QUESTION 391
An administrator needs to segment internal traffic between layer 2 devices within the LAN. Which of the following types of network design elements would MOST likely be used?
A. Routing
B. DMZ
C. VLAN
D. NAT
Answer: C
QUESTION 391
An administrator needs to segment internal traffic between layer 2 devices within the LAN. Which of the following types of network design elements would MOST likely be used?
A. Routing
B. DMZ
C. VLAN
D. NAT
Answer: C
QUESTION 381
A software developer is responsible for writing the code on an accounting application. Another software developer is responsible for developing code on a system in human resources. Once a year they have to switch roles for several weeks. Which of the following practices is being implemented?
A. Mandatory vacations
B. Job rotation
C. Least privilege
D. Separation of duties
Answer: B
QUESTION 371
An online store wants to protect user credentials and credit card information so that customers can store their credit card information and use their card for multiple separate transactions. Which of the following database designs provides the BEST security for the online store?
A. Use encryption for the credential fields and hash the credit card field
B. Encrypt the username and hash the password
C. Hash the credential fields and use encryption for the credit card field
D. Hash both the credential fields and the credit card field
Answer: C
QUESTION 361
Jane, a security administrator, needs to implement a secure wireless authentication method that uses a remote RADIUS server for authentication. Which of the following authentication methods should Jane use?
A. WPA2-PSK
B. WEP-PSK
C. CCMP
D. LEAP
Answer: D
QUESTION 351
Which of the following ports should be opened on a firewall to allow for NetBIOS communication? (Select TWO).
A. 110
B. 137
C. 139
D. 143
E. 161
F. 443
Answer: BC
QUESTION 341
A process in which the functionality of an application is tested without any knowledge of the internal mechanisms of the application is known as:
A. Black box testing
B. White box testing
C. Black hat testing
D. Gray box testing
Answer: A
QUESTION 331
Which of the following protocols would be used to verify connectivity between two remote devices at the HIGHEST level of the OSI model?
A. ICMP
B. IPSec
C. SCP
D. TCP
Answer: C
QUESTION 321
An advantage of virtualizing servers, databases, and office applications is:
A. Centralized management.
B. Providing greater resources to users.
C. Stronger access control.
D. Decentralized management.
Answer: A
QUESTION 311
Which of the following would a security administrator implement in order to identify a problem between two applications that are not communicating properly?
A. Protocol analyzer
B. Baseline report
C. Risk assessment
D. Vulnerability scan
Answer: A
QUESTION 301
Which of the following can a security administrator implement on mobile devices that will help prevent unwanted people from viewing the data if the device is left unattended?
A. Screen lock
B. Voice encryption
C. GPS tracking
D. Device encryption
Answer: A