How Well You Know SEC+ Study Guide D Quiz

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Ctstravis
C
Ctstravis
Community Contributor
Quizzes Created: 8 | Total Attempts: 2,484
| Attempts: 126
SettingsSettings
Please wait...
  • 1/100 Questions

    QUESTION NO: 324 Which of the following should the technician recommend as a way to logically separate various internal networks from each other?

    • NIDS
    • VLAN
    • NAT
    • HIDS
Please wait...
About This Quiz


A majority of people spends most of their time on the internet either doing research or just checking on their online presence. If you are a Sec+ student take this quiz to find how much you know about the subject and more.

How Well You Know SEC+ Study Guide D Quiz - Quiz

Quiz Preview

  • 2. 

    QUESTION NO: 349 Which of the following is commonly programmed into an application for ease of administration?

    • Back door

    • Worm

    • Zombie

    • Trojan

    Correct Answer
    A. Back door
    Explanation
    A back door is commonly programmed into an application for ease of administration. It allows authorized individuals to bypass normal authentication processes and gain access to the system or application. This can be useful for system administrators or developers who need to troubleshoot or make changes without going through the usual authentication steps. However, back doors can also be exploited by unauthorized individuals, making them a potential security risk if not properly managed and secured.

    Rate this question:

  • 3. 

    QUESTION NO: 301 Which of the following reduces the effectiveness of telephone social engineering?

    • Automatic callback

    • Monitoring outbound calls

    • Awareness training

    • Use of VoIP

    Correct Answer
    A. Awareness training
    Explanation
    Awareness training reduces the effectiveness of telephone social engineering by educating individuals about the tactics and techniques used by social engineers. This training helps individuals recognize and respond appropriately to suspicious or manipulative phone calls, reducing the likelihood of falling victim to social engineering attacks. By increasing awareness and knowledge, individuals are better equipped to identify and protect against social engineering attempts, ultimately reducing their effectiveness.

    Rate this question:

  • 4. 

    QUESTION NO: 302 Which of the following will execute malicious code at a pre-specified time?

    • Logic Bomb

    • DoS

    • Worm

    • Rootkit

    Correct Answer
    A. Logic Bomb
    Explanation
    A logic bomb is a type of malicious code that is designed to execute at a pre-specified time or when a specific condition is met. It is typically inserted into a computer system by a malicious insider, and its purpose is to cause harm or disruption to the system or its data. Once triggered, a logic bomb can delete files, corrupt data, or perform other malicious actions. Unlike a worm or a rootkit, which are designed to spread or gain unauthorized access, a logic bomb is specifically programmed to activate at a certain time or under certain conditions.

    Rate this question:

  • 5. 

    QUESTION NO: 318 When should a technician perform disaster recovery testing?

    • Immediately following lessons learned sessions

    • Once a month, during peak business hours

    • After the network is stable and online

    • In accordance with the disaster recovery plan

    Correct Answer
    A. In accordance with the disaster recovery plan
    Explanation
    The correct answer is "In accordance with the disaster recovery plan". Disaster recovery testing should be performed according to the plan that has been developed and documented for the organization. This plan outlines the procedures and steps to be taken in the event of a disaster, including when and how testing should be conducted. Following the plan ensures that testing is done at the appropriate times and in the most effective way to ensure the organization's ability to recover from a disaster.

    Rate this question:

  • 6. 

    QUESTION NO: 353 Which of the following should be done if an organization intends to prosecute an attacker once an attack has been completed?

    • Update antivirus definitions

    • Disconnect the entire network from the Internet.

    • Apply proper forensic techniques.

    • Restore missing files on the affected system

    Correct Answer
    A. Apply proper forensic techniques.
    Explanation
    If an organization intends to prosecute an attacker once an attack has been completed, they should apply proper forensic techniques. Forensic techniques involve collecting and analyzing evidence from the affected systems to identify the attacker, understand the attack methodology, and gather evidence that can be used in legal proceedings. This includes preserving and documenting the state of the affected systems, conducting a thorough investigation, and following legal procedures to ensure the collected evidence is admissible in court. Updating antivirus definitions, disconnecting the network, and restoring missing files are important steps in incident response but do not directly relate to prosecuting the attacker.

