23/02/12

SY0-301 E am 001 (50)

Y F C (L )

Network Securit
Home My courses Security+ Topic 1 SY0-301 Exam 001 (50) Review of attempt 1

Qui navigation 1 8 2 9 3 4 5 6 7 Started on Completed on Time taken Grade

Review of attempt 1
Thursday, 23 February 2012, 06:13 PM Thursday, 23 February 2012, 07:13 PM 1 hour 522.00 out of a maximum of 1000.00 (52%)

10 11 12 13 14

15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 Show one page at a time Finish review

1
M : 20.00/20.00

Actively monitoring data streams in search of malicious code or behavior is an example of: Choose one answer. a. content inspection. b. URL filtering. c. an Internet proxy. d. load balancing. Correct Marks for this submission: 20.00/20.00.

2
M : 20.00/20.00

A small company needs to invest in a new expensive database. The company's budget does not include thepurchase of additional servers or personnel. Which of the following solutions would allow the smallcompany to save money on hiring additional personnel and minimize the footprint in their currentdatacenter? Choose one answer. a. Allow users to telecommute b. Software as a Service c. Infrastructure as a Service d. Setup a load balancer Correct Marks for this submission: 20.00/20.00.

3
M : 20.00/20.00

Which of the following is the BEST way to mitigate data loss if a portable device is compromised? Choose one answer. a. Biometric authentication b. Full disk encryption c. Common access card d. Strong password complexity Correct Marks for this submission: 20.00/20.00.

4
M : 0.00/20.00

Which of the following methods of access, authentication, and authorization is the MOST secure by default? Choose one answer. a. TACACS b. RADIUS c. LDAP

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

1/15

23/02/12

SY0-301 E am 001 (50) c. LDAP

d. Kerberos Incorrect Marks for this submission: 0.00/20.00.

5
M : 0.00/20.00

A Human Resource manager is assigning access to users in their specific department performing the same job function. This is an example of: Choose one answer. a. mandatory access control. b. role-based access control. c. centralized access control. d. rule-based access control. Incorrect Marks for this submission: 0.00/20.00.

6
M : 20.00/20.00

Which of the following elements of PKI are found in a browser's trusted root CA? Choose one answer. a. Symmetric key b. Private key c. Public key d. Recovery key Correct Marks for this submission: 20.00/20.00.
H # 1 2 G Close&grade : Action P Public ke Response 18:24:40 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

18:24:40 on 23/02/12

7
M : 20.00/20.00

WEP is seen as an unsecure protocol based on its improper use of which of the following? Choose one answer. a. RC4 b. 3DES c. AES d. RC6 Correct Marks for this submission: 20.00/20.00.
H # 1 2 G Close&grade : Action Response RC4 RC4 18:24:56 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

18:24:56 on 23/02/12

8
M : 0.00/20.00

Which of the following asymmetric encryption keys is used to encrypt data to ensure only the intended recipient can decrypt the ciphertext? Choose one answer. a. Public b. Private
2/15

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

23/02/12

SY0-301 E am 001 (50) b. Private

c. Preshared d. Escrow Incorrect Marks for this submission: 0.00/20.00.

H # 1 2 G Close&grade : Action P Preshared Response 18:25:37 Time 23/02/12 Raw score 0.00 0.00 Grade 0.00 0.00

18:25:37 on 23/02/12

9
M : 20.00/20.00

A programmer allocates 16 bytes for a string variable, but does not adequately ensure that more than 16 bytes cannot be copied into the variable. This program may be vulnerable to which of the following attacks? Choose one answer. a. Cross-site scripting b. Session hijacking c. Buffer overflow d. Directory traversal Correct Marks for this submission: 20.00/20.00.
H # 1 2 G Close&grade : Action B Buffer ov erflow Response 18:26:12 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

18:26:12 on 23/02/12

10
M : 20.00/20.00

A security administrator needs to implement a site-to-site VPN tunnel between the main office and a remotebranch. Which of the following protocols should be used for the tunnel? Choose one answer. a. RTP b. SNMP c. IPSec d. 802.1X Correct Marks for this submission: 20.00/20.00.
H # 1 2 G Close&grade : Action IPS IPSec Response 18:26:36 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

18:26:36 on 23/02/12

11
M : 20.00/20.00

Which of the following protocols should be blocked at the network perimeter to prevent host enumeration by sweep devices? Choose one answer. a. HTTPS b. IPv4 c. ICMP d. SSH Correct

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

3/15

23/02/12
H # 1 2 G

SY0-301 E am 001 (50)

Marks for this submission: 20.00/20.00.

