EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following terms is used for a router that filters traffic before it is passed to the firewall?

Question2: Which of the following are application layer protocols of Internet protocol (IP) suite?
Each correct answer represents a complete solution. Choose two.

Question3: You are working on your computer system with Linux Operating system. After working for a few hours, the hard disk goes to the inactive state (sleep). You try to restart the system and check the power circuits. You later discover that the hard disk has crashed. Which of the following precaution methods should you apply to keep your computer safe from such issues?

Question4: Which of the following tools is an open source protocol analyzer that can capture traffic in real time?

Question5: The Project Risk Management knowledge area focuses on which of the following processes?
Each correct answer represents a complete solution. Choose all that apply.

Question6: You are working as a project manager in your organization. You are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control?

Question7: Which of the following authentication methods uses MD5 hash encoding while transferring credentials over a network?

Question8: Computer networks and the Internet are the prime mode of Information transfer today. Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?

Question9: Which of the following statements is not true about a digital certificate?

Question10: You work as a Network Administrator for Tech Perfect Inc. The company has recruited a large number of fresh employees. You have been asked to give them a presentation on data protection and confidentiality to ensure a secure wireless communication between the employees. What types of information require confidentiality? Each correct answer represents a complete solution. Choose all that apply.

Question11: Which of the following encryption techniques does digital signatures use?

Question12: Which of the following is a correct sequence of different layers of Open System Interconnection (OSI) model?

Question13: You work as a security manager in Mariotiss Inc. Your enterprise has been facing network and software security threats since a few months. You want to renew your current security policies and management to enhance the safety of your information systems. Which of the following is the best practice to initiate the renewal process from the lowest level with the least managerial effort?

Question14: Which of the following viruses is designed to prevent antivirus researchers from examining its code by using various methods that make tracing and disassembling difficult?

Question15: Which of the following is the most secure place to host a server that will be accessed publicly through the Internet?

Question16: Which of the following factors determine the strength of the encryption?

Question17: Which of the following options cannot be accessed from Windows Update?

Question18: Which of the following is a technique of attacks in which the attacker secretly listens to the private conversation between victims?

Question19: You are the Security Consultant and have been contacted by a client regarding their encryption and hashing algorithms. Their in-house network administrator tells you that their current hashing algorithm is an older one with known weaknesses and is not collision resistant. Which algorithm are they most likely using for hashing?

Question20: Which of the following roles is responsible for review and risk analysis of all contracts on a regular basis?

Question21: Which of the following monitors program activities and modifies malicious activities on a system?

Question22: Which of the following does an anti-virus program update regularly from its manufacturer's Web site?

Question23: Which of the following statements about Secure Shell (SSH) are true?
Each correct answer represents a complete solution. Choose three.

Question24: Which of the following statements about testing are true?
Each correct answer represents a complete solution. Choose all that apply.

Question25: Which of the following protocols work at the Network layer of the OSI model?

Question26: TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port will drop the packet. Which of the following operating systems can be easily identified with the help of TCP FIN scanning?

Question27: Cryptography is the science of?

Question28: Which of the following is the process of making additional copies of data so that they may be used to restore the original after a data loss event?

Question29: Your network utilizes a coax cable for connections between various network segments. Your predecessor made sure none of the coax cables were in an exposed area that could easily be accessed. This caused the use of significant extra cabling. Why do you think this was done?

Question30: Which of the following is the maximum variable key length for the Blowfish encryption algorithm?

Question31: John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

Question32: Which of the following combines the characteristics of a bridge and a router?

Question33: You work as a Network Administrator for McRoberts Inc. You are required to upgrade a client computer on the company's network to Windows Vista Ultimate. During installation, the computer stops responding, and the screen does not change. What is the most likely cause?

Question34: Which of the following are some of the parts of a project plan?
Each correct answer represents a complete solution. Choose all that apply.

Question35: Victor works as a network administrator for DataSecu Inc. He uses a dual firewall Demilitarized Zone (DMZ) to insulate the rest of the network from the portions, which is available to the Internet. Which of the following security threats may occur if DMZ protocol attacks are performed?
Each correct answer represents a complete solution. Choose all that apply.

Question36: Which of the following are the types of access controls?
Each correct answer represents a complete solution. Choose three.

Question37: Which of the following is the phase of Incident handling process in which the distinction between an event and an incident is made?

Question38: Which project management risk event would you be using if you changed the sequence of activities to reduce the probability of the project being delayed?

Question39: Which of the following types of authentications supported by OSPF?
Each correct answer represents a complete solution. Choose three.

Question40: Which of the following is the purpose of employing DMZ (Demilitarized zone) in a network?

Question41: The Information assurance pillars provide the surety of data availability to the users of an Information system. Which of the following network infrastructure techniques accomplishes the objective of an efficient data availability management on a network?
Each correct answer represents a complete solution. Choose all that apply.

Question42: Jane works as a Consumer Support Technician for McRoberts Inc. The company provides troubleshooting support to users. A user named Peter installs Windows Vista on his computer. He connects his computer on the network. He wants to protect his computer from malicious software and prevent hackers from gaining access to his computer through the network. Which of the following actions will Jane assist Peter to perform to accomplish the task?

