SEC+ Study Guide E

Reviewed by Editorial Team
The ProProfs editorial team is comprised of experienced subject matter experts. They've collectively created over 10,000 quizzes and lessons, serving over 100 million users. Our team includes in-house content moderators and subject matter experts, as well as a global network of rigorously trained contributors. All adhere to our comprehensive editorial guidelines, ensuring the delivery of high-quality content.
Learn about Our Editorial Process
| By Ctstravis
C
Ctstravis
Community Contributor
Quizzes Created: 8 | Total Attempts: 2,484
| Attempts: 147
Quiz Flashcard
SettingsSettings
Please wait...
  • 1/100 Questions

    QUESTION NO: 411 Which of the following describes a logic bomb?

    • A piece of malicious code that can spread on its own
    • A piece of malicious code that is concealed from all detection
    • A piece of malicious code that executes based on an event or date
    • A piece of malicious code that exploits a race condition
Please wait...
About This Quiz

Sec+ study guide E assesses knowledge on network security, risk management, and cryptographic techniques. It tests understanding of corporate security policies, USB security risks, and the importance of performance monitoring. Ideal for learners aiming to validate their cybersecurity skills.

SEC+ Study Guide E - Quiz

Quiz Preview

  • 2. 

    QUESTION NO: 413 Which of the following is an example of an attack that executes once a year on a certain date?

    • Virus

    • Worm

    • Logic bomb

    • Rootkit

    Correct Answer
    A. Logic bomb
    Explanation
    A logic bomb is a type of malicious code that is designed to execute at a specific time or when certain conditions are met. It is often used by attackers to cause damage or disrupt systems. In this case, the logic bomb is set to execute once a year on a particular date, making it an example of an attack that occurs annually on a specific date.

    Rate this question:

  • 3. 

    QUESTION NO: 464 Which of the following can BEST aid in preventing a phishing attack?

    • Implementing two-factor authentication

    • Enabling complex password policies

    • Conducting user awareness training

    • Requiring the use of stronger encryption

    Correct Answer
    A. Conducting user awareness training
    Explanation
    Conducting user awareness training can be the best way to prevent a phishing attack. By educating users about the tactics used by attackers, they can become more vigilant and cautious when interacting with suspicious emails or websites. This training can help users identify phishing attempts, avoid clicking on malicious links, and report any suspicious activity. While implementing two-factor authentication, enabling complex password policies, and requiring the use of stronger encryption are all important security measures, they may not directly address the human element of phishing attacks.

    Rate this question:

  • 4. 

    QUESTION NO: 467 One of the reasons that DNS attacks are so universal is DNS services are required for a computer to access:

    • WLANs.

    • The Internet.

    • LANs.

    • WANs.

    Correct Answer
    A. The Internet.
    Explanation
    DNS (Domain Name System) is a crucial component of the internet infrastructure that translates domain names into IP addresses, allowing computers to locate and connect to websites and services. Without DNS services, computers would not be able to access the internet. This makes DNS attacks universal because they can disrupt or manipulate the DNS system, causing widespread impact on internet connectivity and access.

    Rate this question:

  • 5. 

    QUESTION NO: 470 An administrator wants to set up a new web server with a static NAT. Which of the following is the BEST reason for implementing NAT?

    • Publishes the organizations internal network addressing scheme

    • Publishes the organizations external network addressing scheme

    • Hides the organizations internal network addressing scheme

    • Hides the organizations external network addressing scheme

    Correct Answer
    A. Hides the organizations internal network addressing scheme
    Explanation
    NAT (Network Address Translation) is used to hide the internal network addressing scheme of an organization. By implementing NAT, the internal IP addresses are translated to a single public IP address when communicating with external networks. This provides an additional layer of security by preventing external entities from directly accessing the internal network and potentially exposing sensitive information.

    Rate this question:

  • 6. 

    QUESTION NO: 457 When testing a newly released patch, a technician should do all of the following EXCEPT:

    • Verify the integrity of the patch.

    • Deploy immediately using Patch Management.

    • Verify the patch is relevant to the system.

    • Test it in a non-production environment.

    Correct Answer
    A. Deploy immediately using Patch Management.
    Explanation
    A technician should not deploy the patch immediately using Patch Management because deploying a patch without testing it first can potentially cause issues or conflicts with the system. It is important to verify the integrity of the patch, ensure its relevance to the system, and test it in a non-production environment before deploying it to production systems.

