A retail store uses a wireless network for its employees to access inventory from anywhere in the store. Due to concerns regarding the aging wireless network, the store manager has brought in a consultant to harden the network. During the site survey, the consultant discovers that the network was using WEP encryption. Which of the following would be the BEST course of action for the consultant to recommend?
A. Replace the unidirectional antenna at the front of the store with an omni-directional antenna. B. Change the encryption used so that the encryption protocol is CCMP-based. C. Disable the network’s SSID and configure the router to only access store devices based on MAC addresses. D. Increase the access point’s encryption from WEP to WPA TKIP.
Answer: B
Explanation: CCMP is the standard encryption protocol for use with the WPA2 standard and is much more secure than the WEP protocol and TKIP protocol of WPA. CCMP provides the following security services: Data confidentiality; ensures only authorized parties can access the information Authentication; provides proof of genuineness of the user Access control in conjunction with layer management
Incorrect Options:
A: The antenna type deals with signal strength and direction. It will not have a bearing on whether technology is older.
C: This option would “cloak” the network, not harden the network.
D: WPA2, which uses CCMP as its standard encryption protocol, more secure than WPA-TKIP.
Reference: http://en.wikipedia.org/wiki/CCMP http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access Stewart, James Michael, CompTIA Security+ Review Guide, Sybex, Indianapolis, 2014, pp. 61, 63
The Chief Information Officer (CIO) is concerned with moving an application to a SaaS cloud provider. Which of the following can be implemented to provide for data confidentiality assurance during and after the migration to the cloud?
A. HPM technology B. Full disk encryption C. DLP policy D. TPM technology
Answer: C
Explanation: Data loss prevention (DLP) systems monitor the contents of systems (workstations, servers, and networks) to make sure that key content is not deleted or removed. They also monitor who is using the data (looking for unauthorized access) and transmitting the data. The Software as a Service (SaaS) applications are remotely run over the Web and as such requires DLP monitoring.
A security administrator has implemented a policy to prevent data loss. Which of the following is the BEST method of enforcement?
A. Internet networks can be accessed via personally-owned computers. B. Data can only be stored on local workstations. C. Wi-Fi networks should use WEP encryption by default. D. Only USB devices supporting encryption are to be used.
Answer: D
Explanation: The concern for preventing data loss is the concern for maintaining data confidentiality. This can
be accomplished through encryption, access controls, and steganography. USB encryption is usually provided by the vendor of the USB device. It is not included on all USB devices.
A network administrator has been tasked with securing the WLAN. Which of the following cryptographic products would be used to provide the MOST secure environment for the WLAN?
A. WPA2 CCMP B. WPA C. WPA with MAC filtering D. WPA2 TKIP
Answer: A
Explanation: CCMP is the standard encryption protocol for use with the WPA2 standard and is much more secure than the WEP protocol and TKIP protocol of WPA. CCMP provides the following security services: Data confidentiality; ensures only authorized parties can access the information Authentication; provides proof of genuineness of the user Access control in conjunction with layer management
Because CCMP is a block cipher mode using a 128-bit key, it is secure against attacks to the 264 steps of operation.
A security administrator wants to ensure that the message the administrator sends out to their Chief Financial Officer (CFO) does not get changed in route. Which of the following is the administrator MOST concerned with?
A. Data confidentiality B. High availability C. Data integrity D. Business continuity
Answer: C
Explanation: Integrity is the process of ensuring that the information has not been altered during transmission. This can be accomplished by means of hashing.
An access point has been configured for AES encryption but a client is unable to connect to it. Which of the following should be configured on the client to fix this issue?
A. WEP B. CCMP C. TKIP D. RC4
Answer: B
Explanation: CCMP is an encryption protocol designed for Wireless LAN products that implement the standards of the IEEE 802.11i amendment to the original IEEE 802.11 standard. CCMP is an enhanced data cryptographic encapsulation mechanism designed for data confidentiality and based upon the Counter Mode with CBC-MAC (CCM) of the AES standard.
Elastic cloud computing environments often reuse the same physical hardware for multiple customers over time as virtual machines are instantiated and deleted. This has important implications for which of the following data security concerns?
A. Hardware integrity B. Data confidentiality C. Availability of servers D. Integrity of data
Answer: B
Explanation: Data that is not kept separate or segregated will impact on that data’s confidentiality maybe being compromised. Be aware of the fact that your data is only as safe as the data with which it is integrated. For example, assume that your client database is hosted on a server that another company is also using to test an application that they are creating. If their application obtains root-level access at some point (such as to change passwords) and crashes at that point, then the user running the application could be left with root permissions and conceivably be to access data on the server for which they are not authorized, such as your client database. Data segregation is crucial; keep your data on secure servers.
A security administrator has deployed all laptops with Self Encrypting Drives (SED) and enforces key encryption. Which of the following represents the greatest threat to maintaining data confidentiality with these devices?
A. Full data access can be obtained by connecting the drive to a SATA or USB adapter bypassing the SED hardware. B. A malicious employee can gain the SED encryption keys through software extraction allowing access to other laptops. C. If the laptop does not use a Secure Boot BIOS, the SED hardware is not enabled allowing full data access. D. Laptops that are placed in a sleep mode allow full data access when powered back on.
Answer: D
Explanation: Hardware-based encryption when built into the drive is transparent to the user. The drive except for bootup authentication operates just like any drive with no degradation in performance. When the computer is started up, the user is prompted to enter a password to allow the system to boot and allow access to the encrypted drive. When a laptop is placed into sleep mode (also known as standby mode), the computer is placed into a low power mode. In sleep mode, the computer is not fully shut down. The screen is turned off, the hard disks are turned off and the CPU is throttled down to its lowest power state. However, the computer state is maintained in memory (RAM). Most computers can be ‘woken’ from sleep mode by pressing any key on the keyboard or pressing the power button. The computer can be configured to require a password on wake up, but if a password is not required, the computer will wake up and be logged in as it was at the time of going into sleep mode. This would enable full access to the data stored on the disks.