    Rate this question:

  • 7. 

    QUESTION NO: 361 Which of the following would allow a technician to compile a visual view of an infrastructure?

    • Security log

    • Networkmapper

    • Port scanner

    • Protocol analyzer

    Correct Answer
    A. Networkmapper
    Explanation
    A network mapper is a tool that allows a technician to compile a visual view of an infrastructure. It scans the network and creates a map of all the devices and connections present. This map provides a visual representation of the network, making it easier for the technician to understand and analyze the infrastructure. It helps in identifying any potential vulnerabilities or issues in the network.

    Rate this question:

  • 8. 

    QUESTION NO: 344 Which of the following is planted on an infected system and deployed at a predetermined time?

    • Logic bomb

    • Trojan horse

    • Worm

    • Rootkit

    Correct Answer
    A. Logic bomb
    Explanation
    A logic bomb is a malicious code that is planted on an infected system and is programmed to execute a specific action at a predetermined time or when certain conditions are met. Unlike a Trojan horse or a worm, which are designed to spread and infect other systems, a logic bomb remains dormant until triggered. Once triggered, it can cause damage to the system, such as deleting files, stealing data, or disrupting operations. Therefore, a logic bomb fits the description of being planted on an infected system and deployed at a predetermined time.

    Rate this question:

  • 9. 

    QUESTION NO: 346 According to company policy an administrator must logically keep the Human Resources department separated from the Accounting department. Which of the following would be the simplest way to accomplish this?

    • NIDS

    • DMZ

    • NAT

    • VLAN

    Correct Answer
    A. VLAN
    Explanation
    A VLAN (Virtual Local Area Network) would be the simplest way to logically separate the Human Resources department from the Accounting department. VLANs allow for the creation of separate virtual networks within a physical network infrastructure, allowing for different departments to be isolated from each other while still sharing the same physical resources. This would ensure that the two departments remain separate and their network traffic does not mix, in accordance with the company policy.

    Rate this question:

  • 10. 

    QUESTION NO: 354 Which of the following documents specifies the uptime guarantee of a web server?

    • Due process

    • Due diligence

    • Scope of work

    • Service level agreement

    Correct Answer
    A. Service level agreement
    Explanation
    A service level agreement (SLA) is a document that specifies the terms and conditions of a service, including the uptime guarantee of a web server. It outlines the agreed-upon level of service that the provider will deliver to the customer, including details such as response time, availability, and performance metrics. The SLA ensures that both parties are aware of their responsibilities and sets clear expectations for the quality and reliability of the service.

    Rate this question:

  • 11. 

    QUESTION NO: 393 An administrator is asked to recommend the most secure transmission mediA. Which of the following should be recommended?

    • Unshielded twisted pair cable

    • Fiber optic cable

    • Ethernet CAT5 cable

    • Coaxial cable

    Correct Answer
    A. Fiber optic cable
    Explanation
    Fiber optic cable should be recommended as the most secure transmission media. This is because it uses light signals to transmit data, which makes it immune to electromagnetic interference and difficult to tap into. It also has a low signal loss over long distances and is resistant to physical damage and environmental factors.

    Rate this question:

  • 12. 

    QUESTION NO: 315 Which of the following is the primary incident response function of a first responder?

    • To evaluate the scene and repair the problem

    • To secure the scene and preserve evidence

    • To evaluate the scene and determine the cause

    • To gather evidence and write reports

    Correct Answer
    A. To secure the scene and preserve evidence
    Explanation
    The primary incident response function of a first responder is to secure the scene and preserve evidence. This involves taking immediate action to ensure the safety and security of the area where the incident occurred, as well as collecting and preserving any evidence that may be relevant to the investigation. By securing the scene and preserving evidence, the first responder helps to maintain the integrity of the incident and ensure that a thorough investigation can take place.

    Rate this question:

  • 13. 

    QUESTION NO: 323 After an attacker has successfully gained remote access to a server with minimal privileges, which of the following is their next step?

    • Elevate system privileges.

