A company wishes to prevent unauthorized employee access to the data center. Which of the following is the MOST secure way to meet this goal?
A. Use Motion detectors to signal security whenever anyone entered the center B. Mount CCTV cameras inside the center to monitor people as they enter C. Install mantraps at every entrance to the data center in conjunction with their badges D. Place biometric readers at the entrances to verify employees’ identity
A company’s application is hosted at a data center. The data center provides security controls for the infrastructure. The data center provides a report identifying serval vulnerabilities regarding out of date OS patches. The company recommends the data center assumes the risk associated with the OS vulnerabilities. Which of the following concepts is being implemented?
A. Risk Transference B. Risk Acceptance C. Risk Avoidance D. Risk Deterrence
The help desk is receiving numerous reports that a newly installed biometric reader at the entrance of the data center has a high of false negatives. Which of the following is the consequence of this reported problem?
A. Unauthorized employees have access to sensitive systems B. All employees will have access to sensitive systems C. No employees will be able to access the datacenter D. Authorized employees cannot access sensitive systems
An employee from the fire Marshall’s office arrives to inspect the data center. The operator allows him to bypass the multi-factor authentication to enter the data center. Which of the following types of attacks may be underway?
A. Impersonation B. Hoax C. Tailgating D. Spoofing
In order to enter a high-security data center, users are required to speak the correct password into a voice recognition system. Ann, a member of the sales department, overhears the password and later speaks it into the system. The system denies her entry and alerts the security team. Which of the following is the MOST likely reason for her failure to enter the data center?
A. An authentication factor B. Discretionary Access C. Time of Day Restrictions D. Least Privilege Restrictions
A security manager installed a standalone fingerprint reader at the data center. All employees that need to access the data center have been enrolled to the reader and local reader database is always kept updates. When an employee who has been enrolled uses the fingerprint reader the door to the data center opens. Which of the following does this demonstrate? (Select THREE)
A. Two-factor authentication B. Single sign-on C. Something you have D. Identification E. Authentication F. Authorization
One of the findings of risk assessment is that many of the servers on the data center subnet contain data that is in scope for PCI compliance, Everyone in the company has access to these servers, regardless of their job function. Which of the following should the administrator do?
A. Segment the network B. Use 802.1X C. Deploy a proxy sever D. Configure ACLs E. Write an acceptable use policy
A large corporation has data centers geographically distributed across multiple continents. The company needs to securely transfer large amounts of data between the data center. The data transfer can be accomplished physically or electronically, but must prevent eavesdropping while the data is on transit. Which of the following represents the BEST cryptographic solution?
A. Driving a van full of Micro SD cards from data center to data center to transfer data B. Exchanging VPN keys between each data center via an SSL connection and transferring the data in the VPN C. Using a courier to deliver symmetric VPN keys to each data center and transferring data in the VPN D. Using PKI to encrypt each file and transferring them via an Internet based FTP or cloud server
Correct Answer: B Section: Application, Data and Host Security
A virtual private network (VPN) is an encrypted communication tunnel that connects two systems over an untrusted network, such as the Internet. They provide security for both
authentication and data transmission through a process called encapsulation.
Secure Sockets Layer (SSL) can be used to exchange the VPN keys securely. SSL is used to establish secure TCP communication between two machines by encrypting the
A: The data centers are geographically distributed across multiple continents. This makes it difficult to transport the data by driving a van.
C: Symmetrical keys are rendered useless when the key is stolen as the same key is used for encryption and decryption.
D. PKI can be used to encrypt the data but transferring the data via FTP or a cloud server is not advisable. FTP is inherently insecure while cloud servers are used for storage.
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 45, 304-305, 310-311
An administrator is assigned to monitor servers in a data center. A web server connected to the Internet suddenly experiences a large spike in CPU activity. Which of the following is the MOST likely cause?
A. Spyware B. Trojan C. Privilege escalation D. DoS
Correct Answer: D Section: Threats and Vulnerabilities
A Distributed Denial of Service (DDoS) attack is a DoS attack from multiple computers whereas a DoS attack is from a single computer. In terms of the actual method of attack, DDoS and DoS attacks are the same. One common method of attack involves saturating the target machine with external communications requests, so much so that it cannot respond to legitimate traffic, or responds so slowly as to be rendered essentially unavailable. Such attacks usually lead to a server overload. A distributed denial-of-service (DDoS) attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example a botnet) flooding the targeted system with traffic. When a server is overloaded with connections, new connections can no longer be accepted. The major advantages to an attacker of using a distributed denial-of-service attack are that multiple machines can generate more attack traffic than one machine, multiple attack machines are harder to turn off than one attack machine, and that the behavior of each attack machine can be stealthier, making it harder to track and shut down. These attacker advantages cause challenges for defense mechanisms. For example, merely purchasing more incoming bandwidth than the current volume of the attack might not help, because the attacker might be able to simply add more attack machines. This after all will end up completely crashing a website for periods of time. Malware can carry DDoS attack mechanisms; one of the better-known examples of this was MyDoom. Its DoS mechanism was triggered on a specific date and time. This type of DDoS involved hardcoding the target IP address prior to release of the malware and no further interaction was necessary to launch the attack.
A: Spyware is software that aids in gathering information about a person or organization without their knowledge and that may send such information to another entity without theconsumer’s consent, or that asserts control over a computer without the consumer’s knowledge. “Spyware” is mostly classified into four types: system monitors, trojans, adware, and tracking cookies. Spyware is mostly used for the purposes of tracking and storing Internet users’ movements on the Web and serving up pop-up ads to Internet users. Whenever spyware is used for malicious purposes, its presence is typically hidden from the user and can be difficult to detect. Some spyware, such as keyloggers, may be installed by the owner of a shared, corporate, or public computer intentionally in order to monitor users. It’s more likely that a DoS attack would cause a spike in CPU activity.
B: A Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan horse was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus. It’s more likely that a DoS attack would cause a spike in CPU activity.
C: Privilege escalation is the act of exploiting a bug, design flaw or configuration oversight in an operating system or software application to gain elevated access to resources that are normally protected from an application or user. Privilege escalation would not cause a spike in CPU activity.