Module III Certification Quiz Part 1

91 Questions | Total Attempts: 126

SettingsSettingsSettings
Please wait...
Module Quizzes & Trivia

Scoo quiz for security plus test test and test some more


Questions and Answers
  • 1. 
    Many unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated to stop this behavior. Which technology should be installed at the data center to prevent piggybacking?
    • A. 

      Token access

    • B. 

      Security badges

    • C. 

      Hardware locks

    • D. 

      Mantrap

  • 2. 
      Why will a Faraday cage be used?
    • A. 

      To minimize weak encryption

    • B. 

      To allow wireless usage

    • C. 

      To find rogue access points

    • D. 

      To mitigate data emanation

  • 3. 
      An enclosure that prevents radio frequency signals from emanating out of a controlled environment is BEST described as which of the following?
    • A. 

      Grounded wiring frame

    • B. 

      TEMPEST

    • C. 

      Faraday cage

    • D. 

      Mantrap

  • 4. 
      Which one of the following options will create a security buffer zone between two rooms?
    • A. 

      DMX

    • B. 

      Turnstile

    • C. 

      Mantrap

    • D. 

      Anti-pass back

  • 5. 
      As a network administrator you need to take personal safety into consideration. What fire suppression substances types can effectively prevent damage to electronic equipment?
    • A. 

      CO2

    • B. 

      Halon

    • C. 

      Water

    • D. 

      Foam

  • 6. 
      A Faraday case or Faraday shield is an enclosure formed by conducting material, or by a mesh of such material. Such an enclosure blocks out external static electrical fields. Faraday cages are named after physicist Michael Faraday, who built one in 1836. Which of the following would a Faraday cage prevent usage of?
    • A. 

      Uninterruptible Power Supply (UPS)

    • B. 

      Cell phone

    • C. 

      USB key

    • D. 

      Storage drive

  • 7. 
      An administrator wants to make sure that no equipment is damaged when encountering a fire or false alarm in the server room. Which type of fire suppression system should be used?
    • A. 

      Deluge sprinkler

    • B. 

      Hydrogen peroxide

    • C. 

      Wet pipe sprinkler

    • D. 

      Carbon dioxide

  • 8. 
      For the following options, which is an area of the network infrastructure that allows a technician to put public facing systems into it without compromising the entire infrastructure?
    • A. 

      VPN

    • B. 

      VLAN

    • C. 

      DMZ

    • D. 

      NAT

  • 9. 
      In computing, a stateful firewall (any firewall that performs stateful packet inspection (SPI) or stateful inspection) is a firewall that keeps track of the state of network connections (such as TCP streams, UDP communication) traveling across it. You have been studying stateful packet inspection and want to perform this security technique on the network. Which device will you use to BEST utilize stateful packet inspection?
    • A. 

      Switch

    • B. 

      IDS

    • C. 

      Hub

    • D. 

      Firewall

  • 10. 
      A company is upgrading the network and needs to reduce the ability of users on the same floor and network segment to see each other’s traffic. Which of the following network devices should be used?
    • A. 

      Switch

    • B. 

      Firewall

    • C. 

      Hub

    • D. 

      Router

  • 11. 
      Coaxial cable is a cable consisting of an inner conductor, surrounded by a tubular insulating layer typically made from a flexible material with a high dielectric constant, all of which is then surrounded by another conductive layer (typically of fine woven wire for flexibility, or of a then metallic foil), and then finally covered again with a thin insulating layer on the outside. Which is the primary security risk with coaxial cable?
    • A. 

      Data emanation from the core

    • B. 

      Refraction of the signal

    • C. 

      Crosstalk between the wire pairs

    • D. 

      Diffusion of the core light source

  • 12. 
      Which statement best describes a static NAT?
    • A. 

      A static NAT uses a one to many mapping

    • B. 

      A static NAT uses a many to many mapping

    • C. 

      A static NAT uses a many to one mapping

    • D. 

