SEC+ Study Guide C

Approved & Edited by ProProfs Editorial Team
The editorial team at ProProfs Quizzes consists of a select group of subject experts, trivia writers, and quiz masters who have authored over 10,000 quizzes taken by more than 100 million users. This team includes our in-house seasoned quiz moderators and subject matter experts. Our editorial experts, spread across the world, are rigorously trained using our comprehensive guidelines to ensure that you receive the highest quality quizzes.
Learn about Our Editorial Process
| By Ctstravis
C
Ctstravis
Community Contributor
Quizzes Created: 8 | Total Attempts: 2,433
Questions: 100 | Attempts: 95

SettingsSettingsSettings
SEC+ Study Guide C - Quiz


201-300


Questions and Answers
  • 1. 

    QUESTION NO: 201 A user does not understand why the domain password policy is so stringent. Which of the following BEST demonstrates the security basis for the password policy?

    • A.

      Explain how easy it is for a hacker to crack weak passwords.

    • B.

      Show the user a domain overview, including a list of weak passwords

    • C.

      Refer the user to a strong password demonstrator.

    • D.

      Ask the user to review the corporate policies and procedures manual.

    Correct Answer
    A. Explain how easy it is for a hacker to crack weak passwords.
    Explanation
    The correct answer is to explain how easy it is for a hacker to crack weak passwords. By explaining the vulnerabilities of weak passwords, the user can understand the importance of having a stringent password policy. This approach helps to educate the user about the potential risks and consequences of using weak passwords, which ultimately promotes a stronger security mindset among users.

    Rate this question:

  • 2. 

    QUESTION NO: 202 A company needs to have multiple servers running low CPU utilization applications. Which of the following is the MOST cost efficient method for accomplishing this?

    • A.

      Install multiple high end servers, sharing a clustered network operating system.

    • B.

      Install a single low end server, running multiple virtual servers

    • C.

      Install a single high end server, running multiple virtual servers.

    • D.

      Install multiple low end servers, each running a network operating system.

    Correct Answer
    C. Install a single high end server, running multiple virtual servers.
    Explanation
    Installing a single high-end server and running multiple virtual servers is the most cost-efficient method because it eliminates the need for purchasing and maintaining multiple physical servers. Virtualization allows for the efficient utilization of hardware resources, reducing costs associated with power consumption, cooling, and hardware maintenance. Additionally, it provides flexibility and scalability, allowing for easy deployment and management of additional virtual servers as needed.

    Rate this question:

  • 3. 

    QUESTION NO: 203 A programmer creates an application to accept data from a websitE. A user places more information than the program expects in the input field resulting in the back end database placing the extra information into the databasE. Which of the following is this an example of?

    • A.

      Java input error

    • B.

      Cross-site scripting

    • C.

      Buffer overflow

    • D.

      SQL injection

    Correct Answer
    D. SQL injection
    Explanation
    This is an example of SQL injection. SQL injection is a code injection technique that attackers use to exploit vulnerabilities in a web application's database layer. In this scenario, the user input is not properly validated or sanitized, allowing the user to insert additional SQL statements into the input field. This can lead to unauthorized access, data manipulation, or even complete control of the database.

    Rate this question:

  • 4. 

    QUESTION NO: 204 Which of the following security threats is MOST commonly associated with a targeted distributed denial of service (DDoS)?

    • A.

      Viruses

    • B.

      Worms

    • C.

      Botnets

    • D.

      Trojans

    Correct Answer
    C. Botnets
    Explanation
    A targeted distributed denial of service (DDoS) attack involves flooding a target system with an overwhelming amount of traffic, rendering it unable to function properly. Botnets, which are networks of compromised computers controlled by a central attacker, are commonly used to launch DDoS attacks. The attacker can direct the botnet to send a massive amount of traffic to the target system, causing it to become overwhelmed and unavailable to legitimate users. Therefore, botnets are the most commonly associated security threat with a targeted DDoS attack.

    Rate this question:

  • 5. 

    QUESTION NO: 205 A developer added code to a financial system designed to transfer money to a foreign bank account on a specific time and date. The code would activate only if human resources processed the developers termination papers. The developer implemented which of the following security threats?

    • A.

      Logic bomb

    • B.

      Rootkit

    • C.

      Botnet

    • D.

      Privilege escalation

    Correct Answer
    A. Logic bomb
    Explanation
    The correct answer is "Logic bomb." In this scenario, the developer added code to the financial system that would activate and transfer money to a foreign bank account only if the developer's termination papers were processed by human resources. This is a classic example of a logic bomb, which is a malicious code that is intentionally inserted into a system to execute a harmful action at a specific time or under specific conditions.

    Rate this question:

  • 6. 

    QUESTION NO: 206   A CEO is concerned about staff browsing inappropriate material on the Internet via HTTPS. It has been suggested that the company purchase a product which could decrypt the SSL session, scan the content and then repackage the SSL session without staff knowing. Which of the following type of attacks is similar to this product?

