SEC+ Study Guide B

100 Questions | Total Attempts: 73

SettingsSettingsSettings
Please wait...
Study Guide Quizzes & Trivia

101-200


Questions and Answers
  • 1. 
    QUESTION NO: 101A technician is rebuilding the infrastructure for an organization. The technician has been tasked with making sure that the virtualization technology is implemented securely. Which of the following is a concern when implementing virtualization technology?
    • A. 

      The technician should verify that the virtual servers are dual homed so that traffic is securely separated.

    • B. 

      The technician should verify that the virtual servers and the host have the latest service packs and patches applied.

    • C. 

      The technician should subnet the network so each virtual server is on a different network segment.

    • D. 

      The technician should perform penetration testing on all the virtual servers to monitor performance.

  • 2. 
    QUESTION NO: 102A technician is reviewing the logical access control method an organization uses. One of the senior managers requests that the technician prevent staff members from logging on during nonworking days. Which of the following should the technician implement to meet managements request?
    • A. 

      Enforce Kerberos

    • B. 

      Deploy smart cards

    • C. 

      Time of day restrictions

    • D. 

      Access control lists

  • 3. 
    QUESTION NO: 103How would a technician implement a security patch in an enterprise environment?
    • A. 

      Download the patch from the vendors secure website and install it on the most vulnerable workstation

    • B. 

      Download the patch from the vendors secure website, test the patch and install it on all workstations.

    • C. 

      Download the patch from the vendors secure website and install it as needed

    • D. 

      Download the patch from the Internet, test the patch and install it on all of the productionservers.WBerlin

  • 4. 
    QUESTION NO: 104Which of the following is considered the weakest encryption?
    • A. 

      AES

    • B. 

      DES

    • C. 

      SHA

    • D. 

      RSA

  • 5. 
    QUESTION NO: 105Which of the following encryption schemes is the public key infrastructure based on?
    • A. 

      Quantum

    • B. 

      Elliptical curve

    • C. 

      Asymmetric

    • D. 

      Symmetric

  • 6. 
    QUESTION NO: 106Which of the following BEST describes the term war driving?
    • A. 

      Driving from point to point with a laptop and an antenna to find unsecured wireless access points.

    • B. 

      Driving from point to point with a wireless scanner to read other users emails through the access point.

    • C. 

      Driving from point to point with a wireless network card and hacking into unsecured wireless access points.

    • D. 

      Driving from point to point with a wireless scanner to use unsecured access points

  • 7. 
    QUESTION NO: 107Which of the following statements BEST describes the implicit deny concept?
    • A. 

      Blocks everything and only allows privileges based on job description

    • B. 

      Blocks everything and only allows explicitly granted permissions

    • C. 

      Blocks everything and only allows the minimal required privileges

    • D. 

      Blocks everything and allows the maximum level of permissions

  • 8. 
    QUESTION NO: 108When is the BEST time to update antivirus definitions?
    • A. 

      At least once a week as part of system maintenance

    • B. 

      As the definitions become available from the vendor

    • C. 

      When a new virus is discovered on the system

    • D. 

      When an attack occurs on the network

  • 9. 
    QUESTION NO: 109Why would a technician use a password cracker?
    • A. 

      To look for weak passwords on the network

    • B. 

      To changea users passwords when they leave the company

    • C. 

      To enforce password complexity requirements

    • D. 

      To change users passwords if they have forgotten them

  • 10. 
    QUESTION NO: 110Users on a network report that they are receiving unsolicited emails from an email address that does not change. Which of the following steps should be taken to stop this from occurring?
    • A. 

      Configure a rule in eachusers router and restart the router.

    • B. 

      Configure rules on the users host and restart the host.

    • C. 

      Install an anti-spam filter on the domain mail servers and filter the email address.

    • D. 

      Install an ACL on the firewall to block traffic from the sender and filter the IP address.

  • 11. 
    QUESTION NO: 111Which of the following is a true statement with regards to a NIDS?
    • A. 

      A NIDS monitors and analyzes network traffic for possible intrusions

    • B. 

      A NIDS is installed on the proxy server

    • C. 

