Which of the following is the best course of action for the administrator to take?
The security administrator receives a service ticket saying a host based firewall is interfering with the
operation of a new application that is being tested in delevopment. The administrator asks for
clarification on which ports need to be open. The software vendor replies that it could use up to 20 ports
and many customers have disabled the host based firewall. After examining the system the administrator
sees several ports that are open for database and application servers that only used locally. The vendor
continues to recommend disabling the host based firewall. Which of the following is the best course of
action for the administrator to take?
Which of the following attacks did the security consultant use?
A corporate wireless guest network uses an open SSID with a captive portal to authenticate guest users.
Guests can obtain their portal password at the service desk. A security consultant alerts the administrator
that the captive portal is easily bypassed, as long as one other wireless guest user is on the network.
Which of the following attacks did the security consultant use?
Which of the following wireless protocols should be implemented?
A company requires that all wireless communication be compliant with the Advanced encryption
standard. The current wireless infrastructure implements WEP + TKIP. Which of the following wireless
protocols should be implemented?
Which of the following is the FIRST step in responding to scan results?
A security analyst, while doing a security scan using packet c capture security tools, noticed large volumes
of data images of company products being exfiltrated to foreign IP addresses. Which of the following is
the FIRST step in responding to scan results?
Which of the following is the MOST likely cause of the warning message?
An administrator deploys a WPA2 Enterprise wireless network with EAP-PEAP-MSCHAPv2. The
deployment is successful and company laptops are able to connect automatically with no user
intervention. A year later, the company begins to deploy phones with wireless capabilities. Users report
that they are receiving a warning when they attempt to connect to the wireless network from their
phones. Which of the following is the MOST likely cause of the warning message?
Which off the following BEST describes this type of attack?
An attacker has gained access to the company’s web server by using the administrator’s credentials. The
attacker then begins to work on compromising the sensitive data on other servers. Which off the
following BEST describes this type of attack?
Which of the following technologies, when deployed, would provide the BEST round the clock automated protectio
A security technician is concerned there4 is not enough security staff available the web servers and
database server located in the DMZ around the clock. Which of the following technologies, when
deployed, would provide the BEST round the clock automated protection?
Which of the following best describes the objectives of succession planning?
Which of the following best describes the objectives of succession planning?
As a part of the download and installation process, the administrator should verify the integrity of the softw
A system administrator wants to use open source software but is worried about the source code being
comprised. As a part of the download and installation process, the administrator should verify the
integrity of the software by:
which of the following would the CSO MOST likely to reduce the number of incidents?
The chief security officer (CSO) has reported a rise in data loss but no break-ins have occurred. By doing
which of the following would the CSO MOST likely to reduce the number of incidents?