JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 12

Which of the following is true when a user browsing to an HTTPS site receives the message: a Site name mismatch'? 


Options are :

  • The CA DNS name is different from the root certificate CN
  • The certificate was issued by the intermediate CA and not by the root CA.
  • The certificate file name is different from the certificate CN
  • The certificate CN is different from the site DNS A record (Correct)

Answer : The certificate CN is different from the site DNS A record

DRPs should contain which of the following? 


Options are :

  • Hierarchical list of non-critical personnel
  • Hierarchical list of critical systems (Correct)
  • Hierarchical access control lists
  • Identification of single points of failure

Answer : Hierarchical list of critical systems

Which of the following is an important part of disaster recovery training? 


Options are :

  • Table top exercises (Correct)
  • Storage locations
  • Chain of custody
  • Schemes

Answer : Table top exercises

A user tries to plug their laptop into the company's network and receives a warning that their patches and virus definitions are out-of-date. This is an example of which of the following mitigation techniques? 


Options are :

  • NAC (Correct)
  • Subnetting
  • Honeypot
  • None
  • NAT

Answer : NAC

A user wants to edit a file that they currently have read-only rights to; however, they are unable to provide a business justification, so the request is denied. This is the principle of:   


Options are :

  • separation of duties
  • job-based access control
  • None
  • remote access policy.
  • least privilege. (Correct)

Answer : least privilege.

An attacker sends packets to a host in hopes of altering the host's MAC table. Which of the following is the attacker attempting to do?   


Options are :

  • DNS spoofing
  • Privilege escalation
  • ARP poisoning (Correct)
  • Port scan

Answer : ARP poisoning

Which of the following would a network administrator implement to control traffic being routed between networks or network segments in an effort to preserve data confidentiality?   


Options are :

  • Password policies
  • Group policies
  • ACLs (Correct)
  • NAT

Answer : ACLs

Several PCs are running extremely slow all of a sudden. Users of the PCs report that they do a lot of web browsing and explain that a disgruntled employee from their department was recently fired. The security administrator observes that all of the PCs are attempting to open a large number of connections to the same destination. Which of the following is MOST likely the issue? 


Options are :

  • A man-in-the-middle attack is taking place.
  • The PCs are being used in a botnet (Correct)
  • A logic bomb has been installed by the former employee
  • The PCs have downloaded adware

Answer : The PCs are being used in a botnet

Which of the following is a detective security control? 


Options are :

  • CCTV (Correct)
  • Bollards
  • Firewall
  • Design reviews

Answer : CCTV

Which of the following would MOST likely contain a  <SCRIPT> tag? 


Options are :

  • DOS
  • Buffer overflow
  • XSS (Correct)
  • Cookies

Answer : XSS

Which of the following is a reason why wireless access points should not be placed near a building's perimeter? 


Options are :

  • Vampire taps
  • Rouge access points
  • War driving (Correct)
  • Port scanning

Answer : War driving

Which of the following should be reviewed periodically to ensure a server maintains the correct security configuration? 


Options are :

  • Firewall logs (Correct)
  • User rights
  • Incident management
  • NIDS configuration

Answer : Firewall logs

Management would like to know if anyone is attempting to access files on the company file server. Which of the following could be deployed to BEST provide this information? 


Options are :

  • Software firewall
  • HIDS (Correct)
  • Hardware firewall
  • NIDS

Answer : HIDS

Which of the following has been implemented if several unsuccessful login attempts were made in a short period of time denying access to the user account, and after two hours the account becomes active? 


Options are :

  • Account lockout (Correct)
  • Screen lock
  • Password disablement
  • Password expiration

Answer : Account lockout

Which of the following is a benefit of utilizing virtualization technology?   


Options are :

  • Fewer systems to monitor physical access (Correct)
  • Lowered cost of the host machine
  • Less overhead cost of software licensing
  • Streamline systems to a single OS

Answer : Fewer systems to monitor physical access

Using a smartcard and a physical token is considered how many factors of authentication? 


Options are :

  • One (Correct)
  • Four
  • Three
  • Two

Answer : One

Which of the following devices hooks into a LAN and captures traffic?   


Options are :

  • Protocol filter
  • Protocol analyzer (Correct)
  • Vulnerability assessment tool
  • Penetration testing tool

Answer : Protocol analyzer

The security administrator wants to increase the cipher strength of the company's internal root certificate. Which of the following would the security administer use to sign a stronger root certificate? 


Options are :

  • Key escrow
  • Certificate authority (Correct)
  • Registration authority
  • Trusted platform module

Answer : Certificate authority

Which of the following access control methods provides the BEST protection against attackers logging on as authorized users? 


Options are :

  • Utilize time of day restrictions
  • Require a PIV card
  • Utilize separation of duties (Correct)
  • Implement implicit deny

Answer : Utilize separation of duties

A recent security audit shows an organization has been infiltrated with a former administrator's credentials. Which of the following would be the BEST way to mitigate the risk of this vulnerability? 


Options are :

  • Conduct periodic audits of storage and retention policies.
  • Conduct periodic audits of password policies.
  • Conduct periodic audits of user access and rights. (Correct)
  • Conduct periodic audits of disaster recovery policies.

Answer : Conduct periodic audits of user access and rights.

Which of the following describes how long email messages are available in case of a subpoena? 


Options are :

  • Backup procedures
  • Email server configuration
  • Retention policy (Correct)
  • Backup policy

Answer : Retention policy

Which of the following protocols is considered more secure than SSL? 


Options are :

  • TLS (Correct)
  • HTTP
  • WEP
  • Telnet

Answer : TLS

Which of the following concepts addresses the threat of data being modified without authorization? 


Options are :

  • Availability
  • Non-repudiation
  • Integrity (Correct)
  • Key management

Answer : Integrity

To ensure users are logging into their systems using a least privilege method, which of the following should be done? 


Options are :

  • Create a user account without administrator privileges. (Correct)
  • Enforce a group policy with the least amount of account restrictions.
  • Employ a BIOS password that differs from the domain password.
  • Allow users to determine their needs and access to resources.

Answer : Create a user account without administrator privileges.

Which of the following is MOST likely the reason why a security administrator would run a Nessus report on an important server? 


Options are :

  • To analyze packets and frames
  • To enumerate and crack weak system passwords
  • To report on the performance of the system
  • To scan for vulnerabilities (Correct)

Answer : To scan for vulnerabilities

When assessing a network containing resources that require near 100% availability, which of the following techniques should be employed to assess overall security? 


Options are :

  • Vulnerability scanning (Correct)
  • Penetration testing
  • User interviews
  • Documentation reviews

Answer : Vulnerability scanning

Which of the following facilitates computing for heavily utilized systems and networks?   


Options are :

  • Provider cloud
  • VPN concentrator (Correct)
  • Remote access
  • Telephony

Answer : VPN concentrator

A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity? 


Options are :

  • Run the image through SHA256. (Correct)
  • Run the image through AES128.
  • Run the image through a symmetric encryption algorithm.
  • Compress the image to a password protected archive.

Answer : Run the image through SHA256.

A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following? 


Options are :

  • Vishing
  • Whaling (Correct)
  • Bluesnarfing
  • Dumpster diving

Answer : Whaling

A penetration test shows that almost all database servers were able to be compromised through a default database user account with the default password. Which of the following is MOST likely missing from the operational procedures?   


Options are :

  • OS hardening (Correct)
  • SQL injection
  • Application hardening
  • Application patch management

Answer : OS hardening

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions