Which type of IDS is more ambitious and informative than the other types?
HIDS
The U.S. National Institute of Standard and Technology (NIST) specifies three types of security controls. These controls are important in the federal information systems certification and accreditation process?
Management, operational, technical
An authoritative DNS server must transfer zone data to six secondary DNS servers. What configuration provides the best security?
Allow zone transfer to specific IPs
You need to restrict the Web sites that network users can visit. Users connect to the Internet through a perimeter network. What should you do?
internet content filter
You are part of an incident response team. You change the passwords relating to all affected systems. You also back up the affected systems. These are exampes of which part of the incident handling procedure?
Containment
In which type of PKI model do trusted parties issue certificate to each other?
Web of trust
What is the defining charateristic of a trusted operating system?
Data cannot be altered or moved, access rights are required to view data.
You need to prevent access to servers on subnet based on the IP address of the source and the port being used. Your network uses dedicated router devices throughout the network. You need to minimize the network changes necessary to configure the solution
Define an ACL on the router to the subnet
What is a limitation of using a CRL to determine whether or not a certificate is valid?
not real time
You need to encrypt the contents of a USB flashdrive. Which type of encryption should you use?
AES
You have a server that hosts several different XML Web services. You need to install a device that can mitigate the risk of the Web server being attacked through data sent in a request. What should you use?
Web application firewall
You are responsible for implementing a Data Loss Prevention (DLP) solution for your organization. You need to control access to secure data files and prevent unauthorized users from viewing file content. Data should be protected whether it is directly acc
RMS (rights management service)
You are deploying an application server on your network that will require a higher level of defense against potential software threats than other servers on your network. You want the server to actively defend itself against active attacks and potential m
HIPS (host-based intrusion prevention system)
Your business uses instant messaging to enable technical support personnel to communicate easily with customers. What should you do to secure technical support computers against potential instant messaging security risks?
Install antivirus
You are preparing to perform vulnerability analysis on a network. Which tools require a computer with a network adapter that can be placed in promiscuous mode? (Pick two)
Vulnerability scanner, Port scanner
You want to be able to identify changes in activity in critical Windows servers that might identify attempts to compromise the server or its data. You have installed antivirus software on the server and have locked down server configurations. What should
establish a performance baseline for each server
What entity within a PKI is able to provide digital keys to an authorized third party?
Key Escrow
Which statement best describes hashing?
variable length input to fixed length string
You are deploying a corporate telephony solution. The network includes several branch offices in remote geographical locations. You need to provide VoIP support among all office locations. You need to design a network infrustructure to support communicati
Configure a DMZ in each office
Which of the following is designed to perform one-way encryption?
SHA
AES
RSA
DES
SHA
Which key is used to encrypt data in an asymmetric encryption system?
recipient's public key
Why should you require the sender to digitally sign sensitive e-mail message? (Pick two)
non-repudiation, validation
What hash algorithm is used by common implementations of CHAP?
MD5
What is the most reliable method for recovering a secure user account?
Restore from backup
What can you use to reveal both known and unknown attacks without affecting normal operations?
firewall log analysis
You are configuring antispam software for network computers. What should you have antispam software do when it identifies an e-mail as spam?
send to a seperate folder
You want to ensure that your network mail system is designed to minimize the risk that an outside attacker could use your mail system to send malicious e-mails. Your mail system includes several mail clients and an SMTP mail server. What should you do?
Disable open relays (at the SMTP server)
A computer configured as a router protects your network from the Internet. You discover that the router has been reconfigured. How might an attacker have gained access to the router? (Pick two)
default account, rootkit
You are deploying an application server on your network. You need to control the types of traffic into and out of the server. You want to keep the effort and network changes necessary to implement and manage this to a minimum. What should you do?
host based firewall
What type of IDS reports possible attacks when it detects conditions that match the conditions contained in a database of attacks?
Signature based
Client computers on a network use POP3 over SSL to received e-mail. The e-mail service uses standard port assignment. What port on the Internet face of the firewall should allow inbound packets?
995
Which type of report is most useful in predicting the possibility of an event occurring for security planning purposes?
Trend report
Which ports do you need to allow on an Internet-facing firewall that uses NAT-T to support an L2TP/IPSec VPN connection?
ID 50, UDP 500, UDP 4500
Users occasionally need to take files with them to remote locations. You need to minimize the risk that the data might be comprised. Employees are required to provide their own devices. You want to keep the cost incurred by the employess to a minimum. Wha
Require data encryption
Which component of PKI is necessary for a CA to know whether to accept or reject certificates from another CA? (Pick two)
RA, CRL
A set of switches is used to implement a VLAN. Where should you enable loop protection?
On all ports
Your boss is concerned that an administrator might accidently introduce a security vulnerability when installing a new server. What can you use to mitigate the risk?
Change management
When is it appropriate to use vulnerability scanning to identify potential holes in a security design?
identify known security risks and actions
What can be used to prevent external electrical fields from effecting sensitive equipment?
Faraday cage
What vulnerability is created by establishing a network bridge between DSL connection to the Internet and an Ethernet connection to the LAN?
Users on the Internet can access files on the LAN
What is used to provide secure communication over a L2TP VPN connection?
IPSec
Which DNS record is used to identify an IPv6 host?
AAAA
The basic formula for calculating ALE uses what two values?
ARO, SLE (The number of times you can expect a risk to occur during a year. Revenue loss from a single risk occurrence.)
What can be done to prevent cookie poisoning?
Encrypt cookies before transmission
You are configuring a host firewall. You need to prevent files from being updated or downloaded in clear text. Which ports should you block?
20, 21, 69
What entity within PKI verifies user requests for digital certificates?
RA (Registration Authority)
Describe an SSL and TLS connection?
client and server negotiate the algorithms that will be used
What does IPSec use to determine when to create a new set of keys?
ISAKMP (Internet Security Association and Key Management Protocol)
A solution vendor bills customers for access to a three-tier application based on usage. The application is deployed in the vendor's data center as sets of clustered virtual machines. Which type of network design element is exemplified?
IaaS (Infrastructure as a service)
What does an implicit deny on an ACL do?
denies any traffic not specifically allowed
Engineering department computers are deployed on a screened subnet. You need to protect the computers against malware attacks. What should you do?
HIDS (Install a HIDS on each of the department's computers.)
You are looking for a method to manage access to a secure area. You want to allow entry through a locked gate automatically and track individuals going into and out of the area. Which method should you use?
Proximity reader
What allows you to configure NAT tables that allow computers on the Internet to initiate connections to hosts on an internal network with private IP address?
Static NAT
You are investigating some malware that has infected a server in your company. You make a digital copy of the hard drive that you can analyze. You place the original drive in a secure cabinet. What aspect of incident response does this illustrate?
