- Set 1 (Q1 to Q30)
- Set 2 (Q31 to Q60)
- Set 3 (Q61 to Q90)
- Set 4 (Q91 to Q120)
- Set 5 (Q121 to Q150)
- Set 6 (Q151 to Q180)
- Set 7 (Q181 to Q210)
- Set 8 (Q211 to Q240)
- Set 9 (Q241 to Q270)
- Set 10 (Q271 to Q300)
- Set 11 (Q301 to Q330)
- Set 12 (Q331 to Q360)
- Set 13 (Q361 to Q390)
- Set 14 (Q391 to Q420)
- Set 15 (Q421 to Q450)
- Set 16 (Q451 to Q480)
- Set 17 (Q481 to Q510)
- Set 18 (Q511 to Q540)
- Set 19 (Q541 to Q570)
- Set 20 (Q571 to Q600)
- Set 21 (Q601 to Q630)
- Set 22 (Q631 to Q660)
- Set 23 (Q661 to Q690)
- Set 24 (Q691 to Q720)
Q31 - Which DNS resource record can indicate how long any "DNS poisoning" could last?
Q32 - During the process of encryption and decryption, what keys are shared?During the process of encryption and decryption, what keys are shared?
- Private keys
- User passwords
- Public keys
- Public and private keys
Q33 - Using Windows CMD, how would an attacker list all the shares to which the current usercontext has access?
- NET USE
- NET CONFIG
- NET FILE
- NET VIEW
Q34 - What does the following command in netcat do? nc -l -u -p55555 < /etc/passwd
- logs the incoming connections to /etc/passwd file
- loads the /etc/passwd file to the UDP port 55555
- grabs the /etc/passwd file when connected to UDP port 55555
- deletes the /etc/passwd file when connected to the UDP port 55555
Q35 - Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracledatabase server has been compromised and customer information along with financial data has beenstolen. The financial loss will be estimated in millions of dollars if the database gets into the hands ofcompetitors. Sandra wants to report this crime to the law enforcement agencies immediately. Whichorganization coordinates computer crime investigations throughout the United States?
Q36 - Which of the following is a characteristic of Public Key Infrastructure (PKI)?
- Public-key cryptosystems are faster than symmetric-key cryptosystems.
- Public-key cryptosystems distribute public-keys within digital signatures.
- Public-key cryptosystems do not require a secure key distribution channel.
- Public-key cryptosystems do not provide technical non-repudiation via digital signatures.
Q37 - A network administrator received an administrative alert at 3:00 a.m. from the intrusiondetection system. The alert was generated because a large number of packets were coming into thenetwork over ports 20 and 21. During analysis, there were no signs of attack on the FTP servers. How should the administratorclassify this situation?
- True negatives
- False negatives
- True positives
- False positives
Q38 - In the OSI model, where does PPTP encryption take place?
- Transport layer
- Application layer
- Data link layer
- Network layer
Q39 - Websites and web portals that provide web services commonly use the Simple Object Access Protocol SOAP.Which of the following is an incorrect definition or characteristics in the protocol?
- Based on XML
- Provides a structured model for messaging
- Exchanges data between web services
- Only compatible with the application protocol HTTP
Q40 - A common cryptographical tool is the use of XOR. XOR the following binary values: 10110001 and 00111010
Q41 - Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?
- A. Metasploit scripting engine
- Nessus scripting engine
- NMAP scripting engine
- SAINT scripting engine
Q42 - During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network. What is this type of DNS configuration commonly called?
- Split DNS
- DNS Scheme
Q43 - A security administrator notices that the log file of the company's webserver contains suspicious entries:
Based on source code analysis, the analyst concludes that the login.php script is vulnerable to
- command injection.
- SQL injection.
- directory traversal.
- LDAP injection.
Q44 - PGP, SSL, and IKE are all examples of which type of cryptography?
- Public Key
- Secret Key
- Hash Algorithm
Q45 - Which of the following commands runs snort in packet logger mode?
- ./snort -dev -h ./log
- ./snort -dev -l ./log
- ./snort -dev -o ./log
- ./snort -dev -p ./log
Q46 - An Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, Digital Subscriber Lines (DSL), wireless data services, and Virtual Private Networks (VPN) over a Frame Relay network. Which AAA protocol is most likely able to handle this requirement?
