Presentation is loading. Please wait.

Presentation is loading. Please wait.

Question 1 Of the following choices, what type of control is least privilege? A. Corrective B. Detective C. Preventative D. Technical.

Published byMeryl Rich Modified over 8 years ago

Similar presentations

Presentation on theme: "Question 1 Of the following choices, what type of control is least privilege? A. Corrective B. Detective C. Preventative D. Technical."— Presentation transcript:

1

2 Question 1 Of the following choices, what type of control is least privilege? A. Corrective B. Detective C. Preventative D. Technical

3 Question 2 Of the following choices, what type of control is a vulnerability assessment? A. Management B. Operational C. Technical D. Corrective

4 Question 3 Which of the following is a preventative control that can prevent outages due to ad-hoc (as-needed) configuration error? A. Least privilege B. Change management plan C. A periodic review of user rights D. Security audit

5 Question 4 Which of the following is a preventative control? A. Least privilege B. Security guard C. Security audit D. Periodic review of user rights

6 Question 5 Your organization regularly performs routine security audits to assess the security posture. What type of control is this? A. Detective B. Corrective C. Technical D. Preventative

7 Question 6 Of the following choices, what is a detective security control? A. Change management B. CCTV - Closed-Circuit TV C. HVAC - Heating/Ventilation/Air Conditioning D. User training

8 Question 7 An administrator is assigning access to users in different departments based on their job functions. What access control model is the administrator using? A. RBAC B. MAC C. DAC D. CAC

9 Question 8 You manage user accounts for sales department. You have created a sales user account template to comply with the principle of least privilege. What access control model are you following? A. DAC B. RBAC C. CAC D. MAC

10 Question 9 Windows systems protect files and folders with New Technology File System (NTFS). What access control model does NTFS use? A. MAC B. RBAC C. DAC D. Implicit allow

11 Question 10 What is the purpose of a cypher lock system? A. Control door access with a proximity card B. Control door access with a keypad C. Control access to a laptop with biometrics D. Control access to laptop with a smart card

12 Question 11 What can you use to electronically unlock a door for specific users? A. Token B. Physical key C. Proximity cards D. Certificate

13 Question 12 An administrator notices that former temporary employees’ accounts are still active on a domain. Which of the following can be implemented to increase security and prevent this from happening? A. Implement a password expiration policy. B. Implement an account expiration date for permanent employees. C. Implement time of day restrictions for all temporary employees. D. Run a last logon script to look for inactive accounts.

14 Question 13 A company hosts a datacenter with highly sensitive data. Of the following choices, what can provide the best type of physical security to prevent unauthorized entry? A. ID badges B. Mantrap C. CCTV D. Proximity card

15 Question 14 Two employees have entered a secure datacenter. However, only one employee provided credentials. How did the other employee gain entry? A. Mantrap B. Tailgating C. HVAC D. Vishing

16 Question 15 Your organization has several portable USB drives that users are able to use to transfer large video files instead of copying them over the network. What should be used to prevent the theft of these drives A. Locked cabinet B. Video surveillance C. TPM - Trusted Platform Module D. HSM - Hardware Security Module

17 Question 16 Your organization requires users to create passwords of at least ten characters for their user accounts. Which of the following is being enforced? A. Password complexity B. Password length C. Password masking D. Password history

18 Question 17 Your password policy includes password history. What else should be configured to ensure that users aren't able to easily reuse the same password? A. Password masking B. Maximum age C. Minimum age D. Password complexity

19 Question 18 Your organization has a password policy that requires employees to change their passwords at least every forty-five days and prevents users from reusing any of their last five passwords. However, when forced to change their passwords, users are changing their passwords five more times to keep their original password. What can resolve this security vulnerability? A. Modify the password policy to require users to change their password after a day has passed. B. Modify the password policy to prevent users from changing the password until a day has passed. C. Modify the password policy to remember the last twelve passwords. D. Modify the password policy to remember the last twenty-four passwords.

