NEW QUESTION 1
Having adequate lighting on the outside of a building is an example of which of the following security controls?

• A. Deterrent
• B. Compensating
• C. Detective
• D. Preventative

Answer: A

NEW QUESTION 2
A security analyst has been asked to perform a review of an organization's software development lifecycle. The analyst reports that the lifecycle does not contain a phase in which team members evaluate and provide critical feedback of another developer's code. Which of the following assessment techniques is BEST described in the analyst's report?

• A. Architecture evaluation
• B. Baseline reporting
• C. Whitebox testing
• D. Peer review

Answer: D

NEW QUESTION 3
While reviewing the monthly internet usage it is noted that there is a large spike in traffic classified as "unknown" and does not appear to be within the bounds of the organizations Acceptable Use Policy.
Which of the following tool or technology would work BEST for obtaining more information on this traffic?

• A. Firewall logs
• B. IDS logs
• C. Increased spam filtering
• D. Protocol analyzer

Answer: B

NEW QUESTION 4
A security analyst has set up a network tap to monitor network traffic for vulnerabilities. Which of the following techniques would BEST describe the approach the analyst has taken?

• A. Compliance scanning
• B. Credentialed scanning
• C. Passive vulnerability scanning
• D. Port scanning

Answer: D

NEW QUESTION 5
A mobile device user is concerned about geographic positioning information being included in messages sent between users on a popular social network platform. The user turns off the functionality in the application, but wants to ensure the application cannot re-enable the setting without the knowledge of the user.
Which of the following mobile device capabilities should the user disable to achieve the stated goal?

• A. Device access control
• B. Location based services
• C. Application control
• D. GEO-Tagging

Answer: D

NEW QUESTION 6
Malicious traffic from an internal network has been detected on an unauthorized port on an application server. Which of the following network-based security controls should the engineer consider implementing?

• A. ACLs
• B. HIPS
• C. NAT
• D. MAC filtering

Answer: A

NEW QUESTION 7
A wireless network has the following design requirements:
Authentication must not be dependent on enterprise directory service
It must allow background reconnection for mobile users
It must not depend on user certificates
Which of the following should be used in the design to meet the requirements? (Choose two.)

• A. PEAP
• B. PSK
• C. Open systems authentication
• D. EAP-TLS
• E. Captive portals

Answer: BE

NEW QUESTION 8
An organization’s internal auditor discovers that large sums of money have recently been paid to a vendor that management does not recognize. The IT security department is asked to investigate the organizations the organization’s ERP system to determine how the accounts payable module has been used to make these vendor payments.
The IT security department finds the following security configuration for the accounts payable module:
New Vendor Entry – Required Role: Accounts Payable Clerk
New Vendor Approval – Required Role: Accounts Payable Clerk
Vendor Payment Entry – Required Role: Accounts Payable Clerk
Vendor Payment Approval – Required Role: Accounts Payable Manager
Which of the following changes to the security configuration of the accounts payable module would BEST mitigate the risk?

• A. Option A
• B. Option B
• C. Option C
• D. Option D

Answer: A

NEW QUESTION 9
Which of the following is the appropriate network structure used to protect servers and services that must be provided to external clients without completely eliminating access for internal users?

• A. NAC
• B. VLAN
• C. DMZ
• D. Subnet

Answer: C

NEW QUESTION 10
A system administrator wants to provide for and enforce wireless access accountability during events where external speakers are invited to make presentations to a mixed audience of employees and non-employees.
Which of the following should the administrator implement?

• A. Shared accounts
• B. Preshared passwords
• C. Least privilege
• D. Sponsored guest

Answer: D

NEW QUESTION 11
Drag and drop the correct protocol to its default port.

Answer:

Explanation: FTP uses TCP port 21. Telnet uses port 23. SSH uses TCP port 22.
All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).
Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP). SMTP uses TCP port 25. Port 69 is used by TFTP.
SNMP makes use of UDP ports 161 and 162. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

NEW QUESTION 12
A company is terminating an employee for misbehavior. Which of the following steps is MOST important in the process of disengagement from this employee?

• A. Obtain a list of passwords used by the employee.
• B. Generate a report on outstanding projects the employee handled.
• C. Have the employee surrender company identification.
• D. Have the employee sign an NDA before departing.

Answer: C

NEW QUESTION 13
Which of the following differentiates a collision attack from a rainbow table attack?

• A. A rainbow table attack performs a hash lookup
• B. A rainbow table attack uses the hash as a password
• C. In a collision attack, the hash and the input data are equivalent
• D. In a collision attack, the same input results in different hashes

Answer: A

NEW QUESTION 14
A system’s administrator has finished configuring firewall ACL to allow access to a new web server.

The security administrator confirms form the following packet capture that there is network traffic from the internet to the web server:

The company’s internal auditor issues a security finding and requests that immediate action be taken. With which of the following is the auditor MOST concerned?

• A. Misconfigured firewall
• B. Clear text credentials
• C. Implicit deny
• D. Default configuration

Answer: B

NEW QUESTION 15
A datacenter manager has been asked to prioritize critical system recovery priorities. Which of the following is the MOST critical for immediate recovery?

• A. Communications software
• B. Operating system software
• C. Weekly summary reports to management
• D. Financial and production software

Answer: B

NEW QUESTION 16
A security administrator is developing controls for creating audit trails and tracking if a PHI data breach is to occur. The administrator has been given the following requirements:
All access must be correlated to a user account.
All user accounts must be assigned to a single individual.
User access to the PHI data must be recorded.
Anomalies in PHI data access must be reported.
Logs and records cannot be deleted or modified.
Which of the following should the administrator implement to meet the above requirements? (Select three.)

• A. Eliminate shared accounts.
• B. Create a standard naming convention for accounts.
• C. Implement usage auditing and review.
• D. Enable account lockout thresholds.
• E. Copy logs in real time to a secured WORM drive.
• F. Implement time-of-day restrictions.
• G. Perform regular permission audits and reviews.

Answer: ACG

NEW QUESTION 17
A supervisor in your organization was demoted on Friday afternoon. The supervisor had the ability to modify the contents of a confidential database, as well as other managerial permissions. On Monday morning, the database administrator reported that log files indicated that several records were missing from the database. Which of the following risk mitigation strategies should have been implemented when the supervisor was demoted?

• A. Incident management
• B. Routine auditing
• C. IT governance
• D. Monthly user rights reviews

Answer: D