Chapter 7
Practice Test

  1. You are asked to separate the Sales and Marketing department’s network traffic on a layer 2 device within a LAN. This will reduce broadcast traffic and prevent the departments from seeing each other’s resources. Which of the following types of network design would be the best choice?

    1. MAC
    2. NAT
    3. VLAN
    4. DMZ

  2. You are a network administrator and your company has asked you to perform a survey of the campus for open Wi-Fi access points. You walk around with your smartphone looking for unsecured access points that you can connect to without a password. What type of penetration testing concept is this called?

    1. Escalation of privilege
    2. Active reconnaissance
    3. Passive reconnaissance
    4. Black-box

  3. Which of the following is a certificate-based authentication that allows individuals access to U.S. federal resources and facilities?

    1. Proximity card
    2. TOTP
    3. PIV card
    4. HOTP

  4. You attempt to log into your company’s network with a laptop. The laptop is quarantined to a restricted VLAN until the laptop’s virus definitions are updated. Which of the following best describes this network component?

    1. NAT
    2. HIPS
    3. DMZ
    4. NAC

  5. You have been asked to implement a security control that will limit tailgating in high-secured areas. Which of the following security control would you choose?

    1. Mantrap
    2. Faraday cage
    3. Airgap
    4. Cable locks

  6. Your company’s network administrator is placing an Internet web server in an isolated area of the company’s network for security purposes. Which of the following architecture concepts is the network administrator implementing?

    1. Honeynet
    2. DMZ
    3. Proxy
    4. Intranet

  7. Your company is offering a new product on its website. You are asked to ensure availability of the web server when it receives a large number of requests. Which of the following would be the best option to fulfill this request?

    1. VPN concentrator
    2. NIPS
    3. SIEM
    4. Load balancer

  8. You are a security administrator for a manufacturing company that produces compounded medications. To ensure individuals are not accessing sensitive areas where the medications are created, you want to implement a physical security control. Which of the following would be the best option?

    1. Security guard
    2. Signs
    3. Faraday cage
    4. Cameras

  9. An attacker exploited a bug, unknown to the developer, to gain access to a database server. Which of the following best describes this type of attack?

    1. Zero-day
    2. Cross-site scripting
    3. ARP poisoning
    4. Domain hijacking

  10. A new employee added network drops to a new section of the company’s building. The cables were placed across several fluorescent lights. When users attempted to connect to the data center on the network, they experienced intermittent connectivity. Which of the following environmental controls was the most likely cause of this issue?

    1. DMZ
    2. EMI
    3. BIOS
    4. TPM

  11. What method should you choose to authenticate a remote workstation before it gains access to a local LAN?

    1. Router
    2. Proxy server
    3. VPN concentrator
    4. Firewall

  12. Which of the following allows a company to store a cryptographic key with a trusted third party and release it only to the sender or receiver with proper authorization?

    1. CRL
    2. Key escrow
    3. Trust model
    4. Intermediate CA

  13. Your company recently upgraded the HVAC system for its server room. Which of the following security implications would the company be most concerned about?

    1. Confidentiality
    2. Availability
    3. Integrity
    4. Airgap

  14. Your company provides secure wireless Internet access to visitors and vendors working onsite. Some of the vendors are reporting they are unable to view the wireless network. Which of the following best describes the issue?

    1. MAC filtering is enabled on the WAP.
    2. The SSID broadcast is disabled.
    3. The wrong antenna type is being used.
    4. The wrong band selection is being used.

  15. Your company’s sales team is working late at the end of the month to ensure all sales are reported for the month. The sales members notice they cannot save or print reports after regular hours. Which of the following general concepts is preventing the sales members from performing their job?

    1. Job rotation
    2. Time-of-day restrictions
    3. Least privilege
    4. Location-based policy

  16. Which of the following symmetric algorithms are block ciphers? (Choose three.)

    1. 3DES
    2. ECDHE
    3. RSA
    4. RC4
    5. SHA
    6. Twofish

  17. A security officer has asked you to use a password cracking tool on the company’s computers. Which of the following best describes what the security officer is trying to accomplish?

