Bookmark and Share

Front Back
When considering security what is the major drawback of implementing physical tokens?
Mass distribution of such devices is costly.
How would you prevent users from accessing sensitive company data during non-business hours?
By setting time of day restrictions.
You are the network administrator responsible for selecting the access control method that will be used for a new kiosk system to be used in a local museum. The museum\'s donors want to have full access to information about all items, but visitors should have access only to those items on current display. Which forms of access control are most appropriate to this requirement? (choose all that apply.)
Role-based access control,  Mandatory access control
What determines what a user can view and alter?
Access control
Which of the following best describes identity proofing?
Organizational process that binds users to authentication methods.
When you organize security groups and define rights/privileges, the rules should be defined in which of the following ways?
Rules are made by management, configured b the administrators, and enforced by the operating system.
You have decided to use the Terminal Access Controller Access Control System (TACACS) standard for dial-up authentication. Which of the following capabilities will be provided by this service?
Encrypted forwarding.
Which of the following is a type of access control that provides access rights assigned to roles and then accounts assigned to these roles?
At which layer of the OSI model does the Internet Protocol Security protocol function?
Network Layer
With the Discretionary access control model, the most common implementation is through:
Access control lists
Sustained high levels of processor usage could mean that:
There is a serious application error. Your CPU needs to be upgraded.
Anomaly-based monitoring is useful for detecting which types of attacks? (Choose all that apply)
New exploits or buffer overflow attacks. DoS attacks based on payloads or volume Normal network failures Protocol and port exploitation
On Linux, BIND based DNS uses which daemon for logging?
Which of the following are examples of suspicious activity? (Choose all that apply.)
Multiple connections that are in a half-open state. A log report that indicates multiple login failures on a single account.
You suspect that there are problems with your DNS server. No one seems to be able to contact intranet hosts using DNS names. However, the intranet can be contacted by IP address. You\'re not exactly sure where the problem lies. You go to a workstation, open a DOS prompt, and enter which of the following commands?
On Windows, you may restrict disk usage through which of the following facilities?
Disk quota
You have installed a custom monitoring service on the webserver that reviews web service logs to watch for the URL\'s used by the Code Red worm to propagate itself. When this custom service detects an attack, it raises an alert via email. Which of the following types of IDS is this solution? (Choose all that apply.)
Host-based IDS,  Knowledge-based IDS
To monitor the health of all systems, agents are installed on the machines, and then the agents are monitored from a central location. This is an implementation of which of the following?
What is the name given to the activity that consists of collecting information that will later be used for monitoring and review purposes?
You are tracking SNMP traffic. Which of the following prots would you monitor? (Choose all that apply.)
162 161
Which of the following kinds of attack aim at exploiting flaws in human logic?
Social engineering.
In the context of computer forensics, possible dangers to digital evidence may include: (Choose all that apply.)
Electromagnetic damage ,  Booby traps,  Viruses
Classification of corporate information should be based on: (Choose all that apply.)
Business risk Data value
Which of the following is a type of site similar to the original site in that it has all the equipment fully configured, has up-to-date data, and can become operational with minimal delay?
Hot site
Which of the following is a well-grounded metal structure used to protect a large quantity of equipment from electronic eavesdropping?
Faraday cage
Redundancy planning includes which of the following? (Choose all that apply.)
UPS placement RAID
Phishing often takes place in the form of:
Which of the following levels of RAID do Windows servers support? (Choose all that apply.)
RAID 1,  RAID 0,  RAID 5
Which of the following is a formal set of statements that defines how systems or network resources can be used?
Of the following, which are the characteristics of a cold site?
Requires setup time and Company needs to bring it's own equipment.
On a Windows network, you may use what feature to restrict users and enforce limitations?
Group Policy
Which one of the following best represents the principle of least privilege?
Requiring that a user be given no more privilege than necessary to perform a job
Which of the following are commonly deployed fro warning protective services personnel that physical security measures are being violated?
Detective physical controls
What are the pros and cons of single sign-on (SSO)? (Choose all that apply.)
It aims at improving user experience. It aims at reducing human error.
Which standard prot will be used to establish a web connection using the 40-bit RC4 encryption protocol?
Which of the following criteria is not a common criterion to authenticate a valid access request?
Where you log on.
Which of the following correctly describe the use of CHAP and MS CHAP for authentication? (Choose all that apply.)
MS-CHAP is mainly for older MS compatible clients. CHAP is an old standard no longer commonly in use.
With door access systems, what is commonly used for unlocking doors?
Magnetic card keys
You are having problems with your email server. No one seems to be receiving any email. You\'re not exactly sure where the problem lies. You go to a workstation, open a DOS prompt, and enter which of the following commands?
Which of the following are advantages of behavior-based monitoring? (Choose all that apply.)
Can learn about malware based on previous detection. Can identify malware before it's added to signature files. Can monitor for malware activities.
A denial-of-service attack is being waged against the company\'s webserver using a large external botnet. Which of the following IDS solutions could enhance the attack\'s effect?
When defining storage and retention policies, which of the following guidelines should you follow? (Choose all that apply.)
Files no longer in use should be properly archived. Junk files should be removed from the file systems as early as possible.
Which of the following must be performed when reviewing group policies on a regular basis?
Privileges granted to groups and their corresponding membership must be carefully reviewed.
You suspect one of your servers may have succumbed to a SYN flood attack. Which one of the following tools might you consider using to help confirm your suspicions?
You have configured your web server to use windows partitions and the Microsoft System Update Service (SUS) to regularly apply new hotfixes and patches. Which of the follow forms of hardening is specified in this solution?
Operating system.
What does SAINT stand for?
Security Administrator's Integrated Network Tool.
Which of the following security policies would require users to take mandatory vacations?
Separation of duties.
Which of the following best describes the objective of a service-level agreement (SLA)?
Contracts with suppliers that detail levels of support that must be provided.
A Physical security plan should include which of the following? (Choose all that apply.)
The threats from which you are protecting against and their likelihood. Description of the physical assets being protected. Description of the physical areas where assets are located.
Which of the following tells how the evidence made it from the crime scene to the courtroom, including documentation of how the evidence was collected, preserved, and analyzed?
Chain of custody
x of y cards Next > >> >|