401 SEC+ Exam Guaranteed Pass: Comprehensive
Explanations & Solutions Designed to Boost
Academic Performance
Which of the following helps to establish an accurate timeline for a network intrusion?
A. Hashing images of compromised systems
B. Reviewing the date of the antivirus definition files
C. Analyzing network traffic and device logs
D. Enforcing DLP controls at the perimeter - -correct ans- -Answer: C
Explanation:
Network activity as well as intrusion can be viewed on device logs and by analyzing the network
traffic that passed through your network. Thus to establish an accurate timeline for a network
intrusion you can look at and analyze the device logs and network traffic to yield the
appropriate information.
Although a vulnerability scan report shows no vulnerabilities have been discovered, a
subsequent penetration test reveals vulnerabilities on the network. Which of the following has
been reported by the vulnerability scan?
A. Passive scan
B. Active scan
C. False positive
D. False negative - -correct ans- -Answer: D
Explanation:
With a false negative, you are not alerted to a situation when you should be alerted. A False
negative is exactly the opposite of a false positive.
Which of the following documents outlines the technical and security requirements of an
agreement between organizations?
,A. BPA
B. RFQ
C. ISA
D. RFC - -correct ans- -Answer: C
Explanation:
ISA/ Interconnection Security Agreement is an agreement between two organizations that have
connected systems. The agreement documents the technical requirements of the connected
systems.
An organization processes credit card transactions and is concerned that an employee may
intentionally email credit card numbers to external email addresses. This company should
consider which of the following technologies?
A. IDS
B. Firewalls
C. DLP
D. IPS - -correct ans- -Answer: C
Explanation:
A Data Loss Prevention technology is aimed at detecting and preventing unauthorized access to,
use of, or transmission of sensitive information such as credit card details
Which of the following, if properly implemented, would prevent users from accessing files that
are unrelated to their job duties? (Select TWO).
A. Separation of duties
B. Job rotation
C. Mandatory vacation
D. Time of day restrictions
E. Least privilege - -correct ans- -Answer: A,E
, Explanation:
Separation of duties means that users are granted only the permissions they need to do their
work and no more. More so it means that you are employing best practices. The segregation of
duties and separation of environments is a way to reduce the likelihood of misuse of systems or
information. A separation of duties policy is designed to reduce the risk of fraud and to prevent
other losses in an organization.
A least privilege policy should be used when assigning permissions. Give users only the
permissions that they need to do their work and no more.
A large bank has moved back office operations offshore to another country with lower wage
costs in an attempt to improve profit and productivity. Which of the following would be a
customer concern if the offshore staff had direct access to their data?
A. Service level agreements
B. Interoperability agreements
C. Privacy considerations
D. Data ownership - -correct ans- -Answer: C
Explanation:
Businesses such as banks have legally mandated privacy requirements and with moving
operations offshore there is decentralized control with has implications for privacy of data.
Which of the following are examples of detective controls? A.
Biometrics, motion sensors and mantraps.
B. Audit, firewall, anti-virus and biometrics.
C. Motion sensors, intruder alarm and audit.
D. Intruder alarm, mantraps and firewall - -correct ans- -Answer: C
Explanations & Solutions Designed to Boost
Academic Performance
Which of the following helps to establish an accurate timeline for a network intrusion?
A. Hashing images of compromised systems
B. Reviewing the date of the antivirus definition files
C. Analyzing network traffic and device logs
D. Enforcing DLP controls at the perimeter - -correct ans- -Answer: C
Explanation:
Network activity as well as intrusion can be viewed on device logs and by analyzing the network
traffic that passed through your network. Thus to establish an accurate timeline for a network
intrusion you can look at and analyze the device logs and network traffic to yield the
appropriate information.
Although a vulnerability scan report shows no vulnerabilities have been discovered, a
subsequent penetration test reveals vulnerabilities on the network. Which of the following has
been reported by the vulnerability scan?
A. Passive scan
B. Active scan
C. False positive
D. False negative - -correct ans- -Answer: D
Explanation:
With a false negative, you are not alerted to a situation when you should be alerted. A False
negative is exactly the opposite of a false positive.
Which of the following documents outlines the technical and security requirements of an
agreement between organizations?
,A. BPA
B. RFQ
C. ISA
D. RFC - -correct ans- -Answer: C
Explanation:
ISA/ Interconnection Security Agreement is an agreement between two organizations that have
connected systems. The agreement documents the technical requirements of the connected
systems.
An organization processes credit card transactions and is concerned that an employee may
intentionally email credit card numbers to external email addresses. This company should
consider which of the following technologies?
A. IDS
B. Firewalls
C. DLP
D. IPS - -correct ans- -Answer: C
Explanation:
A Data Loss Prevention technology is aimed at detecting and preventing unauthorized access to,
use of, or transmission of sensitive information such as credit card details
Which of the following, if properly implemented, would prevent users from accessing files that
are unrelated to their job duties? (Select TWO).
A. Separation of duties
B. Job rotation
C. Mandatory vacation
D. Time of day restrictions
E. Least privilege - -correct ans- -Answer: A,E
, Explanation:
Separation of duties means that users are granted only the permissions they need to do their
work and no more. More so it means that you are employing best practices. The segregation of
duties and separation of environments is a way to reduce the likelihood of misuse of systems or
information. A separation of duties policy is designed to reduce the risk of fraud and to prevent
other losses in an organization.
A least privilege policy should be used when assigning permissions. Give users only the
permissions that they need to do their work and no more.
A large bank has moved back office operations offshore to another country with lower wage
costs in an attempt to improve profit and productivity. Which of the following would be a
customer concern if the offshore staff had direct access to their data?
A. Service level agreements
B. Interoperability agreements
C. Privacy considerations
D. Data ownership - -correct ans- -Answer: C
Explanation:
Businesses such as banks have legally mandated privacy requirements and with moving
operations offshore there is decentralized control with has implications for privacy of data.
Which of the following are examples of detective controls? A.
Biometrics, motion sensors and mantraps.
B. Audit, firewall, anti-virus and biometrics.
C. Motion sensors, intruder alarm and audit.
D. Intruder alarm, mantraps and firewall - -correct ans- -Answer: C
