Request edit access
JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.
Security+ Exam B
You have 90 mins to complete the test. If you don't know the answer move on. You can always come back to it! If it asks for a submission ID at the end just enter your name. Good Luck!
Sign in to Google
to save your progress.
Learn more
* Indicates required question
A security administrator has performed an audit of the organization’s production web servers, and the results have identified banner information leakage, web services that run from a privileged account, and inconsistencies with SSL certificates. Which of the following would be the BEST way to resolve these issues?
1 point
❍ A. Server hardening
❍ B. Multi-factor authentication
❍ C. Use HTTPS
❍ D. Run operating system updates
Clear selection
A shipping company stores information in small regional warehouses around the country. The company does not keep an IT person at each warehouse, and most configuration changes are completed remotely. The company keeps an IPS online at each warehouse to watch for suspicious traffic patterns. Which of the following would BEST describe the security control used at the warehouse?
1 point
❍ A. Administrative
❍ B. Compensating
❍ C. Physical
❍ D. Detective
Clear selection
An internal sales application is updated each day with new pricing information, feature updates, and security patches. The system administrators have traditionally pushed these updates to the end-user workstations every Friday night, but the sales management teams would prefer daily updates. Which of the following would be the BEST way to keep this application updated every day?
1 point
A. IT configures an overnight testing environment and performs automated patch management
❍ B. The development team pushes the updates to the end-user workstations when ready
❍ C. The sales teams manually update the application on-demand
❍ D. The development team sends the updates directly to the sales managers
Clear selection
A security engineer is preparing to conduct a penetration test. Part of the preparation involves reading through social media posts for information about a third-party website. Which of the following describes this practice?
1 point
A. Grey box testing
❍ B. Passive reconnaissance
❍ C. Exfiltration
❍ D. Active reconnaissance
Clear selection
A company’s IT security team has used a known exploit against an internal server. This exploit allowed the security team to gain access to the operating system without using any authentication. Which of the following describes the actions of the security team?
1 point
❍ A. Active reconnaissance
❍ B. Vulnerability scan
❍ C. Zero-day attack
❍ D. Penetration test
Clear selection
An organization is using Shibboleth to implement SAML. Which of the following would BEST describe this configuration?
1 point
A. An internal help desk needs centralized logins to all switches and routers
❍ B. A user logging in once to the Windows Domain will not need to re-authenticate to other resources
❍ C. A university needs to provide login access to a research server with user accounts from many different schools
❍ D. The login credentials to a message board hash all passwords with a salt
Clear selection
Which of the following would be MOST associated with the testing phase of the secure deployment process?
1 point
❍ A. Performance baselines are created
❍ B. Updated application code is installed on end user computers
❍ C. Code is written and executed in a sandbox
❍ D. QA techs will evaluate the functionality of the application
Clear selection
Which of the following allows an attacker to access a Bluetooth-enabled device and transfer contact lists, email, pictures, and other data without prior authorization?
1 point
❍ A. Bluejacking
❍ B. Spoofing
❍ C. Evil twin
❍ D. Bluesnarfing
Clear selection
A company is launching a new internal application that will not startup until a username and password is entered and a smart card is plugged into the computer. Which of the following BEST describes this process?
1 point
❍ A. Federation
❍ B. Accounting
❍ C. Authentication
❍ D. Authorization
Clear selection
An online retailer is planning a penetration test as part of their PCIDSS validation. A third-party organization will be performing the test, and the online retailer has provided the Internet-facing IP addresses for their public web servers but no other details. What penetration testing methodology is the online retailer using?
1 point
❍ A. White box
❍ B. Passive reconnaissance
❍ C. Grey Box
❍ D. Ping scan
Clear selection
. A manufacturing company makes radar used by commercial and military organizations. A recently proposed policy change would allow the use of mobile devices inside the facility. Which of the following would be the MOST significant security issue associated with this change in policy?
