1. Question
A user calls the help desk complaining that the password to access the wireless network has changed without warning. The user is allowed to change the password, but an hour later, the same thing occurs. What might be happening in this situation? Select one:
- user laptop
- weak password
- password policy
- rogue access point
- user error
Explanation:
Man-in-the-middle attacks are a threat that results in lost credentials and data. These type of attacks can occur for different reasons including traffic sniffing.
2. Question
A user makes a request to implement a patch management service for a company. As part of the requisition the user needs to provide justification for the request. What three reasons can the user use to justify the request? (Choose three.)Select one or more:
- no opportunities for users to circumvent updates
- the ability to control when updates occur
- the ability of users to select updates
- the likelihood of storage savings
- the ability to obtain reports on systems
- the need for systems be directly connected to the Internet
Explanation:
A patch management service can provide greater control over the update process by an administrator. It eliminates the need for user intervention.
3. Question
The CIO wants to secure data on company laptops by implementing file encryption. The technician determines the best method is to encrypt each hard drive using Windows BitLocker. Which two things are needed to implement this solution? (Choose two.) Select one or more:
- password management
- backup
- EFS
- USB stick
- at least two volumes
- TPM
Explanation:
Windows provides a method to encrypt files, folders, or entire hard drives depending on need. However, certain BIOS settings and configurations are necessary to implement encryption on an entire hard disk.
4. Question
A user is proposing the purchase of a patch management solution for a company. The user wants to give reasons why the company should spend money on a solution. What benefits does patch management provide? (Choose three.)
Select one or more:
- Updates can be forced on systems immediately.
- Administrators can approve or deny patches.
- Patches can be written quickly.
- Computers require a connection to the Internet to receive patches.
- Updates cannot be circumvented.
- Patches can be chosen by the user.
Explanation:
A centralized patch management system can speed up deployment of patches and automate the process. Other good reasons to using an automated patch update service include the following:
• Administrators control the update process.
• Reports are generated.
• Updates are provided from a local server.
• Users cannot circumvent the update process.
5. Question
After a security audit for an organization, multiple accounts were found to have privileged access to systems and devices. Which three best practices for securing privileged accounts should be included in the audit report? (Choose three.) Select one or more:
- Only the CIO should have privileged access.
- Secure password storage.
- Only managers should have privileged access.
- Enforce the principle of least privilege.
- Reduce the number of privileged accounts.
- No one should have privileged access.
Explanation:
Best practices entail giving the user only what is needed to do the job. Any additional privileges should be tracked and audited.
6. Question
Why should WEP not be used in wireless networks today? Select one:
- easily crackable
- its lack of encryption
- its lack of support
- its use of clear text passwords
- its age
Explanation:
Despite improvements, WEP is still vulnerable to various security issues including the ability to be cracked.
7. Question
What is the difference between an HIDS and a firewall? Select one:
- An HIDS works like an IPS, whereas a firewall just monitors traffic.
- An HIDS blocks intrusions, whereas a firewall filters them.
- A firewall allows and denies traffic based on rules and an HIDS monitors network traffic.
- An HIDS monitors operating systems on host computers and processes file system activity.
- Firewalls allow or deny traffic between the computer and other systems.
- A firewall performs packet filtering and therefore is limited in effectiveness, whereas an HIDS blocks intrusions.
Explanation:
In order to monitor local activity an HIDS should be implemented. Network activity monitors are concerned with traffic and not operating system activity.
8. Question
Which three items are malware? (Choose three.) Select one or more:
- attachments
- virus
- Apt
- keylogger
- Trojan horse
Explanation:
Email could be used to deliver malware, but email by itself is not malware. Apt is used to install or remove software within a Linux operating system. Attachments could contain malware, but not always.
9. Question
The manager of a department suspects someone is trying to break into computers at night. You are asked to find out if this is the case. What logging would you enable? Select one:
- audit
- operating system
- Windows
- syslog
Explanation:
Audit logs can track user authentication attempts on workstations and can reveal if any attempts at break-in were made.
10. Question
Why is WPA2 better than WPA? Select one:
- mandatory use of AES algorithms
- reduced keyspace
- supports TKIP
- reduced processing time
Explanation:
A good way to remember wireless security standards is to consider how they evolved from WEP to WPA, then to WPA2. Each evolution increased security measures.
11. Question
A user calls the help desk complaining that an application was installed on the computer and the application cannot connect to the Internet. There are no antivirus warnings and the user can browse the Internet. What is the most likely cause of the problem? Select one:
- need for a system reboot
- computer firewall
- permissions
- corrupt application
Explanation:
When troubleshooting a user problem, look for some common issues that would prevent a user from performing a function.
12. Question
What are three types of power issues that a technician should be concerned about? (Choose three.) Select one or more:
- fuzzing spark
- spike
- brownout
- blackout
- flicker
Explanation:
Power issues include increases, decreases, or sudden changes in power and include the following:
• Spike
• Surge
• Fault
• Blackout
• Sag/dip
• Brownout
• Inrush Current
13. Question
A company wants to implement biometric access to its data center. The company is concerned with people being able to circumvent the system by being falsely accepted as legitimate users. What type of error is false acceptance? Select one:
- Type I
- false rejection
- CER
- Type II
Explanation:
There are two types of errors that biometrics can have: false acceptance and false rejection. False acceptance is a Type II error. The two types can intersect at a point called the crossover error rate.
14. Question
A user is asked to analyze the current state of a computer operating system. What should the user compare the current operating system against to identify potential vulnerabilities? Select one:
- a baseline
- a vulnerability scan
- a blacklist
- a whitelist
- a pentest
Explanation:
A baseline allows a user to perform a comparison of how a system is performing. The user can then compare the result to baseline expectations. This process allows the user to identify potential vulnerabilities.
15. Question
An intern has started working in the support group. One duty is to set local policy for passwords on the workstations. What tool would be best to use? Select one:
- secpol.msc
- account policy
- password policy
- grpol.msc
- system administration
Explanation:
Local policies are not group policies and only work on the local machine. Local policies can, however, be overridden if the machine is part of a Windows domain.
16. Question
Which service will resolve a specific web address into an IP address of the destination web server?
Select one:
- DNS
- DHCP
- ICMP
- NTP
Explanation:
DNS resolves a website address to the actual IP address of that destination.
17. Question
The manager of desktop support wants to minimize downtime for workstations that crash or have other software-related issues. What are three advantages of using disk cloning? (Choose three.) Select one or more:
- can provide a full system backup
- creates greater diversity
- ensures system compatibility
- ensures a clean imaged machine
- cuts down on number of staff needed
- easier to deploy new computers within the organization
Explanation:
Disk cloning can be an efficient way to maintain a baseline for workstations and servers. It is not a cost cutting method.
18. Question
A new PC is taken out of the box, started up and connected to the Internet. Patches were downloaded and installed. Antivirus was updated. In order to further harden the operating system what can be done? Select one:
- Remove unnecessary programs and services.
- Install a hardware firewall.
- Give the computer a non routable address.
- Disconnect the computer from the network.
- Turn off the firewall.
- Remove the administrator account.
Explanation:
When hardening an operating system, patching and antivirus are part of the process. Many extra components are added by the manufacturer that are not necessarily needed.
19. Question
The company has many users who telecommute. A solution needs to be found so a secure communication channel can be established between the remote location of users and the company. What is a good solution for this situation?
Select one:
- fiber
- T1
- modem
- PPP
- VPN
Explanation:
When a VPN is used, a user can be at any remote location such as home or a hotel. The VPN solution is flexible in that public lines can be used to securely connect to a company.
20. Question
Companies may have different operation centers that handle different issues with the IT operations. If an issue is related to network infrastructure, what operation center would be responsible? Select one:
- HVAC
- SOC
- HR
- NOC
Explanation:
Operation centers support different areas of the operation including the network and security. Each one focuses on particular parts of the IT structure. The center that supports security would be the SOC.
21. Question
An administrator of a small data center wants a flexible, secure method of remotely connecting to servers. Which protocol would be best to use? Select one:
- Secure Shell
- Secure Copy
- Telnet
- Remote Desktop
Explanation:
Because hackers sniffing traffic can read clear text passwords, any connection needs to be encrypted. Additionally, a solution should not be operating system-dependent.