SEC+ Study Guide C

Approved & Edited by ProProfs Editorial Team

The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.

Learn about Our Editorial Process

| By Ctstravis

Ctstravis

Community Contributor

Quizzes Created: 8 | Total Attempts: 2,372

Questions: 100 | Attempts: 95 | Updated: Jan 25, 2024

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

201-300

Questions and Answers

1.

QUESTION NO: 201 A user does not understand why the domain password policy is so stringent. Which of the following BEST demonstrates the security basis for the password policy?
- A.
  
  Explain how easy it is for a hacker to crack weak passwords.
- B.
  
  Show the user a domain overview, including a list of weak passwords
- C.
  
  Refer the user to a strong password demonstrator.
- D.
  
  Ask the user to review the corporate policies and procedures manual.
Correct Answer
A. Explain how easy it is for a hacker to crack weak passwords.

Explanation
The correct answer is to explain how easy it is for a hacker to crack weak passwords. By explaining the vulnerabilities of weak passwords, the user can understand the importance of having a stringent password policy. This approach helps to educate the user about the potential risks and consequences of using weak passwords, which ultimately promotes a stronger security mindset among users.

Rate this question:
2.

QUESTION NO: 202 A company needs to have multiple servers running low CPU utilization applications. Which of the following is the MOST cost efficient method for accomplishing this?
- A.
  
  Install multiple high end servers, sharing a clustered network operating system.
- B.
  
  Install a single low end server, running multiple virtual servers
- C.
  
  Install a single high end server, running multiple virtual servers.
- D.
  
  Install multiple low end servers, each running a network operating system.
Correct Answer
C. Install a single high end server, running multiple virtual servers.

Explanation
Installing a single high-end server and running multiple virtual servers is the most cost-efficient method because it eliminates the need for purchasing and maintaining multiple physical servers. Virtualization allows for the efficient utilization of hardware resources, reducing costs associated with power consumption, cooling, and hardware maintenance. Additionally, it provides flexibility and scalability, allowing for easy deployment and management of additional virtual servers as needed.

Rate this question:
3.

QUESTION NO: 203 A programmer creates an application to accept data from a websitE. A user places more information than the program expects in the input field resulting in the back end database placing the extra information into the databasE. Which of the following is this an example of?
- A.
  
  Java input error
- B.
  
  Cross-site scripting
- C.
  
  Buffer overflow
- D.
  
  SQL injection
Correct Answer
D. SQL injection

Explanation
This is an example of SQL injection. SQL injection is a code injection technique that attackers use to exploit vulnerabilities in a web application's database layer. In this scenario, the user input is not properly validated or sanitized, allowing the user to insert additional SQL statements into the input field. This can lead to unauthorized access, data manipulation, or even complete control of the database.

Rate this question:
4.

QUESTION NO: 204 Which of the following security threats is MOST commonly associated with a targeted distributed denial of service (DDoS)?
- A.
  
  Viruses
- B.
  
  Worms
- C.
  
  Botnets
- D.
  
  Trojans
Correct Answer
C. Botnets

Explanation
A targeted distributed denial of service (DDoS) attack involves flooding a target system with an overwhelming amount of traffic, rendering it unable to function properly. Botnets, which are networks of compromised computers controlled by a central attacker, are commonly used to launch DDoS attacks. The attacker can direct the botnet to send a massive amount of traffic to the target system, causing it to become overwhelmed and unavailable to legitimate users. Therefore, botnets are the most commonly associated security threat with a targeted DDoS attack.

Rate this question:
5.

QUESTION NO: 205 A developer added code to a financial system designed to transfer money to a foreign bank account on a specific time and date. The code would activate only if human resources processed the developers termination papers. The developer implemented which of the following security threats?
- A.
  
  Logic bomb
- B.
  
  Rootkit
- C.
  
  Botnet
- D.
  
  Privilege escalation
Correct Answer
A. Logic bomb

Explanation
The correct answer is "Logic bomb." In this scenario, the developer added code to the financial system that would activate and transfer money to a foreign bank account only if the developer's termination papers were processed by human resources. This is a classic example of a logic bomb, which is a malicious code that is intentionally inserted into a system to execute a harmful action at a specific time or under specific conditions.

Rate this question:
6.

QUESTION NO: 206 A CEO is concerned about staff browsing inappropriate material on the Internet via HTTPS. It has been suggested that the company purchase a product which could decrypt the SSL session, scan the content and then repackage the SSL session without staff knowing. Which of the following type of attacks is similar to this product?
- A.
  
  Replay
- B.
  
  Spoofing
- C.
  
  TCP/IP hijacking
- D.
  
  Man-in-the-middle
Correct Answer
D. Man-in-the-middle

Explanation
The correct answer is Man-in-the-middle. Man-in-the-middle attack is similar to the suggested product because it involves intercepting and manipulating communication between two parties without their knowledge. In this case, the product would intercept the SSL session, decrypt it, scan the content for inappropriate material, and then repackage the session without the staff knowing. This allows the company to monitor and control the content accessed by the staff, similar to how a man-in-the-middle attack allows an attacker to eavesdrop on and manipulate communication between two parties.

Rate this question:
7.

QUESTION NO: 207 After a system risk assessment was performed it was found that the cost to mitigate the risk was higher than the expected loss if the risk was actualized. In this instance, which of the following is the BEST course of action?
- A.
  
  Accept the risk
- B.
  
