Which of the following is an advantage of implementing individual file encryption on a hard drive which already deploys full disk encryption?

Individually encrypted files will remain encrypted when copied to external media

Reduces processing overhead required to access the encrypted files

Double encryption causes the individually encrypted files to partially lose their properties

Individually encrypted files will remain encrypted when copied to external media

File level access control only apply to individually encrypted files in a fully encrypted drive

Some customers have reported receiving an untrusted certificate warning when visiting the company’s website. The administrator ensures that the certificate is not expired and that customers have trusted the original issuer of the certificate. Which of the following could be causing the problem?

The intermediate CA certificates were not installed on the server.

The certificate is not the correct type for a virtual server.

The encryption key used in the certificate is too short.

The client’s browser is trying to negotiate SSL instead of TLS.

A security administrator has been tasked to ensure access to all network equipment is controlled by a central server such as TACACS+. This type of implementation supports which of the following risk mitigation strategies?

User rights and permissions review

Implement procedures to prevent data theft

Security + 5 (401-500) Trivia Quiz

Approved & Edited by ProProfs Editorial Team

At ProProfs Quizzes, our dedicated in-house team of experts takes pride in their work. With a sharp eye for detail, they meticulously review each quiz. This ensures that every quiz, taken by over 100 million users, meets our standards of accuracy, clarity, and engagement.

Learn about Our Editorial Process

| Written by Kjase04

Kjase04

Community Contributor

Quizzes Created: 3 | Total Attempts: 208

Questions: 100 | Attempts: 67 | Updated: Jun 25, 2023

Questions

Settings

Feedback

During the Quiz End of Quiz

Play as

Quiz Flashcard

Create your own Quiz

Security + 5 (401-500) Trivia Quiz - Quiz

If you like answering specifically designed questions that touch on security and well being in general then try out this quiz. It is quite simple and therefore it will be easy to answer. All the best.

Questions and Answers

1.

The process of making certain that an entity (operating system, application, etc.) is as secure as it can be is known as:
- A.
  
  Stabilizing
- B.
  
  Reinforcing
- C.
  
  Hardening
- D.
  
  Toughening
Correct Answer
C. Hardening

Explanation
The term "hardening" refers to the process of strengthening the security of an entity, such as an operating system or application, to make it as secure as possible. This involves implementing various security measures, such as configuring access controls, enabling encryption, and patching vulnerabilities, to reduce the potential attack surface and protect against unauthorized access or malicious activities. Hardening is an essential step in ensuring the overall security and resilience of an entity.

Rate this question:
2.

What is the term for the process of luring someone in (usually done by an enforcement officer or a government agent)?
- A.
  
  Enticement
- B.
  
  Entrapment
- C.
  
  Deceit
- D.
  
  Sting
Correct Answer
A. Enticement

Explanation
The term for the process of luring someone in, usually done by an enforcement officer or a government agent, is entrapment. This refers to the act of inducing or persuading someone to commit a crime that they would not have otherwise committed. It involves creating a situation that tempts or traps an individual into engaging in illegal activities.

Rate this question:
3.

Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator. Which of the following is configured in the RADIUS server and what technologies should the authentication protocol be changed to?
- A.
  
  PAP, MSCHAPv2
- B.
  
  CHAP, PAP
- C.
  
  MSCHAPv2, NTLMv2
- D.
  
  NTLM, NTLMv2
Correct Answer
A. PAP, MSCHAPv2

Explanation
The correct answer is PAP, MSCHAPv2. PAP (Password Authentication Protocol) is a weak authentication protocol that sends passwords in clear text, making it vulnerable to eavesdropping. MSCHAPv2 (Microsoft Challenge Handshake Authentication Protocol version 2) is a stronger authentication protocol that provides mutual authentication and encrypts passwords, making it more secure. Therefore, to address the issue of clear text passwords, the authentication protocol should be changed from PAP to MSCHAPv2.

Rate this question:
4.

Which of the following is an advantage of implementing individual file encryption on a hard drive which already deploys full disk encryption?
- A.
  
  Reduces processing overhead required to access the encrypted files
- B.
  
  Double encryption causes the individually encrypted files to partially lose their properties
- C.
  
  Individually encrypted files will remain encrypted when copied to external media
- D.
  
  File level access control only apply to individually encrypted files in a fully encrypted drive
Correct Answer
C. Individually encrypted files will remain encrypted when copied to external media
5.

An IT director is looking to reduce the footprint of their company’s server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company. Which of the following BEST describes this arrangement?
- A.
  
  Infrastructure as a Service
- B.
  
  Storage as a Service
- C.
  
  Platform as a Service
- D.
  
  Software as a Service
Correct Answer
A. Infrastructure as a Service

Explanation
This arrangement is best described as Infrastructure as a Service (IaaS). In this model, the IT director is moving their internally developed software applications to an alternate environment provided by an external company. With IaaS, the company can reduce its server footprint by outsourcing the infrastructure, such as servers, storage, and networking, to the external company. The company still maintains control over the operating systems, middleware, and applications, while the external company handles the physical infrastructure.

Rate this question:
6.

A forensic analyst is reviewing electronic evidence after a robbery. Security cameras installed at the site were facing the wrong direction to capture the incident. The analyst ensures the cameras are turned to face the proper direction. Which of the following types of controls is being used?
- A.
  