    • Monitor networktraffiC.

    • Capture private keys.

    • Begin key recovery

    Correct Answer
    A. Elevate system privileges.
    Explanation
    After an attacker has gained remote access to a server with minimal privileges, their next step would be to elevate their system privileges. By doing so, the attacker can gain higher levels of access and control over the server, allowing them to carry out more advanced attacks and potentially gain access to sensitive information or perform malicious activities. Monitoring network traffic, capturing private keys, and beginning key recovery may be subsequent steps that the attacker takes, but elevating system privileges is the immediate priority to gain more control over the compromised server.

    Rate this question:

  • 14. 

    QUESTION NO: 316 Which of the following is the GREATEST problem with low humidity in a server room?

    • Static electricity

    • Power surge

    • Electromagnetic interference

    • Brown out

    Correct Answer
    A. Static electricity
    Explanation
    Low humidity in a server room can lead to an increase in static electricity. Static electricity can cause damage to sensitive electronic equipment, such as servers, by creating sparks that can disrupt or destroy circuitry. This can result in data loss, system failures, and potentially costly repairs or replacements. Therefore, the greatest problem with low humidity in a server room is the increased risk of static electricity and its potential impact on the equipment.

    Rate this question:

  • 15. 

    QUESTION NO: 347 Which of the following is an attack which is launched from multiple zombie machines in attempt to bring down a service?

    • DoS

    • Man-in-the-middle

    • DDoS

    • TCP/IP hijacking

    Correct Answer
    A. DDoS
    Explanation
    A DDoS (Distributed Denial of Service) attack is launched from multiple zombie machines, which are compromised computers or devices controlled by an attacker. The goal of a DDoS attack is to overwhelm a targeted service or website with a flood of traffic, making it unavailable to legitimate users. This attack is different from a DoS (Denial of Service) attack, which is launched from a single source, as it utilizes multiple sources to amplify the impact and make it harder to defend against. A DDoS attack can cause significant disruption and financial loss for the targeted organization.

    Rate this question:

  • 16. 

    QUESTION NO: 363 Which of the following is an area of the network infrastructure that allows a technician to place public facing systems into it without compromising the entire infrastructure?

    • VPN

    • NAT

    • VLAN

    • DMZ

    Correct Answer
    A. DMZ
    Explanation
    A DMZ (Demilitarized Zone) is an area of the network infrastructure that allows a technician to place public facing systems into it without compromising the entire infrastructure. It acts as a buffer zone between the internet and the internal network, providing an additional layer of security. By placing public facing systems in the DMZ, any potential attacks or compromises are isolated to that area and do not have direct access to the internal network. This helps to protect sensitive data and resources from being compromised in the event of a breach.

    Rate this question:

  • 17. 

    QUESTION NO: 370 Which of the following media is LEAST susceptible to a tap being placed on the line?

    • Fiber

    • UTP

    • STP

    • Coaxial

    Correct Answer
    A. Fiber
    Explanation
    Fiber optic cables are the least susceptible to taps being placed on the line because they use light signals to transmit data. Unlike UTP, STP, and coaxial cables, fiber optic cables do not emit electromagnetic signals that can be easily intercepted or tapped into. The use of light signals makes it difficult for unauthorized individuals to access the data being transmitted through the fiber optic cable, making it a more secure option.

    Rate this question:

  • 18. 

    QUESTION NO: 375 Which of the following would be MOST effective in stopping phishing attempts?

    • Antivirus

    • User training

    • NIDS

    • HIDS

    Correct Answer
    A. User training
    Explanation
    User training would be the most effective in stopping phishing attempts because it educates users on how to recognize and avoid phishing scams. By teaching users how to identify suspicious emails, websites, and requests for personal information, they are less likely to fall victim to phishing attacks. Antivirus software, NIDS (Network Intrusion Detection System), and HIDS (Host Intrusion Detection System) can also provide additional layers of security, but they may not be as effective in preventing phishing attempts as user training.

    Rate this question:

  • 19. 

    QUESTION NO: 388 Which of the following is the BEST solution to implement to reduce unsolicited email?

    • Pop-up blocker

    • Anti-spam

    • Antivirus

    • Personal software firewall

    Correct Answer
    A. Anti-spam
    Explanation
    The BEST solution to reduce unsolicited email is to implement an anti-spam solution. Anti-spam software is specifically designed to filter out and block unwanted emails, preventing them from reaching the user's inbox. This helps to reduce the amount of unsolicited email and minimize the chances of falling victim to phishing scams or malware contained in spam emails. Pop-up blockers, antivirus software, and personal software firewalls are not specifically designed to address the issue of unsolicited email, making anti-spam the most appropriate solution.

    Rate this question:

  • 20. 

    QUESTION NO: 314 Which of the following BEST describes the form used while transferring evidence?

    • Booking slip

    • Affidavit

    • Chain of custody

    • Evidence log

    Correct Answer
    A. Chain of custody
    Explanation
    The form used while transferring evidence is called the chain of custody. This form is used to document the movement and handling of evidence from the time it is collected until it is presented in court. It includes details such as who collected the evidence, where it was stored, who had access to it, and any changes or transfers that occurred. The chain of custody is crucial in maintaining the integrity and admissibility of the evidence in court.

    Rate this question:

  • 21. 

    QUESTION NO: 330 Human Resources has requested that staff members be moved to different parts of the country into new positions. Which of the following is this an example of?

    • Implicit deny

    • Separation of duties

    • Least privilege

    • Job rotation

    Correct Answer
    A. Job rotation
    Explanation
    Job rotation refers to the practice of moving employees to different positions or departments within an organization. This can be done for various reasons, such as providing employees with new learning opportunities, preventing burnout, or enhancing their skills and knowledge. In this case, Human Resources has requested staff members to be moved to different parts of the country into new positions, which aligns with the concept of job rotation.

    Rate this question:

  • 22. 

    QUESTION NO: 334 An administrator is asked to improve the physical security of a data center located inside the office building. The data center already maintains a physical access log and has a video surveillance system. Which of the following additional controls could be implemented?

    • Defense-in-depth

    • Logical token

    • ACL

    • Mantrap

    Correct Answer
    A. Mantrap
    Explanation
    A mantrap is an additional control that could be implemented to improve the physical security of a data center. A mantrap is a small enclosed area with two or more doors, where one door must be closed and locked before the other door can be opened. This prevents unauthorized individuals from entering the data center by only allowing one person at a time and ensuring that the doors cannot be opened simultaneously. Implementing a mantrap adds an extra layer of security to the data center, enhancing the overall physical security measures already in place.

    Rate this question:

  • 23. 

    QUESTION NO: 352 Which of the following disaster recovery components is a location that is completely empty, but allows the infrastructure to be built if the live site goes down?

    • Mirrored site

    • Cold site

    • Warm site

    • Hot site

    Correct Answer
    A. Cold site
    Explanation
    A cold site is a disaster recovery component that is a completely empty location. It does not have any infrastructure in place but allows for the infrastructure to be built if the live site goes down. In the event of a disaster, the necessary equipment, systems, and data would need to be transported and set up at the cold site before operations can resume. Compared to other disaster recovery components like hot sites or warm sites, a cold site typically has a longer recovery time objective as it requires more time and effort to bring the infrastructure online.

    Rate this question:

  • 24. 

    QUESTION NO: 358 Which of the following logs would reveal activities related to an ACL?

    • Mobile device

    • Transaction

    • Firewall

    • Performance

    Correct Answer
    A. Firewall
    Explanation
    The correct answer is "Firewall" because a firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules. It logs activities related to access control lists (ACLs), which are used to control network traffic flow and determine what network resources can be accessed by which users or devices. The firewall logs would provide information about any activities or events related to the ACLs, such as denied or allowed connections, blocked or permitted ports, and other security-related actions.

    Rate this question:

  • 25. 

    QUESTION NO: 378 Which of the following could involve moving physical locations every two years to help mitigate security risks?