  Mitigate the risk
- C.
  
  Reject the risk
- D.
  
  Run a new risk assessment
Correct Answer
A. Accept the risk

Explanation
In this scenario, accepting the risk is the best course of action because the cost to mitigate the risk is higher than the expected loss. This means that it would be more cost-effective to accept the risk and deal with any potential consequences if the risk is actualized, rather than spending more money to try and mitigate the risk. Rejecting the risk or running a new risk assessment would not be necessary or beneficial in this case.

Rate this question:
8.

QUESTION NO: 208 A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protecteD. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If determining the risk, which of the following is the annual loss expectancy (ALE)?
- A.
  
  $2,700
- B.
  
  $4,500
- C.
  
  $5,000
- D.
  
  $7,290
Correct Answer
D. $7,290

Explanation
The annual loss expectancy (ALE) can be calculated by multiplying the annual rate of occurrence (ARO) with the single loss expectancy (SLE). In this case, the ARO is 90% or 0.9, and the SLE can be calculated by multiplying the cost of restoring services ($90 per hour * 3 hours * 30 staff) which equals $8,100. Therefore, the ALE is $0.9 * $8,100 = $7,290.

Rate this question:
9.

QUESTION NO: 209 A technician is deciding between implementing a HIDS on the database server or implementing a NIDS. Which of the following are reasons why a NIDS may be better to implement? (Select TWO).
- A.
  
  Many HIDS require frequent patches and updates.
- B.
  
  Many HIDS are not able to detect network attacks.
- C.
  
  Many HIDS have a negative impact on systemperformance
- D.
  
  Many HIDS only offer a low level of detection granularity.
- E.
  
  Many HIDS are not good at detecting attacks on database servers.
Correct Answer(s)
B. Many HIDS are not able to detect network attacks.
C. Many HIDS have a negative impact on systemperformance

Explanation
A NIDS may be better to implement because many HIDS are not able to detect network attacks, meaning they would not be effective in identifying and preventing attacks that originate from the network. Additionally, many HIDS have a negative impact on system performance, which could slow down the database server and affect its overall functionality.

Rate this question:
10.

QUESTION NO: 210 Which of the following scenarios is MOST likely to benefit from using a personal software firewall on a laptop?
- A.
  
  Remote access user connecting via SSL VPN
- B.
  
  Office laptop connected to the enterprise LAN
- C.
  
  Remote access user connecting via corporate dial-in server
- D.
  
  Office laptop connected to a homeusers network
Correct Answer
D. Office laptop connected to a homeusers network

Explanation
Using a personal software firewall on an office laptop connected to a home user's network is most likely to benefit from this security measure. When connecting to a home user's network, the office laptop is exposed to potential security risks from other devices on the network. By using a personal software firewall, the laptop can protect against unauthorized access and potential attacks from other devices on the network, ensuring the security of the data and the device itself.

Rate this question:
11.

QUESTION NO: 211 Virtualized applications, such as virtualized browsers, are capable of protecting the underlying operating system from which of the following?
- A.
  
  Malware installation from suspects Internet sites
- B.
  
  Man-in-the-middle attacks
- C.
  
  Phishing and spam attacks
- D.
  
  DDoS attacks against the underlying OS
Correct Answer
A. Malware installation from suspects Internet sites

Explanation
Virtualized applications, such as virtualized browsers, are capable of protecting the underlying operating system from malware installation from suspicious internet sites. This is because virtualization creates a separate environment or sandbox for the application, isolating it from the underlying OS. This prevents any malicious code or malware from infecting the operating system, as it is contained within the virtualized environment. Therefore, even if the virtualized browser encounters malware while browsing suspicious internet sites, it cannot affect the underlying operating system.

Rate this question:
12.

QUESTION NO: 212 A flat or simple role-based access control (RBAC) embodies which of the following principles?
- A.
  
  Users assigned to roles, permissions are assigned to groups, controls applied to groups and permissions acquired by controls
- B.
  
  Users assigned permissions, roles assigned to groups and users acquire additional permissions by being a member of a group
- C.
  
  Roles applied to groups, users assigned to groups and users acquire permissions by being a member of the group
- D.
  
  Users assigned to roles, permissions are assigned to roles and users acquire permissions by being a member of the role
Correct Answer
D. Users assigned to roles, permissions are assigned to roles and users acquire permissions by being a member of the role

Explanation
A flat or simple role-based access control (RBAC) system follows the principle of assigning users to roles, assigning permissions to roles, and allowing users to acquire permissions by being a member of the role. This means that instead of assigning permissions directly to individual users, permissions are assigned to roles, and users are assigned to roles. By being a member of a specific role, users automatically acquire the permissions associated with that role. This approach simplifies access control management by allowing for easier assignment and revocation of permissions based on roles rather than individual users.

Rate this question:
13.

QUESTION NO: 213 A number of unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated that this behavior stops. Which of the following is the BEST technology to install at the data center to prevent piggybacking?
- A.
  
  Mantrap
- B.
  
  Security badges
- C.
  
  Hardware locks
- D.
  
  Token access
Correct Answer
A. Mantrap

Explanation
A mantrap is the best technology to install at the data center to prevent piggybacking. A mantrap is a physical access control system that consists of two or more interlocking doors. Only one door can be open at a time, ensuring that only one person can enter or exit the data center at a time. This prevents unauthorized staff from piggybacking on authorized staff and gaining access to the data center. Security badges, hardware locks, and token access may provide some level of security, but they do not specifically address the issue of piggybacking like a mantrap does.