  Detective
- B.
  
  Deterrent
- C.
  
  Corrective
- D.
  
  Preventive
Correct Answer
C. Corrective

Explanation
The correct answer is "corrective." In this scenario, the forensic analyst is taking action to correct the issue of the security cameras facing the wrong direction. Corrective controls are implemented after an incident or problem has occurred to fix the issue and prevent it from happening again in the future.

Rate this question:
7.

A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in this scenario?
- A.
  
  WPA2
- B.
  
  WPA
- C.
  
  IPv6
- D.
  
  IPv4
Correct Answer
C. IPv6

Explanation
In this scenario, the security administrator wants to eliminate the need for NAT (Network Address Translation) for address range extension and incorporate IPSec into the wireless network protocol. IPv6 (Internet Protocol version 6) is the appropriate choice as it provides a larger address space, eliminating the need for NAT. Additionally, IPv6 has built-in support for IPSec, ensuring secure communication over the network. WPA2 and WPA are wireless security protocols and do not address the requirement of eliminating NAT. IPv4 is the previous version of the Internet Protocol and does not have the same capabilities as IPv6.

Rate this question:
8.

The network administrator is responsible for promoting code to applications on a DMZ web server. Which of the following processes is being followed to ensure application integrity?
- A.
  
  Application hardening
- B.
  
  Application firewall review
- C.
  
  Application change management
- D.
  
  Application patch management
Correct Answer
C. Application change management

Explanation
Application change management refers to the process of controlling and managing changes made to applications in order to ensure their integrity. This process involves documenting and tracking all changes, implementing proper testing and approval procedures, and ensuring that changes are properly authorized and implemented. By following application change management, the network administrator can ensure that any code promotion to the DMZ web server is done in a controlled and secure manner, minimizing the risk of introducing vulnerabilities or compromising the application's integrity.

Rate this question:
9.

An IT auditor tests an application as an authenticated user. This is an example of which of the following types of testing?
- A.
  
  Penetration
- B.
  
  White box
- C.
  
  Black box
- D.
  
  Gray box
Correct Answer
D. Gray box

Explanation
In gray box testing, the tester has limited knowledge about the internal workings of the application being tested. They have some access to the application's internals, such as the database structure or code snippets, but not full access. In this scenario, the IT auditor is testing the application as an authenticated user, meaning they have some knowledge and access to the application but not complete knowledge or control. Therefore, this aligns with the concept of gray box testing.

Rate this question:
10.

The manager has a need to secure physical documents every night, since the company began enforcing the clean desk policy. The BEST solution would include: (Select TWO).
- A.
  
  Fire- or water-proof safe.
- B.
  
  Department door locks.
- C.
  
  Proximity card.
- D.
  
  24-hour security guard.
- E.
  
  Locking cabinets and drawers.
Correct Answer(s)
A. Fire- or water-proof safe.
E. Locking cabinets and drawers.

Explanation
The manager's need to secure physical documents every night, especially with the enforcement of the clean desk policy, suggests that the documents need to be protected from potential hazards such as fire or water damage. Therefore, a fire- or water-proof safe would be a suitable solution. Additionally, to ensure further security, locking cabinets and drawers can be used to prevent unauthorized access to the documents. These two solutions provide both physical protection and restricted access, making them the best options in this scenario.

Rate this question:
11.

Which of the following is an important implementation consideration when deploying a wireless network that uses a shared password?
- A.
  
  Authentication server
- B.
  
  Server certificate
- C.
  
  Key length
- D.
  
  EAP method
Correct Answer
C. Key length

Explanation
Key length is an important implementation consideration when deploying a wireless network that uses a shared password. The length of the key determines the level of security and the difficulty for an attacker to guess or crack the password. A longer key length provides stronger security as it increases the number of possible combinations, making it harder for an attacker to guess the password through brute force or other password cracking techniques. Therefore, selecting an appropriate key length is crucial to ensure the security of the wireless network.

Rate this question:
12.

Which of the following would satisfy wireless network implementation requirements to use mutual authentication and usernames and passwords?
- A.
  
  EAP-MD5
- B.
  
  WEP
- C.
  
  PEAP-MSCHAPv2
- D.
  
  EAP-TLS
Correct Answer
C. PEAP-MSCHAPv2

Explanation
PEAP-MSCHAPv2 would satisfy the wireless network implementation requirements to use mutual authentication and usernames and passwords. PEAP (Protected Extensible Authentication Protocol) provides a secure method for authentication, and MSCHAPv2 (Microsoft Challenge Handshake Authentication Protocol version 2) is a widely used authentication protocol that supports usernames and passwords. Together, PEAP-MSCHAPv2 allows for secure authentication using both mutual authentication and usernames and passwords.

Rate this question:
13.

Some customers have reported receiving an untrusted certificate warning when visiting the company’s website. The administrator ensures that the certificate is not expired and that customers have trusted the original issuer of the certificate. Which of the following could be causing the problem?
- A.
  
  The intermediate CA certificates were not installed on the server.
- B.
  
  The certificate is not the correct type for a virtual server.
- C.
  
  The encryption key used in the certificate is too short.
- D.
  
  The client’s browser is trying to negotiate SSL instead of TLS.
Correct Answer
A. The intermediate CA certificates were not installed on the server.

