Question 1 | Which of the following are architectural models for the arranging of Certificate Authorities? [Check all correct answers.] -
A. Bridge CA architecture -
B. Sub CA architecture -
C. Single CA architecture -
D. Hierarchical CA architecture |
Question 2 | Sub7 is considered a(n) ________________. -
A. virus -
B. illicit server -
C. worm -
D. Trojan horse |
Question 3 | You are in sales and you receive an email telling you about an easy way to make money. The email instructs you to open the attached letter of intent, read it carefully , and then reply to the email. Which of the following should you do? -
A. Open the letter of intent, read it, and reply to the email. -
B. Forward this great offer to your friends and coworkers. -
C. Notify your system administrator of the email. -
D. Delete the email and reboot your computer. |
Question 4 | You have an FTP server that needs to be accessed by both employees and external customers. What type of architecture should be implemented? -
A. Bastion host -
B. Screened subnet -
C. Screened host -
D. Bastion subnet |
Question 5 | The main fan in your server died on Wednesday morning. It will be at least two days before it can be replaced . You decide to use another server instead but need to restore the data from the dead one. You have been doing differential backups and the last full backup was performed on Friday evening. The backup doesn't run on weekends. How many backup tapes will you need to restore the data? -
A. Two -
B. Four -
C. One -
D. Three |
Question 6 | You are planning to set up a network for remote users to use their own Internet connections to connect to shared folders on the network. Which technology would you implement? -
A. DMZ -
B. VPN -
C. VLAN -
D. NAT |
Question 7 | What type of algorithm is SHA-1? |
Question 8 | A fire involving paper and wood products is likely to be considered what class of fire? -
A. Class A -
B. Class B -
C. Class C -
D. Class D |
Question 9 | Which of the following are not methods for minimizing a threat to a Web server? [Choose the two best answers.] -
A. Disable all non-Web services. -
B. Ensure telnet is running. -
C. Disable nonessential services. -
D. Enable logging. |
Question 10 | Which of the following are major security evaluation criteria efforts? [Choose the two best answers.] -
A. TCSEC -
B. CCSEC -
C. IPSec -
D. ITSEC |
Question 11 | Separation of duties is designed to guard against which of the following? -
A. Social engineering -
B. Viruses -
C. Fraud -
D. Nonrepudiation |
Question 12 | A system designed to lure an attacker away from a critical system is called a ______________. |
Question 13 | Your company is in the process of setting up a DMZ segment. You have to allow Web traffic in the DMZ segment. Which TCP port do you have to open? -
A. 80 -
B. 139 -
C. 25 -
D. 443 |
Question 14 | Which of the following attacks is most likely to be successful, even if all devices are properly secured and configured? -
A. Trojan horse -
B. Mantrap -
C. Social engineering -
D. All of the above |
Question 15 | When using CHAP, the challenge/response mechanism can happen when? -
A. Only at the beginning of the connection -
B. At the beginning and the end of the connection -
C. Only at the end of the connection -
D. At any time during the connection |
Question 16 | With Discretionary Access Control (DAC), how are access rights to resources determined? -
A. Roles -
B. Rules -
C. Owner discretion -
D. Security label |
Question 17 | Which of the following is a common name for an opening in a program that allows for additional, undocumented access to data? -
A. Virus -
B. Algorithm -
C. Back door -
D. Demilitarized zone |
Question 18 | Which is not a good choice for achieving security awareness among your users in your organization? |
Question 19 | Which of the following types of programs can be used to determine whether network resources are locked down correctly? -
A. Password sniffers -
B. Port scanners -
C. Keystroke loggers -
D. Cookies |
Question 20 | The enforcement of access control via tasks or groups for system users is achieved in which of the following? -
A. IPSec -
B. RBAC -
C. IDS -
D. DRP |
Question 21 | Which one of the following types of servers would be the target for an attack where a malicious individual attempts to change information by connecting to port 53? -
A. FTP server -
B. File server -
C. Web server -
D. DNS server |
Question 22 | What type of activity is not associated with computer forensics? -
A. Collecting and analyzing data from disk drives -
B. Collecting and analyzing data from memory -
C. Collecting fingerprints from the computer case and input devices -
D. Labeling and photographing the evidence |
