SEC+ Study Guide L

61 Questions | Total Attempts: 40

SettingsSettingsSettings
Study Guide Quizzes & Trivia

1100-1161


Questions and Answers
  • 1. 
    QUESTION NO: 1101 An administrator is made aware of a possible malware infection on one of the servers. The company uses instant messaging software to keep all employees in contact with one another and the employees receive constant messages from users outside the company. Which of the following is the MOST likely cause of the problem?
    • A. 

      Rootkit

    • B. 

      SPIM

    • C. 

      Trojan

    • D. 

      Blue jacking

  • 2. 
    QUESTION NO: 1102 In which of the following locations should a firewall be placed? (Select three)
    • A. 

      Between the DMZ and Internal network

    • B. 

      Between two workstations

    • C. 

      Behind a wireless network and the internal network

    • D. 

      Behind the internet and DMZ

    • E. 

      Behind the internet and DMZ

    • F. 

      Behind a VLAN and the internal network

  • 3. 
    QUESTION NO: 1103 A user needs to send bank account information to the Human Resource department for payroll. This type of information is considered which of the following?
    • A. 

      Due care

    • B. 

      Personally identifiable information

    • C. 

      Due process

    • D. 

      Classification of information

  • 4. 
    QUESTION NO: 1104 Which of the following is used to verify if internal web servers are redirecting traffic to a malicious site?
    • A. 

      Access logs

    • B. 

      IDS

    • C. 

      Performance logs

    • D. 

      DNS record

  • 5. 
    QUESTION NO: 1105 A forensic examiner wants to provide evidence that the data acquired from a hard drive did not change during the imaging process. Which of the following provides that evidence?
    • A. 

      Logical token

    • B. 

      Trusted platform module

    • C. 

      Digital certificate

    • D. 

      Cryptographic hash

  • 6. 
    QUESTION NO: 1106 Which of the following video surveillance systems should be installed on an existing network?
    • A. 

      Microwave

    • B. 

      Analog

    • C. 

      CCTV

    • D. 

      IP

  • 7. 
    QUESTION NO: 1107 Which of the following sends unsolicited messages to another user's cell phone via Bluetooth?
    • A. 

      Blue jacking

    • B. 

      Smurfing

    • C. 

      Data emanation

    • D. 

      Bluenarfing

  • 8. 
    QUESTION NO: 1108 Which of the following is the MAIN difference between a hotfix and a patch?
    • A. 

      Hotfixes follow a predetermined release schedule while patches do not.

    • B. 

      Hotfixes are smaller than patches

    • C. 

      Hotfixes may be released at any time and will be later included in a patch

    • D. 

      Patches can only be applied after obtained proper approval, whilehotfixes do not need management approval

  • 9. 
    QUESTION NO: 1109 Which of the following is the FIRST step a technician should take when entering a room where a laptop computer has been compromised?
    • A. 

      Close the laptop lid to put the computer in hibernate mode

    • B. 

      Secure the area

    • C. 

      Unplug the network cable

    • D. 

      Look at the computer screen and record any error message

  • 10. 
    QUESTION NO: 1110 An administrator needs to implement a solution that will have a redundant site at all times and will be able to handle all network request and traffic in the event of the main site going offline. Which of them would provide this functionality?
    • A. 

      Hot site

    • B. 

      Mobile site

    • C. 

      Cold site

    • D. 

      Warm site

  • 11. 
    QUESTION NO: 1111 Which of the following is the BEST solution when trying to update a system to the most current release in as few updates as possible?
    • A. 

      Install allhotfixes then install any remaining services packs

    • B. 

      Install all services packs then install any remaining patches

    • C. 

      Install all patches then install any remaining packs

    • D. 

      Install all patches then install any remaininghotfixes

  • 12. 
    QUESTION NO: 1112 Which of the following should be disabled to help prevent boot sector viruses from launching when a computer boots?
    • A. 

      SNMP

    • B. 

      DMZ

    • C. 

      USB

    • D. 

      Hard drive

  • 13. 
    QUESTION NO: 1113 All changes made on the network need to be documented. A new virus definition and there is not another change management meeting schedule for several weeks. Which of the following is the BEST choice for a security administrator?
    • A. 

      Update the antivirus server and workstations, while ensuring each step is properly documented and logs are working correctly on the server.

    • B. 

      Update the antivirus server and workstations, while ensuring each step is properly documented and logs are working correctly on the server

    • C. 