    • A.

      Replay

    • B.

      Spoofing

    • C.

      TCP/IP hijacking

    • D.

      Man-in-the-middle

    Correct Answer
    D. Man-in-the-middle
    Explanation
    The correct answer is Man-in-the-middle. Man-in-the-middle attack is similar to the suggested product because it involves intercepting and manipulating communication between two parties without their knowledge. In this case, the product would intercept the SSL session, decrypt it, scan the content for inappropriate material, and then repackage the session without the staff knowing. This allows the company to monitor and control the content accessed by the staff, similar to how a man-in-the-middle attack allows an attacker to eavesdrop on and manipulate communication between two parties.

    Rate this question:

  • 7. 

    QUESTION NO: 207 After a system risk assessment was performed it was found that the cost to mitigate the risk was higher than the expected loss if the risk was actualized. In this instance, which of the following is the BEST course of action?

    • A.

      Accept the risk

    • B.

      Mitigate the risk

    • C.

      Reject the risk

    • D.

      Run a new risk assessment

    Correct Answer
    A. Accept the risk
    Explanation
    In this scenario, accepting the risk is the best course of action because the cost to mitigate the risk is higher than the expected loss. This means that it would be more cost-effective to accept the risk and deal with any potential consequences if the risk is actualized, rather than spending more money to try and mitigate the risk. Rejecting the risk or running a new risk assessment would not be necessary or beneficial in this case.

    Rate this question:

  • 8. 

    QUESTION NO: 208 A small call center business decided to install an email system to facilitate communications in the office. As part of the upgrade the vendor offered to supply anti-malware software for a cost of $5,000 per year. The IT manager read there was a 90% chance each year that workstations would be compromised if not adequately protecteD. If workstations are compromised it will take three hours to restore services for the 30 staff. Staff members in the call center are paid $90 per hour. If determining the risk, which of the following is the annual loss expectancy (ALE)?

    • A.

      $2,700

    • B.

      $4,500

    • C.

      $5,000

    • D.

      $7,290

    Correct Answer
    D. $7,290
    Explanation
    The annual loss expectancy (ALE) can be calculated by multiplying the annual rate of occurrence (ARO) with the single loss expectancy (SLE). In this case, the ARO is 90% or 0.9, and the SLE can be calculated by multiplying the cost of restoring services ($90 per hour * 3 hours * 30 staff) which equals $8,100. Therefore, the ALE is $0.9 * $8,100 = $7,290.

    Rate this question:

  • 9. 

    QUESTION NO: 209 A technician is deciding between implementing a HIDS on the database server or implementing a NIDS. Which of the following are reasons why a NIDS may be better to implement? (Select TWO).

    • A.

      Many HIDS require frequent patches and updates.

    • B.

      Many HIDS are not able to detect network attacks.

    • C.

      Many HIDS have a negative impact on systemperformance

    • D.

      Many HIDS only offer a low level of detection granularity.

    • E.

      Many HIDS are not good at detecting attacks on database servers.

    Correct Answer(s)
    B. Many HIDS are not able to detect network attacks.
    C. Many HIDS have a negative impact on systemperformance
    Explanation
    A NIDS may be better to implement because many HIDS are not able to detect network attacks, meaning they would not be effective in identifying and preventing attacks that originate from the network. Additionally, many HIDS have a negative impact on system performance, which could slow down the database server and affect its overall functionality.

    Rate this question:

  • 10. 

    QUESTION NO: 210 Which of the following scenarios is MOST likely to benefit from using a personal software firewall on a laptop?

    • A.

      Remote access user connecting via SSL VPN

    • B.

      Office laptop connected to the enterprise LAN

    • C.

      Remote access user connecting via corporate dial-in server

    • D.

      Office laptop connected to a homeusers network

    Correct Answer
    D. Office laptop connected to a homeusers network
    Explanation
    Using a personal software firewall on an office laptop connected to a home user's network is most likely to benefit from this security measure. When connecting to a home user's network, the office laptop is exposed to potential security risks from other devices on the network. By using a personal software firewall, the laptop can protect against unauthorized access and potential attacks from other devices on the network, ensuring the security of the data and the device itself.

    Rate this question:

  • 11. 

    QUESTION NO: 211 Virtualized applications, such as virtualized browsers, are capable of protecting the underlying operating system from which of the following?

    • A.

      Malware installation from suspects Internet sites

    • B.

      Man-in-the-middle attacks

    • C.

      Phishing and spam attacks

    • D.

      DDoS attacks against the underlying OS

    Correct Answer
    A. Malware installation from suspects Internet sites
    Explanation
    Virtualized applications, such as virtualized browsers, are capable of protecting the underlying operating system from malware installation from suspicious internet sites. This is because virtualization creates a separate environment or sandbox for the application, isolating it from the underlying OS. This prevents any malicious code or malware from infecting the operating system, as it is contained within the virtualized environment. Therefore, even if the virtualized browser encounters malware while browsing suspicious internet sites, it cannot affect the underlying operating system.

