Module I Certification Quiz

114 Questions

Settings
IT Certification Quizzes & Trivia

Just a try to see if it can be done before Odie wakes up.


Questions and Answers
  • 1. 
      Who is responsible for establishing access permissions to network resources in the Discretionary Access Control (DAC) access control model?
    • A. 

      The system administrator and the owner of the resource

    • B. 

      The owner of the resource

    • C. 

      The user requiring access to the resource

    • D. 

      The system administrator

  • 2. 
      Users need to access their email and several secure applications from any workstation on the network. In addition, an authentication system implemented by the administrator requires the use of a username, password, and a company issued smart card. This is an example of which of the following?
    • A. 

      SSO

    • B. 

      Three factor authentication

    • C. 

      Least privilege

    • D. 

      ACL

  • 3. 
      As a network administrator, your company uses the RBAC (Role Based Access Control) model. You must plan the security strategy for user to access resources on the network. These resources include mailboxes and files and printers. The departments in your company are Finance, Sales, Research and Development, and Production. Users access the resources based on the department wherein he/she works. Which roles should you create to support the RBAC (Role Based Access Control) model?
    • A. 

      Create user and workstation roles

    • B. 

      Create mailbox, and file and printer roles

    • C. 

      Create Finance, Sales, Research and Development, and Production roles

    • D. 

      Create allow access and deny access roles.

  • 4. 
      Choose the terminology or concept which best describes a (Mandatory Access Control) MAC model.
    • A. 

      Bell La-Padula

    • B. 

      BIBA

    • C. 

      Clark and Wilson

    • D. 

      Lattice

  • 5. 
      Which of the following will restrict access to files according to the identity of the user or group? Choose one answer.
    • A. 

      DAC

    • B. 

      MAC

    • C. 

      PKI

    • D. 

      CRL

  • 6. 
      Users would not like to enter credentials to each server or application to conduct their normal work. Which type of strategy can solve this problem?
    • A. 

      Two-factor authentication

    • B. 

      Smart card

    • C. 

      SSO

    • D. 

      Biometrics

  • 7. 
      Giving each user or group of users only the access they need to do their job is an example of which of the following security principals?
    • A. 

      Least privilege

    • B. 

      Access control

    • C. 

      Defense in depth

    • D. 

      Separation of duties

  • 8. 
      Which security measure should be used while implementing access control?
    • A. 

      Time of day restrictions

    • B. 

      Password complexity requirements

    • C. 

      Disabling SSID broadcast

    • D. 

      Changing default passwords

  • 9. 
      Which of the following is correct about an instance where a biometric system identifies unauthorized users and allows them access? Choose one answer.
    • A. 

      False acceptance

    • B. 

      False positive

    • C. 

      False rejection

    • D. 

      False negative

  • 10. 
      Which of the following access control models uses subject and object labels? Choose one answer.
    • A. 

      Rule Based Access Control (RBAC)

    • B. 

      Mandatory Access Control (MAC)

    • C. 

      Role Based access Control (RBAC)

    • D. 

      Discretionary Access Control (DAC)

  • 11. 
      Which password management system best provides for a system with a large number of users? Choose one answer.
    • A. 

      Locally saved passwords management systems

    • B. 

      Synchronized passwords management systems

    • C. 

      Self service password reset management systems

    • D. 

      Multiple access methods management systems

  • 12. 
      Which of the following types of authentication BEST describes providing a username, password and undergoing a thumb print scan to access a workstation?
    • A. 

      Biometric

    • B. 

      Kerberos

    • C. 

      Mutual

    • D. 

      Multifactor

  • 13. 
      Which of the following access decisions are based on a Mandatory Access control (MAC) environment?
    • A. 

      Sensitivity labels

    • B. 

      Ownership

    • C. 

      Group membership

    • D. 

      Access control lists

  • 14. 
      Which of the following access control models uses roles to determine access permissions?
    • A. 

      RBAC

    • B. 

      DAB

    • C. 

      None of the above

    • D. 