    • Implicit deny

    • Least privilege

    • Job rotation

    • Separation of duties

    Correct Answer
    A. Job rotation
    Explanation
    Job rotation could involve moving physical locations every two years to help mitigate security risks. This practice ensures that employees are not in the same position for an extended period of time, reducing the risk of insider threats or unauthorized access. By regularly changing their work environment, it becomes more difficult for individuals to exploit their knowledge or access to sensitive information. This strategy also helps in cross-training employees and increasing their understanding of different roles within the organization.

    Rate this question:

  • 26. 

    QUESTION NO: 313 Which of the following should be included in a forensic toolkit?

    • Compressed air

    • Tape recorder

    • Fingerprint cards

    • Digital camera

    Correct Answer
    A. Digital camera
    Explanation
    A digital camera should be included in a forensic toolkit because it allows forensic investigators to capture high-quality photographs of crime scenes, evidence, and other relevant details. These photographs can be used as visual documentation and can provide crucial information during the investigation and in court proceedings. Additionally, digital cameras offer the advantage of easily transferring and storing images, making them an essential tool for forensic analysis.

    Rate this question:

  • 27. 

    QUESTION NO: 387 Which of the following is BEST used to determine whether network utilization is abnormal?

    • Security log

    • Performance baseline

    • Application log

    • Application log

    Correct Answer
    A. Performance baseline
    Explanation
    A performance baseline is the best tool to determine whether network utilization is abnormal. A performance baseline is a measurement of normal network behavior and usage over a period of time. By comparing current network utilization to the baseline, any abnormal spikes or deviations can be identified, indicating potential network issues or abnormal activity. This allows for proactive monitoring and troubleshooting to ensure optimal network performance and security. The security log and application log may provide information on specific security events or application errors, but they do not provide a comprehensive view of network utilization.

    Rate this question:

  • 28. 

    QUESTION NO: 371 Which of the following is responsible for establishing trust models?

    • The firewall

    • The information security officer

    • The certificate authority

    • The key escrow agent

    Correct Answer
    A. The certificate authority
    Explanation
    The certificate authority is responsible for establishing trust models. A certificate authority is an entity that issues digital certificates, which are used to verify the authenticity and integrity of electronic documents and communications. These certificates contain information about the identity of the certificate holder and are digitally signed by the certificate authority. By trusting the certificate authority, users can trust the certificates it issues, allowing for secure and trusted communication over networks.

    Rate this question:

  • 29. 

    QUESTION NO: 384 Which of the following scenarios would a penetration test BEST be used for?

    • When providing a proof of concept demonstration for a vulnerability

    • While in the reconnaissance phase

    • When performing network mapping

    • When conducting performance monitoring

    Correct Answer
    A. When providing a proof of concept demonstration for a vulnerability
    Explanation
    A penetration test is typically used to identify vulnerabilities in a system or network by simulating an attack. It involves attempting to exploit these vulnerabilities to gain unauthorized access or perform other malicious activities. In this scenario, conducting a penetration test would be most appropriate when providing a proof of concept demonstration for a vulnerability. This would involve demonstrating how a potential attacker could exploit the vulnerability to gain unauthorized access or cause harm to the system.

    Rate this question:

  • 30. 

    QUESTION NO: 369 Which of the following would be the BEST choice to ensure only ports 25, 80 and 443 were open from outside of the network?

    • Firewall

    • DMZ

    • VLAN

    • Proxy

    Correct Answer
    A. Firewall
    Explanation
    A firewall would be the best choice to ensure only ports 25, 80, and 443 are open from outside of the network. A firewall is a network security device that monitors and filters incoming and outgoing network traffic based on predetermined security rules. By configuring the firewall to only allow traffic on ports 25, 80, and 443, it can effectively restrict access to only those specific ports while blocking all other ports. This helps to enhance network security by minimizing the potential attack surface and reducing the risk of unauthorized access to the network.

    Rate this question:

  • 31. 

    QUESTION NO: 331 An administrator is worried about an attacker using a compromised user account to gain administrator access to a system. Which of the following is this an example of?

    • Man-in-the-middle attack

    • Protocol analysis

    • Privilege escalation

    • Cross-site scripting

    Correct Answer
    A. Privilege escalation
    Explanation
    This scenario describes a privilege escalation attack, where an attacker exploits a compromised user account to gain higher privileges, such as administrator access, on a system. This allows the attacker to perform unauthorized actions and potentially compromise the entire system.

