keywords:
Bookmark and Share



Front Back
Jane, a security administrator, needs to make a change in the network to accommodate a new
remote location. The new location will be connected by a serial interface, off the main router,
through a commercial circuit. This remote site will also have traffic completely separated from all
other traffic. Which of the following design elements will Jane need to implement to accommodate
the new location?
A. VLANs need to be added on the switch but not the router.
B. NAT needs to be re-configured to allow the remote location.
C. The current IP scheme needs to be subnetted.
D. The switch needs to be virtualized and a new DMZ needs to be created.
Answer: C
During a company's relocation, Sara, a security administrator, notices that several hard copies of
company directories are being thrown away in public dumpsters. Which of the following attacks is
the company vulnerable to without the proper user training and awareness?
A. Hoaxes
B. Pharming
C. Social engineering
D. Brute force
Answer: C
Matt, a security administrator, has recently performed a detailed datacenter inventory of all
hardware and software. This analysis has resulted in identifying a lot of wasted resources. Which
of the following design elements would eliminate the wasted resources and improve the
datacenter's footprint?
A. NAC
B. Virtualization
C. Remote access implementation
D. Hosted IP Centrex
Answer: B
Pete, a user, reports that after a recent business trip, his laptop started having performance issues
and unauthorized emails have been sent out from the laptop. Which of the following will resolve
this issue?
A. Updating Pete's laptop with current antivirus
B. Updating the anti-spam application on the laptop
C. Installing a new pop-up blocker
D. Updating Pete's digital signature
Answer: A
When WPA is implemented using PSK by Pete, a security administrator, which of the following
authentication types is he using?
A. MD5
B. LEAP
C. SHA
D. TKIP
Answer: D
If Jane, a security administrator, is reviewing a verified JPEG's metadata and hash against an
unverified copy of the graphic, which of the following is she looking for?
A. Steganography
B. Chain of custody
C. Digital signatures
D. Whole disk encryption
Answer: A
Which of the following technologies is often used by attackers to hide the origin of an attack?
A. Open proxy
B. Load balancer
C. Flood guard
D. URL filtering
Answer: A
Which of the following is susceptible to reverse lookup attacks if not configured properly?
A. SSL
B. IPSec
C. ICMP
D. DNS
Answer: D
Which of the following are the two basic components upon which cryptography relies?
A. PKI and keys
B. Algorithms and key escrow
C. Key escrow and PKI
D. Algorithms and keys
Answer: D
Which of the following should Jane, a security administrator, check for when conducting a wireless
audit? (Select TWO).
A. Open relays
B. Antenna placement
C. Encryption of wireless traffic
D. URL filtering
E. Open proxies
Answer: B, C
Which of the following passwords have the MOST similar key space? (Select TWO).
A. AnDwWe9
B. check123
C. Mypassword!2~
D. C0mPTIA
E. 5938472938193859392
Answer: A, D
Jane, the company's Chief Information Officer (CIO), contacts the security administrator about an
email asking for money in order to receive the key that would decrypt the source code that the
attacker encrypted. Which of the following malware types is this MOST likely to be in this
situation?
A. Worm
B. Virus
C. Spyware
D. Ransomware
Answer: D
Matt, a security engineer, working at a public CA is implementing and installing a new CRL. Where
should he logically place the server?
A. On a wireless network
B. Inside the DMZ
C. On an non-routable network
D. On a secure internal network
Answer: B
Jane, a security engineer, is deploying a new CA. Which of the following is the BEST strategy for
the root CA after deploying an intermediate trusted CA?
A. It should be placed outside of the firewall.
B. It should be placed in the DMZ.
C. It should be placed within an internal network.
D. It should be shut down and kept in a secure location.
Answer: D
Matt, a security administrator, has installed a new server and has asked a network engineer to
place the server within VLAN 100. This server can be reached from the Internet, but Matt is unable
to connect from the server to internal company resources. Which of the following is the MOST
likely cause?