    Rate this question:

  • 12. 

    QUESTION NO: 212 A flat or simple role-based access control (RBAC) embodies which of the following principles?

    • A.

      Users assigned to roles, permissions are assigned to groups, controls applied to groups and permissions acquired by controls

    • B.

      Users assigned permissions, roles assigned to groups and users acquire additional permissions by being a member of a group

    • C.

      Roles applied to groups, users assigned to groups and users acquire permissions by being a member of the group

    • D.

      Users assigned to roles, permissions are assigned to roles and users acquire permissions by being a member of the role

    Correct Answer
    D. Users assigned to roles, permissions are assigned to roles and users acquire permissions by being a member of the role
    Explanation
    A flat or simple role-based access control (RBAC) system follows the principle of assigning users to roles, assigning permissions to roles, and allowing users to acquire permissions by being a member of the role. This means that instead of assigning permissions directly to individual users, permissions are assigned to roles, and users are assigned to roles. By being a member of a specific role, users automatically acquire the permissions associated with that role. This approach simplifies access control management by allowing for easier assignment and revocation of permissions based on roles rather than individual users.

    Rate this question:

  • 13. 

    QUESTION NO: 213 A number of unauthorized staff has been entering the data center by piggybacking authorized staff. The CIO has mandated that this behavior stops. Which of the following is the BEST technology to install at the data center to prevent piggybacking?

    • A.

      Mantrap

    • B.

      Security badges

    • C.

      Hardware locks

    • D.

      Token access

    Correct Answer
    A. Mantrap
    Explanation
    A mantrap is the best technology to install at the data center to prevent piggybacking. A mantrap is a physical access control system that consists of two or more interlocking doors. Only one door can be open at a time, ensuring that only one person can enter or exit the data center at a time. This prevents unauthorized staff from piggybacking on authorized staff and gaining access to the data center. Security badges, hardware locks, and token access may provide some level of security, but they do not specifically address the issue of piggybacking like a mantrap does.

    Rate this question:

  • 14. 

    QUESTION NO: 214 Which of the following is a security threat that hides its processes and files from being easily detected?

    • A.

      Trojan

    • B.

      Adware

    • C.

      Worm

    • D.

      Rootkit

    Correct Answer
    D. Rootkit
    Explanation
    A rootkit is a type of security threat that hides its processes and files from being easily detected. It is designed to gain unauthorized access to a computer system and remain undetected by traditional security measures. Rootkits can modify system files, disable security software, and create backdoors for remote access. This allows attackers to maintain control over the compromised system and carry out malicious activities without being detected.

    Rate this question:

  • 15. 

    QUESTION NO: 215 Security templates are used for which of the following purposes? (Select TWO)

    • A.

      To ensure that email is encrypted by users of PGP

    • B.

      To ensure that PKI will work properly within thecompanys trust model

    • C.

      To ensure that performance is standardized across all servers

    • D.

      To ensure that all servers start from a common security configuration

    • E.

      To ensure that servers are in compliance with the corporate security policy

    Correct Answer(s)
    D. To ensure that all servers start from a common security configuration
    E. To ensure that servers are in compliance with the corporate security policy
    Explanation
    Security templates are used to ensure that all servers start from a common security configuration and to ensure that servers are in compliance with the corporate security policy. By applying security templates, organizations can establish a baseline security configuration for all servers, ensuring consistency and reducing the risk of misconfigurations. Additionally, security templates help organizations enforce their security policies, ensuring that servers meet the required security standards and are in compliance with the organization's overall security objectives.

    Rate this question:

  • 16. 

    QUESTION NO: 216 Frequent signature updates are required by which of the following security applications? (Select TWO).

    • A.

      Antivirus

    • B.

      PGP

    • C.

      Firewall

    • D.

      PKI

    • E.

      IDS

    Correct Answer(s)
    A. Antivirus
    E. IDS
    Explanation
    Antivirus and IDS (Intrusion Detection System) are security applications that require frequent signature updates. Antivirus software needs regular updates to stay up-to-date with the latest virus definitions and protect against new threats. IDS also requires frequent updates to detect and respond to new types of network attacks and anomalies. PGP (Pretty Good Privacy), Firewall, and PKI (Public Key Infrastructure) do not typically require frequent signature updates, making them incorrect choices for this question.

    Rate this question:

  • 17. 

    QUESTION NO: 217 When choosing an antivirus product, which of the following are the MOST important security considerations? (Select TWO).

    • A.

      The frequency of signature updates

    • B.

      The ability to scan encrypted files

    • C.

      The availability of application programming interface

    • D.

      The number of emails that can be scanned

    • E.

      The number of viruses the software can detect

    Correct Answer(s)
    A. The frequency of signature updates
    E. The number of viruses the software can detect
    Explanation
    The frequency of signature updates is important because it ensures that the antivirus software is up to date with the latest known threats. This is crucial as new viruses and malware are constantly being developed. The number of viruses the software can detect is also important as it determines the software's effectiveness in identifying and removing threats. The more viruses the software can detect, the better protected the system will be.