1 point
❍ A. Unauthorized software on rooted devices
❍ B. Remote access clients on the mobile devices
❍ C. Out of date mobile operating systems
❍ D. Photo and video use
Clear selection
A company is designing an application that will be used at their remote store fronts. It is expected that this application will have a high demand and will require significant computing resources during the summer. During the winter, there will be little to no application use and resource use should be minimal. Which of these characteristics BEST describe this application requirement?
1 point
❍ A. Availability
❍ B. Orchestration
❍ C. Imaging
❍ D. Elasticity
Clear selection
Vala, a security analyst, has received an alert from her IPS regarding active exploit attempts from the Internet. Which of the following would provided detailed information about these exploit attempts?
1 point
❍ A. Netstat command
❍ B. Nmap scan
❍ C. Vulnerability scan
❍ D. Protocol analyzer
Clear selection
A user in the accounting department would like to send a spreadsheet to a list of third-party vendors. The size of the spreadsheet is too large to email, and the spreadsheet contains private information that must not be intercepted in-transit. Which of the following could be used to transfer this spreadsheet to the vendors? (Select TWO)
1 point
❍ A. IMAPS
❍ B. SRTP
❍ C. DNSSEC
❍ D. FTPS
❍ E. HTTPS
❍ F. SNMPv3
Clear selection
A system administrator would like to segment the network by department. The marketing, accounting, and manufacturing departments would have their own private networks, and the network communication between departments would be restricted to provide security. Which of the following should be configured on this network?
1 point
❍ A. VPN
❍ B. RBAC
❍ C. VLAN
❍ D. NAT
Clear selection
A transportation company has installed a new application in their datacenter to assist with client reservations. The application works properly the test environment, but it doesn’t respond when moved to the production data center network. The security team does not find any rules in the data center firewall that would be specific to this application. Which of the following is the MOST likely reason for this issue?
1 point
❍ A. The firewall is not configured with the correct application encryption certificate
❍ B. The application is being blocked by an implicit deny rule
❍ C. The application service is not started
❍ D. A VPN configuration is required for the application traffic flows
Clear selection
A company has determined that a device on the manufacturing floor used to cut aluminum is not repairable and it’s estimated that it will operate approximately ninety days before it must be replaced. Which of the following describes this estimate?
1 point
❍ A. MTTR
❍ B. RPO
❍ C. RTO
❍ D. MTTF
Clear selection
Janet, a manager in the marketing department, is promoting the company by posting pictures from her mobile device to a popular social media image sharing service. She has manually disabled the location services in the social media app, but she has asked the IT department to disable this functionality for all apps on the device. Which of the following should be disabled to meet this requirement?
1 point
❍ A. USB OTG
❍ B. WiFi Direct
❍ C. Geotagging
❍ D. Tethering
Clear selection
Which of the following would be considered multi-factor authentication?
1 point
❍ A. PIN and fingerprint
❍ B. USB token and smart card
❍ C. Username, password, and email address
❍ D. Face scan and voiceprint
Clear selection
Sam, a security administrator, is configuring the authentication process used by technicians when logging into a router. Instead of using accounts that are local to the router, Sam would like to pass all login requests to centralized database. Which of the following would be the BEST way to implement this requirement?
1 point
❍ A. NTLM
❍ B. RADIUS
❍ C. IPsec
❍ D. MS-CHAP
Clear selection
A security administrator is part of a project that will enhance the security of the desktops and servers in the company. An audit has recently found some old company login credentials on a public Internet message board. Which of the following policies should the security administrator enforce to limit the impact of this type of breach?
1 point
❍ A. Create a Group Policy to specify a minimum password length
❍ B. Encrypt all authentication traffic on the network
❍ C. Decrease the password expiration timeframe
❍ D. Store all passwords as salted hashes
Clear selection
A system administrator is setting up an IPsec tunnel on a firewall with the following parameters: Peer: 10.1.1.2 Version: IKEv1 mode Authentication: Pre-Shared KEY Encryption: DES Authentication hash: SHA256DH Group: Group 5 Lifetime: 1 hour Which of the following would best describe these configuration settings?