    1. Looking for strong passwords
    2. Enforcing a minimum password length policy
    3. Enforcing a password complexity policy
    4. Looking for weak passwords

  18. Which of the following test gives testers comprehensive network design information?

    1. White box
    2. Black box
    3. Gray box
    4. Purple box

  19. You are the network administrator for your company and want to implement a wireless network and prevent unauthorized access. Which of the following would be the best option?

    1. RADIUS
    2. TACACS+
    3. Kerberos
    4. OAUTH

  20. Why is input validation important to secure coding techniques? (Choose two.)

    1. It mitigates shoulder surfing.
    2. It mitigates buffer overflow attacks.
    3. It mitigates ARP poisoning.
    4. It mitigates XSS vulnerabilities.

  21. To authenticate, a Windows 10 user draws a circle around a picture of a dog’s nose and then touches each ear starting with the right ear. Which of the following concepts is this describing?

    1. Something you do
    2. Something you know
    3. Something you have
    4. Somewhere you are

  22. Which of the following countermeasures is designed to best protect against a brute-force password attack?

    1. Password complexity
    2. Account disablement
    3. Password length
    4. Account lockout

  23. You are a security administrator reviewing the results from a network security audit. You are reviewing options to implement a solution to address the potential poisoning of name resolution server records. Which of the following would be the best choice?

    1. SSL
    2. SSH
    3. DNSSEC
    4. TLS

  24. Your manager has implemented a new policy that requires employees to shred all sensitive documents. Which of the following attacks is your manager attempting to prevent?

    1. Tailgating
    2. Dumpster diving
    3. Shoulder surfing
    4. Man-in-the-middle

  25. Which of the following cryptography algorithms support multiple bit strengths?

    1. DES
    2. HMAC
    3. MD5
    4. AES

  26. A network security auditor will perform various simulated network attacks against your company’s network. Which should the security auditor acquire first?

    1. Vulnerability testing authorization
    2. Transfer risk response
    3. Penetration testing authorization
    4. Change management

  27. A system administrator is told an application is not able to handle the large amount of traffic the server is receiving on a daily basis. The attack takes the server offline and causes it to drop packets occasionally. The system administrator needs to find another solution while keeping the application secure and available. Which of the following would be the best solution?

    1. Sandboxing
    2. DMZ
    3. Cloud computing
    4. DLP

  28. You are a security administrator and are observing unusual behavior in your network from a workstation. The workstation is communicating with a known malicious destination over an encrypted tunnel. You have updated the antivirus definition files and performed a full antivirus scan. The scan doesn’t show any clues of infection. Which of the following best describes what has happened on the workstation?

    1. Buffer overflow
    2. Session hijacking
    3. Zero-day attack
    4. DDoS

  29. You are the security engineer and have discovered that communication within your company’s encrypted wireless network is being captured with a sniffing program. The data being captured is then being decrypted to obtain the employee’s credentials to be used at a later time. Which of the following protocols is most likely being used on the wireless access point? (Choose two.)

    1. WPA2 Personal
    2. WPA2 Enterprise
    3. WPA
    4. WEP

  30. A network manager has implemented a strategy so that all workstations on the network will receive required security updates regularly. Which of the following best describes what the network manager implemented?

    1. Sandboxing
    2. Ad hoc
    3. Virtualization
    4. Patch management

  31. Your manager wants to secure the FTP server by using SSL. Which of the following should you configure?

    1. FTPS
    2. SFTP
    3. SSH
    4. LDAPS

  32. You are an IT security officer and you want to classify and assess privacy risks throughout the development life cycle of a program or system. Which of the following tools would be best to use for this purpose?