    Rate this question:

  • 7. 

    QUESTION NO: 466 Which of the following is MOST commonly used to secure a web browsing session?

    • SHTTP

    • SSH

    • HTTPS

    • S/MIME

    Correct Answer
    A. HTTPS
    Explanation
    HTTPS is the most commonly used protocol to secure a web browsing session. It stands for Hypertext Transfer Protocol Secure and is a combination of the HTTP protocol and the SSL/TLS encryption protocol. HTTPS ensures that the data transmitted between the web browser and the website is encrypted, making it difficult for unauthorized individuals to intercept and access sensitive information such as passwords, credit card details, and personal data. This encryption provides a secure and private connection, protecting the integrity and confidentiality of the user's browsing session.

    Rate this question:

  • 8. 

    QUESTION NO: 499 Which of the following is the common mail format for digitally signed and encrypted messages?

    • SMTP

    • SSL

    • MIME

    • S/MIME

    Correct Answer
    A. S/MIME
    Explanation
    S/MIME (Secure/Multipurpose Internet Mail Extensions) is the common mail format for digitally signed and encrypted messages. It provides a secure way to send and receive emails by using cryptography. S/MIME ensures the integrity and privacy of the message content, as well as the authentication of the sender. It is widely used in email communication to protect sensitive information and prevent unauthorized access or tampering. SMTP (Simple Mail Transfer Protocol) is a protocol for sending emails, SSL (Secure Sockets Layer) is a security protocol, and MIME (Multipurpose Internet Mail Extensions) is a standard for email formatting, but they do not specifically address digital signatures and encryption.

    Rate this question:

  • 9. 

    QUESTION NO: 409 Which of the following is a BEST practice when implementing a new system?

    • Disable unneeded services

    • Use group policies

    • Implement open source alternatives.

    • Use default installations.

    Correct Answer
    A. Disable unneeded services
    Explanation
    Disabling unneeded services is a best practice when implementing a new system because it helps to minimize the attack surface and reduce the potential vulnerabilities. By disabling unnecessary services, the system becomes more secure as there are fewer entry points for attackers. This practice also helps to optimize system resources and improve performance by eliminating unnecessary background processes. Additionally, disabling unneeded services can help to simplify system management and reduce the overall complexity of the system.

    Rate this question:

  • 10. 

    QUESTION NO: 420 Weak encryption is a common problem with which of the following wireless protocols?

    • WPA2-Enterprise

    • WEP

    • WPA2-Personal

    • WPA

    Correct Answer
    A. WEP
    Explanation
    Weak encryption is a common problem with WEP (Wired Equivalent Privacy) wireless protocol. WEP is known for its vulnerabilities and has been deprecated due to its weak security measures. It uses a 40-bit or 104-bit encryption key, which can be easily cracked by attackers. This makes WEP susceptible to various attacks, such as packet sniffing and unauthorized access to the network. As a result, it is not recommended to use WEP for securing wireless networks.

    Rate this question:

  • 11. 

    QUESTION NO: 415 Management has asked a technician to prevent data theft through the use of portable drives. Which of the following should the technician implement?

    • Install a CCTV system

    • Use security templates

    • Implement a biometric system.

    • Disable USB drives.

    Correct Answer
    A. Disable USB drives.
    Explanation
    The technician should implement the solution of disabling USB drives to prevent data theft through the use of portable drives. This solution will restrict the ability to connect any external storage devices, such as USB drives, to the system, thereby preventing unauthorized copying or transfer of data. This is a proactive measure that directly addresses the issue at hand and reduces the risk of data theft.

    Rate this question:

  • 12. 

    QUESTION NO: 425 Which of the following verifies control for granting access in a PKI environment?

    • System administrator

    • Certificate authority

    • Recovery agent

    • Certificate revocation list

    Correct Answer
    A. Certificate authority
    Explanation
    A certificate authority (CA) is responsible for verifying the identity of individuals or entities in a PKI environment and issuing digital certificates to them. These digital certificates are used to authenticate and authorize access to resources. The CA ensures that only authorized individuals or entities are granted access by verifying their identity through a rigorous process. The CA plays a crucial role in maintaining the security and integrity of the PKI environment by controlling the granting of access.

    Rate this question:

  • 13. 

    QUESTION NO: 456 Which of the following describes the standard load for all systems?