      MAC

  • 15. 
      The ability to logon to multiple systems with the same credentials is typically known as:
    • A. 

      Role Based Access Control (RBAC)

    • B. 

      Decentralized management

    • C. 

      Centralized management

    • D. 

      Single sign-on

  • 16. 
      The DAC (Discretionary Access Control) model has an inherent flaw. Choose the option that describes this flaw.
    • A. 

      The DAC (Discretionary Access Control) model uses only the identity of the user or specific process to control access to a resource. This creates a security loophole for Trojan horse attacks.

    • B. 

      The DAC (Discretionary Access Control) model uses certificates to control access to resources. This creates an opportunity for attackers to use your certificates

    • C. 

      The DAC (Discretionary Access Control) model does not use the identity of a user to control access to resources. This allows anyone to use an account to access resources.

    • D. 

      The DAC (Discretionary Access Control) model does not have any known security flaws.

  • 17. 
      Choose the access control model that allows access control determinations to be performed based on the security labels associated with each user and each data item.
    • A. 

      RBACs (Role Based Access Control) method

    • B. 

      LBACs (List Based Access Control) method

    • C. 

      DACs (Discretionary Access Control) method

    • D. 

      MACs (Mandatory Access Control) method

  • 18. 
      Which of the following authentication methods increases the security of the authentication process because it must be in your physical possession?
    • A. 

      CHAP

    • B. 

      Certificate

    • C. 

      Kerberos

    • D. 

      Smart Cards

  • 19. 
      Which access control system allows the system administrator to establish access permissions to network resources? Choose one answer.
    • A. 

      MAC

    • B. 

      DAC

    • C. 

      RBAC

    • D. 

      None of the above

  • 20. 
      Which access control method gives the owner control over providing permissions?
    • A. 

      Rule-based Access Control (RBAC)

    • B. 

      Mandatory Access Control (MAC)

    • C. 

      Role-based Access Control (RBAC)

    • D. 

      Discretionary Access Control (DAC)

  • 21. 
      The authentication process where the user can access several resources without the need for multiple credentials is known as:
    • A. 

      Single sign-on

    • B. 

      Decentralized management

    • C. 

      Discretionary Access Control (DAC)

    • D. 

      Need to know

  • 22. 
      What does the DAC access control model use to identify the users who have permissions to a resource?
    • A. 

      The role or responsibilities users have in the organization

    • B. 

      Predefined access privileges

    • C. 

      Access Control Lists

    • D. 

      None of the above

  • 23. 
      Access controls based on security labels associated with each data item and each user are known as:
    • A. 

      Role Based Access Control (RBAC)

    • B. 

      Discretionary Access Control (DAC)

    • C. 

      Mandatory Access Control (MAC)

    • D. 

      List Based Access Control (LBAC)

  • 24. 
      An organization has a hierarchical-based concept of privilege management with administrators having full access, human resources personnel having slightly less access and managers having access to their own department files only. This is BEST described as:
    • A. 

      Rule based access control (RBAC)

    • B. 

      Mandatory access control (MAC)

    • C. 

      Discretionary access control (DAC)

    • D. 

      Role based access control (RBAC)

  • 25. 
      The difference between identification and authentication is that:
    • A. 

      Authentication verifies a set of credentials while identification verifies the identity of the network

    • B. 

      Authentication verifies the identity of a user requesting credentials while identification verifies a set of credentials

    • C. 

      Authentication verifies a set of credentials while identification verifies the identity of a user requesting credentials

    • D. 

      Authentication verifies a user ID belongs to a specific user while identification verifies the identity of a user group

  • 26. 
      What does the MAC access control model use to identify the users who have permissions to a resource?
    • A. 

      Access Control Lists

    • B. 

      The role or responsibilities user have in the organization

    • C. 

      Predefined access privileges

    • D. 

      None of the above

  • 27. 
      How is access control permissions established in the RBAC access control model?
    • A. 

      The role or responsibilities users have in the organization

    • B. 

      The system administrator

    • C. 

      The owner of the resource

    • D. 

