01. As a condition of being awarded a new contract, an organization must increase the security of its VPN ensuring that one compromised SA session key cannot be used to compromise any other sessions.
Which of the following could be configured to meet this requirement?
a) Opportunistic encryption
b) Pseudo-random number generator
c) Dual-factor authentication
d) Perfect forward secrecy
02. An IT Manager has requested that specific files stored on the company SAN containing data which is not protected by patent law, but is classified as trade secret encrypted with a block cipher which is both secure and fast.
Which of the following BEST satisfies the request?
03. During a routine security assessment of a network, the security administrator discovers a user workstation with multiple SSH connections to servers outside the corporate network.
Using a protocol analyzer, the administrator identifies hundreds of gigabytes of information being transferred to an external server via SCP. After identifying the user, the administrator discovers that today is the user’s last day of employment, and that the employee is going to work for a competitor.
Which of the following tactics is being used to steal company secrets?
a) Logic bomb
b) SSH worm
c) Data exfiltration
d) Privilege escalation
e) SAML exploit
04. A new system has recently been built using the SSDLC process and is in the validation process to ensure the system is behaving correctly.
During this process, the development team notices that the system is behaving as it should, except for a few minor internal application bugs. Which of the following validation types would be a result of this issue?
a) Application interface validation
b) Code validation
c) Functional validation
d) Requirements validation
05. When considering security requirements which require third party vendor requests, which of the following is a correctly ordered set of events from start to finish?
a) RFP, RFQ, RFC
b) RFI, RFQ, RFP
c) RFP, RFQ, RFI
d) RFC, RFT
06. An administrator uses an iSCSI unencrypted connection over the corporate network. Which of the following vulnerabilities would be present in regards to iSCSI authentication?
a) Authentication uses the older TACACS protocol and is vulnerable to a botnet attack.
b) Authentication is vulnerable to a dictionary attack.
c) iSCSI uses LDAP authentication in plain text, which can be easily compromised.
d) Kerberos authentication would not be supported on Linux hosts.
07. A security administrator notices a network intrusion and quickly solves the problem by closing an unused port. Which of the following should be completed?
a) After action report
d) Reverse engineering incident report
08. Which of the following practices is MOST likely employed during e-discovery?
a) Legal hold and chain of custody
b) Risk mitigation and policy generation
c) Network enumeration and fingerprinting
d) Data deduplication and hashing
09. A new Chief Information Officer’s (CIO’s) primary initiative is to reduce risk and the number of vulnerabilities affecting an organization. Which of the following reduces the number of locations to patch internal applications?
a) Provide application access through a VDI
b) Host applications using terminal services
c) Implement an enterprise patch management solution
d) Convert applications to leverage hosted cloud computing
10. A server administrator needs to find a web service that will allow most systems to communicate over HTTP using an XML based protocol. Which of the following communication methods will allow this?