Security
13
Ques-1. Which of the following describes APIs for devices such as smartcards that contain other cryptographic information? A. PKCS #11 B. PKCS #13 C. PKCS #4 D. PKCS #2 Ans-A (PKCS #11) Ques-2. Your company is in a process of setting up a management system on your network, and you want to use SNMP. You have to allow this traffic through a router. Which UDP ports you have to open? A. 161 B. 139 C. 138 D. 162 Ans-A,D (161,162) Ques-3. Which of the following are used to verify the status of a certificate? A. OCSP B. CRL C. OSPF D. ACL Ans-A,B (OCSP), (CRL) Ques-4. what type of algorithm does the MD series of encryption algorithm used? A. Asymmetric Encryption Algorithm B. Digital Signature C. Hashing Algorithm D. All of the above Ans-C
-
Upload
gaurav-gupta -
Category
Documents
-
view
66 -
download
3
Transcript of Security
Ques-1. Which of the following describes APIs for devices such as smartcards that contain other cryptographic information?
A. PKCS #11B. PKCS #13C. PKCS #4D. PKCS #2
Ans-A (PKCS #11)
Ques-2. Your company is in a process of setting up a management system on your network, and you want to use SNMP. You have to allow this traffic through a router. Which UDP ports you have to open?
A. 161B. 139C. 138D. 162
Ans-A,D (161,162)
Ques-3. Which of the following are used to verify the status of a certificate?
A. OCSPB. CRLC. OSPFD. ACL
Ans-A,B (OCSP), (CRL)
Ques-4. what type of algorithm does the MD series of encryption algorithm used?
A. Asymmetric Encryption AlgorithmB. Digital Signature
C. Hashing AlgorithmD. All of the above
Ans-C
Ques-5. trey research has implemented a wireless network. which of the following options would you use to grant access to authorized wireless users?
A. BiometricB. WEPC. LEAPD. SSL
Ans-B (WEP)
Ques-6. Michael, the CTO of a new company, wants to deploy asymmetric encryption for all users in his company. Identify the asymmetric algorithm that is the de-facto standard for public key encryption?
A. DESB. RSAC. Diffie-HelmanD. AES
Ans-B (RSA)
Ques-7. Woodgrove bank has an elaborate security infrastructure for its corporate data network, which is used by over 300 employees. Each employee needs to be issued a pair of private and public keys to use. Which option would be the safest way of issuing the keys to each user?
A. Issue each user a smart card with key information embedded in it.B. Request each user to scribble the keys on a personal notebook.C. Put each key in a key Escrow.D. Ask the users to copy the keys on their computers.
Ans-A
Ques-8. Tom uses DES for encrypting on this company’s network. He has been advised by the CTO of the company to use a stronger encryption mechanism. Which of the following options uses variable key lengths to replace DES?
A. BlowfishB. IDEAC. Triple-DESD. AES
Ans-D (AES)
Ques-9. Francesca is working out a strategy for fire protection of a server room in a call center. The server room is occupied by dozens of employees around the clock. Which of the following options represents the best method for fire suppression?
A. In case of fire, the server room should be flooded with Halon gas.B. In case of fire, the server room should be flooded with water.C. In case of fire, the server room should be flooded with a nontoxic inert gas.D. In case of fire, evacuate all oxygen from the server room by using vacuum pumps
Ans-C
Ques-10. An attacker has compromised your PBX system. The attacker has made many long distance calls. How can you, the administrator protect the PBX system from future attacks with no extra equipment cost? (Choose two correct options.)
A. Deploy smart card authentication.B. Educate users about PBX security.C. Use Layer 3 switching devices.D. Program system exclusion lists.
Ans-D,B
Ques-11. You want to monitor and remotely manage the services that are running on all client workstations within the organization’s network. Which User Datagram Protocol(UDP) will you use to remotely manage workstations?
A. SMTPB. RTSPC. SNMPD. DHCP
Ans-C (SNMP)
Ques-12. Recently, there has been a packet sniffing attack on the company’s FTP server. You want to encrypt all file transfers to your FTP server on the internet. How will you achieve this?
A. Use Anonymous FTPB. Use FTP for file transferC. Encrypt all files on the FTP serverD. Implement Secure FTP
Ans-D
Ques-13. Wingtip toys is using dial-up lines as part of a remote access solution. All remote access users are within the local calling area. You are a security consultant and need to advise the client on the disadvantages of using dial-up lines as part of a remote access solution. Which of the following options will you choose to state?(Choose two correct options).
A. Lower productivityB. War dialingC. Higher cost of long-distance connectionsD. Susceptibility to sniffing
Ans-A,B
Ques-14. Fourth coffee, a small coffee company, maintains its daily sales record using a computer system. Tom the proprietor of the company, consolidates these records once a month to generate a monthly sales report. Tom’s home is 60 miles from the company. Which one of the following options would be the optimal cost-effective solution to protect this data?
A. Make regular backups of all data on the machine, and store it at Tom’s home.B. Create a mirror server with hot backups. Use this server immediately in case of disaster.C. Create a backup server. Update this server once a week, and use it in case of disaster.D. Make regular backups of all data on the machine, and preserve it in a shelf next to the machine
for easy access.
Ans-A
Ques-15. Datum corporation is a leading ISP and web hosting provider.Which type of humongous insurance most likely to sign with datum corporation?
