Q1. Users report that they are unable to access network printing services. The security technician checks the router access list and sees that web, email, and secure shell are allowed. Which of the following is blocking network printing?
A. Port security
B. Flood guards
C. Loop protection
D. Implicit deny
Answer: D
Explanation:
Implicit deny says that if you aren’t explicitly granted access or privileges for a resource, you’re denied access by default. The scenario does not state that network printing is allowed in the router access list, therefore, it must be denied by default.
Q2. A small company has a website that provides online customer support. The company requires an account recovery process so that customers who forget their passwords can regain access.
Which of the following is the BEST approach to implement this process?
A. Replace passwords with hardware tokens which provide two-factor authentication to the online customer support site.
B. Require the customer to physically come into the company’s main office so that the customer can be authenticated prior to their password being reset.
C. Web-based form that identifies customer by another mechanism and then emails the customer their forgotten password.
D. Web-based form that identifies customer by another mechanism, sets a temporary password and forces a password change upon first login.
Answer: D
Explanation:
People tend to forget their passwords, thus you should have a password recovery system for them that will not increase risk exposure. Setting a temporary password will restrict the time that the password is valid and thus decrease risk; and in addition forcing the customer to change it upon first login will make the password more secure for the customer.
Q3. Which of the following is a measure of biometrics performance which rates the ability of a system to correctly authenticate an authorized user?
A. Failure to capture
B. Type II
C. Mean time to register
D. Template capacity
Answer: B
Explanation:
Type II, or false acceptance rate (FAR), is the measure of the likelihood that the biometric security system will incorrectly accept an access attempt by an unauthorized user.
Q4. Which of the following could a security administrator implement to mitigate the risk of tailgating for a large organization?
A. Train employees on correct data disposal techniques and enforce policies.
B. Only allow employees to enter or leave through one door at specified times of the day.
C. Only allow employees to go on break one at a time and post security guards 24/7 at each entrance.
D. Train employees on risks associated with social engineering attacks and enforce policies.
Answer: D
Explanation:
Tailgating is the term used for someone being so close to you when you enter a building that they are able to come in right behind you without needing to use a key, a card, or any other security device. Many social engineering intruders needing physical access to a site will use this method of gaining entry. Educate users to beware of this and other social engineering ploys and prevent them from happening.
Q5. Which of the following cryptographic algorithms is MOST often used with IPSec?
A. Blowfish
B. Twofish
C. RC4
D. HMAC
Answer: D
Explanation:
The HMAC-MD5-96 (also known as HMAC-MD5) encryption technique is used by IPSec to make sure that a message has not been altered.
Q6. Pete, the system administrator, has concerns regarding users losing their company provided smartphones. Pete’s focus is on equipment recovery. Which of the following BEST addresses his concerns?
A. Enforce device passwords.
B. Use remote sanitation.
C. Enable GPS tracking.
D. Encrypt stored data.
Answer: C
Explanation:
Global Positioning System (GPS) tracking can be used to identify its location of a stolen device and can allow authorities to recover the device. However, for GPS tracking to work, the device must have an Internet connection or a wireless phone service over which to send its location information.
Q7. Which of the following practices is used to mitigate a known security vulnerability?
A. Application fuzzing
B. Patch management
C. Password cracking
D. Auditing security logs
Answer: B
Explanation:
Patch management is the process of maintaining the latest source code for applications and operating systems by applying the latest vendor updates. This helps protect a systems from new attacks and vulnerabilities that have recently become known.
Q8. One of the system administrators at a company is assigned to maintain a secure computer lab. The administrator has rights to configure machines, install software, and perform user account maintenance. However, the administrator cannot add new computers to the domain, because that requires authorization from the Information Assurance Officer. This is an example of which of the following?
A. Mandatory access
B. Rule-based access control
C. Least privilege
D. Job rotation
Answer: C
Explanation:
A least privilege policy should be used when assigning permissions. Give users only the permissions that they need to do their work and no more.
Q9. Which of the following has serious security implications for large organizations and can potentially allow an attacker to capture conversations?
A. Subnetting
B. NAT
C. Jabber
D. DMZ
Answer: C
Explanation:
Jabber is a new unified communications application and could possible expose you to attackers that want to capture conversations because Jabber provides a single interface across presence, instant messaging, voice, video messaging, desktop sharing and conferencing.
Q10. A security administrator is tasked with calculating the total ALE on servers. In a two year period of time, a company has to replace five servers. Each server replacement has cost the company $4,000 with downtime costing $3,000. Which of the following is the ALE for the company?
A. $7,000
B. $10,000
C. $17,500
D. $35,000
Answer: C
Explanation:
SLE × ARO = ALE, where SLE is equal to asset value (AV) times exposure factor (EF); and ARO is the annualized rate of occurrence. SLE =($4000 + $3000) x 5 = $35000 ARO = 2 years Thus per year it would be 50% = 0,5 The ALE is thus $35000 x 0.5 = $17500