34
Exam Questions 1. An organization is looking for a filtering solution that will help eliminate some of the recent problems it has had with viruses and worms. Which of the following best meets this requirement? A. Intrusion detection B. Malware inspection C. Load balancing D. Internet content filtering Answer B is correct. A malware inspection filter is basically a web filter applied to traffic that uses the HTTP protocol. The body of all HTTP requests and responses is inspected. Malicious content is blocked while legitimate content passes through unaltered. 2. Which risk management response is being implemented when a company purchases insurance to protect against service outage? A. Acceptance B. Avoidance C. Mitigation D. Transference Answer D is correct. The liability of risk is transferred through insurance policies 3. A collection of compromised computers running software installed by a Trojan horse or a worm is referred to as what? A. Zombie B. Botnet C. Herder D. Virus Answer B is correct. 4. Adding a token for every POST or GET request that is initiated from the browser to the server can be used to mitigate which of the following attacks? A. Buffer overflow B. Cross-site request forgery (XSRF) C. Cross-site scripting

Exam Questions 1

Tags:

Embed Size (px)

DESCRIPTION

CompTIA Security + Q&A

Citation preview

Exam Questions1. An organization is looking for a fltering solution that will help eliminate some of the recent problems it has had with viruses and worms. Which of the following best meets this requirement?A. Intrusion detectionB. Malware inspectionC. oad balancingD. Internet content flteringAnswer ! is correct. A malware inspection flter is basicall" a web flter applied to tra#c that uses the $%%& protocol. %he bod" of all $%%& requests and responses is inspected. Malicious content is blocked while legitimate content passes through unaltered.2. Which risk management response is being implemented when a compan" purchases insurance to protect against service outage?A. AcceptanceB. AvoidanceC. MitigationD. %ransferenceAnswer ' is correct. %he liabilit" of risk is transferred through insurance policies3. A collection of compromised computers running software installed b" a %ro(an horse or a worm is referred to as what?A. )ombieB. !otnetC. $erderD. *irusAnswer ! is correct.4. Adding a token for ever" &+,% or -.% request that is initiated from the browser to the server can be used to mitigate which of the following attacks?A. !u/er over0owB. 1ross2site request forger" 34,567C. 1ross2site scriptingD. Input validation errorAnswer ! is correct. In order to mitigate cross2site request forger" 34,567 attacks8 the most common solution is to add a token for ever" &+,% or -.% request that is initiated from the browser to the server.5. Which of the following is one of the biggest challenges associated with database encr"ption?A. Multi2tenanc"B. 9e" managementC. Weak authentication componentsD. &latform supportAnswer ! is correct. +ne of the biggest challenges associated with database encr"ption is ke" management.6. Which form of access control enables data owners to e:tend access rights to other logons?A. MA1B. 'A1C. 5ole2based 35!A17D. 5ule2based 35!A17Answer ! is correct. 'iscretionar" access control 3'A17 s"stems enable data owners to e:tend access rights to other logons. Mandator" access control 3MA17 s"stems require assignment of labels to e:tend access8 making answer A incorrect.7. In a decentralized ke" management s"stem8 the user is responsible for which one of the following functions?A. 1reation of the private and public ke"B. 1reation of the digital certifcateC. 1reation of the 15D. 5evocation of the digital certifcateAnswer A is correct. In a decentralized ke" s"stem8 the end user generates his or her own ke" pair. %he other functions8 such as creation of the certifcate8 158 and the revocation of the certifcate8are still handled b" the certifcate authorit"8. What is the name given to the s"stem of digital certifcates and certifcate authorities used for public ke" cr"ptograph" over networks?A. &rotocol 9e" Instructions 3&9I7B. &ublic 9e" .:tranet 3&9.7C. &rotocol 9e" Infrastructure 3&9I7D. &ublic 9e" Infrastructure 3&9I7Answer ' is correct. &ublic 9e" Infrastructure describes the trust hierarch" s"stem for implementing a secure public ke" cr"ptograph" s"stem over %1&;I& networks.9. If ,all" wants to send a secure message to Mark using public2ke" encr"ption but is not worried about sender verifcation8 what does she need in addition to her original message te:t?A. ,all"COC. >CMD. >FBAnswers A and ' are