Q1. Your Web server crashes at exactly the point where it reaches 1 million total visits. You discover the cause of the server crash is malicious code. Which description best fits this code?
A. Virus
B. Worm
C. Polymorphic Virus
D. Logic Bomb
Answer: D
Q2. Mark works as a Network Administrator for TechMart Inc. The company has a Windows-based network He has been assigned a project to take care of the sensitive data that can be hacked if any of the laptop computers would be misplaced. Mark is required to ensure the con? dentiality of data on the mobile stations, all of which are running Windows 7 Enterprise. Which of the following will Mark use to accomplish the task?
A. BitLocker
B. Confidential File System
C. Kerberos
D. Encrypting File System (EFS)
Answer: A
Q3. Which of the following helps prevent security failures?
A. Social engineering
B. Denial-of-Service attack
C. Attack surface reduction
D. Snooping
Answer: C
Q4. Which of the following ports is used by the IMAP4 protocol?
A. 443
B. 53
C. 143
D. 110
Answer: C
Q5. Which of the following is a central, secure database in which Windows stores all hardware configuration information, software configuration information, and system security policies?
A. Registry
B. Program files folder
C. DLL file
D. Configuration file
Answer: A
Q6. Mark works as a Network Administrator fot Blue Well Inc. The company has a Windows-based network. Mark is facing a series of problems with email spam and identifying theft via phishing scams. He wants to implement the various security measures and to provide some education because it is related to the best practices while using email. Which of the following will Mark ask to employees of his company to do when they receive an email from a company they know with a request to click the link to "verify their account information"?
A. Provide the required information
B. Hide the email
C. Use Read-only Domain Controller
D. Delete the email
Answer: D
Q7. Mark works as a Security Administrator for TechMart Inc. The company has a a Windows-based network. Mark has gone through a security audit for ensuring that the technical system is secure and protected. While this audit, he identified many areas that need improvement. He wants to minimize the risk for potential security threats by educating team members in the area of social engineering, and providing basic security principle knowledge while stressing the Con?dentiality, Integrity, and Availability triangle in the training of his team members . Which of the following ways will Mark use for educating his team members on the social engineering process?
A. He will call a team member while behaving to be someone else for gaining access to sensitive information.
B. He will use group policies to disable the use of floppy drives or USB drives.
C. He will develop a social awareness of security threats within an organization.
D. He will protect against a Distributed Denial of Services attack.
Answer: A
Q8. Which of the following is a secret numeric password shared between a user and a system for authenticating the user to the system?
A. PIN
B. Private key
C. Key escrow
D. Public key
Answer: A
Q9. You work as a security manager for Company Inc. An individual is connecting to your corporate internal network over the Internet. You have to ensure that he is not an intruder masquerading as an authorized user. Which of the following technologies will you use to accomplish the task?
A. Two-factor authentication
B. IP address packet filtering
C. Intrusion detection system (IDS)
D. Embedded digital signature
Answer: A
Q10. Which of the following are indications of a virus attack on a computer? Each correct answer represents a complete solution. Choose three.
A. Although the computer has sufficient memory, an out-of-memory error message is displayed.
B. The applications installed on the computer system work properly.
C. An antivirus program is not able to run.
D. The computer runs slower than usual and stops responding.
Answer: ACD