JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 11

A data entry technician uses an application from the Internet to gain administrative rights on a system. Gaining unauthorized domain rights is an example of:   


Options are :

  • Spyware
  • A rootkit.
  • A logic bomb
  • Privilege escalation. (Correct)

Answer : Privilege escalation.

Which of the following is a reason to implement Kerberos over local system authentication? 


Options are :

  • Non-repudiation
  • Centralized file integrity protection (Correct)
  • Greater password complexity
  • Authentication to multiple devices

Answer : Centralized file integrity protection

Every company workstation contains the same software prior to being assigned to workers. Which of the following software options would give remote users the needed protection from outside attackers when they are outside of the company's internal network?   


Options are :

  • Vulnerability scanner
  • HIDS
  • NIPS
  • Personal firewall (Correct)

Answer : Personal firewall

A NIDS monitoring traffic on the public-side of a firewall provides which of the following? 


Options are :

  • Prevention of malicious traffic
  • Protection of the external firewall interface
  • Intelligence about external threats (Correct)
  • Faster alerting to internal compromises

Answer : Intelligence about external threats

Which of the following is of the GREATEST concern in regard to a rogue access point? 


Options are :

  • Rogue access points can scan the company's wireless networks and find other unencrypted and rouge access points
  • Rogue access points can allow unauthorized users access the company's internal networks. (Correct)
  • The radio signal of the rogue access point interferes with company approved access points.
  • Rogue access points are hard to find and remove from the network.

Answer : Rogue access points can allow unauthorized users access the company's internal networks.

The process of validating a user's claimed identity is called 


Options are :

  • identification (Correct)
  • authorization.
  • validation.
  • repudiation.

Answer : identification

A new enterprise solution is currently being evaluated due to its potential to increase the company's profit margins. The security administrator has been asked to review its security implications. While evaluating the product, various vulnerability scans were performed. It was determined that the product is not a threat but has the potential to introduce additional vulnerabilities.

Which of the following assessment types should the security administrator also take into consideration while evaluating this product?   


Options are :

  • Risk assessment (Correct)
  • Code assessment
  • Threat assessment
  • Vulnerability assessment

Answer : Risk assessment

Which of the following BEST describes how the mandatory access control (MAC) method works?   


Options are :

  • It is an access policy that restricts access to objects based on security clearance (Correct)
  • It is an access policy based on biometric technologies.
  • It is an access policy based on the role that the user has in an organization.
  • It is an access policy based on a set of rules.

Answer : It is an access policy that restricts access to objects based on security clearance

The security administrator wants each user to individually decrypt a message but allow anybody to encrypt it. Which of the following MUST be implemented to allow this type of authorization?   


Options are :

  • Use of public and private keys (Correct)
  • Use of private keys only
  • Use of digital certificates
  • Use of public keys only

Answer : Use of public and private keys

In the event of a disaster, in which the main datacenter is immediately shutdown, which of the following would a company MOST likely use with a minimum Recovery Time Objective?   


Options are :

  • Tape backup restoration
  • Hot site (Correct)
  • Cold site
  • Fault tolerance

Answer : Hot site

A security administrator is analyzing the packet capture from an IDS triggered filter.

The packet capture shows the following string: a or1 ==1--

Which of the following attacks is occurring? 


Options are :

  • Buffer overflow
  • XML injection
  • Cross-site scripting
  • SQL injection (Correct)

Answer : SQL injection

Which of the following tools BEST identifies the method an attacker used after they have entered into a network?   


Options are :

  • HIDS
  • Port scanner
  • NIDS (Correct)
  • Input validation

Answer : NIDS

Which of the following is the BEST way to secure data for the purpose of retention?   


Options are :

  • RAID 5 on-site backup
  • Virtualization
  • Off-site backup (Correct)
  • On-site clustering

Answer : Off-site backup

Which of the following is a major risk associated with cloud computing?   


Options are :

  • Loss of physical control over data (Correct)
  • Data labeling challenges
  • Increased complexity of qualitative risk assessments
  • Smaller attack surface

Answer : Loss of physical control over data

Which of the following describes an attack technique by which an intruder gains physical access by following an authorized user into a facility before the door is closed? 


Options are :

  • Shoulder surfing
  • Impersonation
  • Escalation
  • Tailgating (Correct)

Answer : Tailgating

Which of the following describes a semi-operational site that in the event of a disaster, IT operations can be migrated?   