: Action Response ICMP ICMP 18:30:19 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

Close&grade

18:30:19 on 23/02/12

12
M : 20.00/20.00

DRPs should contain which of the following? Choose one answer. a. Hierarchical list of non-critical personnel b. Hierarchical access control lists c. Identification of single points of failure d. Hierarchical list of critical systems Correct Marks for this submission: 20.00/20.00.
H # 1 2 G Close&grade Action H Hierarchical list of critical s stems : Response 18:30:50 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

18:30:50 on 23/02/12

13
M : 18.00/20.00

A targeted email attack sent to the company's Chief Executive Officer (CEO) is known as which of the following? Choose one answer. a. Dumpster diving b. Bluesnarfing c. Whaling d. Vishing Correct Marks for this submission: 20.00/20.00. With previous penalties this gives 18.00/20.00.
H # 1 2 3 G G Close&grade : Action V W Whaling Response 18:31:50 18:31:59 Time 23/02/12 23/02/12 Raw score 0.00 20.00 20.00 Grade 0.00 20.00 20.00

18:31:59 on 23/02/12

14
M : 20.00/20.00

A user downloads a keygen to install pirated software. After running the keygen, system performance is extremely slow and numerous antivirus alerts are displayed. Which of the following BEST describes this type of malware? Choose one answer. a. Worm b. Adware c. Logic bomb d. Trojan Correct Marks for this submission: 20.00/20.00.
H # 1 2 G Close&grade : Action T Troj an Response 18:32:27 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

18:32:27 on 23/02/12

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

4/15

23/02/12

SY0-301 E am 001 (50)

15
M : 20.00/20.00

Which of the following allows a security administrator to set device traps? Choose one answer. a. ICMP b. SNMP c. TLS d. SSH Correct Marks for this submission: 20.00/20.00.
H # 1 2 G Close&grade : Action Response SNMP SNMP 18:33:12 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

18:33:12 on 23/02/12

16
M : 18.00/20.00

Which of the following should a security administrator implement to prevent users from disrupting network connectivity, if a user connects both ends of a network cable to different switch ports? Choose one answer. a. Access control b. VLAN separation c. DMZ d. Loop protection Correct Marks for this submission: 20.00/20.00. With previous penalties this gives 18.00/20.00.
H # 1 2 3 G G Close&grade : Action VLAN L Loop protection Response 18:34:45 18:35:12 Time 23/02/12 23/02/12 Raw score 0.00 20.00 20.00 Grade 0.00 20.00 20.00

18:35:12 on 23/02/12

17
M : 0.00/20.00

Which of the following requires special handling and explicit policies for data retention and data distribution? Choose one answer. a. Personally identifiable information b. Zero day exploits c. Phishing attacks d. Personal electronic devices Incorrect Marks for this submission: 0.00/20.00.
H # 1 2 3 G G Close&grade Action P P Personal electronic dev ices : Response 18:36:10 18:37:13 Time 23/02/12 23/02/12 Raw score 0.00 0.00 0.00 Grade 0.00 0.00 0.00

18:37:13 on 23/02/12

18
M :

Where are revoked certificates stored?

all=1 5/15

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

23/02/12
18.00/20.00

SY0-301 E am 001 (50)

Choose one answer.

a. Recovery agent b. Key escrow c. Registration d. CRL

Correct Marks for this submission: 20.00/20.00. With previous penalties this gives 18.00/20.00.
H # 1 3 G Close&grade : Action R CRL Response 18:38:22 Time 23/02/12 Raw score 0.00 20.00 Grade 0.00 20.00

18:38:36 on 23/02/12

19
M : 18.00/20.00

Which of the following allows a user to have a one-time password? Choose one answer. a. PIV b. Tokens c. SSO d. Biometrics Correct Marks for this submission: 20.00/20.00. With previous penalties this gives 18.00/20.00.
H # 1 3 G Close&grade : Action B Tokens Response 18:39:27 Time 23/02/12 Raw score 0.00 20.00 Grade 0.00 20.00

18:39:37 on 23/02/12

20
M : 20.00/20.00

Which of the following uses TCP port 22 by default? Choose one answer. a. SSL, SCP, and TFTP b. TLS, TELNET, and SCP c. SSH, SCP, and SFTP d. HTTPS, SFTP, and TFTP Correct Marks for this submission: 20.00/20.00.
H # 1 2 G Close&grade Action SSH, SCP, : Response SFTP 18:40:24 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

SSH, SCP, and SFTP

18:40:24 on 23/02/12

21
M : 0.00/20.00

Which of the following BEST explains the security benefit of a standardized server image? Choose one answer. a. Anti-virus software will be installed and current. b. All current security updates for the operating system will have already been applied. c. Mandated security configurations have been made to the operating system. d. Operating system license use is easier to track.