Question 23 | You are checking your network to ensure that the servers have been hardened correctly. You plan on using a vulnerability-scanning program. Which of the following programs can you use? [Choose the two best answers.] -
A. John the Ripper -
B. SATAN -
C. L0phtCrack -
D. SAINT |
Question 24 | In encryption, when data is broken into several units of varying sizes (dependent on algorithm) and the encryption is applied to those chunks of data, what type of algorithm is that called? |
Question 25 | Your company decides it wants to implement a Virtual Private Network (VPN). Which of the following would you consider using because they are tunneling protocols? [Choose the two best answers.] -
A. MD5 -
B. L2TP -
C. 3DES -
D. PPTP |
Question 26 | As the network administrator, you are implementing a policy for passwords. What is the best option for creating user passwords? -
A. Uppercase and lowercase letters combined with numbers and symbols -
B. A randomly generated password -
C. A word that is familiar to the user with a number attached to the end -
D. The user's last name spelled backwards |
Question 27 | Digital signatures are used to authenticate the sender. Which of the following is true of digital signatures? [Choose the two best answers.] -
A. They use the skipjack algorithm. -
B. They can be automatically timestamped. -
C. They allow the sender to repudiate that the message was sent. -
D. They cannot be imitated by someone else. |
Question 28 | Which of the following are parts of Kerberos authentication? [Choose the two best answers.] |
Question 29 | A smartcard provides two-factor authentication. Which two of the following must be provided for proper authentication? [Choose the two best answers.] -
A. Something you have -
B. Something you know -
C. Something you are -
D. Something you do |
Question 30 | Which of the following describes an active attack? -
A. Does not insert data into the stream but instead monitors information being sent -
B. Records and replays previously sent valid messages -
C. Inserts false packets into the data stream -
D. Makes attempts to verify the identify of the source of information |
Question 31 | Which one of the following is considered a physical security component? -
A. VPN tunnel -
B. Mantrap -
C. Bastion host -
D. IPSec |
Question 32 | Which of the following statements about entrapment and enticement is true? -
A. Enticement is ethical and legal. Entrapment is unethical and illegal. -
B. Entrapment is ethical and legal. Enticement is unethical and illegal. -
C. Neither enticement nor entrapment is ethical or legal. Companies can be prosecuted for using either one. -
D. Both enticement and entrapment are ethical and legal. Companies cannot be prosecuted for using either one. |
Question 33 | Which of the following are methods of sending secure email messages? [Choose the two best answers.] -
A. POP3 -
B. S/MIME -
C. PGP -
D. SMTP |
Question 34 | Which one of the following is a private IP address? -
A. 11.1.2.1 -
B. 165.193.123.44 -
C. 176.18.36.4 -
D. 192.168.0.234 |
Question 35 | Which of the following statements is true about SSL? -
A. SSL provides security for both the connection and the data once it is received. -
B. SSL only provides security for the connection, not the data once it is received. -
C. SSL only provides security for the data once it is received, not the connection. -
D. SSL does not provide security for either the connection or the data once it is received. |
Question 36 | Of the following, which is a characteristic of a hot site? -
A. The facility is equipped with plumbing, flooring, and electricity only. -
B. The facility resources are shared by mutual agreement. -
C. The facility and equipment are already set up and ready to occupy. -
D. The facility is equipped with some resources, but not computers. |
Question 37 | Which of the following algorithms in not an example of a symmetric encryption algorithm? -
A. Rijndael -
B. Diffie-Hellman -
C. RC6 -
D. AES |
Question 38 | The RBAC model can use which of the following types of access? [Choose the three best answers.] -
A. Role based -
B. Task based -
C. Lattice based -
D. Discretionary based |
Question 39 | You are having problems with your DNS server. When the users try to open various Web sites, they receive an error saying that the site is not found. You go to one of the machines, open a DOS prompt, and type which command to find out what the problem is? -
A. netstat -
B. tracert -
C. ipconfig -
D. nslookup |
Question 40 | What is the security protocol that has been developed for 802.11? -
A. Wired Equivalent Protocol -
B. Wireless Encryption Protocol -
C. Wired Equivalent Privacy -
D. Wireless Protocol Encryption |
Question 41 | Which of the following is true about fiber- optic cable? [Choose the two best answers.] -
A. It is highly sensitive to electric and magnetic interference. -
B. It is insensitive to electric and magnetic interference. -
C. It is relatively inexpensive. -
D. It is expensive. |
Question 42 | CHAP uses a challenge/response mechanism. How many steps is this process? -
A. Seven -
B. Three -
C. Four -
D. Two |
Question 43 | What is the difference between HTTPS and S-HTTP? -
A. S-HTTP protects each message sent, whereas HTTPS protects the communication channel. -
B. S-HTTP does not support multiple encryption types, whereas HTTPS does. -
C. HTTPS protects each message sent, whereas S-HTTP protects the communication channel. -
D. There is no difference. |
Question 44 | What is the process of systematically dialing a range of phone numbers looking for unprotected dial-in modems? -
A. Sniffing -
B. War-driving -
C. War-dialing -
D. Social engineering |
Question 45 | Under MAC, the category of a resource can be changed by whom? -
A. All managers -
B. Administrators only -
C. The owner/creator -
D. All users |
Question 46 | You want to evaluate a user's ability to connect to a RAS server via telephony. Which of the following vulnerability assessment tests would you use? -
A. Blind testing -
B. Knowledgeable testing -
C. Internet service testing -
D. Dial-up service testing -
E. Infrastructure testing |
Question 47 | Which protocol is used to enable remote access servers to communicate with a central server in order to authenticate and authorize access to resources? -
A. Kerberos -
B. IPSec -
C. RADIUS -
D. PPTP |
Question 48 | Which of the following statements are incorrect about Encapsulated Secure Payload (ESP) and Authentication Header (AH)? [Choose the two best answers.] -
A. AH can only verify data integrity. -
B. ESP can encrypt data and verify data integrity. -
C. AH can encrypt data and verify data integrity. -
D. ESP can only verify data integrity. |
Question 49 | Which of the following is a hardware or software solution used to protect a network from unauthorized access? |
Question 50 | Unauthorized access has been detected on the network. Someone had been logging in as one of the administrative assistants during off hours. Later, you find out she received an email from the network administrator asking her to supply her password so that he could make changes to her profile. What types of attacks have been executed? [Choose two correct answers.] -
A. Spoofing -
B. Man in the middle -
C. Replay -
D. Social engineering |
Question 51 | Which of the following is not true regarding log files? -
A. They should be stored and protected on a machine that has been hardened. -
B. Log information traveling on the network must be encrypted, if possible. -
C. They should be stored in one location. -
D. They must be modifiable, and there should be no record of the modification. |
Question 52 | Which PKI Trust model would be used by a CA with multiple subordinate CAs? -
A. Cross-certified -
B. Hierarchical -
C. Bridge -
D. Linked |
Question 53 | Which of the following are reasons why it is unsafe to allow signed code to run on your systems? -
A. The fact that the code is signed only guarantees that the code belongs to a certain entity, not that it is absolutely harmless. -
B. Malicious users are known to have attempted obtaining legitimate certificates to sign harmful code, with some succeeding. -
C. Scripts may be used to employ signed code that comes preinstalled and signed with the operating system. -
D. All of the above. |
Question 54 | What is the difference between a wet-pipe and a dry-pipe fire-suppression system? -
A. A dry-pipe system uses air to suppress fire, whereas a wet-pipe system uses water. -
B. A dry-pipe system uses dry chemicals, whereas a wet-pipe system uses wet chemicals. -
C. A wet-pipe system has water in the pipe at all times, whereas in a dry-pipe system, water is used but is held back by a valve until a certain temperature is reached. -
D. A wet-pipe system uses wet chemicals that deploy after the pipe loses air pressure, whereas a dry-pipe system uses dry chemicals that deploy before the pipe loses air pressure. |
Question 55 | Which of the following statements best describes a disaster recovery plan (DRP)? -
A. A DRP reduces the impact of a hurricane on a facility. -
B. A DRP is an immediate action plan used to bring a business back online immediately after a disaster has struck. -
C. A DRP attempts to manage risks associated with theft of equipment. -
D. A DRP is a plan that sets up actions for long- term recovery after a disaster has hit. |
Question 56 | You're the security administrator for a credit union. The users are complaining about the network being slow. It is not a particularly busy time of the day. You capture network packets and discover that there have been hundreds of ICMP packets being sent to the host. What type of attack is likely being executed against your network? -
