Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Pete, the system administrator, has blocked users from accessing social media web sites. In addition to protecting company information from being accidentally leaked, which additional security benefit does this provide?
A. No competition with the company’s official social presence
B. Protection against malware introduced by banner ads
C. Increased user productivity based upon fewer distractions
D. Elimination of risks caused by unauthorized P2P file sharing
Answer: B
Explanation:
Banner, or header information messages sent with data to find out about the system(s) does happen. Banners often identify the host, the operating system running on it, and other information that can be useful if you are going to attempt to later breach the security of it.
Q2. The marketing department wants to distribute pens with embedded USB drives to clients. In the past this client has been victimized by social engineering attacks which led to a loss of sensitive data. The security administrator advises the marketing department not to distribute the USB pens due to which of the following?
A. The risks associated with the large capacity of USB drives and their concealable nature
B. The security costs associated with securing the USB drives over time
C. The cost associated with distributing a large volume of the USB pens
D. The security risks associated with combining USB drives and cell phones on a network
Answer: A
Explanation:
USB drive and other USB devices represent a security risk as they can be used to either bring malicious code into a secure system or to copy and remove sensitive data out of the system.
Q3. When performing the daily review of the system vulnerability scans of the network Joe, the administrator, noticed several security related vulnerabilities with an assigned vulnerability identification number. Joe researches the assigned vulnerability identification number from the vendor website. Joe proceeds with applying the recommended solution for identified vulnerability. Which of the following is the type of vulnerability described?
A. Network based
B. IDS
C. Signature based
D. Host based
Answer: C
Explanation:
Q4. Data execution prevention is a feature in most operating systems intended to protect against which type of attack?
A. Cross-site scripting
B. Buffer overflow
C. Header manipulation
D. SQL injection
Answer: B
Explanation:
Data Execution Prevention (DEP) is a security feature included in modern operating systems. It
marks areas of memory as either "executable" or "nonexecutable", and allows only data in an
"executable" area to be run by programs, services, device drivers, etc. It is known to be available
in Linux, OS X, Microsoft Windows, iOS and Android operating systems.
DEP protects against some program errors, and helps prevent certain malicious exploits,
especially attacks that store executable instructions in a data area via a buffer overflow.
A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary
data storage area) than it was intended to hold. Since buffers are created to contain a finite
amount of data, the extra information - which has to go somewhere - can overflow into adjacent
buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally
through programming error, buffer overflow is an increasingly common type of security attack on
data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger
specific actions, in effect sending new instructions to the attacked computer that could, for
example, damage the user's files, change data, or disclose confidential information. Buffer
overflow attacks are said to have arisen because the C programming language supplied the
framework, and poor programming practices supplied the vulnerability.
Q5. Pete, the system administrator, wants to restrict access to advertisements, games, and gambling web sites. Which of the following devices would BEST achieve this goal?
A. Firewall
B. Switch
C. URL content filter
D. Spam filter
Answer: C
Explanation:
URL filtering, also known as web filtering, is the act of blocking access to a site based on all or part of the URL used to request access. URL filtering can focus on all or part of a fully qualified domain name (FQDN), specific path names, specific filenames, specific fi le extensions, or entire specific URLs. Many URL-filtering tools can obtain updated master URL block lists from vendors as well as allow administrators to add or remove URLs from a custom list.
Q6. One of the system administrators at a company is assigned to maintain a secure computer lab. The administrator has rights to configure machines, install software, and perform user account maintenance. However, the administrator cannot add new computers to the domain, because that requires authorization from the Information Assurance Officer. This is an example of which of the following?
A. Mandatory access
B. Rule-based access control
C. Least privilege
D. Job rotation
Answer: C
Explanation:
A least privilege policy should be used when assigning permissions. Give users only the permissions that they need to do their work and no more.
Q7. Which of the following ports and protocol types must be opened on a host with a host-based firewall to allow incoming SFTP connections?
A. 21/UDP
B. 21/TCP
C. 22/UDP
D. 22/TCP
Answer: D
Explanation:
SSH uses TCP port 22. All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22.
Q8. Company XYZ has encountered an increased amount of buffer overflow attacks. The programmer has been tasked to identify the issue and report any findings. Which of the following is the FIRST step of action recommended in this scenario?
A. Baseline Reporting
B. Capability Maturity Model
C. Code Review
D. Quality Assurance and Testing
Answer: C
Explanation:
Q9. Ann, a newly hired human resource employee, sent out confidential emails with digital signatures, to an unintended group. Which of the following would prevent her from denying accountability?
A. Email Encryption
B. Steganography
C. Non Repudiation
D. Access Control
Answer: C
Explanation:
Nonrepudiation prevents one party from denying actions they carried out.
Q10. Ann, a security administrator, wishes to replace their RADIUS authentication with a more secure protocol, which can utilize EAP. Which of the following would BEST fit her objective?
A. CHAP
B. SAML
C. Kerberos
D. Diameter
Answer: D
Explanation:
Diameter is an authentication, authorization, and accounting protocol that replaces the RADIUS protocol. Diameter Applications extend the base protocol by including new commands and/or attributes, such as those for use of the Extensible Authentication Protocol (EAP).
Q11. A periodic update that corrects problems in one version of a product is called a A. Hotfix
B. Overhaul
C. Service pack
D. Security update
Answer: C
Explanation:
A service pack is a collection of updates and hotfixes that address a number of software issues, as well as new software features. It is released periodically by the vendor.
Q12. A company administrator has a firewall with an outside interface connected to the Internet and an inside interface connected to the corporate network. Which of the following should the administrator configure to redirect traffic destined for the default HTTP port on the outside interface to an internal server listening on port 8080?
A. Create a dynamic PAT from port 80 on the outside interface to the internal interface on port 8080
B. Create a dynamic NAT from port 8080 on the outside interface to the server IP address on port 80
C. Create a static PAT from port 80 on the outside interface to the internal interface on port 8080
D. Create a static PAT from port 8080 on the outside interface to the server IP address on port 80
Answer: C
Explanation:
Q13. Which of the following is the default port for TFTP?
A. 20
B. 69
C. 21
D. 68
Answer: B
Explanation:
TFTP makes use of UDP port 69.
Q14. Which of the following MOST specifically defines the procedures to follow when scheduled system patching fails resulting in system outages?
A. Risk transference
B. Change management
C. Configuration management
D. Access control revalidation
Answer: B
Explanation:
Change Management is a risk mitigation approach and refers to the structured approach that is followed to secure a company’s assets. In this case ‘scheduled system patching’.
Q15. Which of the following is BEST used to break a group of IP addresses into smaller network segments or blocks?
A. NAT
B. Virtualization
C. NAC
D. Subnetting
Answer: D
Explanation:
Subnetting is a dividing process used on networks to divide larger groups of hosts into smaller collections.