pearson test prep questions with complete solution
Written for
PEARSON (PEARSON)
PEARSON
PEARSON
All documents for this subject (2020)
Seller
Follow
flyhigher329
Reviews received
Content preview
Pearson Test Prep (Security +)
You are the security administrator for the company ABC Accounting, Inc. The IT director
has given rights to you that allow you to review logs and update network devices only.
Other rights are given out to network administrators for the areas that fall within their job
description. What kind of access control is this? - correct answer Least privilege
Explanation: Least privilege is when users are given only those rights necessary to do
their job. Since the IT director only gave you specific rights and no more, and because
other very specific rights are given to other network administrators, the least privilege
rule applies here. Job rotation is when multiple users are cycled through different
related tasks. Discretionary access control (DAC) is an access control model that has
rules set by the user. Because the IT director has already set rights and permissions,
this scenario does not involve DAC. Mandatory vacation is when a user is forced to take
consecutive days of vacation away from the office.
You have been given ten hard drives that need to be decommissioned. What is the first
thing you should do? - correct answer Perform a bit-level erasure or overwrite the
drive.
Explanation-Hard drives should be sanitized. This can be done with bit-level erasure
software that completely obliterates any data that was previously on the drive.
Formatting the drive is not sufficient, as data can still be recovered from a formatted
drive. Even if you plan to dispose of the drives with a third-party facility, the drive should
still be sanitized beforehand. Most organizations will not burn hard drives. It might even
be illegal in your municipality. Instead, after sanitization, hard drives are often
pulverized. See the section titled "Legislative and Organizational Policies" in Chapter
16, "Policies, Procedures, and People," for more information.
What kind of monitoring methodology does an antivirus program use? - correct answer
Signature-based
Explanation- Antivirus programs normally use signature-based monitoring. IDS solutions
also use this. Signature-based monitoring analyzes frames and packets of network
traffic for predetermined attack patterns. Anomaly-based monitoring establishes a
performance baseline based on a set of normal network traffic and valuations. Behavior-
based monitoring looks at the previous behavior of applications and compares that to
the current activity on the system. Statistical-based monitoring is another name for
anomaly-based monitoring.
Which of the following are PII that are used in conjunction with each other? - correct
answer Full name
Birthday
,Explanation: PII stands for personally identifiable information. Of the answer choices
listed, the two used in conjunction the most often to identify a person are the person's
full name and the person's birthday. The other answers are secondary information that
won't identify the person nearly as well. See the section titled "Legislative and
Organizational Policies" in Chapter 16, "Policies, Procedures, and People," for more
information.
What kinds of attacks involve intercepting packets on the network and modifying them?
- correct answer TCP/IP hijacking
MITM
Explanation: MITM (man-in-the-middle) and TCP/IP hijacking are methods used to
intercept network transmissions and modify packets that are captured.
Which of the following is the greatest security risk of two or more companies working
together under a memorandum of understanding? - correct answer MoUs are
generally loose agreements that do not have strict guidelines governing the
transmission of sensitive data.
Explanation: An MoU (memorandum of understanding) is generally a loose agreement.
It differs from a service-level agreement (SLA) and a interconnection security
agreement (ISA) in that those are very specific regarding legal issues and security
concerns.
Which port and transport mechanism protocol must be opened on a firewall to allow
incoming SFTP connections? - correct answer 22 and TCP
Explanation: SFTP (Secure FTP) uses port 22 and rides on SSH to make connections.
It uses TCP as the transport mechanism. Most secure connections of this sort require
guaranteed, connection-oriented transmission of data--thus TCP
Which of the following protocols operates at the highest layer of the OSI model? -
correct answer SCP
Explanation: SCP (Secure Copy) is a protocol/application used to transfer files securely
between computers. It relies on Secure Shell (SSH) and uses port 22. It is an
application, and therefore resides on the application layer (layer 7), the highest layer of
the OSI model, as does SSH. Because the OSI model is normally represented with a
top-down approach, the application layer is at the top, and is considered "highest."
Your boss asks you to replace the current RADIUS authentication system with a more
secure system that can also utilize EAP. Which of the following is the best option and
would offer the easiest transition? - correct answer Diameter
Explanation: The Diameter protocol is, like RADIUS, another AAA protocol, but is a
more evolved protocol and utilizes more reliable transport mechanisms such as TCP
, and Stream Control Transmission Protocol (SCTP), as opposed to UDP. Like RADIUS,
many Diameter applications allow for the use of the Extensible Authentication Protocol
(EAP).
Which of the following is a step in deploying a WPA2-Enterprise wireless network? -
correct answer Install a digital certificate on the authentication server.
Explanation: If you are running a WPA2-Enterprise wireless network, then the WAP will
need to access a RADIUS server for the authentication portion of the wireless
connection. This scenario calls for a digital certificate to be loaded on the RADIUS
server.
Your organization's server uses a public, unencrypted communication channel. You are
required to implement protocols that allow clients to securely negotiate encryption keys
with the server. What protocols should you select? - correct answer ECDHE
Diffie-Hellman
Explanation: Standard Diffie-Hellman and ECDHE (Elliptic Curve Diffie-Hellman in
ephemeral mode) were designed to securely negotiate encryption keys over an
unencrypted channel.
An administrator configures Unix accounts to authenticate to an external non-Unix
server. The configuration file incorporates the following information: DC=ServerName
and DC=COM. Which service is being used? - correct answer LDAP
Explanation: DC=ServerName and DC=COM imply the use of a Microsoft Windows
domain controller (thus the DC parameter). Lightweight Directory Access Protocol
(LDAP) is a directory access and authentication service used by Windows domain
controllers, among other technologies.
Cloud environments often reuse the same physical hardware (such as hard drives) for
multiple customers. These hard drives are used and reused when customer virtual
machines are created and deleted over time. What security concern does this bring up
implications for? - correct answer Data confidentiality
Explanation: There is a concern about data confidentiality with cloud computing
because multiple customers are sharing physical hard drive space. A good portion of
customers run their cloud-based systems in virtual machines. Some virtual machines
could run on the very same hard drive (or very same array of hard drives). If one of the
customers had the notion, they could attempt to break through the barriers between
virtual machines, which if not secured properly, would not be very difficult to do.
What are the best reasons to use an HSM? - correct answer To store keys
To generate keys
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller flyhigher329. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.