    • Configuration baseline

    • Group policy

    • Patch management

    • Security template

    Correct Answer
    A. Configuration baseline
    Explanation
    A configuration baseline refers to a set of specifications and settings that are considered standard and necessary for all systems. It includes the standard load of software, hardware, and network configurations that are required for a system to function properly. This baseline ensures consistency and standardization across all systems, making it easier to manage and troubleshoot them. It helps in maintaining security, performance, and compatibility across the organization's systems.

    Rate this question:

  • 14. 

    QUESTION NO: 481 Which of the following BEST describes an application or string of code that cannot automatically spread from one system to another but is designed to spread from file to file?

    • Adware

    • Worm

    • Botnet

    • Virus

    Correct Answer
    A. Virus
    Explanation
    A virus is a type of malicious software that is designed to spread from file to file within a system, but it cannot automatically spread from one system to another. It requires a user action, such as opening an infected file or executing a malicious program, to initiate its spread. Unlike worms, which can self-replicate and spread across networks without user intervention, viruses rely on human interaction to propagate. Therefore, a virus is the best description for an application or string of code that is designed to spread from file to file within a system.

    Rate this question:

  • 15. 

    QUESTION NO: 402The marketing department wants to distribute pens with embedded USB drives to clients. In the past this client has been victimized by social engineering attacks which led to a loss of sensitive datA. The security administrator advises the marketing department not to distribute the USB pens due to which of the following?

    • The risks associated with the large capacity of USB drives and their concealable nature

    • The security costs associated with securing the USB drives over time

    • The cost associated with distributing a large volume of the USB pens

    • The security risks associated with combining USB drives and cell phones on a network

    Correct Answer
    A. The risks associated with the large capacity of USB drives and their concealable nature
    Explanation
    The risks associated with the large capacity of USB drives and their concealable nature pose a threat to the security of sensitive data. USB drives can easily be lost or stolen, and their large storage capacity makes it possible for a significant amount of data to be compromised. Additionally, their small size makes them easy to conceal and transport without detection. Given the client's history of social engineering attacks and data loss, the security administrator advises against distributing the USB pens to mitigate the risk of further data breaches.

    Rate this question:

  • 16. 

    QUESTION NO: 410 When installing and securing a new system for a home user which of the following are best practices? (Select THREE).

    • Use a strong firewall.

    • Block inbound access to port 80

    • Apply all system patches

    • Use input validation

    • Install remote control software

    • Apply all service packs.

    Correct Answer(s)
    A. Use a strong firewall.
    A. Apply all system patches
    A. Apply all service packs.
    Explanation
    The best practices for installing and securing a new system for a home user include using a strong firewall to protect against unauthorized access, applying all system patches to ensure the latest security updates are installed, and applying all service packs to keep the system up to date with the latest features and bug fixes. Blocking inbound access to port 80 can also be beneficial as it is commonly used for web traffic and can be a target for hackers. However, input validation and installing remote control software are not mentioned as best practices in this context and may not be relevant to securing a new system for a home user.

    Rate this question:

  • 17. 

    QUESTION NO: 414 Which of the following is the GREATEST threat to highly secure environments?

    • Network attached storage

    • BIOS configuration

    • RSA256

    • USB devices

    Correct Answer
    A. USB devices
    Explanation
    USB devices pose the greatest threat to highly secure environments because they can be easily used to introduce malware or unauthorized software into the system. USB devices can also be used to steal sensitive data or bypass security measures. Even if the network and BIOS configurations are secure, USB devices can still be used to compromise the security of the environment. RSA256, on the other hand, is a cryptographic algorithm and not a threat to secure environments.

    Rate this question:

  • 18. 

    QUESTION NO: 479 Which of the following is the primary objective of a business continuity plan (BCP)?

    • Addresses the recovery of an organizations business operations

    • Addresses the recovery of an organizations business payroll system

    • Addresses the recovery of an organizations business facilities

    • Addresses the recovery of an organizations backup site

    Correct Answer
    A. Addresses the recovery of an organizations business operations
    Explanation
    The primary objective of a business continuity plan (BCP) is to address the recovery of an organization's business operations. This means that the plan is designed to ensure that the organization can continue its essential functions and operations even in the event of a disruption or disaster. The BCP outlines the steps and procedures to be followed in order to minimize downtime, maintain productivity, and quickly recover from any potential threats or incidents. It focuses on the overall business operations rather than specific systems, facilities, or backup sites.

    Rate this question:

  • 19. 

    QUESTION NO: 429 Which of the following tools will allow a technician to detect security-related TCP connection anomalies?

