CompTIA Security+ Part 3

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Semarley
S
Semarley
Community Contributor
Quizzes Created: 4 | Total Attempts: 1,820
| Attempts: 327 | Questions: 100
Please wait...
Question 1 / 100
0 %
0/100
Score 0/100
1. Which of the following will execute malicious code at a pre-specified time?

Explanation

A logic bomb is a type of malicious code that is programmed to execute at a specific time or when certain conditions are met. It is often hidden within legitimate software or systems and remains dormant until the trigger event occurs. Once activated, it can cause significant damage by deleting files, corrupting data, or disrupting system operations. Unlike a Denial of Service (DoS) attack, which aims to overwhelm a system with excessive traffic, a logic bomb is specifically designed to carry out a targeted attack at a predetermined time. It is distinct from a worm or rootkit, which have different methods and objectives.

Submit
Please wait...
About This Quiz
Security Plus Quizzes & Trivia

This CompTIA Security+ part 3 quiz assesses knowledge on handling security risks and implementing protective measures in IT environments. Topics include risk management, malware protection, and network security,... see morecrucial for professionals aiming to enhance their cybersecurity skills. see less

2. Which of the following exploits is only triggered by specific date or time key?

Explanation

A logic bomb is a type of malicious code that is triggered by a specific date or time key. It is designed to execute a set of instructions or actions when that specific date or time is reached. Unlike other types of malware such as trojans, worms, and botnets, which can be triggered by various events or actions, a logic bomb is specifically programmed to activate at a predetermined date or time. This makes it a powerful tool for cybercriminals to cause damage or disrupt systems at a specific moment.

Submit
3. A number of unauthorized staff have been entering the data center by piggybacking authorized staff.  The CIO has mandated that this behavior stops.  Which of the following is the BEST technology to install at the data center to prevent piggybacking?

Explanation

A mantrap is the best technology to install at the data center to prevent piggybacking. A mantrap is a physical access control system that consists of two interlocking doors. Only one door can be open at a time, and individuals must be authenticated and verified before being allowed to enter the data center. This prevents unauthorized staff from entering the data center by piggybacking on authorized staff, as each individual must be verified separately before gaining access. Security badges, hardware locks, and token access may provide some level of security, but they do not offer the same level of protection against piggybacking as a mantrap.

Submit
4. Which of the following would a password cracker help an administrator to find?

Explanation

A password cracker is a tool used to test the strength of passwords by attempting to guess or crack them. It uses various techniques such as brute force, dictionary attacks, and rainbow tables to find weak passwords. By identifying weak passwords, an administrator can take necessary actions to strengthen the security of the system, such as enforcing password complexity rules or prompting users to change their passwords.

Submit
5. Which of the following usually applies specifically to a web browser?

Explanation

A pop-up blocker is a feature that is typically found in web browsers. It is designed to prevent unwanted pop-up windows from appearing while browsing the internet. Pop-up windows often contain advertisements or other unwanted content, and can be disruptive to the user experience. By blocking these pop-ups, web browsers help to enhance the browsing experience by reducing distractions and potential security risks.

Submit
6. A user wants to implement very tight security controls for technicians that seek to enter the users dat center.  Which of the following solutions offers the BEST security controls?

Explanation

Biometric reader and smartcard offer the best security controls because they provide a combination of something the technician has (smartcard) and something the technician is (biometric data). This ensures that only authorized individuals with both the correct smartcard and biometric data can access the data center, making it a highly secure solution. Combination locks and key locks can be easily bypassed or keys can be lost/stolen. Smartcard and proximity reader also provide good security, but biometric data adds an extra layer of authentication. Magnetic lock and pin can be vulnerable to PIN theft or unauthorized access.

Submit
7. A manufacturing corporation has decided to send a highly sensitive message to one of their suppliers.  The message is concealed inside a JPEG image of a beach resort.  Which of the following is this an example of?

Explanation

This is an example of steganography, which is the practice of concealing a message or information within another medium, such as an image, audio file, or video. In this case, the highly sensitive message is hidden inside a JPEG image of a beach resort, making it difficult for anyone to detect or access the hidden message without the knowledge of the method used for concealment. Steganography is often used for covert communication or to protect sensitive information from being intercepted.

Submit
8. Which of the following physical threats is prevented with mantraps?

Explanation

Mantraps are physical security devices that are designed to prevent unauthorized access to a secure area. They typically consist of a small enclosed space with two or more doors that can only be opened one at a time. The purpose of a mantrap is to ensure that only one person can enter the secure area at a time, preventing piggybacking, which is when an unauthorized person follows closely behind an authorized person to gain access. Therefore, mantraps are specifically used to prevent piggybacking.

Submit
9. Which of the following BEST applies in the secure disposal of computers?

Explanation

The correct answer is "Computer media must be sanitized." This means that when disposing of computers, it is important to ensure that all data stored on the computer's media (such as hard drives or solid-state drives) is properly erased or destroyed to prevent unauthorized access to sensitive information. Sanitizing the media involves using methods such as data wiping or physical destruction to ensure that the data cannot be recovered. This is an essential step in maintaining the security and privacy of the information stored on the computer.

Submit
10. The service provided by message authentication code (MAC) hash is:

Explanation

The service provided by message authentication code (MAC) hash is integrity. MAC hash ensures that the data has not been tampered with or altered during transmission. It verifies the authenticity and integrity of the message by generating a unique hash value based on the message and a secret key. This hash value is then compared at the receiving end to ensure that the message has not been modified in transit.

Submit
11. A user is going to dispose of some old hard drives.  Which of the following should the user do to the drives before disposing of them?

Explanation

To ensure the data on the old hard drives is completely and securely erased before disposing of them, the user should use a certified wipe program. This program will overwrite the data on the drives multiple times, making it extremely difficult for anyone to recover the information. Reformatting the hard drives once may not completely erase the data and can still be recovered. Installing antivirus or running anti-spyware on the drives is not necessary for data erasure.

Submit
12. Which of the following is a mechanism that prevents electromagnetic emanations from being captured?

Explanation

A Faraday cage is a mechanism that prevents electromagnetic emanations from being captured. It is a shielded enclosure made of conductive material that blocks external electromagnetic fields from entering or escaping. The conductive material absorbs and redirects the electromagnetic energy, effectively isolating the contents inside the cage from external electromagnetic interference. This makes it an effective solution for protecting sensitive electronic equipment or preventing unauthorized access to electromagnetic signals. Installing a repeater, using an uninterruptible power supply (UPS), or disabling SSID broadcast do not provide the same level of protection against electromagnetic emanations as a Faraday cage.

Submit
13. Which of the following is a cryptographic representation of non-repudiation?