Options are :

  • Hot site
  • Warm site (Correct)
  • Cold site
  • Mobile site

Answer : Warm site

Which of the following can cause hardware based drive encryption to see slower deployment? 


Options are :

  • USB removable drive encryption (Correct)
  • A lack of management software
  • Role/rule-based access control
  • Multifactor authentication with smart cards

Answer : USB removable drive encryption

Which of the following should a security administrator implement to ensure there are no security holes in the OS? 


Options are :

  • Encryption protocols
  • Firewall definitions
  • Patch management (Correct)
  • Virus definitions

Answer : Patch management

Which of the following is a best practice for organizing users when implementing a least privilege model? 


Options are :

  • By geographic location
  • By management level
  • By function (Correct)
  • By department

Answer : By function

Which of the following control systems is used to maintain proper environmental conditions in a datacenter? 


Options are :

  • Mantrap
  • Bollards
  • CCTV
  • HVAC (Correct)

Answer : HVAC

A security administrator is analyzing the packet capture from an IDS triggered filter. The packet capture shows the following string: 

<script>source=http://www.evilsite.jp/evil.js</script>

Which of the following attacks is occurring? 


Options are :

  • Redirection attack
  • Cross-site scripting (Correct)
  • SQL injection
  • XLM injection

Answer : Cross-site scripting

Which of the following cipher types is used by AES? 


Options are :

  • Stream
  • Turing
  • Fourier
  • Block (Correct)

Answer : Block

A user reports that their 802.11n capable interface connects and disconnects frequently to an access point that was recently installed. The user has a Bluetooth enabled laptop. A company in the next building had their wireless network breached last month. Which of the following is MOST likely causing the disconnections? 


Options are :

  • The new access point was mis-configured and is interfering with another nearby access point. (Correct)
  • Another user's Bluetooth device is causing interference with the Bluetooth on the laptop.
  • An attacker inside the company is performing a bluejacking attack on the user's laptop.
  • The attacker that breached the nearby company is in the parking lot implementing a war driving attack.

Answer : The new access point was mis-configured and is interfering with another nearby access point.

Which of the following will contain a list of unassigned public IP addresses?   


Options are :

  • TCP port
  • 802.1x
  • Loop protector
  • Firewall rule (Correct)

Answer : Firewall rule

Which of the following is the correct risk assessment equation? 


Options are :

  • Risk = threat x vulnerability x cost of asset (Correct)
  • Risk = vulnerability x days unpatched x cost of asset
  • Risk = exploit x number of systems x cost of asset
  • Risk = infections x number of days infected x cost of asset

Answer : Risk = threat x vulnerability x cost of asset

Which of the following BEST describes an intrusion prevention system?   


Options are :

  • A system that serves as a honeypot.
  • A system that logs the attack for later analysis
  • A system that stops an attack in progress. (Correct)
  • A system that allows an attack to be identified.

Answer : A system that stops an attack in progress.

Which of the following is a public key cryptosystem? 


Options are :

  • MD5
  • RSA (Correct)
  • 3DES
  • SHA-1

Answer : RSA

A customer has called a company to report that all of their computers are displaying a rival company's website when the user types the correct URL into the browser. All of the other websites the user visits work correctly and other customers are not having this issue. Which of the following has MOST likely occurred? 


Options are :

  • The customer's DNS has been poisoned. (Correct)
  • The customer has a virus outbreak
  • The company's website has been attacked by the rival company
  • The website company has a misconfigured firewall.

Answer : The customer's DNS has been poisoned.

A file has been compromised with corrupt data and might have additional information embedded within it. Which of the following actions should a security administrator follow in order to ensure data integrity of the file on that host? 


Options are :

  • Run vulnerability scanners and print all reports of all diagnostic results.
  • Begin chain of custody for the document and disallow access.
  • Disable the wireless network and copy the data to the next available USB drive to protect the data
  • Perform proper forensics on the file with documentation along the way. (Correct)

Answer : Perform proper forensics on the file with documentation along the way.

Which of the following is a reason to use TACACS+ over RADIUS? 


Options are :

  • TACACS+ has less attribute-value pairs
  • TACACS+ uses the UDP protocol
  • Combines authentication and authorization
  • Encryption of all data between client and serve (Correct)

Answer : Encryption of all data between client and serve

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions