Pete, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection? Sign in and sign out logs Mantrap Video surveillance HVAC.
A datacenter requires that staff be able to identify whether or not items have been removed from the facility. Which of the following controls will allow the organization to provide automated notification of item removal? CCTV Environmental monitoring RFID EMI shielding.
Due to issues with building keys being duplicated and distributed, a security administrator wishes to change to a different security control regarding a restricted area. The goal is to provide access based upon facial recognition. Which of the following will address this requirement? Set up mantraps to avoid tailgating of approved users. Place a guard at the entrance to approve access. Install a fingerprint scanner at the entrance. Implement proximity readers to scan users’ badges.
Which of the following preventative controls would be appropriate for responding to a directive to reduce the attack surface of a specific host? Installing anti-malware Implementing an IDS Taking a baseline configuration Disabling unnecessary services.
Joe, the system administrator, has been asked to calculate the Annual Loss Expectancy (ALE) for a $5,000 server, which often crashes. In the past year, the server has crashed 10 times, requiring a system reboot to recover with only 10% loss of data or function. Which of the following is the ALE of this server? $500 $5,000 $25,000 $50,000.
Sara, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $300. The likelihood that their database would be breached in the next year is only 5%. Which of the following is the ALE that Sara should report to management for a security breach? $1,500 $3,750 $15,000 $75,000.
Which of the following utilities can be used in Linux to view a list of users’ failed authentication attempts? badlog faillog wronglog killlog.
Pete, the system administrator, is reviewing his disaster recovery plans. He wishes to limit the downtime in the event of a disaster, but does not have the budget approval to implement or maintain an offsite location that ensures 99.99% availability. Which of the following would be Pete’s BEST option? Use hardware already at an offsite location and configure it to be quickly utilized. Move the servers and data to another part of the company’s main campus from the server room. Retain data back-ups on the main campus and establish redundant servers in a virtual environment. Move the data back-ups to the offsite location, but retain the hardware on the main campus for redundancy.
A simulation of a disaster recovery plan in which actions are not actually performed. Tabletop exercise Structured walkthrough Full Interruption test Checklist test.
Test of a recovery plan involving representatives from each of the functional areas coming together to review the plan to determine if the plan pertaining to their area is accurate and complete and can be implemented when required. Structured walkthrough Full Interruption test Checklist test Tabletop exercise.
Which of the following is the MOST specific plan for various problems that can arise within a system? Business Continuity Plan Continuity of Operation Plan Disaster Recovery Plan IT Contingency Plan.
Joe, the system administrator, is performing an overnight system refresh of hundreds of user computers. The refresh has a strict timeframe and must have zero downtime during business hours. Which of the following should Joe take into consideration? A disk-based image of every computer as they are being replaced. A plan that skips every other replaced computer to limit the area of affected users. An offsite contingency server farm that can act as a warm site should any issues appear. A back-out strategy planned out anticipating any unforeseen problems that may arise.
Which of the following would a security administrator use to verify the integrity of a file? Time stamp MAC times File descriptor Hash.
Which of the following is 160 bits? SHA1 MD2 MD4 MD5.
Which of the following could cause a browser to display the message below? “The security certificate presented by this website was issued for a different website’s address.” The website certificate was issued by a different CA than what the browser recognizes in its trusted CAs. The website is using a wildcard certificate issued for the company’s domain. HTTPS://127.0.01 was used instead of HTTPS://localhost. The website is using an expired self signed certificate.
A company’s Chief Information Officer realizes the company cannot continue to operate after a disaster. Which of the following describes the disaster? Risk Asset Threat Vulnerability.
Type of network security breach in which a network connected to the Internet is swamped with replies to ICMP echo (PING) requests. Backdoor Smurf DDoS Spyware.
Several users’ computers are no longer responding normally and sending out spam email to the users’ entire contact list. This is an example of which of the following? Trojan virus Botnet Worm outbreak Logic bomb.
Jane, an individual, has recently been calling various financial offices pretending to be another person to gain financial information. Which of the following attacks is being described? Phishing Tailgating Pharming Vishing.
A user has unknowingly gone to a fraudulent site. The security analyst notices the following system change on the user’s host:
Old `hosts’ file:
New `hosts’ file:
Which of the following attacks has taken place?.
A security administrator must implement all requirements in the following corporate policy: Passwords shall be protected against offline password brute force attacks. Passwords shall be protected against online password brute force attacks. Which of the following technical controls must be implemented to enforce the corporate policy? (Select THREE). Account lockout Account expiration Screen locks Password complexity Minimum password lifetime Minimum password length.
Users are encouraged to click on a link in an email to obtain exclusive access to the newest version of a popular Smartphone. This is an example of. Scarcity Familiarity Intimidation Trust.
Joe, an employee is taking a taxi through a busy city and starts to receive unsolicited files sent to his Smartphone. Which of the following is this an example of? Vishing Bluejacking War Driving SPIM Bluesnarfing.
Which statement is TRUE about the operation of a packet sniffer? It can only have one interface on a management network. They are required for firewall operation and stateful inspection. The Ethernet card must be placed in promiscuous mode. It must be placed on a single virtual LAN interface.
Which offers no end-to-end TLS encryption? HTTPS WEP WPA WPA 2.
A security administrator looking through IDS logs notices the following entry: (where firstname.lastname@example.org and passwd= ‘or 1==1’) Which of the following attacks had the administrator discovered? SQL injection XML injection Cross-site script Header manipulation.
An attacker attempted to compromise a web form by inserting the following input into the username field: admin)(|(password=*)) Which of the following types of attacks was attempted? SQL injection Cross-site scripting Command injection LDAP injection.
DEP protects against which? Cross-site scripting Buffer overflow Header manipulation SQL injection.
Which of the following application attacks is used to gain access to SEH? Cookie stealing Buffer overflow Directory traversal XML injection.
A software testing technique used to discover coding errors and security loopholes in software, operating systems or networks by inputting massive amounts of random data to the system in an attempt to make it crash.