Explanation

A digital signature is a cryptographic representation of non-repudiation because it provides a way to verify the authenticity and integrity of a digital document or message. It is created using the private key of the sender and can be verified using the corresponding public key. This ensures that the sender cannot deny their involvement in creating or sending the message, providing non-repudiation.

Submit
14. Which of the following concepts, requires users and system processes to be assigned minimum levels of permissions to carry out the assigned task?

Explanation

Least privilege is the concept that requires users and system processes to be assigned minimum levels of permissions to carry out the assigned task. This means that users and processes are only given the necessary permissions to perform their specific tasks and nothing more. By implementing least privilege, organizations can minimize the potential damage that can be caused by unauthorized access or misuse of privileges. It helps to reduce the attack surface and limit the potential impact of security breaches.

Submit
15. Which of the following reduces the effectiveness of telephone social engineering?

Explanation

Awareness training reduces the effectiveness of telephone social engineering by educating individuals about the tactics and techniques used by social engineers. This training helps individuals recognize and respond appropriately to suspicious or manipulative phone calls, thereby minimizing the chances of falling victim to social engineering attacks. By increasing awareness and knowledge about social engineering, individuals are better equipped to identify and protect themselves against these types of attacks, making telephone social engineering less effective.

Submit
16. Which of the following allows for a secure connection to be made through a web browser?

Explanation

SSL (Secure Sockets Layer) allows for a secure connection to be made through a web browser. It provides encryption and authentication to ensure that the data transmitted between the web browser and the server is secure and cannot be intercepted or tampered with by unauthorized parties. SSL is commonly used for secure online transactions, such as e-commerce websites, online banking, and secure login pages. It is indicated by a padlock symbol in the web browser's address bar, indicating that the connection is encrypted and secure.

Submit
17. Which of the following is the quickest method to create a secure test server for a programmer?

Explanation

Creating a virtual server on existing equipment is the quickest method to create a secure test server for a programmer. This is because it eliminates the need to acquire new equipment and allows for the efficient utilization of existing resources. By creating a virtual server, the programmer can isolate and test their applications without affecting the production environment. Additionally, virtual servers offer enhanced security features such as isolation, snapshotting, and the ability to easily revert to previous states, making them an ideal choice for creating secure test environments.

Submit
18. After a system risk assessment was performed it was found that the cost to mitigate the risk was higher than the expected loss if the risk was actualized.  In this instance, which of the following is the BEST course of action?

Explanation

Accepting the risk is the best course of action in this scenario because the cost to mitigate the risk is higher than the expected loss if the risk actually occurs. This means that it would be more cost-effective to accept the risk and deal with any potential losses if they occur, rather than spending more money on trying to mitigate the risk. Running a new risk assessment may not be necessary since the current assessment has already determined that accepting the risk is the best option. Rejecting the risk would not be advisable as it would involve incurring unnecessary costs to mitigate the risk.

Submit
19. Which of the following practices should be implemented to harden workstations and servers?

Explanation

Installing only needed software is a recommended practice to harden workstations and servers. By installing only necessary software, the attack surface is reduced, minimizing the potential vulnerabilities that could be exploited by malicious actors. Unnecessary software increases the potential attack vectors and can introduce security risks. Therefore, installing only needed software helps to enhance the security posture of workstations and servers.

Submit
20. An administrator notices that a PC is sending an unusual amount of email at odd times of the day.  Which of the following should the administrator check for FIRST?

Explanation

The administrator should check for an SMTP open relay as the first step. An SMTP open relay is a misconfigured mail server that allows unauthorized users to send emails through it. This can result in an unusual amount of email being sent from the PC at odd times. By checking for an open relay, the administrator can determine if the PC is being used as a relay for spam or malicious activity.

Submit
21. When is the best time to discuss the appropriate use of electronic devices with a new employee?

Explanation

The best time to discuss the appropriate use of electronic devices with a new employee is at the time of hire. This is because it is important to establish clear expectations and guidelines regarding the use of electronic devices from the very beginning of the employment relationship. By addressing this topic at the time of hire, the employer can ensure that the new employee understands the company's policies and can start their employment with a clear understanding of what is expected of them in terms of using electronic devices.

Submit
22. Which of the following is the MOST intrusive on a network?

Explanation

Penetration testing is the most intrusive on a network because it involves actively attempting to exploit vulnerabilities and gain unauthorized access to the network. This process often includes simulating real-world attacks to identify weaknesses in the network's defenses. In contrast, protocol analyzers, port scanners, and vulnerability testing are less intrusive as they focus on analyzing network traffic, scanning for open ports, and identifying potential vulnerabilities respectively, without actively attempting to breach the network's security.

Submit
23. Which of the following is a risk associated with a virtual server?

Explanation

If the physical server crashes, all of the local virtual servers go offline immediately. This is a risk associated with a virtual server because virtual servers rely on the physical server to function. If the physical server fails, it will result in the loss of access to all the virtual servers hosted on it. This can lead to significant downtime and disruption of services for users relying on those virtual servers.

Submit
24. Which of the following is a security benefit of mandatory vacations?

Explanation

Mandatory vacations can help in detecting fraud because when an employee is forced to take time off, it allows other employees or auditors to step in and perform their duties temporarily. This temporary replacement can uncover any irregularities or fraudulent activities that may have been hidden while the employee was present. By ensuring that all employees take vacations, it becomes more difficult for individuals to consistently engage in fraudulent behavior without being caught.

Submit
25. Which of the following is a collection of fixes for an application or operating system that has been tested by the vendor?

Explanation

A service pack is a collection of fixes for an application or operating system that has been tested by the vendor. It typically includes updates, enhancements, and patches to address security vulnerabilities, bugs, and performance issues. Service packs are released periodically and are designed to provide a comprehensive solution to known problems, ensuring that the software is up to date and stable. Unlike individual patches or hotfixes, service packs are more extensive and encompass a wider range of updates, making them a reliable and convenient solution for users.

Submit
26. An antivirus server keeps flagging an approved application that the marketing department has installed on their local computers as a threat.  This is an example of:

Explanation

This situation is an example of a false positive. A false positive occurs when a system or tool incorrectly identifies something as a threat or error when it is actually safe or correct. In this case, the antivirus server is mistakenly flagging an approved application as a threat, causing unnecessary concern for the marketing department.

Submit
27. An administrator is running a network monitoring application that looks for behaviors on the network outside the standard baseline that has been established.  This is typical of a(n):

Explanation

An anomaly-based tool is the correct answer because it is described as a network monitoring application that looks for behaviors on the network outside the standard baseline. Unlike signature-based tools that rely on known patterns or protocols analyzers that focus on examining network traffic, anomaly-based tools detect abnormal or unusual behavior on the network. These tools use machine learning algorithms or statistical analysis to establish a baseline of normal behavior and then identify any deviations from that baseline, which could indicate potential security threats or anomalies.