    Rate this question:

  • 18. 

    QUESTION NO: 218 Three generally accepted activities of patch management are: determining which patches are needed, applying the patches and which of the following?

    • A.

      Updating the firewall configuration to include the patches

    • B.

      Running a NIDS report to list the remaining vulnerabilities

    • C.

      Auditing for the successful application of the patches

    • D.

      Backing up the patch file executables to a network share

    Correct Answer
    C. Auditing for the successful application of the patches
    Explanation
    After determining which patches are needed and applying them, it is important to audit for the successful application of the patches. This ensures that the patches have been properly installed and are functioning as intended. Auditing helps to verify that the patches have been applied to all relevant systems and that any vulnerabilities have been addressed. It also provides a record of the patching process, which can be useful for compliance and reporting purposes.

    Rate this question:

  • 19. 

    QUESTION NO: 219 In which of the following situations would it be appropriate to install a hotfix?

    • A.

      A patch in a service pack fixes the issue, but too many extra patches are included.

    • B.

      A patch is not available and workarounds do not correct the problem

    • C.

      A patch is available, but has not yet been tested in a production environment.

    • D.

      A patch is too large to be distributed via a remote deployment tool.

    Correct Answer
    B. A patch is not available and workarounds do not correct the problem
    Explanation
    When a patch is not available and workarounds do not correct the problem, it would be appropriate to install a hotfix. A hotfix is a small, targeted software update that addresses a specific issue or problem. In this situation, since there is no patch available and the workarounds are not effective in resolving the problem, installing a hotfix can provide a temporary solution until a patch is released. Hotfixes are designed to quickly address critical issues and are typically tested and validated by the software vendor before being made available to users.

    Rate this question:

  • 20. 

    QUESTION NO: 220 Social engineering, password cracking and vulnerability exploitation are examples of which of the following?

    • A.

      Vulnerability assessment

    • B.

      Fingerprinting

    • C.

      Penetration testing

    • D.

      Fuzzing

    Correct Answer
    C. Penetration testing
    Explanation
    Social engineering, password cracking, and vulnerability exploitation are all techniques commonly used in penetration testing. Penetration testing involves simulating real-world attacks on a system or network to identify vulnerabilities and weaknesses. By using these techniques, penetration testers can assess the security of a system and determine if unauthorized access or data breaches are possible. This helps organizations identify and address potential security risks before they can be exploited by malicious actors.

    Rate this question:

  • 21. 

    QUESTION NO: 221 If an administrator does not have a NIDS examining network traffic, which of the following could be used to identify an active attack?

    • A.

      Protocol analyzer

    • B.

      Penetration testing tool

    • C.

      Networkmapper

    • D.

      Vulnerability scanner

    Correct Answer
    A. Protocol analyzer
    Explanation
    A protocol analyzer is a tool used to capture and analyze network traffic. It allows administrators to monitor and inspect the packets being transmitted over the network. By analyzing the network traffic, an administrator can identify any suspicious or malicious activity that may indicate an active attack. Therefore, in the absence of a NIDS (Network Intrusion Detection System), a protocol analyzer can be used as an alternative to identify an active attack.

    Rate this question:

  • 22. 

    QUESTION NO: 222 Configuration baselines should be taken at which of the following stages in the deployment of a new system?

    • A.

      Before initial configuration

    • B.

      Before loading the OS

    • C.

      After a user logs in

    • D.

      After initial configuration

    Correct Answer
    D. After initial configuration
    Explanation
    Configuration baselines should be taken after the initial configuration of a new system. This is because the initial configuration involves setting up the system according to the desired specifications and requirements. Once the initial configuration is completed, it is important to take a baseline to capture the current state of the system. This baseline can then be used as a reference point for future comparisons and to ensure that any changes made to the system are in line with the desired configuration.

    Rate this question:

  • 23. 

    QUESTION NO: 223 Which of the following practices should be implemented to harden workstations and servers?

    • A.

      Log on only as the administrator

    • B.

      Install only needed software

    • C.

      Check the logs regularly.

    • D.

      Report all security incidents.

    Correct Answer
    B. Install only needed software
    Explanation
    Installing only needed software is a practice that should be implemented to harden workstations and servers. This is because unnecessary software increases the attack surface and potential vulnerabilities of the system. By installing only the software that is necessary for the system's functionality, the risk of exploitation and unauthorized access is minimized.

    Rate this question:

  • 24. 

    QUESTION NO: 224 Which of the following is a mechanism that prevents electromagnetic emanations from being captured?

    • A.

      Install a repeater

    • B.

      Uninterruptible power supply (UPS)

    • C.

      Faraday cage

    • D.