1 point
❍ A. The authentication mode is not associated with an IPsec tunnel
❍ B. The IKE version is invalid
❍ C. The encryption standard is too weak
❍ D. The peer address is invalid
Clear selection
A company has connected their wireless access points and have enabled WPS. Which of the following security issues would be associated with this configuration?
1 point
❍ A. Brute force
❍ B. Client hijacking
❍ C. Cryptographic vulnerability
❍ D. Spoofing
Clear selection
An organization has traditionally purchased insurance to cover ransomware attack, but the costs of maintaining the policy have increased above the acceptable budget. The company has now decided to cancel the insurance policies and deal with ransomware issues internally. Which of the following would best describe this action?
1 point
❍ A. Mitigating the risk
❍ B. Accepting the risk
❍ C. Transferring the risk
❍ D. Avoiding the risk
Clear selection
Which of these threat actors would be the MOST likely to deface a website to promote a political agenda?
1 point
❍ A. Organized crime
❍ B. Nation state
❍ C. Hacktivist
❍ D. Competitor
Clear selection
An IPS report of the last 24 hours shows that a series of exploit attempts were made against externally facing web servers. The system administrator of the web servers has identified a number of unusual log entries on each system. Which of the following would be the NEXT step in the incident response process?
1 point
❍ A. Check the IPS logs for any other potential attacks
❍ B. Create a plan for removing malware from the web servers
❍ C. Disable any breached user accounts
❍ D. Disconnect the web servers from the network
Clear selection
A security administrator is viewing the logs on a laptop in the shipping and receiving department and identifies these events: Which of the following would BEST describe the circumstances surrounding these events? 8:55:30 AM | D:\Downloads\ChangeLog-5.0.4.scr | Quarantine Success 9:22:54 AM | C:\Program Files\Photo Viewer\ViewerBase.dll | Quarantine Failure 9:44:05 AM | C:\Sales\Sample32.dat | Quarantine Success
1 point
❍ A. The antivirus application identified three viruses and quarantined two viruses
❍ B. The host-based firewall blocked two traffic flows
❍ C. A host-based whitelist has blocked two applications from executing
❍ D. A network-based IPS has identified two known vulnerabilities
Clear selection
In the past, an organization has relied on the curated Apple App Store to avoid the issues associated with malware and insecure applications. However, the IT department has discovered an iPhone in the shipping department that includes applications that are not available on the Apple App Store. How did the shipping department user install these apps on their mobile device?
1 point
❍ A. Sideloading
❍ B. MMS install
❍ C. OTA updates
❍ D. Tethering
Clear selection
A security team is investigating a compromised server that resulted in the loss of credit card information for thousands of customers. The webservers associated with the data breach was patched regularly each month. Forensic reviews show that the initial exploit was from a previously unknown application vulnerability. A week later, the stolen credit card data was found to be available for purchase on a well-known dark web credit card site. Which of these would be the MOST likely source of this attack?
1 point
❍ A. Organized crime
❍ B. Nation state
❍ C. Script kiddie
❍ D. Insiders
Clear selection
A security manager has ensured that the security posture of the organization includes electronic locks with cameras at the data center, firewalls on the Internet links, and specific policies for onboarding and offboarding employees. Which of the following would BEST describe these security mechanisms?
1 point
❍ A. OSI Layering
❍ B. Defense-in-depth
❍ C. Multi-factor authentication
❍ D. Role-based access control
Clear selection
A recent audit has found four different active service accounts that are configured with Administrator rights. The applications associated with these service accounts haven’t been used for years, and therefore the accounts are no longer necessary. Which of the following would be the BEST way to prevent this issue from occurring again?