Submit
28. Which of the following describes the process of comparing cryptographic hash functions of system executables, configuration files, and log files?

Explanation

File integrity auditing is the process of comparing cryptographic hash functions of system executables, configuration files, and log files. This ensures that the files have not been tampered with or modified in any way. By comparing the hash values, any changes or discrepancies can be identified, indicating a potential security breach or unauthorized access. This helps in maintaining the integrity and security of the files and the overall system.

Submit
29. An administrator is assigned to monitor servers in a data center.  A web server connected to the Internet suddenly experiences a large spike in CPU activity.  Which of the following is the MOST likely cause?

Explanation

A Denial of Service (DoS) attack is the most likely cause of the sudden spike in CPU activity on the web server. A DoS attack occurs when a server is flooded with a high volume of traffic or requests, overwhelming its resources and causing it to become unresponsive or slow down. This can lead to a significant increase in CPU activity as the server tries to handle the excessive load. Spyware, Trojan, and privilege issues are less likely to cause such a sudden and significant spike in CPU activity.

Submit
30. Which of the following describes the difference between a secure cipher and a secure hash?

Explanation

A cipher can be reversed, meaning that it is possible to decrypt the encrypted message and obtain the original message. On the other hand, a hash cannot be reversed, meaning that it is not possible to obtain the original input data from the hash value. This is because a hash function is designed to be one-way, providing a fixed-size output regardless of the input size. In contrast, a cipher is designed to be reversible, allowing for encryption and decryption of data.

Submit
31. Which of the following BEST describes risk analysis?

Explanation

Risk analysis involves evaluating and assessing potential risks in order to identify their likelihood and impact on a project or organization. It involves analyzing the potential risks, their causes, and their potential consequences. By evaluating and assessing risks, organizations can make informed decisions on how to mitigate or manage these risks effectively. This helps in minimizing the negative impact of risks and maximizing the chances of project success.

Submit
32. An administrator notices on the monthly firewall log that many of the internal PCs are sending packets on a routine basis to a single external PC.  Which of the following BEST describes what is occurring?

Explanation

The correct answer is that the remote PC has a zombie master application running and the local PCs have a zombie slave application running. This means that the remote PC is controlling the actions of the local PCs, which are unknowingly sending packets to the external PC. This is a common scenario in a botnet attack, where the attacker gains control over multiple computers to carry out malicious activities.

Submit
33. An administrator is backing up all server data nightly to a NAS device.  Which of the following additional steps should the administrator take for protection from disaster in case the primary site is permanently lost?

Explanation

Backing up all data at a preset interval to tape and storing those tapes at a sister site in another city provides protection from disaster in case the primary site is permanently lost. Storing the tapes at a sister site in another city ensures that the backup data is physically located in a different geographical location, reducing the risk of losing the data in case of a catastrophic event such as a fire, flood, or earthquake. This off-site storage strategy helps to ensure business continuity and data recovery in the event of a disaster.

Submit
34. Three generally accepted activities of patch management are:  determining which patches are needed, applying the patches and which of the following?

Explanation

After determining which patches are needed and applying them, the next step in patch management is to audit for the successful application of the patches. This involves checking whether the patches were successfully installed on the systems and if any further actions are required. Auditing helps ensure that the patches are effectively protecting the systems and addressing the vulnerabilities. It allows organizations to identify any issues or gaps in the patch management process and take necessary actions to mitigate risks.

Submit
35. If an administrator does not have a NIDS examining network traffic, which of the following could be used to identify an active attack?

Explanation

A protocol analyzer can be used to identify an active attack if an administrator does not have a NIDS examining network traffic. A protocol analyzer captures and analyzes network traffic, allowing the administrator to inspect the packets and identify any suspicious or malicious activity. By analyzing the protocols and data within the captured packets, the administrator can detect signs of an active attack, such as unusual traffic patterns, unauthorized access attempts, or malicious payloads. Therefore, a protocol analyzer can serve as an effective tool for identifying active attacks in the absence of a NIDS.

Submit
36. Which of the following ia a problem MOST often associated with UTP cable?

Explanation

Crosstalk is a problem most often associated with UTP (Unshielded Twisted Pair) cable. It occurs when signals from one wire interfere with signals on adjacent wires, causing signal degradation and data errors. This interference is more common in UTP cables due to their lack of shielding, which makes them more susceptible to external electromagnetic interference. Crosstalk can be minimized by using proper cable spacing, twisting the pairs tightly together, and using higher quality cables.

Submit
37. A user logs into their network with a smart card.  Which of the following keys is used?

Explanation

When a user logs into their network with a smart card, the private key is used. A smart card contains a chip that securely stores the user's private key, which is used for authentication and encryption purposes. The private key is kept secret and is used to decrypt data that has been encrypted with the corresponding public key. Using the private key ensures that only the authorized user can access the network and that the communication between the user and the network is secure.

Submit
38. An administrator wants to ensure that when an employee leaves the company permanently, that the company will have access to their private keys.  Which of the following will accomplish this?

Explanation

Storing the keys in escrow means that the administrator will keep a copy of the employee's private keys in a secure location. This ensures that even if the employee leaves the company permanently, the company will still have access to their private keys. This can be useful in situations where the private keys are necessary for accessing encrypted data or systems. By storing the keys in escrow, the company can maintain control and access to the employee's encrypted information even after they have left the company.

Submit
39. When using discretionary access control (DAC), who determines access and what privileges they have?

Explanation

In discretionary access control (DAC), the access and privileges are determined by the owner. The owner of the resource has the authority to grant or deny access to other users. They have the ability to set permissions and define who can access the resource and what actions they can perform on it. The owner has full control over the access rights and can modify them as needed.

Submit
40. Which of the following reduces the attack surface of an operating system?

Explanation

Disabling unused services reduces the attack surface of an operating system by limiting the number of potential entry points for attackers. When services are disabled, they are not actively running or listening for connections, which reduces the opportunities for attackers to exploit vulnerabilities in those services. This helps to minimize the overall risk and makes it harder for attackers to gain unauthorized access to the system. Patch management, installing antivirus, and installing HIDS can also enhance security, but they do not directly reduce the attack surface like disabling unused services does.

Submit
41. All of the following are where backup tapes should be kept EXCEPT:

Explanation

Backup tapes should not be kept near a power line because the electromagnetic field generated by the power line can interfere with the data stored on the tapes. This interference can cause data corruption or loss, rendering the backup tapes useless for data recovery purposes. Therefore, it is important to keep backup tapes away from power lines to ensure the integrity and reliability of the stored data.