    • Logical token

    • Performance monitor

    • Public key infrastructure

    • Trusted platform module

    Correct Answer
    A. Performance monitor
    Explanation
    Performance monitor is a tool that allows a technician to detect security-related TCP connection anomalies. It provides real-time monitoring and analysis of system performance, including network activity. By monitoring TCP connections, the technician can identify any abnormal or suspicious behavior that may indicate a security breach or attack. This tool helps in identifying and addressing security issues promptly, enhancing the overall security of the system.

    Rate this question:

  • 20. 

    QUESTION NO: 451 Which of the following allows directory permissions to filter down through the sub-directory hierarchy?

    • Impedance

    • Inheritance

    • Mirroring

    • Replication

    Correct Answer
    A. Inheritance
    Explanation
    Inheritance allows directory permissions to filter down through the sub-directory hierarchy. This means that the permissions set for a parent directory will automatically apply to all the sub-directories and files within it. This simplifies the process of managing permissions and ensures consistency throughout the directory structure.

    Rate this question:

  • 21. 

    QUESTION NO: 452 Which of the following access control models BEST follows the concept of separation of duties?

    • Discretionary Access Control (DAC)

    • Mandatory Access Control (MAC)

    • Rule-base access control (RBAC)

    • Role-based access control (RBAC)

    Correct Answer
    A. Role-based access control (RBAC)
    Explanation
    Role-based access control (RBAC) is the access control model that best follows the concept of separation of duties. RBAC assigns permissions and access rights based on an individual's role or job function within an organization. This ensures that individuals only have access to the resources and information necessary to perform their specific duties, reducing the risk of unauthorized access or misuse of privileges. RBAC helps enforce the principle of separation of duties by preventing conflicts of interest and limiting the potential for abuse of power within an organization.

    Rate this question:

  • 22. 

    QUESTION NO: 497 A technician has implemented a new network attached storage solution for a client. The technician has created many shares on the storage. Which of the following is the MOST secure way to assign permissions?

    • Separation of duties

    • Full control

    • Authentication

    • Least privilege

    Correct Answer
    A. Least privilege
    Explanation
    The most secure way to assign permissions is by using the principle of least privilege. This means that users should only be given the minimum level of access necessary to perform their job functions. By granting users only the specific permissions they need, the risk of unauthorized access or accidental data modification is minimized. This is in contrast to giving users full control, which would grant them unrestricted access to all resources on the network attached storage. Authentication is important for verifying the identity of users, but it does not directly address the issue of assigning permissions. Separation of duties is a concept related to assigning different responsibilities to different individuals, but it does not specifically address permissions.

    Rate this question:

  • 23. 

    QUESTION NO: 404 As a best practice, risk assessments should be based upon which of the following?

    • A qualitative measurement of risk and impact

    • A survey of annual loss, potential threats and asset value

    • A quantitative measurement of risk, impact and asset value

    • An absolute measurement of threats

    Correct Answer
    A. A quantitative measurement of risk, impact and asset value
    Explanation
    Risk assessments should be based on a quantitative measurement of risk, impact, and asset value. This means that the assessment should involve a numerical evaluation of the likelihood and potential consequences of risks, as well as the value of the assets that could be affected. This approach allows for a more objective and systematic analysis of risks, enabling organizations to prioritize and allocate resources effectively to mitigate and manage those risks. A qualitative measurement may not provide enough detail or precision, while an absolute measurement of threats may not consider the potential impact or value of assets.

    Rate this question:

  • 24. 

    QUESTION NO: 412 Which of the following is a prerequisite for privilege escalation to occur?

    • The attacker has to create their own zero day attack for privilege escalation

    • The attacker must already have physical access to the system.

    • The attacker must use arootkit in conjunction with privilege escalation.

    • The attacker must have already gained entry into the system

    Correct Answer
    A. The attacker must have already gained entry into the system
    Explanation
    Privilege escalation refers to the act of gaining higher levels of access or privileges on a system than originally intended. In order for privilege escalation to occur, the attacker must first have already gained entry into the system. This means that they have bypassed any initial security measures and have successfully infiltrated the system. Once inside, they can then attempt to escalate their privileges to gain even more control over the system.

    Rate this question:

  • 25. 

    QUESTION NO: 447 If hashing two different files creates the same result, which of the following just occurred?