1 point
❍ A. Enable password expirations for all accounts
❍ B. Disable all service accounts with Administrator permissions
❍ C. Increase the password complexity policy
❍ D. Require passwords of eight characters or more
Clear selection
Jack, a hacker, has identified a number of devices on a corporate network that use the username of “admin” and the password of “admin.” Which vulnerability describes this situation?
1 point
❍ A. Improper error handling
❍ B. Default configuration
❍ C. Weak cipher suite
❍ D. NULL pointer dereference
Clear selection
A security administrator has instituted a company-wide policy that disables the use of USB interfaces for removable storage devices. Which of the following is the MOST likely reason for this policy?
1 point
❍ A. Prevent operating system file corruption
❍ B. Avoid license compliance violations
❍ C. Prevent the use of a non-standard mouse or keyboard
❍ D. Protect against data exfiltration
Clear selection
A manufacturing company owns industrial equipment that cuts and shapes aluminum parts. The company has created an isolated network exclusively for the control and management of this equipment. Which category BEST describes this network?
1 point
❍ A. ICS
❍ B. SoC
❍ C. MFD
❍ D. IoT
Clear selection
An organization has developed an in-house mobile device app for order processing. The developers would like to have the app identify revoked server certificates without sending any traffic over the corporate Internet connection. Which of the following MUST be configured to allow this functionality?
1 point
❍ A. CSR
❍ B. OCSP stapling
❍ C. Key escrow
❍ D. Hierarchical CA
Clear selection
Sam, a security administrator, is configuring an IPsec tunnel to a remote site. Which protocol should she enable to protect all of the data traversing the VPN tunnel?
1 point
❍ A. AH
❍ B. Diffie-Hellman
❍ C. ESP
❍ D. SHA-2
Clear selection
A retail company is installing new credit card readers at their store locations. All of the card readers are the same make and model. One of the card readers is showing this message: SEGMENTATION FAULT! 0/PC=304C300h/JT#352 DdgPC=286EA8h/GID7 PLEASE REBOOT None of the other card readers are displaying this message. A check of the firewall log shows a remote device accessing the card reader prior to this issue. Which of the following would be the MOST likely reason for this issue?
1 point
❍ A. The card reader has identified a network issue
❍ B. The card reader is infected with malware
❍ C. The card reader requires a firmware upgrade
❍ D. The card reader has declined a transaction
Clear selection
Which of the following must be evaluated on all IT systems before a PIA is started?
1 point
❍ A. PTA
❍ B. RTO
❍ C. BIA
❍ D. RPO
Clear selection
A security administrator has identified a DoS attack against the company’s web server from an IPv4 address on the Internet. Which of the following security tools would provide additional details about the attacker’s location? (Select TWO)
1 point
❍ A. tracert
❍ B. arp
❍ C. ping
❍ D. ipconfig
❍ E. dig
❍ F. netcat
Clear selection
Which of the following cryptographic methods encrypts multiple fixed length blocks of plaintext with the same key?
1 point
❍ A. RIPEMD
❍ B. 3DES
❍ C. SHA
❍ D. ECB
Clear selection
An internal development team is building a new application that will traverse the corporate firewall during normal operation. While the application is in development, the programmers would like to have access to the logs on a test firewall to view the traffic flows of the application. The security administrator would like to grant this access during working hours, but restrict access after work. Which of these would be the BEST way for the security administrator to address this requirement?
1 point
❍ A. Assign firewall access to the developer group
❍ B. Block all network traffic during non-working hours
❍ C. Add TACACS+ integration to the firewall
❍ D. Use rule-based access controls
Clear selection
A security administrator is performing an audit of a server farm, and has obtained this information: Server: cloudflare-nginx Date: Mon, 19 May 2014 16:53:57 GMT Content-Type: text/html; charset=UTF-8 Connection: close Set-Cookie: __cfduid=d0437368; expires=23:50:00 GMT; Cache-Control: max-age=15Expires: Mon, 19 May 2014 16:54:12 GMTCF-RAY: 12d1d045a3880a12-ATL Which of these would describe this output?