Submit
42. Which of the following could BEST assist in the recovery of a crashed hard drive?

Explanation

Forensics software could best assist in the recovery of a crashed hard drive because it is specifically designed to analyze and recover data from damaged or corrupted storage devices. This software can help in identifying and repairing any issues with the hard drive, retrieving lost or deleted files, and reconstructing the file system. It also has advanced features for data carving and disk imaging, which are essential for recovering data from a crashed hard drive. Drive optimization, drive sanitization, and damage and loss control are not directly related to data recovery and would not be as effective in recovering a crashed hard drive.

Submit
43. All of the following require periodic updates to stay accurate EXCEPT:

Explanation

Pop-up blocker applications do not require periodic updates to stay accurate because their purpose is to block unwanted pop-up windows, rather than detecting and protecting against specific threats or vulnerabilities. On the other hand, signature-based HIDS, antivirus applications, and rootkit detection applications need regular updates to ensure that they have the latest information about new threats, viruses, and rootkits in order to effectively detect and prevent them.

Submit
44. A technician is working on an end users desktop which has been having performance issues.  The techmician notices there seems to be a lot of activity on the NIC.  A good tool to quickly check the current network connections of the desktop would be:

Explanation

Netstat is a command-line tool used to display active network connections, listening ports, and related network statistics. It provides information about the current network connections on the desktop, including the source and destination IP addresses, port numbers, protocol, and state of the connections. By using Netstat, the technician can quickly identify any suspicious or excessive network activity that may be causing the performance issues on the desktop.

Submit
45. The use of a physical token, PIN and a password during authentication is an example of which of the following?

Explanation

The use of a physical token, PIN, and a password during authentication is an example of two-factor authentication. Two-factor authentication requires the user to provide two different types of credentials to verify their identity. In this case, the physical token serves as one factor, while the PIN and password serve as the second factor. This adds an extra layer of security as it combines something the user has (the physical token) with something the user knows (the PIN and password).

Submit
46. Which of the following encryption methods is often used along with L2TP?

Explanation

IPSec is often used along with L2TP for secure communication over a network. L2TP provides the tunneling mechanism for creating a virtual private network (VPN), while IPSec provides the encryption and authentication protocols to secure the data transmitted over the network. Together, L2TP and IPSec offer a robust and secure solution for remote access and site-to-site VPN connections. S/MIME is a protocol for secure email communication, SSH is a protocol for secure remote access, and 3DES is a symmetric encryption algorithm, but they are not typically used in conjunction with L2TP.

Submit
47. Which of the following would BEST allow an administrator to quickly find a rogue server on the network?

Explanation

A network mapper would be the best tool for an administrator to quickly find a rogue server on the network. A network mapper is a software tool that scans the network and creates a map of all the devices connected to it. By using a network mapper, the administrator can easily identify any unauthorized or unknown servers that may be present on the network. This allows for quick detection and removal of rogue servers, ensuring the security and integrity of the network.

Submit
48. Some examples of hardening techniques include all of the following EXCEPT:

Explanation

Hardening techniques are security measures implemented to protect systems from potential vulnerabilities and attacks. Applying security templates, network-based patch management, and disabling non-required services are all examples of hardening techniques as they help enhance the security of a system. However, running weekly spyware applications is not a hardening technique but rather a measure to detect and remove malicious software that may already be present on a system. While this is a good practice for maintaining system security, it is not specifically considered a hardening technique.

Submit
49. In which of the following situations would it be appropriate to install a hotfix?

Explanation

When a patch is not available and workarounds do not correct the problem, it would be appropriate to install a hotfix. A hotfix is a software update specifically designed to address a specific issue or problem. In this situation, since no patch is available and the workarounds are not effective, installing a hotfix would be the most suitable solution to fix the problem.

Submit
50. A CEO is concerned about staff browsing inappropriate material on the Internet via HTTPS.  If has been suggested that the company purchase a product which could decrypt the SSL session, scan the content and then repackage the SSL session without staff knowing.  Which of the following type of attacks is similar to this product?

Explanation

The correct answer is "Man-in-the-middle." In a man-in-the-middle attack, an attacker intercepts and alters communication between two parties without their knowledge. In this scenario, the product suggested by the CEO would act as a man-in-the-middle by intercepting the SSL session, decrypting it, scanning the content for inappropriate material, and then re-encrypting and forwarding it to the intended recipient without the staff knowing. This allows the company to monitor and control the content being accessed without the users being aware of it.

Submit
51. Which of the following is a security threat that hides its processes and files from being easily detected?

Explanation

A rootkit is a type of security threat that hides its processes and files from being easily detected. It is designed to gain unauthorized access to a computer system and maintain control over it without being detected by traditional security measures. Rootkits are often used by hackers to conceal malicious activities and maintain persistent access to a compromised system. They can hide their presence by manipulating system functions and APIs, making it difficult for antivirus software and other security tools to detect and remove them.

Submit
52. Which of the following authentication mechanisms performs better in a secure environment?

Explanation

TACACS performs better in a secure environment because it encrypts the client-server negotiation dialog. This encryption ensures that the communication between the client and server is secure and cannot be easily intercepted or tampered with by unauthorized individuals. RADIUS, on the other hand, only encrypts client-server passwords, which is not as comprehensive as encrypting the entire negotiation dialog. Therefore, TACACS is the better choice for authentication in a secure environment.

Submit
53. Which of the following organizational documentation provides high level objectives that change infrequently?

Explanation

Policy documentation typically provides high-level objectives that change infrequently. Policies are broad guidelines and principles that guide decision-making and behavior within an organization. They set the overall direction and goals for the organization and provide a framework for decision-making. Unlike procedures or guidelines, policies are not meant to be detailed instructions for specific tasks or activities, but rather serve as a foundation for the organization's operations. Therefore, policy documentation is more likely to provide high-level objectives that remain relatively stable over time.

Submit
54. Which of the following scenarios is MOST likely to benefit from using a personal software firewall on a laptop?

Explanation

An office laptop connected to a home user network is most likely to benefit from using a personal software firewall. When connected to a home user network, the laptop is exposed to various security risks, such as malware and unauthorized access. A personal software firewall can help protect the laptop from these threats by monitoring and controlling incoming and outgoing network traffic, blocking potentially harmful connections, and alerting the user to any suspicious activity. This is especially important in a home user network where the security measures may not be as robust as those in an enterprise LAN or a corporate dial-in server.