      None of the above

  • 28. 
      Both the server and the client authenticate before exchanging data. This is an example of which of the following?
    • A. 

      SSO

    • B. 

      Biometrics

    • C. 

      Mutual authentication

    • D. 

      Multifactor authentication

  • 29. 
      Which solution can be used by a user to implement very tight security controls for technicians that seek to enter the users’ datacenter?
    • A. 

      Magnetic lock and pin

    • B. 

      Smartcard and proximity readers

    • C. 

      Biometric reader and smartcard

    • D. 

      Combination locks and key locks

  • 30. 
      Which of the following statements regarding the MAC access control models is TRUE?
    • A. 

      The Mandatory Access Control (MAC) model is a dynamic model

    • B. 

      In the Mandatory Access Control (MAC) users cannot share resources dynamically.

    • C. 

      In the Mandatory Access Control (MAC) the owner of a resource establishes access privileges to that resource.

    • D. 

      The Mandatory Access Control(MAC) is not restrictive

  • 31. 
      Which security action should be finished before access is given to the network?
    • A. 

      Identification and authorization

    • B. 

      Authentication and authorization

    • C. 

      Identification and authentication

    • D. 

      Authentication and password

  • 32. 
      Which item is not a logical access control method?
    • A. 

      Software token

    • B. 

      ACL

    • C. 

      Biometrics

    • D. 

      Group policy

  • 33. 
      In a classified environment, a clearance into a Top Secret compartment only allows access to certain information within that compartment. This is known as:
    • A. 

      Acceptable use

    • B. 

      Need to know

    • C. 

      Separation of duties

    • D. 

      Dual control

  • 34. 
      Which of the following describes the process by which a single user name and password can be entered to access multiple computer applications?
    • A. 

      Single sign-on

    • B. 

      Constrained user interfaces

    • C. 

      Encryption protocol

    • D. 

      Access control lists

  • 35. 
      A user is assigned access rights explicitly. This is a feature of which of the following control models?
    • A. 

      Rule Based Access Control (RBAC)

    • B. 

      Mandatory Access Control (MAC)

    • C. 

      Discretionary Access Control (DAC)

  • 36. 
      Most key fob (token) based identification systems use which of the following types of authentication mechanisms?
    • A. 

      Username/password

    • B. 

      Certificates

    • C. 

      Biometrics

    • D. 

      Kerberos

    • E. 

      Token

  • 37. 
      During which phase of identification and authentication does proofing occur?
    • A. 

      Testing

    • B. 

      Authentication

    • C. 

      Identification

    • D. 

      Verification

  • 38. 
      Which item best describes an instance where a biometric system identifies legitimate users as being unauthorized
    • A. 

      False negative

    • B. 

      False acceptance

    • C. 

      False rejection

  • 39. 
      Which item can be commonly programmed into an application for ease of administration?
    • A. 

      Back door

    • B. 

      Worm

    • C. 

      Zombie

    • D. 

      Trojan

  • 40. 
      Which of the following definitions BEST suit Buffer Overflow?
    • A. 

      It is used to provide a persistent, customized web experience for each visit

    • B. 

      It receives more data than it is programmed to accept

    • C. 

      It has a feature designed into many email servers that allows them to forward email to other email servers

    • D. 

      It’s an older form of scripting that was used extensively in early web systems

  • 41. 
      Which description is correct about an application or string of code that could not automatically spread from one system to another but is designed to spread from file to file?
    • A. 

      Botnet

    • B. 

      Worm

    • C. 

      Virus

    • D. 

      Adware

  • 42. 
      The risks of social engineering can be decreased by implementing: (Select TWO)
    • A. 

      Risk assessment policies

    • B. 

      Identity verification methods

    • C. 

      Operating system patching instructions

    • D. 

      Vulnerability testing technique

    • E. 

      Security awareness training

  • 43. 
      Which one of the following options is an attack launched from multiple zombie machines in attempt to bring down a service?
    • A. 

      DDoS

    • B. 

