SANS - SEC530 EXAM WITH CORRECT ANSWERS
Which type of private VLAN ports may only communicate with
promiscuous ports?
A) Isolated
B) Promiscuous
C) Network
D) Community - --Answers----A) Isolated
Which of the following wireless standards supports up to 1300
Mbps?
A) 802.11b
B) 802.11ac
C) 802.11n
D) 802.11w - --Answers----B) 802.11ac
In which phase of the security architecture design lifecycle is
threat modeling and attack surface analysis conducted?
A) Scan
,B) Discover and Assess
C) Plan
D) Design - --Answers----C) Plan
Which of the following is the best practice to mitigate against the
Cisco Discovery Protocol (CDP) information leakage attack?
A) Disable the CDP unless expressly required.
B) No mitigations are needed since CDP is secure by default.
C) Schedule the CDP patch regularly.
D) Enable the SECDP feature in the CDP to secure the CDP. - --
Answers----A) Disable the CDP unless expressly required.
Which of the following prevents physical access to the network
when plugging in an unauthorized device?
A) MAC address filtering
B) Packet filtering firewall
C) Background checks
D) Two-factor authentication - --Answers----A) MAC address
filtering
,What would be one of the first steps for a security architect
when building or redesigning a security architecture to secure an
organization?
A) Remove unnecessary egress traffic
B) Perform a perimeter pen test
C) Deploy patches to external systems
D) Identify critical assets - --Answers----D) Identify critical
assets
Which of the following is a recommended USB keyboard
mitigation for sites requiring high security?
A) Disable USB ports in the system.
B) Restrict USB devices with approved PIDs and VIDs.
C) Block the USB devices physically.
D) Restrict USB devices with approved user accounts. - --
Answers----C) Block the USB devices physically.
Which of the following Cisco IOS commands is used to shut the
port down automatically when the maximum number of MAC
addresses is exceeded?
A) switchport port-security violation shutdown
B) switchport port-security limit rate source-mac-shutdown
, C) switchport port-security violation auto-shutdown
D) switchport port-security mac-exceed-port-shutdown - --
Answers----A) switchport port-security violation shutdown
What is a common failing associated with focusing only on
compliance-drive security?
A) Compliance-driven security tends to focus only on hardening
internal systems.
B) Compliance-driven security tends to focus only on hardening
the perimeter.
C) Compliance-driven security tends to be costly in terms of
solutions and resources.
D) Compliance-driven security tends to fail in the face of a
persistent adversary. - --Answers----D) Compliance-driven
security tends to fail in the face of a persistent adversary.
Which of the following is described by Lockheed Martin as a
countermeasure action to the Kill Chain?
A) Disrupt
B) Prevent
C) React
D) Remove - --Answers----A) Disrupt
Which type of private VLAN ports may only communicate with
promiscuous ports?
A) Isolated
B) Promiscuous
C) Network
D) Community - --Answers----A) Isolated
Which of the following wireless standards supports up to 1300
Mbps?
A) 802.11b
B) 802.11ac
C) 802.11n
D) 802.11w - --Answers----B) 802.11ac
In which phase of the security architecture design lifecycle is
threat modeling and attack surface analysis conducted?
A) Scan
,B) Discover and Assess
C) Plan
D) Design - --Answers----C) Plan
Which of the following is the best practice to mitigate against the
Cisco Discovery Protocol (CDP) information leakage attack?
A) Disable the CDP unless expressly required.
B) No mitigations are needed since CDP is secure by default.
C) Schedule the CDP patch regularly.
D) Enable the SECDP feature in the CDP to secure the CDP. - --
Answers----A) Disable the CDP unless expressly required.
Which of the following prevents physical access to the network
when plugging in an unauthorized device?
A) MAC address filtering
B) Packet filtering firewall
C) Background checks
D) Two-factor authentication - --Answers----A) MAC address
filtering
,What would be one of the first steps for a security architect
when building or redesigning a security architecture to secure an
organization?
A) Remove unnecessary egress traffic
B) Perform a perimeter pen test
C) Deploy patches to external systems
D) Identify critical assets - --Answers----D) Identify critical
assets
Which of the following is a recommended USB keyboard
mitigation for sites requiring high security?
A) Disable USB ports in the system.
B) Restrict USB devices with approved PIDs and VIDs.
C) Block the USB devices physically.
D) Restrict USB devices with approved user accounts. - --
Answers----C) Block the USB devices physically.
Which of the following Cisco IOS commands is used to shut the
port down automatically when the maximum number of MAC
addresses is exceeded?
A) switchport port-security violation shutdown
B) switchport port-security limit rate source-mac-shutdown
, C) switchport port-security violation auto-shutdown
D) switchport port-security mac-exceed-port-shutdown - --
Answers----A) switchport port-security violation shutdown
What is a common failing associated with focusing only on
compliance-drive security?
A) Compliance-driven security tends to focus only on hardening
internal systems.
B) Compliance-driven security tends to focus only on hardening
the perimeter.
C) Compliance-driven security tends to be costly in terms of
solutions and resources.
D) Compliance-driven security tends to fail in the face of a
persistent adversary. - --Answers----D) Compliance-driven
security tends to fail in the face of a persistent adversary.
Which of the following is described by Lockheed Martin as a
countermeasure action to the Kill Chain?
A) Disrupt
B) Prevent
C) React
D) Remove - --Answers----A) Disrupt