Submit
55. Which of the following BEST describes the differences between RADIUS and TACACS?

Explanation

TACACS is a remote access authentication service that encrypts the client-server negotiation dialog. This means that when a client communicates with a server using TACACS, the conversation between them is encrypted to ensure the security and confidentiality of the information exchanged. RADIUS, on the other hand, is also a remote access authentication service but it does not encrypt the client-server negotiation dialog. Therefore, the main difference between RADIUS and TACACS lies in the encryption of the communication between the client and the server.

Submit
56. Configuration baseline should be taken at which of the following stages in the deployment of a new system?

Explanation

The configuration baseline should be taken after the initial configuration of the new system. This means that the system has been set up and configured according to the desired specifications and requirements. Taking the configuration baseline at this stage ensures that any changes made during the initial configuration process are captured and documented. It provides a reference point for future comparisons and helps in maintaining the desired configuration state of the system.

Submit
57. Which of the following would BEST allow for fast, highly secure encryption of a USB flash drive?

Explanation

AES256 would be the best option for fast, highly secure encryption of a USB flash drive. AES (Advanced Encryption Standard) is a symmetric encryption algorithm widely recognized for its security and efficiency. The "256" in AES256 refers to the key size, which is 256 bits, making it extremely difficult to crack. This encryption method is widely used and trusted for securing sensitive data, making it an ideal choice for encrypting a USB flash drive.

Submit
58. An organization has recently implemented a work from home program.  Employees need to connect securely from home to the corporate network.  Which of the following encryption technologies might BEST accomplish this?

Explanation

IPSec (Internet Protocol Security) is the best encryption technology for employees to securely connect from home to the corporate network. IPSec provides secure communication by encrypting the data packets that are transmitted over the internet. It ensures the confidentiality, integrity, and authenticity of the data being transmitted, making it an ideal choice for remote workers accessing corporate resources from home. PPTP, L2TP, and PPP are also encryption technologies, but IPSec is considered more secure and robust.

Submit
59. Which of the following methods will help to identify when unauthorized access has occurred?

Explanation

Implementing previous logon notification will help to identify when unauthorized access has occurred. This method notifies the user whenever there is a login attempt from a different device or location, allowing them to take immediate action if the access is unauthorized. By receiving these notifications, users can quickly identify any suspicious activity and report it to the appropriate authorities, enhancing the security of their accounts and systems.

Submit
60. Security templates are used for which of the following purposes? Select TWO)

Explanation

Security templates are used to ensure that all servers start from a common security configuration. This means that all servers will have the same baseline security settings, reducing the risk of vulnerabilities or misconfigurations. Additionally, security templates are used to ensure that servers are in compliance with the corporate security policy. This ensures that all servers adhere to the organization's security standards and guidelines, promoting a consistent and secure environment.

Submit
61. Which of the following hashing techniques is commonly disabled to make password cracking more difficult?

Explanation

NTLM (NT LAN Manager) is commonly disabled to make password cracking more difficult. NTLM is an outdated hashing technique that is vulnerable to various attacks, such as brute force and dictionary attacks. Disabling NTLM forces the use of more secure hashing techniques, making it harder for attackers to crack passwords.

Submit
62. Ensuring administrators have both a regular user account and a privileged user account is an example of applying which security principle?

Explanation

The principle of least privilege states that individuals should be given only the minimum level of access necessary to perform their job functions. By ensuring administrators have both a regular user account and a privileged user account, this principle is being applied. The regular user account allows administrators to perform their regular tasks, while the privileged user account grants them elevated privileges only when necessary, reducing the risk of unauthorized access or accidental misuse of privileges.

Submit
63. When a server and workstation communicate via SSL, which if the following keys are being used?  (Select TWO)

Explanation

When a server and workstation communicate via SSL, two types of keys are being used. The first key is the public key, which is used for encryption and decryption of data. It is used to securely exchange session keys between the server and the workstation. The session key is the second key being used, which is a symmetric key used for encrypting and decrypting the actual data being transmitted between the server and the workstation.

Submit
64. All of the following are steps in the incident response process EXCEPT:

Explanation

The incident response process involves several steps to effectively handle and mitigate any security incident. Eradication focuses on removing the root cause of the incident to prevent further damage. Recovery involves restoring systems and data to their normal state after the incident. Containment is the step where the incident is isolated to prevent it from spreading further. Repudiation, on the other hand, is not a step in the incident response process. It refers to the act of denying or disowning any involvement or responsibility for an action, which is not directly related to incident response.

Submit
65. Which of the following is an example to two-factor authentication for an information system?

Explanation

Photo ID cannot be used for accessing a computer system unless it is a smartcard ID, in this case Smartcard was not specified.

Submit
66. Social engineering, password cracking and vulnerability exploitation are examples of which of the following?

Explanation

Penetration testing involves simulating real-world attacks to identify vulnerabilities in a system's security. Social engineering, password cracking, and vulnerability exploitation are all techniques used during penetration testing to assess the effectiveness of an organization's security measures. Therefore, the correct answer is penetration testing.

Submit
67. To evaluate the security compliance of a group of servers against best practices, which of the following BEST applies?

Explanation

To evaluate the security compliance of a group of servers against best practices, the best approach would be to run a vulnerability assessment tool. This tool is designed to identify and assess vulnerabilities in the servers, helping to identify any weaknesses or potential security risks. By running a vulnerability assessment, the organization can gather important information about the servers' security posture and take necessary steps to address any vulnerabilities found. This proactive approach allows for a comprehensive evaluation of the servers' security and helps in implementing appropriate security measures.

Submit
68. Which of the following is the BEST order in which crucial equipment should draw power?

Explanation

The best order in which crucial equipment should draw power is UPS line conditioner, UPS battery, and backup generator. The UPS line conditioner helps to regulate and stabilize the incoming power supply, ensuring that it is clean and free from fluctuations. The UPS battery provides a backup power source in case of a power outage, allowing for uninterrupted operation. Finally, the backup generator serves as a long-term power solution, providing continuous power supply in the event of an extended outage. This order ensures that the power is conditioned and stable before being stored in the battery and then supplemented by the backup generator if needed.

Submit
69. An administrator wants to block users from accessing a few inappropriate websites as soon as possible.  The existing firewall allows blocking by IP address.  To achieve this goal the administrator will need to:

Explanation

To block users from accessing inappropriate websites, the administrator needs to upgrade to a URL-based filter. This type of filter allows blocking specific websites based on their URLs or domain names. By upgrading to a URL-based filter, the administrator can easily input the URLs of the inappropriate websites and prevent users from accessing them. This solution is more effective and efficient than using an IP address-based filter, as it directly targets the specific websites that need to be blocked.