Explanation
The issue of customers receiving an untrusted certificate warning suggests that the certificate chain is not complete. This means that the intermediate CA certificates, which are necessary to establish the trust relationship between the server's certificate and the original issuer, have not been installed on the server. Without the intermediate CA certificates, the server's certificate cannot be properly validated by the client's browser, resulting in the warning message.

Rate this question:
14.

A security analyst needs to ensure all external traffic is able to access the company’s front-end servers but protect all access to internal resources. Which of the following network design elements would MOST likely be recommended?
- A.
  
  DMZ
- B.
  
  Cloud computing
- C.
  
  VLAN
- D.
  
  Virtualization
Correct Answer
A. DMZ

Explanation
A DMZ (Demilitarized Zone) is a network segment that sits between an organization's internal network and the external network (usually the internet). It acts as a buffer zone, allowing external traffic to access the company's front-end servers while protecting the internal resources. By placing the front-end servers in the DMZ, the security analyst can enforce stricter security measures, such as firewall rules and intrusion detection systems, to prevent unauthorized access to internal resources. Therefore, a DMZ would be the most recommended network design element in this scenario.

Rate this question:
15.

A company’s business model was changed to provide more web presence and now its ERM software is no longer able to support the security needs of the company. The current data center will continue to provide network and security services. Which of the following network elements would be used to support the new business model?
- A.
  
  Software as a Service
- B.
  
  DMZ
- C.
  
  Remote access support
- D.
  
  Infrastructure as a Service
Correct Answer
A. Software as a Service

Explanation
The correct answer is Software as a Service. Since the company has changed its business model to provide more web presence, it needs a software solution that can support its new requirements. Software as a Service (SaaS) allows the company to access and use software applications over the internet, eliminating the need for the company to manage and maintain its own software infrastructure. This would be an ideal solution for the company as it can provide the necessary web presence while also addressing the security needs of the company.

Rate this question:
16.

Which of the following network devices is used to analyze traffic between various network interfaces?
- A.
  
  Proxies
- B.
  
  Firewalls
- C.
  
  Content inspection
- D.
  
  Sniffers
Correct Answer
D. Sniffers

Explanation
Sniffers are network devices used to analyze traffic between various network interfaces. They capture and analyze network packets, allowing network administrators to monitor and troubleshoot network performance, detect network vulnerabilities, and analyze network protocols. Sniffers can provide valuable insights into network traffic patterns, identify potential security threats, and help optimize network performance.

Rate this question:
17.

Layer 7 devices used to prevent specific types of html tags are called:
- A.
  
  Firewalls
- B.
  
  Content filters
- C.
  
  Routers
- D.
  
  NIDS
Correct Answer
B. Content filters

Explanation
Content filters are layer 7 devices that are specifically designed to prevent specific types of HTML tags. These filters analyze the content of the data packets at the application layer (layer 7) of the OSI model, allowing them to identify and block specific HTML tags or content that may be deemed harmful or inappropriate. Firewalls, routers, and NIDS (Network Intrusion Detection Systems) may have some level of content filtering capabilities, but content filters are specifically designed for this purpose.

Rate this question:
18.

A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports?
- A.
  
  SNMP
- B.
  
  SNMPv3
- C.
  
  ICMP
- D.
  
  SSH
Correct Answer
B. SNMPv3

Explanation
SNMPv3 would be configured to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. SNMPv3 (Simple Network Management Protocol version 3) is an updated version of SNMP that provides secure access and authentication mechanisms. It ensures the confidentiality and integrity of data transmitted between the network devices and the network management system. By configuring SNMPv3, the network administrator can collect network usage data from layer 3 devices in a secure manner and generate daily reports without compromising any sensitive information.

Rate this question:
19.

A security administrator has been tasked to ensure access to all network equipment is controlled by a central server such as TACACS+. This type of implementation supports which of the following risk mitigation strategies?
- A.
  
  User rights and permissions review
- B.
  
  Change management
- C.
  
  Data loss prevention
- D.
  
  Implement procedures to prevent data theft
Correct Answer
A. User rights and permissions review

Explanation
Implementing a central server such as TACACS+ to control access to network equipment supports the risk mitigation strategy of user rights and permissions review. By centralizing access control, the security administrator can easily manage and review user rights and permissions, ensuring that only authorized individuals have access to the network equipment. This helps to prevent unauthorized access and reduces the risk of security breaches.

Rate this question:
20.

Company A sends a PGP encrypted file to company B. If company A used company B’s public key to encrypt the file, which of the following should be used to decrypt data at company B?
- A.
  
  Registration
- B.
  
  Public key
- C.
  
  CRLs
- D.
  
  Private key
Correct Answer
D. Private key

Explanation
The private key should be used to decrypt the PGP encrypted file at company B. In a PGP encryption system, the public key is used for encryption, while the private key is used for decryption. Company A used company B's public key to encrypt the file, so company B needs to use their corresponding private key to decrypt the data and access the original file.

Rate this question:
21.

Which of the following types of authentication solutions use tickets to provide access to various resources from a central location?
- A.
  
  Biometrics
- B.
  
  PKI
- C.
  
  ACLs
- D.
  