Chain of custody
You are deploying a network for a small project group. Each group member should be responsible for securing access to his or her own computer's resource. What access control model should you use?
DAC
You discover attempts to comprise your Web site. The attacks are based on commands sent from authenticated users' Web browser to the Web site. The commands execute at the user's permission level. Users who have been contacted had no idea that the commands
XSRF (Cross-site request forgery or CSRF)
For what purpose would you install voice encryption on a mobile computer?
support secure VoIP
Your network is configured as a Windows Server 2008 Active Directory domain. The network includes two file servers FS0 and FS1. Folders from both file servers are shared to the network. You need to configure the same access permissions for 20 domain users
Create one domain security group
What are the dangers of virus hoaxes? (Pick two)
spread, malicious instructions (Users spread them by forwarding them and overburden e-mail systems. Also, the message includes instructions to do something damaging)
Which IPSec protocol provides confidentiality?
ESP (Encapsulating Security Payload, also provides integrity)
You have a server that hosts several different XML Web services. You need to install a device that can mitigate the risk of the Web server being attacked through data sent in a request. What should you use?
Web application firewall
You are designing a solution to protect your network from Internet-based attacks. You need to provide:
* Pre-admission security checks
* Automated remediation
The solution should integrate existing network infrastructure devices. What should you do?
Implement NAC
Your network has servers that are configured as member servers in a Windows Active Directory domain. You need to minimize the risk of unauthorized persons logging on locally to the servers. The solution should have minimal impact on local management and a
Rename default accounts, require strong passwords
Your network connects to the Internet through a single firewall. The internal network is configured as a single subnet. You need to deploy a public Web server to provide product information to your customers. What should you do?
Configure a DMZ and deploy the Web server on the DMZ
You are determining environmental control requirements for a data center that will contain several computers? What is the role of an HVAC system in this environment? (Choose two.)
isolation in case of a fire, humidity levels
What can you prevent when you deploy wireless devices inside a TEMPEST-certified building?
War driving
When should a company perform a qualitative risk assessment?
limited time or budget
Inserting invalid information into a name resolution server's database is known as what? (Choose two)
DNS poisoning, DNS spoofing
You created a mirror image of the data needed for forensic investigation. You need to be able to quickly determine if your investigative procedures cause the data to change. What should you use to determine this?
Hashes
What type of malware is often used to facilitate using unsuspecting users' computers to launch DDoS attacks?
Trojan
You suspect an attacker is sending damaged packets into your network as a way to compromise your firewall. You need to collect as much information about network traffic as possible. What should you use?
Protocol analyzer
Your Web site has been the repeated target of cross-site request forgery (XSRF) attacks. You want to try to prevent these from occurring. What should you do?
user specific token for form submissions
What access control method is most commonly used to control access to resources in a peer-to-peer network?
ACL
Which wireless authentication protocol is vulnerable to password cracking?
LEAP (Lightweight Extensible Authentication Protocol)
SSL is used to provide encryption for which communication protocol?
HTTP
Which is a set of rules that defines which connections to a network are accepted or rejected?
Remote access policy
What computer network authentication protocol is designed to ensure mutual authentication?
Kerberos
Making sure that proper procedures are followed during an investigation during a security incident and that the rights of the suspect are respected is known as:
Due process
You are developing a Web application that will be accessible to the public. Users will be entering data that will be visible to other users. You want to design the application to minimize the possibility of cross-site scripting (XSS). What should you do?
implement user input filters
What kind of encryption method can be implemented at the Network layer (3) of the OSI model?
IPSec
What are the minimum requirements for implementing TLS on a Web site?
PKI certificate must be installed on the server
What type of data loss prevention system is most susceptible to a cold boot attack?
Full disk encryption
You suspect an attempted attack against a data server running Microsoft Windows. You need to monitor real-time performance to compare it to the baseline data you collected when the server was deployed. What should you use?
Performance monitor
You need to ensure that Active Directory domain user Alice does not have read access to the folder named Graphics. The Graphics folder is shared to the network from the server named FS0. The disk partition on which Graphics is located is formatted as NTFS
Deny read access to the folder through local access security
Which wireless protocol uses the pre-shared key (PSK) to encrypt data?
WEP
What should you do to ensure that messages between an SNMP management station and SNMP agents are encrypted?
Create IPSec filters for ports 161 and 162
Which wireless protocol provides data confidentiality and integrity using AES?
CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol)
A HIDS that recognizes possible attacks by monitoring attempts to make unauthorized changes to files is an example of what kind of monitoring methodology?
Behavior based
An attacker exploits a valid session to gain access to a secure network computer. This is an example of what type of attack?
TCP/IP hijacking
You plan to use Windows BitLocker to Go to automatically encrypt a USB flash drive. You want to be able to retrieve the encrypted data from any laptop computer. What should you do?
Use A Password To Unlock This Drive
What is the most accurate form of biometric authentication in common use?
Retinal scan
What should be performed during software development and after software release?
Code Review
Which type of attacks works by modifying the data contained in IP packets?
Header Manipulation
Fault tolerant design that includes data backups and duplicate hardware is an example of:
Operational continuity planning
Which security goal is compromised by a DDoS attack?
Availability
When should you perform a penetration test on your network?
assess detection and alert effectiveness
What is the security risk inherent in dedicated routers?
default user accounts
What is fuzzing?
test vulnerabilities using random user input (in applications and noting the crashes and failures)
How do you prevent attacks from buffer overflows?
user input validation (to prevent script injection.)
What is change management?
Approve hardware and software changes to not reduce network performance, security, or increase cost without reason
What type of encryption should you use to encrypt a USB flash drive?
AES
What hash algorithm is used for passwords over 14 characters long?
MD5
What is the best environment for testing software for malware in terms of risk and effort to recover the system?
Virtual
What is designed to perform one-way encryption?
SHA
What is an HSM?
Hardware Security Module (a hardware device that can manage and maintain cryptographic keys)
Explain the formula for ALE (Annualized Loss Expectancy)
ALE = SLE x ARO (Revenue loss from a single occurrence x the number of times you expect a risk to occur during the year)
What environmental control is part of TEMPEST compliance?
Shielding
What type of attack can input filters prevent?
XSS (cross-site scripting)
What key encrypts data in an asymmetric encryption system?
Receipient's public key
What is required to implement WPA-Enterprise wireless security?
RADIUS server
True or false? Diffie-Hellman relies on public and private keys for encryption and decryption.
True
True or false? Symmetric keys are the easiest to centrally manage.
False (they are the hardest)
When reviewing access to network file servers, which permissions should you check first?
Effective permissions
What type of data security allows for control of data whether it is accessed inside or outside of the network?
RMS (Rights Management Service)
What algorithm can be used to authenticate a plain-text message?
RIPEMD (RACE Integrity Primitives Evaluation Message Digest)
What does it mean if a computer is listening on port 80?
running server software.