      Faraday cage

    Correct Answer
    C. Faraday cage
    Explanation
    A Faraday cage is a mechanism that prevents electromagnetic emanations from being captured. It is an enclosure made of conductive materials that creates a shield against electromagnetic radiation. The conductive material absorbs and redirects the electromagnetic waves, preventing them from escaping or entering the cage. This helps to protect sensitive electronic equipment or information from being intercepted or affected by external electromagnetic signals.

    Rate this question:

  • 25. 

    QUESTION NO: 225 Which of the following describes the difference between a secure cipher and a secure hash?

    • A.

      A hash produces a variable output for any input size, a cipher does not.

    • B.

      A cipher produces the same size output for any input size, a hash does not.

    • C.

      A cipher can be reversed, a hash cannot.

    • D.

      A hash can be reversed, a cipher cannot.

    Correct Answer
    C. A cipHer can be reversed, a hash cannot.
    Explanation
    A secure cipher is a cryptographic algorithm that can be reversed or decrypted, meaning that the original message can be recovered from the encrypted form. On the other hand, a secure hash function is a one-way function that cannot be reversed or decrypted. It takes an input of any size and produces a fixed-size output, making it impossible to retrieve the original input from the hash value. Therefore, the statement "A cipher can be reversed, a hash cannot" accurately describes the difference between a secure cipher and a secure hash.

    Rate this question:

  • 26. 

    QUESTION NO: 226 Which of the following physical threats is prevented with mantraps?

    • A.

      Piggybacking

    • B.

      Social engineering

    • C.

      Dumpster diving

    • D.

      Shoulder surfing

    Correct Answer
    A. Piggybacking
    Explanation
    Mantraps are physical security devices that are used to prevent unauthorized access to a secure area. They typically consist of two or more doors or gates that can only be opened one at a time, ensuring that only one person can enter or exit at a time. This effectively prevents piggybacking, which is the act of an unauthorized person following closely behind an authorized person to gain access to a secure area. Therefore, the correct answer is piggybacking.

    Rate this question:

  • 27. 

    QUESTION NO: 227 Which of the following BEST describes the differences between SHA-1 and MD5?

    • A.

      MD5 produces variable length message digests

    • B.

      SHA-1 produces few collisions than MD5

    • C.

      MD5 produces few collisions than SHA-1

    • D.

      SHA-1 produces fixed length message digests.

    Correct Answer
    B. SHA-1 produces few collisions than MD5
    Explanation
    SHA-1 produces fewer collisions than MD5. This means that SHA-1 is less likely to produce the same message digest for different input messages compared to MD5. In other words, SHA-1 has a lower probability of two different inputs producing the same output, making it more secure in terms of collision resistance.

    Rate this question:

  • 28. 

    QUESTION NO: 228 Which of the following BEST applies in the secure disposal of computers?

    • A.

      Computers must be configured for automated patch management

    • B.

      Computer media must be sanitized.

    • C.

      Default passwords must be changed once

    • D.

      Computers must be tested against known TCP/IP vulnerabilities.

    Correct Answer
    B. Computer media must be sanitized.
    Explanation
    In the secure disposal of computers, the best practice is to sanitize the computer media. This means securely wiping or destroying the data stored on the computer's hard drive or other storage devices. This is important to prevent any sensitive information from being accessed by unauthorized individuals. Configuring computers for automated patch management, changing default passwords, and testing against known vulnerabilities are all important security measures, but they do not specifically address the secure disposal of computers.

    Rate this question:

  • 29. 

    QUESTION NO: 229 Which of the following BEST describes the differences between RADIUS and TACACS?

    • A.

      TACACS separates authentication, authorization and auditing capabilities

    • B.

      TACACS is a remote access authentication service

    • C.

      RADIUS is a remote access authentication service

    • D.

      RADIUS separates authentication, authorization and auditing capabilities.

    Correct Answer
    A. TACACS separates authentication, authorization and auditing capabilities
    Explanation
    TACACS is a protocol that separates authentication, authorization, and auditing capabilities, while RADIUS is a protocol that only provides remote access authentication. TACACS allows for more granular control and flexibility in managing user access and permissions by separating these three functions. RADIUS, on the other hand, combines authentication and authorization into a single process.

    Rate this question:

  • 30. 

    QUESTION NO: 230 Which of the following BEST describes the differences between RADIUS and TACACS?

    • A.

      RADIUS encrypts client-server negotiation dialog.

    • B.

      RADIUS is a remote access authentication service.

    • C.

      TACACS encrypts client-server negotiation dialog.

    • D.

      TACACS is a remote access authentication service.

    Correct Answer
    C. TACACS encrypts client-server negotiation dialog.
    Explanation
    TACACS is a remote access authentication service that encrypts the client-server negotiation dialog. This means that when a client and server are communicating, TACACS ensures that their conversation is encrypted, providing a higher level of security. On the other hand, RADIUS is also a remote access authentication service, but it does not encrypt the client-server negotiation dialog. Therefore, the main difference between RADIUS and TACACS lies in their encryption capabilities during the negotiation process.

    Rate this question:

  • 31. 