  Kerberos
Correct Answer
D. Kerberos

Explanation
Kerberos is a type of authentication solution that uses tickets to provide access to various resources from a central location. It is a network authentication protocol that uses symmetric key cryptography to verify the identity of users and grant them access to resources. When a user requests access to a resource, Kerberos issues a ticket that contains the user's identity and other relevant information. This ticket is then presented to the resource server, which verifies it with the help of a central authentication server. If the ticket is valid, the user is granted access to the requested resource.

Rate this question:
22.

A corporation is looking to expand their data center but has run out of physical space in which to store hardware. Which of the following would offer the ability to expand while keeping their current data center operated by internal staff?
- A.
  
  Virtualization
- B.
  
  Subnetting
- C.
  
  IaaS
- D.
  
  SaaS
Correct Answer
A. Virtualization

Explanation
Virtualization would allow the corporation to expand their data center without needing additional physical space. It involves creating virtual versions of servers, storage, and networks, which can be managed and operated by the internal staff. This technology enables the consolidation of multiple physical servers into a single server, maximizing resource utilization and reducing hardware costs. By implementing virtualization, the corporation can continue to expand their data center while maintaining control and management through their internal staff.

Rate this question:
23.

After viewing wireless traffic, an attacker notices the following networks are being broadcasted by local access points: CorpnetCoffeeshopFreePublicWifi Using this information the attacker spoofs a response to make nearby laptops connect back to a malicious device. Which of the following has the attacker created?
- A.
  
  Infrastructure as a Service
- B.
  
  Load balancer
- C.
  
  Evil twin
- D.
  
  Virtualized network
Correct Answer
C. Evil twin

Explanation
The attacker has created an evil twin. An evil twin is a type of wireless network attack where the attacker sets up a fake wireless network that appears to be legitimate in order to trick users into connecting to it. In this case, the attacker has noticed the networks being broadcasted by local access points and spoofed a response to make nearby laptops connect to their malicious device, which is the characteristic behavior of an evil twin attack.

Rate this question:
24.

Which of the following concepts is enforced by certifying that email communications have been sent by who the message says it has been sent by?
- A.
  
  Key escrow
- B.
  
  Non-repudiation
- C.
  
  Multifactor authentication
- D.
  
  Hashing
Correct Answer
B. Non-repudiation

Explanation
Non-repudiation is the concept that is enforced by certifying that email communications have been sent by who the message says it has been sent by. Non-repudiation ensures that the sender of the email cannot later deny sending it, as there is evidence and certification that proves their identity as the sender. This concept is important in legal and business contexts, where it is crucial to establish the authenticity and integrity of electronic communication to prevent disputes and fraud.

Rate this question:
25.

After a recent breach, the security administrator performs a wireless survey of the corporate network. The security administrator notices a problem with the following output: MAC SSID ENCRYPTION POWER BEACONS 00:10:A1:36:12:CC MYCORP WPA2 CCMP 60 120200:10:A1:49:FC:37 MYCORP WPA2 CCMP 70 9102FB:90:11:42:FA:99 MYCORP WPA2 CCMP 40 303100:10:A1:AA:BB:CC MYCORP WPA2 CCMP 55 202100:10:A1:FA:B1:07 MYCORP WPA2 CCMP 30 6044 Given that the corporate wireless network has been standardized, which of the following attacks is underway?
- A.
  
  Evil twin
- B.
  
  IV attack
- C.
  
  Rogue AP
- D.
  
  DDoS
Correct Answer
A. Evil twin

Explanation
The correct answer is "evil twin." In an evil twin attack, an attacker sets up a fake wireless access point (AP) that mimics a legitimate AP. The attacker may use the same SSID (network name) and encryption settings to trick users into connecting to the fake AP. In this scenario, the output from the wireless survey shows multiple APs with the same SSID and encryption, indicating the presence of an evil twin attack. The varying power levels and beacon counts suggest that the attacker is trying to manipulate the signal strength and beacon frames to deceive users into connecting to the fake AP.

Rate this question:
26.

Input validation is an important security defense because it:
- A.
  
  Rejects bad or malformed data.
- B.
  
  Enables verbose error reporting.
- C.
  
  Protects mis-configured web servers.
- D.
  
  Prevents denial of service attacks.
Correct Answer
A. Rejects bad or malformed data.

Explanation
Input validation is an important security defense because it ensures that only valid and properly formatted data is accepted by an application or system. By rejecting bad or malformed data, it helps to prevent various types of security vulnerabilities such as injection attacks, buffer overflows, and cross-site scripting. This helps to maintain the integrity and reliability of the system by filtering out any potentially harmful or unexpected input. Additionally, input validation also helps to improve the overall user experience by providing clear and informative error messages when invalid data is entered.

Rate this question:
27.

In order to maintain oversight of a third party service provider, the company is going to implement a Governance, Risk, and Compliance (GRC) system. This system is promising to provide overall security posture coverage. Which of the following is the MOST important activity that should be considered?
- A.
  
  Continuous security monitoring
- B.
  
  Baseline configuration and host hardening
- C.
  
  Service Level Agreement (SLA) monitoring
- D.
  