What is the strictest access control model?
MAC (Mandatory Access Control)
What authentication protocol provides access to directory server services?
LDAP (Lightweight Directory Access Protocol)
What protocol is used to encrypt e-mail messages for transmission and delivery?
S/MIME (Secure/Multipurpose Internet Mail Extensions)
The process of hiding a "secret" message inside an ordinary message or file is known as what?
Steganography
What is the function of a Common access card?
IdenAcceSignEncrPhys (To provide personal identification, computer and network access, email digital signing and encryption, and to control physical access through one specialized smart card)
How can you reduce shell injection privelage escalation attacks on a server application?
run the application with minimum permissions
In Kerberos, what does the client computer present as authentication to the server that contains a resource?
session ticket
What is a trusted OS?
data cannot be altered or moved, access rights are required to view data
In what situation is a key escrow arrangment used?
provide decryption keys to a third party as needed
What firewall ports are used to transmit clear text data?
20, 21, 69
How should you test a network's ability to detect and respond to a DoS attack against applications running on web servers?
penetration testing
What security does digitally signing email addresses provide? (2)
validation, non-repudiation (informs if a document has been changed after signing)
What is the best way to mitigate attacks through elevating a standard user account?
auditing failed and successful account management events
What IPSec protocol provides confidentiallity?
ESP (Encapsulating Security Payload)
What open-source tool scans for general network security issues?
Nessus
What does a flood guard do?
Prevent DoS (A feature available on some firewalls that helps mitigate DoS attacks by preventing floods of login requests.)
What is a hybrid cloud?
Hybrid clouds combine features of public and private clouds but can expose host computers to users outside your organization.
User ID and password is an example of what type of authentication?
Single factor
What is the best way to determine if users are selecting strong passwords?
password cracker
What is the best way to prevent cross-site request forgery (XSRF) attacks?
secure user specific tokens for form submissions
What is the Web of Trust model?
PKI model where trusted parties issue certificates to each other
What access control method is most commonly used to control access to resources in a peer-to-peer network?
ACLs (Access control list)
What does a protocol analyzer do?
Collect traffic from the network and provide usage statistics
How should you configure your ports to secure IMAP connections?
Allow 993, deny 143
Smart card access control relies on what kind of access control method?
Logical token
What is a registration authority (RA)?
Verifies user requests (for digital certificates in a PKI system)
What does LDAP use to provide security?
TLS (Transport Layer Security)
Standard antivirus programs use what kind of monitoring methodology?
Signature based
What is Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)?
encryption that uses AES on WPA2 (networks to provide confidentiality and message integrity)
What data security system is most vulnerable to cold boot attacks?
Full disk encryption
What is port 995 used for?
POP3 over SSL
What is Secure Hash Algorithm used for?
One way encryption
What is ideally used to encrypt the contents of a USB flash drive?
AES
What is the risk of using Halon fire suppression?
harm or kill employees
Describe discretionary access control (DAC).
User have control over access to data and hardware
Describe mandatory access control (MAC).
A hierarchical access model managed by administrators
How can you prevent access to servers on a subnet based on the IP address of the source and port being used while minimizing the changes necessary to the network?
Define an ACL on the router to the subnet
What does an inline all-in-one security device do?
deep packet inspection and malware scanning of incoming email (can also be a single point of failure to a network)
What does IPSec use to determine when to create a new set of keys?
ISAKMP (Internet Security Association and Key Management Protocol)
What is ARP poisining?
redirect an IP to another MAC (An attack where someone with access to a network redirects an IP address to the MAC address of a computer that is not the intended recipient)
What is a Web security gateway?
Analyzes packets to mitigate downloading of malware
What type of testing should you use to determine ways your network might be attacked by a malicious insider with detailed knowledge of your infrastructure?
White box
What is an RTO
Recovery Time Objective (the length of time within normal business operations can be restored following a disturbance)
What protocol allows you to securely manage remote Linux computers?
SSH
What are the three components of CIA?
Confidentiality, Integrity, Availability
What is RADIUS vulnerable to?
Buffer overflow attacks
Describe the two components of IPSec
AH, ESP (Authentication Head: provides authentication and integrity; Encapsulating Security Payload: encrypts payload)
What two types of encryption are used in smartcards?
MD5, RSA
How many keys are required for a symmetric cryptosystem?
one to encrypt and decrypt
When is vulnerability scanning used?
passively scan for issues without testing ability to identify or respond
True or false? Penetration testing is a simulated attack on a network.
True
What can you use to determine if a newly developed software has any security issues relating to the operating system, network services or development code?
malware scan
What is a practical application of a content filter?
scan outgoing email for credit card numbers or SSNs to block or quarantine
Describe how M of N works to recover a private key.
set number of key operators, certain required to recover
What is TFTP commonly used for?
boot loader (TFTP is commonly used as a boot loader to boot devices over a network, ie to allow a machine to bring down an image remotely)
What should you do after researching and documenting your disaster recovery plan?
Test
What is the difference between quantitative and qualitative risk assessment?
Quantitative is strictly a dollar value assessment of loss, qualitative calculates intangible costs
What is the advantage and disadvantage of using a differential backup?
To restore, you only need the most recent full back up and differential backup, however these types of backups take more time and require more storage media
What must be performed on a regular basis to ensure the validity and integrity of your backup system?
Periodic testing
In a key escrow scheme, what key is sent to the third party for storage?
encryption key (to decrypt a private key file)
What is used to enforce rule-based access control?
ACLs
What is most effective in preventing brute-force password hacking?
Limited log on attempts
What would be a real-world application of LDAP?
To set up a single sign on authentication system for a large enterprise network
What web security device could a company install to prevent users from downloading inappropriate content?
web security gateway
What port does SSH use?
22
What portS does DNS use?
TCP 53, UDP 53
What is the encrypted version of FTP?
SFTP
Which WPA standard requires a passphrase before being granted access to the wireless network?
PSK (Pre shared key)
Which of the following access control models uses subject and object labels?
MAC (Mandatory Access control)
Which of the following access decisions are based on a Mandatory Access Control (MAC) environment?
sensitivity labels
Employees in HR need access to personel info, ops employees need access to production data, which of the following access control models would be MOST appropriate?
Role Based Access Control (RBAC)
Which of the following access control models would be MOST compatible with the concept of least privilege?
MAC (Mandatory Access control)
L2TP tunneling relies on what for security?
IPSec
Which of the following could cause communication errors with an IPSec VPN tunnel because of changes made to the IP header?
NAT
A company wants a VLAN, and thinks it will be secure because it's using MAC addressing and that DTP will facilitate network efficiency. What issues should be discussed?
MAC addresses can be spoofed, rogue devices can configure ports
Which of the following types of IDS uses known patterns to detect malicious activity?
signature based
Which 2 ports are typically used by email clients?
