Security + Quiz 9

Which of the following is the GREATEST risk to a company by allowing employees to physically bring their personal smartphones to work?

A. Taking pictures of proprietary information and equipment in restricted areas.  

B. Installing soft token software to connect to the company's wireless network.

C. Company cannot automate patch management on personally-owned devices.

D. Increases the attack surface by having more target devices on the company's campus 

A. Taking pictures of proprietary information and equipment in restricted areas.

Which of the following is the summary of loss for a given year?

A. MTBF 

B. ALE 

C. SLA 

D. ARO

B. ALE

A Security Officer on a military base needs to encrypt several smart phones that will be going into the field. Which of the following encryption solutions should be deployed in this situation? 

A. Elliptic curve 

B. One-time pad 

C. 3DES 

D. AES-256 

D. AES-256 

An organization relies heavily on an application that has a high frequency of security updates. At present, the security team only updates the application on the first Monday of each month, even though the security updates are released as often as twice a week. Which of the following would be the BEST method of updating this application? 

A. Configure testing and automate patch management for the application. 

B. Configure security control testing for the application. 

C. Manually apply updates for the application when they are released. 

D. Configure a sandbox for testing patches before the scheduled monthly update. 

A. Configure testing and automate patch management for the application.

A technician must configure a firewall to block external DNS traffic from entering a network. Which of the following ports should they block on the firewall? 

A. 53

B. 110

C. 143 

D. 443 

A. 53

A software development company needs to share information between two remote servers, using encryption to protect it. A programmer suggests developing a new encryption protocol, arguing that using an unknown protocol with secure, existing cryptographic algorithm libraries will provide strong encryption without being susceptible to attacks on other known protocols. Which of the following summarizes the BEST response to the programmer's proposal?

A. The newly developed protocol will only be as secure as the underlying cryptographic algorithms used.        

B. New protocols often introduce unexpected vulnerabilities, even when developed with otherwise secure and tested algorithm libraries.

C. A programmer should have specialized training in protocol development before attempting to design a new encryption protocol.

D. The obscurity value of unproven protocols against attacks often outweighs the potential for introducing new vulnerabilities.

B. New protocols often introduce unexpected vulnerabilities, even when developed with otherwise secure and tested algorithm libraries.

A security technician would like to obscure sensitive data within a file so that it can be transferred without causing suspicion. Which of the following technologies would BEST be suited to accomplish this?                         

A. Transport Encryption

B. Stream Encryption

C. Digital Signature

D. Steganography

D. Steganography

A supervisor in your organization was demoted on Friday afternoon. The supervisor had the ability to modify the contents of a confidential database, as well as other managerial permissions. On Monday morning, the database administrator reported that log files indicated that several records were missing from the database. Which of the following risk mitigation strategies should have been implemented when the supervisor was demoted?                     

A. Incident management 

B. Routine auditing 

C. IT governance 

D. Monthly user rights 

B. Routine auditing

Which of the following attack types is being carried out where a target is being sent unsolicited messages via Bluetooth?  

A. War chalking 

B. Bluejacking 

C. Bluesnarfing 

D. Rogue tethering

B. Bluejacking

Joe is exchanging encrypted email with another party. Joe encrypts the initial email with a key. When Joe receives a response, he is unable to decrypt the response with the same key he used initially. Which of the following would explain the situation? 

A. An ephemeral key was used for one of the messages 

B. A stream cipher was used for the initial email; a block cipher was used for the reply 

C. Out-of-band key exchange has taken place 

D. Asymmetric encryption is being used 

D. Asymmetric encryption is being used 

Recently several employees were victims of a phishing email that appeared to originate from the company president. The email claimed the employees would be disciplined if they did not click on a malicious link in the message. Which of the following principles of social engineering made this attack successful?

A. Authority 

B. Spamming

C. Social proof 

D. Scarcity

A. Authority

Which of the following is the LEAST secure hashing algorithm?

A. SHA1 

B. RIPEMD 

C. MD5 

D. DES

C. MD5 

An employee uses RDP to connect back to the office network. If RDP is misconfigured, which of the following security exposures would this lead to?