    1. BIA
    2. PIA
    3. RTO
    4. MTBF

  33. Which of the following types of risk analysis makes use of ALE?

    1. Qualitative
    2. ROI
    3. SLE
    4. Quantitative

  34. Which of the following statements best describes mandatory vacations?

    1. Companies ensure their employees can take time off to conduct activities together.
    2. Companies use them as a tool to ensure employees are taking the correct amount of days off.
    3. Companies ensure their employees are properly recharged to perform their duties.
    4. Companies use them as a tool for security protection to detect fraud.

  35. Users of your company have been visiting the website www.abccompany.com and a recent increase in virus detection has been noted. Your company has developed a relationship with another company using the web address www.abccompany.com, but not with the site that has been causing the increase of viruses. Which of the following would best describe this attack?

    1. Session hijacking
    2. Cross-site scripting
    3. Replay attack
    4. Typo squatting

  36. Which of the following would you enable in a laptop’s BIOS to provide full disk encryption?

    1. RAID
    2. USB
    3. HSM
    4. TPM

  37. Your company has hired a third-party auditing firm to conduct a penetration test against your network. The firm wasn’t given any information related to the company’s network. What type of test is the company performing?

    1. White box
    2. Red box
    3. Black box
    4. Gray box

  38. Server room access is controlled with proximity cards and records all entries and exits. These records are referred to if missing equipment is discovered, so employees can be identified. Which of the following must be prevented for this policy to become effective?

    1. Shoulder surfing
    2. Tailgating
    3. Vishing
    4. Dumpster diving

  39. Company users are stating they are unable to access the network file server. A company security administrator checks the router ACL and knows users can access the web server, email server, and printing services. Which of the following is preventing access to the network file server?

    1. Implicit deny
    2. Port security
    3. Flood guard
    4. Signal strength

  40. An employee informs you that the Internet connection is slow and they are having difficulty accessing websites to perform their job. You analyze their computer and discover the MAC address of the default gateway in the ARP cache is not correct. What type of attack have you discovered?

    1. DNS poisoning
    2. Injection
    3. Impersonation
    4. ARP poisoning

  41. Tony, a college student, downloaded a free word editor program to complete his essay. After downloading and installing the software, Tony noticed his computer was running slow and he was receiving notifications from his antivirus program. Which of the following best describes the malware that he installed?

    1. Keylogger
    2. Worm
    3. Ransomware
    4. Trojan

  42. Which of the following measures the amount of time required to return a failed device, component, or network to normal functionality?

    1. RTO
    2. MTTR
    3. MTBF
    4. RPO

  43. Natural disasters and intentional man-made attacks can cause the death of employees and customers. What type of impact is this?

    1. Safety
    2. Life
    3. Finance
    4. Reputation

  44. A user finds and downloads an exploit that will take advantage of website vulnerabilities. The user isn’t knowledgeable about the exploit and runs the exploit against multiple websites to gain access. Which of the following best describes this user?

    1. Man-in-the-middle
    2. Script kiddie
    3. White hat
    4. Hacktivist

  45. You are the IT security officer and you plan to develop a general cybersecurity awareness training program for the employees. Which of the following best describes these employees?

    1. Data owners
    2. Users
    3. System administrators
    4. System owners

  46. The system administrator needs to secure the company’s data-at-rest. Which of the following would provide the strongest protection?

    1. Implement biometrics controls on each workstation.
    2. Implement full-disk encryption.
    3. Implement a host intrusion prevention system.
    4. Implement a host intrusion detection system.

  47. Which of the following is a true statement about qualitative risk analysis?

    1. It uses numeric values to measure the impact of risk.
    2. It uses descriptions and words to measure the impact of risk.
    3. It uses industry best practices and records.
    4. It uses statistical theories, testing, and experiments.

  48. Which of the following firewalls tracks the operating state and characteristics of network connections traversing it?

    1. Stateful firewall
    2. Stateless firewall
    3. Application firewall
    4. Packet filter firewall

  49. Which of the following are examples of PII? (Choose two.)

    1. Fingerprint
    2. MAC address
    3. Home address
    4. Gender

  50. An employee informs you they have lost a corporate mobile device. What is the first action you perform?

    1. Enable push notification services.
    2. Remotely wipe the mobile device.
    3. Enable screen lock.
    4. Enable geofencing.