Submit
70. Which of the following are MOST likely to be analyzed by Internet filter appliances/servers?  (Select THREE)

Explanation

Internet filter appliances/servers are designed to monitor and control internet traffic. Certificates are likely to be analyzed to ensure the authenticity and security of websites. URLs are analyzed to determine the website being accessed and to apply filtering rules based on the website's category. Content is analyzed to identify and block inappropriate or harmful content. Keys and TLSs are not typically analyzed by internet filter appliances/servers as they are related to encryption and security protocols rather than content filtering.

Submit
71. Frequent signature updates are required by which of the following security applications?  (Select TWO)

Explanation

Antivirus and IDS (Intrusion Detection System) both require frequent signature updates. Antivirus software needs regular updates to detect and protect against new viruses, malware, and other threats. These updates include new virus definitions and security patches to ensure the antivirus program can effectively identify and remove the latest threats. IDS systems also rely on signature updates to stay current with the latest attack patterns and techniques. By regularly updating the signatures, IDS can detect and alert on new types of attacks, helping to enhance network security.

Submit
72. Which of the following BEST describes the differences between RADIUS and TACACS?

Explanation

TACACS is a protocol that separates the functions of authentication, authorization, and accounting (auditing) into separate components. This allows for more granular control and flexibility in managing user access to network resources. On the other hand, RADIUS (Remote Authentication Dial-In User Service) is also a remote access authentication service but does not provide the same level of separation between these functions as TACACS does. Therefore, the given answer correctly describes the main difference between TACACS and RADIUS.

Submit
73. Which of the following organizational documentation describes how tasks or job functions should be conducted?

Explanation

Procedures are the organizational documentation that provide detailed instructions on how tasks or job functions should be conducted. They outline step-by-step processes and guidelines to ensure consistency and efficiency in performing specific tasks. Procedures help employees understand their roles and responsibilities, maintain quality standards, and ensure compliance with organizational policies and regulations. They serve as a reference for employees to follow and help in achieving consistency and accuracy in performing tasks within the organization.

Submit
74. A small call center business decided to install an email system to facilitate communications in the office.  As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year.  The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protected.  If workstations are compromised it will take three hours to restore services for the 30 staff.  Staff members in the call center are paid $90 per hour.  If determining the risk, which of the following is the annual loss expectancy (ALE)?

Explanation

The annual loss expectancy (ALE) is calculated by multiplying the annual rate of occurrence (ARO) with the single loss expectancy (SLE). In this case, the ARO is 90% (as stated in the question) and the SLE is the product of the cost to restore services ($90 per hour * 3 hours * 30 staff) which equals $8,100. Therefore, the ALE is $7,290 (90% * $8,100).

Submit
75. Which of the following describes software that is often written solely for a specific customers application?

Explanation

A hotfix is a software update that is specifically designed to address a particular issue or bug in a software application. It is often created and released quickly to provide a solution for a specific customer's application, rather than being a comprehensive update like a service pack. Hotfixes are typically targeted and released on an as-needed basis, making them a fitting description for software that is written solely for a specific customer's application.

Submit
76. A CRL contains a list of which of the following type of keys?

Explanation

A CRL (Certificate Revocation List) contains a list of both public and private keys. This list is used by certificate authorities to revoke certificates that have been compromised, expired, or are no longer valid. By including both public and private keys in the CRL, it ensures that any certificates associated with those keys are no longer trusted by clients and applications. This helps maintain the security and integrity of the digital certificate infrastructure.

Submit
77. The primary function of risk management is an organization is to reduce to a level:

Explanation

The primary function of risk management in an organization is to accept the level of risk. This means that the organization acknowledges and tolerates the potential negative impact of a risk event occurring. Accepting the risk implies that the organization has evaluated the likelihood of the risk event (Annualized Rate of Occurrence - ARO) and the potential loss associated with it (Single Loss Expectancy - SLE), and has determined that the cost of implementing further risk mitigation measures outweighs the potential loss. Therefore, the organization chooses to accept the risk rather than invest additional resources in reducing it further.

Submit
78. A technician is performing an assessment on a router and discovers packet filtering is employed.  Which of the following describes a security concern with stateless packet filtering?

Explanation

Stateless packet filtering is a type of firewall that examines individual packets based on their source and destination IP addresses, ports, and other header information. However, it does not inspect the payload or data within the packets. This can be a security concern because malicious or unauthorized content within the packet payload may go undetected, allowing potential threats to bypass the firewall and enter the network undetected.

Submit
79. Virtualized applications, such as virtualized browsers, are capable of protecting the operating system from which of the following?

Explanation

Virtualized applications, such as virtualized browsers, are capable of protecting the operating system from malware installation from suspect Internet sites. This is because virtualization creates a separate and isolated environment for running applications, including browsers. Any malicious code or malware encountered while browsing suspect Internet sites will be contained within the virtualized environment and will not be able to affect the underlying operating system. This helps to prevent malware infections and enhances the overall security of the system.

Submit
80. When choosing an antivirus product, which of the following are the MOST inportant security considerations?  (Select TWO)

Explanation

The frequency of signature updates is an important security consideration because antivirus software relies on regularly updated signatures to detect and block new threats. The more frequently the signatures are updated, the more effective the antivirus software will be in protecting against the latest viruses. The number of viruses the software can detect is also important because a larger virus database means a greater chance of detecting and removing malicious software. Both of these factors contribute to the overall effectiveness of the antivirus product in providing security.

Submit
81. Which of the following BEST describes the differences between SHA-1 and MD5?

Explanation

SHA-1 produces fewer collisions than MD5. This is because SHA-1 is a stronger cryptographic hash function compared to MD5. A collision occurs when two different inputs produce the same hash output. Although both SHA-1 and MD5 can produce fixed-length message digests, SHA-1 has a larger hash size (160 bits) compared to MD5 (128 bits), which makes it less likely to have collisions. However, it is important to note that both SHA-1 and MD5 are considered to be weak and insecure in modern cryptographic applications due to vulnerabilities that have been discovered in their algorithms.

Submit
82. Which of the following would require a pre-sharing of information before a home user could attach to a neighbors wireless adapter?

Explanation

SSID broadcasting refers to the practice of a wireless network broadcasting its network name (SSID) so that nearby devices can easily locate and connect to it. When SSID broadcasting is disabled, the network name is not visible to other devices, making it necessary for a home user to pre-share the network information (such as the SSID) with their neighbor before they can connect to their wireless adapter. This ensures that only authorized users can access the network, as they would need to know the network name in order to connect.

Submit
83. Pre-shared keys apply to which of the following?

