Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. An auditor is given access to a conference room to conduct an analysis. When they connect their laptop’s Ethernet cable into the wall jack, they are not able to get a connection to the Internet but have a link light. Which of the following is MOST likely causing this issue?
A. Ethernet cable is damaged
B. The host firewall is set to disallow outbound connections
C. Network Access Control
D. The switch port is administratively shutdown
Answer: C
Explanation:
Network Access Control (NAC) means controlling access to an environment through strict adherence to and implementation of security policies. The goals of NAC are to prevent/reduce zero-day attacks, enforce security policy throughout the network, and use identities to perform access control.
Q2. Which of the following firewall rules only denies DNS zone transfers?
A. deny udp any any port 53
B. deny ip any any
C. deny tcp any any port 53
D. deny all dns packets
Answer: C
Explanation:
DNS operates over TCP and UDP port 53. TCP port 53 is used for zone transfers.
Q3. A user in the company is in charge of various financial roles but needs to prepare for an upcoming audit. They use the same account to access each financial system. Which of the following security controls will MOST likely be implemented within the company?
A. Account lockout policy
B. Account password enforcement
C. Password complexity enabled
D. Separation of duties
Answer: D
Explanation:
Separation of duties means that users are granted only the permissions they need to do their work and no more. More so it means that there is differentiation between users, employees and duties per se which form part of best practices.
Q4. After recovering from a data breach in which customer data was lost, the legal team meets with the Chief Security Officer (CSO) to discuss ways to better protect the privacy of customer data.
Which of the following controls support this goal?
A. Contingency planning
B. Encryption and stronger access control
C. Hashing and non-repudiation
D. Redundancy and fault tolerance
Answer: B
Explanation:
Encryption is used to protect data/contents/documents. Access control refers to controlling who accesses any data/contents/documents and to exercise authorized control to the accessing of that data.
Q5. The method to provide end users of IT systems and applications with requirements related to acceptable use, privacy, new threats and trends, and use of social networking is:
A. Security awareness training.
B. BYOD security training.
C. Role-based security training.
D. Legal compliance training.
Answer: A
Explanation:
Security awareness and training are critical to the success of a security effort. They include explaining policies, procedures, and current threats to both users and management.
Q6. Which of the following fire suppression systems is MOST likely used in a datacenter?
A. FM-200
B. Dry-pipe
C. Wet-pipe
D. Vacuum
Answer: A
Explanation:
FM200 is a gas and the principle of a gas system is that it displaces the oxygen in the room, thereby removing this essential component of a fi re. in a data center is is the preferred choice of fire suppressant.
Q7. Users need to exchange a shared secret to begin communicating securely. Which of the following is another name for this symmetric key?
A. Session Key
B. Public Key
C. Private Key
D. Digital Signature
Answer: C
Explanation:
Explanation: Symmetric algorithms require both ends of an encrypted message to have the same key and processing algorithms. Symmetric algorithms generate a secret key that must be protected. A symmetric key, sometimes referred to as a secret key or private key, is a key that isn’t disclosed to people who aren’t authorized to use the encryption system.
Q8. Which of the following relies on the use of shared secrets to protect communication?
A. RADIUS
B. Kerberos
C. PKI
D. LDAP
Answer: A
Explanation:
Obfuscated passwords are transmitted by the RADIUS protocol via a shared secret and the MD5 hashing algorithm.
Q9. Users report that after downloading several applications, their systems’ performance has noticeably decreased. Which of the following would be used to validate programs prior to installing them?
A. Whole disk encryption
B. SSH
C. Telnet
D. MD5
Answer: D
Explanation:
MD5 can be used to locate the data which has changed.
The Message Digest Algorithm (MD) creates a hash value and uses a one-way hash. The hash
value is used to help maintain integrity. There are several versions of MD; the most common are
MD5, MD4, and MD2.
Q10. Which of the following is a best practice for error and exception handling?
A. Log detailed exception but display generic error message
B. Display detailed exception but log generic error message
C. Log and display detailed error and exception messages
D. Do not log or display error or exception messages
Answer: A
Explanation:
A detailed explanation of the error is not helpful for most end users but might provide information that is useful to a hacker. It is therefore better to display a simple but helpful message to the end user and log the detailed information to an access-restricted log file for the administrator and programmer who would need as much information as possible about the problem in order to rectify it.
Q11. Which of the following would the security engineer set as the subnet mask for the servers below to utilize host addresses on separate broadcast domains?
Server 1: 192.168.100.6
Server 2: 192.168.100.9
Server 3: 192.169.100.20
A. /24
B. /27
C. /28
D. /29
E. /30
Answer: D
Explanation:
Using this option will result in all three servers using host addresses on different broadcast domains.
Q12. Which of the following is a best practice when a mistake is made during a forensics examination?
A. The examiner should verify the tools before, during, and after an examination.
B. The examiner should attempt to hide the mistake during cross-examination.
C. The examiner should document the mistake and workaround the problem.
D. The examiner should disclose the mistake and assess another area of the disc.
Answer: C
Explanation:
Every step in an incident response should be documented, including every action taken by end users and the incident-response team.
Q13. Which of the following functions provides an output which cannot be reversed and converts data into a string of characters?
A. Hashing
B. Stream ciphers
C. Steganography
D. Block ciphers
Answer: A
Explanation:
Hashing refers to the hash algorithms used in cryptography. It is used to store data, such as hash tables one of its characteristics is that it must be one-way – it is not reversible.
Q14. Which of the following describes the purpose of an MOU?
A. Define interoperability requirements
B. Define data backup process
C. Define onboard/offboard procedure
D. Define responsibilities of each party
Answer: D
Explanation:
MOU or Memorandum of Understanding is a document outlining which party is responsible for what portion of the work.
Q15. After a new firewall has been installed, devices cannot obtain a new IP address. Which of the following ports should Matt, the security administrator, open on the firewall?
A. 25
B. 68
C. 80
D. 443
Answer: B
Explanation:
The Dynamic Host Configuration Protocol (DHCP) is a standardized network protocol used on Internet Protocol (IP) networks for distributing IP addresses for interfaces and services. DHCP makes use of port 68.