correct. I'& ports >F> and >FB are used b" ,=M&.51. Gou are implementing network access for several internal business units that work with sensitive information on a small organizational network. Which of the following would best mitigate risk associated with users improperl" accessing other segments of the network without adding additional switches?A. og anal"sisB. Access 1ontrol istsC. =etwork segmentationD. &roper *A= managementAnswer ' is correct. *A=s provide a wa" to limit broadcast tra#c in a switched network. %his creates a boundar" and8 in essence8 creates multiple8 isolated A=s on one switch.52. Gour organization is e:ploring data loss prevention solutions. %he proposed solution is a software network solution installed near the network perimeter to monitor for and 0ag polic" violations. %his solution is targeting which of the following data states?A. In motionB. At restC. In useD. At 0u:Answer A is correct. &rotection of data in motion is considered to be a network solution8 and either a hardware or software solution is installed near the network perimeter to monitor for and 0ag polic" violations.53. What is the frst step in performing a basic forensic anal"sis?A. .nsure that the evidence is acceptable in a court of lawB. Identif" the evidenceC. .:tract8 process8 and interpret the evidenceD. 'etermine how to preserve the evidenceAnswer ! is correct. It is necessar" to frst identif" the evidence thatis available to be collected.54. Which of the following is not true regarding e:piration dates of certifcates?A. 1ertifcates ma" be issued for a week.B. 1ertifcates are issued onl" at "earl" intervals.C. 1ertifcates ma" be issued for B? "ears.D. 1ertifcates must alwa"s have an e:piration date.Answer ! is correct. 'igital certifcates contain a feld indicating the date to which the certifcate is valid. %his date is mandator"8 and the validit" period can var" from a short period of time up to a number of "earsJ therefore8 answers A8 18 and ' are incorrect.55. Which of the following statements are true when discussing ph"sical securit"? 3,elect all correct answers.7A. &h"sical securit" attempts to control access to data from Internet users.B. &h"sical securit" attempts to control unwanted access to specifed areas of a building.C. &h"sical securit" attempts to control the e/ect of natural disasters on facilities and equipment.D. &h"sical securit" attempts to control internal emplo"ee access into secure areas.Answers !8 18 and ' are correct. =atural disasters8 unwanted access8 and user restrictions are all ph"sical securit" issues. &reventing Internet users from getting to data is data securit"8 not ph"sical securit"J therefore8 answer A is incorrect.56. Which t"pe of authorization provides no mechanism for unique logon identifcation?A. Anon"mousB. 9erberosC. %A1A1,D. %A1A1,PAnswer A is correct. 'uring anon"mous access8 such as requests to a public 6%& server8 unique identif" of the requester is not determined and so cannot be used for personalized logon identifcation.57. Which is the best rule2based access control constraint to protect against unauthorized access when admins are o/2dut"?A. east privilegeB. ,eparation of dutiesC. Account e:pirationD. %ime of da"Answer ' is correct. %ime of da" rules prevent administrative access requests during o/2hours when local admins and securit" professionals are not on dut".58. Which of the following protocols supports '.,8 C'.,8 51B8 and 5,AB encr"ption along with 1$A& authentication8 but was not widel" adopted?A. ,2$%%&B. ,;MIM.C. $%%&D. &&%&Answer A is correct. An alternative to $%%&, is the ,ecure $"perte:t%ransport &rotocol 3,2$%%&78 which was developed to support connectivit" for banking transactions and other secure web communications. ,2$%%& was not adopted b" the earl" web browserdevelopers 3for e:ample8 =etscape and Microsoft7 and so remains less common than the $%%&, standard. Additionall"8 ,2$%%& encr"pts individual messages so it cannot be used for *&= securit".59. A new switch has been implemented in areas where there is ver" little ph"sical access control. Which of the following would the organization implement as a method for additional checks in order to prevent unauthorized access?A. oop protectionB. 