1

2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
32
33
34
35
36
37
38
39

A
A r A user
replies
to an I
A user replies
to
IM in
A ran
Observing
when
a
A r Athwart
Business
recovery
A r Athwart
Data that is
transferred
A r- TCP/IP is
networkA
IPv6 is
impervious
to
A
C Enforcing
a strong
A
C TCP is
slower than
DNS

Which of the folloverg

examples
clinic
social
Which of the
following
examples
of remote
Which of the
following
examples
of
social
if mahvate causes popup
windows
to bombard
5. Which
of the
followinga
is
NOT an example
If malwase
containsof an
malicious
code
is
7. Which of
the that
following
examples
does
NOT
Wlidch of the
following
is
NOT a feature
of TCP./IP?
Which
statement
about
1Pv4 andadministrators
IPv6 is NOT
Network
are
required
follow is
Which
of thetofollowing
NOT a feature
of TCP and
Which
of the following
protocols
operates
on
A r DNS
Which of the following
protocols
operates
on
14. Which of the following A OVAL is
statements
NOT is used
to a
Which of thedoes
following
A (-- Use
NOT
an example
of a
monitoring
16. Which
of the following
A C Restrict
is
NOT
a
step
that
you
17. Which of the following Internet
Use UTP use
to
is
an
example
of
a
prevent
18. Which of the following A MBSA
automated
scanning tools
19. You're monitoring
the A C Server
Windows-based
network
log
20. Penetration testing
A Blind test
can
take
many
forms.
If
a
21. You're monitoring the A C Server
Windows-based
network
22. There are five
steps in log
A i 1 Use a
the
vulnerability
port
scanner
23. Penetration testing
A C Blind
test
can You're
take many
forms If
a A Server log
24.
monitoring
the
Windows-based
network A C Privacy
25.
You are responsible
for creating
a risk
policy
26.
You are responsible
A
r- Privacy
for creating
risk
policy
27.
You wantato
ensure
A
rthat
user
account
Implement
28. Which is a best
A Monitor
practice
when
humidity
29. You want to ensure
A r Encrypt
data
stored
on
your
only the
at
30 You we cranks a report files
A r Avon'
on
environmental
use
FIVAC
31.the
As part
of your
A C, of
Use
WEP
organization's
risk
over
WPA
32. You want to ensure
A f Disable
that
mobile
devices
in
remote
32. You want to ensure
A r- Disable
that
mobile
devices
in
remote
33. You want to ensure
Install a VPN
that
users
can
access
the
conceotralor
A Key
34. What is the
cryptographic
term
for
a
35. What is the
A Key
cryptographic
term
for
a
36. Which of the following A C Uses 168features
applies
to the
bitr key
A
LUC
37. A certain
asymmetric
algorithm
isthe
based on the Key
38.
What is
management
and
cryptographic
A C Full
distribution? term for
keyspace

B
C
D
8 r An a mpl C C An
As Ina rnael
cryee
automated
that
look s
An
An
An e-mail
employee
automated
looks
Falsifying
Taking a hard that
Lurking
in like
the
i..entry
in
a
disk
that's
vicinity
of
an
3 c Spyware
c Backdoor
C Logic bomb
Backups that Unscheduled Management
enable
downtime
to
3 c Spyware
c Backdoorto controls
C Logic bomb
Data
An active
Secure
classification
malicious
update
B r TCP/IP is C r The
D r The
anIPv6
integrated
transport
network
B
is less C
IPvG
D
IPv4
vulnerable
to C
addresses
addressesa
B
C Creating
Running
Creating
a
scanning
document
TCP
doesn't use
C NAC
UDP policy
is less reUDP
sequences
FTP
SSH
AAP
FTP
SSH
IMAP
B Packet
C r Sniffing is Port scanning
sniffers
performed
B r Use a
C C Use a by is
D rinitialized
Use a
traffic
filter
that
proxy
server
B C Prevent C C Monitor D I n&al
I one
spam
from
network
device
that
Enable
Enable
Use default
features
such
unused
ports
administrativ
B r SARA C
C
D IBM ISS
QualysGuard
C Security log Internet
B System
r Applicata)
log
:
log
B Targeted
C Doubletesting
blind
test
B C System
C C Security
Applicalion
kg
kg
log
B C'
C Inform all
D r Document
Familiarize
network
13 r Targeted r nntihle-blind every
testing
test
B
System log C'
Security
Applicalion
C C Job
log
log
B
C
r
C
Least
rotalion
Acceptable
privileges
B
r- Job policy C
Acceptable C
Least
rotation
poky C
use
policy
privileges
B
r Disable
r Disable
D
r Refrain
account
account
from
locking
B Use
C Preform
separate
annual
Br
C Create
D C Refrain
Implement
multiple
from
13 r Mace
C r Install
detection
B Enable SSID shielded
C Enable any D r Ensure
broadcasting
proper
B Implement unused
C C Avoid
a
B patch
Implement using
Avoid using
a
patch
transitive
Extend the
C Connect
network
using
using
B Keyspace
C
D Entity
Cryptosystem
authenticatio
B Keyspace
C
D Entity
Cryptosystem
authenticatio
B Uses a form C Uses 14
D r- Uses 48
of RSA
block
rounds
of
B
C Knapsack rounds of
merkieB Keyspace C C
D C Entity
Cryptosystern
B C Key
A
key should authenticatio
lengths
be preserved

40 40. What is a
characertistic of digital
41 41. Which best practice
should you implement
What
type ofa secure
42 42.
when
deploying
application
attack
virtualized
environment?
What type
of is a
43 43.
attack isrisk
44. Which security
44 application
method
45. As a security
45 mitigation
you need to
46. Which statement
46 specialist,
applies
to
47. Which type
of cloud
47 accurately
48. Which offers
stage the
of the
48 computer
tisk
assessment
process
49 49. Which stage of the
assessment
process
50 Which
of the fillowing
50 risk
is NOT a key

A re They are
based
on
A r Disable
sandboxing 3
A r Session
hijadcing
A C Session
hijacking
A C Layered
security
AC
Implement
A C They
prevent
A r Pubicdata
A r- Control
analysis
A C Control
analysis
A r Keep an
inventory of

They are data C They are

blocks
to
r Enable high- unable
C Run VMs
availability
alongside
B
C Malicious
C
Header
settings
;
other
physical C Remote
add-ons
manipulation
code
devices
on
B r Malicious C
r Header
D C Remote
the
sane
add-ons
manipulation
BC
C
C Network code
D r Control
document
network
Application
segmenlabon
redundancy
B r Develop events
whitelists
B C They to C They are
D They keep
prevent
data
used
to
track
of
B r Private
r Hybrid
r re. norlaik.
B c- Threat
C r System
C
idenithcalion
charVulnerability
B C Threat
C System
D vu I nera
idenificalon
characterizati
belay
B r Boost
C r Ensue c
D f Maintain a
fault Inlet
that all
redundant