      A static NAT uses a one to one mapping

  • 13. 
      Which of the following is employed to allow distrusted hosts to connect to services inside a network without allowing the hosts direct access to the internal networks?
    • A. 

      Demilitarized zone (DMZ)

    • B. 

      VLAN

    • C. 

      Extranet

    • D. 

      Intranet

  • 14. 
      Which media is LEAST susceptible to a tap being placed on the line?
    • A. 

      Coaxial

    • B. 

      UTP

    • C. 

      Fiber

    • D. 

      STP

  • 15. 
      Fiber optic cable is considered safer than CAT5 because fiber optic cable (Select TWO)
    • A. 

      Can be run for a longer distance

    • B. 

      Is hard to tap into

    • C. 

      Is made of glass rather than copper

    • D. 

      Is more difficult o install

    • E. 

      Is not susceptible to interference

  • 16. 
      Which of the following types of firewalls provides inspection at layer 7 of the OSI model?
    • A. 

      Stateful inspection

    • B. 

      Packet filters

    • C. 

      Application-proxy

    • D. 

      Network address translation (NAT)

  • 17. 
      A software or hardware device that allows only authorized network traffic in or out of a computer or network is called a:
    • A. 

      Honeypot

    • B. 

      Packet sniffer

    • C. 

      Anti-virus program

    • D. 

      Firewall

  • 18. 
      Internet filter appliances/servers will most likely analyze which three items? (Select THREE)
    • A. 

      URLs

    • B. 

      Content

    • C. 

      CRLs

    • D. 

      Certificate

  • 19. 
      Which item will MOST likely permit an attacker to make a switch function like a hub?
    • A. 

      ARP poisoning

    • B. 

      MAC flooding

    • C. 

      DNS poisoning

    • D. 

      DNS spoofing

  • 20. 
      A company implements an SMTP server on their firewall. This implementation would violate which of the following security principles?
    • A. 

      Create an in-depth defense

    • B. 

      Address internal threats

    • C. 

      Keep the solution simple

    • D. 

      Use a device as intended

  • 21. 
      In computer networking, network address translation (NAT) is the process of modifying network address information in datagram packet headers while in transit across a traffic routing device for the purpose of remapping a given address space into another. Which description is true about a static NAT?
    • A. 

      A static NAT uses a many to one mapping

    • B. 

      A static NAT uses a one to one mapping

    • C. 

      A static NAT uses a many to many mapping

    • D. 

      A static NAT uses a one to many mapping

  • 22. 
      Which method is easiest to disable a 10Base2 network?
    • A. 

      Introduce crosstalk

    • B. 

      Install a zombie

    • C. 

      Remove a vampire tap

    • D. 

      Remove a terminator

  • 23. 
      A company wants to connect the network to a manufacturer’s network to be able to order parts. Which of the following types of networks should the company implement to provide the connection while limiting the services allowed over the connection?
    • A. 

      Extranet

    • B. 

      Scatternet

    • C. 

      Intranet

    • D. 

      VON

  • 24. 
      Which of the following portions of a company’s network is between the Internet and an internal network?
    • A. 

      Filter router

    • B. 

      Demilitarized zone (DMZ)

    • C. 

      Workstation

    • D. 

      IDS

  • 25. 
      The MOST common exploits of Internet-exposed network services are due to:
    • A. 

      Buffer overflows

    • B. 

      Active content (e.g. Java Applets)

    • C. 

      Trojan horse programs

    • D. 

      Illicit servers

  • 26. 
      A company wants to implement a VLAN. Senior management believes that VLAN will be secure because authentication is accomplished by MAC addressing and that dynamic trunking protocol (DTP) will facilitate network efficiency. Which of the following issues should be discussed with senior management before VLAN implementation?
    • A. 

      MAC addresses can be spoofed and DTP allow only authenticated users

    • B. 

      MAC addresses are a secure authentication mechanism and DTP allows rogue network devices to configure ports

    • C. 

