|Which authorization lets users access a requested resource on behalf of others? Explicit Authorization Decentralized Authorization Implicit Authorization Centralized Authorization.
An IT company has just been hit with a severe external security breach. To enhance the company’s security posture, the network admin has decided to first block all the services and then individually enable only the necessary services. What is such an Internet access policy called? Paranoid Policy Permissive Policy Promiscuous Policy Prudent Policy.
What is composite signature-based analysis? Multiple packet analysis is required to detect attack signatures Attack signatures are contained in packet headers Attack signatures are contained in packet payloads Single Packet analysis is enough to identify attack signatures.
John is backing up files that have been changed or created since the last full backup. Which backup technique is John implementing? Incremental Differential Full Normal.
How does Windows’ in-built security component, AppLocker, whitelist applications? Using Certificate Rule Using Signature Rule Using Path Rule Using Internet Zone Rule.
Which RAID level does not provide data redundancy? RAID level 0 RAID level 1 RAID level 50 RAID level 10.
How is the chip-level security of an IoT device achieved? By closing insecure network services By encrypting the JTAG interface By changing the password of the router By turning off the device when not needed or not in use.
USB ports enabled on a laptop is an example of ____ Network Attack Surface System Attack Surface Software attack Surface Physical Attack Surface.
Which of the following defines the extent to which an interruption affects normal business operations and the amount of revenue lost due to that interruption? Recovery Capacity Objective Recovery Consistency Objective Recovery Time Objective Recovery Point Objective.
Jeanne is working as a network administrator in an IT company. She wants to control/limit container access to CPU, memory, swap, block IO (rates), network. Which Linux kernel feature allows Jeanne to manage, restrict, and audit groups of the process? Cgroups LSMs Seccomp Userns.
Which of the following is the primary goal of network defense? To prevent all network attacks To detect and respond to network attacks To eliminate all network vulnerabilities To educate end-users on security best practices.
What is a honeypot? A type of firewall A fake system designed to attract attackers A tool for network mapping A type of intrusion detection system.
What is the purpose of vulnerability scanning? To detect known vulnerabilities in a system To prevent all attacks on a system To test the effectiveness of a system’s security controls To simulate a real-world attack on a system.
Which of the following can be performed with software or hardware devices in order to record everything a person types using his or her keyboard? Warchalking Keystroke logging War dialing IRC bot .
FILL BLANK -
Fill in the blank with the appropriate term.
A ______________ is a translation device or service that is often controlled by a separate Media Gateway Controller, which provides the call control and signaling functionality.
Which of the following tools is a free laptop tracker that helps in tracking a user's laptop in case it gets stolen SAINT Adeona Snort Nessus.
FILL BLANK -
Fill in the blank with the appropriate term. ______________is a free open-source utility for network exploration and security auditing that is used to discover computers and services on a computer network, thus creating a "map" of the network.
FILL BLANK -
Fill in the blank with the appropriate term. ______________is a powerful and low-interaction open source honeypot.
Which of the following statements are true about volatile memory? Each correct answer represents a complete solution. Choose all that apply. Read-Only Memory (ROM) is an example of volatile memory. The content is stored permanently, and even the power supply is switched off. The volatile storage device is faster in reading and writing data It is computer memory that requires power to maintain the stored information. .
Which of the following statements are true about volatile memory? Each correct answer represents a complete solution. Choose all that apply. Read-Only Memory (ROM) is an example of volatile memory. The content is stored permanently, and even the power supply is switched off. The volatile storage device is faster in reading and writing data. It is computer memory that requires power to maintain the stored information.
Which of the following firewalls are used to track the state of active connections and determine the network packets allowed to enter through the firewall? Each correct answer represents a complete solution. Choose all that apply Circuit-level gateway Stateful Proxy server Dynamic packet-filtering .