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

6/15

23/02/12

SY0-301 E am 001 (50)

Incorrect Marks for this submission: 0.00/20.00.

H # 1 G Action A ... 2 Close&grade All current securit updates for the operating s stem w ill hav e alread been ... : Response Time 18:42:26 23/02/12 18:42:26 on 23/02/12 Raw score 0.00 0.00 Grade 0.00 0.00

22
M : 0.00/20.00

Which of the following is an example of requiring users to have a password of 16 characters or more? Choose one answer. a. Password recovery requirements b. Password length requirements c. Password complexity requirements d. Password expiration requirements Incorrect Marks for this submission: 0.00/20.00.
H # 1 2 3 G G Close&grade Action P P Passw ord recov er requirements : Response 18:43:04 18:43:17 Time 23/02/12 23/02/12 Raw score 0.00 0.00 0.00 Grade 0.00 0.00 0.00

18:43:17 on 23/02/12

23
M : 0.00/20.00

Which of the following must a security administrator do when the private key of a web server has been compromised by an intruder? Choose one answer. a. Submit the private key to the CRL. b. Submit the public key to the CRL. c. Use the recovery agent to revoke the key. d. Issue a new CA. Incorrect Marks for this submission: 0.00/20.00.
H # 1 2 G Close&grade Action U : Response . 18:44:27 Time 23/02/12 Raw score 0.00 0.00 Grade 0.00 0.00

Use the recov er agent to rev oke the ke .

18:44:27 on 23/02/12

24
M : 18.00/20.00

In an 802.11n network, which of the following provides the MOST secure method of both encryption and authorization? Choose one answer. a. WPA Enterprise b. WPA2-PSK c. WPA with TKIP d. WEP with 802.1x Correct Marks for this submission: 20.00/20.00. With previous penalties this gives 18.00/20.00.
H # : Action Response Time Raw score Grade

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

7/15

23/02/12
1 2 3 G G

SY0-301 E am 001 (50)

WPA2-PSK WPA E WPA Enterprise 18:44:59 18:45:04 23/02/12 23/02/12 0.00 20.00 20.00 0.00 20.00 20.00

Close&grade

18:45:04 on 23/02/12

25
M : 20.00/20.00

A user is no longer able to transfer files to the FTP server. The security administrator has verified the ports are open on the network firewall. Which of the following should the security administrator check? Choose one answer. a. Anti-spam software b. Anti-virus software c. ACLs d. NIDS Correct Marks for this submission: 20.00/20.00.
H # 1 2 G Close&grade : Action Response ACL ACLs 18:45:37 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

18:45:37 on 23/02/12

26
M : 20.00/20.00

When examining HTTP server logs the security administrator notices that the company's online storecrashes after a particular search string is executed by a single external user. Which of the following BESTdescribes this type of attack? Choose one answer. a. Spoofing b. Spim c. DDoS d. DoS Correct Marks for this submission: 20.00/20.00.
H # 1 2 G Close&grade : Action Response D S DoS 18:47:15 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

18:47:15 on 23/02/12

27
M : 18.00/20.00

In which of the following locations would a forensic analyst look to find a hooked process? Choose one answer. a. Slack space b. Rootkit c. RAM d. BIOS Correct Marks for this submission: 20.00/20.00. With previous penalties this gives 18.00/20.00.
H # 1 2 3 G G Close&grade : Action R RAM RAM Response 18:47:57 18:48:02 Time 23/02/12 23/02/12 Raw score 0.00 20.00 20.00 Grade 0.00 20.00 20.00

18:48:02 on 23/02/12

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

8/15

23/02/12

SY0-301 E am 001 (50)

28
M : 0.00/20.00

Which of the following is the BEST way to secure data for the purpose of retention? Choose one answer. a. Virtualization b. RAID 5 on-site backup c. Off-site backup d. On-site clustering Incorrect Marks for this submission: 0.00/20.00.
H # 1 2 3 G G Close&grade Action RAID 5 O On-site clustering : Response 18:48:58 18:49:06 Time 23/02/12 23/02/12 Raw score 0.00 0.00 0.00 Grade 0.00 0.00 0.00

18:49:06 on 23/02/12

29
M : 18.00/20.00

Centrally authenticating multiple systems and applications against a federated user database is an example of: Choose one answer. a. common access card. b. single sign-on. c. access control list. d. smart card. Correct Marks for this submission: 20.00/20.00. With previous penalties this gives 18.00/20.00.
H # 1 2 3 G G Close&grade . : Action Response . 18:50:30 18:50:40 Time 23/02/12 23/02/12 Raw score 0.00 20.00 20.00 Grade 0.00 20.00 20.00

single sign-on.

