Correct Answer:

IPSec is correct. IP Security (IPSec) provides encryption, integrity, and authentication for data tunneled over virtual private networks (VPNs) across public networks.

Incorrect Answers:

S/MIME is incorrect. Secure Multipurpose Internet Mail Extensions (S/MIME) is used for encrypting e-mail messages.

SSH is incorrect. Secure Shell (SSH) is a secure remote access utility.

MD5 is incorrect. Message Digest 5 (MD5) is a hashing algorithm for integrity checking.

Correct Answer:

There is a rogue access point is correct. A hacker has set up an open wireless access point in the vicinity of your wireless network, and the user has unknowingly connected to it. The hacker was able to analyze the network data to discover the user’s credentials.

Incorrect Answers:

A war driving attack took place is incorrect. A war driving attack occurs when a hacker connects to an open network from outside the facility.

The user is running a legacy 802.11 protocol is incorrect. Using a legacy protocol would not prevent the user from connecting to a rogue access point.

The user did not authenticate is incorrect. The user requires authentication if she connects to your organization’s network. A rogue access point is typically set up with no security, for easy access.

Correct Answer:

Change the “public” community name is correct. The default community name for the Simple Network Management Protocol (SNMP), “public,” acts as a password between the SNMP monitor and the device. If you do not change the default, any user with an SNMP monitor can access the device using the “public” community string.

Incorrect Answers:

Ensure the monitoring station is protected by a firewall is incorrect. Putting the monitoring station behind a firewall will not provide any protection for the SNMP clients.

Close SNMP TCP and UDP port 161 on the client is incorrect. Disabling SNMP on the client by closing port 161 means that the client cannot be monitored.

Disable ICMP is incorrect. Disabling the Internet Control Message Protocol (ICMP) will have no effect on SNMP functionality.

Correct Answer:

Awareness training is correct. With awareness training, users can recognize the signs of suspicious messages, viruses, malware, and phishing links that should be brought to the attention of the administrator before they spread through the company’s network. This can be effective even if there are no signatures available for a threat.

Incorrect Answers:

Antivirus software is incorrect. Antivirus software is not able to detect new viruses that do not have a pattern or signature defined.

Firewall is incorrect. A firewall cannot block all threats, especially zero-day application-based malware threats, from the users.

Logging and auditing is incorrect. Logging and regularly auditing the logs is not a preventive measure for zero-day threats.

Correct Answer:

Checking video surveillance footage is correct. If you have video surveillance of the server room, you will have video evidence of the unauthorized user entering the server room and taking the device.

Incorrect Answers:

Checking the access card log is incorrect. The access card is stolen and will only show the times when the unauthorized user entered the room, not the user’s identity.

Checking firewall logs is incorrect. Firewall logs will only show evidence of network intrusion, not a physical intrusion.

Correct Answer:

Data classification is correct. Data classification schemes, such as “public,” “classified,” and “secret,” can help you configure data controls to search for these classification levels in documents being transmitted outside of your network.

Incorrect Answers:

Anti-malware scanning is incorrect. Anti-malware scanning does not provide any type of content control for files; it only checks for malware.

Checksum hashes on outgoing attachments is incorrect. Checksum hashes are only used to make sure your documents are not altered from the original.

Caching proxy server is incorrect. A caching proxy server only caches content; it does not perform document content control.

Correct Answer:

Adding another power supply is correct. By adding a second power supply, you ensure that the servers will not power off if one of the power supplies fails.

Incorrect Answers:

Adding a second ISP is incorrect. Adding another Internet service provider (ISP) for your organization only improves redundancy for your network communications, not your file server hardware.

Using a backup tape system is incorrect. Using a backup tape system only provides redundancy and backup for your data, not your hardware.

Installing cooling fans in the server cabinet is incorrect. Cooling fans help regulate the temperature but do not provide any hardware redundancy.

Correct Answer:

Telnet is correct. The Telnet service provides remote access and should be disabled on this web server to prevent hackers from connecting to it.

Incorrect Answers:

HTTP and HTTPS are incorrect. HTTP and HTTPS are required web services.

TCP/IP is incorrect. TCP/IP is the entire protocol stack used by all Internet network devices.

Correct Answer:

Use a policy to disable HTML images in the e-mail client is correct. If the HTML images are not from a trusted source, you can set your e-mail clients to not load HTML images by default. Use a policy to enable this feature for all clients on your network.

Incorrect Answers:

Make sure client anti-malware signatures are up to date is incorrect. The anti-malware program will only scan downloaded files and will not prevent the user from visiting a malicious website.

Use a web browser to read HTML messages is incorrect. The user will still be directed to the same website if they read the HTML message using a web browser.

Use a web-caching proxy server is incorrect. A caching proxy server will not prevent the user from visiting the malicious website.

Correct Answer:

25 is correct. TCP port 25 is used by the Simple Mail Transport Protocol (SMTP) to connect to and deliver mail between e-mail servers.

Incorrect Answers:

110 and 143 are incorrect. TCP ports 110 and 143 are used by the Post Office Protocol (POP) and Internet Message Access Protocol (IMAP), respectively, to allow clients to retrieve mail from an e-mail server.

443 is incorrect. TCP port 443 is used by Hypertext Transfer Protocol over SSL/TLS (HTTPS).