- Set 1 (Q1 to Q30)
- Set 2 (Q31 to Q60)
- Set 3 (Q61 to Q90)
- Set 4 (Q91 to Q120)
- Set 5 (Q121 to Q150)
- Set 6 (Q151 to Q180)
- Set 7 (Q181 to Q210)
- Set 8 (Q211 to Q240)
- Set 9 (Q241 to Q270)
- Set 10 (Q271 to Q300)
- Set 11 (Q301 to Q330)
- Set 12 (Q331 to Q360)
- Set 13 (Q361 to Q390)
- Set 14 (Q391 to Q420)
- Set 15 (Q421 to Q450)
- Set 16 (Q451 to Q480)
- Set 17 (Q481 to Q510)
- Set 18 (Q511 to Q540)
- Set 19 (Q541 to Q570)
- Set 20 (Q571 to Q600)
- Set 21 (Q601 to Q630)
- Set 22 (Q631 to Q660)
- Set 23 (Q661 to Q690)
- Set 24 (Q691 to Q720)
Q361 - Which of the following is the BEST way to protect Personally Identifiable Information (PII) from being exploited due to vulnerabilities of varying web applications?
- Use cryptographic storage to store all PII
- Use full disk encryption on all hard drives to protect PII
- Use encrypted communications protocols to transmit PII
- Use a security token to log into all Web applications that use PII
Q362 - Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastest way she can accomplish this with Nmap? Stealth is not a concern.
- nmap -sn -sF 10.1.0.0/16 445
- nmap -p 445 -n -T4 -open 10.1.0.0/16
- nmap -s 445 -sU -T5 10.1.0.0/16
- nmap -p 445 -max -Pn 10.1.0.0/16
Q363 - It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. This malware generates a pop-up window, webpage, or email warning from what looks like an official authority. It explains that your computer has been locked because of possible illegal activities on it and demands payment before you can access your files and programs again. Which of the following terms best matches the definition?
Q364 - What are the three types of authentication?
- Something you: know, remember, prove
- Something you: have, know, are
- Something you: show, prove, are
- Something you: show, have, prove
Q365 - What is the proper response for a NULL scan if the port is open?
- No response
Q366 - An nmap command that includes the host specification of 202.176.56-57.* will scan _______ number of hosts.
- Over 10, 000
Q367 - What is the code written for?
- Buffer Overflow
- Denial-of-service (Dos)
Q368 - When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's computer to update the router configuration. What type of an alert is this?
- False positive
- False negative
- True positve
- True negative
Q369 - How does an operating system protect the passwords used for account logins?
- The operating system performs a one-way hash of the passwords.
- The operating system stores the passwords in a secret file that users cannot find.
- The operating system encrypts the passwords, and decrypts them when needed.
- The operating system stores all passwords in a protected segment of non-volatile memory.
Q370 - What type of analysis is performed when an attacker has partial knowledge of innerworkings of the application?
Q371 - Which of the following settings enables Nessus to detect when it is sending too many packets and the network pipe is approaching capacity?
- Netstat WMI Scan
- Silent Dependencies
- Consider unscanned ports as closed
- Reduce parallel connections on congestion
Q372 - Name two software tools used for OS guessing? (Choose two.)
Answer: A and C
Q373 - What is one thing a tester can do to ensure that the software is trusted and is not changing or tampering with critical data on the back end of a system it is loaded on?
- Proper testing
- Secure coding principles
- Systems security and architecture review
- Analysis of interrupts within the software
Q374 - Bob received this text message on his mobile phone: ""Hello, this is Scott Smelby from the Yahoo Bank. Kindly contact me for a vital transaction on: email@example.com"". Which statement below is true?
- This is probably a legitimate message as it comes from a respectable organization.
- Bob should write to firstname.lastname@example.org to verify the identity of Scott.
- This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.
- This is a scam because Bob does not know Scott.
Q375 - You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?
- nmap -A - Pn
- nmap -sP -p-65535-T5
- nmap -sT -O -T0
- nmap -A --host-timeout 99-T1
Q376 - Which of the following is the BEST approach to prevent Cross-site Scripting (XSS) flaws?
- Use digital certificates to authenticate a server prior to sending data.
- Verify access right before allowing access to protected information and UI controls.
- Verify access right before allowing access to protected information and UI controls.
- Validate and escape all information sent to a server.
Q377 - Which of the following is a preventive control?
- Smart card authentication
- Security policy
- Audit trail
- Continuity of operations plan
Q378 - To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program. What term is commonly used when referring to this type of testing?
Q379 - What is the broadcast address for the subnet 188.8.131.52/22?
Q380 - Which of the following security operations is used for determining the attack surface of an organization?
- Running a network scan to detect network services in the corporate DMZ
- Training employees on the security policy regarding social engineering
- Reviewing the need for a security clearance for each employee
- Using configuration management to determine when and where to apply security patches
Q381 - Which tier in the N-tier application architecture is responsible for moving and processing data between the tiers?
- Application Layer
- Data tier
- Presentation tier
- Logic tier
Q382 - The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host 10.0.0.3. He also needs to permit all FTP traffic to the rest of the network and deny all other traffic. After he applied his ACL configuration in the router, nobody can access to the ftp, and the permitted hosts cannot access the Internet. According to the next configuration, what is happening in the network?
- The ACL 104 needs to be first because is UDP
- The ACL 110 needs to be changed to port 80
- The ACL for FTP must be before the ACL 110
- The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router
Q383 - How can a policy help improve an employee's security awareness?
- By implementing written security procedures, enabling employee security training, and promoting the benefits of security
- By using informal networks of communication, establishing secret passing procedures, and immediately terminating employees
- By sharing security secrets with employees, enabling employees to share secrets, and establishing a consultative help line
- By decreasing an employee's vacation time, addressing ad-hoc employment clauses, and ensuring that managers know employee strengths
Q384 - Company A and Company B have just merged and each has its own Public Key Infrastructure (PKI). What must the Certificate Authorities (CAs) establish so that the private PKIs for Company A and Company B trust one another and each private PKI can validate digital certificates from the other company?
- Poly key exchange
- Cross certification
- Poly key reference
- Cross-site exchange
Q385 - Risks = Threats x Vulnerabilities is referred to as the:
- Risk equation
- Threat assessment
- BIA equation
- Disaster recovery formula
Q386 - In 2007, this wireless security algorithm was rendered useless by capturing packets and discovering the passkey in a matter of seconds. This security flaw led to a network invasion of TJ Maxx and data theft through a technique known as wardriving. Which Algorithm is this referring to?
- Wired Equivalent Privacy (WEP)
- Wi-Fi Protected Access (WPA)
- Wi-Fi Protected Access 2 (WPA2)
- Temporal Key Integrity Protocol (TKIP)
Q387 - This kind of password cracking method uses word lists in combination with numbers and special characters:
- Brute Force
Q388 - Which of the following security policies defines the use of VPN for gaining access to an internal corporate network?
- Network security policy
- Remote access policy
- Information protection policy
- Access control policy
Q389 - Which of the following ensures that updates to policies, procedures, and configurations are made in a controlled and documented fashion?
- Regulatory compliance
- Peer review
- Change management
- Penetration testing
Q390 - Within the context of Computer Security, which of the following statements describes Social Engineering best?
- Social Engineering is the act of publicly disclosing information
- Social Engineering is the means put in place by human resource to perform time accounting
- Social Engineering is the act of getting needed information from a person rather than breaking into a system
- Social Engineering is a training program within sociology studies