  Security alerting and trending
Correct Answer
A. Continuous security monitoring

Explanation
Continuous security monitoring is the most important activity that should be considered when implementing a Governance, Risk, and Compliance (GRC) system. This activity involves constantly monitoring the security posture of the third party service provider to ensure that it remains in compliance with the company's security standards and policies. By continuously monitoring security, any vulnerabilities or threats can be identified and addressed promptly, reducing the risk of potential breaches or incidents. This activity helps to maintain oversight and ensure the overall security of the company's systems and data.

Rate this question:
28.

A recent audit of a company’s identity management system shows that 30% of active accounts belong to people no longer with the firm. Which of the following should be performed to help avoid this scenario? (Select TWO).
- A.
  
  Automatically disable accounts that have not been utilized for at least 10 days.
- B.
  
  Utilize automated provisioning and de-provisioning processes where possible.
- C.
  
  Request that employees provide a list of systems that they have access to prior to leaving the firm.
- D.
  
  Perform regular user account review / revalidation process.
- E.
  
  Implement a process where new account creations require management approval.
Correct Answer(s)
B. Utilize automated provisioning and de-provisioning processes where possible.
D. Perform regular user account review / revalidation process.

Explanation
To help avoid the scenario of having 30% of active accounts belonging to people no longer with the firm, two actions should be performed. First, the company should utilize automated provisioning and de-provisioning processes where possible. This means implementing a system that automatically creates and removes user accounts based on certain criteria, such as employment status. Second, the company should perform regular user account review and revalidation processes. This involves regularly reviewing and validating the access rights and permissions of all user accounts to ensure they are still necessary and appropriate. These two actions will help ensure that only active employees have access to the company's identity management system.

Rate this question:
29.

The Chief Information Officer (CIO) has mandated web based Customer Relationship Management (CRM) business functions be moved offshore to reduce cost, reduce IT overheads, and improve availability. The Chief Risk Officer (CRO) has agreed with the CIO’s direction but has mandated that key authentication systems be run within the organization’s network. Which of the following would BEST meet the CIO and CRO’s requirements?
- A.
  
  Software as a Service
- B.
  
  Infrastructure as a Service
- C.
  
  Platform as a Service
- D.
  
  Hosted virtualization service
Correct Answer
A. Software as a Service

Explanation
Software as a Service (SaaS) would best meet the requirements of the CIO and CRO. SaaS allows for web-based CRM functions to be moved offshore, reducing costs and IT overheads. Additionally, key authentication systems can be run within the organization's network, meeting the CRO's mandate. Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Hosted virtualization service do not specifically address the requirement of running key authentication systems within the organization's network.

Rate this question:
30.

Which of the following provides the BEST application availability and is easily expanded as demand grows?
- A.
  
  Server virtualization
- B.
  
  Load balancing
- C.
  
  Active-Passive Cluster
- D.
  
  RAID 6
Correct Answer
B. Load balancing

Explanation
Load balancing provides the best application availability and is easily expanded as demand grows. Load balancing distributes incoming network traffic across multiple servers, ensuring that no single server becomes overwhelmed. This improves the overall performance and availability of the application. Additionally, load balancing allows for easy scalability by adding more servers to the load balancing pool as demand increases. This ensures that the application can handle increased traffic and maintain high availability.

Rate this question:
31.

An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL?
- A.
  
  Create three VLANs on the switch connected to a router
- B.
  
  Define three subnets, configure each device to use their own dedicated IP address range, and then connect the network to a router
- C.
  
  Install a firewall and connect it to the switch
- D.
  
  Install a firewall and connect it to a dedicated switch for each device type
Correct Answer
A. Create three VLANs on the switch connected to a router

Explanation
Creating three VLANs on the switch connected to a router would provide the best logical separation of the VoIP phones, network PCs, and printers. VLANs allow for the segmentation of network traffic, isolating each device type into its own virtual network. This ensures that traffic between the devices can still pass through the router, while maintaining separate broadcast domains and enhancing network security.

Rate this question:
32.

Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card?
- A.
  
  WEP
- B.
  
  MAC filtering
- C.
  
  Disabled SSID broadcast
- D.
  
  TKIP
Correct Answer
B. MAC filtering

Explanation
An attacker can defeat MAC filtering by spoofing certain properties of their network interface card. MAC filtering is a security measure that only allows specific devices with approved MAC addresses to connect to a wireless network. However, an attacker can easily spoof or change their MAC address to match one of the approved addresses, bypassing the MAC filtering and gaining unauthorized access to the network.

Rate this question:
33.

Which of the following provides additional encryption strength by repeating the encryption process with additional keys?
- A.
  
  AES
- B.
  
  3DEs
- C.
  
  Twofish
- D.
  
  Blowfish
Correct Answer
B. 3DEs

Explanation
3DEs (also known as Triple DES or TDES) provides additional encryption strength by repeating the encryption process with additional keys. It uses three separate keys and applies the Data Encryption Standard (DES) algorithm three times in succession. This triple encryption process enhances security and makes it more difficult for attackers to decrypt the data.

Rate this question:
34.

Which of the following BEST describes part of the PKI process?
- A.
  
  User1 decrypts data with User2’s private key
- B.
  
  User1 hashes data with User2’s public key
- C.
  
  User1 hashes data with User2’s private key
- D.
  
  User1 encrypts data with User2’s public key
Correct Answer
D. User1 encrypts data with User2’s public key

Explanation
The correct answer is "User1 encrypts data with User2’s public key." In the PKI (Public Key Infrastructure) process, User1 encrypts data with User2's public key to ensure confidentiality. This means that only User2, who possesses the corresponding private key, can decrypt and access the data. This process is commonly used in secure communication and data transmission to protect sensitive information from unauthorized access.