143, 110
All of the following types of attacks can be detected by an IDS EXCEPT:
spoofed email
Access control based on security labels associated with each data item and each user are known as...
MAC (Mandatory Access control)
How many security associations are there in an IPSec encrypted session for each direction?
one
Which of the following would be achieved by using encryption? (three)
non-repudiation, confidentiality, and integrity
To preserve evidence for later user in court, which of the following needs to be documented?
chain of custody
Which of the following remote access processes is best described as matching user supplied credentials with those previously stored on a host server?
Authentication
Which (3) security services are provided by digital signatures?
Integrity, authentication, non-repudiation
Which of the following is often misused by spyware to collect and report a user's activities?
tracking cookie
Which of the following daemons is MOST likely to be the cause if an unauthorized user obtains a copy of a Linux system's /etc/passwd file?
FTP configured to allow anonymous user access.
What # protocol is used by Encapsulating Security Payload (ESP) in IPSec?
50
IPSec works at which of the following layers of the TCP/IP model?
3 Network
Which of the following would be the MOST common method for attackers to spoof email?
Open relays
Which of the following would be considered a detrimental effect of a virus hoax? (two)
Technical support resources are consumed by increased user calls, and users are tricked into changing the system configuration
The process of predicting threats and vulnerabilities to asses is known as threat...
modeling
Which of the following sequence of steps would be contained in a computer response policy?
PreDeAnConErRePo (Preparation, detection and analysis, containment, eradication and recovery, post-incident activity)
Nmap has been run against a server and more open ports than expected have been discovered. Which of the following would be the FIRST step to take?
Examine the process using the ports
An employee gets a call from a knowledgeable person who knows everything about the company, is listed in the directory, and claims there is an emergency? What should be done?
Follow established procedures and report any abnormal incidents.
MITRE and CERT are...
virus and malware cataloging organizations
A workstation that is being used as a zombie set to attack a web server on a certain date is most likely part of a...
DDoS
A task-based control model is an example of what?
RBAC (Role Based Access Control)
The MOST common exploits of Internet-exposed network services are due to...
buffer overflows
Which of the following problems will MOST likely occur if an HTML-based email has a mislabeled MIME type .exe attachment?
The executable can automatically execute
What is the MOST significant flaw in pretty good privacy (PGP) authentication?
a user must trust the public key that is received.
Which of the following VPN implementations consists of taking IPv6 security features and porting them to IPv4?
IPSec
A company has implemented a VPN and over time associates are created each being more secure than the last. What would be implemented to automate the selection of the BEST security association for each user?
IKE (Internet Key Exchange)
PKI is based on which of the following types of encryption?
asymmetric
Which of the following correctly identifies some of the contents of an end user's X.509 certificate?
A User's public key, object identifiers, and the location of the user's electronic identity
B User's public key, the serial number of the CA certificate,
A (User's public key, the certificate's serial number, and the certificate's validity dates)
The Diffie-Hellman encryption algorithm relies on what being exchanged?
keys
Which of the following types of IDS should be implemented to monitor traffic on a switch?
network based passive and network based active
What freeware forensic tools are used to capture packet traffic from a network?
nmap
An SMTP server is the source of email spam in an organization. Which of the following is MOST likely the cause?
Anonymous relays have not been disabled
Which of the following protocols is used with 802.1X to authenticate to a client network?
EAP (Extensible Authentication Protocol)
What protocols would be allowed through the firewall AH and Encapsulating Security Protocol (ESP) for a VPN?
50, 51
Which of the following can be used to explain the reasons a security review must be completed?
Corporate security policy
Which of the following could cause communication errors with an IPSec VPN tunnel because of changes made to the IP header?
NAT
Which of the following is employed to allow distrusted hosts to connect to services inside a network without allowing the hosts direct access to the internal networks?
DMZ
Which types of servers should be placed on a private network?
File and print servers
What should be done to secure a web server that is reachable from the internet, is located in the core internal corp network, and cannot be redesigned or moved?
HIDS, Host based firewall
Which of the following protocols are used for securing HTTP connections? (Select 2 answers)
SCP
Telnet
SSL
TTL
SNMP
TLS
SSL, TLS
What is a suite of protocols used for connecting hosts on the Internet?
TCP/IP
The SCP protocol is used for
Secure file transfer
FTPS is an extension to the FTP that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols. (True or False?)
True
Which of the protocols listed below is used by the PING utility?
IPsec
SNMP
FCoE
ICMP
ICMP (Internet Control Message Protocol)
Which of the following answers lists the IPv6 loopback address?
::/128
FF00::/8
::1
127.0.0.1
::1
Which of the protocols listed below facilitate(s) communication between SAN devices? (Select all that apply)
SCSI
MTBF
iSCSI
MTTF
FCoE
iSCSI, FCoE
A networking standard for linking data storage devices over an IP network is known as
iSCSI
A network protocol for secure file transfer over Secure Shell (SSH) is called
SFTP
Which of the protocols listed below does not provide authentication?
FTP
TFTP
SCP
SFTP
TFTP
Which of the following protocols was designed as a secure replacement for Telnet?
SSH
FTP runs by default on ports
20, 21
Which of the protocols run(s) on port number 22?
SSH, SCP, SFTP
Port number 23 is used by
Telnet
Which TCP port is used by SMTP?
25
DNS runs on port
53
An HTTP traffic can be enabled by opening port
80
Which ports enable retrieving email messages from a remote server?
110, 143
Which of the port numbers listed below are used by NetBIOS?
137, 138, 139
IMAP runs on TCP port
143
Which TCP port is used by HTTPS?
443
default port number for a Microsoft-proprietary remote connection protocol?
3389
Which protocols operate(s) at layer 3 (the network layer) of the OSI model?
IPSec, IPV6, IPv4, ICMP
In the OSI model, TCP resides at the ______ layer
4 Transport
In the OSI model, CSS, GIF, HTML, XML, JSON, S/MIME, resides at the ______ layer
6 Presentation
In the OSI model, RPC, SCP, PAP,
TLS, FTP, HTTP, HTTPS, SMTP, SSH, Telnet, resides at the ______ layer
5 Session
In the OSI model, NBF, TCP, UDP resides at the ______ layer
4 Transport
In the OSI model, AppleTalk, ICMP, IPsec, IPv4, IPv6 resides at the ______ layer
3 Network
In the OSI model, IEEE 802.2, L2TP, LLDP, MAC, PPP, ATM, MPLS resides at the ______ layer
2 Data Link
In the OSI model, DOCSIS, DSL, Ethernet physical layer, ISDN, RS-232 resides at the ______ layer
1 Physical
In the OSI model, NFS, SMB, AFP, FTAM, NCP resides at the ______ layer
7 Application
Which of the following wireless encryption schemes offers the highest level of protection?