A. Spoofing -
B. Man in the middle -
C. Denial of service -
D. Worm |
Question 57 | Which of the following PKI functions do SSL/TLS protocols currently support? [Choose the two best answers.] |
Question 58 | How many layers are there in the OSI model? -
A. Four -
B. Six -
C. Nine -
D. Seven |
Question 59 | Which of the following is true in regard to the principle of least privilege? -
A. It ensures that all members of the user community are given the same privileges as long as they do not have administrator or root access to systems. -
B. It requires that a user be given no more privilege than necessary to perform a job. -
C. It is a control enforced through written security policies. -
D. It assumes that job functions will be rotated frequently. |
Question 60 | You have found that someone has been running a program to crack passwords. This has been successful enough that files have been altered and you suspect that many of the users' passwords have been compromised. Which of the following techniques can be implemented to help protect against another brute-force password attack? -
A. Increase the value of the password history to 8. -
B. Have users present proper identification before being granted a password. -
C. Lock the account after three unsuccessful password entry attempts. -
D. Require password resets every 60 days. |
Question 61 | Which of the following best describes a service-level agreement? -
A. A method by which a company can guarantee a level of service from another company. -
B. A method of procuring services after a disaster has struck. -
C. A method of protecting servers and computers from disasters. -
D. A method of protecting a facility from disasters. |
Question 62 | You need to provide your users with the capability to log on once and retrieve any resource to which they have been granted access, regardless of where the resource is stored. Which configuration will you deploy? |
Question 63 | You are a consultant for a company that wants to secure its Web services and provide a guarantee to its online customers that all credit card information is securely transferred. Which technology would you recommend? -
A. S/MIME -
B. VPN -
C. SSL/TLS -
D. SSH |
Question 64 | You are the primary investigator on a team that is investigating the theft of some important information from your network. You have collected and analyzed data and are preparing to present your information in court . What is the process called when presenting the path that the evidence took to the courtroom? -
A. Evidenced path -
B. Chain of custody -
C. Forensics -
D. Chain of evidence |
Question 65 | You are configuring a security policy for your company. Which of the following three components make up the security triad ? [Choose the three best answers.] -
A. Encryption -
B. Confidentiality -
C. Integrity -
D. Authorization -
E. Availability |
Question 66 | Which of the following would you use if you wanted to check the validity of a digital certificate? |
Question 67 | Which of the following statements are true when discussing physical security? [Choose the three best answers.] -
A. Physical security attempts to control access to data from Internet users. -
B. Physical security attempts to control unwanted access to specified areas of a building. -
C. Physical security attempts to control the impact of natural disasters on facilities and equipment. -
D. Physical security attempts to control internal employee access into secure areas. |
Question 68 | SMTP relay is a common exploit used among hackers for what purpose? |
Question 69 | CGI scripts can present vulnerabilities in which of the following ways? [Choose the two best answers.] -
A. They can be used to relay email. -
B. They can be tricked into executing commands. -
C. They may expose system information. -
D. They store the IP address of your computer. |
Question 70 | Your company has decided to deploy a hardware token system along with usernames and passwords. This technique of using more than one type of authentication is known as which of the following? -
A. Parallel authentication -
B. Factored authentication -
C. Mutual authentication -
D. Multifactor authentication |
Question 71 | Which of the following are included within a digital certificate? [Choose the three best answers.] |
Question 72 | Which of the following is a correct definition of a Trojan horse? -
A. It needs no user intervention to replicate. -
B. It makes data appear to come from somewhere other than where it really originated. -
C. It is open-source code and attacks only open source software. -
D. It buries itself in the operating system software and infects other systems only after a user executes the application that it is buried in. |