Which of the following statements are NOT true about the FAT16 file system? Each correct answer represents a complete solution. Choose all that apply. It does not support file-level security. It works well with large disks because the cluster size increases as the disk partition size increases. It supports the Linux operating system. It supports file-level compression. .
FILL BLANK -
Fill in the blank with the appropriate term. The ____________ is used for routing voice conversations over the Internet. It is also known by other names such as IP
Telephony, Broadband Telephony, etc.
FILL BLANK -
Fill in the blank with the appropriate term. The ___________ protocol is a feature of packet-based data transmission protocols. It is used to keep a record of the frame sequences sent and their respective acknowledgements received by both the users.
Fill in the blank with the appropriate term. A ______________ is a set of tools that take Administrative control of a computer system without authorization by the computer owners and/or legitimate managers.
Which of the following standards is an amendment to the original IEEE 802.11 and specifies security mechanisms for wireless networks? 802.11b 802.11e 802.11i 802.11a.
Which of the following tools is an open source network intrusion prevention and detection system that operates as a network sniffer and logs activities of the network that is matched with the predefined signatures? Dsniff KisMAC Snort Kismet.
Which of the following is a non-profit organization that oversees the allocation of IP addresses, management of the DNS infrastructure, protocol parameter assignment, and root server system management? ANSI IEEE ITU ICANN .
Which of the following devices allows wireless communication devices to connect to a wireless network using Wi-Fi, Bluetooth, or related standards? Express card WAP WNIC Wireless repeater None.
Which of the following protocols uses a control channel over TCP and a GRE tunnel operating to encapsulate PPP packets? PPTP ESP LWAPP SSTP.
Which of the following procedures is designed to enable security personnel to identify, mitigate, and recover from malicious computer incidents, such as unauthorized access to a system or data, denial-of-service, or unauthorized changes to system hardware, software, or data? Cyber Incident Response Plan Crisis Communication Plan Disaster Recovery Plan Occupant Emergency Plan.
Which of the following TCP commands are used to allocate a receiving buffer associated with the specified connection? Send Close None Receive Interrupt.
You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company.
The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task? Each correct answer represents a complete solution. Choose all that apply. History folder Temporary Internet Folder Cookies folder Download folder.
Which of the following layers of the TCP/IP model maintains data integrity by ensuring that messages are delivered in the order in which they are sent and that there is no loss or duplication? Transport layer Link layer Internet layer Application layer.
Which of the following is a telecommunication service designed for cost-efficient data transmission for intermittent traffic between local area networks (LANs) and between end-points in a wide area network (WAN)? PPP Frame relay ISDN X.25 None.
Which of the following policies is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly? Information protection policy Remote access policy Group policy Password policy.
Which of the following biometric devices is used to take impressions of the friction ridges of the skin on the underside of the tip of the fingers? Facial recognition device Iris camera Voice recognition voiceprint Fingerprint reader.
Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs, DNS listings, and Web pages. He then sends a large number of unsolicited commercial e-mail (UCE) messages to these addresses. Which of the following e-mail crimes is Peter committing? E-mail spam E-mail storm E-mail bombing E-mail spoofing.
Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system? Spoofing Smurf Session hijacking Phishing.
Which of the following are the common security problems involved in communications and email? Each correct answer represents a complete solution. Choose all that apply. Message replay Identity theft Message modification Message digest Message repudiation Eavesdropping False message.
Which of the following layers of TCP/IP model is used to move packets between the Internet Layer interfaces of two different hosts on the same link? Application layer Internet layer Link layer Transport Layer None.
Management decides to implement a risk management system to reduce and maintain the organization's risk at an acceptable level. Which of the following is the correct order in the risk management phase? Risk Identification, Risk Assessment, Risk Treatment, Risk Monitoring & Review Risk Treatment, Risk Monitoring & Review, Risk Identification, Risk Assessment Risk Assessment, Risk Treatment, Risk Monitoring & Review, Risk Identification Risk Identification. Risk Assessment. Risk Monitoring & Review, Risk Treatment.