WEP
WPA2
WAP
WPA
WPA2
Which of the wireless security protocols listed below has been deprecated in favor of newer standards due to known vulnerabilities?
PEAP
CCMP
WPA2
WEP
WEP
Which of the answers listed below refers to an authentication framework frequently used in wireless networks and point-to-point connections?
DLP
OCSP
EAP
LDAP
EAP
A network access control method whereby the 48-bit address assigned to each network card is used to determine access to the network is known as:
Hardware lock
Post-admission NAC
Rule-Based Access Control (RBAC)
MAC filter
MAC filter
A wireless network name is also referred to as:
SSID
Which of the following protocols was introduced to strengthen existing WEP implementations without requiring the replacement of legacy hardware?
PEAP
TKIP
CCMP
WPA2
TKIP (Temporal Key Integrity Protocol)
Which of the protocols listed below encapsulates EAP within an encrypted and authenticated TLS tunnel?
LDAP
PAP
Telnet
PEAP
PEAP (Protected Extensible Authentication Protocol)
AES-based encryption mode implemented in WPA2 is known as:
CCMP
TPM
TKIP
MTBF
CCMP
An optimal WAP antenna placement provides a countermeasure against: (Select 2 answers)
War chalking
Tailgating
War driving
Shoulder surfing
Site survey
war driving, site survey
Which of the following WAP configuration settings allows for adjusting the boundary range of the wireless signal?
Fair access policy
Power level controls
Quality of Service (QoS)
Wi-Fi Protected Setup (WPS)
Bandwidth cap
Power level controls
Which of the answers listed below refers to a solution allowing administrators to block Internet access for users until they perform required action?
Mantrap
Honeypot
Captive portal
Access Control List (ACL)
Firewall
Captive portal
Which of the following antenna types would provide the best coverage for workstations connecting to a WAP placed in a central point of a typical office? (Select all that apply)
Omnidirectional
Unidirectional
Bidirectional
Non-directional
Omnidirectional, non directional
Which of the answers listed below refers to wireless site survey?
Bluejacking
Spear phishing
War driving
Shoulder surfing
War driving
Which of the following examples falls into the category of technical security controls?
Change management
Acceptable Use Policy (AUP)
Intrusion Detection System (IDS)
Incident response procedure
IDS (Intrusion Detection System)
Which of the examples listed below falls into the category of operational security controls?
Change management
Encryption
Antivirus software
Mantrap
Change management
A policy outlining ways of collecting and managing personal data is known as:
Acceptable Use Policy (AUP)
Audit policy
Privacy policy
Data Loss Prevention (DLP)
Privacy policy
Which of the following acronyms refers to a set of rules enforced in a network that restrict the use to which the network may be put?
OEM
AUP
UAT
ARO
AUP (Acceptable Use Policy)
Single Loss Expectancy (SLE) = Asset Value (AV) x Exposure Factor (EF). The Exposure Factor (EF) used in the formula above refers to the impact of the risk over the asset, or percentage of asset lost when a specific threat is realized. Which of the follow
1.0
Which of the answers listed below refers to the correct formula for calculating probable financial loss due to a risk over a one-year period?
SLE = AV x EF
ALE = ARO x SLE
SLE = ALE x AV
ALE = AV x EF
ALE = ARO x SLE
Which of the following terms is used to describe the average time required to repair a failed component or device?
MTBF
MTU
MTTR
MPLS
MTTR
A calculation of the Single Loss Expectancy (SLE) is an example of:
Quantitative risk assessment
Risk deterrence
Qualitative risk assessment
Incident management
Quantitative
Assessment of risk probability and its impact based on subjective judgment falls into the category of:
Environmental controls
Quantitative risk assessment
Forensic procedures
Qualitative risk assessment
Qualitative
A path or tool allowing an attacker to gain unauthorized access to a system or network is known as:
Backdoor
Threat vector
Discretionary access
Rootkit
Threat vector
In quantitative risk assessment, this term is used for estimating the likelihood of occurrence of a future threat.
ALE
AV
ARO
SLE
ARO (annual rate of occurrence)
Contracting out a specialized technical component when the company's employees lack the necessary skills is an example of:
Risk deterrence
Risk avoidance
Risk acceptance
Risk transference
transference
Disabling certain system functions or shutting down the system when risks are identified is an example of:
Risk acceptance
Risk avoidance
Risk transference
Risk deterrence
avoidance
Which of the answers listed below exemplifies an implementation of risk transference methodology?
Insurance policy
Security guard
Antivirus software
User education
Insurance policy
Which of the following terms relates closely to the concept of residual risk?
Firewall rules
Virtualization
Risk acceptance
Quantitative risk assessment
acceptance
What type of risk management strategy is in place when accessing the network involves a login banner warning designed to inform potential attacker of the likelihood of getting caught?
Risk avoidance
Risk acceptance
Risk deterrence
Risk transference
deterrence
Which of the terms listed below refers to one of the hardware-related disadvantages of the virtualization technology?
Single point of failure
Server clustering
Privilege escalation
Power and cooling costs
Single point of failure
Which of the following acronyms refers to a maximum tolerable period of time required for restoring business functions after a failure or disaster?
RAS
RTO
ROI
RPO
RTO (Recovery time objective)
An agreement between a service provider and the user(s) defining the nature, availability, quality, and scope of the service to be provided is known as:
SLE
BPA
SLA
DLP
SLA
Which of the following answers refers to a key document governing the relationship between two business organisations?
ISA
ALE
SLA
BPA
BPA (business partners agreement)
A document established between two or more parties to define their respective responsibilities in accomplishing a particular goal or mission is known as:
BPA
MOU
SLE
ISA
MOU (Memorandum of understanding)
Which of the answers listed below refers to an agreement established between the organizations that own and operate connected IT systems to document the technical requirements of the interconnection?
ISA
ALE
MOU
BPA
ISA (Interconnection Security Agreement)
Which of the following functionalities allows a DLP system to fulfil its role?
Motion detection
Environmental monitoring
Content inspection
Loop protection
Content inspection
In forensic procedures, a sequence of steps in which different types of evidence should be collected is known as:
Order of volatility
Layered security
Chain of custody
Transitive access
Order of volatility
In forensic procedures, a chronological record outlining persons in possession of an evidence is referred to as:
Proxy list
Order of volatility
Access log
Chain of custody
Chain of custody
Which of the following answers lists an example order of volatility for a typical computer system?
A Memory dump, disk files, temporary files, archival media
B Archival media, disk files, temporary files, memory dump
C Memory dump, temporary files, disk f
C
An exact copy of the entire state of a computer system is called:
System image
Restore point
Hard copy
Digital signature
System image
In forensic analysis, taking hashes ensures that the collected evidence retains:
Confidentiality
Integrity
Order of volatility
Availability
Integrity
Log analysis should not take into account the difference between the reading of a system clock and standard time as this impedes the reconstruction of the sequence of events during an attack or security breach.
