Sec+ study guide E assesses knowledge on network security, risk management, and cryptographic techniques. It tests understanding of corporate security policies, USB security risks, and the importance of performance monitoring. Ideal for learners aiming to validate their cybersecurity skills.
The risks associated with the large capacity of USB drives and their concealable nature
The security costs associated with securing the USB drives over time
The cost associated with distributing a large volume of the USB pens
The security risks associated with combining USB drives and cell phones on a network
Rate this question:
Operating system incompatibility
Large storage capacity
Widespread use
Potential for software introduction
Rate this question:
A qualitative measurement of risk and impact
A survey of annual loss, potential threats and asset value
A quantitative measurement of risk, impact and asset value
An absolute measurement of threats
Rate this question:
RSA
SHA
RC4
ECC
Rate this question:
To detect network intrusions from external attackers
To detect integrity degradations to network attached storage
To detect host intrusions from external networks
To detect availability degradations caused by attackers
Rate this question:
Penetration tests.
Security audits.
Vulnerability scans.
Disaster exercises.
Rate this question:
To report the results of the assessment to the users
To ensure all threats are mitigated
To ensure all vulnerabilities are eliminated
To ensure risk mitigation activities are implemented
Rate this question:
Disable unneeded services
Use group policies
Implement open source alternatives.
Use default installations.
Rate this question:
Use a strong firewall.
Block inbound access to port 80
Apply all system patches
Use input validation
Install remote control software
Apply all service packs.
Rate this question:
A piece of malicious code that can spread on its own
A piece of malicious code that is concealed from all detection
A piece of malicious code that executes based on an event or date
A piece of malicious code that exploits a race condition
Rate this question:
The attacker has to create their own zero day attack for privilege escalation
The attacker must already have physical access to the system.
The attacker must use arootkit in conjunction with privilege escalation.
The attacker must have already gained entry into the system
Rate this question:
Virus
Worm
Logic bomb
Rootkit
Rate this question:
Network attached storage
BIOS configuration
RSA256
USB devices
Rate this question:
Install a CCTV system
Use security templates
Implement a biometric system.
Disable USB drives.
Rate this question:
Worm
Logic bomb
Virus
Spam
Rate this question:
Apply all security patches to workstations
Apply security templates enterprisewidE.
Apply group policy management techniques.
Spam
Rate this question:
To analyze the various network traffic with protocol analyzers
To centralize the patch management of network servers
To isolate the various network services and roles
To implement additional network services at a lower cost
Rate this question:
To allow wireless usage
To minimize weak encryption
To mitigate data emanation
To find rogue access points
Rate this question:
WPA2-Enterprise
WEP
WPA2-Personal
WPA
Rate this question:
Mandatory vacations
Implicit deny
Implicit allow
Time of day restrictions
Rate this question:
Least privilege
Job rotation
Cross-site scripting
Separation of duties
Rate this question:
Access control lists
Group policy implementation
Use of logical tokens
Password policy enforcement
Rate this question:
Access control lists
Usernames and password
Multifactor authentication
Security ID badges
Rate this question:
System administrator
Certificate authority
Recovery agent
Certificate revocation list
Rate this question:
The public key is only used by the client while the private key is available to all. Both keys are mathematically related
The private key only decrypts the data while the public key only encrypts the data. Both keys are mathematically related
The private key is commonly used in symmetric key decryption while the public key is used in asymmetric key decryption.
The private key is only used by the client and kept secret while the public key is available to all
Rate this question:
Backup generator
Redundant power supplies
Uninterruptible power supplies (UPSs)
Warm site
Rate this question:
The identification of USB drives
The identification of missing patches
The identification of mantraps
The identification of disgruntled staff members
Rate this question:
Logical token
Performance monitor
Public key infrastructure
Trusted platform module
Rate this question:
Signature-based
NIDS
Anomaly-based
NIPS
Rate this question:
RADIUS
OVAL
HIDS
NIDS
Rate this question:
The cost of the device
Distinguishing between false negatives
Distinguishing between false positives
The personnel to interpret results
Rate this question:
Decide on thetypE.
Decide on the model.
Purchase the equipment.
Document the existing network.
Rate this question:
MD5
SHA-1
NTLM
RC5
Rate this question:
Encrypt and Route
Transport and Tunnel
Tunnel and Encrypt
Transport and Encrypt
Rate this question:
Digital signature algorithm
Encapsulating security protocol
Rivest cipher 4
Message authentication code
Rate this question:
Decrypt,decipher, encode and encrypt
Sign,validate, encrypt and verify
Decrypt,validate, encode and verify
Encrypt, sign, decrypt and verify
Rate this question:
Provides non-repudiation
Provides integrity
Provides authorization
Provides confidentiality
Rate this question:
Header injection
TCP hijacking
Encapsulating
Padding
Rate this question:
The authentication information is a keyed hash based on all of the bytes in the packet.
The authentication information hash will increase by one if the bytes remain the same on transfer.
The authentication information hash will remain the same if the bytes change on transfer.
The authentication information may be the same on different packets if the integrity remains in place.
Rate this question:
80211n
80211g
8021x
80211a
Rate this question:
Remote access policy
Terminal access control
Virtual Private Networking (VPN)
Remote authentication
Rate this question:
The false rejection rate
They are expensive and complex
They can be easily fooled or bypassed
The error human factor
Rate this question:
The senior management
The security technician
The organizations security officer
The DRP coordinator
Rate this question:
Trojan
Logic bombs
Worms
Botnets
Rate this question:
Least privilege
Implicit allow
DMZ
Implicit deny
Rate this question:
A duplication
A collision
A pseudo-random event
Amirror
Rate this question:
Integrity
Cryptographic randomness
Collision
Confidentiality
Rate this question:
Obtaining management buy-in.
Identifying all assets.
System backups.
Patch management software.
Rate this question:
Quiz Review Timeline (Updated): Aug 9, 2024 +
Our quizzes are rigorously reviewed, monitored and continuously updated by our expert board to maintain accuracy, relevance, and timeliness.
Wait!
Here's an interesting quiz for you.