- A. RADIUS
Q47 - Smart cards use which protocol to transfer the certificate in a secure manner?
- A. Extensible Authentication Protocol (EAP)
- Point to Point Protocol (PPP)
- Point to Point Tunneling Protocol (PPTP)
- Layer 2 Tunneling Protocol (L2TP)
Q48 - Every company needs a formal written document which spells out to employees precisely what they are allowed to use the company's systems for, what is prohibited, and what will happen to them if they break the rules. Two printed copies of the policy should be given to every employee as soon as possible after they join the organization. The employee should be asked to sign one copy, which should be safely filed by the company. No one should be allowed to use the company's computer systems until they have signed the policy in acceptance of its terms. What is this document called?
- Information Audit Policy (IAP)
- Information Security Policy (ISP)
- Penetration Testing Policy (PTP)
- Company Compliance Policy (CCP)
Q49 - One way to defeat a multi-level security solution is to leak data via
- a bypass regulator.
- a covert channel.
- asymmetric routing.
Q50 - Your next door neighbor, that you do not get along with, is having issues with their network, so he yells to his spouse the network's SSID and password and you hear them both clearly. What do you do with this information?
- Nothing, but suggest to him to change the network's SSID and password.
- Sell his SSID and password to friends that come to your house, so it doesn't slow down your network.
- Log onto to his network, after all it's his fault that you can get in.
- Only use his network when you have large downloads so you don't tax your own network.
Q51 - A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?
- Firewall-management policy
- Acceptable-use policy
- Remote-access policy
- Permissive policy
Q52 - You just set up a security system in your network. In what kind of system would you find the following string of characters used as a rule within its configuration?
alert tcp any any -> 192.168.100.0/24 21 (msg: "FTP on the network!";)
- An Intrusion Detection System
- A firewall IPTable
- A Router IPTable
- FTP Server rule
Q53 - Which of the following open source tools would be the best choice to scan a network for potential targets?
- John the Ripper
Q54 - Which of the following is the successor of SSL?
Q55 - Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?
Q56 - Joseph was the Web site administrator for the Mason Insurance in New York, who's main Web site was located at www.masonins.com. Joseph uses his laptop computer regularly to administer the Web site. One night, Joseph received an urgent phone call from his friend, Smith. According to Smith, the main Mason Insurance web site had been vandalized! All of its normal content was removed and replaced with an attacker's message ''Hacker Message: You are dead! Freaks!" From his office, which was directly connected to Mason Insurance's internal network, Joseph surfed to the Web site using his laptop. In his browser, the Web site looked completely intact. No changes were apparent. Joseph called a friend of his at his home to help troubleshoot the problem. The Web site appeared defaced when his friend visited using his DSL connection. So, while Smith and his friend could see the defaced page, Joseph saw the intact Mason Insurance web site. To help make sense of this problem, Joseph decided to access the Web site using hisdial-up ISP. He disconnected his laptop from the corporate internal network and used his modem to dial up the same ISP used by Smith. After his modem connected, he quickly typed www.masonins.com in his browser to reveal the following web page:
Y0u @re De@d! Fre@ks!
After seeing the defaced Web site, he disconnected his dial-up line, reconnected to the internal network, and used Secure Shell (SSH) to log in directly to the Web server. He ran Tripwire against the entire Web site, and determined that every system file and all the Web content on the server were intact. How did the attacker accomplish this hack?
- ARP spoofing
- SQL injection
- DNS poisoning
- Routing table injection
Q57 - Under what conditions does a secondary name server request a zone transfer from a primary name server?
- When a primary SOA is higher that a secondary SOA
- When a secondary SOA is higher that a primary SOA
- When a primary name server has had its service restarted
- When a secondary name server has had its service restarted
- When the TTL falls to zero
Q58 - Which of the following can take an arbitrary length of input and produce a message digest output of 160 bit?
Q59 - You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place.
Your peer, Peter Smith who works at the same department disagrees with you. He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of "weakest link" in the security chain.
What is Peter Smith talking about?
- Untrained staff or ignorant computer users who inadvertently become the weakest link in your security chain
- "zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks
- "Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks
- Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway
Q60 - Which of the following types of firewalls ensures that the packets are part of the established session?
- Stateful inspection firewall
- Circuit-level firewall
- Application-level firewall
- Switch-level firewall