    QUESTION NO: 231 Which of the following authentication mechanisms performs better in a secure environment?

    • A.

      RADIUS because it is a remote access authentication service

    • B.

      TACACS because it encrypts client-server negotiation dialogs.

    • C.

      RADIUS because it encrypts client-server passwords.

    • D.

      TACACS because it is a remote access authentication service

    Correct Answer
    B. TACACS because it encrypts client-server negotiation dialogs.
    Explanation
    TACACS performs better in a secure environment because it encrypts client-server negotiation dialogs. This encryption adds an extra layer of security to the authentication process, making it more difficult for unauthorized individuals to intercept and access sensitive information. RADIUS, on the other hand, does not provide this level of encryption for the negotiation dialogs, making it potentially less secure in comparison.

    Rate this question:

  • 32. 

    QUESTION NO: 232 To evaluate the security compliance of a group of servers against best practices, which of the following BEST applies?

    • A.

      Get a patch management report.

    • B.

      Conduct a penetration test.

    • C.

      Run a vulnerability assessment tool

    • D.

      Install a protocol analyzer.

    Correct Answer
    C. Run a vulnerability assessment tool
    Explanation
    Running a vulnerability assessment tool is the best option to evaluate the security compliance of a group of servers against best practices. This tool scans the servers and identifies any vulnerabilities or weaknesses in the system. It helps in identifying potential security risks and allows for timely remediation. A vulnerability assessment is a proactive approach that helps in ensuring the servers are secure and compliant with industry best practices.

    Rate this question:

  • 33. 

    QUESTION NO: 233 Which of the following is a problem MOST often associated with UTP cable?

    • A.

      Fuzzing

    • B.

      Vampire tap

    • C.

      Crosstalk

    • D.

      Refraction

    Correct Answer
    C. Crosstalk
    Explanation
    Crosstalk is a problem that is most often associated with UTP (Unshielded Twisted Pair) cable. Crosstalk occurs when there is interference between adjacent pairs of wires within the cable, causing signal degradation and data errors. This interference can be caused by electromagnetic fields from other cables or devices, resulting in a loss of signal quality. Proper cable shielding and separation can help minimize crosstalk and maintain the integrity of the transmitted data.

    Rate this question:

  • 34. 

    QUESTION NO: 234 An administrator notices on the monthly firewall log that many of the internal PCs are sending packets on a routine basis to a single external PC. Which of the following BEST describes what is occurring?

    • A.

      The remote PC has a spam slave application running and the local PCs have a spam master application running

    • B.

      The remote PC has a zombie master application running and the local PCs have a zombie slave application running.

    • C.

      The remote PC has a spam master application running and the local PCs have a spam slave application running

    • D.

      The remote PC has a zombie slave application running and the local PCs have a zombie master application running

    Correct Answer
    B. The remote PC has a zombie master application running and the local PCs have a zombie slave application running.
    Explanation
    The correct answer is that the remote PC has a zombie master application running and the local PCs have a zombie slave application running. This means that the remote PC is controlling the local PCs and using them to send packets to a specific external PC. This is a form of a botnet attack, where the remote PC is the master and the local PCs are the slaves, being used to carry out malicious activities without the knowledge or consent of their owners.

    Rate this question:

  • 35. 

    QUESTION NO: 235 An administrator notices that a PC is sending an unusual amount of email at odd times of the day. Which of the following should the administrator check for FIRST?

    • A.

      A S/MIME buffer overflow

    • B.

      A POP3 protocol exception

    • C.

      DNS poisoning

    • D.

      A SMTP open relay

    Correct Answer
    D. A SMTP open relay
    Explanation
    The administrator should check for an SMTP open relay first because an open relay allows anyone to use the email server to send emails, potentially leading to an unusual amount of email being sent from the PC. This could explain the unusual activity and odd timing of the emails.

    Rate this question:

  • 36. 

    QUESTION NO: 236 Which of the following would a password cracker help an administrator to find?

    • A.

      Weak passwords

    • B.

      Expired passwords

    • C.

      Locked passwords

    • D.

      Backdoor passwords

    Correct Answer
    A. Weak passwords
    Explanation
    A password cracker would help an administrator to find weak passwords. A password cracker is a tool or software that is designed to guess or crack passwords by using various methods such as brute force attacks, dictionary attacks, or rainbow table attacks. By using a password cracker, an administrator can identify passwords that are easily guessable or vulnerable to being cracked, allowing them to take necessary actions to strengthen the security of the system.

    Rate this question:

  • 37. 

    QUESTION NO: 237 Which of the following is setup within a router?

    • A.

      ARP

    • B.

      DMZ

    • C.

      OVAL

    • D.

      DDoS

    Correct Answer
    B. DMZ
    Explanation
    A DMZ (Demilitarized Zone) is a setup within a router that creates a separate network segment to host publicly accessible servers or services. It acts as a buffer zone between the internal network and the external network, providing an additional layer of security. By placing servers in the DMZ, organizations can allow external access to specific services while keeping their internal network protected from potential threats.