1 point
❍ A. Password cracking
❍ B. Results of the nbtstat command
❍ C. Banner grabbing
❍ D. Exploit log
Clear selection
A company has rolled out a new application that requires the use of a hardware-based token generator. Which of the following would be the BEST description of this access feature?
1 point
❍ A. Something you know
❍ B. Something you do
❍ C. Something you are
❍ D. Something you have
Clear selection
A company has signed an SLA with an Internet service provider. Which of the following would BEST describe the content of the SLA?
1 point
❍ A. The customer will connect to partner locations over an IPsec tunnel
❍ B. The service provider will provide 99.999% uptime
❍ C. The customer applications use HTTPS over tcp/443
❍ D. Customer application use will be busiest on the 15th of each month
Clear selection
Malware that can copy itself to other systems without any user intervention is known as a:
1 point
❍ A. Virus
❍ B. Bot
❍ C. Worm
❍ D. Trojan
Clear selection
At which point during the deployment process should the secure baseline be updated?
1 point
❍ A. During the QA process
❍ B. After the move to production
❍ C. Between staging and production
❍ D. In the development sandbox
Clear selection
The CIO of an international online women’s apparel company has been making changes to their network over the last few years. The latest network design includes a primary data center in the United States and secondary data centers in London and Tokyo. Customers place orders online via HTTPS to servers at the closest data center, and these orders and customer profiles are then centrally stored in the United States datacenter. The connections between all data centers use Internet links with IPsec tunnels. Fulfillment requests are sent from the United States datacenter to shipping locations in the customer’s country. Which of the following should be the CIO’s MOST significant security concern with this existing network design?
1 point
❍ A. IPsec connects data centers over public Internet links
❍ B. Fulfillment requests are shipped within the customer’s country
❍ C. Customer information is transferred between countries
❍ D. The data centers are located geographically distant from each other
Clear selection
A company would like to modify the access control method used on their network. The existing access control method allows users to assign permissions, and some of those permission settings are not properly securing the company data. The security administrator is looking for an access control model that would allow the administrator to assign rights and permissions to a group. Users placed into this group would then inherit the group’s permissions, and changes to the group permissions would affect everyone in the group. Which of the following access control methods would BEST fit this requirement?
1 point
❍ A. Rule-based access control
❍ B. Role-based access control
❍ C. Discretionary access control
❍ D. Mandatory access control
Clear selection
The security team at a company has found a computer in the accounting department that is infected with a keylogger. After additional research, the security team has found that the keylogger was installed alongside an update of legitimate accounting software. Which of the following would prevent the transmission of the collected logs?
1 point
❍ A. Prevent the installation of all software
❍ B. Block all unknown outbound network traffic at the Internet firewall
❍ C. Install host-based anti-virus software
❍ D. Scan all incoming email attachments at the email gateway
Clear selection
5. A user in the marketing department is unable to connect to the wireless network. After authenticating with a username and password, the user receives this message: -- -- --The connection attempt could not be completed. The Credentials provided by the server could not be validated. Radius Server:
radius.example.com
Root CA: Example.com Internal CA Root Certificate-- -- -- The AP is configured with WPA2 encryption and 802.1X authentication. Which of the following is the MOST likely reason for this login issue?
1 point
❍ A. The user’s computer is in the incorrect VLAN
❍ B. The RADIUS server is not responding
❍ C. The user’s computer does not support WPA2 encryption
❍ D. The user is in a location with an insufficient wireless signal
❍ E. The client computer does not have the proper certificate installed
Clear selection
A security administrator has created a new policy that prohibits the use ofMD5 hashes due to collision problems. Which of the following describes the reason for this new policy?