  51. You have created a backup routine that includes a full backup each Sunday night and a backup each night of all data that has changed since Sunday’s backup. Which of the following best describes this backup schedule?

    1. Full and incremental
    2. Full and differential
    3. Snapshots
    4. Full

  52. One of your colleagues attempted to ping a computer name and received the response of fe80::3281:80ea:b72b:0b55. What type of address did the colleague view?

    1. IPv6
    2. IPv4
    3. MAC address
    4. APIPA

  53. Which of the following defines the act of sending unsolicited messages to nearby Bluetooth devices?

    1. Jamming
    2. Bluesnarfing
    3. Brute force
    4. Bluejacking

  54. You are a system administrator and you are creating a public and private key pair. You have to specify the key strength. Which of the following would be your best choice?

    1. RSA
    2. DES
    3. MD5
    4. SHA

  55. You are the security administrator for the sales department and the department needs to email high volumes of sensitive information to clients to help close sales. All emails go through a DLP scanner. Which of the following is the best solution to help the department protect the sensitive information?

    1. Automatically encrypt outgoing emails.
    2. Monitor all outgoing emails.
    3. Automatically encrypt incoming emails.
    4. Monitor all incoming emails.

  56. You are the IT security officer of your company and have established a security policy that requires users to protect all sensitive documents to avoid their being stolen. What policy have you implemented?

    1. Separation of duties
    2. Clean desk
    3. Job rotation
    4. Privacy

  57. Which of the following options can a security administrator deploy on a mobile device that will deter undesirable people from seeing the data on the device if it is left unattended?

    1. Screen lock
    2. Push notification services
    3. Remote wipe
    4. Full device encryption

  58. You are a system administrator and are asked to prevent staff members from using each other’s credentials to access secured areas of the building. Which of the following will best address this request?

    1. Install a biometric reader at the entrance of the secure area.
    2. Install a proximity card reader at the entrance of the secure area.
    3. Implement least privilege.
    4. Implement group policy enforcement.

  59. A sales manager has asked for an option for sales reps who travel to have secure remote access to your company’s database server. Which of the following should you configure for the sales reps?

    1. VPN
    2. WLAN
    3. NAT
    4. Ad hoc

  60. An attacker tricks one of your employees into clicking on a malicious link that causes an unwanted action on the website the employee is currently authenticated to. What type of attack is this?

    1. Replay
    2. Cross-site request forgery
    3. Cross-site scripting
    4. Buffer overflow

  61. Which of the following is considered the strongest access control?

    1. RBAC
    2. DAC
    3. MAC
    4. ABAC

  62. Your company wants to expand its data center, but has limited space to store additional hardware. The IT staff needs to continue their operations while expansion is underway. Which of the following would best accomplish this expansion idea?

    1. IaaS
    2. Virtualization
    3. SaaS
    4. Public cloud

  63. Which of the following algorithms have known collisions? (Choose two.)

    1. MD5
    2. AES
    3. SHA
    4. SHA-256
    5. RSA

  64. Which of the following must a security administrator implement to allow customers, vendors, suppliers, and other businesses to obtain information while preventing access to the company’s entire network?

    1. Intranet
    2. Internet
    3. Extranet
    4. Honeynet

  65. The head of HR is conducting an exit interview with an IT network administrator named Matt. The interview questions include Matt’s view of his manager, why he is leaving his current position, and what he liked most about his job. Which of the following should also be addressed in this exit interview?

    1. Job rotation
    2. NDA
    3. Background checks
    4. Property return form

  66. Which of the following is considered the least secure authentication method?

    1. TACACS+
    2. CHAP
    3. NTLM
    4. PAP

  67. You are a security administrator for your company and have been asked to recommend a secure method for storing passwords due to recent brute-force attempts. Which of the following will provide the best protection? (Choose two.)