6lood guardC. Implicit den"D. &ort securit"Answer ' is correct. &ort securit" is a a"er B tra#c control feature on 1isco 1atal"st switches. It enables individual switch ports to be confgured to allow onl" a specifed number of source MA1 addresses coming in through the port.60. %here have been some sporadic connectivit" issues on the network. Which of the following is the best choice to investigate these issues?A. &rotocol anal"zerB. 1ircuit2level gatewa" logsC. ,pam flter applianceD. Web application frewall logsAnswer A is correct. &rotocol anal"zers help "ou troubleshoot network issues b" gathering packet2level information across the network. %hese applications capture packets and can conduct protocol decoding8 putting the information into readable data for anal"sis.61. Which of the following t"pes of attacks can be done b" either convincing the users to click on an $%M page the attacker has constructed or insert arbitrar" $%M in a target website that the users visit?A. !u/er over0owB. 1ross2site request forger" 34,567C. 1ross2site scripting 344,7D. Input validation errorAnswer ! is correct. %he ke" element to understanding 4,56 is that attackers are betting that users have a validated login cookie for the website alread" stored in their browsers. All the" need to do is get the browsers to make a request to the website on their behalf. %his can be done b" either convincing the users to click on an $%Mpage the attacker has constructed or inserting arbitrar" $%M in a target website that the users visit.62. Which of the following standards is used in $,Ms?A. &91, Q>>B. &91, QRC. A.,D. .6,Answer A is correct. %he &91, Q>> standard provides for access to public and private as"mmetric ke"s8 s"mmetric ke"s8 4.E?O certifcates8 and application data. &91, Q>> is the de facto standardfor platform applications8 although some newer $,Ms include more advanced authentication and authorization models.63. Which of the following algorithms is not an e:ample of a s"mmetric encr"ption algorithm?A. 5i(ndaelB. 'i#e2$ellmanC. 51FD. A.,Answer ! is correct. 'i#e2$ellman uses public and private ke"s8 so it is considered an as"mmetric encr"ption algorithm. !ecause 5i(ndael and A., are now one in the same8 the" both can be called s"mmetric encr"ption algorithmsJ therefore8 answers A and ' are incorrect.64. Which of the following best describes the process of encr"pting and decr"pting data using an as"mmetric encr"ption algorithm?A. +nl" the public ke" is used to encr"pt8 and onl" the private ke" is used to decr"pt.B. %he public ke" is used to either encr"pt or decr"pt.C. +nl" the private ke" is used to encr"pt8 and onl" the public ke" is used to decr"pt.D. %he private ke" is used to decr"pt data encr"pted with the public ke".Answer ' is correct. When encr"pting and decr"pting data using an as"mmetric encr"ption algorithm8 "ou use onl" the private ke" to decr"pt data encr"pted with the public ke".65. Which one of the following defnes A&Is for devices such as smart cards that contain cr"ptographic information?A. &91, Q>>B. &91, Q>CC. &91, QDD. &91, QBAnswer A is correct. &91, Q>>8 the 1r"ptographic %oken Interface ,tandards8 defnes an A&I named 1r"ptoki for devices holding cr"ptographic information.66. Which of the following are steps that can be taken to harden 6%& services?A. Anon"mous access to share fles of questionable or undesirable content should be limited.B. 5egular review of networks for unauthorized or rogue servers.C. %echnologies that allow d"namic updates must also include access control and authentication.D. Inauthorized zone transfers should also be restricted.Answer A is correct. Anon"mous access to share fles of questionable or undesirable content should be limited for proper 6%& server securit".67. A situation in which a program or process attempts to store more data in a temporar" data storage area than it was intended to hold is known as a what?A. !u/er over0owB. 'enial of serviceC. 'istributed denial of serviceD. ,torage overrunAnswer A is correct. A bu/er over0ow occurs when a program or process attempts to store more data in a bu/er than the bu/er was intended to hold. %he over0ow of data can 0ow over into other bu/ers overwriting or deleting data. A denial of service is a t"pe of attack in which too much tra#c is sent to a host8 preventing it from responding to legitimate tra#c. A distributed denial of service is similar8 but it is initiated through multiple hostsJ therefore8 answers ! and 1 are incorrect. Although answer ' sounds correct8 it is not.68. %.M&.,% deals with which form of environmental control?A. $*A1B. .MI shieldingC. $umidit"D. 1old2aisleAnswer ! is correct. %.M&.,% protections involve the hardening of equipment against .MI broadcast and sensitivit".69. Which of the following is included in hardening a host operatings"stem?A. A polic" for antivirus updatesB. A polic" for remote wipeC. An e#cient method to connect to remote sitesD. An e/ective s"stem for fle2level securit"Answer ' is correct. $ardening of the operating s"stem includes planning against both accidental and directed attacks8 such as the use of fault2tolerant hardware and software solutions. In addition8 it is important to implement an e/ective s"stem for fle2level securit"8including encr"pted fle support and secured fle s"stem selection that allows the proper level of access control.70. Which of the following is the preferred t"pe of encr"ption used in ,aa, platforms?A. Application levelB. 