    • A duplication

    • A collision

    • A pseudo-random event

    • Amirror

    Correct Answer
    A. A collision
    Explanation
    A collision just occurred. Hashing is a process of converting data into a fixed-size value, and it is expected that different inputs will produce different hash values. However, if two different files produce the same hash value, it indicates a collision, meaning that the hash function has generated the same output for different inputs. This can happen due to the limited range of hash values compared to the infinite number of possible inputs.

    Rate this question:

  • 26. 

    QUESTION NO: 480 A software manufacturer discovered a design flaw in a new application. Rather than recall the software, management decided to continue manufacturing the product with the flaw. Which of the following risk management strategies was adopted by management?

    • Risk mitigation

    • Risk avoidance

    • Risk acceptance

    • Risk transfer

    Correct Answer
    A. Risk acceptance
    Explanation
    The management's decision to continue manufacturing the software with the known design flaw indicates that they have chosen to accept the risk associated with the flaw. They have acknowledged the existence of the risk but have decided not to take any further action to mitigate or avoid it. This strategy can be adopted when the potential impact of the risk is deemed acceptable or when the cost of addressing the risk outweighs the potential consequences.

    Rate this question:

  • 27. 

    QUESTION NO: 483 All of the following are considered malware EXCEPT:

    • Spam.

    • Trojan.

    • Virus.

    • Logical bombs

    Correct Answer
    A. Spam.
    Explanation
    The question asks for an exception among the given options, which are spam, Trojan, virus, and logical bombs. Spam is not considered malware because it refers to unsolicited and unwanted emails or messages, typically used for advertising purposes, rather than being malicious software designed to harm or exploit computer systems. On the other hand, Trojans, viruses, and logical bombs are all types of malware that can cause damage to computer systems or steal sensitive information.

    Rate this question:

  • 28. 

    QUESTION NO: 426 Which of the following explains the difference between a public key and a private key?

    • The public key is only used by the client while the private key is available to all. Both keys are mathematically related

    • The private key only decrypts the data while the public key only encrypts the data. Both keys are mathematically related

    • The private key is commonly used in symmetric key decryption while the public key is used in asymmetric key decryption.

    • The private key is only used by the client and kept secret while the public key is available to all

    Correct Answer
    A. The private key is only used by the client and kept secret while the public key is available to all
    Explanation
    The explanation for the given correct answer is that the private key is only used by the client and kept secret, while the public key is available to all. This is because in asymmetric encryption, the private key is used for decryption and is kept confidential by the client, while the public key is used for encryption and can be freely shared with others. The keys are mathematically related, but their usage and accessibility differ.

    Rate this question:

  • 29. 

    QUESTION NO: 453 Which of the following would MOST likely prevent a PC application from accessing the network?

    • Virtualization

    • Host-based firewall

    • Antivirus

    • HIDS

    Correct Answer
    A. Host-based firewall
    Explanation
    A host-based firewall is a software firewall that is installed on the host computer and is designed to monitor and control incoming and outgoing network traffic. It acts as a barrier between the PC application and the network, blocking unauthorized access and preventing the application from accessing the network without proper permissions or configurations. Therefore, a host-based firewall is the most likely option to prevent a PC application from accessing the network.

    Rate this question:

  • 30. 

    QUESTION NO: 454 A technician is investigating intermittent switch degradation. The issue only seems to occur when the buildings roof air conditioning system runs. Which of the following would reduce the connectivity issues?

    • Adding a heat deflector

    • Redundant HVAC systems

    • Shielding

    • Add a wireless network

    Correct Answer
    A. Shielding
    Explanation
    Shielding would reduce the connectivity issues by protecting the switch from electromagnetic interference caused by the roof air conditioning system. Shielding involves using materials that block or absorb electromagnetic waves, preventing them from interfering with the switch's operation. By adding shielding, the switch will be protected from the electromagnetic interference caused by the HVAC system, ensuring a more stable and reliable connection.

    Rate this question:

  • 31. 

    QUESTION NO: 461 Which of the following BEST describes external security testing?

    • Conducted from outside the perimeter switch but inside the firewall

    • Conducted from outside the building that hosts the organizations servers

    • Conducted from outside the organizations security perimeter

    • Conducted from outside the perimeter switch but inside the border router

    Correct Answer
    A. Conducted from outside the organizations security perimeter
    Explanation
    External security testing refers to the process of evaluating the security of an organization's systems and infrastructure from outside the organization's security perimeter. This means that the testing is conducted from a location or network that is external to the organization, such as from the internet or from a remote location. The purpose of external security testing is to simulate real-world attacks and assess the vulnerabilities and weaknesses that an attacker could exploit from outside the organization's network.

