A security administrator wants to configure a company’s wireless network in a way that will prevent wireless clients from broadcasting the company’s SSID. Which of the following should be configured on the company’s access points?
A. Enable ESSID broadcast
B. Enable protected management frames.
C. Enable wireless encryption
D. Disable MAC authentication
E. Disable WPS
F. Disable SSID broadcast
Tricky one! Notice that we want to stop the CLIENTS from broadcasting the SSID. They will typically do this when they don’t see an existing SSID, so they broadcast a request for SSID’s they’ve previously connected to. The question asks what to do on the ACCESS POINTS, so by simply enabling the ESSID (SSID) broadcast, the clients will not have to do any broadcasting themselves.
Multiple organizations operating in the same vertical want to provide seamless wireless access for their employees as they visit the other organizations. Which of the following should be implemented if all the organizations use the native 802.1x client on their mobile devices?
B. RADIUS federation
E. OpenID connect
In a corporation where compute utilization spikes several times a year, the Chief Information Officer (CIO) has requested a cost-effective architecture to handle the variable capacity demand. Which of the following characteristics BEST describes what the CIO has requested?
C. High availability
Elasticity is defined as “the degree to which a system is able to adapt to workload changes by provisioning and de-provisioning resources in an autonomic manner, such that at each point in time the available resources match the current demand as closely as possible”.
A security analyst is diagnosing an incident in which a system was compromised from an external IP address.
The socket identified on the firewall was traced to 184.108.40.206:6666. Which of the following should the security analyst do to determine if the compromised system still has an active connection?
Which of the following would a security specialist be able to determine upon examination of a server’s certificate?
A. CA public key
B. Server private key
The process of applying a salt and cryptographic hash to a password then repeating the process many times is known as which of the following?
A. Collision resistance
B. Rainbow table
C. Key stretching
D. Brute force attack
Which of the following penetration testing concepts is being used when an attacker uses
public Internet databases to enumerate and learn more about a target?
B. Initial exploitation
D. Vulnerability scanning
E. White box testing
Which of the following best describes the initial processing phase used in mobile device
A. The phone should be powered down and the battery removed to preserve the state of
data on any internal or removable storage utilized by the mobile device
B. The removable data storage cards should be processed first to prevent data alteration
when examining the mobile device
C. The mobile device should be examined first, then removable storage and lastly the
phone without removable storage should be examined again
D. The phone and storage cards should be examined as a complete unit after examining
the removable storage cards separately.
A member of a digital forensics team, Joe arrives at a crime scene and is preparing to collect system data. Before powering the system off, Joe knows that he must collect the most volatile date first.
Which of the following is the correct order in which Joe should collect the data?
A. CPU cache, paging/swap files, RAM, remote logging data
B. RAM, CPU cache. Remote logging data, paging/swap files
C. Paging/swap files, CPU cache, RAM, remote logging data
D. CPU cache, RAM, paging/swap files, remote logging data
A security consultant discovers that an organization is using the PCL protocol to print documents, utilizing the default driver and print settings. Which of the following is the MOST likely risk in this situation?
A. An attacker can access and change the printer configuration.
B. SNMP data leaving the printer will not be properly encrypted.
C. An MITM attack can reveal sensitive information.
D. An attacker can easily inject malicious code into the printer firmware.
E. Attackers can use the PCL protocol to bypass the firewall of client computers.