'atabase levelC. Media levelD. $,M levelAnswer A is correct. In an ,aa, environment8 application2level encr"ption is preferred because the data is encr"pted b" the application before being stored in the database or fle s"stem. %he advantage is that it protects the data from the user all the wa" to storage.71. ,everal organizational users are e:periencing network and Internet connectivit" issues. Which of the following would be most helpful in troubleshooting where the connectivit" problems might e:ist?A. ,,B. I&secC. ,=M&D. %racerouteAnswer ' is correct. %raceroute uses an I1M& echo request packet to fnd the path between two addresses.72. An organization has an access control list implemented on the border router8 but it appears that unauthorized tra#c is still being accepted. Which of the following would the organization implement to improve the blocking of unauthorized tra#c?A. oop protectionB. 6lood guardC. Implicit den"D. &ort securit"Answer 1 is correct. Implicit den" is an access control practice wherein resource availabilit" is restricted to onl" those logons e:plicitl" granted access.73. An asset is valued at S>B8???J the threat e:posure factor of a risk a/ecting that asset is BE@J and the annualized rate of occurrence is E?@. What is the ,.?A. S>8E??B. SC8???C. SD8???D. SF8???Answer ! is correct. %he single loss e:pectanc" 3,.7 is the product of the value 3S>B8???7 and the threat e:posure 3.BE7 or SC8???.74. Which form of fre suppression functions best in an Alaskan fre of burning metals?A. 'r"2pipe sprinklerB. Wet2pipe sprinklerC. 1arbon dio:ideD. 'r" powderAnswer ' is correct. 1ombustible metal fres 31lass '7 require sodium chloride and copper2based dr" powder e:tinguishers. Although dr"2pipe would be preferable to wet2pipe sprinklers in regions that e:perience ver" low temperatures such as Alaska8 water is onl" appropriate for wood8 paper8 and trash fres31lass A78 making answers A and ! incorrect75. While performing regular securit" audits8 "ou suspect that "our compan" is under attack and someone is attempting to use resources on "our network. %he I& addresses in the log fles belong to a trusted partner compan"8 however. Assuming an attack8 which of the following might be occurring?A. 5epla"B. AuthorizationC. ,ocial engineeringD. ,poofngAnswer ' is correct. %he most likel" answer is spoofng because thisenables an attacker to misrepresent the source of the requests.76. Which mandator" access control label is appropriate for generall" available data?A. A=+=GM+I,B. &I!I1C. ,.=,I%I*.D. ,.15.%Answer ! is correct. %he &I!I1 label can be applied to generall" available data within MA1 access control environments77. After a new switch was implemented8 some sporadic connectivit" issues on the network have occurred. %he issues are suspected to be device related. Which of the following would the organization implement as a method for additional checks in order to prevent issues?A. oop protectionB. 6lood guardC. Implicit den"D. &ort securit"Answer A is correct. %he loop guard feature makes additional checksin a"er B switched networks.78. Which of the following is an e:ample of a false negative result?A. An authorized user is granted access to a resource.B. An unauthorized user is granted access to a resource.C. An authorized user is refused access to a resource.D. An unauthorized user is refused access to a resource.Answer 1 is correct. A false negative result involves access refusal for an authorized user8 which makes answer ' incorrect. Answers A and ! are incorrect because the" represent granted resource access.79. Which of the following is the best choice for encr"pting large amounts of data?A. As"mmetric encr"ptionB. ,"mmetric encr"ptionC. .lliptical curve encr"ptionD. 5,A encr"ptionAnswer ! is correct. &ublic ke" encr"ption is not usuall" used to encr"pt large amounts of data8 but it does provide an e/ective and e#cient means of sending a secret ke" from which to do s"mmetric encr"ption thereafter8 which provides the best method for e#cientl"encr"pting large amounts of data.80. Gou want to be sure that the 6%& ports that are required for a contract worker