Rate this question:
14.

QUESTION NO: 214 Which of the following is a security threat that hides its processes and files from being easily detected?
- A.
  
  Trojan
- B.
  
  Adware
- C.
  
  Worm
- D.
  
  Rootkit
Correct Answer
D. Rootkit

Explanation
A rootkit is a type of security threat that hides its processes and files from being easily detected. It is designed to gain unauthorized access to a computer system and remain undetected by traditional security measures. Rootkits can modify system files, disable security software, and create backdoors for remote access. This allows attackers to maintain control over the compromised system and carry out malicious activities without being detected.

Rate this question:
15.

QUESTION NO: 215 Security templates are used for which of the following purposes? (Select TWO)
- A.
  
  To ensure that email is encrypted by users of PGP
- B.
  
  To ensure that PKI will work properly within thecompanys trust model
- C.
  
  To ensure that performance is standardized across all servers
- D.
  
  To ensure that all servers start from a common security configuration
- E.
  
  To ensure that servers are in compliance with the corporate security policy
Correct Answer(s)
D. To ensure that all servers start from a common security configuration
E. To ensure that servers are in compliance with the corporate security policy

Explanation
Security templates are used to ensure that all servers start from a common security configuration and to ensure that servers are in compliance with the corporate security policy. By applying security templates, organizations can establish a baseline security configuration for all servers, ensuring consistency and reducing the risk of misconfigurations. Additionally, security templates help organizations enforce their security policies, ensuring that servers meet the required security standards and are in compliance with the organization's overall security objectives.

Rate this question:
16.

QUESTION NO: 216 Frequent signature updates are required by which of the following security applications? (Select TWO).
- A.
  
  Antivirus
- B.
  
  PGP
- C.
  
  Firewall
- D.
  
  PKI
- E.
  
  IDS
Correct Answer(s)
A. Antivirus
E. IDS

Explanation
Antivirus and IDS (Intrusion Detection System) are security applications that require frequent signature updates. Antivirus software needs regular updates to stay up-to-date with the latest virus definitions and protect against new threats. IDS also requires frequent updates to detect and respond to new types of network attacks and anomalies. PGP (Pretty Good Privacy), Firewall, and PKI (Public Key Infrastructure) do not typically require frequent signature updates, making them incorrect choices for this question.

Rate this question:
17.

QUESTION NO: 217 When choosing an antivirus product, which of the following are the MOST important security considerations? (Select TWO).
- A.
  
  The frequency of signature updates
- B.
  
  The ability to scan encrypted files
- C.
  
  The availability of application programming interface
- D.
  
  The number of emails that can be scanned
- E.
  
  The number of viruses the software can detect
Correct Answer(s)
A. The frequency of signature updates
E. The number of viruses the software can detect

Explanation
The frequency of signature updates is important because it ensures that the antivirus software is up to date with the latest known threats. This is crucial as new viruses and malware are constantly being developed. The number of viruses the software can detect is also important as it determines the software's effectiveness in identifying and removing threats. The more viruses the software can detect, the better protected the system will be.

Rate this question:
18.

QUESTION NO: 218 Three generally accepted activities of patch management are: determining which patches are needed, applying the patches and which of the following?
- A.
  
  Updating the firewall configuration to include the patches
- B.
  
  Running a NIDS report to list the remaining vulnerabilities
- C.
  
  Auditing for the successful application of the patches
- D.
  
  Backing up the patch file executables to a network share
Correct Answer
C. Auditing for the successful application of the patches

Explanation
After determining which patches are needed and applying them, it is important to audit for the successful application of the patches. This ensures that the patches have been properly installed and are functioning as intended. Auditing helps to verify that the patches have been applied to all relevant systems and that any vulnerabilities have been addressed. It also provides a record of the patching process, which can be useful for compliance and reporting purposes.

Rate this question:
19.

QUESTION NO: 219 In which of the following situations would it be appropriate to install a hotfix?
- A.
  
  A patch in a service pack fixes the issue, but too many extra patches are included.
- B.
  
  A patch is not available and workarounds do not correct the problem
- C.
  
  A patch is available, but has not yet been tested in a production environment.
- D.
  
  A patch is too large to be distributed via a remote deployment tool.
Correct Answer
B. A patch is not available and workarounds do not correct the problem

Explanation
When a patch is not available and workarounds do not correct the problem, it would be appropriate to install a hotfix. A hotfix is a small, targeted software update that addresses a specific issue or problem. In this situation, since there is no patch available and the workarounds are not effective in resolving the problem, installing a hotfix can provide a temporary solution until a patch is released. Hotfixes are designed to quickly address critical issues and are typically tested and validated by the software vendor before being made available to users.

Rate this question:
20.

QUESTION NO: 220 Social engineering, password cracking and vulnerability exploitation are examples of which of the following?
- A.
  
  Vulnerability assessment
- B.
  
  Fingerprinting
- C.
  
  Penetration testing
- D.
  
  Fuzzing
Correct Answer
C. Penetration testing

Explanation
Social engineering, password cracking, and vulnerability exploitation are all techniques commonly used in penetration testing. Penetration testing involves simulating real-world attacks on a system or network to identify vulnerabilities and weaknesses. By using these techniques, penetration testers can assess the security of a system and determine if unauthorized access or data breaches are possible. This helps organizations identify and address potential security risks before they can be exploited by malicious actors.

