Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Which of the following is a secret numeric password shared between a user and a system for authenticating the user to the system?
A. Key escrow
B. Public key
C. Private key
D. PIN
Answer: D
Q2. You work as a network administrator for an insurance company called InZed Inc. The company has developed a corporate policy that requires all machines to use the IPSec security protocol. If the computer they are logging in from does not follow this corporate policy, they will be denied access to the network. Which of the following can you set up to help enforce the corporate policy?
A. Server Access Protection
B. System Center Data Protection Manager (DPM)
C. Microsoft Assessment and Planning (MAP) Toolkit
D. Network Access Protection
Answer: D
Q3. What are the main classes of biometric characteristics? Each correct answer represents a complete solution. Choose two.
A. Psychological
B. Behavioral
C. Fundamental
D. Physiological
Answer: BD
Q4. Mark works as a Security Administrator for TechMart Inc. The company has a a Windows-based network. Mark has gone through a security audit for ensuring that the technical system is secure and protected. While this audit, he identified many areas that need improvement. He wants to minimize the risk for potential security threats by educating team members in the area of social engineering, and providing basic security principle knowledge while stressing the Con?dentiality, Integrity, and Availability triangle in the training of his team members . Which of the following ways will Mark use for educating his team members on the social engineering process?
A. He will call a team member while behaving to be someone else for gaining access to sensitive information.
B. He will use group policies to disable the use of floppy drives or USB drives.
C. He will develop a social awareness of security threats within an organization.
D. He will protect against a Distributed Denial of Services attack.
Answer: A
Q5. Which of the following can be installed and configured to prevent suspicious emails from entering the user's network?
A. Kerberos
B. Single sign-on (SSO)
C. TCP/IP protocol
D. Microsoft Forefront and Threat Management Gateway
Answer: D
Q6. You work as a security manager for Company Inc. An individual is connecting to your corporate internal network over the Internet. You have to ensure that he is not an intruder masquerading as an authorized user. Which of the following technologies will you use to accomplish the task?
A. Two-factor authentication
B. IP address packet filtering
C. Intrusion detection system (IDS)
D. Embedded digital signature
Answer: A
Q7. You work as an Exchange Administrator for UniCom Inc. The company has a Windows 2003 Active Directory-based network. The network contains an Exchange Server 2007 organization. You have deployed a DNS server in your messaging organization. The DNS server hosting the DNS zone data for the Exchange Server is not capable of processing dynamic DNS updates. You decide to troubleshoot DNS. Which of the following utilities will you use to identify anomalies of records in the targeted DNS zone?
A. Nslookup.exe
B. IPCONFIG
C. DNSCMD.exe
D. DNSLint
Answer: D
Q8. Which of the following are indications of a virus attack on a computer? Each correct answer represents a complete solution. Choose three.
A. Although the computer has sufficient memory, an out-of-memory error message is displayed.
B. The applications installed on the computer system work properly.
C. An antivirus program is not able to run.
D. The computer runs slower than usual and stops responding.
Answer: ACD
Q9. Which of the following MMC snap-in consoles is used to administer the replication of directory data among all sites in an Active Directory Domain Services (AD DS) forest?
A. Active Directory Domains and Trusts
B. Active Directory Administrative Center
C. Group Policy Management Console
D. Active Directory Sites and Services
Answer: D
Q10. Which of the following is a set of rules that control the working environment of user accounts and computer accounts?
A. Mandatory Access Control
B. Access control list
C. Group Policy
D. Intrusion detection system
Answer: C
Q11. Which of the following is often used for one-to-many communications using broadcast or multicast IP datagrams?
A. UDP
B. FTP
C. HTTP
D. SMTP
Answer: A
Q12. Which of the following actions should be taken so that the computer requires confirmation before installing an ActiveX component?
A. Configuring a firewall on the network
B. Configuring the settings on the Web Browser
C. Installing an anti-virus software
D. Configuring DMZ on the network
Answer: B
Q13. Which of the following refers to a security access control methodology whereby the 48-bit address is assigned to each network card which is used to determine access to the network?
A. Snooping
B. Spoofing
C. Encapsulation
D. MAC filtering
Answer: D
Q14. Which of the following protects against unauthorized access to confidential information via encryption and works at the network layer?
A. Firewall
B. NAT
C. IPSec
D. MAC address
Answer: C
Q15. Mark works as a Security Officer for TechMart Inc. The company has a Windows-based network. He has bees assigned a project for ensuring the safety of the customer's money and information, not to mention the company's reputation. The company has gone through a security audit to ensure that it is in compliance with industry regulations and standards. Mark understands the request and has to do his due diligence for providing any information the regulators require as they are targeting potential security holes. In this situation, his major concern is the physical security of his company's system. Which of the following actions will Mark take to ensure the physical security of the company's desktop computers?
A. Call a team member while behaving to be someone else for gaining access to sensitive information.
B. Develop a social awareness of security threats within an organization.
C. Use group policies to disable the use of floppy drives or USB drives.
D. Provide protection against a Distributed Denial of Services attack.
Answer: C
Q16. Which of the following is method that can be used to identify Internet software in Software Restriction Policies?
A. Restriction rule
B. Identification rule
C. Internet rule
D. Zone rule
Answer: D