    Rate this question:

  • 32. 

    QUESTION NO: 336 A technician notices delays in mail delivery on the mail server. Which of the following tools could be used to determine the cause of the service degradation?

    • Port scanner

    • Performance monitor

    • Ipconfig /all

    • TFTP

    Correct Answer
    A. Performance monitor
    Explanation
    Performance monitor is the correct answer because it is a tool that can be used to monitor and analyze the performance of a system, including network performance. By using performance monitor, the technician can track various performance metrics such as CPU usage, memory usage, disk activity, and network traffic. This will help the technician identify any bottlenecks or issues that may be causing the delays in mail delivery on the mail server.

    Rate this question:

  • 33. 

    QUESTION NO: 351Which of the following authentication models uses a KDC?

    • CHAP

    • PKI

    • PGP

    • Kerberos

    Correct Answer
    A. Kerberos
    Explanation
    Kerberos is the correct answer because it is an authentication model that uses a Key Distribution Center (KDC). The KDC acts as a trusted third party that issues tickets to clients and servers, allowing them to authenticate and establish secure communication. The KDC generates a session key that is shared between the client and the server, ensuring secure authentication and encryption of data.

    Rate this question:

  • 34. 

    QUESTION NO: 362 Which of the following creates separate logical networks?

    • NAT

    • DMZ

    • NAC

    • Subnetting

    Correct Answer
    A. Subnetting
    Explanation
    Subnetting creates separate logical networks by dividing a larger network into smaller subnetworks, each with its own unique network address. This allows for more efficient use of IP addresses and better network management. Each subnet acts as a separate network, with its own network ID and broadcast address, allowing for better organization and control of network traffic. NAT (Network Address Translation) is used to translate private IP addresses to public IP addresses, DMZ (Demilitarized Zone) is a separate network segment used to provide additional security for publicly accessible servers, and NAC (Network Access Control) is a security technology used to enforce policies on devices connecting to a network.

    Rate this question:

  • 35. 

    QUESTION NO: 396 To prevent the use of previously issued PKI credentials which have expired or otherwise become invalid, administrators should always design programs to check which of the following?

    • PKI

    • CRL

    • Escrow

    • CA

    Correct Answer
    A. CRL
    Explanation
    Administrators should always design programs to check the Certificate Revocation List (CRL) to prevent the use of previously issued PKI credentials that have expired or become invalid. The CRL is a list maintained by the Certification Authority (CA) that contains the serial numbers of revoked certificates. By checking the CRL, programs can ensure that only valid and active certificates are being used, enhancing the security and integrity of the PKI system.

    Rate this question:

  • 36. 

    QUESTION NO: 398 Which of the following describes an implementation of PKI where a copy of a users private key is stored to provide third party access and to facilitate recovery operations?

    • Registration

    • Recovery agent

    • Key escrow

    • Asymmetric

    Correct Answer
    A. Key escrow
    Explanation
    Key escrow is a method of implementing Public Key Infrastructure (PKI) where a copy of a user's private key is stored by a trusted third party. This is done to provide third party access and to facilitate recovery operations in case the user loses their private key or it becomes compromised. The third party, known as a key escrow agent, securely holds the copy of the private key and can release it to authorized parties when necessary. This allows for the recovery of encrypted data or the restoration of access to encrypted systems.

    Rate this question:

  • 37. 

    QUESTION NO: 386 Which of the following implements the strongest hashing algorithm?

    • NTLMv2

    • NTLM

    • VLAN

    • LANMAN

    Correct Answer
    A. NTLMv2
    Explanation
    NTLMv2 implements the strongest hashing algorithm among the given options. NTLMv2 (NT LAN Manager version 2) is a security protocol that provides authentication, integrity, and confidentiality for users in a Windows network. It uses a stronger hashing algorithm compared to NTLM, VLAN, and LANMAN, making it more secure against various attacks such as brute force and rainbow table attacks.

    Rate this question:

  • 38. 