      Man-in-the-middle

    • C. 

      DoS

    • D. 

      TCP/IP hijacking

  • 44. 
      In addition to bribery and forgery, which of the following are the MOST common techniques that attackers use to socially engineer people? (Select TWO)
    • A. 

      Flattery

    • B. 

      Dumpster diving

    • C. 

      Phreaking

    • D. 

      Whois search

    • E. 

      Assuming a position of authority

  • 45. 
      Due to a concern about staff browsing inappropriate material on the web, your company is purchasing a product which can decrypt the SSL session, scan the content and then repackage the SSL session without staff knowing. What type of attack is similar to this product?
    • A. 

      Replay

    • B. 

      Man-in-the-middle

    • C. 

      TCP/IP hijacking

    • D. 

      Spoofing

  • 46. 
      Which of the following viruses has the characteristic where it may attempt to infect your boot sector, infect all of your executable files, and destroy your applications files form part of?
    • A. 

      Multipartite Virus

    • B. 

      Companion Virus

    • C. 

      Phage Virus

    • D. 

      Armored Virus

  • 47. 
      Which description is correct about a tool used by organizations to verify whether or not a staff member has been involved in malicious activity?
    • A. 

      Implicit deny

    • B. 

      Implicit allow

    • C. 

      Time of day restrictions

    • D. 

      Mandatory vacations

  • 48. 
      Which of the following is MOST effective in preventing adware?
    • A. 

      HIDS

    • B. 

      Antivirus

    • C. 

      Firewall

    • D. 

      Pop-up blocker

  • 49. 
      Choose the most effective method of preventing computer viruses from spreading throughout the network
    • A. 

      You should prevent the execution of .vbs files

    • B. 

      You should enable scanning of all email attachments

    • C. 

      You should require root/administrator access to run programs and applications

    • D. 

      You should install a host based IDS (Intrusion Detection System)

  • 50. 
      Choose the attack of malicious code that cannot be prevented or deterred solely through using technical measures
    • A. 

      Social engineering

    • B. 

      Dictionary attacks

    • C. 

      Man in the middle attacks

    • D. 

      DoS (Denial of Service) attacks

  • 51. 
      Study the following items carefully; which one will permit a user to float a domain registration for a maximum of five days?
    • A. 

      Spoofing

    • B. 

      Kiting

    • C. 

      DNS poisoning

    • D. 

      Domain hijacking

  • 52. 
      Which of the following web vulnerabilities is being referred to when it receives more data than it is programmed to accept?
    • A. 

      Cookies

    • B. 

      Buffer Overflows

    • C. 

      CGI

    • D. 

      SMTP relay

  • 53. 
      Choose the statement which best defines the characteristics of a computer virus.
    • A. 

      A computer virus is a find mechanism, initiation mechanism and can propagate

    • B. 

      A computer virus is a search mechanism, connection mechanism and can integrate

    • C. 

      A computer virus is a learning mechanism, contamination mechanism and can exploit

    • D. 

      A computer virus is a replication mechanism, activation mechanism and has an objective

  • 54. 
      Choose the statement that best details the difference between a worm and a Trojan horse?
    • A. 

      Worms are a form of malicious code while Trojan horses are not

    • B. 

      Worms are distributed through email messages while Trojan horses do not

    • C. 

      Worms self replicate while Trojan horses do not

    • D. 

      There is no difference between a worm and a Trojan horse

  • 55. 
      Which security threat will affect PCs and can have its software updated remotely by a command and control center?
    • A. 

      Virus

    • B. 

      Adware

    • C. 

      Zombie

    • D. 

      Worm

  • 56. 
      On the topic of comparing viruses and hoaxes, which statement is TRUE?
    • A. 

      Hoaxes can help educate users about a virus

    • B. 

      Hoaxes carry a malicious payload and can be destructiv

    • C. 

      Hoaxes can create as much damage as a real virus

    • D. 

      Hoaxes are harmless pranks and should be ignored

  • 57. 
      Malicious code that enters a target system, lays dormant until a user opens the certain program then deletes the contents of attached network drives and removable storage devices is known as a:  
    • A. 