      MAC addresses can be spoofed and DTP allows rogue network devices to configure ports

    • D. 

      MAC addresses are a secure authentication mechanism and DTP allows only authenticated users

  • 27. 
      Which of the following can be used to implement a procedure to control inbound and outbound traffic on a network segment?
    • A. 

      Proxy

    • B. 

      ACL

    • C. 

      NIDS

    • D. 

      HIDS

  • 28. 
      Which of the following is MOST often used to allow a client or partner access to a network?
    • A. 

      Intranet

    • B. 

      Demilitarized zone (DMZ)

    • C. 

      Extranet

    • D. 

      VLAN

  • 29. 
      Which of the following protocols are not recommended due to them supplying passwords and information over the network?
    • A. 

      SNMP (Simple Network Management Protocol)

    • B. 

      Internet Control Message Protocol (ICMP)

    • C. 

      Domain Name Service (DNS)

    • D. 

      Network News Transfer Protocol (NNTP)

  • 30. 
      In cryptography, a pre-shared key or PSK is a shared secret which was previously shared between the two parties using some secure channel before it needs to be used. Pre-shared keys can be applied to which of the following?
    • A. 

      TPM

    • B. 

      CA

    • C. 

      PGP

    • D. 

      Digital signature

  • 31. 
      On the basis of certain ports, which of the following will allow wireless access to network resources?
    • A. 

      802.1x

    • B. 

      802.11g

    • C. 

      802.11a

    • D. 

      802.11n

  • 32. 
      Which one of the following is not Bluetooth threat?
    • A. 

      Blue jacking

    • B. 

      Discovery mode

    • C. 

      A smurf attack

    • D. 

      Bluesnarfing

  • 33. 
      To keep an 802.11x network from being automatically discovered, a user should:
    • A. 

      Change the SSID name

    • B. 

      Activate the SSID password

    • C. 

      Turn off the SSID broadcast

    • D. 

      Leave the SSID default

  • 34. 
      A small manufacturing company wants to deploy secure wireless on their network. Which of the following wireless security protocols could be used (Select TWO)
    • A. 

      WPA

    • B. 

      WAN

    • C. 

      WEP

    • D. 

      IPX

  • 35. 
      What will be implemented by a technician to mitigate the chances of a successful attack against the wireless network?
    • A. 

      Implement an identification system and WPA2

    • B. 

      Implement an authentication system and WEP

    • C. 

      Implement a biometric system and WEP

    • D. 

      Implement an authentication system and WPA

  • 36. 
      The purpose of the SSID in a wireless network is to:
    • A. 

      Define the encryption protocols used

    • B. 

      Protect the client

    • C. 

      Secure the WAP

    • D. 

      Identify the network

  • 37. 
      A graphical user interface (GUI) is a type of user interface which allows people to interact with electronic devices such as computers; hand-held devices such as MP3 Players, Portable Media Players or Gaming devices; household appliances and office equipment. Which of the following will permit a technician to restrict a users Access to the GUI?
    • A. 

      Password policy enforcement

    • B. 

      Group policy implementation

    • C. 

      Use of logical tokens

    • D. 

      Access control lists

  • 38. 
      Which item best describes an instance where a biometric system identifies legitimate users as being unauthorized?
    • A. 

      False acceptance

    • B. 

      False negative

    • C. 

      False positive

    • D. 

      False rejection

  • 39. 
      You work as a network technician. You have been asked to reconstruct the infrastructure of an organization. You should make sure that the virtualization technology is implemented securely. What should be taken into consideration while implementing virtualization technology?
    • A. 

      The technician should perform penetration testing on all the virtual servers to monitor performance

    • B. 

      The technician should verify that the virtual servers and the host have the latest service packs and patches applied

    • C. 

      The technician should verify that the virtual servers are dual homed so that traffic is securely separated

    • D. 

      The technician should subnet the network so each virtual server is on a different network segment

  • 40. 
      Which method can be used to correct a single security issue on a workstation?
    • A. 