1 point
❍ A. Two different messages have different hashes
❍ B. The original message can be derived from the hash
❍ C. Two identical messages have the same hash
❍ D. Two different messages share the same hash
Clear selection
Jack, a security administrator, has been tasked with hardening all of the internal web servers used by the organization. The web servers should be configured to prevent man-in-the-middle attacks and to protect the application traffic from protocol analysis. These requirements should be implemented without changing the configuration on the client systems. Which of the following should Jack include in his project plan?(Select TWO)
1 point
❍ A. Add DNSSEC records on the internal DNS servers
❍ B. Use HTTPS over port 443 for all server communication
❍ C. Use IPsec for client connections
❍ D. Create a web server certificate and sign it with the internal CA
❍ E. Require FTPS for all file transfers
Clear selection
A transportation company is building an email server that will integrate public key encryption and digital signatures of email content on a per message basis. The integration of these features will be part of the email client. Which of these protocols would be the BEST choice for these requirements?
1 point
❍ A. POP3S
❍ B. IPsec
❍ C. S/MIME
❍ D. IMAPS
Clear selection
Which of the following would be the BEST option for application testing in an environment that is completely separated from the production network?
1 point
❍ A. Virtualization
❍ B. VLANs
❍ C. Cloud computing
❍ D. Air gap
Clear selection
Hank, a finance manager, is responsible for the monthly employee payroll. To process the payroll, Hank logs into a third-party browser-based application and enters the hours worked for each employee. The financial transfers and physical check mailings are all provided by the third-party company. Hank does not maintain any servers or virtual machines within his company. Which of the following would BEST describe this application model?
1 point
❍ A. PaaS
❍ B. Private
❍ C. SaaS
❍ D. IaaS
Clear selection
Which of the following BEST describes the modification of application source code that removes white space, shortens variable names, and rearranges the text into a compact format?
1 point
❍ A. Confusion
❍ B. Obfuscation
❍ C. Encryption
❍ D. Diffusion
Clear selection
Which of the following vulnerabilities would be the MOST significant security concern when protecting against a competitor?
1 point
❍ A. Data center access with only one authentication method
❍ B. Spoofing of internal IP addresses when accessing an intranet server
❍ C. Employee VPN access uses a weak encryption cipher
❍ D. Lack of patch updates on an Internet-facing database server
Clear selection
A shipping company has hired a third-party to perform a vulnerability scan of all Internet-facing web servers. The third-party company reports that the current web server software version is susceptible to a memory leak vulnerability. Which of the following would be the expected result if this vulnerability was exploited?
1 point
❍ A. DoS
❍ B. Data theft
❍ C. Unauthorized system access
❍ D. Rootkit installation
Clear selection
Which of the following would be the BEST way to determine if files have been modified after the forensics process has occurred?
1 point
❍ A. Use a tamper seal on all storage devices
❍ B. Create a hash of the data
❍ C. Create an image of each storage device for future comparison
❍ D. Take screenshots of file directories with file sizes
Clear selection
A system administrator is implementing a password policy that would require letters, numbers, and special characters to be included in every password. Which of the following controls MUST be in place to enforce this password policy?
1 point
❍ A. Length
❍ B. Expiration
❍ C. Reuse
❍ D. Complexity
Clear selection
A software developer for a medical imaging company is creating an application to store image files using asymmetric encryption. Which of these technologies could be used for this application?
1 point
❍ A. Blowfish
❍ B. AES
❍ C. RSA
❍ D. RC4
❍ E. 3DES
Clear selection
A security analyst has installed an HTTPS-based web server application on the company intranet. Once login credentials are verified, access to the application is based on the IP address of the remote device. Which of the following security issues would be associated with this application?
1 point
❍ A. An attacker could use a replay attack to gain access to the application
❍ B. A spoofing attack would provide an attacker with unauthorized access to the application
❍ C. A watering hole attack would provide access to the application by outside users
❍ D. An MitM attack would allow an attacker to inject malicious code
❍ E. A manipulated network driver would allow an attacker to access the application data
Clear selection
Daniel, a system administrator, believes that certain configuration files on a Linux server have been modified from their original state. These modifications allow a particular group to restart a daemon on the server without the need for administrative access. Daniel has reverted the configurations to their original state, but he would like to be notified if they are changed again. Which of the following would be the BEST way to provide this functionality?