    QUESTION NO: 325 An organization has requested the ability to monitor all network traffic as it traverses their network. Which of the following should a technician implement?

    • Content filter

    • Protocol analyzer

    • Honeypot

    • HIDS

    Correct Answer
    A. Protocol analyzer
    Explanation
    A protocol analyzer is a tool that allows technicians to capture and analyze network traffic. By implementing a protocol analyzer, the organization will be able to monitor all network traffic as it traverses their network. This tool will provide detailed information about the protocols being used, the source and destination of the traffic, and any potential issues or security threats. It is an effective solution for network monitoring and troubleshooting purposes.

    Rate this question:

  • 39. 

    QUESTION NO: 307 Which of the following provides the MOST control when deploying patches?

    • Hotfix

    • Remote desktop

    • Patch management

    • Service packs

    Correct Answer
    A. Patch management
    Explanation
    Patch management provides the most control when deploying patches. Patch management refers to the process of acquiring, testing, and deploying patches or updates to software systems. It allows organizations to centrally manage and control the deployment of patches across multiple devices or systems. With patch management, organizations can schedule and automate patch deployments, prioritize critical patches, and ensure that patches are applied consistently and efficiently. This level of control ensures that patches are deployed in a controlled and organized manner, reducing the risk of system vulnerabilities and improving overall security.

    Rate this question:

  • 40. 

    QUESTION NO: 376 Which of the following consists of markings outside a building that indicate the connection speed of a nearby unsecured wireless network?

    • War driving

    • War chalking

    • Blue jacking

    • Bluesnarfing

    Correct Answer
    A. War chalking
    Explanation
    War chalking consists of markings outside a building that indicate the connection speed of a nearby unsecured wireless network. It is a method used by individuals to identify and share information about open Wi-Fi networks in a specific area. The markings are typically made with chalk or other visible materials to indicate the presence of an unsecured network and provide information such as the network's name and speed. This practice was popularized in the early 2000s as a way for hackers and enthusiasts to locate and access unsecured Wi-Fi networks.

    Rate this question:

  • 41. 

    QUESTION NO: 391 Which of the following BEST describes the practice of dumpster diving?

    • Sorting through the garbage of an organization to obtain information used for configuration management.

    • Sorting through the garbage of an organization to obtain information used for a subsequent attack.

    • Sorting through the trash of an organization to obtain information found on their intranet.

    • Sorting through the trash of an organization to recover an old user ID badge previously used for an attack

    Correct Answer
    A. Sorting through the garbage of an organization to obtain information used for a subsequent attack.
    Explanation
    Dumpster diving is the practice of sorting through the garbage of an organization to obtain information that can be used for a subsequent attack. This can include finding discarded documents or electronic devices that contain sensitive information such as passwords, customer data, or internal documents. By obtaining this information, an attacker can gain unauthorized access to systems or use it for other malicious purposes.

    Rate this question:

  • 42. 

    QUESTION NO: 397 To prevent the use of stolen PKI certificates on web servers, which of the following should an administrator ensure is available to their web servers?

    • Registration

    • CA

    • CRL

    • Key escrow

    Correct Answer
    A. CRL
    Explanation
    To prevent the use of stolen PKI certificates on web servers, an administrator should ensure that a Certificate Revocation List (CRL) is available to their web servers. A CRL is a list maintained by a Certificate Authority (CA) that contains the serial numbers of revoked certificates. By regularly checking the CRL, web servers can verify if a certificate has been revoked and prevent its use. This helps in maintaining the security and integrity of the PKI infrastructure.

    Rate this question:

  • 43. 

    QUESTION NO: 317 Which of the following protocols is used to ensure secure transmissions on port 443?

    • HTTPS

    • Telnet

    • SFTP

    • SHTTP

    Correct Answer
    A. HTTPS
    Explanation
    HTTPS (Hypertext Transfer Protocol Secure) is the correct answer because it is the protocol used to ensure secure transmissions on port 443. HTTPS uses encryption to secure the communication between a client and a server, providing confidentiality and integrity of the transmitted data. It is commonly used for secure online transactions, such as e-commerce websites, where sensitive information like credit card details needs to be protected from unauthorized access.