Question 73 | You have implemented a proxy firewall technology that can distinguish between an FTP get command and an FTP put command. What type of firewall are you using? |
Question 74 | When encrypting and decrypting data using an asymmetric encryption algorithm, you do which of the following? -
A. Use only the public key to encrypt and only the private key to decrypt. -
B. Use the public key to either encrypt or decrypt. -
C. Use only the private key to encrypt and only the public key to decrypt. -
D. Use only the private key to decrypt data encrypted with the public key. |
Question 75 | Which of the following is not a piece of information used by a cookie? -
A. The operating system you are running -
B. The type of browser you are using -
C. Your network login and password -
D. The name and IP address of your computer |
Question 76 | You are setting up a switched network and want to group users by department, which technology would you implement? -
A. DMZ -
B. VPN -
C. VLAN -
D. NAT |
Question 77 | What is the leading reason many incidents are never reported ? [Choose the best answer.] -
A. They do not break laws. -
B. The reporting process is too time consuming. -
C. The fear of losing business or shareholders. -
D. They result in less than $1,000 in damage. |
Question 78 | Which of the following is true in regard to FTP? [Choose the two best answers.] -
A. Authentication credentials are sent in cleartext. -
B. Authentication credentials are encrypted. -
C. It is vulnerable to sniffing and eavesdropping. -
D. It is very secure and not vulnerable to either sniffing or eavesdropping. |
Question 79 | Which of the following best describes the relationship between centralized and decentralized security? -
A. Centralized is more secure but less scalable, whereas decentralized security is less secure but more scalable. -
B. Decentralized security is more scalable and more secure than centralized. -
C. Centralized security is more scalable and less secure than decentralized. -
D. Centralized and decentralized have about the same security, but centralized is more scalable. |
Question 80 | You have created a utility for purging old files. You have hidden code inside the utility that will install itself and cause the infected system to erase the hard drive's contents on April 1, 2004. Which of the following attacks has been used in your code? -
A. Virus -
B. Spoofing -
C. Logic bomb -
D. Trojan horse |
Question 81 | Which of the following components are not associated with risk? [Choose the two best answers.] -
A. Vulnerability -
B. Threat -
C. Value -
D. Probability -
E. Analysis |
Question 82 | What is an exposed device that is the foundation for firewall software to operate on called? -
A. Bastion host -
B. Screened subnet -
C. Screened host -
D. Bastion subnet |
Question 83 | A user using a known weakness in operating system code has made himself an administrator. This is an example of which of the following? -
A. Privilege management -
B. Trojan horse -
C. Privilege escalation -
D. Single sign-on |
Question 84 | Which of the following best describes a vulnerability? -
A. A vulnerability is a weakness in the configuration of software or hardware that could allow a threat to damage the network. -
B. A vulnerability is any agent that could do harm to your network or its components. -
C. A vulnerability is the likelihood of a particular event happening given an asset and a threat. -
D. A vulnerability measures the cost of a threat attacking your network. |
Question 85 | Your network is under attack. Traffic patterns indicate that an unauthorized service is relaying information to a source outside the network. What type of attack is being executed against you? -
A. Spoofing -
B. Man in the middle -
C. Replay -
D. Denial of service |
Question 86 | Which of the following best describes Secure FTP? -
A. It allows for a secure connection via IPSec. -
B. It allows for a secure connection via SSL. -
C. It allows for a secure connection via HTTPS. -
D. None of the above is true. |
Question 87 | Who is ultimately responsible for setting the tone of the role of security in an organization? -
A. Staff -
B. Management -
C. Consultants -
D. Everyone |
Question 88 | You are a consultant for a small company. You have just learned about a patch that is available for Windows servers. You download and install the patch and several of the servers stop functioning properly. What should your next step be to return the servers to a functional state? [Choose the best answer.] -
A. Reload the patch and see if the problems stop. -
B. Roll back the changes. -
C. Call the manufacturer and see if there is a fix. -
D. Document the changes and troubleshoot. |
Question 89 | Your company is in the process of setting up an IDS system. You want to scan for irregular header lengths and information in the TCP/IP packet. Which IDS methodology is suitable for this purpose? -