    Rate this question:

  • 32. 

    QUESTION NO: 485 Which of the following only looks at header information of network traffic?

    • Internet content filter

    • Packet filter

    • Application firewall

    • Hybrid firewall

    Correct Answer
    A. Packet filter
    Explanation
    A packet filter only looks at the header information of network traffic. It examines the source and destination addresses, ports, and protocols of each packet to determine whether to allow or block the traffic. Unlike an internet content filter, which analyzes the content of the data being transmitted, a packet filter does not inspect the actual data payload. An application firewall, on the other hand, focuses on the application layer of the network stack and monitors and controls specific applications or protocols. A hybrid firewall combines multiple types of filtering techniques to provide comprehensive security.

    Rate this question:

  • 33. 

    QUESTION NO: 430 Which of the following monitoring methodologies will allow a technician to determine when there is a security related problem that results in an abnormal condition?

    • Signature-based

    • NIDS

    • Anomaly-based

    • NIPS

    Correct Answer
    A. Anomaly-based
    Explanation
    Anomaly-based monitoring methodologies are designed to detect abnormal behavior or patterns that deviate from the expected or normal behavior. This means that when there is a security-related problem that results in an abnormal condition, an anomaly-based monitoring methodology will be able to identify and alert the technician about it. Unlike signature-based monitoring, which relies on known patterns or signatures of attacks, anomaly-based monitoring is more effective in detecting new or unknown threats. Therefore, it is the most appropriate choice for determining security-related problems that result in abnormal conditions.

    Rate this question:

  • 34. 

    QUESTION NO: 442 The method of controlling how and when users can connect in from home is called which of the following?

    • Remote access policy

    • Terminal access control

    • Virtual Private Networking (VPN)

    • Remote authentication

    Correct Answer
    A. Remote access policy
    Explanation
    A remote access policy is a method of controlling how and when users can connect in from home. It outlines the rules and guidelines for remote access to a network, including the authentication methods, encryption protocols, and user permissions. This policy helps ensure the security and integrity of the network by defining who can access it remotely and under what conditions. It also helps prevent unauthorized access and protects sensitive data from being compromised.

    Rate this question:

  • 35. 

    QUESTION NO: 445 Which of the following typically use IRC for command and control activities?

    • Trojan

    • Logic bombs

    • Worms

    • Botnets

    Correct Answer
    A. Botnets
    Explanation
    Botnets typically use IRC (Internet Relay Chat) for command and control activities. IRC provides a platform for communication between the botmaster (the person controlling the botnet) and the compromised computers (known as bots) within the botnet. The botmaster can issue commands to the bots through IRC channels, allowing them to coordinate and control the activities of the botnet, such as launching DDoS attacks, sending spam emails, or stealing sensitive information. IRC offers anonymity and a decentralized structure, making it a popular choice for botnet command and control.

    Rate this question:

  • 36. 

    QUESTION NO: 419 Which of the following is a reason to use a Faraday cage?

    • To allow wireless usage

    • To minimize weak encryption

    • To mitigate data emanation

    • To find rogue access points

    Correct Answer
    A. To mitigate data emanation
    Explanation
    A Faraday cage is a metallic enclosure that is designed to block electromagnetic fields. It is used to mitigate data emanation, which refers to the unintentional leakage of electromagnetic signals from electronic devices. By using a Faraday cage, the electromagnetic signals are contained within the enclosure, preventing unauthorized access or interception of sensitive information. This is especially important in environments where data security is crucial, such as government agencies, military facilities, or research labs.

    Rate this question:

  • 37. 

    QUESTION NO: 433 Which of the following is the FIRST step in the implementation of an IDS?

    • Decide on thetypE.

    • Decide on the model.

    • Purchase the equipment.

    • Document the existing network.

    Correct Answer
    A. Document the existing network.
    Explanation
    The first step in the implementation of an IDS is to document the existing network. This involves gathering information about the network infrastructure, including the network topology, devices, and their configurations. By documenting the existing network, organizations can gain a better understanding of their network environment and identify potential vulnerabilities or areas where an IDS may be needed. This information is crucial for effectively implementing an IDS and ensuring its proper functioning.

    Rate this question:

  • 38. 

    QUESTION NO: 486 Which of the following access control methods could the administrator implement because of constant hiring of new personnel?

