An important principle of Defense in Depth is that achieving comfort in information security requires a balanced focus on which PRIMARY elements?

Franklin is using a special tool on his Linux platform that has a database containing signatures to be able to detect hundreds of vulnerabilities in UNIX, Windows, and commonly used web CGI/ASPX scripts. Moreover, the database detects DDoS zombies and Trojans as well. What is the name of the tool Franklin is using?

When classifying data it is important to consider which of the following?

Reviewing the picture below what type of an attack has likely occurred? Select One

Which of the following operates at the Network Layer of the Open System Interconnection (OSI) model?

You would like to scan for XSS flaws .  What tools would could you use?  Select one answer.

A software developer wants to prevent stored passwords from being easily decrypted. When the password is stored by the application, additional text is added to each password before the password is hashed. This technique is known as?  (Select One)

A network administrator uses an RFID card to enter the datacenter, a key to open the server rack, and a username and password to logon to a server.
Which of the following is these examples of? Select One

During the process of data classification it is important to ensure little granularity for what reason?

What wireless protocol is generally vulnerable to IV attack exploits? Select One

Which of the following protocols are deployed for Federated Identities and Single Sign On (SSO) ? Select Two

You manager has been notified an external hacker has compromised you organization’s network security perimeter. The hacker installed a sniffer onto an inside computer and it appears to be collecting information. Which of the following is the MOST effective layer of security your enterprise could have implemented to mitigate the hackers ability to gain further information?

When assessing an organization’s security policy according for adherence to the strict standards established by the International Organization for Standardization (ISO) 27001 and 27002 when can the actual management responsibilities be clearly defined?

Which wireless protocol supports TKIP (Temporal Key Integrity Protocol) to enhance data encryption. Select One

The BEST way to prevent tailgating is the use of _______________?   Select One

The National Institute of Standards and Technology (NIST) outlines ______ steps toward FISMA Compliance. Select One

Your organization is a large software development firm that has currently ran out of resources for their software application hosting.   What type of Cloud service could be used to help alleviate the lack of developer resources? The developers do not want to manage resources such as VMS or storage.

Select One

Which of the following hypervisor technologies would your company MOST likely use to virtualize your Macbook? Select One

When your enterprise is reviewing ownership of an asset what should you consider to be the most important?

What type of DOS attack allows an attacker to violates the three-way handshake and  then open a large number of half-open TCP connections? Select One

______  is whatever hardware/software/policies you have in place to prevent confidential data from leaving your company? Select One

Which of the following social engineering vulnerabilities can be a risk to your company especially if someone by passes security mechanisms such as badge readers, security guards, biometrics, etc.  Select Two

What type of cloud service would you want to select if you want to solve a particular business solution like CRM?  Select One

What is the purpose of an Internet Protocol (IP) spoofing attack?

Kerberos is a network authentication protocol that enables secure logon by individuals to a computer network and enables secure authentication by a client computer to a server hosting a network resource  Kerberos authentication involves three types of entities: What are they?

Which of these should not be in an X.509 certificate?  Select One

When using NMAP what does specifying no port ranges scans.  Scans how many ports by default? Select One

You have just had an audit completed and the results are in. The reports states confidentiality is the main focus for improvement. Which of the following could help remove the greatest risk?

What type of site is a duplicate of the original site of the organization with full computer systems as well as near-complete backups of user data. Select One

Which layer of the OSI protocol is responsible for keeping track of multiple conversations at once? Select One

Which security service is serviced by the process of encrypting plaintext with the sender’s private key and decrypting cipher text with the sender’s public key?

Your new role as a security engineer for a military base includes validating AD.   Which of these authentication methods would you most commonly find in a Windows Active Directory environment? Select One

Which of the following is BEST at blocking attacks and providing security at layer 7 of the OSI model? Select One

The use of private and public encryption keys critical in the implementation of which of the following?

What vulnerability classification occurs when holes are left in the security framework of an application by systems administrators, DBAs or developers? Select One

A penetration tester is hired to do a risk assessment of a company’s DMZ. The rules of engagement states that the penetration test be done from an external IP address with no prior knowledge of the internal IT systems. What kind of test is being performed? Select One

What type of an attack makes a copy of the transmission before sending it to the recipient for use at a later time? Select One

An administrator wants to establish a WiFi network using a high gain directional antenna with a narrow radiation pattern to connect two buildings separated by a very long distance. Which of the following antennas would be BEST? Select One

The email above was received by your CEO.  He states he is not sure what this about or knows this person.  What type of attack was attempted here? Select One

What security technique can be used to make an encryption scheme more resistant to a known plaintext attack?

Which of the following firewall types inspects Ethernet traffic at the MOST levels of the OSI model? Select One

Which of the following is an effective control in preventing electronic cloning of Radio Frequency Identification (RFID) based access cards?

At what level of the Open System Interconnection (OSI) model is data at rest on a storage array be located?

In regards to the United States federal law.  What law was passed in 2002 that made it a requirement for federal agencies to develop, document, and implement an information security and protection program.   Select One

Transmission Control Protocol/Internet Protocol (TCP/IP) stack uses what layer for negotiating and establishing a connection with another node?

What is an XML based open standard for exchanging authentication and authorization information between different parties? Select One

A ___________________________ is a legally enforceable contract that creates a confidential relationship between a person who holds some kind of trade secret and a person to whom the secret will be disclosed. Select One

Which of the following mobile code security models relies only on trust?

A CISO wants to reverse engineer an executable file to determine if it is malicious. The file was found on an underused server and appears to contain a zero-day exploit. Which of the following can the researcher do to determine if the file is malicious in nature? Select One

Which of the following is used by the Point-to-Point Protocol (PPP) to determine packet formats?

Privilege creep among long-term employees can be mitigated by which of the following procedures? (Select One)

When referring to the US specifically. The defacto standard for IT Security Guidance is NIST..  NIST issues Federal Information Processing Standards and advisory guides that are called  _______________?   Select the proper answer.

Your currently working with the infrastructure teams on building out a new datacenter. They are looking for remote access and would like to authenticate with a central server that is unix based and can enable AAA capabilities. What type of service should be enabled. (Select Two)

What type of attack is an attack where the intentions is to steal data rather than to cause damage to the network or organization? Note: This type of an attack is generally well organized. (Select One).

Which of the following BEST describes a protective countermeasure for SQL injection? Select One

Which of the following represents a form of steganography technique that could be used?

Refer to the graphic above. What does it appear the user is trying to do on their mobile device? (Select One)

Vulnerability is the intersection of three elements when it come to IT. What are those three elements?  (Select Three)

Which of the following hypervisor technologies would your company MOST likely use to virtualize your Macbook? Select One

You company is implementing a multi-factor authentication solution. As part of the design, you are identifying the three authentication factors. Select Three

You have just performed a baseline about a month ago.  You notice that there are some anomalies in the network authentications.  What type of analysis assesses threat levels with regard to historical information?  (Select One)

What type of cloud service would you want to select if you want to solve a particular business solution like CRM?  Select One

Refer to the graphic above and then answer the following question.

What are two correct statements about what has been performed in this CLI session? (Select Two)

Your currently called in to a users cubical and they are stating that they opened up an email attachment link and therefore after the email program has been stuck in this infinite loop when they click the link.   The application just hangs and it appear it was a web application.   What type of vulnerability is this likely to be?  Select One

You are conducting an analysis of a compromised server. You figured out that the computer had all known security patches applied prior to the computer being compromised. Which two of the following statements are probably true about this incident?

A company has publicly hosted web applications and an internal Intranet protected by a proxy and a firewall.

Which technique will help protect against enumeration?  Select One

The Common Vulnerabilities and Exposures (CVE) database defines what?  (Select One)

A ___________________________ is a legally enforceable contract that creates a confidential relationship between a person who holds some kind of trade secret and a person to whom the secret will be disclosed. Select One

LUN (Logical Unit Number) Masking is an _____________ process that makes a LUN available to some hosts and unavailable to other hosts.Select One

Reviewing the graphic above please answer the following question.  What woud be the main control that would be accomplished from day and time restriction on a Windows server?  (Select One)

You have been asked to create a list of rules for how your resources will be accessed. What would this be called? (Select One)

Your organization is a large software development firm that has currently ran out of resources for their software application hosting.   What type of Cloud service could be used to help alleviate the lack of developer resources? The developers do not want to manage resources such as VMS or storage.

Select One

What part of the NIST Cybersecurity Framework is used to provide a statement of current cybersecurity outcomes? (Select One)

NOTE: There are three parts to the NIST Cybersecurity Framework and you must know all three.

What security activities are the most appropriate during the “maintenance phase” of software development?

What are the three main types of a fuzzer? (Select Three)

NOTE:   Fuzz testing or ” Fuzzing” is a Black Box software testing technique, which basically consists in finding implementation bugs using malformed/semi-malformed data injection in an automated fashion.

Referring to the graphic above please answer the following question.  What is the possible intelligence that could be gathered by this “dorking” for a hacker?  (Select Three)

Franklin is using a special tool on his Linux platform that has a database containing signatures to be able to detect hundreds of vulnerabilities in UNIX, Windows, and commonly used web CGI/ASPX scripts. Moreover, the database detects DDoS zombies and Trojans as well. What is the name of the tool Franklin is using?

Which of the following port is used for accessing Microsoft servers? Select One

When you developing your IT security posture what are some controls by function you could implement?  (Select the one that is NOT a function control)

NOTE:  Don’t get confused by security controls!

What type of training allows employees to develop a multi-disciplinary skillset? (Select One)

A backdoor ________ gives malicious users remote control over the infected computer. They enable the author to do anything they wish on the infected  computer – including sending, receiving, launching and deleting files, displaying data and rebooting the computer. What type of threat would this be called? (Select One)

You are leaving the CIO office with a document that has authorized your pen testing for the weekend.  What would this document be? (Select One)

You have been notified over the weekend that there is suspicious activity on the Exchange Administrators account. What administrative controls will best to reduce the impact of an attack where a user gains control over an administrator’s account?  (Select Three)

A company wants to streamline their reporting tools. They have decided to implement a third party SaaS cloud reporting tool to process additional data, but will continue to process confidential data internally. Which of the following cloud deployment models is BEST suited for the company?

During the company’s last DR exercise, the administrator noticed that the backup site (Site B) was responding 35% slower to ICMP packets than the primary site (Site A). Which of the following tests can help the administrator determine the root cause of a slow network? Select One