True
False
False
Which of the following acronyms refers to any type of information pertaining to an individual that can be used to uniquely identify that person?
PIN
ID
PII
PKI
PII
A sticky note with a password kept on sight in user's cubicle would be a violation of which of the following policies?
Data labeling policy
Clean desk policy
Acceptable Use Policy (AUP)
User account policy
Clean desk policy
Which of the following security controls is used to prevent tailgating?
Hardware locks
Mantraps
Video surveillance
EMI shielding
Mantraps
EMI shielding protects the transferred data from: (Select all that apply)
A Outside interference
B Phishing
C Eavesdropping
D Decryption
F Bluesnarfing
A, C
Which of the following solutions add(s) redundancy in areas identified as single points of failure? (Select all that apply)
1 Virtualization
2 RAID
3 Hot site
4 UPS
5 Backup generator
6 PSU
2, 3, 4, 5
What is the goal of tabletop exercises? (Select all that apply)
A Disaster recovery planning
B Active test of security controls
C Discussing a simulated emergency situation
D Passive test of security controls
A, C
Hardware-based RAID Level 0: (Select 2 answers)
A Offers redundancy
B Requires at least three drives to implement
C Doesn't offer fault tolerance
D Requires at least two drives to implement
E Offers fault tolerance
C, D
Which of the following solutions does not offer fault tolerance?
RAID 5
Disk duplexing
RAID 0
Disk mirroring
RAID 1
RAID 0
Which of the following answers lists an example method for passive test of security controls?
Tabletop exercises
Pentest
Vulnerability scan
War chalking
Vulnerability scan
Hardware-based RAID Level 1: (Select 3 answers)
1 Requires at least 2 drives to implement
2 Is also known as disk striping
3 Offers improved performance in comparison to RAID 0
4 Offers improved reliability by creating identical data sets on each drive (f
1, 4, 5
Hardware-based RAID Level 5: (Select 2 answers)
1 Continues to operate in case of failure of more than 1 drive
2 Requires at least 3 drives to implement
3 Offers increased performance and fault tolerance (single drive failure does not destroy the array an
2, 3
What is the function of archive bit?
A Setting file attribute to read-only
B Search indexing
C Creating an additional copy of a file
D Indicating whether a file has been modified since the last backup
D
Which of the following terms refers to a backup technique that allows for creating an exact copy of an entire drive and replicating the drive to a new computer or to another drive on the same computer in case of hard drive failure? (Select best answer)
Di
Drive imaging
Restoring data from an incremental backup requires: (Select 2 answers)
1 Copy of the last incremental backup
2 All copies of differential backups made since the last full backup
3 Copy of the last differential backup
4 All copies of incremental backups ma
4, 5
A United States federal government initiative aimed at enabling agencies to continue their essential functions across a broad spectrum of emergencies is known as:
OVAL
TACACS
COOP
OCSP
COOP (Continuity Of Operations)
Which of the following examples falls into the category of deterrent security control types?
Lighting
Access lists
Motion detection
Alarms
Lighting
Which of the following backup site types allows for fastest disaster recovery?
Cold site
Hot site
Warm site
Cross-site
Hot
Which of the following security controls provide(s) confidentiality? (Select all that apply)
1 Encryption
2 Certificates
3 Digital signatures
4 Steganography
5 Hashing
1, 4
Which of the following security controls provide(s) integrity? (Select all that apply)
1 Hashing
2 Steganography
3 Fault tolerance
4 Digital signatures
5 Non-repudiation
6 Encryption
1, 4, 5
What is the purpose of non-repudiation?
1 Hiding one piece of data in another piece of data
2 Ensuring that received data hasn't changed in transit
3 Preventing someone from denying that they have taken specific action
4 Transforming plaintext into cipher
3
What is the function of Windows Defender software?
1 Allowing and blocking applications through Windows Firewall
2 Protection against spyware and other potentially unwanted software
3 Reviewing computer's status and resolving issues
4 Management of User A
2
Which of the following is an example of active eavesdropping?
Phishing
DDoS
Xmas attack
MITM
MITM (Man in the middle)
A replay attack occurs when an attacker intercepts user credentials and tries to use this information later for gaining unauthorized access to resources on a network.
True
False
True
Which of the following authentication protocols offer(s) countermeasures against replay attacks? (Select all that apply)
PAP
IPsec
OCSP
Kerberos
CHAP
IPSec, Kerberos, CHAP
Which of the following answers apply to smurf attack? (Select 3 answers)
1 IP spoofing
2 Privilege escalation
3 DDoS
4 Polymorphic malware
5 MITM attack
6 Large amount of ICMP echo replies
1, 3, 6
A fraudulent email requesting its recipient to reveal sensitive information (e.g. user name and password) used later by an attacker for the purpose of identity theft is an example of: (Select 2 answers)
1 Phishing
2 Watering hole attack
3 Social engineeri
1, 3
What 2 characteristics describe xmas attack? (2 answers)
DoS, IP Spoofing
Which of the following answers list(s) the characteristic features of pharming? (Select all that apply)
1 Port scanning
2 Dictionary attack
3 DNS poisoning
4 Rainbow table
5 Domain spoofing
3, 5
The DNS service is used for translating:
Link layer addresses into IP addresses
IP addresses into MAC addresses
Domain names into IP addresses
Network layer addresses into link layer addresses
Domain names into IP addresses
Address Resolution Protocol (ARP) translates: (Select all that apply)
1 Link layer addresses into IP addresses
2 Domain names into IP addresses
3 IP addresses into MAC addresses
4 Network layer addresses into link layer addresses
3, 4
Which of the following answers refers to the contents of a rainbow table entry?
Hash / Password
IP address / Domain name
Username / Password
Hash / Account name
Hash / Password
URL hijacking is also referred to as:
Banner grabbing
Session hijacking
Typo squatting
DNS poisoning
Typo squatting
Which of the following fall(s) into the category of social engineering attacks? (Select all that apply)
1 Whaling
2 MITM attack
3 Shoulder surfing
4 Bluejacking
5 Dumpster diving
6 Bluesnarfing
7 Tailgating
8 Vishing
1, 3, 5, 7, 8
Which of the terms listed below refers to a rogue access point?
Trojan horse
Backdoor
Computer worm
Evil twin
Evil twin
The practice of sending unsolicited messages over Bluetooth is known as:
Phishing
Bluejacking
Vishing
Bluesnarfing
Bluejacking
The practice of gaining unauthorized access to a Bluetooth device is referred to as:
Pharming
Bluesnarfing
Vishing
Bluejacking
Bluesnarfing
Which of the answers listed below refers to an attack aimed at exploiting the vulnerability of WEP?