A. The server is connected with a crossover cable.
B. VLAN 100 does not have a default route.
C. The server is in the DMZ.
D. VLAN 100 is on the internal network.
Answer: C
Sara, a security administrator, is analyzing the packet capture from an IDS triggered filter. The
packet capture shows the following string:
'or 1 ==1 - -
Which of the following attacks is occurring?
A. Cross-site scripting
B. XML injection
C. Buffer overflow
D. SQL injection
Answer: D
Pete, a security administrator, is analyzing the packet capture from an IDS triggered filter. The
packet capture shows the following string:
source=http://www.evilsite.co/evil.js
Which of the following attacks is occurring?
A. SQL injection
B. Redirection attack
C. Cross-site scripting
D. XML injection
Answer: C
Which of the following is true when Sara, a user, browsing to an HTTPS site receives the
message: 'The site's certificate is not trusted'?
A. The certificate has expired and was not renewed.
B. The CA is not in the browser's root authority list.
C. The intermediate CA was taken offline.
D. The CA is not in the default CRL.
Answer: B
Which of the following is true when Sara, a user, browsing to an HTTPS site receives the
message: 'Site name mismatch'?
A. The certificate CN is different from the site DNS A record.
B. The CA DNS name is different from the root certificate CN.
C. The certificate was issued by the intermediate CA and not by the root CA.
D. The certificate file name is different from the certificate CN.
Answer: A
Pete, a security administrator, needs to implement a wireless system that will only be available
within a building. Which of the following configurations can Pete modify to achieve this? (Select
TWO).
A. Proper AP placement
B. Disable SSID broadcasting
C. Use CCMP
D. Enable MAC filtering
E. Reduce the power levels
Answer: A, E
Sara, a technician, must configure a network device to allow only certain protocols to the external
servers and block requests to other internal sources. This is an example of a:
A. demilitarized zone
B. load balancer
C. layer 2 switch
D. stateful firewall
Answer: D
Which of the following protocols should Pete, a security administrator, use to ensure that the data
remains encrypted during transport over the Internet? (Select THREE).
A. TLS
B. SSL
C. FTP
D. SSH
E. HTTP
F. TFTP
Answer: A, B, D
Pete, a user, wishes to encrypt only certain files and folders within a partition. Which of the
following methods should Matt, a technician, recommend?
A. EFS
B. Partition encryption
C. Full disk
D. BitLocker
Answer: A
Which of the following can Jane, a security administrator, use to help prevent man-in-the-middle
attacks?
A. HTTP
B. HTTPS
C. SFTP
D. Kerberos
Answer: D
Which of the following should Sara, a security administrator, implement on a mobile phone to help
prevent a conversation from being captured?
A. Device encryption
B. Voice encryption
C. GPS tracking
D. Sniffer
Answer: B
Which of the following access control methods provides the BEST protection against attackers
logging on as authorized users?
A. Require a PIV card
B. Utilize time of day restrictions
C. Implement implicit deny
D. Utilize separation of duties
Answer: A
Which of the following should Matt, a security technician, integrate into the fire alarm systems to
help prevent a fire from spreading?
A. HVAC
B. Humidity controls
C. Video monitoring
D. Thermostats
Answer: A
An in-line network device examines traffic and determines that a parameter within a common
protocol is well outside of expected boundaries. This is an example of which of the following?
A. Anomaly based detection
B. Behavior based detection
C. IV attack detection
D. Signature based detection
Answer: A
Jane,a malicious insider, obtains a copy of a virtual machine image for a server containing client
financial records from the in-house virtualization cluster. Which of the following would BEST
prevent Jane from accessing the client records?
A. Cloud computing
B. Separation of duties
C. Portable media encryption
D. File and folder encryption
Answer: D
Which of the following is the MOST effective method to provide security for an in-house created
application during software development?
A. Third-party white box testing of the completed application before it goes live
B. Third-party black box testing of the completed application before it goes live
C. Explicitly include security gates during the SDLC
D. Ensure an application firewall protects the application
Answer: C
Matt, an attacker, incorrectly submits data on a website's form and is able to determine the type of
database used by the application and the SQL statements used to query that database. Which of
the following is responsible for this information disclosure?
