflow attacks.
500
Which of the following firewall rules only denies DNS zone transfers? A. deny udp any any port 53 B. deny ip any any C. deny tcp any any port 53 D. deny all dns packets
C. deny tcp any any port 53