      A NIDS prevents certain types of traffic from entering a network.

    • D. 

      A NIDS is normally installed on the email server.

  • 12. 
    QUESTION NO: 112A technician suspects that a piece of malware is consuming too many CPU cycles and slowing down a system. Which of the following will help determine the amount of CPU cycles that are being consumed?
    • A. 

      Install HIDS to determine the CPU usage

    • B. 

      Run performance monitor to evaluate the CPU usage

    • C. 

      Install malware scanning software

    • D. 

      Use a protocol analyzer to find the cause of the traffic

  • 13. 
    QUESTION NO: 113Which of the following are characteristics of a hash function? (Select TWO).
    • A. 

      One-way

    • B. 

      Encrypts a connection

    • C. 

      Ensures data can be easily decrypted

    • D. 

      Fixed length output

    • E. 

      Requires a key

  • 14. 
    QUESTION NO: 114Which of the following is the MOST secure alternative for administrative access to a router?
    • A. 

      SSH

    • B. 

      Telnet

    • C. 

      Rlogin

    • D. 

      HTTP

  • 15. 
    QUESTION NO: 115Which of the following might an attacker resort to in order to recover discarded company documents?
    • A. 

      Phishing

    • B. 

      Insider theft

    • C. 

      Dumpster diving

    • D. 

      Shoulder surfing

  • 16. 
    QUESTION NO: 116Which of the following creates a security buffer zone between two rooms?
    • A. 

      Mantrap

    • B. 

      DMZ

    • C. 

      Turnstile

    • D. 

      Anti-pass back

  • 17. 
    QUESTION NO: 117Which of the following tools would be used to review network traffic for clear text passwords?
    • A. 

      Port scanner

    • B. 

      Protocol analyzer

    • C. 

      Firewall

    • D. 

      Password cracker

  • 18. 
    QUESTION NO: 118Kerberos uses which of the following trusted entities to issue tickets?
    • A. 

      Ticket Granting System

    • B. 

      Certificate Authority

    • C. 

      Internet Key Exchange

    • D. 

      Key Distribution Center

  • 19. 
    QUESTION NO: 119Which of the following specifies a set of consistent requirements for a workstation or server?
    • A. 

      Vulnerability assessment

    • B. 

      Imaging software

    • C. 

      Patch management

    • D. 

      Configuration baseline

  • 20. 
    QUESTION NO: 120A companys website allows customers to search for a product and display the current price and quantity available of each product from the production database. Which of the following would invalidate an SQL injection attack launched from the lookup field at the web server level?
    • A. 

      Security template

    • B. 

      Buffer overflow protection

    • C. 

      NIPS

    • D. 

      Input validation

  • 21. 
    QUESTION NO: 121Which of the following virtual machine components monitors and manages the various virtual instances?
    • A. 

      VMOS

    • B. 

      VCPU

    • C. 

      Hypervisor

    • D. 

      Virtual supervisor

  • 22. 
    QUESTION NO: 122A smurf attack is an example of which of the following threats?
    • A. 

      ARP Poisoning

    • B. 

      DoS

    • C. 

      TCP/IP Hijacking

    • D. 

      Man-in-the-middle

  • 23. 
    QUESTION NO: 123Which of the following is the BEST tool for allowing users to go to approved business-related websites only?
    • A. 

      Internet content filter

    • B. 

      Firewall

    • C. 

      ACL

    • D. 

      Caching server

  • 24. 
    QUESTION NO: 124Which of the following is a security trait of a virtual machine?
    • A. 

      Provides additional resources for testing

    • B. 

      Provides real-time access to all system processes

    • C. 

      Provides a read-only area for executing code

    • D. 

      Provides a restricted environment for executing code

  • 25. 
    QUESTION NO: 125An unauthorized user intercepted a users password and used this information to obtain the companys administrator password. The unauthorized user can use the administrators password to access sensitive information pertaining to client data. Which of the following is this an example of?
    • A. 

      Session hijacking

    • B. 

      Least privilege

    • C. 

      Privilege escalation

    • D. 

      Network address translation

Back to Top Back to top