A small IT security form has an internal network composed of laptops, servers, and printers. The network has both wired and wireless segments and supports VPN access from remote sites. To protect the network from internal and external threats, including social engineering attacks, the company decides to implement stringent security controls. Which of the following lists is the BEST combination of security controls to implement?
A. Disable SSID broadcast, require full disk encryption on servers, laptop, and personally owned electronic devices, enable MAC filtering on WAPs, require photographic ID to enter the building. B. Enable port security; divide the network into segments for servers, laptops, public and remote users; apply ACLs to all network equipment; enable MAC filtering on WAPs; and require two-factor authentication for network access. C. Divide the network into segments for servers, laptops, public and remote users; require the use of one time pads for network key exchange and access; enable MAC filtering ACLs on all servers. D. Enable SSID broadcast on a honeynet; install monitoring software on all corporate equipment’ install CCTVs to deter social engineering; enable SE Linux in permissive mode.
The sales force in an organization frequently travel to remote sites and requires secure access to an internal server with an IP address of 192.168.0.220. Assuming services are using default ports, which of the following firewall rules would accomplish this objective? (Select Two)
A. Permit TCP 20 any 192.168.0.200 B. Permit TCP 21 any 192.168.0.200 C. Permit TCP 22 any 192.168.0.200 D. Permit TCP 110 any 192.168.0.200 E. Permit TCP 139 any 192.168.0.200 F. Permit TCP 3389 any 192.168.0.200
Ann a member of the Sales Department has been issued a company-owned laptop for use when traveling to remote sites. Which of the following would be MOST appropriate when configuring security on her laptop?
A. Configure the laptop with a BIOS password B. Configure a host-based firewall on the laptop C. Configure the laptop as a virtual server D. Configure a host based IDS on the laptop
A network consists of various remote sites that connect back to two main locations. Pete, the security administrator, needs to block TELNET access into the network. Which of the following, by default, would be the BEST choice to accomplish this goal?
A. Block port 23 on the L2 switch at each remote site B. Block port 23 on the network firewall C. Block port 25 on the L2 switch at each remote site D. Block port 25 on the network firewall
Correct Answer: B Section: Network Security
Telnet is a terminal-emulation network application that supports remote connectivity for executing commands and running applications but doesn’t support transfer of fi les. Telnet uses TCP port 23. Because it’s a clear text protocol and service, it should be avoided and replaced with SSH.
A, C: L2 switches may interconnect a small number of devices in a home or the office. They are normally used for LANs.
D: Port 25 is used by Simple Mail Transfer Protocol (SMTP) for e-mail routing between mail servers.
Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, p. 51
Sara, a security technician, has received notice that a vendor coming in for a presentation will require access to a server outside of the network. Currently, users are only able to access remote sites through a VPN connection. How could Sara BEST accommodate the vendor?
A. Allow incoming IPSec traffic into the vendor’s IP address. B. Set up a VPN account for the vendor, allowing access to the remote site. C. Turn off the firewall while the vendor is in the office, allowing access to the remote site. D. Write a firewall rule to allow the vendor to have access to the remote site.
Correct Answer: D Section: Network Security
Firewall rules are used to define what traffic is able pass between the firewall and the internal network. Firewall rules block the connection, allow the connection, or allow the connection only if it is secured. Firewall rules can be applied to inbound traffic or outbound traffic and any type of network.
A: Doing this will not allow the vendor access to the network. It will only allow the vendor to receive IPSec encrypted messages.
B: This will allow the vendor to access the remote site from anywhere.
C: turning off the firewall will remove all rules configured, making the network vulnerable.
Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 96, 103, 157