1 point
❍ A. HIPS
❍ B. File integrity check
❍ C. Application whitelist
❍ D. Patch management
❍ E. WAF
Clear selection
A security administrator is updating the network infrastructure to support802.1X authentication. Which of the following would be the BEST choice for this configuration?
1 point
❍ A. RADIUS
❍ B. HTTPS
❍ C. SNMPv3
❍ D. MS-CHAP
Clear selection
Your company owns a purpose-built appliance that doesn’t provide any access to the operating system and does not provide a method to upgrade the firmware. Which of the following describes this appliance?
1 point
❍ A. End-of-life
❍ B. Weak configuration
❍ C. Improper input handling
❍ D. Embedded system
Clear selection
Last month, a finance company disposed of seven-year-old printed customer account summaries that were no longer required for auditing purposes. A recent online search has now found that images of these documents are available as downloadable torrents. Which of the following would MOST likely have prevented this information breach?
1 point
❍ A. Pulping
❍ B. Degaussing
❍ C. NDA
❍ D. Fenced garbage disposal areas
Clear selection
A security manager believes that an employee is using their laptop to circumvent the corporate Internet security controls through the use of a cellular hotspot. Which of the following could be used to validate this belief? (Select TWO)
1 point
❍ A. HIPS
❍ B. UTM appliance logs
❍ C. Web application firewall events
❍ D. Host-based firewall logs
❍ E. Next-generation firewall logs
Clear selection
An application developer is creating a mobile device app that will include extensive encryption and decryption. Which of the following technologies would be the BEST choice for this app?
1 point
❍ A. AES
❍ B. Elliptic curve
❍ C. Diffie-Hellman
❍ D. PGP
Clear selection
Which of the following would be a common result of a successful vulnerability scan?
1 point
❍ A. A list of usernames and password hashes from a server
❍ B. A list of Microsoft patches that have not been applied to a server
❍ C. A copy of image files from a private file share
❍ D. The BIOS configuration of a server
Clear selection
A hospital has hired a third-party to check all Internet-facing servers for any security issues. The terms of the engagement are to obtain as much information as possible without actively gaining access to parts of the filesystem that require authentication. Which of the following would describe this engagement?
1 point
❍ A. Vulnerability scan
❍ B. Zero-day attack
❍ C. Passive reconnaissance
❍ D. Penetration test
A network administrator is troubleshooting an issue with a web server and is examining the server certificate. Which of the following would the administrator be able to view in this certificate?
1 point
❍ A. CRL
❍ B. CSR
❍ C. CA name
❍ D. The server’s private key
Clear selection
A system administrator has protected a set of system backups with an encryption key. The system administrator used the same key when restoring files from this backup. Which of the following would BEST describe this encryption type?
1 point
❍ A. Asymmetric
❍ B. Key escrow
❍ C. Symmetric
❍ D. Out-of-band key exchange
Clear selection
A security administrator has noticed an increase in the number of people who are writing down their login credentials on notepads at their desk. The company currently maintains seven different applications that all have different authentication methods. Which of the following technologies would be the BEST way to resolve the issue found by the security administrator?
1 point
❍ A. Multi-factor authentication
❍ B. SSO
❍ C. Server certificates
❍ D. AAA framework
Clear selection
An organization has identified a security breach and has removed the affected servers from the network. Which of the following is the NEXT step in the IR process?
1 point
❍ A. Eradication
❍ B. Preparation
❍ C. Recovery
❍ D. Identification
❍ E. Containment
Clear selection
A manager of the accounting department would like to minimize the opportunity for embezzlement and fraud from any of the current accounting team employees. Which of these policies should the manager use to avoid these issues?