Rate this question:
35.

Two members of the finance department have access to sensitive information. The company is concerned they may work together to steal information. Which of the following controls could be implemented to discover if they are working together?
- A.
  
  Least privilege access
- B.
  
  Separation of duties
- C.
  
  Mandatory access control
- D.
  
  Mandatory vacations
Correct Answer
D. Mandatory vacations

Explanation
Mandatory vacations can be implemented as a control measure to discover if the two members of the finance department are working together to steal information. By enforcing mandatory vacations, one member would be absent while the other is present, making it difficult for them to collaborate without raising suspicion. This control helps to detect any unauthorized activities or attempts to steal sensitive information by ensuring that there is a temporary separation between the two employees.

Rate this question:
36.

A system administrator attempts to ping a hostname and the response is 2001:4860:0:2001::68. Which of the following replies has the administrator received?
- A.
  
  The loopback address
- B.
  
  The local MAC address
- C.
  
  IPv4 address
- D.
  
  IPv6 address
Correct Answer
D. IPv6 address

Explanation
The system administrator has received an IPv6 address as a response. This can be determined by the format of the address "2001:4860:0:2001::68", which follows the IPv6 addressing scheme. IPv6 addresses are used to identify and locate devices on a network, and they are typically represented by a series of hexadecimal numbers separated by colons. In contrast, IPv4 addresses consist of four sets of numbers separated by periods.

Rate this question:
37.

Which of the following allows a network administrator to implement an access control policy based on individual user characteristics and NOT on job function?
- A.
  
  Attributes based
- B.
  
  Implicit deny
- C.
  
  Role based
- D.
  
  Rule based
Correct Answer
A. Attributes based

Explanation
Attributes based access control allows a network administrator to implement an access control policy based on individual user characteristics rather than their job function. This means that access to resources and privileges is determined by specific attributes or characteristics of the user, such as their role, location, department, or any other relevant attribute. This approach provides more granular control and flexibility in managing access rights, as it takes into account the unique characteristics of each user rather than relying solely on their job function.

Rate this question:
38.

Which of the following is a best practice when a mistake is made during a forensics examination?
- A.
  
  The examiner should verify the tools before, during, and after an examination.
- B.
  
  The examiner should attempt to hide the mistake during cross-examination.
- C.
  
  The examiner should document the mistake and workaround the problem.
- D.
  
  The examiner should disclose the mistake and assess another area of the disc.
Correct Answer
C. The examiner should document the mistake and workaround the problem.

Explanation
When a mistake is made during a forensics examination, it is important for the examiner to document the mistake and find a way to work around the problem. This is a best practice because it ensures transparency and accountability in the examination process. By documenting the mistake, the examiner can provide a clear record of what went wrong and how it was addressed. This allows for proper evaluation and review of the examination process. Finding a workaround for the problem ensures that the examination can continue without compromising the integrity of the evidence.

Rate this question:
39.

Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure?
- A.
  
  Trust Model
- B.
  
  Recovery Agent
- C.
  
  Public Key
- D.
  
  Private Key
Correct Answer
A. Trust Model

Explanation
A Trust Model allows lower level domains to access resources in a separate Public Key Infrastructure. Trust models define the rules and policies for establishing trust relationships between different domains or entities. In this case, the trust model would enable lower level domains to authenticate and access resources in a separate PKI, ensuring secure communication and data exchange. Trust models play a crucial role in ensuring the integrity and confidentiality of information in complex network environments.

Rate this question:
40.

Which of the following offers the LEAST secure encryption capabilities?
- A.
  
  Twofish
- B.
  
  PAP
- C.
  
  NTLM
- D.
  
  CHAP
Correct Answer
B. PAP

Explanation
PAP (Password Authentication Protocol) offers the least secure encryption capabilities among the given options. PAP is a simple authentication protocol that transmits passwords in plaintext, without any encryption or hashing. This makes it vulnerable to eavesdropping and unauthorized access. In contrast, twofish, NTLM, and CHAP provide stronger encryption and security measures.

Rate this question:
41.

Which of the following network architecture concepts is used to securely isolate at the boundary between networks?
- A.
  
  VLAN
- B.
  
  Subnetting
- C.
  
  DMZ
- D.
  
  NAT
Correct Answer
C. DMZ

Explanation
A DMZ (Demilitarized Zone) is a network architecture concept that is used to securely isolate at the boundary between networks. It acts as a buffer zone between an organization's internal network and the external network, such as the internet. The DMZ allows for the hosting of publicly accessible services, such as web servers, while keeping them separated from the internal network. This helps to protect the internal network from potential external threats and attacks.

Rate this question:
42.

Datacenter access is controlled with proximity badges that record all entries and exits from the datacenter. The access records are used to identify which staff members accessed the data center in the event of equipment theft. Which of the following MUST be prevented in order for this policy to be effective?
- A.
  
  Password reuse
- B.
  
  Phishing
- C.
  
  Social engineering
- D.
  