      A patch

    • B. 

      A service pack

    • C. 

      Patch management

    • D. 

      Configuration baseline

  • 41. 
      While hardening an operating system, which item is LEAST effective?
    • A. 

      Configuration baselines

    • B. 

      Limiting administrative privileges

    • C. 

      Installing HIDS

    • D. 

      Install a software firewall

  • 42. 
      Which of the following needs to be backed up on a domain controller to be able to recover Active Directory?
    • A. 

      System state

    • B. 

      Operating system

    • C. 

      System files

    • D. 

      User date

  • 43. 
      Which of the following is the BEST place to obtain a hotfix or patch for an application or system?
    • A. 

      A news group or forum

    • B. 

      A CD-ROM

    • C. 

      An email from the vendor

    • D. 

      The manufacturer’s website

  • 44. 
      The Light Weight Directory Access Protocol or LDAP is an application protocol for querying and modifying directory services running over TCP/IP. A user needs to implement secure LDAP on the network. Which port number will secure LDAP use by default?
    • A. 

      389

    • B. 

      443

    • C. 

      636

    • D. 

      53

  • 45. 
      Which action should be performed to harden workstations and servers?
    • A. 

      Check the logs regularly

    • B. 

      Install only needed software

    • C. 

      Report all security incidents

    • D. 

      Log on only as the administrator

  • 46. 
      Which description is correct about the standard load for all systems?
    • A. 

      Configuration baseline

    • B. 

      Security template

    • C. 

      Group policy

    • D. 

      Patch management

  • 47. 
      Which of the following is an installable package that includes several patches from the same vendor for various applications?
    • A. 

      Service pack

    • B. 

      Hotfix

    • C. 

      Patch rollup

    • D. 

      Patch template

  • 48. 
      Kerberos uses which of the following ports by default?
    • A. 

      88

    • B. 

      139

    • C. 

      23

    • D. 

      443

  • 49. 
      Non-essential services are often appealing to attackers because non-essential services: (Select TWO)
    • A. 

      Are not visible to an IDS

    • B. 

      Consume less bandwidth

    • C. 

      Sustain attacks that go unnoticed

    • D. 

      Provide root level access

    • E. 

      Are not typically configured correctly

  • 50. 
      Your company has already implemented two-factor authentication and wants to install a third authentication factor. If the existing authentication system uses strong passwords and PKI tokens, which item would provide a third factor?
    • A. 

      Pass phrases

    • B. 

      Six digit PINs

    • C. 

      Elliptic curve

    • D. 

      Fingerprint scanner

  • 51. 
      Which of the following network authentication protocols uses symmetric key cryptography, stores a shared key for each network resource and uses a Key Distribution Center (KDC)?
    • A. 

      Kerberos

    • B. 

      TACACS+

    • C. 

      RADIUS

    • D. 

      PKI

  • 52. 
      Which of the following are components of host hardening? (Select TWO) Choose at least one answer.
    • A. 

      Adding users to the administrator group

    • B. 

      Disabling unnecessary services

    • C. 

      Removing a user’s access to the user’s data

    • D. 

      Applying patches

    • E. 

      Configuring the Start menu and Desktop

  • 53. 
      Why is malware that uses virtualization techniques difficult to detect?
    • A. 

      A portion of the malware may have been removed by the IDS

    • B. 

      The malware may be running at a more privileged level than the antivirus software

    • C. 

      The malware may be using a Trojan to infect the system

    • D. 

      The malware may be implementing a proxy server for command and control

  • 54. 
      When a new network device is configured for first-time installation, which of the following is a security threat?
    • A. 

      Use of default passwords

    • B. 

      Denial of Service (DoS)

    • C. 

      Installation of a back door

    • D. 

      Attacker privilege escalation

  • 55. 
      Default passwords in hardware and software should be changed ________________.
    • A. 

      Once each month

    • B. 