A. A virus on the administrator's desktop would be able to sniff the administrator's username and password.

B. Result in an attacker being able to phish the employee's username and password.

C. A social engineering attack could occur, resulting in the employee's password being extracted.

D. A man in the middle attack could occur, resulting the employee's username and password being captured.

D. A man in the middle attack could occur, resulting the employee's username and password being captured.

Joe, the security administrator, sees this in a vulnerability scan report: 

"The server 10.1.2.232 is running Apache 2.2.20 which may be vulnerable to a mod_cgi exploit.” 

Joe verifies that the mod_cgi module is not enabled on 10.1.2.232. 

This message is an example of: 

A. a threat. 

B. a risk.  

C. a false negative.

D. a false positive.

D. a false positive.

An auditor has identified an access control system that can incorrectly accept an access attempt from an unauthorized user. Which of the following authentication systems has the auditor reviewed?

A. Password-based      

B. Biometric-based 

C. Location-based 

D. Certificate-based

B. Biometric-based

The Chief Technology Officer (CTO) of a company, Ann, is putting together a hardware budget for the next 10 years. She is asking for the average lifespan of each hardware device so that she is able to calculate when she will have to replace each device. Which of the following categories BEST describes what she is looking for?                        

A. ALE 

B. MTTR 

C. MTBF 

D. MTTF

D. MTTF

A software developer wants to ensure that the application is verifying that a key is valid before establishing SSL connections with random remote hosts on the Internet. Which of the following should be used in the code? (Choose two.)

A. Escrowed keys 

B. SSL symmetric encryption key  

C. Software code private key 

D. Remote server public key 

E. OCSP 

C. Software code private key 

E. OCSP 

A security guard has informed the Chief Information Security Officer that a person with a tablet has been walking around the building. The guard also noticed strange white markings in different areas of the parking lot. The person is attempting which of the following types of attacks?                                                                                                 

A. Jamming 

B. War chalking  

C. Packet sniffing 

D. Near field communication

B. War chalking

A system administrator is configuring a site-to-site VPN tunnel.  Which of the following should be configured on the VPN concentrator during the IKE phase? 

A. RIPEMD 

B. ECDHE  

C. Diffie-Hellman 

D. HTTPS

C. Diffie-Hellman

A network operations manager has added a second row of server racks in the datacenter. These racks face the opposite direction of the first row of racks. Which of the following is the reason the manager installed the racks this way?

A. To lower energy consumption by sharing power outlets

B. To create environmental hot and cold isles         

C. To eliminate the potential for electromagnetic interference 

D. To maximize fire suppression capabilities

B. To create environmental hot and cold isles

Phishing emails frequently take advantage of high-profile catastrophes reported in the news. Which of the following principles BEST describes the weakness being exploited? 

A. Intimidation  

B. Scarcity  

C. Authority 

D. Social proof 

D. Social proof 

New magnetic locks were ordered for an entire building. In accordance with company policy, employee safety is the top priority. In case of a fire where electricity is cut, which of the following should be taken into consideration when installing the new locks?

A. Fail safe 

B. Fault tolerance 

C. Fail secure 

D. Redundancy

A. Fail safe

Anne, the Chief Executive Officer (CEO), has reported that she is getting multiple telephone calls from someone claiming to be from the helpdesk. The caller is asking to verify her network authentication credentials because her computer is broadcasting across the network. This is MOST likely which of the following types of attacks?                 

A. Vishing

B. Impersonation

C. Spim

D. Scareware 

A. Vishing

An administrator discovers the following log entry on a server:

 Nov 12 2013 00:23:45 httpd[2342]: 

GET /app2/prod/proc/process.php?input=change;cd%20../../../etc;cat%20shadow 

Which of the following attacks is being attempted?

A. Command injection 

B. Password attack 

C. Buffer overflow          

D. Cross-site scripting 

A. Command injection

A security team wants to establish an Incident Response plan. The team has never experienced an incident. Which of the following would BEST help them establish plans and procedures?

A. Table top exercises

B. Lessons learned

C. Escalation procedures

D. Recovery procedures

A. Table top exercises