A. An ISP SLAB. An application service provider SLAC. A data center SLAD. A LAN SLA
Ans- B
Ques-16. TOM a security expert, has been assigned the task of securing physical access to the ro0om of the server that contains classified government documents. Which of the following biometric schemes will best suite his requirements?
A. Speech recognitionB. Face recognitionC. Hand geometryD. Retinal scan
Ans-D
Ques-17. Lucerne publishing works with freelance authors. Nancy, the editor-in-charge, needs to frequently exchange online documents with these authors. What would you suggest as the best algorithm for Nancy?
A. DESB. Asymmetric keyC. Secure hashD. Symmetric key
Ans- C
Ques-18. Fourth coffee uses FTP to transfer files. The company wants an SSL/TLS-based solution to protect file transfers. Which of the following options would be required to implement this solution?
A. Secure FTP-enabled software on the FTP clientB. Secure FTP-enabled software on the FTP serverC. A certificate authorityD. Kerberized FTP-enabled software on the FTP client and FTP server
Ans-A,B,C
Ques-19. John is the administrator of contoso ltd. The company has 1500 users on its network. The company policy requires evidence to be collected when user breach the security terms of the organization. What should John do before data is preserved in the organization as evidence?
A. Advise user of system monitioringB. Monitor the phone callsC. Review the e-mailsD. Define the chain of custody
Ans-D
Ques-20. Which functionality should lucrene publishing consider to allow multiple hosts to share a single ip address?
A. VLANB. VPNC. FirewallD. NAT
Ans- D
Ques-21. Your organization uses LDAP to organize data in a hierarchical fashion. What are the ways in which the LDAP servers are compromised by the attackers?
A. Enumerating files on serversB. Exploiting incorrectly configured sharesC. Packet sniffingD. Information gathering
Ans-C,D
Ques-22. Coho Vineyard needs to install a public Web server. Where would you suggest this web server be installed so that the internal network is protected from intruders?
A. In the intranetB. In the VPN
C. In the perimeter networkD. In the extranet
Ans-C
Ques-23. The administrator of contoso ltd. Recently installed a new DNS server, DNS-ROOT on the network. DNS-ROOT will be used to resolve internet hosts name to IP addresses for clients on the local network. How should the administrator enforce security to allow DNS zone transfers only from the DNS server of the ISP?
A. Enable packet filtering on all computersB. Enable packet filtering for all outgoing trafficC. Configure an access control list to include only the ip address of DNS-ROOTD. Configure an access control list to include only the ip address of the ISP’s DNS server
Ans-D
Ques-24. To reduce hoax e-mail, you need to create an written policy. This policy will be circulated to all users in the organization. Which of the following should be included in the policy?
A. Report all words of urgency, warnings and virus alerts appearing in the subject line of e-mail to technical support
B. Report any e-mail containing no subject heading lineC. Report all e-mail received by all users in the organization that contain words of urgency,
warnings and virus alerts in the subject lineD. Report any e-mail that contains instructions to delete files to all users in the organization
Ans-A
Ques-25. Your company has a Net Ware server to authenticate users. Users are required to provide unique password for five different applications on the network. You want to eliminate the redundancy of using multiple password mechanisms. How will you accomplish this?
A. Set a common password age and length limit for all applicationsB. Implement single sign-on for authenting usersC. Manually set the same user password for all applications and for all usersD. Instruct users to use the same password for all applications
Ans-B
Ques-26. Your Web server must support server-side include (SSI) for certain common gateway interface (CGI) programs to function properly. Knowing that support for SSI can be a security risk, what corrective action can you take to protect the Web server?
A. Ensure that you use client-side Java script to preprocess data fed into the CGI program
B. Turn off SSI on the script directoriesC. Limit CGI programs to specific directoriesD. Turn on SSI on the web server and the script directories
Ans-B,C
Ques-27. John is a network administrator of Trey Research, has installed a new security component to encrypt all the data on the network. What should John do to educate his users about the new security component and allow them actively participate by providing opinions?
A. Create a security awareness programB. Stick posters and flyers on the buildingC. Deploy logon access bannersD. Communicate through e-mail
Ans- A
Ques-28. An electronics company with 60 employees has been issued a certificate from a private certificate authority (CA) setup within the company. Which option would be the best solution for providing for the revocation of a certificate for an employee?
A. Choose one employee who can revoke certificates for everyone.B. Certification revocation is dangerous and should not be supported at all.C. A group of responsible employees has to be identified to revoke certificates.D. Let all employees revoke their own certificate when required.
Ans-C
Ques-29. South bridge video wants to enable encryption and digital signing of e-mail messages. The company wants to use an external PKI service provider to generate certificates. To achieve this, what type of clients should the company run?
A. SMTP relay-enabledB. S/MIME-enabledC. PGP-enabledD. POP-enabled
Ans- B
Ques-30. You installed a new Microsoft windows 2000 server on your network. This server is used to store user files. These files are required to be encrypted for security reasons. How will you ensure that files stored by all users are encrypted?
A. Use NTFSB. Use EFS
C. Use third party softwareD. Use Disk Quota
Ans-B
Ques-31.
![PHYSICAL SECURITY & ENVIRONMENTAL SECURITY · Physical Security & Environmental Security Policy and Procedures Title [company name] Physical Security & Environmental Security Policy](https://static.fdocuments.in/doc/165x107/5b5559c77f8b9ac5358b71e4/physical-security-environmental-security-physical-security-environmental.jpg)
