A security analyst has been investigating an incident involving the corporate website. Upon investigation, it has been determined that users visiting the corporate website would be automatically redirected to a, malicious site. Further investigation on the corporate website has revealed that the home page on the corporate website has been altered to include an unauthorized item. Which of the following would explain why users are being redirected to the malicious site?
A. DNS poisoning B. XSS C. Iframe D. Session hijacking
A company wishes to prevent unauthorized employee access to the data center. Which of the following is the MOST secure way to meet this goal?
A. Use Motion detectors to signal security whenever anyone entered the center B. Mount CCTV cameras inside the center to monitor people as they enter C. Install mantraps at every entrance to the data center in conjunction with their badges D. Place biometric readers at the entrances to verify employees’ identity
The IT department has been tasked with reducing the risk of sensitive information being shared with unauthorized entities from computers it is saved on, without impeding the ability of the employees to access the internet. Implementing which of the following would be the best way to accomplish this objective?
A. Host-based firewalls B. DLP C. URL filtering D. Pop-up blockers
A company has several public conference room areas with exposed network outlets. In the past, unauthorized visitors and vendors have used the outlets for internet access. The help desk manager does not want the outlets to be disabled due to the number of training sessions in the conference room and the amount of time it takes to get the ports either patched in or enabled. Which of the following is the best option for meeting this goal?
A. Flood guards B. Port security C. 802.1x D. Loop protection E. IPSec
The internal audit group discovered that unauthorized users are making unapproved changes to various system configuration settings. This issue occurs when previously authorized users transfer from one department to another and maintain the same credentials. Which of the following controls can be implemented to prevent such unauthorized changes in the future?
A. Periodic access review B. Group based privileges C. Least privilege D. Account lockout
A BYOD policy in which employees are able to access the wireless guest network is in effect in an organization. Some users however are using the Ethernet port in personal laptops to the wired network. Which of the following could an administrator use to ensure that unauthorized devices are not allowed to access the wired network?
A. VLAN access rules configured to reject packets originating from unauthorized devices B. Router access lists configured to block the IP addresses of unauthorized devices C. Firewall rules configured to block the MAC addresses of unauthorized devices D. Port security configured shut down the port when unauthorized devices connect
A wireless site survey has been performed at a company. One of the results of the report is that the wireless signal extends too far outside the building. Which of the following security issues could occur as a result of this finding?
A. Excessive wireless access coverage B. Interference with nearby access points C. Exhaustion of DHCP address pool D. Unauthorized wireless access
A company discovers an unauthorized device accessing network resources through one of many network drops in a common area used by visitors. The company decides that is wants to quickly prevent unauthorized devices from accessing the network but policy prevents the company from making changes on every connecting client. Which of the following should the company implement?
A. Port security B. WPA2 C. Mandatory Access Control D. Network Intrusion Prevention
A security administrator is installing a single camera outside in order to detect unauthorized vehicles in the parking lot. Which of the following is the MOST important consideration when deploying a CCTV camera to meet the requirement?
A. Training B. Expense C. Resolution D. Field of view
After several thefts a Chief Executive Officer (CEO) wants to ensure unauthorized do not have to corporate grounds or its employees. The CEO just approved new budget line items for fences, lighting, locks and CCTVs. Which of the following is the primary focus?
A. Safety B. Confidentiality C. Availability D. Integrity