      Honeypot

    • B. 

      Logic bomb

    • C. 

      Trojan horse

    • D. 

      Worm

  • 58. 
      Which of the following types of attacks is BEST described as an attacker capturing part of a communication and later sending that communication segment to the server while pretending to be the client?
    • A. 

      Man in the middle

    • B. 

      TCP/IP hijacking

    • C. 

      Back door

    • D. 

      Replay

  • 59. 
      Malicious software that travels across computer networks without user assistance is an example of a:
    • A. 

      Logic bomb

    • B. 

      Worm

    • C. 

      Trojan horse

    • D. 

      Virus

  • 60. 
      Which of the following access attacks would involve looking through your files in the hopes of finding something interesting?
    • A. 

      Snooping

    • B. 

      Eavesdropping

    • C. 

      Interception

    • D. 

      None of the above

  • 61. 
      Which of the following is a major reason that social engineering attacks succeed?
    • A. 

      Multiple logins are allowed

    • B. 

      Lack of security awareness

    • C. 

      Audit logs are not monitored frequently

    • D. 

      Strong passwords are not required

  • 62. 
      Which of the following types of malicious software travels across computer networks without requiring a user to distribute the software?
    • A. 

      Logic bomb

    • B. 

      Virus

    • C. 

      Worm

    • D. 

      Trojan horse

  • 63. 
      Disguising oneself as a reputable hardware manufacturer’s field technician who is picking up a server for repair would be described as:
    • A. 

      A phishing attack

    • B. 

      Social engineering

    • C. 

      A Trojan horse

    • D. 

      A man-in-the-middle attack

  • 64. 
      For the following items, which is an example of an attack that executes once a year on a certain date?
    • A. 

      Worm

    • B. 

      Logic bomb

    • C. 

      Rootkit

    • D. 

      Virus

  • 65. 
      A user downloads and installs a new screen saver and the program starts to rename and delete random files. Which of the following would be the BEST description of this program?
    • A. 

      Logic bomb

    • B. 

      Virus

    • C. 

      Worm

    • D. 

      Trojan horse

  • 66. 
      A person pretends to be a telecommunications repair technician, enters a building stating that there is a networking trouble work order and requests that a security guard unlock the wiring closet. The person connects a packet sniffer to the network switch in the wiring closet and hides the sniffer behind the switch against the wall. This is an example of:
    • A. 

      A man in the middle attack

    • B. 

      Social engineering

    • C. 

      A penetration test

    • D. 

      A vulnerability scan

  • 67. 
      Which one of the following options will permit an attacker to hide the presence of malicious code through altering the systems process and registry entries?
    • A. 

      Rootkit

    • B. 

      Worm

    • C. 

      Logic bomb

    • D. 

      Trojan

  • 68. 
      Which of the following describes a server or application that is accepting more input than the server or application is expecting?
    • A. 

      Syntax error

    • B. 

      Denial of service (DoS)

    • C. 

      Brute force

    • D. 

      Buffer overflow

  • 69. 
      In order to recover discarded company documents, which of the following might an attacker resort to?
    • A. 

      Insider theft

    • B. 

      Shoulder surfing

    • C. 

      Dumpster diving

    • D. 

      Phishing

  • 70. 
      A denial-of-service attack (DOS attack or distributed denial-of-service (DDoS) is an attempt to make computer resource unavailable to its intended users. Which method can be used to perform denial of service (DoS)?
    • A. 

      Spyware

    • B. 

      Adware

    • C. 

      Malware

    • D. 

      Botnet

  • 71. 
      From the following items, which will permit a user to float a domain registration for a maximum of five days?
    • A. 

      DNS poisoning

    • B. 

      Domain hijacking

    • C. 

      Spoofing

    • D. 

      Kiting

  • 72. 
      Which of the following definitions would be correct regarding Active Inception?
    • A. 

      Placing a computer system between the sender and receiver to capture information

    • B. 