    • Rule-based

    • Role-based

    • Discretionary

    • Decentralized

    Correct Answer
    A. Role-based
    Explanation
    The administrator could implement role-based access control methods because of constant hiring of new personnel. Role-based access control assigns permissions to users based on their roles within the organization. This allows the administrator to easily manage access rights for new personnel by assigning them to specific roles that have predefined permissions. As new employees are hired, they can be assigned to appropriate roles, ensuring that they have the necessary access privileges for their job responsibilities. This method simplifies access management and reduces the administrative overhead of constantly updating individual user permissions.

    Rate this question:

  • 39. 

    QUESTION NO: 489 A HIDS is installed to monitor which of following?

    • CPU performance

    • NIC performance

    • System files

    • Temporary Internet files

    Correct Answer
    A. System files
    Explanation
    A HIDS (Host-based Intrusion Detection System) is installed to monitor system files. System files are critical components of an operating system and contain important configurations, settings, and executable code. Monitoring system files allows the HIDS to detect any unauthorized modifications or tampering, which could indicate a potential security breach or intrusion. By monitoring system files, the HIDS can alert system administrators or take automated actions to mitigate any potential threats or attacks on the system.

    Rate this question:

  • 40. 

    QUESTION NO: 492 Which of the following is a system that will automate the deployment of updates to workstations and servers?

    • Service pack

    • Remote access

    • Patch management

    • Installer package

    Correct Answer
    A. Patch management
    Explanation
    Patch management is a system that automates the deployment of updates to workstations and servers. It ensures that software applications, operating systems, and other components are kept up to date with the latest patches, bug fixes, and security updates. This helps to enhance system performance, stability, and security by addressing vulnerabilities and resolving issues. Patch management also streamlines the update process by automating the distribution and installation of patches across multiple devices, saving time and effort for IT administrators.

    Rate this question:

  • 41. 

    QUESTION NO: 493 A user is concerned with the security of their laptops BIOS. The user does not want anyone to be able to access control functions except themselves. Which of the following will make the BIOS more secure?

    • Password

    • Encrypt the hard drive

    • Create an access-list

    • Flash the BIOS

    Correct Answer
    A. Password
    Explanation
    Setting a password for the BIOS will make it more secure. By setting a password, only authorized users will be able to access and make changes to the BIOS settings. This helps prevent unauthorized access and ensures that only the user themselves can control the functions of the BIOS.

    Rate this question:

  • 42. 

    QUESTION NO: 437 Which of the following are the functions of asymmetric keys?

    • Decrypt,decipher, encode and encrypt

    • Sign,validate, encrypt and verify

    • Decrypt,validate, encode and verify

    • Encrypt, sign, decrypt and verify

    Correct Answer
    A. Encrypt, sign, decrypt and verify
    Explanation
    Asymmetric keys are used in public key cryptography, where a pair of keys (public and private) are generated. The public key is used for encryption and verification, while the private key is used for decryption and signing. Therefore, the correct answer is "Encrypt, sign, decrypt and verify."

    Rate this question:

  • 43. 

    QUESTION NO: 443 Which of the following is the main limitation with biometric devices?

    • The false rejection rate

    • They are expensive and complex

    • They can be easily fooled or bypassed

    • The error human factor

    Correct Answer
    A. They are expensive and complex
    Explanation
    The main limitation with biometric devices is that they are expensive and complex. This means that the cost of implementing and maintaining biometric devices can be high, making it a less viable option for some organizations. Additionally, the complexity of these devices can make them difficult to set up and use, requiring specialized knowledge and expertise.

    Rate this question:

  • 44. 

    QUESTION NO: 478 Which of the following would BEST describe a disaster recovery plan (DRP)?

    • Addresses the recovery of an organizations business documentation

    • Addresses the recovery of an organizations email

    • Addresses the recovery of an organizations backup site

    • Addresses the recovery of an organizations IT infrastructure

    Correct Answer
    A. Addresses the recovery of an organizations IT infrastructure
    Explanation
    A disaster recovery plan (DRP) is a plan that outlines the steps and procedures that an organization will take to recover its IT infrastructure in the event of a disaster. This includes the recovery of servers, networks, data centers, and other technology systems that are critical to the organization's operations. The DRP is designed to minimize downtime and ensure that the organization can quickly resume normal operations after a disaster. It may also include provisions for data backup and restoration, as well as alternative infrastructure options such as backup sites or cloud services.

