Your network is attacked by a self replicating program. What type of malware does this indicate?

(Spyware, Rootkit, watering hole attack, worm)

You need to ensure that devices that connect to the network have the operating system updates and current antivirus. Devices that do not should be automatically remediated.

What can you implement?

(VLAN, NAT, DMZ, NAC)

All computers in your company come with TPM installed. What type of data encryption most often use keys generated from TPM?

(File encryption, Database encryption,Full disk encryption)

What AAA solution will provide centralized authentication for a wireless system that integrate with a directory back end.

(TACACS+, LDAP, RADIUS, MsCHAPv2)

Which of the following must be intact for evidence to be admissible in court?

(Chain of custody, order of volatility, Legal hold, preservation)

What type of attack would be used to most quickly find password in the hashed password file?

(Brute force, Birthday, Rainbow table, Dictionary)

You need to configure a firewall between the internet and your perimeter network. There's a server that host your web applications that uses TLS. 

Which port do you need to configure for incoming and outgoing traffic?

(TCP 80, TCP 990, TCP 443, UDP 80)

A company is setting up a network for a research facility. This network must be as secure as possible to prevent data loss or compromise. Only research personnel should have access to this network and they won't need any other external resources.

What should you configure?

(Air gap, Extranet, VLAN, Screened subnet)

What would provide best defense from brute forcing an account.

(Account expiration, Account lockout, Password history, Password complexity)

A company wants to enhance a secondary data center. The main site is in a hurricane-affected area. Now the company wants to ensure that its business is always operational with the least amount of man hours needed. What to implement?

(Hot site, Cold site, Warm site, Cloud-based site)

Active reconnaissance can collect more detailed information than passive reconnaissance

(yes or No)

After a routine audit, a company finds that engineering documents have been leaving the network on particular port. Now they cannot block that port as it is needed. What should they implement?

(ACL, Webproxy, DLP, NAC)

A cloud service  that gives yo the most direct control over your environment. You are responsible for installing and maintaining the operating system ad other resources.

(PaaS,SaaS, IaaS)

What describes the maximum amount of time a mission essential function can operate without the systems it depends on before significantly impacting the organization?(MTTR, MTBF, RTO, RPO)

A security technician is configuring an access management system to track and record user actions. Which of the following functions should the technician

configure?

(Identification, Authorization, Authentication, Accounting)