Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Which of the following malware types may require user interaction, does not hide itself, and is commonly identified by marketing pop-ups based on browsing habits?
A. Botnet
B. Rootkit
C. Adware
D. Virus
Answer: C
Explanation:
Adware is free software that is supported by advertisements. Common adware programs are toolbars, games and utilities. They are free to use, but require you to watch advertisements as long as the programs are open. Adware typically requires an active Internet connection to run.
Q2. An administrator wants to establish a WiFi network using a high gain directional antenna with a narrow radiation pattern to connect two buildings separated by a very long distance. Which of the following antennas would be BEST for this situation?
A. Dipole
B. Yagi
C. Sector
D. Omni
Answer: B
Explanation:
A Yagi-Uda antenna, commonly known simply as a Yagi antenna, is a directional antenna consisting of multiple parallel dipole elements in a line, usually made of metal rods. It consists of a single driven element connected to the transmitter or receiver with a transmission line, and additional parasitic elements: a so-called reflector and one or more directors. The reflector element is slightly longer than the driven dipole, whereas the directors are a little shorter. This design achieves a very substantial increase in the antenna's directionality and gain compared to a simple dipole.
Q3. Privilege creep among long-term employees can be mitigated by which of the following procedures?
A. User permission reviews
B. Mandatory vacations
C. Separation of duties
D. Job function rotation
Answer: A
Explanation:
Privilege creep is the steady build-up of access rights beyond what a user requires to perform his/her task. Privilege creep can be decreased by conducting sporadic access rights reviews, which will confirm each user's need to access specific roles and rights in an effort to find and rescind excess privileges.
Q4. Encryption of data at rest is important for sensitive information because of which of the following?
A. Facilitates tier 2 support, by preventing users from changing the OS
B. Renders the recovery of data harder in the event of user password loss
C. Allows the remote removal of data following eDiscovery requests
D. Prevents data from being accessed following theft of physical equipment
Answer: D
Explanation:
Data encryption allows data that has been stolen to remain out of the eyes of the intruders who took it as long as they do not have the proper passwords.
Q5. Which of the following is best practice to put at the end of an ACL?
A. Implicit deny
B. Time of day restrictions
C. Implicit allow
D. SNMP string
Answer: A
Explanation:
An implicit deny clause is implied at the end of each ACL. This implies that if you aren’t specifically granted access or privileges for a resource, you’re denied access by default. The implicit deny clause is set by the system.
Q6. A computer security officer has investigated a possible data breach and has found it credible. The officer notifies the data center manager and the Chief Information Security Officer (CISO). This is an example of:
A. escalation and notification.
B. first responder.
C. incident identification.
D. incident mitigation.
Answer: A
Explanation:
Q7. A software firm posts patches and updates to a publicly accessible FTP site. The software firm also posts digitally signed checksums of all patches and updates. The firm does this to address:
A. Integrity of downloaded software.
B. Availability of the FTP site.
C. Confidentiality of downloaded software.
D. Integrity of the server logs.
Answer: A
Explanation:
Digital Signatures is used to validate the integrity of the message and the sender. In this case the software firm that posted the patches and updates digitally signed the checksums of all patches and updates.
Q8. Which of the following will allow Pete, a security analyst, to trigger a security alert because of a tracking cookie?
A. Network based firewall
B. Anti-spam software
C. Host based firewall
D. Anti-spyware software
Answer: D
Explanation:
Spyware monitors a user’s activity and uses network protocols to reports it to a third party without the user’s knowledge. This is usually accomplished using a tracking cookie.
Q9. Which of the following access controls enforces permissions based on data labeling at specific levels?
A. Mandatory access control
B. Separation of duties access control
C. Discretionary access control
D. Role based access control
Answer: A
Explanation:
In a MAC environment everything is assigned a classification marker. Subjects are assigned a clearance level and objects are assigned a sensitivity label.
Q10. Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks?
A. NAT
B. Virtualization
C. NAC
D. Subnetting
Answer: D
Explanation:
Subnetting is a dividing process used on networks to divide larger groups of hosts into smaller collections.
Q11. A router has a single Ethernet connection to a switch. In the router configuration, the Ethernet interface has three sub-interfaces, each configured with ACLs applied to them and 802.1q trunks.
Which of the following is MOST likely the reason for the sub-interfaces?
A. The network uses the subnet of 255.255.255.128.
B. The switch has several VLANs configured on it.
C. The sub-interfaces are configured for VoIP traffic.
D. The sub-interfaces each implement quality of service.
Answer: B
Explanation:
A subinterface is a division of one physical interface into multiple logical interfaces. Routers commonly employ subinterfaces for a variety of purposes, most common of these are for routing traffic between VLANs. Also, IEEE 802.1Q is the networking standard that supports virtual LANs (VLANs) on an Ethernet network.
Q12. Which of the following protocols allows for the LARGEST address space?
A. IPX
B. IPv4
C. IPv6
D. Appletalk
Answer: C
Explanation:
The main advantage of IPv6 over IPv4 is its larger address space. The length of an IPv6 address is 128 bits, compared with 32 bits in IPv4.
Q13. Which of the following would be used to identify the security posture of a network without actually exploiting any weaknesses?
A. Penetration test
B. Code review
C. Vulnerability scan
D. Brute Force scan
Answer: C
Explanation:
A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security. Vulnerability scanning typically refers to the scanning of systems that are connected to the Internet but can also refer to system audits on internal networks that are not connected to the Internet in order to assess the threat of rogue software or malicious employees in an enterprise.
Q14. Allowing unauthorized removable devices to connect to computers increases the risk of which of the following?
A. Data leakage prevention
B. Data exfiltration
C. Data classification
D. Data deduplication
Answer: B
Explanation: Data exfiltration is the unauthorized copying, transfer or retrieval of data from a system.
Q15. The concept of rendering data passing between two points over an IP based network impervious to all but the most sophisticated advanced persistent threats is BEST categorized as which of the following?
A. Stream ciphers
B. Transport encryption
C. Key escrow
D. Block ciphers
Answer: B
Explanation:
Transport encryption is the process of encrypting data ready to be transmitted over an insecure network. A common example of this would be online banking or online purchases where sensitive information such as account numbers or credit card numbers is transmitted.
Transport Layer Security (TLS) is a protocol that ensures privacy between communicating applications and their users on the Internet. When a server and client communicate, TLS ensures that no third party may eavesdrop or tamper with any message. TLS is the successor to the Secure Sockets Layer (SSL).