      If a threat becomes known

    • C. 

      When the hardware or software is turned on

    • D. 

      When the vendor requires it

  • 56. 
      Which technology is able to isolate a host OS from some types of security threats?
    • A. 

      Intrusion detection

    • B. 

      Cloning

    • C. 

      Virtualization

    • D. 

      Kiting

  • 57. 
      Why do security researchers often use virtual machines? Choose one answer.
    • A. 

      To offer a virtual collaboration environment to discuss security research

    • B. 

      To offer an environment where new network applications can be tested

    • C. 

      To offer a secure virtual environment to conduct online deployments

    • D. 

      To offer an environment where malware can be executed with minimal risk to equipment and software

  • 58. 
      Identify the item that can determine which flags are set in a TCP/IP handshake
    • A. 

      Protocol analyzer

    • B. 

      FIN/RST

    • C. 

      Network mapper

    • D. 

      SYN/ACK

  • 59. 
      Which item specifies a set of consistent requirements for a workstation or server?
    • A. 

      Vulnerability assessment

    • B. 

      Configuration baseline

    • C. 

      Imaging software

    • D. 

      Patch management

  • 60. 
      Which of the following statements is TRUE regarding the Security Token system?
    • A. 

      If your token does not grant you access to certain information, that information will either not be displayed or your access will be denied. The authentication system creates a token every time a user or a session begins. At the completion of a session, the token is destroyed.

    • B. 

      A certificate being handed from the server to the client once authentication has been established. If you have a pass, you can wander throughout the network. BUT limited access is allowed.

    • C. 

      The initiator sends logon request from the client to the server. The server sends a challenge back to the client. The challenge is encrypted and then sent back to the server the server compares the value from the client and if the information matches, the server grants authorization. If the response fails, the session fails and the request phase starts over.

    • D. 

      The authentication process uses a Key Distribution Center (KDC) to orchestrate the entire process. The KDC authenticates the network. Principles can be users, programs, or systems. The KDC provides a ticket to the network. Once this ticket is issued, it can be used to authenticate against other principles. This occurs automatically when a request or service is performed by another network.

  • 61. 
      After the maximum number attempts have failed, which of the following could set an account to lockout for 30 minutes?
    • A. 

      Account lockout threshold

    • B. 

      Password complexity requirements

    • C. 

      Account lockout duration

    • D. 

      Key distribution center

  • 62. 
      When setting password rules, which of the following would lower the level of security of a network?
    • A. 

      After a set number of failed attempts the server will lock out any user account forcing the user to call the administrator to re-enable the account

    • B. 

      Complex passwords that users cannot remotely change are randomly generated by the administrator and given to users

    • C. 

      Passwords must be greater than six characters and contact at least one non-alpha

    • D. 

      All passwords are set to expire at regular intervals and users are required to choose new passwords that have not been used before

  • 63. 
      A graphical user interface (GUI) is a type of user interface which allows people to interact with electronic devices such as computers; hand-held devices such as MP3 player, Portable Media Player or Gaming device; household appliances and office equipment. Which of the following will allow a technician to restrict a user access to the GUI?
    • A. 

      User of logical token

    • B. 

      Group policy implementation

    • C. 

      Access control lists

    • D. 

      password policy enforcement

  • 64. 
      After installing new software on a machine, what needs to be updated to the baseline?
    • A. 

      Anomaly-based NIDS

    • B. 

      Signature-based NIPS

    • C. 

      Honeypot

    • D. 

      Signature-based NIDS

  • 65. 
      Which of the following is a nonessential protocol and service?
    • A. 

      Internet Control Message Protocol (ICMP)

    • B. 

      TFTP (Trivial File Transfer Protocol)

    • C. 

      Network News Transfer Protocol (NNTP)

    • D. 

      Domain Name Service (DNS)

  • 66. 
      Which of the following authentication systems make use of the KDC Key Distribution Center?
    • A. 