A. Heuristic analysis -
B. Anomaly analysis -
C. Stateful inspection -
D. Pattern matching |
Question 90 | Which protocol is installed to provide centralized management of computers through a remotely installed agent? -
A. SMTP -
B. SNMP -
C. LDAP -
D. L2TP |
Question 91 | What is a network device that works at the third layer of the OSI model and is responsible for forwarding packets between networks called? -
A. Router -
B. Hub -
C. Switch -
D. Modem |
Question 92 | When an attacker compromises systems with installed zombie software and initiates an attack against a victim from a widely distributed number of hosts , this is called what? -
A. DoS -
B. DDoS -
C. Trojan horse -
D. Masquerading |
Question 93 | Which of the following is not a tunneling protocol used in VPN connections? -
A. PPTP -
B. L2TP -
C. CHAP -
D. IPSec |
Question 94 | Which of the following statements best describes the behavior of a worm? -
A. A worm is self-replicating and needs no user interaction. -
B. A worm attacks only after triggered. -
C. A worm only attacks system files. -
D. A worm attempts to hide from antivirus software by garbling its code. |
Question 95 | What is the difference between TACACS and RADIUS? -
A. There is no difference. -
B. RADIUS is an actual Internet standard; TACACS is not. -
C. TACACS is an actual Internet standard; RADIUS is not. -
D. RADIUS is an encryption protocol; TACACS is an authentication protocol. |
Question 96 | What is Secure Electronic Transaction (SET)? -
A. A system for ensuring the security of historical electronic transactions across the Internet. -
B. An e-commerce technology that provides a safe way to do financial transactions over the Internet. -
C. A system developed by Microsoft for ensuring the security of electronic messages across the Internet. -
D. A program that combines the resources of multiple computers to secure the exchange of email. |
Question 97 | What Web-based protocol was developed to standardize the way wireless devices communicate? -
A. Wireless Encryption Protocol (WEP) -
B. Wireless Application Protocol (WAP) -
C. Wired Equivalent Privacy (WEP) -
D. Wireless Session Protocol (WSP) |
Question 98 | Which of the following is true of Pretty Good Privacy (PGP)? [Choose the two best answers.] -
A. It uses a web of trust. -
B. It uses a hierarchical structure. -
C. It uses public key encryption. -
D. It uses private key encryption. |
Question 99 | What type of algorithm does MD5 use? -
A. Block cipher algorithm -
B. Hashing algorithm -
C. Asymmetric encryption algorithm -
D. Cryptographic algorithm |
Question 100 | You are the consultant for a small manufacturing company that wants to implement a backup solution. Which method is most commonly used to protect data? [Choose the best answer.] |
Question 101 | You are the network administrator for a small company that has recently been the victim of several attacks. Upon rebuild of the server, you want to uninstall all unnecessary services and protocols. This process is known as system ________________. -
A. Nonrepudiation -
B. Hardening -
C. Auditing -
D. Hashing |
Question 102 | Which of the following looks at the long-term actions taken by a company after a disaster has taken place? -
A. Emergency response plan -
B. Security plan -
C. Disaster recovery plan -
D. Business continuity plan |
Question 103 | User groups that are built around business units and then have privileges assigned to these groups instead of individual users is an example of which type of management? -
A. Role-based privilege management -
B. User-based privilege management -
C. Group-based privilege management -
D. Individual-based privilege management |
Question 104 | In which type of architecture is the user responsible for the creation of the private and public key? -
A. Decentralized key management -
B. Centralized key management -
C. Revocation key management -
D. Multilevel key management |
Question 105 | Which of the following statements best describes nonrepudiation? -
A. A set of mathematical rules used in encryption -
B. A means of proving that a transaction occurred -
C. A method of hiding data in another message -
D. A technology used for redundancy and performance improvement |
Question 106 | You are checking your network to ensure users are conforming to a new password security policy that requires them to use complex passwords. You plan on using a password-cracking program. Which of the following programs can you use? -
A. John the Ripper -
B. SATAN -
C. L0phtCrack -
D. SAINT |
Question 107 | Your company is in the process of setting up a management system on your network and you want to use SNMP. You have to allow this traffic through the router. Which UDP ports do you have to open? -
A. 161 -
B. 139 -
C. 138 -