Rate this question:
21.

QUESTION NO: 221 If an administrator does not have a NIDS examining network traffic, which of the following could be used to identify an active attack?
- A.
  
  Protocol analyzer
- B.
  
  Penetration testing tool
- C.
  
  Networkmapper
- D.
  
  Vulnerability scanner
Correct Answer
A. Protocol analyzer

Explanation
A protocol analyzer is a tool used to capture and analyze network traffic. It allows administrators to monitor and inspect the packets being transmitted over the network. By analyzing the network traffic, an administrator can identify any suspicious or malicious activity that may indicate an active attack. Therefore, in the absence of a NIDS (Network Intrusion Detection System), a protocol analyzer can be used as an alternative to identify an active attack.

Rate this question:
22.

QUESTION NO: 222 Configuration baselines should be taken at which of the following stages in the deployment of a new system?
- A.
  
  Before initial configuration
- B.
  
  Before loading the OS
- C.
  
  After a user logs in
- D.
  
  After initial configuration
Correct Answer
D. After initial configuration

Explanation
Configuration baselines should be taken after the initial configuration of a new system. This is because the initial configuration involves setting up the system according to the desired specifications and requirements. Once the initial configuration is completed, it is important to take a baseline to capture the current state of the system. This baseline can then be used as a reference point for future comparisons and to ensure that any changes made to the system are in line with the desired configuration.

Rate this question:
23.

QUESTION NO: 223 Which of the following practices should be implemented to harden workstations and servers?
- A.
  
  Log on only as the administrator
- B.
  
  Install only needed software
- C.
  
  Check the logs regularly.
- D.
  
  Report all security incidents.
Correct Answer
B. Install only needed software

Explanation
Installing only needed software is a practice that should be implemented to harden workstations and servers. This is because unnecessary software increases the attack surface and potential vulnerabilities of the system. By installing only the software that is necessary for the system's functionality, the risk of exploitation and unauthorized access is minimized.

Rate this question:
24.

QUESTION NO: 224 Which of the following is a mechanism that prevents electromagnetic emanations from being captured?
- A.
  
  Install a repeater
- B.
  
  Uninterruptible power supply (UPS)
- C.
  
  Faraday cage
- D.
  
  Faraday cage
Correct Answer
C. Faraday cage

Explanation
A Faraday cage is a mechanism that prevents electromagnetic emanations from being captured. It is an enclosure made of conductive materials that creates a shield against electromagnetic radiation. The conductive material absorbs and redirects the electromagnetic waves, preventing them from escaping or entering the cage. This helps to protect sensitive electronic equipment or information from being intercepted or affected by external electromagnetic signals.

Rate this question:
25.

QUESTION NO: 225 Which of the following describes the difference between a secure cipher and a secure hash?
- A.
  
  A hash produces a variable output for any input size, a cipher does not.
- B.
  
  A cipher produces the same size output for any input size, a hash does not.
- C.
  
  A cipher can be reversed, a hash cannot.
- D.
  
  A hash can be reversed, a cipher cannot.
Correct Answer
C. A cipher can be reversed, a hash cannot.

Explanation
A secure cipher is a cryptographic algorithm that can be reversed or decrypted, meaning that the original message can be recovered from the encrypted form. On the other hand, a secure hash function is a one-way function that cannot be reversed or decrypted. It takes an input of any size and produces a fixed-size output, making it impossible to retrieve the original input from the hash value. Therefore, the statement "A cipher can be reversed, a hash cannot" accurately describes the difference between a secure cipher and a secure hash.

Rate this question:
26.

QUESTION NO: 226 Which of the following physical threats is prevented with mantraps?
- A.
  
  Piggybacking
- B.
  
  Social engineering
- C.
  
  Dumpster diving
- D.
  
  Shoulder surfing
Correct Answer
A. Piggybacking

Explanation
Mantraps are physical security devices that are used to prevent unauthorized access to a secure area. They typically consist of two or more doors or gates that can only be opened one at a time, ensuring that only one person can enter or exit at a time. This effectively prevents piggybacking, which is the act of an unauthorized person following closely behind an authorized person to gain access to a secure area. Therefore, the correct answer is piggybacking.

Rate this question:
27.

QUESTION NO: 227 Which of the following BEST describes the differences between SHA-1 and MD5?
- A.
  
  MD5 produces variable length message digests
- B.
  
  SHA-1 produces few collisions than MD5
- C.
  
  MD5 produces few collisions than SHA-1
- D.
  
  SHA-1 produces fixed length message digests.
Correct Answer
B. SHA-1 produces few collisions than MD5

Explanation
SHA-1 produces fewer collisions than MD5. This means that SHA-1 is less likely to produce the same message digest for different input messages compared to MD5. In other words, SHA-1 has a lower probability of two different inputs producing the same output, making it more secure in terms of collision resistance.

Rate this question:
28.

QUESTION NO: 228 Which of the following BEST applies in the secure disposal of computers?
- A.
  
  Computers must be configured for automated patch management
- B.
  
  Computer media must be sanitized.
- C.
  
  Default passwords must be changed once
- D.
  
  Computers must be tested against known TCP/IP vulnerabilities.
Correct Answer
B. Computer media must be sanitized.