A. SQL injection
B. Fuzzing
C. XSS
D. Error handling
Answer: D
Which of the following describes why Sara, the sender of an email, may encrypt the email with a
private key?
A. Confidentiality
B. Non-repudiation
C. Transmission speed
D. Transport encryption
Answer: B
Matt, a security technician, needs to increase his password's key space. Which of the following
increases the key space of a password the MOST?
A. Letters, numbers, and special characters
B. 25 or more alpha-numeric characters
C. Two-factor authentication
D. Sequential alpha-numeric patterns
Answer: A
Which of the following mitigation strategies is established to reduce risk when performing updates
to business critical systems?
A. Incident management
B. Server clustering
C. Change management
D. Forensic analysis
Answer: C
Which of the following can Pete, a security administrator, use to distribute the processing effort
when generating hashes for a password cracking program?
A. RAID
B. Clustering
C. Redundancy
D. Virtualization
Answer: B
An offsite location containing the necessary hardware without data redundancy would be an
example of which of the following off-site contingency plans?
A. Cluster
B. Cold site
C. Warm site
D. Hot site
Answer: C
Which of the following should Jane, a security administrator, perform before a hard drive is
analyzed with forensics tools?
A. Identify user habits
B. Disconnect system from network
C. Capture system image
D. Interview witnesses
Answer: C
Whichof the following is BEST described as a scenario where organizational management
decides not to provide a service offering because it presents an unacceptable risk to the
organization?
A. Mitigation
B. Acceptance
C. Deterrence
D. Avoidance
Answer: D
Which of the following is the primary security reason why Pete, a security administrator, should
block social networking sites in a large corporation?
A. The proxy server needs to be specially configured for all social networking sites.
B. The data traffic can cause system strain and can overwhelm the firewall rule sets.
C. The users' work productivity decreases greatly.
D. The users can unintentionally post sensitive company information.
Answer: D
Which of the following describes the importance of enacting and maintaining a clean desk policy?
A. To ensure that data is kept on encrypted network shares
B. To avoid passwords and sensitive data from being unsecured
C. To verify that users are utilizing data storage resources
D. To guarantee that users comply with local laws and regulations
Answer: B
Matt, a security technician, is using TFTP. Which of the following port numbers is used for TFTP?
A. 22
B. 69
C. 80
D. 3389
Answer: B
Which of the following systems implements a secure key distribution system that relies on
hardcopy keys intended for individual sessions?
A. Blowfish
B. PGP/GPG
C. One-time pads
D. PKI
Answer: C
Which of the following devices would Jane, a security administrator, typically use at the enclave
boundary to inspect, block, and re-route network traffic for security purposes?
A. Load balancers
B. Protocol analyzers
C. Firewalls
D. Spam filter
Answer: C
Which of the following devices is Pete, a security administrator, MOST likely to install to prevent
malicious attacks?

A. VPN concentrator
B. Firewall
C. NIDS
D. Protocol analyzer
Answer: B
Which of the following devices should Jane, a security administrator, use to allow secure remote
network access for mobile users?
A. NIDS
B. Protocol analyzer
C. SFTP
D. VPN concentrator
Answer: D
Which of the following is capable of providing the HIGHEST encryption bit strength?
A. DES
B. 3DES
C. AES
D. WPA
Answer: C
Which of the following technologies is used to verify that a file was not altered?

A. RC5
B. AES
C. DES
D. MD5
Answer: D
Which of the following, when used in conjunction with software-based encryption, enhances
platform authentication by storing unique RSA keys and providing crypto processing?
A. LDAP
B. TPM
C. Kerberos
D. Biometrics
Answer: B
The 802.11i standard specifies support for which encryption algorithms? (Choose Two)
A. AES
B. TKIP
C. ECC
D. DES
E. RSA
Answer: A, B
For which of the following is centralized key management most complicated?
A. Whole disk encryption
B. Symmetric key
C. TPM
D Asymmetric key
Answer: B
|< << < Previous x of y cards Next >|