JK0-015 CompTIA E2C Security+ 2008 Edition Practice Exam Set 9

Which of the following security concerns stern from the use of corporate resources on cell phones? (Select TWO).

A. Cell phones are easily lost or stolen.

B. MITM attacks are easy against cell phones.

C. There is no antivirus software for cell phones.

D. Cell phones are used for P2P gaming.

E. Encryption on cell phones is not always possible. 


Options are :

  • D,E
  • C,D
  • A,C (Correct)
  • A,B

Answer : A,C

Management has requested increased visibility into how threats might affect their organization. Which of the following would be the BEST way to meet their request without attempting to exploit those risks? 


Options are :

  • Conduct a penetration test.
  • Conduct a risk assessment. (Correct)
  • Conduct a security awareness seminar.
  • Conduct a social engineering test.

Answer : Conduct a risk assessment.

Which of the following is a benefit of network access control (NAC)? 


Options are :

  • A user is able to control connections to the network using a centralized list of approved devices. (Correct)
  • A user is able to distribute connections to the network using cached credentials on a local machine
  • A user is able to distribute connections to the network for load balancing using a centralized list of approved devices.
  • A user is able to control connections to the network using cached credentials on a local machine.

Answer : A user is able to control connections to the network using a centralized list of approved devices.

Disabling the SSID broadcast removes the identifier from which of the following wireless packets?   


Options are :

  • Beacon (Correct)
  • Probe
  • ACK
  • Data

Answer : Beacon

Why is an ad-hoc network a security risk? 


Options are :

  • An ad-hoc network allows access to the nearest access point which may allow a direct connection to another computer.
  • An ad-hoc network allows access to the nearest access point which may give elevated rights to the connecting user
  • An ad-hoc network allows access to another computer at the same level of the logged in user, compromising information (Correct)
  • An ad-hoc network allows access to another computer but with no rights so files cannot be copied or changed.

Answer : An ad-hoc network allows access to another computer at the same level of the logged in user, compromising information

Which of the following stores information with a trusted agent to decrypt data at a later date, even if the user destroys the key?   


Options are :

  • Public trust model
  • Key registration
  • Recovery agent
  • Key escrow (Correct)

Answer : Key escrow

Which of the following is achieved and ensured by digitally signing an email? 


Options are :

  • Confidentiality
  • Integrity (Correct)
  • Delivery
  • Availability

Answer : Integrity

Which of the following describes the role of a proxy server?   


Options are :

  • Blocks access to the network
  • Serves as a honeypot
  • Analyzes packets
  • Forwards requests for services from a client (Correct)

Answer : Forwards requests for services from a client

When developing a new firewall policy, which of the following methods provides the MOST secure starting point? 


Options are :

  • Stateful inspection
  • Due diligence
  • Implicit deny (Correct)
  • Least privilege

Answer : Implicit deny

Which of the following technologies will ensure the datacenter remains operational until backup power can be obtained? 


Options are :

  • Circuit breaker
  • Transfer switch
  • Backup generator
  • UPS (Correct)

Answer : UPS

Which of the following is BEST used for providing protection against power fluctuation? 


Options are :

  • Generator
  • Redundant servers
  • UPS (Correct)
  • Voltmeter

Answer : UPS

A NIPS is primarily used for which of the following purposes? 


Options are :

  • To alert the administrator to known anomalies
  • To log any known anomalies
  • To monitor network traffic in promiscuous mode
  • To take action against known threats (Correct)

Answer : To take action against known threats

A network security administrator is worried about potential man-in-the-middle attacks against users when they access a corporate website from their workstations. Which of the following is the BEST mitigation against this type of attack?   


Options are :

  • Mandating only client-side PKI certificates for all connections
  • Requiring client and server PKI certificates for all connections (Correct)
  • Implementing server-side PKI certificates for all connections
  • Requiring strong authentication for all DNS queries

Answer : Requiring client and server PKI certificates for all connections

Which of the following system security threats negatively affects confidentiality?   


Options are :

  • Spyware (Correct)
  • Spam
  • Adware
  • Worm

Answer : Spyware

Which of the following encryption technologies is BEST suited for small portable devices such as PDAs and cell phones? 


Options are :

  • AES192
  • TKIP
  • Elliptic curve (Correct)
  • PGP

Answer : Elliptic curve

Which of the following logs would MOST likely indicate that there is an ongoing brute force attack against a servers local administrator account? 


Options are :

  • Firewall
  • Performance
  • Access
  • System (Correct)

Answer : System

A user reports that after opening an email from someone they knew, their computer is now displaying unwanted images. Which of the following software can the technician MOST likely install on the computer to mitigate this threat?   


Options are :

  • HIDS
  • Firewall
  • Anti-spam
  • Antivirus (Correct)

Answer : Antivirus

Key escrow is the process of: 


Options are :

  • Backing up the key to local storage.
  • Entrusting the keys to a third party. (Correct)
  • Removing the public key.
  • Removing the private key.

Answer : Entrusting the keys to a third party.

Which of the following is BEST suited to detect local operating system compromises? 


Options are :

  • HIDS (Correct)
  • System log
  • Anti-spam
  • Personal firewall

Answer : HIDS

Which of the following describes an action taken after a security breach? 


Options are :

  • Disaster recovery planning
  • Change management
  • Forensic evaluation (Correct)
  • Business continuity planning

Answer : Forensic evaluation

Which of the following should be disabled to help prevent boot sector viruses from launching when a computer boots? 


Options are :

  • SNMP
  • USB (Correct)
  • DMZ
  • Hard Drive

Answer : USB

Which of the following would an auditor use to determine if an application is sending credentials in clear text? 


Options are :

  • Port scanner
  • Vulnerability scanner
  • Protocol analyzer (Correct)
  • Rainbow table

Answer : Protocol analyzer

Which of the following would be implemented to provide a check and balance against social engineering attacks?   


Options are :

  • Biometric scanning
  • Separation of duties (Correct)
  • Password policy
  • Single sign-on

Answer : Separation of duties

Which of the following protocols correspond to port 514 by default? 


Options are :

  • SYSLOG (Correct)
  • FTP
  • IMAP
  • SNMP

Answer : SYSLOG

Which of the following is used to both deploy and reapply baseline security configurations? 


Options are :

  • Security template (Correct)
  • Security agent
  • Performance baseline
  • Configuration baseline

Answer : Security template

Which of the following can be implemented to mitigate the risks associated with open ports on a server? 


Options are :

  • Implement a password policy
  • Disable unnecessary programs (Correct)
  • Enable MAC filtering
  • Disable network cards

Answer : Disable unnecessary programs

Which of the following should be updated whenever software is upgraded on a production system? 


Options are :

  • LDAP entry
  • Baseline (Correct)
  • Antivirus
  • Group policy

Answer : Baseline

A penetration tester is required to conduct a port scan on a network. Which of the following security tools can be used to conduct this scan? (Select TWO).

A. Kismet

B. Snort

C. netcat

D. nslookup

E. Nmap 


Options are :

  • A,B
  • A,D
  • C,E (Correct)
  • C,D

Answer : C,E

Which of the following can be implemented to prevent malicious code from executing? 


Options are :

  • Antivirus software (Correct)
  • Anti-spam software
  • Personal software firewall
  • Hardware fire wall

Answer : Antivirus software

All administrators are now required to use 15 character passwords. Which of the following is the BEST method to enforce this new password policy?   


Options are :

  • Group policy (Correct)
  • Account expiration configuration
  • Forcing all users to change their password on next login
  • Email announcements

Answer : Group policy

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions