Front | Back |
A security administrator finished taking a forensic image of a computer’s memory. Which of the following should the administrator do to ensure image integrity?
A. Run the image through AES128. B.Run the image through a symmetric encryption algorithm. C.Compress the image to a password protected archive. D. Run the image through SHA256 |
D. Run the image through SHA256
|
Which of the following protocols requires the use of a CA based authentication process?
A. FTPS implicit
B. FTPS explicit
C. MD5
D. PEAP-TLS
|
D. PEAP-TLS
PEAP (Protected EAP) is a form of EAP developed by RSA, Microsoft, and Cisco. PEAP uses server-side PKI to build an encrypted EAP-TLS tunnel between the client and server prior to the client transmitting its authentication credentials (username, password, certs, etc.). PEAP is used to overcome some of the scalability problems associated with TLS. Cisco’s LEAP is an older EAP that uses TKIP and dynamic WEP keys rather than PKI and TLS for authentication confidentiality. PEAP has largely replaced LEAP. |
In which of the following locations would a forensic analyst look to find a hooked process?
A. BIOS
B. Slack space
C.RAM
D. Rootkit
|
C.- RAM
|
Which of the following is used in conjunction with PEAP to provide mutual authentication between peers?
A. LEAP
B. MSCHAPv2
C. PPP
D. MSCHAPv1
|
B. MSCHAPv2
|
In an 802.11n network, which of the following provides the MOST secure method of both encryption and authorization?
A. WEP with 802.1x
B. WPA Enterprise
C.WPA2-PSK
D.WPA with TKIP
|
B. WPA Enterprise
|
Which of the following refers to one of the testing stages in the software development process performed by customers or end users?
NAT EULA UAT UAC |
UAT
|
Which of the following ports are used by NetBIOS? (Select all that apply)
162 137 138 139 161 |
137 -
138 - 139 - |
The CRL contains a list of: a) private keys b) public keys c) root certificates d) valid certificates |
b) public keys
|
VLAN membership can be set through:
switch ports trunk ports MAC addresses |
Switch ports and MAC addresses
|
What is the purpose of M of N control?
|
Key recovery process
|
As one of the senior support technicians, your boss has assigned you a switch based task. You have been asked to configure a feature on the network switches that limits the number of devices that can be attached to a single port. Which option will provide this functionality? Choose the best option(s) from those listed below.
a) Port security b) EAP c) VLAN d) LDAP |
Port security is used to limit the number of different MAC address that can be attached to a switch port. Port security also allows you to configure a secure address on that port and, if any other device attempts to use it, no data will be transmitted. If you want a specific computer to be able to connect to a secure port, you can assign its MAC address to it. Once assigned, the port can only be used by the device with that MAC addresses. When a secure port has an address assigned, it will not deliver packets from any other source MAC address unless they are also assigned to the port.
Correct Option(s): a) Port security Incorrect Option(s): b) EAP - Extensible Authentication Protocol (EAP) is an authentication protocol. EAP cannot be used to enforce port security on a switch. c) VLAN - A virtual local area network (VLAN) is a group of network devices that function as if they were in a single LAN segment. VLAN cannot be used to enforce port security on a switch. d) LDAP - This option is incorrect as Lightweight Directory Access Protocol (LDAP) is a protocol used with an IP network to edit and read records. LDAP cannot be used to enforce port security on a switch. |
Which of the following security policies is BEST to use when trying to mitigate the risks involved with allowing a user to access company email via their cell phone?
A. The cell phone should require a password after a set period of inactivity.
B. The cell phone should only be used for company related emails.
C. The cell phone data should be encrypted according to NIST standards.
D. The cell phone should have data connection abilities disabled.
|
A. The cell phone should require a password after a set period of inactivity.
|
Which of the following should a technician recommend to prevent physical access to individual office areas? (Select TWO).
A. Video surveillance
B. Blockade
C. Key card readers
D. Mantrap
E. Perimeter fence
|
C. Key card readers
D. Mantrap
|
Users are utilizing thumb drives to connect to USB ports on company workstations. A technician is concerned that sensitive files can be copied to the USB drives. Which of the following mitigation techniques would address this concern? (Select TWO).
A. Disable the USB root hub within the OS.
B. Install anti-virus software on the USB drives.
C. Disable USB within the workstation BIOS.
D. Apply the concept of least privilege to USB devices.
E. Run spyware detection against all workstations.
|
A. Disable the USB root hub within the OS.
C. Disable USB within the workstation BIOS. |
Which of the following devices provides storage for RSA or asymmetric keys and may assist in user authentication? (Select TWO).
A. Trusted platform module
B. Hardware security module
C. Facial recognition scanner
D. Full disk encryption
E. Encrypted USB
|
A. Trusted platform module
B. Hardware security module
Trusted Platform Module (TPM) is both the name of a published specification detailing a secure cryptoprocessor that can store cryptographic keys that protect information, and the general name of implementations of that specification, often called the "TPM chip" or "TPM Security Device". (HSM) is a physical computing device that manages digital keys for strong authentication and provides cryptoprocessing without revealing decrypted data. These modules traditionally come in the form of a plug-in card or an external TCP/IP security device that can be attached directly to a server or general purpose computer. Each module contains one or more secure cryptoprocessor chips to prevent tampering and bus probing. Modules are also deployed in the form of network HSMs to manage Transparent Data Encryption keys associated with some databases. |