John has implemented________in the network to restrict the limit of public IP addresses in his
organization and to enhance the firewall filtering technique. DMZ Proxies VPN NAT.
What command is used to terminate certain processes in an Ubuntu system? #grep Kill [Target Process} #kill-9[PID] #ps ax Kill # netstat Kill [Target Process].
Consider a scenario consisting of a tree network. The root Node N is connected to two man nodes N1
and N2. N1 is connected to N11 and N12. N2 is connected to N21 and N22. What will happen if any one of the main nodes fail? Failure of the main node affects all other child nodes at the same level irrespective of the main node Does not cause any disturbance to the child nodes or its tranmission Failure of the main node will affect all related child nodes connected to the main node Affects the root node only.
Stephanie is currently setting up email security so all company data is secured when passed through
email. Stephanie first sets up encryption to make sure that a specific user's email is protected. Next, she
needs to ensure that the incoming and the outgoing mail has not been modified or altered using digital
signatures. What is Stephanie working on? Confidentiality Availability Data Integrity Usability.
Simran is a network administrator at a start-up called Revolution. To ensure that neither party in the company can deny getting email notifications or any other communication, she mandates authentication before a connection establishment or message transfer occurs. What fundamental attribute of network defense is she enforcing?
Integrity Non-repudiation Confidentiality Authentication.
Steven is a Linux system administrator at an IT company. He wants to disable unnecessary services in the system, which can be exploited by the attackers. Which among the following is the correct syntax for disabling a service?
sudo system-ctl disable [service] sudo systemctl disable [service] sudo system.ctl disable [service] sudo system ctl disable [service].
Identify the virtualization level that creates a massive pool of storage areas for different virtual machines running on the hardware. Fabric virtualization Storage device virtualization Server virtualization File system virtualization.
How is an ''attack'' represented? Motive (goal) + method Motive (goal) + method + vulnerability Asset + Threat + Vulnerability Asset + Threat.
Sophie has been working as a Windows network administrator at an MNC over the past 7 years. She wants to check whether SMB1 is enabled or disabled. Which of the following command allows Sophie to do so?
-FeatureNames SMB1Protocol Get-WindowsOptionalFeature -Online -FeatureName SMB1Protocol Get-WindowsOptionalFeature -Online -FeatureNames SMB1Protocol Get-WindowsOptionalFeatures -Online -FeatureName SMB1Protocol.
Which of the following can be used to disallow a system/user from accessing all applications except a specific folder on a system? Hash rule Path rule Internet zone rule Certificate rule.
Which of the following indicators refers to potential risk exposures that attackers can use to breach the security of an organization? Indicators of attack Key risk indicators Indicators of exposure Indicators of compromise.
Simran is a network administrator at a start-up called Revolution. To ensure that neither party in the company can deny getting email notifications or any other communication, she mandates authentication before a connection establishment or message transfer occurs. What fundamental attribute of network defense is she enforcing? Integrity Non-repudiation Confidentiality Authentication.
Damian is the chief security officer of Enigma Electronics. To block intruders and prevent any environmental accidents, he needs to set a two-factor authenticated keypad lock at the entrance, rig a fire suppression system, and link any video cameras at various corridors to view the feeds in the surveillance room. What layer of network defense-in-depth strategy is he trying to follow? Physical Perimeter Policies and procedures Host.
Sophie has been working as a Windows network administrator at an MNC over the past 7 years. She wants to check whether SMB1 is enabled or disabled. Which of the following command allows Sophie to do so? Get-WindowsOptionalFeatures -Online -FeatureNames SMB1Protocol Get-WindowsOptionalFeature -Online -FeatureName SMB1Protocol Get-WindowsOptionalFeature -Online -FeatureNames SMB1Protocol Get-WindowsOptionalFeatures -Online -FeatureName SMB1Protocol.