      Security Tokens

    • B. 

      CHAP

    • C. 

      Certificates

    • D. 

      Kerberos

  • 67. 
      In computing, virtualization is a broad term that refers to the abstraction of computer resources. Which is a security reason to implement virtualization throughout the network infrastructure?
    • A. 

      To centralize the patch management of network servers

    • B. 

      To analyze the various network traffic with protocol analyzers

    • C. 

      To isolate the various network services and role

    • D. 

      To implement additional network services at a lower cost

  • 68. 
      For the following items, which is a security limitation of virtualization technology?
    • A. 

      Patch management become more time consuming

    • B. 

      It increases false positive of the NIDS

    • C. 

      If an attack occurs, it could potentially disrupt multiple servers

    • D. 

      A compromise of one instance will immediately compromise all instances

  • 69. 
      Which goals can be achieved by use of security templates? Choose two.
    • A. 

      To ensure that performance is standardized across all servers

    • B. 

      To ensure that PKI will work properly within the company trust model

    • C. 

      To ensure that all servers start from a common security configuration

    • D. 

      To ensure that servers are in compliance with the corporate security policy

  • 70. 
      The hashing algorithm is created from a hash value, making it nearly impossible to derive the original input number. Which item can implement the strongest hashing algorithm?
    • A. 

      LANMAN

    • B. 

      NTLM

    • C. 

      NTLMv2

    • D. 

      VLAN

  • 71. 
      Which security policy will be most likely used while attempting to mitigate the risks involved with allowing a user to access company email via their cell phone?
    • A. 

      The cell phone data should be encrypted according to NIST standards

    • B. 

      The cell phone should require a password after a set period of inactivity

    • C. 

      The cell phone should only be used for company related emails

    • D. 

      The cell phone should have data abilities disabled

  • 72. 
      What are best practices while installing and securing a new system for a home user? (Select THREE)
    • A. 

      Apply all system patches

    • B. 

      Apply all service packs

    • C. 

      Install remote control software

    • D. 

      Use a strong firewall

  • 73. 
      In which authentication model is a ticket granting server an important concept?
    • A. 

      RADIUS

    • B. 

      CHAP

    • C. 

      Kerberos

    • D. 

      PAP

  • 74. 
      Which item can reduce the attack surface of an operating system?
    • A. 

      Installing antivirus

    • B. 

      Installing HIDS

    • C. 

      Patch management

    • D. 

      Disabling unused services

  • 75. 
      Which definition best defines what a challenge-response session is?
    • A. 

      A challenge-response session is a special hardware device used to produce random text in a cryptography system.

    • B. 

      A challenge-response session the authentication mechanism in the workstation or system that does not determine whether the owner should be authenticated.

    • C. 

      A challenge-response session is a workstation or system that produces a random challenge string that the user provides, when prompted, in conjunction with the proper PIN (Personal Identification Number).

    • D. 

      A challenge-response session is a workstation or system that produces a random login ID that the user provides, when prompted, in conjunction with the proper PIN (Personal Identification Number).

  • 76. 
      Which of the following BEST describes the baseline process of securing devices on a network infrastructure?
    • A. 

      Enumerating

    • B. 

      Passive detection

    • C. 

      Active prevention

    • D. 

      Hardening

  • 77. 
      Virtualized applications, such as virtualized browsers, can protect the underlying operating system from which of the following?
    • A. 

      Phishing and spam attacks

    • B. 

      Man-in-the-middle attacks

    • C. 

      DDoS attacks against the underlying OS

    • D. 

      Malware installation from suspect Internet sites

  • 78. 
      For which reason are clocks used in Kerberos authentication?
    • A. 

      Clocks are used to generate the seed value for the encryption keys

    • B. 

      Clocks are used to ensure proper connections

    • C. 

      Clocks are used to ensure that tickets expire correctly

    • D. 

      Clocks are used to both benchmark and specify the optimal encryption algorithm.