    Rate this question:

  • 45. 

    QUESTION NO: 495 Which of the following would be a method of securing the web browser settings on all network workstations?

    • Internet content filter

    • Group policy

    • Control panel

    • P2P software

    Correct Answer
    A. Group policy
    Explanation
    Group policy is a method of securing the web browser settings on all network workstations. Group policy allows administrators to manage and enforce specific settings and configurations across multiple computers in a network. By using group policy, administrators can restrict access to certain websites, disable certain browser features, and enforce security settings to ensure a secure browsing experience for all users on the network.

    Rate this question:

  • 46. 

    QUESTION NO: 407 All of the following are methods used to conduct risk assessments EXCEPT:

    • Penetration tests.

    • Security audits.

    • Vulnerability scans.

    • Disaster exercises.

    Correct Answer
    A. Disaster exercises.
    Explanation
    Disaster exercises are not typically used as a method to conduct risk assessments. While penetration tests, security audits, and vulnerability scans are all commonly used techniques to identify and assess potential risks and vulnerabilities in a system or organization, disaster exercises are typically focused on testing and evaluating the preparedness and response capabilities in the event of an actual disaster or emergency situation. Therefore, they are not directly related to assessing risks in the same way as the other methods mentioned.

    Rate this question:

  • 47. 

    QUESTION NO: 465 A travel reservation company conducts the majority of its transactions through a public facing website. Any downtime to this website results in substantial financial damage for the company. One web server is connected to several distributed database servers. Which of the following describes this scenario?

    • Warm site

    • Proxy server

    • RAID

    • Single point of failure

    Correct Answer
    A. Single point of failure
    Explanation
    In this scenario, the company's website is a single point of failure. This means that if the website experiences any downtime, it will result in substantial financial damage for the company. The fact that the web server is connected to several distributed database servers does not change the fact that the website itself is the single point of failure.

    Rate this question:

  • 48. 

    QUESTION NO: 477 A new Internet content filtering device installed in a large financial institution allows IT administrators to log in and manage the device, but not the content filtering policy. Only the IT security operation staff can modify policies on the Internet filtering device. Which of the following is this an example of?

    • Role-Based Access Control (RBAC)

    • Mandatory Access Control (MAC)

    • Lightweight Directory Access Protocol (LDAP)

    • Discretionary Access Control (DAC)

    Correct Answer
    A. Role-Based Access Control (RBAC)
    Explanation
    This scenario is an example of Role-Based Access Control (RBAC). RBAC is a security model that assigns permissions to users based on their roles within an organization. In this case, the IT administrators have the role of managing the device, while the IT security operation staff have the role of modifying policies. RBAC ensures that access to resources is based on job responsibilities and reduces the risk of unauthorized access or accidental changes to policies.

    Rate this question:

  • 49. 

    QUESTION NO: 500 Which of the following is the common way of implementing cryptography on network devices for encapsulating traffic between the device and the host managing them?

    • S/MIME

    • SNMP

    • SSH

    • SMTP

    Correct Answer
    A. SSH
    Explanation
    SSH (Secure Shell) is a common way of implementing cryptography on network devices for encapsulating traffic between the device and the host managing them. SSH provides secure remote access and secure file transfer capabilities, allowing for encrypted communication between the device and the host. It uses encryption and authentication mechanisms to ensure the confidentiality and integrity of the data being transmitted over the network. S/MIME, SNMP, and SMTP are not typically used for implementing cryptography on network devices for encapsulating traffic.

    Rate this question:

Quiz Review Timeline (Updated): Aug 9, 2024 +

Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.

  • Current Version
  • Aug 09, 2024
    Quiz Edited by
    ProProfs Editorial Team
  • Dec 26, 2010
    Quiz Created by
    Ctstravis

Recent Quizzes

Do you know about Sec+ study guide G quiz Do you know about Sec+ study guide G quiz
How well you know Sec+ study guide D quiz How well you know Sec+ study guide D quiz
Comptia Security PLUS Practice Exam Comptia Security PLUS Practice Exam
Comptia Security+ Practice Exam: Quiz! Comptia Security+ Practice Exam: Quiz!
Chapter 7 & 8 Security + Chapter 7 & 8 Security +
Securty + Ch. 2-6 test Securty + Ch. 2-6 test
Back to Top Back to top
Advertisement
×

Wait!
Here's an interesting quiz for you.

We have other quizzes matching your interest.