20 Question 19 A user has forgotten his password and calls the help desk for assistance. The help-desk professional will reset the password and tell the user the new password. What should the help desk professional configure to ensure the user immediately resets the password? A. Password complexity B. Password masking C. Password expiration D. Password history

21 Question 20 Users in your network are required to change their passwords every sixty days. What is this an example of? A. Password strength requirement B. Password length requirement C. Password history requirement D. Password expiration requirement

22 Question 21 Your company has hired a temporary contractor that needs a computer account for sixty days. You want to ensure the account is automatically disabled after sixty days. What feature would you use? A. Account expiration B. Account lockout C. Deletion through automated scripting D. Manual deletion

23 Question 22 After an employee is terminated, what should be done to revoke the employee's access? A. Expire the password B. Lock out the account C. Disable the account D. Delete the account

24 Question 23 Management wants to prevent users in the Marketing Department from logging onto network systems between 6:00 p.m. and 5:00 a.m. How can this be accomplished? A. Account expiration B. Use time-of-day restrictions C. Password expiration D. Implement a detective control

25 Question 24 You have recently added a server to your network that will host data used and updated by employees. You want to monitor security events on the system. Of the following, what is the most important security event to monitor? A. Account login attempts B. UDP connections C. Data modifications D. TCP connections

26 Question 25 A password history value of three means which of the following? A. A password cannot be reused once changed for three years. B. Three different passwords are used before one can be reused. C. After three hours a password must be re-entered to continue. D. The server stores passwords in the database for three days.

27 Question 26 Which of the following is the BEST approach to perform risk mitigation of user access control rights? A. Implement periodic vulnerability scanning. B. Disable user accounts that have not been used within the last two weeks. C. Perform routine user permission reviews. D. Conduct surveys and rank the results.

28 Question 27 If Pete, a security administrator, wants to ensure that certain users can only gain access to the system during their respective shifts, which of the following best practices would he implement? A. Separation of duties B. Time of day restrictions C. Implicit deny rule D. Least privilege

29 Question 28 A small business owner has asked the security consultant to suggest an inexpensive means to deter physical intrusions at their place of business. Which of the following would BEST meet their request? A. Fake cameras B. Proximity readers C. Infrared cameras D. Security guards

30 Question 29 Employee badges are encoded with a private encryption key and specific personal information. The encoding is then used to provide access to the network. Which of the following describes this access control type? A. Smartcard B. Token C. Discretionary access control D. Mandatory access control

31 Question 30 A security administrator wants to check user password complexity. Which of the following is the BEST tool to use? A. Password history B. Password logging C. Password cracker D. Password hashing

32 Question 31 An employee is granted access to only areas of a network folder needed to perform their job. Which of the following describes this form of access control? A. Separation of duties B. Time of day restrictions C. Implicit deny D. Least privilege

33 Question 32 To help prevent unauthorized access to PCs, a security administrator implements screen savers that lock the PC after five minutes of inactivity. Which of the following controls is being described in this situation? A. Management B. Administrative C. Technical D. Operational

34 Question 33 To reduce an organization’s risk exposure by verifying compliance with company policy, which of the following should be performed periodically? A. Qualitative analysis B. Quantitative analysis C. Routine audits D. Incident management

35 Question 34 Which of the following access controls enforces permissions based on data labeling at specific levels? A. Mandatory access control B. Separation of duties access control C. Discretionary access control D. Role based access control

36 Question 35 Use of group accounts should be minimized to ensure which of the following? A. Password security B. Regular auditing C. Baseline management D. Individual accountability

37 Question 36 Sara, a company’s security officer, often receives reports of unauthorized personnel having access codes to the cipher locks of secure areas in the building. Sara should immediately implement which of the following? A. Acceptable Use Policy B. Physical security controls C. Technical controls D. Security awareness training

38 Question 37 Users require access to a certain server depending on their job function. Which of the following would be the MOST appropriate strategy for securing the server? A. Common access card B. Role based access control C. Discretionary access control D. Mandatory access control

39 Question 38 During an anonymous penetration test, Jane, a system administrator, was able to identify a shared print spool directory, and was able to download a document from the spool. Which statement BEST describes her privileges? A. All users have write access to the directory. B. Jane has read access to the file. C. All users have read access to the file. D. Jane has read access to the directory

40 Question 39 Pete, an IT Administrator, needs to secure his server room. Which of the following mitigation methods would provide the MOST physical protection? A. Sign in and sign out logs B. Mantrap C. Video surveillance D. HVAC