      Someone looking through your files

    • C. 

      Involve someone who routinely monitors network traffic

  • 73. 
      Which of the following definitions would be correct regarding Eavesdropping?
    • A. 

      Someone looking through your files

    • B. 

      Involve someone who routinely monitors network traffic

    • C. 

      Listening or overhearing parts of a conversation

    • D. 

      Placing a computer system between the sender and receiver to capture information

  • 74. 
      Which of the following describes an attacker encouraging a person to perform an action in order to be successful?
    • A. 

      Back door

    • B. 

      Social engineering

    • C. 

      Password guessing

    • D. 

      Man in the middle

  • 75. 
      Social engineering attacks would be MOST effective in which of the following environments (Select TWO).
    • A. 

      A locked, windowless building

    • B. 

      A company with a dedicated information technology (IT) security staff

    • C. 

      A public building that has shared office space

    • D. 

      A company with a help desk whose personnel have minimal training

    • E. 

      Military facility with computer equipment containing biometrics

  • 76. 
      Which scanner can find a rootkit?
    • A. 

      Email scanner

    • B. 

      Malware scanner

    • C. 

      Anti-spam scanner

    • D. 

      Adware scanner

  • 77. 
      A user has received an email from a mortgage company asking for personal information including bank account numbers. This would BEST be described as:
    • A. 

      Spam

    • B. 

      A hoax

    • C. 

      Packet sniffing

    • D. 

      Phishing

  • 78. 
      Turnstiles, double entry doors and security guards are all prevention measures for which of the following types of social engineering?
    • A. 

      Looking through a co-worker’s trash

    • B. 

      Impersonation

    • C. 

      Piggybacking

    • D. 

      Looking over a co-workers shoulder to retrieve information

  • 79. 
      Which of the following attacks are being referred to if the attack involves the attacker gaining access to a host in the network and logically disconnecting it?
    • A. 

      ICMP Attacks

    • B. 

      UDP Attack

    • C. 

      Smurf Attacks

    • D. 

      TCP/IP Hijacking

  • 80. 
      One of the below options are correct regarding the Distributed Denial of Service (DDoS) attack?
    • A. 

      Use of multiple computers to attack a single organization

    • B. 

      Placing a computer system between the sender and receiver to capture information

    • C. 

      Prevention access to resources by users authorized to use those resources

    • D. 

      Listening or overhearing parts of a conversation

  • 81. 
      John works as a network administrator for his company. On the monthly firewall log, he discovers that many internal PCs are sending packets on a routine basis to a single external PC. Which statement correctly describes what is happening?
    • A. 

      The remote PC has a zombie master application running and the local PCs have a zombie slave application running

    • B. 

      The remote PC has a spam slave application running and the local PCs have a spam master application running

    • C. 

      The remote PC has a zombie slave application running and the local PCs have a zombie master application running

    • D. 

      The remote PC has a spam master application running and the local PCs have a spam slave application running

  • 82. 
      One type of network attack sends two different messages that use the same hash function to generate the same message digest. Which network attack does this?
    • A. 

      Brute force attack

    • B. 

      Ciphertext only attack

    • C. 

      Birthday attack

    • D. 

      Man in the middle attack

  • 83. 
      Which one of the following options overwrites the return address within a program to execute malicious code?
    • A. 

      Logic bomb

    • B. 

      Privilege escalation

    • C. 

      Rootkit

    • D. 

      Buffer overflow

  • 84. 
      From the listing of attacks, which method analyzes how the operating system (OS) responds to specific network traffic, in an attempt to determine which operating system is running in your networking environment?
    • A. 

      Footprinting

    • B. 

      Host hijacking

    • C. 

      Reverse engineering

    • D. 

      Operating system scanning

  • 85. 
      Which of the following can affect heaps and stacks?
    • A. 

      Buffer Overflow

    • B. 

      Rootkits

    • C. 

      SQL injection

    • D. 

      Cross-site scripting

  • 86. 
      Which of the following are characteristics of a virus where the virus will attempt to avoid detection by masking itself from applications. It may attach itself to the boot sector of the hard drive, form part of?
    • A. 