18:50:40 on 23/02/12

30
M : 0.00/20.00

A security administrator finished taking a forensic image of a computer's memory. Which of the following should the administrator do to ensure image integrity? Choose one answer. a. Run the image through SHA256. b. Compress the image to a password protected archive. c. Run the image through AES128. d. Run the image through a symmetric encryption algorithm. Incorrect Marks for this submission: 0.00/20.00.
H # 1 G 2 G 3 Close&grade Action R R AES128. : Response . Time 18:51:29 18:51:39 23/02/12 23/02/12 Raw score 0.00 0.00 0.00 Grade 0.00 0.00 0.00

Run the image through AES128.

18:51:39 on 23/02/12

31
M : 20.00/20.00

Which of the following is the primary purpose of using a digital signature? (Select TWO).

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

9/15

23/02/12

SY0-301 E am 001 (50)

Choose at least one answer.

a. Confidentiality b. Integrity c. Encryption d. Non-repudiation e. Availability

Correct Marks for this submission: 20.00/20.00.

H # 1 2 G Close&grade Action I ;N : Response 18:52:08 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

Integrit ; Non-repudiation

18:52:08 on 23/02/12

32
M : 18.00/20.00

Which of the following should be performed if a smartphone is lost to ensure no data can be retrieved from it? Choose one answer. a. Remote wipe b. Device encryption c. GPS tracking d. Screen lock Correct Marks for this submission: 20.00/20.00. With previous penalties this gives 18.00/20.00.
H # 1 2 3 G G Close&grade : Action D R Remote w ipe Response 18:53:10 18:53:17 Time 23/02/12 23/02/12 Raw score 0.00 20.00 20.00 Grade 0.00 20.00 20.00

18:53:17 on 23/02/12

33
M : 18.00/20.00

Which of the following protocols only encrypts password packets from client to server? Choose one answer. a. TACACS+ b. RADIUS c. XTACACS d. TACACS Correct Marks for this submission: 20.00/20.00. With previous penalties this gives 18.00/20.00.
H # 1 2 3 G G Close&grade RADIUS RADIUS : Action Response 18:53:41 18:53:46 Time 23/02/12 23/02/12 Raw score 0.00 20.00 20.00 Grade 0.00 20.00 20.00

18:53:46 on 23/02/12

34
M : 20.00/20.00

The security administrator often observes that an employee who entered the datacenter does not match the owner of the PIN that was entered into the keypad. Which of the following would BEST prevent this situation? Choose one a. Multifactor authentication
10/15

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

23/02/12

SY0-301 E am 001 (50)

answer.

b. Username and password c. Biometrics d. Mandatory access control

Correct Marks for this submission: 20.00/20.00.

35
M : 0.00/20.00

With which of the following is RAID MOST concerned? Choose one answer. a. Baselining b. Availability c. Confidentiality d. Integrity Incorrect Marks for this submission: 0.00/20.00.
H # 1 2 3 G G Close&grade : Action I B Baselining Response 18:58:41 18:58:55 Time 23/02/12 23/02/12 Raw score 0.00 0.00 0.00 Grade 0.00 0.00 0.00

18:58:55 on 23/02/12

36
M : 0.00/20.00

Which of the following is specific to a buffer overflow attack? Choose one answer. a. Which of the following is specific to a buffer overflow attack? b. Initial vector c. Session cookies d. Directory traversal Incorrect Marks for this submission: 0.00/20.00.

37
M : 0.00/20.00

Which of the following is an example of allowing a user to perform a self-service password reset? Choose one answer. a. Password expiration b. Password recovery c. Password complexity d. Password length Incorrect Marks for this submission: 0.00/20.00.

38
M : 20.00/20.00

An administrator is updating firmware on routers throughout the company. Where should the administrator document this work? Choose one answer. a. Compliance Review System b. Router's System Log c. Event Viewer

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

11/15

23/02/12

SY0-301 E am 001 (50)

d. Change Management System Correct Marks for this submission: 20.00/20.00.