      Update the antivirus, ensure the logs are working correctly on the server, and wait to update the workstations until it has been approved via the change management process.

    • D. 

      Document the whole process and wait until next week to discuss with the change management group, in order to get that change approved.

  • 14. 
    QUESTION NO: 1114 Which of the following is a goal penetration testing?
    • A. 

      Passively assess web vulnerabilities

    • B. 

      To check compliance of the router configuration

    • C. 

      Provided a passive check of the network's security

    • D. 

      Actively assess deployed security controls

  • 15. 
    QUESTION NO: 1115 While using a protocol analyzer on a packet captured from the weekend, the administrator sees that there was a lot of TCP traffic on ports 6881-68889 with many different destinations. Which of the following does this MOST likely indicate?
    • A. 

      Someone is running a web server

    • B. 

      Someone is using bit torrent

    • C. 

      Someone is using a L2TP VPN

    • D. 

      Someone hasa unsecure SMTP relay running

  • 16. 
    QUESTION NO: 1116 Exploitation of security vulnerabilities is used during assessments when which of the following is true?
    • A. 

      Security testers have clear and written authorization to conduct vulnerability scans

    • B. 

      Security testers are trying to document vulnerabilities without impacting network operations

    • C. 

      Network users have permissions allowing access to network devices with security weaknesses

    • D. 

      Security testers have clear and written authorization to penetration testing

  • 17. 
    QUESTION NO: 1117 Two users are unable to exchange encrypted e-mails, both users can exchange encrypted e-mails with other users. Which of the following is the MOST likely the cause?
    • A. 

      Private keys are not exchanged

    • B. 

      The certificate authority is unresponsive

    • C. 

      One of the user's certificates is revoked

    • D. 

      Public keys are not exchanged

  • 18. 
    QUESTION NO: 1118 Which of the following behavior-based security appliances are used to prevent suspicious activity from entering the network?
    • A. 

      Antivirus

    • B. 

      HDS

    • C. 

      IPS

    • D. 

      IDS

  • 19. 
    QUESTION NO: 1119 Which of the following is true about the application of machine virtualization?
    • A. 

      Virtualization hosting possible on one specific OS

    • B. 

      Machine virtualization is only in a 64-bit environment

    • C. 

      Some malware is able to detect that they are running in a virtual environment

    • D. 

      The virtualization host OS must be within two revisions of the guest OS

  • 20. 
    QUESTION NO: 1120 Which of the following is achieved and ensure by digitally signing an email?
    • A. 

      Availability

    • B. 

      Confidentiality

    • C. 

      Delivery

    • D. 

      Integrity

  • 21. 
    QUESTION NO: 1121 An attacker is targeting specific using packet capture software. An administrator cannot shut down the server due to company policy. Which of the following would LEAST impact the applications hosted on the server?
    • A. 

      Disable the server on directory services

    • B. 

      Disconnect the server from the network, scan it for viruses and malware, and reboot

    • C. 

      Restart all services on the server

    • D. 

      Change the configuration on the NIC card so it is not promiscuous mode

  • 22. 
    QUESTION NO: 1122 Which of the following would MOST likely determine which user inadvertently shut down the company's web server?
    • A. 

      Access logs

    • B. 

      Application logs

    • C. 

      DNS logs

    • D. 

      Performance logs

  • 23. 
    QUESTION NO: 1123 Which of the following describes what has occurred after a user has successfully gained access to a secure system?
    • A. 

      Authentication

    • B. 

      Authenticity

    • C. 

      Identification

    • D. 

      Confidentiality

  • 24. 
    QUESTION NO: 1124 Which of the following requirements would MOST likely cause a technician to use a protocol analyzer?
    • A. 

      Ensure a password meets password policy complexity requirements.

    • B. 

      Determine if a password was sent in clear text over the network.

    • C. 

      Analyze the security logs for a large amount of incorrect password attempts.

    • D. 

      Crack the administrator account password after it had been forgotten

  • 25. 
    QUESTION NO: 1125 An attacker use an account that allows read-only access to the firewall for checking logs and configuration files to gain access to an account that gives full control over firewall configuration. This type of attack is best known as:
    • A. 

      A man-in-the-middle attack

    • B. 

      Exploiting a back door

    • C. 

      Exploiting a week password

    • D. 

      Privilege escalation

Back to Top Back to top