    1. ROT13
    2. BCRYPT
    3. RIPEMD
    4. PBKDF2

  68. You installed a WAP for a local coffee shop and have discovered the signal is extending into the parking lot. Which of the following configurations will best correct this issue?

    1. Change the antenna type.
    2. Disable the SSID broadcast.
    3. Reduce the signal strength for indoor coverage only.
    4. Enable MAC filtering to prevent devices from accessing the wireless network.

  69. You are a network administrator for a bank. A branch manager discovers that the deskside employees have the ability to delete lending policies found in a folder within the file server. You review the permissions and notice the deskside employees have “modify” permissions to the folder. The employees should have read permissions only. Which of the following security principles has been violated?

    1. Job rotation
    2. Time-of-day restrictions
    3. Separation of duties
    4. Least privilege

  70. Which of the following concepts of cryptography ensures integrity of data by the use of digital signatures?

    1. Key stretching
    2. Steganography
    3. Key exchange
    4. Hashing

  71. Your manager has asked you to recommend a public key infrastructure component to store certificates that are no longer valid. Which of the following is the best choice?

    1. Intermediate CA
    2. CSR
    3. CRL
    4. Key escrow

  72. You are a backup operator and receive a call from a user asking you to send sensitive documents immediately because their manager is going to a meeting with the company’s executives. The user states the manager’s files are corrupted and he is attending the meeting in the next 5 minutes. Which of the following forms of social engineering best describes this situation?

    1. Scarcity
    2. Consensus
    3. Intimidation
    4. Authority

  73. Which of the following controls can you implement together to prevent data loss if a mobile device is lost or stolen? (Choose two.)

    1. Geofencing
    2. Full-device encryption
    3. Screen locks
    4. Push notification services

  74. You are asked to find the MAC address on a Linux machine. Which of the following commands can you use to discover it?

    1. ipconfig
    2. ifconfig
    3. tracert
    4. ping

  75. A chief security officer (CSO) notices that a large number of contractors work for the company. When a contractor leaves the company, the provisioning team is not notified. The CSO wants to ensure the contractors cannot access the network when they leave. Which of the following polices best supports the CSO’s plan?

    1. Account disablement
    2. Account lockout policy
    3. Enforce password history
    4. Account expiration policy

  76. The CISO wants to strengthen the password policy by adding special characters to users’ passwords. Which of the following control best achieves this goal?

    1. Password complexity
    2. Password length
    3. Password history
    4. Group policy

  77. Which of the following deployment models allows a business to have more control of the devices given to employees that handle company information?

    1. DLP
    2. COPE
    3. BYOD
    4. CYOD

  78. A network administrator uses their fingerprint and enters a PIN to log onto a server. Which of the following best describes this example?

    1. Identification
    2. Single authentication
    3. Multifactor authentication
    4. Transitive trust

  79. Your company wants to perform a privacy threshold assessment (PTA) to identify all PII residing in its systems before retiring hardware. Which of the following would be examples of PII? (Choose two.)

    1. Date of birth
    2. Email address
    3. Race
    4. Fingerprint

  80. Your HIPS is incorrectly reporting legitimate network traffic as suspicious activity. What is this best known as?

    1. False positive
    2. False negative
    3. Credentialed
    4. Noncredentialed

  81. Matt, a network administrator, is asking how to configure the switches and routers to securely monitor their status. Which of the following protocols would he need to implement on the devices?

    1. SSH
    2. SNMP
    3. SMTP
    4. SNMPv3

  82. Your company has issued a hardware token-based authentication to administrators to reduce the risk of password compromise. The tokens display a code that automatically changes every 30 seconds. Which of the following best describes this authentication mechanism?

    1. TOTP
    2. HOTP
    3. Smartcard
    4. Proximity card

  83. You are the network administrator for your company’s Microsoft network. Your CISO is planning the network security and wants a secure protocol that will authenticate all users logging into the network. Which of the following authentication protocols would be the best choice?

