A network administrator needs to provide daily network usage reports on all layer 3 devices without compromising any data while gathering the information. Which of the following would be configured to provide these reports?
Which of the following is a difference between TFTP and FTP?
A) TFTP is slower than FTP
B) TFTP utilizes UDP and FTP uses TCP
C) TFTP is more secure than FTP
D) TFTP utilizes TCP and FTP uses UDP
Rebecca, a security analyst, is trying to prove to management what costs they could incur if their customer database was breached. This database contains 250 records with PII. Studies show that the cost per record for a breach is $350. The likelihood that their database would be breached in the next year is only 8%. Which of the following is the ALE that Rebecca should report to management for a security breach?
Which of the following is the MOST secure protocol to transfer files?
Which of the following would satisfy wireless network implementation requirements to use mutual authentication and usernames and passwords?
A network analyst received a number of reports that impersonation was taking place on the network. Session tokens were deployed to mitigate this issue and defend against which of the following attacks?
Which of the following is a protocol that could be used to support authentication services for several local devices from a central location without the use of tokens or tickets?
A program has been discovered that infects a critical Windows system executable and stays dormant in memory. When a Windows mobile phone is connected to the host, the program infects the phone's boot loader and continues to target additional Windows PCs or phones. Which of the following malware categories BEST describes this program?
A security administrator wishes to change their wireless network so that IPSec is built into the protocol and NAT is no longer required for address range extension. Which of the following protocols should be used in this scenario?
A security administrator needs to update the OS on all the switches in the company. Which of the following MUST be done before any actual switch configuration is performed?
A) The request needs to be sent to the revision management team.
B) The request needs to be approved through the incident management process.
C) The request needs to be approved through the change management process.
D) The request needs to be sent to the enterprise management team.
A company with a US-based sales force has requested that the VPN system be configured to authenticate the sales team based on their username, password and a client side certificate. How many authentication factors are in use by the VPN system?
Which of the following is an example of multifactor authentication?
A) Username and Password
B) Credit card and PIN
C) Fingerprint and Retina scan
D) Password and PIN
Which of the following types of attacks was attempted?
A) Command injection
B) SQL injection
C) LDAP injection
An internal auditor is concerned with privilege creep that is associated with transfers inside the company. Which mitigation measure would detect and correct this?
A) Change management
B) Change control
C) User rights reviews
D) Job rotations
Which of the following should be deployed to prevent the transmission of malicious traffic between virtual machines hosted on a singular physical device on a network?
A) NIPS on the network
B) HIPS on each virtual machine
C) NIDS on the network
D) HIDS on each virtual machine
Which of the following concepts is BEST described as developing a new chain of command in the event of a contingency?
A) Succession planning
B) Continuity of operations
C) Business impact analysis
D) Business continuity planning
Which of the following can be used by a security administrator to successfully recover a user's forgotten password on a password protected file?
A) Brute force
B) Password sniffing
C) Social engineering
D) Cognitive password
A network administrator recently updated various network devices to ensure redundancy throughout the network. If an interface on any of the Layer 3 devices were to go down, traffic will still pass through another interface and the production environment would be unaffected. This type of configuration represents which of the following concepts?
A) Disaster Recovery
B) Backout contigency plan
C) Load balancing
D) High availability
Which of the following should Bill, a security administrator, perform before a hard drive is analyzed with forensics tools?
A) Disconnect system from network
B) Interview witnesses
C) Identify user habits
D) Capture system image
Tom, an individual, has recently been calling various financial offices pretending to be another person to gain financial information. Which of the following attacks is being described?
Which of the following is BEST used as a secure replacement for TELNET?
A user ID and password together provide which of the following?
An administrator is receiving an error in browser stating a website's certificate is invalid. Which of the following is the browser referring to?
A) Private key
B) Public key
C) Recovery agent
Geneson, an administrator, needs to make sure the wireless network is not accessible from the parking area of their office. Which of the following would BEST help Geneson when deploying a new access point?
A) Disabling SSID
B) Placement of antenna
C) Enabling the MAC filtering
D) Implementing WPA2
A company storing data on a secure server wants to ensure it is legally able to dismiss and prosecute staff who intentionally access the server via Telnet and illegally tamper with customer data. Which of the following administrative controls should be implemented to BEST achieve this?
A) Session output pipe to /dev/null
B) Command shell restriction
C) Warning banners
D) Restricted interface
After a user performed a war driving attack, the network administrator noticed several similar markings where WiFi was available throughout the enterprise. Which of the following is the term used to describe these markings?
A) War dialing
B) IV attack
C) War chalking
D) Rogue access points
Which of the following is a hardware based encryption device?
Which of the following assets is MOST likely considered for DLP?
A) USB mass storage device
B) Print server
C) Reverse proxy
D) Application server content
Using proximity card readers instead of the traditional key punch doors would help to mitigate:
B) Dumpster diving
D) Shoulder surfing
A software development company wants to implement a digital rights management solution to protect its intellectual property. Which of the following should the company implement to enforce software digital rights?
C) Transport encryption
D) Public Key infrastructure
A network administrator has recently updated their network devices to ensure redundancy is in place so that:
A) Single points of failure are removed
B) Hot and cold aisles are functioning
C) Switches can redistribute routes across the network
D) Environmental monitoring can be performed
The IT department has setup a website with a series of questions to allow end users to reset their own accounts. Which of the following account management practices does this help?
A) Password Recovery
B) Password Complexity
C) Account Disablements
D) Password Expirations
An administrator in the Network Security Department notices that an employee in the Networking Department made unauthorized changes to a firewall over the weekend. Which of the following would be used to mitigate this issue so that only security administrators can make changes to the firewall?
A) Job rotation
B) Time of day restriction
C) Mandatory vacations
D) Least privilege
Which of the following application security testing techniques is implemented when an automated system generates random input data?
A) Input validation
An IT director is looking to reduce the footprint of their company's server environment. They have decided to move several internally developed software applications to an alternate environment, supported by an external company. They will still maintain the software, operating systems and configurations, but will not manage the physical hardware. Which of the following BEST describes this arrangement?
A) Platform as a Service
B) Software as a Service
C) Infrastructure as a Service
D) Storage as a Service
Sara, an application developer, has just implemented error and exception handling in an application. Which of the following does this help prevent?
A) Pop-up blockers
B) Cross-site scripting
D) Buffer overflow
Which of the following network architecture concepts is used to securely isolate network devices at the boundary between networks?
Sara, a security manager, has decided to force expiration of all company passwords by the close of business day. Which of the following BEST supports this reasoning?
A) Implementation of account lockout procedures.
B) A recent security breach in which passwords were cracked
C) Enforcement of password complexity requirements
D) Implementation of configuration management processes
Rachael, the security administrator, must configure the corporate firewall to allow all public IP addresses on the internal interface of the firewall to be translated to one public IP address on the external interface of the same firewall. Which of the following should Rachael configure?
Which statement is TRUE about the operation of a packet sniffer?
A) It can only have one interface on a management network.
B) They are required for firewall operation and stateful inspection.
C) The Ethernet card must be placed in promiscuous mode.
D) It must be placed on a single virtual LAN interface.