MITM attack
Smurf attack
IV attack
Xmas attack
IV (initialization vector)
Which of the following solutions simplifies configuration of new wireless networks by providing non-technical users with a capability to easily configure network security settings and add new devices to an existing network?
WPA
WPS
WEP
WAP
WPS (Wi-Fi Protected Setup)
Which (2) of the answers listed below refers to a Wi-Fi Protected Setup (WPS) exploit?
Smurf attack
Watering hole attack
PIN recovery
Birthday attack
URL hijacking
Watering hole attack, pin recovery
Which of the following wireless security features are not recommended and should not be used due to their known vulnerabilities? (Select 2 answers)
WPS
WAP
WPA2
WAF
WEP
WPS, WEP
What type of action allows an attacker to exploit the XSS vulnerability?
Code injection
Banner grabbing
PIN recovery
Input validation
Code injection
Which of the answers listed below refers to a common target of cross-site scripting?
Physical security
Alternate sites
Dynamic web pages
Removable storage
Dynamic web pages
An HTTP exploit which allows attackers to access restricted directories and execute commands outside of the web server's root directory is known as:
Dictionary attack
URL hijacking
Watering hole attack
Directory traversal attack
Directory traversal
A temporary area of memory allocated with a fixed size for holding data while it's waiting to be transferred to another location is known as:
Cache
Header
Local Shared Object (LSO)
Buffer
Buffer
Which of the following acronyms refers to flash cookies?
RPO
BCP
LSO
CRP
LSO (Local Shared Object)
Which of the security control types listed below fall(s) into the category of preventative controls? (Select all that apply)
1 IDSs
2 Fencing
3 Hardware locks
4 Motion sensors
5 Warning signs
6 Mantraps
2, 3, 6
Penetration testing: (Select all that apply)
1 Bypasses security controls
2 Only identifies lack of security controls
3 Actively tests security controls
4 Exploits vulnerabilities
5 Passively tests security controls
1, 3, 4
Which of the following acronyms refers to software or hardware based security solutions designed to detect and prevent unauthorized use and transmission of confidential information outside of the corporate network?
DEP
RADIUS
DLP
PGP
DLP
Which of the answers listed below refers to a control system providing the capability for real-time monitoring and gathering information related to industrial equipment?
OVAL
SCADA
TACACS
SCAP
SCADA (Supervisory Control And Data Acquisition)
One of the advantages of the Remote Authentication Dial-In User Service (RADIUS) is that it provides encryption for the entire authentication process.
True
False
False
Which of the following answers refers to a Cisco-proprietary alternative to RADIUS?
LDAP
Kerberos
SAML
TACACS+
TACACS+
Assigning a unique key, called a ticket, to each user that logs on to the network is a characteristic feature of:
SAML
Secure LDAP
RADIUS
Kerberos
Kerberos
Which of the following port numbers is used by Kerberos?
23
80
22
88
88
What type of encryption protocols are used by Secure LDAP (LDAPS)? (Select all that apply)
TLS
UDP
SSL
IP
TCP
TLS, SSL
Which of the following authentication protocols offer(s) countermeasures against replay attacks? (Select all that apply)
IPsec
MPLS
PAP
Kerberos
CHAP
IPsec, Kerberos, CHAP
Lightweight Directory Access Protocol (LDAP) runs on port:
49
389
3389
636
389
The non-standard, enhanced version of the LDAP protocol providing the capability for encrypted transmission runs on port:
49
3389
636
389
636
Which of the following solutions provides a single sign-on capability for Web services?
MOU
OVAL
SCADA
SAML
SAML (Security Assertion Markup Language)
TACACS+ runs on TCP port:
389
49
636
88
49
Which part of the AAA framework deals with verification of the identity of a person or process?
Authorization
Non-repudiation
Authentication
Accounting
Authentication
Which of the following examples meets the requirement of multi-factor authentication?
Password and biometric scan
Username and PIN
Smart card and identification badge
Iris and fingerprint scan
Password and biometric scan
The term "Trusted OS" refers to an operating system:
Admitted to a network through NAC
Implementing patch management
That has been authenticated on the network
With enhanced security features
With enhanced security features
Password combined with PIN used as an authentication requirement is an example of:
Multi-factor authentication
Single Sign-On (SSO)
Two-factor authentication
Something that the user knows
Something that the user knows
Which of the answers listed below refers to a security measure providing protection against various password-based attacks, specifically password sniffing and replay attacks?
OTP
LSO
OCSP
CRL
OTP (one time password)
An algorithm used for computing one-time password from a shared secret key and the current time is known as:
HOTP
PAP
TOTP
CHAP
TOTP (Time-based One-time Password)
Which of the following protocols transmits passwords over the network in an unecrypted form and is therefore considered unsecure?
RADIUS
PAP
TACACS+
CHAP
PAP (Password Authentication Protocol)
Which part of the AAA framework deals with granting or denying access to resources?
Authentication
Identification
Accounting
Authorization
Authorization
Which of the answers listed below refers to the most common access control model used in Trusted OS implementations?
HMAC
MAC
RBAC
DAC
MAC
Which part of the AAA framework incorporates the time-of-day restrictions requirement?
Authentication
Non-repudiation
Accounting
Authorization
Authorization
Large amount of processing power required to both encrypt and decrypt the content of the message causes that symmetric-key encryption algorithms are much slower when compared to algorithms used in asymmetric encryption.
True or False
False
The two basic techniques for encrypting information include symmetric encryption (also called public-key encryption) and asymmetric encryption (also called secret-key encryption.) True or False?
False
An access control method based on the identity of subjects and/or groups to which they belong is called:
HMAC
DAC
MAC
RBAC
DAC
Block ciphers work by encrypting each plaintext digit one at a time.
True or False?
False
Which IPsec mode provides encryption for the entire packet?
Tunnel
Host-to-host
Payload
Transport
Tunnel
Which IPsec mode provides encryption only for the payload (the data part of the packet):
Protected
Tunnel
Transport
Safe
Transport
What is the name of a storage solution used to retain copies of private encryption keys?
Trusted OS
Key escrow
Proxy server
Recovery agent
Key escrow
A digital signature is a hash of a message that uniquely identifies the sender of the message and provides a proof that the message hasn't changed in transit.
True or False?
True
What are the features of Elliptic Curve Cryptography (ECC)? (Select 2 answers)
1 Asymmetric encryption
2 Shared key
3 Suitable for small wireless devices
4 High processing power requirements
5 Symmetric encryption
1, 3
Which of the following answers refer to the applications / features of quantum cryptography? (Select 2 answers)
1 High availability
2 Protection against eavesdropping
3 Loop protection
4 Secure key exchange
5 Host-based intrusion detection
2, 4
Which of the answers listed below refer(s) to the Advanced Encryption Standard (AES): (Select all that apply)
1 Symmetric-key algorithm
2 128-, 192-, and 256-bit keys
3 Asymmetric-key algorithm
4 Block cipher algorithm
5 Stream cipher algorithm
1, 2, 4
Unlike stream ciphers which process data by encrypting individual bits, block ciphers divide data into separate fragments and encrypt each fragment separately.