    1. RADIUS
    2. TACACS+
    3. Kerberos
    4. SAML

  84. Which of the following is not a vulnerability of end-of-life systems?

    1. When systems can’t be updated, firewalls and antiviruses are not sufficient protection.
    2. Out-of-date systems can result in fines in regulated industries.
    3. When an out-of-date system reaches the end-of-life, it will automatically shut down.
    4. Operating out-of-date systems can result in poor performance and reliability and can lead to denial of services.

  85. Which of the following statements are true regarding viruses and worms? (Choose two.)

    1. A virus is a malware that self-replicates over the network.
    2. A worm is a malware that self-replicates over the network.
    3. A virus is a malware that replicates by attaching itself to a file.
    4. A worm is a malware that replicates by attaching itself to a file.

  86. Which of the following wireless attacks would be used to impersonate another WAP to obtain unauthorized information from nearby mobile users?

    1. Rogue access point
    2. Evil twin
    3. Bluejacking
    4. Bluesnarfing

  87. Tony, a security administrator, discovered through an audit that all the company’s access points are currently configured to use WPA with TKIP for encryption. Tony needs to improve the encryption on the access points. Which of the following would be the best option for Tony?

    1. WPA2 with CCMP
    2. WEP
    3. WPA with CCMP
    4. WPS

  88. Your department manager assigns Tony, a network administrator, the job of expressing the business and financial effects that a failed SQL server would cause if it was down for 4 hours. What type of analysis must Tony perform?

    1. Security audit
    2. Asset identification
    3. Business impact analysis
    4. Disaster recovery plan

  89. You are the security administrator for a local hospital. The doctors want to prevent the data from being altered while working on their mobile devices. Which of the following would most likely accomplish the request?

    1. Cloud storage
    2. Wiping
    3. SIEM
    4. SCADA

  90. You are a Unix engineer, and on October 29 you discovered that a former employee had planted malicious code that would destroy 4,000 servers at your company. This malicious code would have caused millions of dollars worth of damage and shut down your company for at least a week. The malware was set to detonate at 9:00 a.m. on January 31. What type of malware did you discover?

    1. Logic bomb
    2. RAT
    3. Spyware
    4. Ransomware

  91. Which of the following is defined as hacking into a computer system for a politically or socially motivated purpose?

    1. Hacktivist
    2. Insider
    3. Script kiddie
    4. Evil twin

  92. A network administrator with your company has received phone calls from an individual who is requesting information about their personal finances. Which of the following type of attack is occurring?

    1. Whaling
    2. Phishing
    3. Vishing
    4. Spear phishing

  93. Which of the following can be restricted on a mobile device to prevent security violations? (Choose three.)

    1. Third-party app stores
    2. Biometrics
    3. Content management
    4. Rooting
    5. Sideloading

  94. Which of the following does a remote access VPN usually rely on? (Choose two.)

    1. IPSec
    2. DES
    3. SSL
    4. SFTP

  95. Matt, a security administrator, wants to use a two-way trust model for the owner of a certificate and the entity relying on the certificate. Which of the following is the best option to use?

    1. WPA
    2. Object identifiers
    3. PFX
    4. PKI

  96. If domain A trusts domain B, and domain B trusts domain C, then domain A trusts domain C. Which concept does this describe?

    1. Multifactor authentication
    2. Federation
    3. Single sign-on
    4. Transitive trust

  97. A user entered a username and password to log into the company’s network. Which of the following best describes the username?

    1. Authorization
    2. Authentication
    3. Identification
    4. Accounting

  98. Which of the following tools can be used to hide messages within a file?

    1. Data sanitization
    2. Steganography
    3. Tracert
    4. Network mapping

  99. Which of the following is best used to prevent ARP poisoning on a local network? (Choose two.)

    1. Antivirus
    2. Static ARP entries
    3. Patching management
    4. Port security

  100. Which of the following is the best practice to place at the end of an ACL?

    1. USB blocking
    2. Time synchronization
    3. MAC filtering
    4. Implicit deny
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.135.200.211