Explanation
In the secure disposal of computers, the best practice is to sanitize the computer media. This means securely wiping or destroying the data stored on the computer's hard drive or other storage devices. This is important to prevent any sensitive information from being accessed by unauthorized individuals. Configuring computers for automated patch management, changing default passwords, and testing against known vulnerabilities are all important security measures, but they do not specifically address the secure disposal of computers.

Rate this question:
29.

QUESTION NO: 229 Which of the following BEST describes the differences between RADIUS and TACACS?
- A.
  
  TACACS separates authentication, authorization and auditing capabilities
- B.
  
  TACACS is a remote access authentication service
- C.
  
  RADIUS is a remote access authentication service
- D.
  
  RADIUS separates authentication, authorization and auditing capabilities.
Correct Answer
A. TACACS separates authentication, authorization and auditing capabilities

Explanation
TACACS is a protocol that separates authentication, authorization, and auditing capabilities, while RADIUS is a protocol that only provides remote access authentication. TACACS allows for more granular control and flexibility in managing user access and permissions by separating these three functions. RADIUS, on the other hand, combines authentication and authorization into a single process.

Rate this question:
30.

QUESTION NO: 230 Which of the following BEST describes the differences between RADIUS and TACACS?
- A.
  
  RADIUS encrypts client-server negotiation dialog.
- B.
  
  RADIUS is a remote access authentication service.
- C.
  
  TACACS encrypts client-server negotiation dialog.
- D.
  
  TACACS is a remote access authentication service.
Correct Answer
C. TACACS encrypts client-server negotiation dialog.

Explanation
TACACS is a remote access authentication service that encrypts the client-server negotiation dialog. This means that when a client and server are communicating, TACACS ensures that their conversation is encrypted, providing a higher level of security. On the other hand, RADIUS is also a remote access authentication service, but it does not encrypt the client-server negotiation dialog. Therefore, the main difference between RADIUS and TACACS lies in their encryption capabilities during the negotiation process.

Rate this question:
31.

QUESTION NO: 231 Which of the following authentication mechanisms performs better in a secure environment?
- A.
  
  RADIUS because it is a remote access authentication service
- B.
  
  TACACS because it encrypts client-server negotiation dialogs.
- C.
  
  RADIUS because it encrypts client-server passwords.
- D.
  
  TACACS because it is a remote access authentication service
Correct Answer
B. TACACS because it encrypts client-server negotiation dialogs.

Explanation
TACACS performs better in a secure environment because it encrypts client-server negotiation dialogs. This encryption adds an extra layer of security to the authentication process, making it more difficult for unauthorized individuals to intercept and access sensitive information. RADIUS, on the other hand, does not provide this level of encryption for the negotiation dialogs, making it potentially less secure in comparison.

Rate this question:
32.

QUESTION NO: 232 To evaluate the security compliance of a group of servers against best practices, which of the following BEST applies?
- A.
  
  Get a patch management report.
- B.
  
  Conduct a penetration test.
- C.
  
  Run a vulnerability assessment tool
- D.
  
  Install a protocol analyzer.
Correct Answer
C. Run a vulnerability assessment tool

Explanation
Running a vulnerability assessment tool is the best option to evaluate the security compliance of a group of servers against best practices. This tool scans the servers and identifies any vulnerabilities or weaknesses in the system. It helps in identifying potential security risks and allows for timely remediation. A vulnerability assessment is a proactive approach that helps in ensuring the servers are secure and compliant with industry best practices.

Rate this question:
33.

QUESTION NO: 233 Which of the following is a problem MOST often associated with UTP cable?
- A.
  
  Fuzzing
- B.
  
  Vampire tap
- C.
  
  Crosstalk
- D.
  
  Refraction
Correct Answer
C. Crosstalk

Explanation
Crosstalk is a problem that is most often associated with UTP (Unshielded Twisted Pair) cable. Crosstalk occurs when there is interference between adjacent pairs of wires within the cable, causing signal degradation and data errors. This interference can be caused by electromagnetic fields from other cables or devices, resulting in a loss of signal quality. Proper cable shielding and separation can help minimize crosstalk and maintain the integrity of the transmitted data.

Rate this question:
34.

QUESTION NO: 234 An administrator notices on the monthly firewall log that many of the internal PCs are sending packets on a routine basis to a single external PC. Which of the following BEST describes what is occurring?
- A.
  
  The remote PC has a spam slave application running and the local PCs have a spam master application running
- B.
  
  The remote PC has a zombie master application running and the local PCs have a zombie slave application running.
- C.
  
  The remote PC has a spam master application running and the local PCs have a spam slave application running
- D.
  
  The remote PC has a zombie slave application running and the local PCs have a zombie master application running
Correct Answer
B. The remote PC has a zombie master application running and the local PCs have a zombie slave application running.

Explanation
The correct answer is that the remote PC has a zombie master application running and the local PCs have a zombie slave application running. This means that the remote PC is controlling the local PCs and using them to send packets to a specific external PC. This is a form of a botnet attack, where the remote PC is the master and the local PCs are the slaves, being used to carry out malicious activities without the knowledge or consent of their owners.

Rate this question:
35.

QUESTION NO: 235 An administrator notices that a PC is sending an unusual amount of email at odd times of the day. Which of the following should the administrator check for FIRST?
- A.
  
  A S/MIME buffer overflow
- B.
  
  A POP3 protocol exception
- C.
  
  DNS poisoning
- D.
  