41 Question 40 Which of the following should be connected to the fire alarm system in order to help prevent the spread of a fire in a server room without data loss to assist in an FM-200 deployment? A. Water base sprinkler system B. Electrical C. HVAC D. Video surveillance

42 Question 41 Pete has obtained a highly sensitive document and has placed it on a network drive which has been formatted with NTFS and is shared via CIFS. Which of the following access controls apply to the sensitive file on the server? A. Discretionary B. Rule based C. Role based D. Mandatory

43 Question 42 A database server containing personal information and a file server containing non-critical information must be secured. Which of the following would be a BEST practice to secure the servers? (Select TWO). A. Place the file server behind a door requiring biometric authorization. B. Place both servers under the system administrator’s desk. C. Place the database server behind a door with a cipher lock. D. Place the file server in an unlocked rack cabinet. E. Place the database server behind a door requiring biometric authorization.

44 Question 43 A security technician is working with the network firewall team to implement access controls at the company’s demarc (telephony network) as part of the initiation of configuration management processes. One of the network technicians asks the security technician to explain the access control type found in a firewall. With which of the following should the security technician respond? A. Rule based access control B. Role based access control C. Discretionary access control D. Mandatory access contro

45 Question 44 Which of the following can be used to discover if a security attack is occurring on a web server? A. Creating a new baseline B. Disable unused accounts C. Implementing full disk encryption D. Monitoring access logs

46 Question 45 After a production outage, which of the following documents contains detailed information on the order in which the system should be restored to service? A. Succession planning B. Disaster recovery plan C. Information security plan D. Business impact analysis

Download ppt "Question 1 Of the following choices, what type of control is least privilege? A. Corrective B. Detective C. Preventative D. Technical."

Similar presentations

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.

1 of 2 This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS DOCUMENT. © 2006 Microsoft Corporation.
1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.

1 Chapter 8 Fundamentals of System Security. 2 Objectives In this chapter, you will: Understand the trade-offs among security, performance, and ease of.
BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.

BP5- METHODS BY WHICH PERSONAL DATA CAN BE PROTECTED Data Protection.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Module 4: Implementing User, Group, and Computer Accounts

Module 4: Implementing User, Group, and Computer Accounts
Information Security Policies and Standards

Information Security Policies and Standards
Security+ Guide to Network Security Fundamentals, Third Edition

Security+ Guide to Network Security Fundamentals, Third Edition
11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.

11 SUPPORTING LOCAL USERS AND GROUPS Chapter 3. Chapter 3: Supporting Local Users and Groups2 SUPPORTING LOCAL USERS AND GROUPS  Explain the difference.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.

Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.

7-Access Control Fundamentals Dr. John P. Abraham Professor UTPA.
Network security policy: best practices

Network security policy: best practices
1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.

1 Chapter Overview Creating User and Computer Objects Maintaining User Accounts Creating User Profiles.
Incident Response Updated 03/20/2015

Incident Response Updated 03/20/2015
Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.

Cloud Computing How secure is it? Author: Marziyeh Arabnejad Revised/Edited: James Childress April 2014 Tandy School of Computer Science.
Module 2: Managing User and Computer Accounts

Module 2: Managing User and Computer Accounts
1 LOGICAL ACCESS FOR University Medical Group Saint Louis University Click the Speaker Icon for Audio.

1 LOGICAL ACCESS FOR University Medical Group Saint Louis University Click the Speaker Icon for Audio.
 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.

 Review the security rule as it pertains to ›Physical Safeguards ♦ How to protect the ePHI in the work environment ♦ Implementation ideas for your office.
Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.

Module 9 Configuring Server Security Compliance. Module Overview Securing a Windows Infrastructure Overview of EFS Configuring an Audit Policy Overview.
Implementing Dynamic Host Configuration Protocol

Implementing Dynamic Host Configuration Protocol
11 SECURITY TEMPLATES AND PLANNING Chapter 7. Chapter 7: SECURITY TEMPLATES AND PLANNING2 OVERVIEW  Understand the uses of security templates  Explain.

11 SECURITY TEMPLATES AND PLANNING Chapter 7. Chapter 7: SECURITY TEMPLATES AND PLANNING2 OVERVIEW  Understand the uses of security templates  Explain.

Similar presentations

Ads by Google