Correct Answer:

Install screen privacy guards is correct. When screen privacy guards are in place, a nearby person cannot easily see the screen of a user and her actions.

Incorrect Answers:

Create an acceptable use policy, use encrypted authentication, and implement photo ID cards are incorrect. None of these techniques specifically prevents shoulder-surfing attempts

Correct Answer:

Distributed denial-of-service attack is correct. A distributed denial-of-service (DDoS) attack comes from several different source IP addresses.

Incorrect Answers:

Denial-of-service attack is incorrect. A general denial-of-service attack comes from one specific source attacker.

Spoof attack is incorrect. Although the addresses may be spoofed, the attack is coming from several different IP addresses, which makes it less likely to be spoofed.

On-path attack is incorrect. An on-path attack intercepts network data between two devices.

Correct Answer:

Redundant routers for the same ISP is correct. Although you have redundancy at the router level, if your Internet service provider (ISP) communications fail, there are no backup communications. You should have at least one more communications line to a different ISP.

Incorrect Answers:

Redundant power supplies on a server, RAID 5 hard drive systems on a server, and dual fiber cabling for the network backbone are incorrect. Each of these solutions provides true redundancy in the event of a failure.

Correct Answer:

ICMP is correct. The Internet Control Message Protocol (ICMP) is the core protocol used by the ping and traceroute utilities for network diagnostics, and it should be disabled on the server.

Incorrect Answers:

NTP is incorrect. The Network Time Protocol (NTP) is used with time services.

DNS is incorrect. The Domain Name System (DNS) is used for hostname to IP address resolution.

SNMP is incorrect. The Simple Network Management Protocol (SNMP) is used for network monitoring.

Correct Answer:

Error and exception handling is correct. Error messages must be informative to the user, but system details should never be revealed. You should improve the error and exception handling in your application so that it does not reveal system details in the event of a crash or malfunction.

Incorrect Answers:

Input validation is incorrect. Input validation makes sure that users can’t enter illegal characters into application input fields.

Fuzzing is incorrect. Fuzzing is used to test input validation through the entry of random characters.

Escaping is incorrect. Escaping is a technique used when processing input fields to process command characters inserted into the input as text data to prevent commands from being run.

Correct Answer:

Legal hold is correct. If your legal counsel determines that evidence should be collected for any reason, be it a pending investigation, litigation, or other situation where evidence would be required, a legal hold must be formally initiated. A legal hold halts the usual backup and disposition processes, and immediately puts your personnel into data protection mode.

Incorrect Answers:

Chain of custody is incorrect. Chain of custody refers to the requirement that all evidence be properly labeled with information on who secured and validated it.

Order of volatility is incorrect. Order of volatility refers to prioritizing collection of data evidence that is less persistent and more volatile over collection of data evidence that is more persistent and less volatile.

Acquisition is incorrect. Acquisition is the process of collecting data from different mediums for use within an investigation.

Correct Answer:

Host-based intrusion detection system is correct. A host-based intrusion detection system (HIDS) monitors a specific host for suspicious behavior that could indicate someone is trying to break into the system.

Incorrect Answer:

Anti-malware application is incorrect. An anti-malware application only searches for malware on the host and doesn’t detect intrusions and unauthorized users.

Host-based firewall is incorrect. A host-based firewall will not detect unauthorized intrusions physically accessing the management console.

Auditing application is incorrect. An auditing application will only audit the logs and will not actively detect immediate intrusions.

Correct Answer:

Lower the power of wireless transmissions on your access points is correct. You can limit the power level of transmissions on your wireless network to control the range and speed of wireless access. This way, you can limit the range of your access point coverage to just the needed areas of your location.

Incorrect Answers:

Remove the access points closest to the outside walls is incorrect. Removing access points could leave internal users’ devices without wireless access.

Extend the antennas of your access points is incorrect. Extending the antennas of your access points increases the range of your transmission.

Transmit on a narrow-band frequency is incorrect. Narrow-band technologies do not limit wireless transmissions; they only limit transmissions to a specific frequency.

Correct Answer:

Gas-powered generator is correct. The data center requires a gas-powered generator that can provide power continuously until electrical power is restored.

Power conditioner is incorrect. A power conditioner only helps provide consistent and clean power.

UPS and battery backup are incorrect. An uninterruptible power supply (UPS) and battery backup provide backup power for only a short period of time.

Correct Answer:

MAC address filtering is correct. Media Access Control (MAC) address filtering ensures that only specific systems can access the wireless network. The hardware MAC address of each authorized system is programmed into the wireless network base stations so that only those hardware addresses can connect.

Incorrect Answers:

WPA3 encryption and WPA2 encryption are incorrect. Encryption alone cannot filter specific systems from entering the network.

SSID is incorrect. Modifying the service set identifier (SSID) does not stop specific systems from accessing the wireless network if they know the network.