  Tailgating
Correct Answer
D. Tailgating

Explanation
Tailgating must be prevented in order for the policy to be effective. Tailgating refers to the act of unauthorized individuals following an authorized person into a secure area without proper authentication. If tailgating is not prevented, it would undermine the purpose of using proximity badges to control access to the datacenter. The access records would not accurately reflect who actually entered the datacenter, making it difficult to identify staff members in the event of equipment theft.

Rate this question:
43.

Elastic cloud computing environments often reuse the same physical hardware for multiple customers over time as virtual machines are instantiated and deleted. This has important implications for which of the following data security concerns?
- A.
  
  Hardware integrity
- B.
  
  Data confidentiality
- C.
  
  Availability of servers
- D.
  
  Integrity of data
Correct Answer
B. Data confidentiality

Explanation
In elastic cloud computing environments, the same physical hardware is reused for multiple customers, which means that different virtual machines are instantiated and deleted on the same hardware over time. This poses a potential risk to data confidentiality. Since the hardware is shared, there is a possibility of unauthorized access or exposure of sensitive data to other customers. Therefore, ensuring data confidentiality becomes a crucial concern in such environments.

Rate this question:
44.

When implementing fire suppression controls in a datacenter it is important to:
- A.
  
  Select a fire suppression system which protects equipment but may harm technicians.
- B.
  
  Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers.
- C.
  
  Integrate maintenance procedures to include regularly discharging the system.
- D.
  
  Use a system with audible alarms to ensure technicians have 20 minutes to evacuate.
Correct Answer
B. Ensure proper placement of sprinkler lines to avoid accidental leakage onto servers.

Explanation
This answer is correct because when implementing fire suppression controls in a datacenter, it is crucial to ensure that the sprinkler lines are properly placed to avoid any accidental leakage onto the servers. Water leakage onto servers can cause severe damage to the equipment and result in data loss or downtime. Therefore, proper placement of sprinkler lines is necessary to prevent any potential harm to the servers and maintain the integrity and functionality of the datacenter.

Rate this question:
45.

Vendors typically ship software applications with security settings disabled by default to ensure a wide range of interoperability with other applications and devices. A security administrator should perform which of the following before deploying new software?
- A.
  
  Application white listing
- B.
  
  Network penetration testing
- C.
  
  Application hardening
- D.
  
  Input fuzzing testing
Correct Answer
C. Application hardening

Explanation
Vendors often disable security settings in software applications by default to ensure compatibility with other applications and devices. Before deploying new software, a security administrator should perform application hardening. This involves implementing security measures such as enabling security settings, configuring access controls, and removing unnecessary features or services to reduce the attack surface and enhance the overall security of the application.

Rate this question:
46.

A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another?
- A.
  
  Implement a virtual firewall
- B.
  
  Install HIPS on each VM
- C.
  
  Virtual switches with VLANs
- D.
  
  Develop a patch management guide
Correct Answer
C. Virtual switches with VLANs

Explanation
To isolate the virtual machines (VMs) from one another, it is recommended to implement virtual switches with VLANs. VLANs (Virtual Local Area Networks) allow for the segmentation of network traffic by creating separate logical networks within a physical network infrastructure. By assigning each VM to a specific VLAN, the traffic between the VMs can be isolated, ensuring that they cannot directly communicate with each other. This provides an additional layer of security and helps to prevent unauthorized access or interference between the VMs.

Rate this question:
47.

Mandatory vacations are a security control which can be used to uncover which of the following?
- A.
  
  Fraud committed by a system administrator
- B.
  
  Poor password security among users
- C.
  
  The need for additional security staff
- D.
  
  Software vulnerabilities in vendor code
Correct Answer
A. Fraud committed by a system administrator

Explanation
Mandatory vacations are a security control that can be used to uncover fraud committed by a system administrator. By requiring system administrators to take regular vacations, it ensures that someone else will have to take over their responsibilities temporarily. This provides an opportunity for another person to review their actions and detect any fraudulent activities that may have been taking place. It acts as a deterrent for administrators who may be tempted to engage in fraudulent behavior, knowing that their absence will expose their actions.

Rate this question:
48.

Each server on a subnet is configured to only allow SSH access from the administrator’s workstation. Which of the following BEST describes this implementation?
- A.
  
  Host-based firewalls
- B.
  
  < span style="font-family: ; mso-font-kerning: 0pt; mso-no-proof: yes" lang="EN-US">Network firewalls
- C.
  
  Network proxy
- D.
  
  Host intrusion prevention
Correct Answer
A. Host-based firewalls

Explanation
This implementation is best described as host-based firewalls. Host-based firewalls are software-based firewalls that are installed on individual servers or hosts. They allow administrators to control and restrict incoming and outgoing network traffic on a specific host. In this scenario, each server on the subnet is configured to only allow SSH access from the administrator's workstation, indicating the use of host-based firewalls to enforce this restriction at the individual server level.

Rate this question:
49.

During a security assessment, an administrator wishes to see which services are running on a remote server. Which of the following should the administrator use?
- A.
  
  Port scanner
- B.
  
  Network sniffer
- C.
  
  Protocol analyzer
- D.
  
  Process list
Correct Answer
A. Port scanner

Explanation
During a security assessment, an administrator would use a port scanner to see which services are running on a remote server. A port scanner is a tool that scans a range of ports on a target system to identify open ports and the services running on those ports. By using a port scanner, the administrator can gather information about the services running on the remote server, which can help in identifying potential vulnerabilities and securing the system.