    Rate this question:

  • 38. 

    QUESTION NO: 238 Which of the following would BEST allow for fast, highly secure encryption of a USB flash drive?

    • A.

      SHA-1

    • B.

      MD5

    • C.

      3DES

    • D.

      AES256

    Correct Answer
    D. AES256
    Explanation
    AES256 would be the best option for fast, highly secure encryption of a USB flash drive. AES (Advanced Encryption Standard) is a symmetric encryption algorithm that has been widely adopted as a standard for secure data encryption. AES256 refers to the key size of 256 bits, which provides a high level of security. It is considered more secure than SHA-1, MD5, and 3DES, which are either outdated or have weaker encryption capabilities.

    Rate this question:

  • 39. 

    QUESTION NO: 239 When is the correct time to discuss the appropriate use of electronic devices with a new employee?

    • A.

      At time of hire

    • B.

      At time of first correspondence

    • C.

      At time of departure

    • D.

      At time of first system login

    Correct Answer
    A. At time of hire
    Explanation
    The correct time to discuss the appropriate use of electronic devices with a new employee is at the time of hire. This is because it is important to establish expectations and guidelines regarding the use of electronic devices from the beginning of the employment relationship. By discussing this topic at the time of hire, the employer can ensure that the new employee understands the company's policies and can use electronic devices in a responsible and appropriate manner. This helps to create a productive and professional work environment.

    Rate this question:

  • 40. 

    QUESTION NO: 240 Which of the following could BEST assist in the recovery of a crashed hard drive?

    • A.

      Forensics software

    • B.

      Drive optimization

    • C.

      Drive sanitization

    • D.

      Damage and loss control

    Correct Answer
    A. Forensics software
    Explanation
    Forensics software could best assist in the recovery of a crashed hard drive. This type of software is specifically designed to analyze and recover data from damaged or corrupted storage devices. It can help to identify and repair any issues that caused the crash, and retrieve as much data as possible from the hard drive. Forensics software is commonly used in computer forensics investigations, where data recovery is a crucial aspect of the process.

    Rate this question:

  • 41. 

    QUESTION NO: 241 Which of the following facilitates the creation of an unencrypted tunnel between two devices?

    • A.

      AES

    • B.

      HTTPS

    • C.

      L2TP

    • D.

      PPTP

    Correct Answer
    C. L2TP
    Explanation
    L2TP (Layer 2 Tunneling Protocol) facilitates the creation of an unencrypted tunnel between two devices. This protocol allows the transfer of data packets between the devices over the internet in a secure and private manner. It is commonly used for establishing virtual private networks (VPNs) and can be used in combination with other encryption protocols to provide additional security. L2TP does not provide encryption on its own, but it creates a tunnel that can be encrypted using other protocols such as IPsec.

    Rate this question:

  • 42. 

    QUESTION NO: 242 Which of the following allows for a secure connection to be made through a web browser?

    • A.

      L2TP

    • B.

      SSH

    • C.

      SSL

    • D.

      HTTP

    Correct Answer
    C. SSL
    Explanation
    SSL (Secure Sockets Layer) allows for a secure connection to be made through a web browser. SSL is a protocol that encrypts the data transmitted between a web server and a web browser, ensuring that the information remains confidential and cannot be intercepted by unauthorized parties. It is commonly used for secure online transactions, such as e-commerce websites, online banking, and sensitive data transfers.

    Rate this question:

  • 43. 

    QUESTION NO: 243 Which of the following is the BEST order in which crucial equipment should draw power?

    • A.

      Uninterruptible Power Supply (UPS) battery, UPS line conditioner, backup generator

    • B.

      Backup generator, UPS line conditioner, UPS battery

    • C.

      Backup generator, UPS battery, UPS line conditioner

    • D.

      UPS line conditioner, UPS battery, and backup generator

    Correct Answer
    D. UPS line conditioner, UPS battery, and backup generator
    Explanation
    The best order in which crucial equipment should draw power is UPS line conditioner, UPS battery, and backup generator. This order ensures that the power is first conditioned by the UPS line conditioner, which helps to stabilize voltage and filter out any electrical noise. The UPS battery is then used to provide immediate power in case of a power outage or fluctuation. Finally, the backup generator is used to provide long-term power supply in case of extended outages. This order ensures that the equipment receives clean and stable power, with backup options available when needed.

    Rate this question:

  • 44. 

    QUESTION NO: 244 Which of the following would require a pre-sharing of information before a home user could attach to a neighbors wireless adapter?

    • A.

      Anonymous connections enabled

    • B.

      SSID broadcasting disabled

    • C.

      SSID broadcasting enabled

    • D.

      Encryption disabled

    Correct Answer
    B. SSID broadcasting disabled
    Explanation
    SSID broadcasting refers to the practice of a wireless network broadcasting its name (SSID) so that devices can easily detect and connect to it. When SSID broadcasting is disabled, the network's name is not visible to nearby devices. Therefore, in order for a home user to attach to a neighbor's wireless adapter, they would need to know the neighbor's network name (SSID) in advance. This requires a pre-sharing of information between the neighbor and the home user.