      Polymorphic virus

    • B. 

      Trojan horse virus

    • C. 

      Retrovirus

    • D. 

      Stealth virus

  • 87. 
      Which of the following common attacks would the attacker capture the user’s login information and replay it again later?
    • A. 

      Back Door Attacks

    • B. 

      Man In The Middle

    • C. 

      Replay Attack

    • D. 

      Spoofing

  • 88. 
      From the listing of attacks, choose the attack which exploits session initiation between a Transport Control Program (TCP) client and server within a network?
    • A. 

      SYN attack

    • B. 

      Smurf attack

    • C. 

      Birthday attack

    • D. 

      Buffer Overflow attack

  • 89. 
      From the listing of attacks, choose the attack which misuses the TCP (Transmission Control Protocol) three-way handshake process, in an attempt to overload network servers, so that authorized users are denied access to network resources?
    • A. 

      SYN (Synchronize) attack

    • B. 

      Teardrop attack

    • C. 

      Man in the middle attack

    • D. 

      Smurf attack

  • 90. 
      Which of the below options would you consider as a program that constantly observes data traveling over a network?
    • A. 

      Sniffer

    • B. 

      Smurfer

    • C. 

      Fragmenter

    • D. 

      Spoofer

  • 91. 
      Which of the following types of programs autonomously replicates itself across networks?
    • A. 

      Worm

    • B. 

      Trojan horse

    • C. 

      Virus

    • D. 

      Spyware

  • 92. 
      Which of the following attacks are being referred to if packets are not connection-oriented and do not require the synchronization process?
    • A. 

      TCP/IP Hijacking

    • B. 

      ICMP Attacks

    • C. 

      Smurf Attacks

    • D. 

      UDP Attack

  • 93. 
      A programmer plans to change the server variable in the coding of an authentication function for a proprietary sales application. Which process should be followed before implementing the new routine on the production application server?
    • A. 

      Secure disposal

    • B. 

      Password complexity

    • C. 

      Change management

    • D. 

      Chain of custody

  • 94. 
      Who is finally in charge of the amount of residual risk?
    • A. 

      The DRP coordinator

    • B. 

      The organization’s security officer

    • C. 

      The senior management

    • D. 

      The security technician

  • 95. 
      What should be established immediately upon evidence seizure?
    • A. 

      Start the incident respond plan

    • B. 

      Forensic analysis

    • C. 

      Damage and loss control

    • D. 

      Chain of custody

  • 96. 
      The implicit deny will block anything you didn’t specifically allow but you may have allowed stuff that you don’t need. A technician is reviewing the system logs for a firewall and is told that there is an implicit deny within the ACL.Which is an example of an implicit deny?
    • A. 

      An implicit deny statement denies all traffic from one network to another

    • B. 

      Items which are not specifically given access are denied by default

    • C. 

      Each item is denied by default because of the implicit deny

    • D. 

      An ACL is a way to secure traffic from one network to another

  • 97. 
    The staff must be cross-trained in different functional areas in order to detect fraud.  Which of the following is an example of this?
    • A. 

      Implicit deny

    • B. 

      Least privelege

    • C. 

      Seperation of duties

    • D. 

      Job rotation

  • 98. 
    The first step in creating a security baseline would be?
    • A. 

      Installing software patches

    • B. 

      Vulnerability testing

    • C. 

      Identify the use case

    • D. 

      Creating a security policy

  • 99. 
    Sending a patch through a testing and approval process is an example of which option?
    • A. 

      User education and awareness training

    • B. 

      Acceptable use policies

    • C. 

      Change management

    • D. 

      Disaster planning

  • 100. 
    The first step in creating a security baseline would be?
    • A. 

      Identifying the use case

    • B. 

      Creating a security policy

    • C. 

      Vulnerability testing

    • D. 