    Rate this question:

  • 44. 

    QUESTION NO: 308 If a technician wants to know when a computer application is accessing the network, which of the following  logs should be reviewed?

    • Antivirus log

    • RADIUS log

    • Performance log

    • Host firewall log

    Correct Answer
    A. Host firewall log
    Explanation
    The host firewall log should be reviewed if a technician wants to know when a computer application is accessing the network. The host firewall log keeps a record of all the network traffic that is allowed or blocked by the firewall on the computer. By reviewing this log, the technician can determine when and how the application is accessing the network, providing valuable information for troubleshooting or security purposes.

    Rate this question:

  • 45. 

    QUESTION NO: 327 Which of the following is the MOST difficult security concern to detect when contractors enter a secured facility?

    • Rogue access points being installed

    • Copying sensitive information with cellular phones

    • Removing mass storagei SCSI drives

    • Removing network attached storage

    Correct Answer
    A. Copying sensitive information with cellular phones
    Explanation
    Copying sensitive information with cellular phones is the most difficult security concern to detect when contractors enter a secured facility because it can be done discreetly and without any physical evidence. Unlike installing rogue access points or removing storage devices, copying sensitive information with cellular phones does not require any additional hardware or obvious actions. Contractors can easily use their personal phones to take pictures or record confidential information without raising suspicion. This makes it challenging for security personnel to detect and prevent this type of security breach.

    Rate this question:

  • 46. 

    QUESTION NO: 337 Penetration testing should only be used once which of the following items is in place?

    • Acceptable use policy

    • Data retention and disclosure policy

    • Service level agreement

    • Written permission

    Correct Answer
    A. Written permission
    Explanation
    Penetration testing involves simulating an attack on a system to identify vulnerabilities. It is a highly invasive and potentially disruptive process. Therefore, it should only be conducted with proper authorization. Written permission ensures that the organization is aware of and has approved the testing, and it helps establish clear boundaries and expectations for the testing process. Without written permission, there is a risk of unauthorized testing, which can lead to legal and security issues. Therefore, written permission is a crucial requirement before conducting penetration testing.

    Rate this question:

  • 47. 

    QUESTION NO: 332 Which of the following is used to deny authorized users access to services?

    • Botnets

    • Adware

    • Spyware

    • Trojans

    Correct Answer
    A. Botnets
    Explanation
    Botnets are a network of compromised computers that are controlled by a malicious actor. These computers, also known as "zombies" or "bots," can be used to launch coordinated attacks on websites or services, overwhelming them with traffic and denying access to legitimate users. By utilizing the power of multiple computers, botnets can generate a significant amount of traffic, making it difficult for authorized users to access the targeted services. Therefore, botnets are used to deny authorized users access to services.

    Rate this question:

  • 48. 

    QUESTION NO: 338 An administrator recommends that management establish a trusted third party central repository to maintain all employees private keys. Which of the following BEST describes the administrators recommendation?

    • Registration

    • Certificate authority

    • Recovery agent

    • Key escrow

    Correct Answer
    A. Key escrow
    Explanation
    The administrator's recommendation is to establish a trusted third party central repository to maintain all employees' private keys. This is known as key escrow. Key escrow involves storing encryption keys with a trusted third party in case they need to be recovered or accessed in the future. This ensures that the keys are securely stored and can be retrieved if necessary.

    Rate this question:

  • 49. 

    QUESTION NO: 372 Which of the following allows attackers to gain control over the web camera of a system?

    • ActiveX component

    • SQL injection

    • Cross-site scripting

    • XML

    Correct Answer
    A. ActiveX component
    Explanation
    An ActiveX component is a type of software module that can be used to add functionality to a web browser. However, it can also be exploited by attackers to gain control over a system's web camera. This can be done by tricking the user into downloading and executing a malicious ActiveX control, which then gives the attacker access to the camera. Therefore, the correct answer is ActiveX component.

    Rate this question:

Quiz Review Timeline (Updated): Apr 24, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Apr 24, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 22, 2010
    Quiz Created by
    Ctstravis
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.