Exam || Questions & Answers (Graded A+)
Which of the following disk configurations might sustain losing two disks? (Select two.) -
ANSWER - RAID 1+0
Raid 0+1
You need to increase the security of your Linux system by finding and closing open
ports. Which of the following commands should you use to locate open ports? -
ANSWER - nmap
Which of the following solutions would you use to control the actions that users can
perform on a computer, such as shutting down the system, logging on through the
network, or loading and unloading device drivers? - ANSWER - Group Policy
Which type of malicious activity can be described as numerous unwanted and
unsolicited email messages sent to a wide range of victims? - ANSWER - spamming
You need to secure your wireless network. Which security protocol would be the best
choice? - ANSWER - WPA2
Which is a typical goal of MAC spoofing? - ANSWER - Bypassing 802.1x port-based
security
What does an IDS that uses signature recognition use to identify attacks? - ANSWER -
Comparison to a database of known attacks
What should you do to a user account if the user goes on an extended vacation? -
ANSWER - Disable the account
Which of the following controls is an example of a physical access control method? -
ANSWER - locks on doors
Which of the following is not an advantage when using an internal auditor to examine
security systems and relevant documentation? - ANSWER - Findings in the audit and
subsequent summations are viewed objectively.
You have recently experienced a security incident with one of your servers. After some
research, you determine that the hotfix #568994 that has recently been released would
have protected the server.
Which of the following recommendations should you follow when applying the hotfix? -
ANSWER - Test the hotfix and then apply it to all servers.
,Sensitive data is monitored by the data loss prevention (DLP) system in four different
states. Which of the following is NOT one of the states monitored by DLP? - ANSWER -
While a file with sensitive data is being created.
Your company has five salesmen who work out of the office and frequently leave their
laptops laying on their desks in their cubicles. You are concerned that someone might
walk by and take one of these laptops. Which of the following is the best protection to
implement to address your concerns? - ANSWER - Use cable locks to chain the laptops
to the desks
You've used BitLocker to implement full volume encryption on a notebook system. The
notebook motherboard does not have a TPM chip, so you've used an external USB
flash drive to store the BitLocker startup key.
You use EFS to encrypt the C:\Secrets folder and its contents. Which of the following is
true in this scenario? (Select two.) - ANSWER - By default, only the user who encrypted
the C:\Secrets\confidential.docx file will be able to open it.
If the C:\Secrets\confidential.docx file is copied to an external USB flash drive, it will be
saved in an unencrypted state
Flexibility - ANSWER - Moving virtual machines between hypervisor hosts
Testing - ANSWER - Verifying that security controls are working as designed
Server consolidation - ANSWER - Performing a physical-to-virtual migration (P2V)
Sandboxing - ANSWER - Isolating a virtual machine from the physical network
Which of the following are requirements to deploy Kerberos on a network? (Select two.)
- ANSWER - Time synchronization between devices
A centralized database of users and passwords
You want to implement an IDS system that uses rules or statistical analysis to detect
attacks. Which type of IDS should you deploy? - ANSWER - Anomaly
Which type of password attack employs a list of pre-defined passwords that it tries
against a login prompt or a local copy of a security accounts database? - ANSWER -
Dictionary
An attacker has obtained the logon credentials for a regular user on your network.
Which type of security threat exists if this user account is used to perform administrative
functions? - ANSWER - Privilege escalation
, Tom Plask was recently transferred to the Technical Support department. He now
needs access to the network resources used by Support employees.
To grant him access, you need to add Tom Plask's user account to the Support group in
the Active Directory domain.
Click the tab in the properties of the Tom Plask user object you would use to accomplish
this. - ANSWER - Member of
Which of the following accurately describes what a protocol analyzer is used for?
(Select two.) - ANSWER - A device that does not allow you to capture, modify, and
retransmit frames (to perform
an attack).
A passive device that is used to copy frames and allow you to view frame contents.
To transfer files to your company's internal network from home, you use FTP. The
administrator has recently implemented a firewall at the network perimeter and disabled
as many ports as possible.
Now you can no longer make the FTP connection. You suspect the firewall is causing
the issue. Which ports need to remain open so you can still transfer the files? (Select
two.) - ANSWER - 20
21
Your network uses the following backup strategy: • Full backups every Sunday night
• Incremental backups Monday night through Saturday night
On a Thursday morning, the storage system fails. How many restore operations will you
need to
perform to recover all of the data? - ANSWER - 4
You want to be able to identify the services running on a set of servers on your network.
Which tool would best give you the information you need? - ANSWER - Vulnerability
scanner
What is the most important aspect of a biometric device? - ANSWER - Accuracy
What chage command should you use to set the password for jsmith to expire after 60
days and give a warning 10 days before it expires? (Tip: Enter the command as if at the
command prompt.) - ANSWER - chage -M 60 -W 10 jsmith
Stealing information. - ANSWER - Exploitation
Preparing a computer to perform additional tasks in the attack. - ANSWER - staging
Crashing systems. - ANSWER - exploitation
Gathering system hardware information. - ANSWER - reconnaissance