Explanation

Pre-shared keys apply to PGP (Pretty Good Privacy). PGP is a cryptographic protocol that uses a combination of symmetric-key and public-key cryptography to provide encryption and authentication for data communication. Pre-shared keys are symmetric keys that are shared in advance between the communicating parties, allowing them to securely encrypt and decrypt messages. PGP uses these pre-shared keys to establish a secure communication channel and ensure the confidentiality and integrity of the transmitted data.

Submit
84. A company has an issue with field users logging into VPN to connect to the mail server, and leaving their computers connected while in public places.  The administrator needs to prevent both unauthorized access to the company email and data, and limit the impact on the VPN server.  Which of the following BEST achieves this goal?

Explanation

Setting group policy to lock computers after five minutes of inactivity and limiting VPN connections to one hour is the best solution in this scenario. By locking computers after a short period of inactivity, it ensures that unauthorized individuals cannot access company email and data. Additionally, limiting VPN connections to one hour reduces the risk of leaving computers connected in public places for extended periods, minimizing the potential impact on the VPN server. This solution effectively addresses both the security concern and the impact on the VPN server.

Submit
85. The data custodian in an organization is responsible for:

Explanation

The data custodian in an organization is responsible for the recoverability of the data. This means that they are in charge of ensuring that the data can be restored and accessed in the event of a loss or disaster. This includes implementing backup and recovery systems, conducting regular data backups, and testing the restore process to ensure data integrity. The data custodian's role is crucial in safeguarding the organization's data and ensuring its availability for business operations.

Submit
86. A flat or simple role-based access control (RBAC) embodies which of the following principles?

Explanation

A flat or simple role-based access control (RBAC) system follows the principle of assigning users to roles. Permissions are then assigned to these roles, and users acquire these permissions by being a member of the role. This means that instead of directly assigning permissions to individual users, permissions are managed at the role level, making it easier to manage access control in large organizations with many users.

Submit
87. Which of the following facilitates the creation of an unencrypted tunnel between two devices?

Explanation

L2TP (Layer 2 Tunneling Protocol) facilitates the creation of an unencrypted tunnel between two devices. It is a protocol that allows the creation of virtual private networks (VPNs) and is commonly used to establish secure connections over the internet. L2TP does not provide encryption by itself, but it can be combined with other encryption protocols such as IPsec to create a secure and private connection between devices.

Submit
88. A single sign-on requires which of the following?

Explanation

A unified trust model is required for a single sign-on. This means that there needs to be a consistent and standardized system in place that allows users to access multiple applications and systems with just one set of login credentials. This unified trust model ensures that the user's identity and access rights are securely managed across all the different platforms and services they need to use.

Submit
89. Threats to a network could include:  (Select TWO)

Explanation

Threats to a network can come from various sources, including disgruntled employees and dial-up access. Disgruntled employees may intentionally compromise the network's security by accessing unauthorized information or sabotaging systems. Dial-up access can be a potential threat as it provides an external entry point for attackers to exploit vulnerabilities in the network. Both of these factors can pose significant risks to the network's integrity and confidentiality.

Submit
90. Port 3535 is typically blocked for outbound traffic on a companys LAN.  An end-user has recently purchased a legitimate business program that needs to make outbound calls using this port.  Which of the following steps should a technician take to allow this?  (Select TWO)

Explanation

The correct answer is to open the port on the company's firewall and the user's personal software firewall. Opening the port on the company's firewall will allow outbound traffic on port 3535 from the company's LAN. Opening the port on the user's personal software firewall will allow the legitimate business program to make outbound calls using port 3535 from the user's device. By taking these two steps, the technician will ensure that the program can function properly without any restrictions imposed by the network infrastructure.

Submit
91. Which of the following would BEST allow an administrator to quickly find a PC with a blank database administrator password?

Explanation

A vulnerability scanner is a tool that scans computer systems for potential vulnerabilities and weaknesses. In this scenario, using a vulnerability scanner would be the best option for an administrator to quickly find a PC with a blank database administrator password. The scanner would detect this vulnerability and flag it as a security risk, allowing the administrator to take immediate action to address the issue and secure the system.

Submit
92. A security manager believes that too many services are running on a mission critical database server.  Which of the following tools might a security analyst use to determine services that are running on the server, without logging into machine?

Explanation

A security analyst might use a port scanner to determine the services that are running on the server without logging into the machine. A port scanner is a tool that scans a range of ports on a target system to identify which ports are open and what services are running on those ports. By using a port scanner, the security analyst can gather information about the services running on the mission critical database server without the need to log in to the machine, allowing them to assess the potential vulnerabilities and risks associated with the server's configuration.

Submit
93. Which of the following is setup within a router?

Explanation

A DMZ (Demilitarized Zone) is a setup within a router that creates a separate network segment, typically between the internal network and the internet, to provide an additional layer of security. It allows for hosting public-facing servers or services, such as web servers, while keeping them isolated from the internal network. This helps to protect the internal network from potential threats or attacks originating from the internet.

Submit
94. All of the following are weaknesses of WEP EXCEPT:

Explanation

The given answer is "Lack of integrity checking". WEP (Wired Equivalent Privacy) is a security protocol used to secure wireless networks. It has several weaknesses, including the use of a weak initialization vector, vulnerability to replay attacks, and the use of weak keys. However, one of the strengths of WEP is that it does include integrity checking. This means that it can detect if data has been tampered with during transmission. Therefore, the lack of integrity checking is not a weakness of WEP.

Submit
95. A vendor releases an application update to a recent service pack that addresses problems being experienced by some end users.  This update would be considered a:

Explanation

A hotfix is a small, targeted update released by a vendor to address specific issues being experienced by some end users. It is usually released between regular updates or service packs to quickly fix critical problems. In this case, the vendor has released an application update specifically designed to address the problems faced by some users, making it a hotfix.

Submit
96. Which of the following is LEAST likely to help reduce single points of failure?

Explanation

Mandatory vacations are least likely to help reduce single points of failure because they involve employees taking time off from work, which can leave a gap in the workforce and potentially increase the risk of a single point of failure. While mandatory vacations are important for employee well-being and can help identify potential issues, they do not directly address the technical aspects of reducing single points of failure. Other options like cross training, clustered servers, and disaster recovery are more effective in distributing workload, increasing redundancy, and ensuring business continuity.

Submit
97. A technician is deciding between implementing a HIDS on the database server of implementing a HIDS.  Which of the following are reasons why a NIDS may be better to implement? (Select TWO)

Explanation

Many HIDS are not able to detect network attacks because they are primarily designed to monitor and detect activities within the host system, rather than monitoring network traffic. Additionally, many HIDS have a negative impact on system performance as they consume system resources to continuously monitor and analyze activities, leading to slower system performance.

