Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Mark works as a Network Administrator for BlueWell Inc. The company has a Windows-based network. Mark has retained his services to perform a security assessment of the company's network that has various servers exposed to the Internet. So, it may be vulnerable to an attack. Mark is using a single perimeter ?rewall, but he does not know if that is enough. He wants to review the situation and make some reliable recommendations so that he can protect the data over company's network. Which of the following will Mark do to accomplish the task?
A. Outsource the related services.
B. Encrypt the data and than start transmission.
C. Locate the Internet-exposed servers and devices in an internal network.
D. Create a perimeter network to isolate the servers from the internal network.
Answer: D
Q2. Which of the following is a security protocol that is used to protect data from being modified, corrupted, or accessed without authorization?
A. Honeypot
B. IP Security (IPsec)
C. DNSSEC
D. Protocol spoofing
Answer: B
Q3. Which of the following are indications of a virus attack on a computer? Each correct answer represents a complete solution. Choose three.
A. Although the computer has sufficient memory, an out-of-memory error message is displayed.
B. The applications installed on the computer system work properly.
C. An antivirus program is not able to run.
D. The computer runs slower than usual and stops responding.
Answer: ACD
Q4. Which of the following security features of IE 7+ makes it more difficult for malware to be installed?
A. Security zones
B. Phishing filter
C. Protected mode
D. Pop-up blocker
Answer: C
Q5. Which of the following layers defines the mechanisms that allow data to be passed from one network to another?
A. Network layer
B. Session layer
C. Physical layer
D. Data-link layer
Answer: A
Q6. Which of the following is a disadvantage of using biometric identification?
A. It breaks the several firewall security rules.
B. It needs a new network configuration of the entire infrastructure.
C. It can be faked and will not be trusted by several organizations.
D. It is expensive and cannot be afforded by several organizations
Answer: D
Q7. Which of the following is a secret numeric password shared between a user and a system for authenticating the user to the system?
A. Key escrow
B. Public key
C. Private key
D. PIN
Answer: D
Q8. Which of the following MMC snap-in consoles is used to administer the replication of directory data among all sites in an Active Directory Domain Services (AD DS) forest?
A. Active Directory Domains and Trusts
B. Active Directory Administrative Center
C. Group Policy Management Console
D. Active Directory Sites and Services
Answer: D
Q9. You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server 2008
network environment. The network is configured as a Windows Active Directory-based single forest
single domain network. You want to configure Network Access Protection (NAP) on your network.
You want that the clients connecting to the network must contain certain configurations. Which of
the following Windows components ensure that only clients having certain health benchmarks
access the network resources? Each correct answer represents a part of the solution. Choose two.
A. Windows Firewall
B. System Health Agents (SHA)
C. Terminal Service
D. System Health Validators (SHV)
E. TS Gateway
Answer: BD
Q10. Mark works as a Network Administrator fot Blue Well Inc. The company has a Windows-based network. Mark is facing a series of problems with email spam and identifying theft via phishing scams. He wants to implement the various security measures and to provide some education because it is related to the best practices while using email. Which of the following will Mark ask to employees of his company to do when they receive an email from a company they know with a request to click the link to "verify their account information"?
A. Provide the required information
B. Hide the email
C. Use Read-only Domain Controller
D. Delete the email
Answer: D
Q11. Which of the following can be implemented to decrease the number of times a user is required to be authenticated for access a particular resource?
A. TCP/IP protocol
B. Network Directory Access Protocol
C. Kerberos
D. Single Sign-on (SSO)
Answer: D
Q12. You check the logs on several clients and find that there is traffic coming in on an odd port (port 1872). All clients have the Windows XP firewall turned on. What should you do to block this unwanted traffic?
A. Perform a virus scan to find the virus responsible for this traffic.
B. Check the exceptions in the firewall and unselect that port exception.
C. Trace back that traffic and find its origin.
D. Shut down the service that connects to that port.
Answer: B
Q13. Mark works as a Security Administrator for TechMart Inc. The company has a a Windows-based network. Mark has gone through a security audit for ensuring that the technical system is secure and protected. While this audit, he identified many areas that need improvement. He wants to minimize the risk for potential security threats by educating team members in the area of social engineering, and providing basic security principle knowledge while stressing the Con?dentiality, Integrity, and Availability triangle in the training of his team members. In which of the following ways, the security training is related to providing availability?
A. Providing protection against a Distributed Denial of Services attack.
B. Developing a social awareness of security threats within an organization.
C. Calling a team member while behaving to be someone else for gaining access to sensitive information.
D. Using group policies to disable the use of floppy drives or USB drives.
Answer: A
Q14. Which of the following is a program that runs at a specific date and time to cause unwanted and unauthorized functions?
A. Keylogger
B. Logic bomb
C. Spyware
D. Trojan horse
Answer: B
Q15. Which of the following is used to describe the policy of maximum password age?
A. It is used to determine how old the user has to create a password.
B. It is a time duration before a password is required to be public.
C. It is a time duration before a password is required to be changed.
D. It determines how old the password must be before the user is permitted to change it.
Answer: C
Q16. You work as a Network Administrator for SpyNet Inc. The company has a Windows-based network. You have been assigned the task of auditing the scheduled network security. After a regular audition, you suspect that the company is under attack by an intruder trying to gain access to the company's network resources. While analyzing the log files, you find that the IP address of the intruder belongs to a trusted partner company. Assuming this situation, which of the following attacks is the company being subjected to?
A. Spoofing
B. Man-in-the-middle
C. CookieMonster
D. Phreaking
Answer: A