A security program manager wants to actively test the security posture of a system. The system is not yet in production and has no uptime requirement or active user base. Which of the following methods will produce a report which shows vulnerabilities that were actually exploited?
A. Peer review
B. Component testing
C. Penetration testing
D. Vulnerability testing
A security administrator must implement a system to ensure that invalid certificates are not used by a custom developed application. The system must be able to check the validity of certificates even when internet access is unavailable. Which of the following MUST be implemented to support this requirement?
A. CSR
B. OCSP
C. CRL
D. SSH
A security administrator needs to implement a system that detects possible intrusions based upon a vendor provided list. Which of the following BEST describes this type of IDS?
A. Signature based
B. Heuristic
C. Anomaly-based
D. Behavior-based
A technician needs to implement a system which will properly authenticate users by their username and password only when the users are logging in from a computer in the office building. Any attempt to authenticate from a location other than the office building should be rejected. Which of the following MUST the technician implement?
A. Dual factor authentication
B. Transitive authentication
C. Single factor authentication
D. Biometric authentication
An organization uses a Kerberos-based LDAP service for network authentication. The service is also utilized for internal web applications. Finally access to terminal applications is achieved using the same authentication method by joining the legacy system to the Kerberos realm. This company is using Kerberos to achieve which of the following?
A. Trusted Operating System
B. Rule-based access control
C. Single sign on
D. Mandatory access control
A company is implementing a system to transfer direct deposit information to a financial institution. One of the requirements is that the financial institution must be certain that the deposit amounts within the file have not been changed. Which of the following should be used to meet the requirement?
A. Key escrow
B. Perfect forward secrecy
C. Transport encryption
D. Digital signatures
E. File encryption
A web administrator has just implemented a new web server to be placed in production. As part of the company’s security plan, any new system must go through a security test before it is placed in production. The security team runs a port scan resulting in the following data:
21 tcp open FTP
23 tcp open Telnet
22 tcp open SSH
25 UDP open smtp
110 tcp open pop3
443 tcp open https
Which of the following is the BEST recommendation for the web administrator?
A. Implement an IPS
B. Disable unnecessary services
C. Disable unused accounts
D. Implement an IDS
E. Wrap TELNET in SSL
Which of the following forms of software testing can best be performed with no knowledge of how a system is internally structured or functions? (Select Two.)
A. Boundary testing
B. White box
C. Fuzzing
D. Black box
E. Grey Box
An administrator is implementing a new management system for the machinery on the company’s production line. One requirement is that the system only be accessible while within the production facility. Which of the following will be the MOST effective solution in limiting access based on this requirement?
A. Access control list
B. Firewall policy
C. Air Gap
D. MAC filter
A security administrator finds that an intermediate CA within the company was recently breached. The certificates held on this system were lost during the attack, and it is suspected that the attackers had full access to the system. Which of the following is the NEXT action to take in this scenario?
A. Use a recovery agent to restore the certificates used by the intermediate CA
B. Revoke the certificate for the intermediate CA
C. Recover the lost keys from the intermediate CA key escrow
D. Issue a new certificate for the root CA