  • 79. 
      Which description is correct about a way to prevent buffer overflows?
    • A. 

      Monitor P2P program usage through content filters

    • B. 

      Apply all security patches to workstations

    • C. 

      Apply group policy management techniques

    • D. 

      Apply security templates enterprise wide

  • 80. 
      In computing, the Basic Input/Output System (BIOS, also known as the System BIOS), is a de facto standard defining a firmware interface for IBM PC compatible computers. A user is concerned with the security of their laptops BIOS. Their user would not like anyone to be able to access control functions except themselves. Which of the following could make the BIOS more secure?
    • A. 

      Encrypt the hard drive

    • B. 

      Flash the BIOS

    • C. 

      Create an access- list

    • D. 

      Password

  • 81. 
      Which of the following would be the BEST reason to disable unnecessary services on a server?
    • A. 

      Attack surface and opportunity for compromise

    • B. 

      Not starting a service will save system memory and reduce startup time

    • C. 

      Services can be re-enabled if needed at a later time

    • D. 

      If a service doesn’t support the function of the server the service won’t be missed

  • 82. 
      Which description is true about the process of securely removing information from media (e.g. hard drive) for future use?
    • A. 

      Reformatting

    • B. 

      Sanitization

    • C. 

      Deleting

    • D. 

      Destruction

  • 83. 
      In computing, a Uniform Resource Identifier (URI) that specifies where an identified resource is available and the mechanism for retrieving it. When a user attempts to go to a website, he notices the URI has changed, which attack will most likely cause the problem?
    • A. 

      ARP poisoning

    • B. 

      DNS poisoning

    • C. 

      DDoS attack

    • D. 

      DLL injection

  • 84. 
      Users are using thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. Which mitigation technique would address this concern (Select TWO)
    • A. 

      Run spyware detection against all workstations

    • B. 

      Apply the concept of least privilege to USB devices

    • C. 

      Disable USB within the workstations BIOS

    • D. 

      Disable the USB root hub within the OS

  • 85. 
      A DNS (Domain Name Service) server uses a specific port number. Choose this port number from the options:
    • A. 

      Port 53

    • B. 

      Port 32

    • C. 

      Port 16,777,216

    • D. 

      Port 65,535

  • 86. 
      The purpose of a DNS server is to enable people and applications to lookup records in DNS tables. Why implement security logging on a DNS server?
    • A. 

      To control unauthorized DNS DoS

    • B. 

      To measure the DNS server performance

    • C. 

      To monitor unauthorized zone transfers

    • D. 

      To perform penetration testing on the DNS server

  • 87. 
      Which one of the following processes is best to remove Personally Identifiable Information (PII) data from a disk drive before reuse?
    • A. 

      Reformatting

    • B. 

      Sanitization

    • C. 

      Degaussing

    • D. 

      Destruction

  • 88. 
      Removable storage has been around almost as long as the computer itself. Which of the following is the GREATEST security risk regarding removable storage?
    • A. 

      Not enough space available

    • B. 

      Confidentiality of data

    • C. 

      Availability of data

    • D. 

      Integrity of data

  • 89. 
      Which threat is increased by the availability of portable external storage such as USB hard drives to networks?
    • A. 

      Removal of sensitive and PII data

    • B. 

      Introduction of rogue wireless access points

    • C. 

      Increased loss business data

    • D. 

      Introduction of material on to the network

  • 90. 
      An accountant has logged onto the company’s outside banking website. An administrator uses a TCP/IP monitoring tool to discover that the accountant was actually using a spoofed banking website. What most likely caused this attack? (Select TWO)
    • A. 

      Altered hosts file

    • B. 

      Bluesnarfing

    • C. 

      DNS poisoning

    • D. 

      Network mapper

  • 91. 
      Which of the following BEST describes an attempt to transfer DNS zone data?
    • A. 

      Teardrop

    • B. 

      Evasion

    • C. 

      Reconnaissance

    • D. 

      Fraggle