1.
Which of the following BEST describes the term war driving?
A. 
Driving from point to point with a laptop and an antenna to find unsecured wireless access points
B. 
Driving from point to point with a wireless scanner to read other users emails through the access point
C. 
Driving from point to point with a wireless network card and hijacking into unsecured wireless access points
D. 
Driving from point to point with a wireless scanner to use unsecured access points
2.
Which of the following statements BEST describes the implicit deny concept?
A. 
Blocks everything and only allows privileges based on job description
B. 
Blocks everything and only allows explicitly granted permissions
C. 
Blocks everything and only allows the minimal required privileges
D. 
Blocks everything and allows the maximum level of permissions
3.
When is the BEST time to update antivirus definitions?
A. 
At least once a week as part of the system maintenance
B. 
As the definitions become available from the vendor
C. 
When a new virus is discovered on the system
D. 
When an attack occurs on the network
4.
Why would a technician use a password cracker?
A. 
To look for weak passwords on the network
B. 
To change a users passwords when they leave the company
C. 
To enforce password complexity requirements
D. 
To change users passwords if they have forgotten them
5.
Users on a network report that they are receiving unsolicited emails from an email address that does not change. Which of the following steps should be taken to stop this from occurring?
A. 
Configure a rule in each users router and restart the router
B. 
Configure rules on the users host and restart the host
C. 
Install an anti-spam filter on the domain mail servers and filter the email address
D. 
Install an ACL on the firewall to block traffic from the sender and filter the IP address
6.
Which of the following is a true statement with regards to a NIDS?
A. 
A NIDS monitors and analyzes network traffic for possible intrusions
B. 
A NIDS is installed on the proxy server
C. 
A NIDS prevents certain types of traffic from entering a network
D. 
A NIDS is normally installed on the email server
7.
A technician suspects that a piece of malware is consuming too many CPU cycles and slowing down a system. Which of the following will help determine the amount of CPU cycles that are being consumed?
A. 
Install HIDS to determine the CPU usage
B. 
Run performance monitor to evaluate the CPU usage
C. 
Install malware scanning software
D. 
Use a protocol analyzer to find the cause of the traffic
8.
Which of the following are characteristics of a hash function? (Select TWO)
A. 
B. 
C. 
Ensures data can be easily decrypted
D. 
E. 
9.
Which of the following is the MOST secure alternative for administrative access to a router?
A. 
B. 
C. 
D. 
10.
Which of the following might an attacker resort to in order to recover discarded company documents?
A. 
B. 
C. 
D. 
11.
Which of the following creates a security buffer zone between two rooms?
A. 
B. 
C. 
D. 
12.
Which of the following tools would be used to review network traffic for clear text passwords?
A. 
B. 
C. 
D. 
13.
Kerberos uses which of the following trusted entities to issue tickets?
A. 
B. 
C. 
D. 
14.
Which of the following specifies a set of consistent requirements for a workstation or server?
A. 
B. 
C. 
D. 
15.
A companys website allows customers to search for a product and display the current price and quantity available of each product from the production database. Which of the following would invalidate an SQL injection attack launched from the lookup field at the web server level?
A. 
B. 
Buffer overflow protection
C. 
D. 
16.
Which of the following virtual machine components monitors and manages the various virtual instances?
A. 
B. 
C. 
D. 
17.
A smurf attack is an example of which of the following threats?
A. 
B. 
C. 
D. 
18.
Which of the following is the BEST tool for allowing users to go to approved business-related websites only?
A. 
B. 
C. 
D. 
19.
Which of the following is a security trait of a virtual machine?
A. 
Provides additional resources for testing
B. 
Provides real-time access to all system processes
C. 
Provides a read-only area for executing code
D. 
Provides a restricted environment for executing code
20.
An unauthorized user intercepted a users password and used this information to obtain the companys administrator password. The unauthorized user can use the administrators password to access sensitive information pertaining to client data. Which of the following is this an example of?
A. 
B. 
C. 
D. 
Network address translation
21.
Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. Which of the following mitigation techniques would address this concern? (Select TWO)
A. 
Disable the USB root hub within the OS
B. 
Install anti-virus software on the USB drives
C. 
Disable USB within the workstation BIOS
D. 
Apply the concept of least privilege to USB devices
E. 
Run spyware detection against all workstations
22.
An administrator has developed an OS install that will implement the tightest security controls possible. In order to quickly replicate these controls on all systems, which of the following should be established?
A. 
Take screen shots of the configuration options
B. 
Create an image from the OS install
C. 
Create a boot disk for the operating system
D. 
Implement OS hardening procedures
23.
After registering an email address on a website, a user starts receiving messages from unknown sources. The email account is new, and therefore the user is concerned. This type of message traffic is referred to as:
A. 
B. 
C. 
D. 
24.
A technician is testing the security of a new database application with a website front-end. The technician notices that when certain characters are input into the application it will crash the server. Which of the following does the technician need to do?
A. 
Utilize SSL on the website
B. 
C. 
D. 
25.
An administrator in a small office environment has implemented an IDS on the network perimeter to detect malicious traffic patterns. The administrator still has a concern about traffic inside the network originating between client workstations. Which of the following could be implemented?
A. 
B. 
C. 
D.