Exam 1 review questions anatomy

Exam 1 review questions anatomy

Health & Medicine
4.10, 4.11 Exam Questions (1)

4.10, 4.11 Exam Questions (1)

Documents
Exam Study Questions (1)

Exam Study Questions (1)

Documents
Exam Questions from Exam 1 – Basic Genetic Tests, Setting up and

Exam Questions from Exam 1 – Basic Genetic Tests, Setting up and

Documents
SAMPLE - cookeschool.com · Review Exam 1 Questions 414 Review Exam 1 Answers 423 Review Exam 2 Questions 428 Review Exam 2 Answers 436 Review Exam 3 Questions 441 Review Exam 3 Answers

SAMPLE - cookeschool.com · Review Exam 1 Questions 414 Review Exam 1 Answers 423 Review Exam 2 Questions 428 Review Exam 2 Answers 436 Review Exam 3 Questions 441 Review Exam 3 Answers

Documents
Practice Exam 1 Solutions Concept Questions: Briefly ... · Practice Exam 1 Solutions Concept Questions: Briefly answer the following questions. 1. When a car accelerates forward,

Practice Exam 1 Solutions Concept Questions: Briefly ... · Practice Exam 1 Solutions Concept Questions: Briefly answer the following questions. 1. When a car accelerates forward,

Documents
Possible Exam 1 Questions - Forensics

Possible Exam 1 Questions - Forensics

Documents
Unit 1 Section A exam questions

Unit 1 Section A exam questions

Education
COMPTIA MB0-001 EXAM QUESTIONS & ANSWERS...COMPTIA MB0-001 EXAM QUESTIONS & ANSWERS Exam Name: CompTIA Mobility+ Certification Exam. Passguide QUESTION 1 ... B. Application certificate

COMPTIA MB0-001 EXAM QUESTIONS & ANSWERS...COMPTIA MB0-001 EXAM QUESTIONS & ANSWERS Exam Name: CompTIA Mobility+ Certification Exam. Passguide QUESTION 1 ... B. Application certificate

Documents
COMPTIA HIT-001 EXAM QUESTIONS & ANSWERS · COMPTIA HIT-001 EXAM QUESTIONS & ANSWERS Exam Name: CompTIA Healthcare IT Technician Exam. Exam A QUESTION 1

COMPTIA HIT-001 EXAM QUESTIONS & ANSWERS · COMPTIA HIT-001 EXAM QUESTIONS & ANSWERS Exam Name: CompTIA Healthcare IT Technician Exam. Exam A QUESTION 1

