Q1. Which of the following can be used to implement two-factor authentications? Each correct answer represents a complete solution. Choose all that apply.
A. Firewall security rule
B. Password
C. Smart card
D. Encrypted network configuration
Answer: BC
Q2. Which of the following is a program that runs at a specific date and time to cause unwanted and unauthorized functions?
A. Keylogger
B. Logic bomb
C. Spyware
D. Trojan horse
Answer: B
Q3. Mark works as a Security Administrator for TechMart Inc. The company has a a Windows-based network. Mark has gone through a security audit for ensuring that the technical system is secure and protected. While this audit, he identified many areas that need improvement. He wants to minimize the risk for potential security threats by educating team members in the area of social engineering, and providing basic security principle knowledge while stressing the Con?dentiality, Integrity, and Availability triangle in the training of his team members . Which of the following ways will Mark use for educating his team members on the social engineering process?
A. He will call a team member while behaving to be someone else for gaining access to sensitive information.
B. He will use group policies to disable the use of floppy drives or USB drives.
C. He will develop a social awareness of security threats within an organization.
D. He will protect against a Distributed Denial of Services attack.
Answer: A
Q4. Which of the following is a physical address stored in the Network Interface card on your system or any other device residing on your network?
A. IP address
B. I/O address
C. MAC Address
D. Broadcast address
Answer: C
Q5. You work as a Network Administrator for a medium sized business. Spam has become a significant problem for your company. You want to have a common network wide solution. You want a solution that is easy to administer. However, you do not want your solution to hinder the performance of your email server. What is the best solution for you to implement?
A. Utilize a client side anti-spam solution.
B. Use a combination of mail server engine and client side.
C. Utilize a gateway filter anti-spam solution.
D. Utilize a mail server engine anti-spam solution.
Answer: C
Q6. Mark works as a Network Administrator for TechMart Inc. The company has a Windows-based network. Mark wants to implement a method to ensure that the mobile devices are in a good state of security health when they are trying to access the corporate network. For this purpose, Mark is using NAP. Which of the following will he do for those computers in the network that are not compatible with NAP?
A. Define exceptions in NAP for computers that are not compatible with NAP.
B. Hide those computers that are not compatible with NAP.
C. Remove those computers that are not compatible with NAP.
D. Do not use the NAP, if any of the computers is showing incompatibility in the entire network.
Answer: A
Q7. Which of the following is a security protocol that is used to protect data from being modified, corrupted, or accessed without authorization?
A. Honeypot
B. IP Security (IPsec)
C. DNSSEC
D. Protocol spoofing
Answer: B
Q8. Which of the following is a name that identifies a particular 802.11 wireless LAN?
A. MBSA
B. IBSS
C. MAC
D. SSID
Answer: D
Q9. Which of the following types of attack is used to configure a computer to behave as another computer on a trusted network by using the IP address or the physical address?
A. Distributed denial of service (DDOS) attack
B. Honeypot
C. RIP/SAP Spoofing
D. Identity spoofing
Answer: D
Q10. You work as a Network Administrator for NetTech Inc. Your computer has the Windows 2000 Server operating system. You want to harden the security of the server. Which of the following changes are required to accomplish this? Each correct answer represents a complete solution. Choose two.
A. Enable the Guest account.
B. Rename the Administrator account.
C. Remove the Administrator account.
D. Disable the Guest account.
Answer: BD