      Installing sodftware patches

  • 101. 
    A newly hired security specialist is asked to evaluate the company's network security.  The security specialist discovers that users have installed personal software; the network has default settings and no patches have been installed and passwords are not required to be changed regularly.  Which of the following would be the FIRST step to take?
    • A. 

      Enforce the security policy

    • B. 

      Install software patches

    • C. 

      Disable non-essential services

    • D. 

      Password management

  • 102. 
    A computer system containing personal identification information is being implemented by the company's sales department.  The sales department has requested that the system become operational before a security review can be completed.  Which of the following can be used to explain the reasons a security review must be completed?
    • A. 

      Corporate security policy

    • B. 

      Need to know policy

    • C. 

      Vulnerability assessment

    • D. 

      Risk assessment

  • 103. 
    The main objective of risk management in an organization is to reduce risk to a level:
    • A. 

      The organization will accept

    • B. 

      The organization will mitigate

    • C. 

      Where the ALE is lower than the SLA

    • D. 

      Where the ALO equals the SLA

  • 104. 
    A representative from the human resources department informs a security specialist that an employee has been terminated.  Which of the following would be the BEST action to take?
    • A. 

      Contact the employee's supervisor regarding disposition of user accounts

    • B. 

      Hange the employee's user password and keep the data for a specified period

    • C. 

      Disable the employee's user accounts and delete all data

    • D. 

      Disable the employee's accounts and keep the data for a specified period

  • 105. 
    An end-to-end traffic performance guarantee made by a service provider to a customer is a:
    • A. 

      DRP

    • B. 

      VPN

    • C. 

      BCP

    • D. 

      SLA

  • 106. 
    You work as a network administrator for your company.  Your company has just detected a malware incident.  Which will be your first response?
    • A. 

      Monitor

    • B. 

      Removal

    • C. 

      Recovery

    • D. 

      Containment

  • 107. 
    Human resource personel should be trained about security policy:
    • A. 

      Maintenence

    • B. 

      Monitering and administration

    • C. 

      Guidelines and enforcement

    • D. 

      Implementation

  • 108. 
    Which of the following is not a step in the incident response?
    • A. 

      Eradication

    • B. 

      Recovery

    • C. 

      Repudiation

    • D. 

      Containment

  • 109. 
    A technician is conducting a forensic analysis on a computer system.  Which step should be taken FIRST?
    • A. 

      Search for Trojans

    • B. 

      Get a binary copy of the system

    • C. 

      Analyze temporary files

    • D. 

      Look for hidden files

  • 110. 
    What is the name of the form used while transferring evidence?
    • A. 

      Chain of custody

    • B. 

      Affidavit

    • C. 

      Evidence log

    • D. 

      Booking slip

  • 111. 
    In order to allow for more oversight of past transactions, a company decides to exchange positions of the purchasing agent and the accounts recievable agent.  Which is an example of this?
    • A. 

      Implicite deny

    • B. 

      Seperation of duties

    • C. 

      Job rotation

    • D. 

      Least privelege

  • 112. 
    Risk assessment is a common first step in risk management process.  Risk assessment is the determination of quantative or qualitative value of risk related to a concrete situationand a recognized threat (also called hazard).  As a best practice, risk assessments should be based upon which of the following?
    • A. 

      A survey of annual loss, potential threats and asset value

    • B. 

      An absolute measurement of threats

    • C. 

      A qualitative measure of risk and impact

    • D. 

      A quantative measurment of risk, impact and asset value

  • 113. 
    Which action should be performed when discovering an unauthorized wireless access point attached to a network?
    • A. 

      Unplug the Ethernet cable from the wireless access point

    • B. 

      Run a ping against the wireless access point

    • C. 

      Change the SSID on the wireless access point

    • D. 

      Enable MAC filtering on the wireless access point

  • 114. 
    A company's new employees are asked to sign a document that describes the methods of and purposes for accessing the company's IT systems.  Which of the following BEST describes this document.
    • A. 

      Privacy act of 1974

    • B. 

      Authorized Access Policy

    • C. 

      Due diligence form

    • D. 

      Acceptable Use Policy