  A SMTP open relay
Correct Answer
D. A SMTP open relay

Explanation
The administrator should check for an SMTP open relay first because an open relay allows anyone to use the email server to send emails, potentially leading to an unusual amount of email being sent from the PC. This could explain the unusual activity and odd timing of the emails.

Rate this question:
36.

QUESTION NO: 236 Which of the following would a password cracker help an administrator to find?
- A.
  
  Weak passwords
- B.
  
  Expired passwords
- C.
  
  Locked passwords
- D.
  
  Backdoor passwords
Correct Answer
A. Weak passwords

Explanation
A password cracker would help an administrator to find weak passwords. A password cracker is a tool or software that is designed to guess or crack passwords by using various methods such as brute force attacks, dictionary attacks, or rainbow table attacks. By using a password cracker, an administrator can identify passwords that are easily guessable or vulnerable to being cracked, allowing them to take necessary actions to strengthen the security of the system.

Rate this question:
37.

QUESTION NO: 237 Which of the following is setup within a router?
- A.
  
  ARP
- B.
  
  DMZ
- C.
  
  OVAL
- D.
  
  DDoS
Correct Answer
B. DMZ

Explanation
A DMZ (Demilitarized Zone) is a setup within a router that creates a separate network segment to host publicly accessible servers or services. It acts as a buffer zone between the internal network and the external network, providing an additional layer of security. By placing servers in the DMZ, organizations can allow external access to specific services while keeping their internal network protected from potential threats.

Rate this question:
38.

QUESTION NO: 238 Which of the following would BEST allow for fast, highly secure encryption of a USB flash drive?
- A.
  
  SHA-1
- B.
  
  MD5
- C.
  
  3DES
- D.
  
  AES256
Correct Answer
D. AES256

Explanation
AES256 would be the best option for fast, highly secure encryption of a USB flash drive. AES (Advanced Encryption Standard) is a symmetric encryption algorithm that has been widely adopted as a standard for secure data encryption. AES256 refers to the key size of 256 bits, which provides a high level of security. It is considered more secure than SHA-1, MD5, and 3DES, which are either outdated or have weaker encryption capabilities.

Rate this question:
39.

QUESTION NO: 239 When is the correct time to discuss the appropriate use of electronic devices with a new employee?
- A.
  
  At time of hire
- B.
  
  At time of first correspondence
- C.
  
  At time of departure
- D.
  
  At time of first system login
Correct Answer
A. At time of hire

Explanation
The correct time to discuss the appropriate use of electronic devices with a new employee is at the time of hire. This is because it is important to establish expectations and guidelines regarding the use of electronic devices from the beginning of the employment relationship. By discussing this topic at the time of hire, the employer can ensure that the new employee understands the company's policies and can use electronic devices in a responsible and appropriate manner. This helps to create a productive and professional work environment.

Rate this question:
40.

QUESTION NO: 240 Which of the following could BEST assist in the recovery of a crashed hard drive?
- A.
  
  Forensics software
- B.
  
  Drive optimization
- C.
  
  Drive sanitization
- D.
  
  Damage and loss control
Correct Answer
A. Forensics software

Explanation
Forensics software could best assist in the recovery of a crashed hard drive. This type of software is specifically designed to analyze and recover data from damaged or corrupted storage devices. It can help to identify and repair any issues that caused the crash, and retrieve as much data as possible from the hard drive. Forensics software is commonly used in computer forensics investigations, where data recovery is a crucial aspect of the process.

Rate this question:
41.

QUESTION NO: 241 Which of the following facilitates the creation of an unencrypted tunnel between two devices?
- A.
  
  AES
- B.
  
  HTTPS
- C.
  
  L2TP
- D.
  
  PPTP
Correct Answer
C. L2TP

Explanation
L2TP (Layer 2 Tunneling Protocol) facilitates the creation of an unencrypted tunnel between two devices. This protocol allows the transfer of data packets between the devices over the internet in a secure and private manner. It is commonly used for establishing virtual private networks (VPNs) and can be used in combination with other encryption protocols to provide additional security. L2TP does not provide encryption on its own, but it creates a tunnel that can be encrypted using other protocols such as IPsec.

Rate this question:
42.

QUESTION NO: 242 Which of the following allows for a secure connection to be made through a web browser?
- A.
  
  L2TP
- B.
  
  SSH
- C.
  
  SSL
- D.
  
  HTTP
Correct Answer
C. SSL

Explanation
SSL (Secure Sockets Layer) allows for a secure connection to be made through a web browser. SSL is a protocol that encrypts the data transmitted between a web server and a web browser, ensuring that the information remains confidential and cannot be intercepted by unauthorized parties. It is commonly used for secure online transactions, such as e-commerce websites, online banking, and sensitive data transfers.

Rate this question:
43.

QUESTION NO: 243 Which of the following is the BEST order in which crucial equipment should draw power?
- A.
  
  Uninterruptible Power Supply (UPS) battery, UPS line conditioner, backup generator
- B.
  
  Backup generator, UPS line conditioner, UPS battery
- C.
  
  Backup generator, UPS battery, UPS line conditioner
- D.
  
  UPS line conditioner, UPS battery, and backup generator
Correct Answer
D. UPS line conditioner, UPS battery, and backup generator

Explanation
The best order in which crucial equipment should draw power is UPS line conditioner, UPS battery, and backup generator. This order ensures that the power is first conditioned by the UPS line conditioner, which helps to stabilize voltage and filter out any electrical noise. The UPS battery is then used to provide immediate power in case of a power outage or fluctuation. Finally, the backup generator is used to provide long-term power supply in case of extended outages. This order ensures that the equipment receives clean and stable power, with backup options available when needed.