Submit
98. Which of the following sites can be online the QUICKEST and does not require data restoration from backup media to ensure the production data is as current as possible?

Explanation

A mirrored site is the correct answer because it is an exact replica of the production site, constantly updated in real-time. This means that there is no need for data restoration from backup media, ensuring that the production data is always current. A mirrored site is the quickest option as it eliminates the need for any additional steps or processes to ensure data consistency.

Submit
99. Which of the following describes a spanned switch port in the context of IDS traffic analysis?

Explanation

A spanned switch port in the context of IDS traffic analysis refers to an association of a set of source ports with a single destination port. This means that the traffic from multiple source ports is being mirrored or copied to a single destination port, where an IDS sensor is connected. The IDS sensor can then analyze the traffic for any suspicious or malicious activity. This setup allows for effective monitoring and analysis of network traffic without disrupting the normal flow of data.

Submit
100. A financial institution performed a risk assessment on the DLT backup system used to store customer account details.  The main risk highlighted was the long-term retention of electronically stored data.  Which of the following is the MOST likely reason for the risk being raised?

Explanation

The risk of long-term retention of electronically stored data is most likely raised due to the compatibility issues between the media and application systems. This suggests that the financial institution's backup system may not be able to effectively store and retrieve data in the long term due to compatibility issues between the media used for storage and the application systems used to access and manage the data.

Submit
View My Results

Quiz Review Timeline (Updated): Mar 22, 2023 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Mar 22, 2023
    Quiz Edited by
    ProProfs Editorial Team
  • May 23, 2010
    Quiz Created by
    Semarley
Cancel
  • All
    All (100)
  • Unanswered
    Unanswered ()
  • Answered
    Answered ()
Which of the following will execute malicious code at a pre-specified...
Which of the following exploits is only triggered by specific date or...
A number of unauthorized staff have been entering the data center by...
Which of the following would a password cracker help an administrator...
Which of the following usually applies specifically to a web browser?
A user wants to implement very tight security controls for technicians...
A manufacturing corporation has decided to send a highly sensitive...
Which of the following physical threats is prevented with mantraps?
Which of the following BEST applies in the secure disposal of...
The service provided by message authentication code (MAC) hash is:
A user is going to dispose of some old hard drives.  Which of the...
Which of the following is a mechanism that prevents electromagnetic...
Which of the following is a cryptographic representation of...
Which of the following concepts, requires users and system processes...
Which of the following reduces the effectiveness of telephone social...
Which of the following allows for a secure connection to be made...
Which of the following is the quickest method to create a secure test...
After a system risk assessment was performed it was found that the...
Which of the following practices should be implemented to harden...
An administrator notices that a PC is sending an unusual amount of...
When is the best time to discuss the appropriate use of electronic...
Which of the following is the MOST intrusive on a network?
Which of the following is a risk associated with a virtual server?
Which of the following is a security benefit of mandatory vacations?
Which of the following is a collection of fixes for an application or...
An antivirus server keeps flagging an approved application that the...
An administrator is running a network monitoring application that...
Which of the following describes the process of comparing...
An administrator is assigned to monitor servers in a data...
Which of the following describes the difference between a secure...
Which of the following BEST describes risk analysis?
An administrator notices on the monthly firewall log that many of the...
An administrator is backing up all server data nightly to a NAS...
Three generally accepted activities of patch management are: ...
If an administrator does not have a NIDS examining network traffic,...
Which of the following ia a problem MOST often associated with UTP...
A user logs into their network with a smart card.  Which of the...
An administrator wants to ensure that when an employee leaves the...
When using discretionary access control (DAC), who determines access...
Which of the following reduces the attack surface of an operating...
All of the following are where backup tapes should be kept EXCEPT:
Which of the following could BEST assist in the recovery of a crashed...
All of the following require periodic updates to stay accurate EXCEPT:
A technician is working on an end users desktop which has been having...
The use of a physical token, PIN and a password during authentication...
Which of the following encryption methods is often used along with...
Which of the following would BEST allow an administrator to quickly...
Some examples of hardening techniques include all of the following...
In which of the following situations would it be appropriate to...
A CEO is concerned about staff browsing inappropriate material on the...
Which of the following is a security threat that hides its processes...
Which of the following authentication mechanisms performs better in a...
Which of the following organizational documentation provides high...
Which of the following scenarios is MOST likely to benefit from using...
Which of the following BEST describes the differences between RADIUS...
Configuration baseline should be taken at which of the following...
Which of the following would BEST allow for fast, highly secure...
An organization has recently implemented a work from home...
Which of the following methods will help to identify when unauthorized...
Security templates are used for which of the following purposes?...
Which of the following hashing techniques is commonly disabled to make...
Ensuring administrators have both a regular user account and a...
When a server and workstation communicate via SSL, which if the...
All of the following are steps in the incident response process...
Which of the following is an example to two-factor authentication for...
Social engineering, password cracking and vulnerability exploitation...
To evaluate the security compliance of a group of servers against best...
Which of the following is the BEST order in which crucial equipment...
An administrator wants to block users from accessing a few...
Which of the following are MOST likely to be analyzed by Internet...
Frequent signature updates are required by which of the following...
Which of the following BEST describes the differences between RADIUS...
Which of the following organizational documentation describes how...
A small call center business decided to install an email system to...
Which of the following describes software that is often written solely...
A CRL contains a list of which of the following type of keys?
The primary function of risk management is an organization is to...
A technician is performing an assessment on a router and discovers...
Virtualized applications, such as virtualized browsers, are capable of...
When choosing an antivirus product, which of the following are the...
Which of the following BEST describes the differences between SHA-1...
Which of the following would require a pre-sharing of information...
Pre-shared keys apply to which of the following?
A company has an issue with field users logging into VPN to connect to...
The data custodian in an organization is responsible for:
A flat or simple role-based access control (RBAC) embodies which of...
Which of the following facilitates the creation of an unencrypted...
A single sign-on requires which of the following?
Threats to a network could include:  (Select TWO)
Port 3535 is typically blocked for outbound traffic on a companys...
Which of the following would BEST allow an administrator to quickly...
A security manager believes that too many services are running on a...
Which of the following is setup within a router?
All of the following are weaknesses of WEP EXCEPT:
A vendor releases an application update to a recent service pack that...
Which of the following is LEAST likely to help reduce single points of...
A technician is deciding between implementing a HIDS on the database...
Which of the following sites can be online the QUICKEST and does not...
Which of the following describes a spanned switch port in the context...
A financial institution performed a risk assessment on the DLT backup...
Alert!

Advertisement