True or False?
True
Which of the following are symmetric-key algorithms? (Select 3 answers)
1 AES
2 DES
3 RSA
4 Diffie-Hellman
5 3DES
1, 2, 5
Which of the following answers refers to a solution for secure exchange of cryptographic keys? (Select best answer)
Data Encryption Standard (DES)
In-band key exchange
Diffie-Hellman
Out-of-band key exchange
Diffie-Hellman
One of the answers below lists some of the past and current authentication protocols used in Microsoft networks arranged from oldest / obsolete up to the current recommendation. Which of the answers lists the protocols in the correct order?
1 LANMAN � NTL
1
A computer program (and related protocols) that uses cryptography to provide data security for electronic mail and other applications on the Internet is known as:
SMTP
PGP
OCSP
OVAL
PGP
GNU Privacy Guard (GPG) provides similar functionality and an alternative to:
PAP
IMAP4
PGP
Windows Firewall
PGP
Which of the protocols listed below uses elliptic curve cryptography for secure exchange of cryptographic keys?
ECC
LANMAN
ECDHE
OCSP
ECDHE (Elliptic curve Diffie-Hellman)
Which of the following answers refers to a cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers?
Telnet
SSH
Bcrypt
TFTP
SSH
In cryptography, the term "key stretching" refers to a mechanism for extending the length of the cryptographic key in order to make it more secure against brute force attacks.
True or False?
True
Examples of key stretching algorithms include: (Select 2 answers)
PBKDF2
RC4
NTLMv2
Bcrypt
FCoE
PBKDF2, Bcrypt
Which of the solutions listed below allow(s) to check whether a digital certificate has been revoked? (Select all that apply)
CIRT
CRL
OCSP
CRC
ICMP
CRL, OCSP
Which of the following provides the fastest way for validating a digital certificate?
ICMP
CRL
Key escrow
OCSP
OCSP (Online Certificate Status Protocol)
SHA, MD5, and RIPEMD are examples of:
Trust models
Encryption algorithms
Hash functions
Virus signatures
Hash functions
Which of the following is the default port number used by the Kerberos authentication system?
80
3389
88
443
88
3389 is the default port number for:
Lightweight Directory Access Protocol over TLS/SSL (LDAPS)
Remote Desktop Protocol (RDP)
Lightweight Directory Access Protocol (LDAP)
Simple Network Management Protocol (SNMP)
RDP (Remote Desktop Protocol)
File Transfer Protocol (FTP) runs by default on port(s): (Select all that apply)
25
23
20
21
22
20, 21
TCP port 443 is used by:
Simple Mail Transfer Protocol (SMTP)
File Transfer Protocol (FTP)
Hypertext Transfer Protocol over TLS/SSL (HTTPS)
Internet Message Access Protocol (IMAP)
HTTPS
Which of the following default port numbers is not used by a remote administration tool?
23
22
3389
25
25
Unblocking port number 22 enables what type of traffic? (Select all that apply)
SSH
SFTP
FTP
SCP
FTPS
SSH, SFTP, SCP
An SNMP management station receives SNMP notifications on UDP port:
161
137
162
138
162
TCP port 143 is used by:
Hypertext Transfer Protocol (HTTP)
Simple Mail Transfer Protocol (SMTP)
Internet Message Access Protocol (IMAP)
Remote Desktop Protocol (RDP)
IMAP
An SNMP Agent receives requests on UDP port:
161
138
162
139
161
Which of the following ports are used by NetBIOS? (Select all that apply)
136
137
161
138
162
139
137, 138, 139
A network administrator wants to replace service running on port 23 with a more reliable solution. Which of the following ports would be in use after implementing this change?
20
21
22
25
22
Which of the following TCP port numbers is used by the Simple Mail Transfer Protocol (SMTP)?
110
25
22
143
25
Which of the ports listed below are used by client applications designed to retrieve email messages from mail servers? (Select 2 answers)
110
443
3389
143
25
110, 143
A network administrator has been asked to set up a VPN link on a connecting host with no dedicated VPN client application installed. Which of the following ports should be in use to enable this type of connection?
119
443
23
139
143
443
Network traffic on port 389 indicates existence of an active:
VPN connection
Message transfer agent
Directory service
Web server
Directory service
Which of the following ports is used by DNS?
53
67
23
68
52
53
Which of the answers listed below refers to a port number for a lightweight protocol typically used for transferring boot files and configuration files between hosts in a secure Intranet environment?
20
69
21
22
69
A hacker has captured network traffic with cleartext commands sent from the client to the server console. Which of the following ports is being used by the network admin for the client-server communication?
49
23
68
22
23
Which of the port numbers listed below is used by the Trivial File Transfer Protocol (TFTP)?
88
139
22
69
69
A network administrator wants to secure the existing access to a directory service with SSL/TLS encryption. Which of the following ports would be in use after implementing this change?
636
139
389
443
636
Which of the ports listed below is used by TACACS+?
UDP port 161
TCP port 49
UDP port 1701
TCP port 110
UDP port 49
TCP port 49
A group that consists of SNMP devices and one or more SNMP managers is known as:
SNMP trap
Network Management System (NMS)
SNMP community
Management Information Base (MIB)
Intranet
SNMP community
Which of the protocols listed below is used in network management systems for monitoring network-attached devices?
RTP
SNMP
IMAP
RTCP
SNMP (Simple Network Management Protocol)
The biggest advantage of public cloud is that all services provided through this type of cloud computing service model are offered free of charge.
True or False?
False
A cloud computing infrastructure type where applications are hosted over a network (typically Internet) eliminating the need to install and run the software on the customer's own computers is called:
Thick client
SaaS
Virtualization
IaaS
SaaS
VLAN membership can be set through: (Select all that apply)
IP address
Trunk port
Physical
Group permissions
MAC
Trunk port, physical, MAC
A security stance whereby a host is being granted / denied permissions based on its actions after it has been provided with the access to the network is known as:
Network separation
Pre-admission NAC
Quarantine
Post-admission NAC
Post-admission NAC
Which of the following terms refers to a logical grouping of computers that allow computer hosts to act as if they were attached to the same broadcast domain, regardless of their physical location?
Honeynet
Virtual Private Network (VPN)
Demilitarized Zone
VLAN
Which of the following answers lists a /27 subnet mask?
255.255.255.0
255.255.255.128
255.255.255.192
255.255.255.224
255.255.255.224