Column A
You have just purchased a new network device and are getting ready to connect it to your network. Which of the following actions should you take to increase its security? (Two Answers)
Change default account passwords.
and
Apply all patches and updates.
You need to increase the security of your Linux system by finding and closing open ports. Which of the following commands should you use to locate open ports?
nmap
Which action would you use in a rule to disallow a connection silently?
Drop
To transfer files to your company's internal network from home, you use FTP. The administrator has recently implemented a firewall at the network perimeter and disabled as many ports as possible.
Now, you can no longer make the FTP connection. You suspect the firewall is causing the issue. Which ports need to remain open so you can still transfer the files? (Two Answers)
20 and 21
Which command would you use to list all of the currently defined iptables rules?
sudo iptables -L
What should you consider security baselines?
Dynamic Static
You have hired 10 new temporary workers who will be with the company for three months. You want to make sure that the user accounts cannot be used for login after that time period. What should you do?
Configure account expiration in the user accounts.
What county is Kemp ISD in?
Kaufman County
You want to give all managers the ability to view and edit a certain file. To do so, you need to edit the discretionary access control list (DACL) associated with the file. You want to be able to easily add and remove
managers as their job positions change. What is the BEST way to accomplish this?
Create a security group for the managers. Add all users as members of the group. Add the group to the file's DACL.
Week after next
Which of the following is defined as an operating system that comes hardened and validated to a specific security level as defined in the Common Criteria for Information Technology Security Evaluation (CC)?
TOS
To increase security on your company's internal network, the administrator has disabled as many ports as possible. However, now you can browse the internet, but you are unable to perform secure credit card transactions. Which port needs to be enabled to allow secure transactions?
443
You have a file server named Srv3 that holds files used by the development department. You want to allow users to access the files over the network and control access to files accessed through the network or through a local logon. Which solution should you implement?
NTFS and share permissions
You have recently been hired as the new network administrator for a startup company. The company's network was implemented prior to your arrival. One of the first tasks you need to complete in your new position is to develop a manageable network plan for the network. You have already completed the first and second milestones, in which documentation procedures were identified
and the network was mapped. You are now working on the third milestone, which is identifying ways to protect the network. Which tasks should you complete as a part of this milestone? (Two Answers)
Identify and document each user on the network.
and
Physically secure high-value systems.
Windows Server Update Services (WSUS) is used to accomplish which part of a manageable network?
Patch management
What is Kemp ISD Mascot
Yellowjackets
As you go through the process of making your network more manageable, you discover that employees in the sales department are on the same network segment as the human resources department. Which of the following steps can be used to isolate these departments?
Create a separate VLAN for each department.
For Milestone 4 (Reach Your Network), which of the following would be considered a secure protocol to use to reach your network?
SSH
In which milestone should you use a network scanner and then confirm the scan manually with a room-by-room walkthrough?
Map Your Network
You want to close all ports associated with NetBIOS on your network's firewalls to prevent attacks directed against NetBIOS. Which ports should you close?
135, 137-139
What Color are my classroom lockers?
Orange
You have placed a File Transfer Protocol (FTP) server in your DMZ behind your firewall. The FTP server is to be used to distribute software updates and demonstration versions of your products. However, users report that they are unable to access the FTP server. What should you do to enable access?
Open ports 20 and 21 for inbound and outbound connections.
Which of the following actions should you take to reduce the attack surface of a server?
Disable unused services.
If Mark has a read-write permission to the share \\fileserver\securefiles and a read-only permission to the file coolstuff.docx on the NTFS file system shared by the file share, he is able to perform which action?
Read the file.
What do you have to do to borrow one of my chargers?
Leave one shoe behind!