D. 162 |
Question 108 | You are securing the network with IDS technologies. You want to be able to see malicious intent activity as well as provide some security and monitoring for users who are VPNing outside the network. Which IDS type is best suited for this job? |
Question 109 | When a Certificate Authority revokes a certificate, how is notice of the revocation distributed? |
Question 110 | Which of the following are characteristics of Transport Layer Security (TLS)? [Choose the two best answers.] -
A. It is interoperable with SSL. -
B. It is based on Netscape's SSL3. -
C. It ensures privacy on the Internet. -
D. It has one layer. |
Question 111 | Wireless Application Protocol (WAP) has several layers. Which of the following is the security layer? -
A. Wireless Security Layer (WSL) -
B. Wireless Transport Layer (WTL) -
C. Wireless Transport Layer Security (WTLS) -
D. Wireless Security Layer Transport (WSLT) |
Question 112 | A private network that gives business partners and vendors access to company information is called a(n) ______________. -
A. Extranet -
B. Intranet -
C. Internet -
D. ARPAnet |
Question 113 | Which of the following is the weakest link in a security policy? |
Question 114 | If the code of a program does not check the length of variables , it can be subject to which type of attack? -
A. Buffer overflow -
B. Replay -
C. Spoofing -
D. Denial of service |
Question 115 | Access through a router may be granted or denied based on IP address. What is the name given to this method? -
A. ACL -
B. AP -
C. ACLU -
D. Answers A and B |
Question 116 | What are the major security concerns with using DHCP? [Choose the two best answers.] -
A. The network is vulnerable to man-in-the-middle attacks. -
B. Anyone hooking up to the network can automatically receive a network address. -
C. Clients might be redirected to an incorrect DNS address. -
D. There are no security concerns with using DHCP. |
Question 117 | What should you do upon finding out an employee is terminated ? -
A. Disable the user account and have the data kept for a specified period of time. -
B. Maintain the user account and have the data kept for a specified period of time. -
C. Disable the user account and delete the user's home directory. -
D. Do nothing until the employee has cleaned out her desk and you get written notification. |
Question 118 | Which of the following is not a good security practice? -
A. You should have a procedure in place to periodically test password strength. -
B. Auditing should be enabled and logs should be monitored regularly. -
C. Allow all programmers to have administrator access because they need a lot of rights. -
D. You should ensure that there are no accounts with default passwords or that there aren't any without a password. |
Question 119 | Which of the following statements best describes the difference between authentication and identification? -
A. Authentication is the same identification. -
B. Authentication is a means to verify who you are, whereas identification is what you are authorized to perform. -
C. Authentication is the byproduct of identification. -
D. Authentication is what you are authorized to perform, whereas identification is a means to verify who you are. |
Question 120 | What is the IEEE standard for wireless LAN technology? -
A. 802.5 -
B. 802.11 -
C. 802.2 -
D. 802.10 |
Question 121 | Which of the following statements about Java and JavaScript is true? -
A. Java applets can be used to execute arbitrary instructions on the server. -
B. JavaScript code can continue running even after the applet is closed. -
C. JavaScript can provide access to files of a known name and path. -
D. Java applets can be used to send email as the user. -
E. Java applets allow access to cache information. |
Question 122 | What is the proper way to dispose of confidential documents? -
A. Rip them into small pieces and put them in the trash. -
B. Shred them and put them in the trash. -
C. Have them destroyed by an authorized destruction company. -
D. Put them in the recycle bin. |
Question 123 | Ensuring that all data is sequenced , timestamped, and numbered is a characteristic of _______________. -
A. Data authentication -
B. Data integrity -
C. Data availability -
D. Data confidentiality |
Question 124 | What is a potential concern to weaker encryption algorithms as time goes on? [Choose the best answer.] -
A. Performance of the algorithm will worsen over time. -
B. Keys generated by users will start to repeat on other users' systems. -
C. Hackers using distributed computing may be able to finally crack an algorithm. -
D. All of the above. |
Question 125 | You want to hide your internal network from the outside world. Which of the following servers can accomplish this? -
A. NAT -
B. DNS -
C. DHCP -
D. All of the above |