Rate this question:
44.

QUESTION NO: 244 Which of the following would require a pre-sharing of information before a home user could attach to a neighbors wireless adapter?
- A.
  
  Anonymous connections enabled
- B.
  
  SSID broadcasting disabled
- C.
  
  SSID broadcasting enabled
- D.
  
  Encryption disabled
Correct Answer
B. SSID broadcasting disabled

Explanation
SSID broadcasting refers to the practice of a wireless network broadcasting its name (SSID) so that devices can easily detect and connect to it. When SSID broadcasting is disabled, the network's name is not visible to nearby devices. Therefore, in order for a home user to attach to a neighbor's wireless adapter, they would need to know the neighbor's network name (SSID) in advance. This requires a pre-sharing of information between the neighbor and the home user.

Rate this question:
45.

QUESTION NO: 245 Which of the following would BEST allow an administrator to quickly find a rogue server on the network?
- A.
  
  Review security access logs
- B.
  
  A networkmapper
- C.
  
  A protocol analyzer
- D.
  
  Review DNS logs
Correct Answer
B. A networkmapper

Explanation
A network mapper would be the best tool for an administrator to quickly find a rogue server on the network. A network mapper scans the network and identifies all connected devices, allowing the administrator to easily identify any unauthorized or unknown servers. This tool provides a comprehensive view of the network and can quickly pinpoint any rogue servers that may be present.

Rate this question:
46.

QUESTION NO: 246 Which of the following would BEST allow an administrator to quickly find a PC with a blank database administrator password?
- A.
  
  Protocol analyzer
- B.
  
  Vulnerability scanner
- C.
  
  Rainbow tables
- D.
  
  Security access logs
Correct Answer
B. Vulnerability scanner

Explanation
A vulnerability scanner would be the best tool for an administrator to quickly find a PC with a blank database administrator password. Vulnerability scanners are designed to detect weaknesses and vulnerabilities in a system, including weak or blank passwords. By scanning the network and identifying systems with blank database administrator passwords, the administrator can quickly address this security issue and take appropriate actions to secure the system.

Rate this question:
47.

QUESTION NO: 247 An administrator is backing up all server data nightly to a local NAS devicE. Which of the following additional steps should the administrator take for protection from disaster in the case the primary site is permanently lost?
- A.
  
  Backup all data at a preset interval to tape and store those tapes at a sister site across the street.
- B.
  
  Backup all data at a preset interval to tape and store those tapes at a sister site in another city.
- C.
  
  Backup all data at a preset interval to removable disk and store the disk in a safety deposit box at the administrators home
- D.
  
  Backup all data at a preset interval to removable disk and store the disk in a fireproof safe in the buildings basement
Correct Answer
B. Backup all data at a preset interval to tape and store those tapes at a sister site in another city.

Explanation
The correct answer suggests that in order to protect the data from permanent loss in case of a disaster at the primary site, the administrator should backup all data at a preset interval to tape and store those tapes at a sister site in another city. Storing the tapes at a sister site in another city ensures that the backup data is kept in a separate geographical location, reducing the risk of loss due to a local disaster. This provides an additional layer of protection and increases the chances of recovering the data in case of a catastrophic event at the primary site.

Rate this question:
48.

QUESTION NO: 248 Which of the following is the MOST intrusive on a network?
- A.
  
  Penetration testing
- B.
  
  Protocol analyzers
- C.
  
  Port scanners
- D.
  
  Vulnerability testing
Correct Answer
A. Penetration testing

Explanation
Penetration testing is the most intrusive on a network compared to the other options. Penetration testing involves actively simulating attacks on a network to identify vulnerabilities and weaknesses. It goes beyond just analyzing protocols or scanning ports by attempting to exploit vulnerabilities and gain unauthorized access. This can potentially disrupt network operations and compromise sensitive data. Protocol analyzers analyze network traffic, port scanners scan for open ports, and vulnerability testing identifies weaknesses, but they are less invasive compared to penetration testing.

Rate this question:
49.

QUESTION NO: 249 A single sign-on requires which of the following?
- A.
  
  Multifactor authentication
- B.
  
  One-factor authentication
- C.
  
  A trust model between workstations
- D.
  
  A unified trust model
Correct Answer
D. A unified trust model

Explanation
A unified trust model is required for a single sign-on system. This means that all workstations and systems within the network must trust each other and share a common authentication mechanism. This allows users to authenticate once and gain access to multiple resources without having to provide credentials again. With a unified trust model, the authentication process is streamlined and users can easily navigate between different systems and applications without the need for multiple logins.

Rate this question:
50.

QUESTION NO: 250 All of the following are where backup tapes should be kept EXCEPT:
- A.
  
  Near a fiber optic cable entrance.
- B.
  
  Near a shared LCD screen
- C.
  
  Near a power line.
- D.
  
  Near a high end server.
Correct Answer
C. Near a power line.

Explanation
Backup tapes should be kept in secure and controlled environments to ensure their safety and integrity. Keeping them near a fiber optic cable entrance, shared LCD screen, or high-end server could expose them to potential risks such as physical damage, unauthorized access, or electromagnetic interference. However, keeping them near a power line poses the risk of electrical hazards and potential damage due to power surges or fluctuations. Hence, near a power line is not an appropriate location for storing backup tapes.

Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

Current Version
Jan 25, 2024

Quiz Edited by
ProProfs Editorial Team
Dec 21, 2010

Quiz Created by
Ctstravis

SEC+ Study Guide C

QUESTION NO: 201 A user does not understand why the domain password policy is so stringent. Which of the following BEST demonstrates the security basis for the password policy?

QUESTION NO: 202 A company needs to have multiple servers running low CPU utilization applications. Which of the following is the MOST cost efficient method for accomplishing this?

QUESTION NO: 203 A programmer creates an application to accept data from a websitE. A user places more information than the program expects in the input field resulting in the back end database placing the extra information into the databasE. Which of the following is this an example of?

QUESTION NO: 204 Which of the following security threats is MOST commonly associated with a targeted distributed denial of service (DDoS)?

QUESTION NO: 207 After a system risk assessment was performed it was found that the cost to mitigate the risk was higher than the expected loss if the risk was actualized. In this instance, which of the following is the BEST course of action?

QUESTION NO: 209 A technician is deciding between implementing a HIDS on the database server or implementing a NIDS. Which of the following are reasons why a NIDS may be better to implement? (Select TWO).

QUESTION NO: 210 Which of the following scenarios is MOST likely to benefit from using a personal software firewall on a laptop?

QUESTION NO: 211 Virtualized applications, such as virtualized browsers, are capable of protecting the underlying operating system from which of the following?

QUESTION NO: 212 A flat or simple role-based access control (RBAC) embodies which of the following principles?

QUESTION NO: 213 A number of unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated that this behavior stops. Which of the following is the BEST technology to install at the data center to prevent piggybacking?

QUESTION NO: 214 Which of the following is a security threat that hides its processes and files from being easily detected?

QUESTION NO: 215 Security templates are used for which of the following purposes? (Select TWO)

QUESTION NO: 216 Frequent signature updates are required by which of the following security applications? (Select TWO).

QUESTION NO: 217 When choosing an antivirus product, which of the following are the MOST important security considerations? (Select TWO).

QUESTION NO: 218 Three generally accepted activities of patch management are: determining which patches are needed, applying the patches and which of the following?

QUESTION NO: 219 In which of the following situations would it be appropriate to install a hotfix?

QUESTION NO: 220 Social engineering, password cracking and vulnerability exploitation are examples of which of the following?

QUESTION NO: 221 If an administrator does not have a NIDS examining network traffic, which of the following could be used to identify an active attack?

QUESTION NO: 222 Configuration baselines should be taken at which of the following stages in the deployment of a new system?

QUESTION NO: 223 Which of the following practices should be implemented to harden workstations and servers?

QUESTION NO: 224 Which of the following is a mechanism that prevents electromagnetic emanations from being captured?

QUESTION NO: 225 Which of the following describes the difference between a secure cipher and a secure hash?

QUESTION NO: 226 Which of the following physical threats is prevented with mantraps?

QUESTION NO: 227 Which of the following BEST describes the differences between SHA-1 and MD5?

QUESTION NO: 228 Which of the following BEST applies in the secure disposal of computers?

QUESTION NO: 229 Which of the following BEST describes the differences between RADIUS and TACACS?

QUESTION NO: 230 Which of the following BEST describes the differences between RADIUS and TACACS?

QUESTION NO: 231 Which of the following authentication mechanisms performs better in a secure environment?

QUESTION NO: 232 To evaluate the security compliance of a group of servers against best practices, which of the following BEST applies?

QUESTION NO: 233 Which of the following is a problem MOST often associated with UTP cable?

QUESTION NO: 234 An administrator notices on the monthly firewall log that many of the internal PCs are sending packets on a routine basis to a single external PC. Which of the following BEST describes what is occurring?

QUESTION NO: 235 An administrator notices that a PC is sending an unusual amount of email at odd times of the day. Which of the following should the administrator check for FIRST?

QUESTION NO: 236 Which of the following would a password cracker help an administrator to find?

QUESTION NO: 237 Which of the following is setup within a router?

QUESTION NO: 238 Which of the following would BEST allow for fast, highly secure encryption of a USB flash drive?

QUESTION NO: 239 When is the correct time to discuss the appropriate use of electronic devices with a new employee?

QUESTION NO: 240 Which of the following could BEST assist in the recovery of a crashed hard drive?

QUESTION NO: 241 Which of the following facilitates the creation of an unencrypted tunnel between two devices?

QUESTION NO: 242 Which of the following allows for a secure connection to be made through a web browser?

QUESTION NO: 243 Which of the following is the BEST order in which crucial equipment should draw power?

QUESTION NO: 244 Which of the following would require a pre-sharing of information before a home user could attach to a neighbors wireless adapter?

QUESTION NO: 245 Which of the following would BEST allow an administrator to quickly find a rogue server on the network?

QUESTION NO: 246 Which of the following would BEST allow an administrator to quickly find a PC with a blank database administrator password?

QUESTION NO: 247 An administrator is backing up all server data nightly to a local NAS devicE. Which of the following additional steps should the administrator take for protection from disaster in the case the primary site is permanently lost?

QUESTION NO: 248 Which of the following is the MOST intrusive on a network?

QUESTION NO: 249 A single sign-on requires which of the following?

QUESTION NO: 250 All of the following are where backup tapes should be kept EXCEPT: