Q511. Which of the following represents a cryptographic solution where the encrypted stream cannot be captured by a sniffer without the integrity of the stream being compromised? 

A. Elliptic curve cryptography. 

B. Perfect forward secrecy. 

C. Steganography. 

D. Quantum cryptography. 

Answer:

Explanation: 


Q512. The security administrator installed a newly generated SSL certificate onto the company web server. Due to a misconfiguration of the website, a downloadable file containing one of the pieces of the key was available to the public. It was verified that the disclosure did not require a reissue of the certificate. Which of the following was MOST likely compromised? 

A. The file containing the recovery agent’s keys. 

B. The file containing the public key. 

C. The file containing the private key. 

D. The file containing the server’s encrypted passwords. 

Answer:

Explanation: 

The public key can be made available to everyone. There is no need to reissue the certificate. 


Q513. A company hires outside security experts to evaluate the security status of the corporate network. All of the company’s IT resources are outdated and prone to crashing. The company requests that all testing be performed in a way which minimizes the risk of system failures. Which of the following types of testing does the company want performed? 

A. Penetration testing 

B. WAF testing 

C. Vulnerability scanning 

D. White box testing 

Answer:

Explanation: 

Vulnerability scanning has minimal impact on network resource due to the passive nature of the scanning. 

A vulnerability scan is the process of scanning the network and/or I.T. infrastructure for threats and vulnerabilities. The threats and vulnerabilities are then evaluated in a risk assessment and the necessary actions taken to resolve and vulnerabilities. A vulnerability scan scans for known weaknesses such as missing patches or security updates. 

A vulnerability scan is the automated process of proactively identifying security vulnerabilities of computing systems in a network in order to determine if and where a system can be exploited and/or threatened. While public servers are important for communication and data transfer over the Internet, they open the door to potential security breaches by threat agents, such as malicious hackers. Vulnerability scanning employs software that seeks out security flaws based on a database of known flaws, testing systems for the occurrence of these flaws and generating a report of the findings that an individual or an enterprise can use to tighten the network's security. 


Q514. Which of the following authentication services uses a ticket granting system to provide access? 

A. RADIUS 

B. LDAP 

C. TACACS+ 

D. Kerberos 

Answer:

Explanation: 

The basic process of Kerberos authentication is as follows: 

The subject provides logon credentials. 

The Kerberos client system encrypts the password and transmits the protected credentials to the 

KDC. 

The KDC verifies the credentials and then creates a ticket-granting ticket (TGT—a hashed form of 

the subject’s password with the addition of a time stamp that indicates a valid lifetime). The TGT is 

encrypted and sent to the client. 

The client receives the TGT. At this point, the subject is an authenticated principle in the Kerberos 

realm. 

The subject requests access to resources on a network server. This causes the client to request a 

service ticket (ST) from the KDC. 

The KDC verifies that the client has a valid TGT and then issues an ST to the client. The ST 

includes a time stamp that indicates its valid lifetime. 

The client receives the ST. 

The client sends the ST to the network server that hosts the desired resource. 

The network server verifies the ST. If it’s verified, it initiates a communication session with the 

client. From this point forward, Kerberos is no longer involved. 


Q515. Which of the following is an authentication service that uses UDP as a transport medium? 

A. TACACS+ 

B. LDAP 

C. Kerberos 

D. RADIUS 

Answer:

Explanation: RADIUS runs in the application layer and makes use of UDP as transport. 


Q516. Ann was reviewing her company's event logs and observed several instances of GUEST accessing the company print server, file server, and archive database. As she continued to investigate, Ann noticed that it seemed to happen at random intervals throughout the day, but mostly after the weekly automated patching and often logging in at the same time. Which of the following would BEST mitigate this issue? 

A. Enabling time of day restrictions 

B. Disabling unnecessary services 

C. Disabling unnecessary accounts 

D. Rogue machine detection 

Answer:

Explanation: 


Q517. Physical documents must be incinerated after a set retention period is reached. Which of the following attacks does this action remediate? 

A. Shoulder Surfing 

B. Dumpster Diving 

C. Phishing 

D. Impersonation 

Answer:

Explanation: 

Incinerating documents (or shredding documents) instead of throwing them into a bin will prevent people being able to read the documents to view sensitive information. Dumpster diving is looking for treasure in someone else's trash. (A dumpster is a large trash container.) In the world of information technology, dumpster diving is a technique used to retrieve information that could be used to carry out an attack on a computer network. Dumpster diving isn't limited to searching through the trash for obvious treasures like access codes or passwords written down on sticky notes. Seemingly innocent information like a phone list, calendar, or organizational chart can be used to assist an attacker using social engineering techniques to gain access to the network. To prevent dumpster divers from learning anything valuable from your trash, experts recommend that your company establish a disposal policy where all paper, including print-outs, is shredded in a cross-cut shredder before being recycled, all storage media is erased, and all staff is educated about the danger of untracked trash. 


Q518. Which of the following devices will help prevent a laptop from being removed from a certain location? 

A. Device encryption 

B. Cable locks 

C. GPS tracking 

D. Remote data wipes 

Answer:

Explanation: 

Cable locks are theft deterrent devices that can be used to tether a device to a fixed point keep smaller devices from being easy to steal. 


Q519. Data execution prevention is a feature in most operating systems intended to protect against which type of attack? 

A. Cross-site scripting 

B. Buffer overflow 

C. Header manipulation 

D. SQL injection 

Answer:

Explanation: 

Data Execution Prevention (DEP) is a security feature included in modern operating systems. It 

marks areas of memory as either "executable" or "nonexecutable", and allows only data in an 

"executable" area to be run by programs, services, device drivers, etc. It is known to be available 

in Linux, OS X, Microsoft Windows, iOS and Android operating systems. 

DEP protects against some program errors, and helps prevent certain malicious exploits, 

especially attacks that store executable instructions in a data area via a buffer overflow. 

A buffer overflow occurs when a program or process tries to store more data in a buffer (temporary 

data storage area) than it was intended to hold. Since buffers are created to contain a finite 

amount of data, the extra information - which has to go somewhere - can overflow into adjacent 

buffers, corrupting or overwriting the valid data held in them. Although it may occur accidentally 

through programming error, buffer overflow is an increasingly common type of security attack on 

data integrity. In buffer overflow attacks, the extra data may contain codes designed to trigger 

specific actions, in effect sending new instructions to the attacked computer that could, for 

example, damage the user's files, change data, or disclose confidential information. Buffer 

overflow attacks are said to have arisen because the C programming language supplied the 

framework, and poor programming practices supplied the vulnerability. 


Q520. A company is installing a new security measure that would allow one person at a time to be authenticated to an area without human interaction. Which of the following does this describe? 

A. Fencing 

B. Mantrap 

C. A guard 

D. Video surveillance 

Answer:

Explanation: 

Mantraps make use of electronic locks and are designed to allow you to limit the amount of individual allowed access to an area at any one time.