1 point
❍ A. Background checks
❍ B. Clean desk policy
❍ C. Mandatory vacations
❍ D. Acceptable use policy
Clear selection
Which of the following would be the MAIN reasons why a system administrator would use a TPM when configuring full disk encryption?(Select TWO)
1 point
❍ A. Allows the encryption of multiple volumes
❍ B. Uses burned-in cryptographic keys
❍ C. Stores certificates in a hardware security module
❍ D. Protects against EMI leakage
❍ E. Includes built-in protections against brute-force attacks
Clear selection
A security administrator would like to create an access control where each file or folder is assigned a security clearance level, such as “confidential” or “secret.” The security administrator would then assign a maximum security level to each user. What type of access control would be used in this network?
1 point
❍ A. Mandatory
❍ B. Rule-based
❍ C. Discretionary
❍ D. Role-based
Clear selection
Cameron, a security administrator, is reviewing a report that shows a number of devices on internal networks attempting to connect with servers in the data center network. Which of the following security controls should Cameron add to prevent internal systems from accessing data center devices?
1 point
❍ A. VPN
❍ B. IPS
❍ C. NAT
❍ D. ACL
Clear selection
George is an executive for an advertising company, and he is attending a conference in another city. During the conference, he will be using his laptop in the conference center and his hotel. Which of the following would prevent direct access to his laptop from other devices on these networks?
1 point
❍ A. Host-based firewall
❍ B. VPN software
❍ C. Proxy
❍ D. Anti-virus and anti-malware software
Clear selection
A user in the mailroom has reported an overall slowdown of his shipping management software. An anti-virus scan did not identify any issues, but a more thorough malware scan identified a kernel driver that was not part of the original operating system installation. Which of the following malware was installed on this system?
1 point
❍ A. Rootkit
❍ B. RAT
❍ C. Bot
❍ D. Ransomware
❍ E. Keylogger
Clear selection
A large multinational company is launching a new application that will allow employees to access their benefits packages through an online web portal, and the application will be used for all employees around the world. The development team has designed the application to use token based authentication when users login. Which of the following would BEST describe this authentication process? (Select TWO)
1 point
❍ A. The server maintains the state of each authenticated user
❍ B. Token information can be sent in the clear
❍ C. No session information is stored on the server
❍ D. The token is provided with each request to the server
❍ E. The token for each user is stored in a centralized database
Clear selection
The manager of a data center needs to control and manage the people visiting and leaving the data center facilities throughout the day. If a person is entering the facility, they must check-in before they are allowed to move further into the building. People who are leaving must be formally checked-out before they are able to exit the building. Which of the following would be the BEST solution for this requirement?
1 point
❍ A. Mantrap
❍ B. Air gap
❍ C. Faraday cage
❍ D. Protected distribution
Clear selection
A security administrator has discovered that an employee has been exfiltrating confidential company information by embedding the data within image files and emailing the images to a third-party. Which of the following would best describe this activity?
1 point
❍ A. Digital signatures
❍ B. Steganography
❍ C. Block cipher
❍ D. Perfect forward secrecy
Clear selection
A security engineer is running a vulnerability scan on their own workstation. The scanning software is using the engineers account access to perform all scans. What type of scan is running?
1 point
❍ A. Black box
❍ B. Passive
❍ C. Credentialed
❍ D. Agile
Clear selection
Which of the following would be the best way to describe the estimated number of laptops that might be stolen in a fiscal year?
1 point
❍ A. ALE
❍ B. SLE
❍ C. ARO
❍ D. MTTR
Clear selection
Submission ID (skip this field)
*
⚠️ DO NOT EDIT this field or your time will not be recorded.
Your answer
Submit
Clear form
Never submit passwords through Google Forms.
This content is neither created nor endorsed by Google. -
Terms of Service
-
Privacy Policy
Does this form look suspicious?
Report
Forms
Help and feedback
Contact form owner
Help Forms improve
Report