Documents
EXAM 1 Clicker Questions

EXAM 1 Clicker Questions

Documents
Unit 1 Exam Questions – Section A

Unit 1 Exam Questions – Section A

Education
AP 1 st Semester Exam Review Questions, Questions, and Questions

AP 1 st Semester Exam Review Questions, Questions, and Questions

Documents
Sample Questions for Hour Exam 1

Sample Questions for Hour Exam 1

Documents
CIA Model Exam Questions Part 1

CIA Model Exam Questions Part 1

Documents
Exam Questions - Section 1-3

Exam Questions - Section 1-3

Documents
Exam Questions-Section 1

Exam Questions-Section 1

Documents
EXAM FM SAMPLE QUESTIONS - MEMBER | SOA · 2014. 10. 1. · EXAM FM FINANCIAL MATHEMATICS EXAM FM SAMPLE QUESTIONS Financial Economics June 2014 changes Questions 1-30 are from the

EXAM FM SAMPLE QUESTIONS - MEMBER | SOA · 2014. 10. 1. · EXAM FM FINANCIAL MATHEMATICS EXAM FM SAMPLE QUESTIONS Financial Economics June 2014 changes Questions 1-30 are from the

Documents
Exam 1 (Questions only)

Exam 1 (Questions only)

Documents
Practice Exam Questions Physics Section 1—Questions

Practice Exam Questions Physics Section 1—Questions

Documents
COMPTIA JK0-017 EXAM QUESTIONS & ANSWERS JK0-017 EXAM QUESTIONS & ANSWERS Exam Name: CompTIA E2C Project+ Certification Exam Examsoon QUESTION 1 A. project.manager.is.completing.a.project.schedule.network.diagram.using.dummy

COMPTIA JK0-017 EXAM QUESTIONS & ANSWERS JK0-017 EXAM QUESTIONS & ANSWERS Exam Name: CompTIA E2C Project+ Certification Exam Examsoon QUESTION 1 A. project.manager.is.completing.a.project.schedule.network.diagram.using.dummy

Documents
Paper 2 Mixed Exam Questions - standishchs.wigan.sch.uk€¦ · Paper 2 Mixed Exam Questions. Mixed Exam questions 1000bytes = 1 kilobyte or 1024 . A rile contains 5120 bytes. Calculate

Paper 2 Mixed Exam Questions - standishchs.wigan.sch.uk€¦ · Paper 2 Mixed Exam Questions. Mixed Exam questions 1000bytes = 1 kilobyte or 1024 . A rile contains 5120 bytes. Calculate

Documents
Microsoft 70-411 Exam Questions & Answers 70-411 Exam Questions & Answers Exam Name: Administering Windows Server 2012. Exam A QUESTION 1 Your network …

Microsoft 70-411 Exam Questions & Answers 70-411 Exam Questions & Answers Exam Name: Administering Windows Server 2012. Exam A QUESTION 1 Your network …

Documents
Exam P/1 Sample Questions

Exam P/1 Sample Questions

Documents
Module 1 -Past exam questions CORE

Module 1 -Past exam questions CORE

Documents
PRS questions (before exam 1) - Department of Astronomytripp/a101fall08/exam1_prs.pdf1 PRS questions (before exam 1) Note: PRS questions from the last lecture before the exam will

PRS questions (before exam 1) - Department of Astronomytripp/a101fall08/exam1_prs.pdf1 PRS questions (before exam 1) Note: PRS questions from the last lecture before the exam will

Documents
PMP Exam Sample Questions Set 1

PMP Exam Sample Questions Set 1

Documents
Answer questions 1 - 3 in exam book 1, questions 4 – 6 in

Answer questions 1 - 3 in exam book 1, questions 4 – 6 in

Documents
AQA Biology Unit 1 Exam Questions

AQA Biology Unit 1 Exam Questions

Education
1 Exam Prep Trane Reciprocating Refrigeration Questions ... · 1 Exam Prep – Trane Reciprocating Refrigeration 1 1 Exam Prep Trane Reciprocating Refrigeration Questions and Answers

1 Exam Prep Trane Reciprocating Refrigeration Questions ... · 1 Exam Prep – Trane Reciprocating Refrigeration 1 1 Exam Prep Trane Reciprocating Refrigeration Questions and Answers

Documents