H # 1 2 G Close&grade Action C M : Response S 19:01:28 Time 23/02/12 Raw score 20.00 20.00 Grade 20.00 20.00

Change Management S stem

19:01:28 on 23/02/12

39
M : 0.00/20.00

Which of the following MUST a programmer implement to prevent cross-site scripting? Choose one answer. a. Validate input to remove Java bit code b. Validate input to remove shell scripts c. Validate input to remove batch files d. Validate input to remove hypertext Incorrect Marks for this submission: 0.00/20.00.

40
M : 0.00/20.00

The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses: Choose one answer. a. the same key on each end of the transmission medium. b. bulk encryption for data transmission over fiber. c. different keys on both ends of the transport medium. d. multiple keys for non-repudiation of bulk data. Incorrect Marks for this submission: 0.00/20.00.

41
M : 20.00/20.00

Which of the following BEST describes the process of key escrow? Choose one answer. a. Maintains a secured copy of a user's private key to recover the certificate revocation list b. Maintains a copy of a user's public key for the sole purpose of recovering messages if it is lost c. Maintains a secured copy of a user's private key for the sole purpose of recovering the key if it is lost d. Maintains a secured copy of a user's public key in order to improve network performance Correct Marks for this submission: 20.00/20.00.

42
M : 0.00/20.00

Which of the following reduces the likelihood of a single point of failure when a server fails? Choose one answer. a. Clustering b. Cold site c. RAID

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

12/15

23/02/12

SY0-301 E am 001 (50)

d. Virtualization Incorrect Marks for this submission: 0.00/20.00.

43
M : 0.00/20.00

Which of the following network devices would MOST likely be used to detect but not react to suspicious behavior on the network? Choose one answer. a. Firewall b. HIDS c. NIPS d. NIDS Incorrect Marks for this submission: 0.00/20.00.

44
M : 0.00/20.00

Several classified mobile devices have been stolen. Which of the following would BEST reduce the data leakage threat? Choose one answer. a. Immediately inform local law enforcement. b. Use GPS tracking to find the devices. c. Remotely sanitize the devices. d. Use stronger encryption algorithms. Incorrect Marks for this submission: 0.00/20.00.

45
M : 0.00/20.00

Which of the following facilitates computing for heavily utilized systems and networks? Choose one answer. a. VPN concentrator b. Telephony c. Provider cloud d. Remote access Incorrect Marks for this submission: 0.00/20.00.

46
M : 0.00/20.00

Which of the following is used in conjunction with PEAP to provide mutual authentication between peers? Choose one answer. a. LEAP b. MSCHAPv2 c. PPP d. MSCHAPv1 Incorrect Marks for this submission: 0.00/20.00.

47
m dle.c ekgl bal.c m/m d/

A new enterprise solution is currently being evaluated due to its potential to increase the company's
all=1 13/15

i / e ie . h ?a em =160& h

23/02/12
M : 0.00/20.00

SY0-301 E am 001 (50)

profit margins. The security administrator has been asked to review its security implications. While evaluating the product, various vulnerability scans were performed. It was determined that the product is not a threat but has the potential to introduce additional vulnerabilities. Which of the following assessment types should the security administrator also take into consideration while evaluating this product? Choose one answer. a. Vulnerability assessment b. Code assessment c. Threat assessment d. Risk assessment Incorrect Marks for this submission: 0.00/20.00.

48
M : 0.00/20.00

Which of the following devices provides storage for RSA or asymmetric keys and may assist in user authentication? (Select TWO). Choose at least one answer. a. Full disk encryption b. Hardware security module c. Facial recognition scanner d. Encrypted USB e. Trusted platform module Incorrect Marks for this submission: 0.00/20.00.

49
M : 0.00/20.00

A system administrator could have a user level account and an administrator account to prevent: Choose one answer. a. administrative account lockout. b. password sharing. c. implicit deny. d. escalation of privileges. Incorrect Marks for this submission: 0.00/20.00.

50
M : 0.00/20.00

Which of the following wireless attacks uses a counterfeit base station with the same SSID name as a nearby intended wireless network? Choose one answer. a. Evil twin b. War chalking c. War driving d. Rogue access point Incorrect Marks for this submission: 0.00/20.00.

Finish review
Y S F + C (L )

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

14/15

23/02/12

SY0-301 E am 001 (50)

dle.c

ekgl bal.c m/m d/

i / e ie . h ?a em =160& h

all=1

15/15