Rate this question:
50.

In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be classified?
- A.
  
  Security control frameworks
- B.
  
  Best practice
- C.
  
  Access control methodologies
- D.
  
  Compliance activity
Correct Answer
B. Best practice

Explanation
Creating a corporate privacy policy, drafting acceptable use policies, and implementing group-based access control are all considered best practices in the field of cybersecurity. These activities help organizations establish guidelines and procedures to protect sensitive information, ensure appropriate use of resources, and control access to systems and data. By following these best practices, organizations can enhance their overall security posture and mitigate potential risks and threats.

Rate this question:

Security + 5 (401-500) Trivia Quiz

The process of making certain that an entity (operating system, application, etc.) is as secure as it can be is known as:

What is the term for the process of luring someone in (usually done by an enforcement officer or a government agent)?

Pete, a security auditor, has detected clear text passwords between the RADIUS server and the authenticator. Which of the following is configured in the RADIUS server and what technologies should the authentication protocol be changed to?

Which of the following is an advantage of implementing individual file encryption on a hard drive which already deploys full disk encryption?

An IT director is looking to reduce the footprint of their company’s server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company. Which of the following BEST describes this arrangement?

A forensic analyst is reviewing electronic evidence after a robbery. Security cameras installed at the site were facing the wrong direction to capture the incident. The analyst ensures the cameras are turned to face the proper direction. Which of the following types of controls is being used?

A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in this scenario?

The network administrator is responsible for promoting code to applications on a DMZ web server. Which of the following processes is being followed to ensure application integrity?

An IT auditor tests an application as an authenticated user. This is an example of which of the following types of testing?

The manager has a need to secure physical documents every night, since the company began enforcing the clean desk policy. The BEST solution would include: (Select TWO).

Which of the following is an important implementation consideration when deploying a wireless network that uses a shared password?

Which of the following would satisfy wireless network implementation requirements to use mutual authentication and usernames and passwords?

Some customers have reported receiving an untrusted certificate warning when visiting the company’s website. The administrator ensures that the certificate is not expired and that customers have trusted the original issuer of the certificate. Which of the following could be causing the problem?

A security analyst needs to ensure all external traffic is able to access the company’s front-end servers but protect all access to internal resources. Which of the following network design elements would MOST likely be recommended?

Which of the following network devices is used to analyze traffic between various network interfaces?

Layer 7 devices used to prevent specific types of html tags are called:

A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports?

A security administrator has been tasked to ensure access to all network equipment is controlled by a central server such as TACACS+. This type of implementation supports which of the following risk mitigation strategies?

Company A sends a PGP encrypted file to company B. If company A used company B’s public key to encrypt the file, which of the following should be used to decrypt data at company B?

Which of the following types of authentication solutions use tickets to provide access to various resources from a central location?

A corporation is looking to expand their data center but has run out of physical space in which to store hardware. Which of the following would offer the ability to expand while keeping their current data center operated by internal staff?

Which of the following concepts is enforced by certifying that email communications have been sent by who the message says it has been sent by?

Input validation is an important security defense because it:

A recent audit of a company’s identity management system shows that 30% of active accounts belong to people no longer with the firm. Which of the following should be performed to help avoid this scenario? (Select TWO).

Which of the following provides the BEST application availability and is easily expanded as demand grows?

An administrator connects VoIP phones to the same switch as the network PCs and printers. Which of the following would provide the BEST logical separation of these three device types while still allowing traffic between them via ACL?

Which of the following wireless security measures can an attacker defeat by spoofing certain properties of their network interface card?

Which of the following provides additional encryption strength by repeating the encryption process with additional keys?

Which of the following BEST describes part of the PKI process?

Two members of the finance department have access to sensitive information. The company is concerned they may work together to steal information. Which of the following controls could be implemented to discover if they are working together?

A system administrator attempts to ping a hostname and the response is 2001:4860:0:2001::68. Which of the following replies has the administrator received?

Which of the following allows a network administrator to implement an access control policy based on individual user characteristics and NOT on job function?

Which of the following is a best practice when a mistake is made during a forensics examination?

Which of the following allows lower level domains to access resources in a separate Public Key Infrastructure?

Which of the following offers the LEAST secure encryption capabilities?

Which of the following network architecture concepts is used to securely isolate at the boundary between networks?

Elastic cloud computing environments often reuse the same physical hardware for multiple customers over time as virtual machines are instantiated and deleted. This has important implications for which of the following data security concerns?

When implementing fire suppression controls in a datacenter it is important to:

Vendors typically ship software applications with security settings disabled by default to ensure a wide range of interoperability with other applications and devices. A security administrator should perform which of the following before deploying new software?

A technician is deploying virtual machines for multiple customers on a single physical host to reduce power consumption in a data center. Which of the following should be recommended to isolate the VMs from one another?

Mandatory vacations are a security control which can be used to uncover which of the following?

Each server on a subnet is configured to only allow SSH access from the administrator’s workstation. Which of the following BEST describes this implementation?

During a security assessment, an administrator wishes to see which services are running on a remote server. Which of the following should the administrator use?

In which of the following categories would creating a corporate privacy policy, drafting acceptable use policies, and group based access control be classified?