Security Review #2

1. On your way into the back entrance of the building at work one morning a man dressed as a plumber asks you to let him in so he can “fix the restroom.” what should you do?
Direct him to the front entrance and instruct him to check in with the receptionist.
2. Which of the following is not an example of a physical barrier access control mechanism?
One time passwords.
3. Which of the following can be used to stop piggybacking that has been occurring at a front entrance where employees should swipe their smart cards to gain entry?
Deploy a mantrap.
4. You want to use CCTV to increase your physical security. You want to be able to remotely control the camera position. Which camera type should you choose?
5. Which of the following CCTV camera types lets you adjust the distance that the camera can see (i.e. zoom in or out)?
6. Which of the following is the most important thing to do to prevent console access to the router?
Keep the router in a locked room.
7. You have 5 salesmen who work out of your office and who frequently leave their laptops laying on their desk in their cubicles. You are concerned that someone might walk by and take one of these laptops. Which of the following is the best protection to implement to address your concerns?
Use cable locks to chain the laptops to the desks.
8. Which of the following fire extinguisher types is best used for electrical fires that might result when working with computer components?
Class C.
9. You walk by the server room and notice a fire has started. What should you do first?
Make sure everyone has cleared the area.
10. Which of the following fire extinguisher suppressant types is best used for electrical fires that might result when working with computer components?
Carbon Dioxide (C02)11.)
11. What is the recommended humidity level for server rooms?
12. Users are complaining that sometimes network communications are slow. You use a protocol analyzer and find that packets are being corrupted as they pass through a switch. You also notice that this only seems to happen when the elevator is running. What should you do?
Install shielded cables near the elevator.
13. A smart phone was lost at the airport. There is no way to recover the device. Which if the following will ensure data confidentiality on the device?
Remote wipe.
14. Which of the following are not reasons to remote wipe a mobile device?
When the device is inactive for a period of time.
15. The presence of unapproved modems on desktop systems gives rise to the LAN being vulnerable to which of the following?
War dialing.
16. Which Internet connectivity method sends voice phone calls using the TCP/IP protocol over digital data lines?
17. Which of the following is not a reason to use subnets on a network?
Combine different media type on to the same subnet.
18. Which of the following best describes the purpose of using subnets?
Subnets divide an IP network address into multiple network addresses.
19. Which protocol uses traps to send notifications from network devices?
20. You have been using SNMP on your network for monitoring and management. You are concerned about the security of this configuration. What should you do?
Implement Version 3 of SNMP.
21. Which of the following protocols allows hosts to exchange messages to indicate problems with packet delivery?
22. Which of the following IPv6 addresses is equivalent to the IPv4 loopback address of
23. You are configuring a network firewall to allow SMTP outbound e-mail traffic, and POP3 inbound e-mail traffic. Which of the following TCP/IP ports should you open on the firewall (Select Two.)?
25, 110
24. Which of the following is a valid IPv6 address?
25. Which port number is used by SNMP?
26. You want to close all ports associated with NetBIOS on your network firewalls to prevent attacks directed against NetBIOS. Which ports should you close?
27. Which of the following protocols uses port 443?
28. Which of the following ports does FTP use to establish sessions and manage traffic?
20, 21
29. If an SMTP server is not properly and securely configured, it can be hijacked and used maliciously as a SMTP relay agent. Which of the following activity could it result in?
30. Which of the following is the best countermeasure against man-in-the-middle attacks?
31. While using the Internet, you type the URL of one of your favorite sites in the browser. Instead of going to the correct site, however, the browser displays a completely different website. When you use the IP address of the web server, the correct site is displayed. Which type of attacks likely occurred?
DNS poisoning.
32. Which of the following attacks tries to associate an incorrect MAC address with a known IP address?
ARP poisoning.
33. What are the most common network traffic packets captured and used in a replay attack?
34. A router on the border of your network detects a packet with a source address that is from an internal client but the packet was received on the Internet-facing interface. This is an example of what form attack?
35. What is modified in the most common form of spoofing on a typical IP packet?
Source address.
36. What of the following is a privately controlled portion of a network that is accessible to some specific external entities?
37. You are implementing security at a local high school that is concerned with students accessing inappropriate material on the Internet from the library’s computers. The students will use the computers to search the Internet for research paper content. The school budget is limited. Which of the following filtering option would you choose?
Restrict content based on content categories.
38. You are the office manager of a small financial credit business. Your company handles personal, financial information for clients seeking small loans over the internet. You are aware of your obligation to secure clients records, but budget is an issue. Which item would provide the best security for this situation?
All-in-one security appliance.
39. Which of the following is a firewall function?
Packet filtering.
40. Which of the following are characteristics of a circuit-level gateway (Select two.)?
Stateful, Filters based on sessions.
41. Which of the following are characteristics of a packet filtering gateway (Select two.)?
Stateless, Filters IP address and port.
42. You want to install a firewall that can reject packets that are not part of an active session. Which type of firewall should you use?
43. Which of the following is a valid security measure to protect e-mail from viruses?
Use blockers on e-mail gateways.
44. Which of the following prevents access based on website ratings and classifications?
Content filter.
45. You want to reduce collisions by creating separate collision domains and virtual LANs. Which of the following devices should you choose?
46. Which of the following is an advantage of using switches to create virtual LANs?
Broadcast traffic travels to a subset of devices rather than to all devices on the network.
47. Which characteristic of a switch can improve bandwidth utilization and reduce the risk of sniffing attacks on the network?
A switch filters port traffic based on MAC address.
48. What characteristics of hubs poses a security threat?
Hubs transmit frames to all hosts on all ports.
49. Which of the following devices does not examine the MAC address in a frame before processing or forwarding the frame?
50. A relatively new employee in the data entry cubical farm was assigned a user account similar to that of all of the other data entry employees. However, audit logs have shown that this user account has been used to change ACLs on several confidential files and has accessed data in restricted areas. This situation indicates which of the following has occurred?
Privilege escalation.
51. An attacker has obtained the logon credentials for a regular user on your network. Which type of security threat exists if this user account is used to perform administrative functions?
Privilege escalation.
52. What is the main difference between a worm and a virus?
A worm can replicate itself, while a virus requires a host for distribution.
53. What type of malware monitors your actions?
54. A collection of zombie computers have been setup to collect personal information. What type of malware do the zombie computers represent?
55. What is a program that appears to be a legitimate application, utility, game, or screensaver and that performs malicious activities surreptitiously?
Trojan horse.
56. Which of the following actions should you take to reduce the attack surface of a server?
Disable unused services.
57. Which of the following describes a configuration baseline?
A list of common security settings that a group or all devices share.
58. FTPS uses which mechanism to provide security for authentication and data transfer?
59. You need to increase the security of your Linux system by finding and closing open ports. Which of the following commands should you use to locate open ports?
60. What will the netstat -a command show?
All listening and non-listening sockets.