| Question 1 | Which of the following security policies would identify that a user may be fined for using email to run a personal business? -
A. Acceptable use -
B. Privacy -
C. Due care -
D. Compliance -
E. Separation of duties -
F. Need to know |
| A1: | Answer D is correct. Security policy compliance statements detail the sanctions that may result from violations of acceptable use policies. Answer A is incorrect because although this appears to be a violation of acceptable use, details of the sanctions resulting from the violation are detailed within the compliance policy. Answers B, C, E, and F are also incorrect because they detail individual policies for which the compliance policy may detail sanctions if violated, but they would not be used to detail these sanctions individually. |
| Question 2 | Which of the following environmental considerations would be of the greatest concern when planning to perform in-place hardware upgrades? -
A. Temperature control -
B. Humidity control -
C. Static dissipation -
D. Vibration isolation |
| A2: | Answer C is correct. When planning to perform hardware maintenance, it is important to remember to plan for dissipation of static through the use of grounding wrist straps and antistatic pads. Answers A and B are incorrect because, although both temperature and humidity may play a role in antistatic planning, they are not directly applicable here because an in-place upgrade does not involve a significant change from the normal operating environment of the system. Answer D is incorrect because vibration is not directly of concern during a normal upgrade scenario, although care to avoid breakage is important. |
| Question 3 | An attacker offers her business card as an IT solution provider and then later causes a user's computer to appear to fail. What is this an example of? |
| A3: | Answer A is correct. Reverse social engineering involves an attacker convincing the user that she is a legitimate IT authority, causing the user to solicit her assistance. Answer B is incorrect because social engineering is when an intruder tricks a user into giving him private information. Answer C is incorrect because separation of duties is when two users are assigned a part of a task that both of them need to complete. Answer D is incorrect because it is a bogus answer. |
| Question 4 | Why is it important to protect systems from line-of-sight monitoring? [Choose the three best answers.] -
A. Remote monitoring may allow an attacker to observe standard operational routines. -
B. An attacker may learn a user's logon credentials. -
C. Data may be directly observed through a telescope . -
D. Electromagnetic detection of wireless signals could compromise sensitive data. |
| A4: | Answers A, B, and C are correct. Attackers with direct line-of-sight access may observe operational routines, user logon and password keystrokes, or raw data used to illuminate data transmission status readouts. Answer D is incorrect because electromagnetic remote monitoring of wireless signals is not limited to the line of sight. |
| Question 5 | What is the difference between a wet-pipe and a dry-pipe fire-suppression system? -
A. A dry-pipe system uses air to suppress fire, whereas a wet-pipe system uses water. -
B. A dry-pipe system uses dry chemicals, whereas a wet-pipe system uses wet chemicals. -
C. A wet-pipe system has water in the pipe at all times, whereas in a dry-pipe system water is used but is held back by a valve until a certain temperature is reached. -
D. A wet-pipe system uses wet chemicals that deploy after the pipe loses air pressure, whereas a dry-pipe system uses dry chemicals that deploy before the pipe loses air pressure. |
| A5: | Answer C is correct. A wet-pipe system constantly has water in it. In dry pipe systems, water is used but is held back by a valve until a certain temperature is reached. Therefore, answers A, B, and D are incorrect. |
| Question 6 | Which of the following aspects of disaster recovery planning details how fast an ISP must have a new Frame Relay connection configured to an alternate site? -
A. Impact and risk assessment -
B. Disaster recovery plan -
C. Disaster recovery policies -
D. Service-level agreement |
| A6: | Answer D is correct. Service-level agreements establish the contracted requirements for service through utilities, facility management, and ISPs. Answer A is incorrect because risk assessment is used to identify areas that must be addressed in disaster recovery provisions. Answers B and C are incorrect because, although the disaster recovery plan and its policies may include details of the service-level agreement's implementation, neither is the best answer in this case. |
| Question 7 | Which type of backup requires the least amount of time to restore in the event of a total loss? -
A. Full -
B. Daily -
C. Differential -
D. Incremental |
| A7: | Answer A is correct. A full backup includes a copy of all data, so it may be used to directly restore all data and settings as of the time of the last backup. Answers B, C, and D are incorrect because daily, differential, and incremental backups all require a full backup as well as additional backup files to restore from a total loss of data. |
| Question 8 | Which of the following statements best describes a disaster recovery plan (DRP)? -
A. A DRP reduces the impact of a hurricane on a facility. -
B. A DRP is an immediate action plan used to bring a business back online immediately after a disaster has struck. -
C. A DRP attempts to manage risks associated with theft of equipment. -
D. A DRP plans for automatic failover of critical services to redundant offsite systems. |
| A8: | Answer B is correct. A DRP is an immediate action plan to be implemented after a disaster. Answer A is incorrect because it describes physical disasters. Answer C is incorrect because it describes loss prevention. Answer D is incorrect because it describes a business continuity plan. |
| Question 9 | Which of the following are examples of social engineering? [Choose the two best answers.] -
A. An attacker configures a packet sniffer to monitor user logon credentials. -
B. An attacker sets off a fire alarm so that he can access a secured area when the legitimate employees are evacuated. -
C. An attacker waits until legitimate users have left and sneaks into the server room through the raised floor. -
D. An attacker unplugs a user's network connection and then offers to help try to correct the problem. -
E. An attacker obtains an IT office T-shirt from a local thrift store and takes a user's computer for service. |
| A9: | Answers D and E are correct. Social engineering attacks involve tricking a user into providing the attacker with access rights or operational details. Answer A is incorrect because packet sniffing is a form of a network security threat. Answers B and C are incorrect because they involve physical access control risks rather than social engineering. |
| Question 10 | Full backups are made weekly on Sunday at 1:00 a.m., and incremental backups are made on weekdays at 1:00 a.m. If a drive failure causes a total loss of data at 8:00 a.m. on Tuesday morning, what is the minimum number of backup files that must be used to restore the lost data? -
A. One -
B. Two -
C. Three -
D. Four -
E. Five |
| A10: | Answer C is correct. Sunday's full backup must be installed, followed by Monday's incremental backup and finally Tuesday morning's incremental backup. This will recover all data as of 1:00 a.m. Tuesday morning. Answers A and B are incorrect because a full backup Tuesday morning would be required to allow a single-file recovery of all data, whereas a differential backup on Tuesday morning would be required so that only two backup files would be needed. Answers D and E are incorrect because no files from before the last full backup would be required. |