    Rate this question:

  • 45. 

    QUESTION NO: 245 Which of the following would BEST allow an administrator to quickly find a rogue server on the network?

    • A.

      Review security access logs

    • B.

      A networkmapper

    • C.

      A protocol analyzer

    • D.

      Review DNS logs

    Correct Answer
    B. A networkmapper
    Explanation
    A network mapper would be the best tool for an administrator to quickly find a rogue server on the network. A network mapper scans the network and identifies all connected devices, allowing the administrator to easily identify any unauthorized or unknown servers. This tool provides a comprehensive view of the network and can quickly pinpoint any rogue servers that may be present.

    Rate this question:

  • 46. 

    QUESTION NO: 246 Which of the following would BEST allow an administrator to quickly find a PC with a blank database administrator password?

    • A.

      Protocol analyzer

    • B.

      Vulnerability scanner

    • C.

      Rainbow tables

    • D.

      Security access logs

    Correct Answer
    B. Vulnerability scanner
    Explanation
    A vulnerability scanner would be the best tool for an administrator to quickly find a PC with a blank database administrator password. Vulnerability scanners are designed to detect weaknesses and vulnerabilities in a system, including weak or blank passwords. By scanning the network and identifying systems with blank database administrator passwords, the administrator can quickly address this security issue and take appropriate actions to secure the system.

    Rate this question:

  • 47. 

    QUESTION NO: 247 An administrator is backing up all server data nightly to a local NAS devicE. Which of the following additional steps should the administrator take for protection from disaster in the case the primary site is permanently lost?

    • A.

      Backup all data at a preset interval to tape and store those tapes at a sister site across the street.

    • B.

      Backup all data at a preset interval to tape and store those tapes at a sister site in another city.

    • C.

      Backup all data at a preset interval to removable disk and store the disk in a safety deposit box at the administrators home

    • D.

      Backup all data at a preset interval to removable disk and store the disk in a fireproof safe in the buildings basement

    Correct Answer
    B. Backup all data at a preset interval to tape and store those tapes at a sister site in another city.
    Explanation
    The correct answer suggests that in order to protect the data from permanent loss in case of a disaster at the primary site, the administrator should backup all data at a preset interval to tape and store those tapes at a sister site in another city. Storing the tapes at a sister site in another city ensures that the backup data is kept in a separate geographical location, reducing the risk of loss due to a local disaster. This provides an additional layer of protection and increases the chances of recovering the data in case of a catastrophic event at the primary site.

    Rate this question:

  • 48. 

    QUESTION NO: 248 Which of the following is the MOST intrusive on a network?

    • A.

      Penetration testing

    • B.

      Protocol analyzers

    • C.

      Port scanners

    • D.

      Vulnerability testing

    Correct Answer
    A. Penetration testing
    Explanation
    Penetration testing is the most intrusive on a network compared to the other options. Penetration testing involves actively simulating attacks on a network to identify vulnerabilities and weaknesses. It goes beyond just analyzing protocols or scanning ports by attempting to exploit vulnerabilities and gain unauthorized access. This can potentially disrupt network operations and compromise sensitive data. Protocol analyzers analyze network traffic, port scanners scan for open ports, and vulnerability testing identifies weaknesses, but they are less invasive compared to penetration testing.

    Rate this question:

  • 49. 

    QUESTION NO: 249 A single sign-on requires which of the following?

    • A.

      Multifactor authentication

    • B.

      One-factor authentication

    • C.

      A trust model between workstations

    • D.

      A unified trust model

    Correct Answer
    D. A unified trust model
    Explanation
    A unified trust model is required for a single sign-on system. This means that all workstations and systems within the network must trust each other and share a common authentication mechanism. This allows users to authenticate once and gain access to multiple resources without having to provide credentials again. With a unified trust model, the authentication process is streamlined and users can easily navigate between different systems and applications without the need for multiple logins.

    Rate this question:

  • 50. 

    QUESTION NO: 250 All of the following are where backup tapes should be kept EXCEPT:

    • A.

      Near a fiber optic cable entrance.

    • B.

      Near a shared LCD screen

    • C.

      Near a power line.

    • D.

      Near a high end server.

    Correct Answer
    C. Near a power line.
    Explanation
    Backup tapes should be kept in secure and controlled environments to ensure their safety and integrity. Keeping them near a fiber optic cable entrance, shared LCD screen, or high-end server could expose them to potential risks such as physical damage, unauthorized access, or electromagnetic interference. However, keeping them near a power line poses the risk of electrical hazards and potential damage due to power surges or fluctuations. Hence, near a power line is not an appropriate location for storing backup tapes.

    Rate this question:

Quiz Review Timeline +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Jan 25, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 21, 2010
    Quiz Created by
    Ctstravis
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.