Question43: Which of the following objects in an Active Directory serve as security principles?
Each correct answer represents a part of the solution. Choose all that apply.

Question44: Which of the following are the examples of administrative controls?
Each correct answer represents a complete solution. Choose all that apply.

Question45: You and your project team have identified the project risks and now are analyzing the probability and impact of the risks. What type of analysis of the risks provides a quick and high-level review of each identified risk event?

Question46: Every network device contains a unique built in Media Access Control (MAC) address, which is used to identify the authentic device to limit the network access. Which of the following addresses is a valid MAC address?

Question47: Which of the following is NOT a phase of the OODA Loop strategy?

Question48: Which of the following tools is an open source network intrusion prevention and detection system that operates as a network sniffer?

Question49: Which of the following U.S.C. laws is governs the fraudulent activities associated with computers?

Question50: Which of the following evidences is NOT the potential evidence for Routers?

Question51: You have created a Web site, which will be used for e-commerce. You want to ensure that the transactions are highly secured. For this purpose, you have to create a system to verify the identity of a potential customer. Which of the following security techniques will you use?

Question52: Which of the following is an examination of the controls within an Information technology (IT) infrastructure?

Question53: John works as a security manager in Mariotx.Inc. He has been tasked to resolve a network attack issue.
To solve the problem, he first examines the critical information about the attacker's interaction to the network environment. He prepares a past record and behavioral document of the attack to find a direction of the solution. Then he decides to perform an action based on the previous hypothesis and takes the appropriate action against the attack. Which of the following strategies has John followed?

Question54: You are the project manager of the HHH Project. The stakeholders for this project are scattered across the world and you need a method to promote interaction. You determine that a Web conferencing software would be the most cost effective solution. The stakeholders can watch a slide show while you walk them through the project details. The stakeholders can hear you, ask questions via a chat software, and post concerns. What is the danger in this presentation?

Question55: Which of the following firewalls inspects the actual contents of packets?

Question56: Which of the following is the best approach to conflict resolution?

Question57: Which of the following statements are true about routers?
Each correct answer represents a complete solution. Choose all that apply.

Question58: You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 domainbased network. The network has three Windows Server 2008 member servers and 150 Windows Vista client computers. According to the company's security policy, you apply Windows firewall setting to the computers on the network. Now, you are troubleshooting a connectivity problem that might be caused by Windows firewall. What will you do to identify connections that Windows firewall allows or blocks?

Question59: You are concerned about an attacker being able to get into your network. You want to make sure that you are informed of any network activity that is outside normal parameters. What is the best way to do this?

Question60: Which of the following statements about Public Key Infrastructure (PKI) is true?

Question61: You are the security manager of Microliss Inc. Your enterprise uses a wireless network infrastructure with access points ranging 150-350 feet. The employees using the network complain that their passwords and important official information have been traced. You discover the following clues:
The information has proved beneficial to another company.
The other company is located about 340 feet away from your office.
The other company is also using wireless network.
The bandwidth of your network has degraded to a great extent.
Which of the following methods of attack has been used?

Question62: Which of the following processes is accountable for monitoring an IT Service and detecting when the performance drops beneath adequate limits?

Question63: Web applications play a vital role in deploying different databases with user accessibility on the Internet.
Which of the following allows an attacker to get unauthorized access to the database of a Web application by sending (attacking) user-supplied data to an interpreter as part of a command or query?

Question64: Adam works as a Professional Penetration Tester for Umbrella Inc. A project has been assigned to him to carry out a Black Box penetration testing as a regular evaluation of the system security and integrity of the company's network. Which of the following statements are true about the Black Box penetration testing?
Each correct answer represents a complete solution. Choose all that apply.

Question65: Which of the following algorithms produce 160-bit hash values?
Each correct answer represents a complete solution. Choose two.

Question66: Which of the following protocols are used by Network Attached Storage (NAS)?
Each correct answer represents a complete solution. Choose all that apply.

Question67: SIMULATION
Fill in the blank with the appropriate layer name.
The Network layer of the OSI model corresponds to the ______ layer of the TCP/IP model.

Question68: You work in an enterprise as a Network Engineer. Your enterprise has a secure internal network.
You want to apply an additional network packet filtering device that is intermediate to your enterprise's internal network and the outer network (internet). Which of the following network zones will you create to accomplish this task?

Question69: Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS) to encrypt the data stored on a disk on a file-by-file basis?

Question70: What are packet sniffers?

Question71: Which of the following federal laws are related to hacking activities?
Each correct answer represents a complete solution. Choose three.

Question72: Donna is the project manager for her organization. She is preparing a plan to manage changes to the project should changes be requested. Her change management plan defines the process for documenting, tracking, and determining if the changes should be approved or declined. What system is considered the parent of the change control system documented in Donna's plan?

Question73: Which of the following is a pillar of Information Assurance CIA triad?

Question74: Which of the following is an organization that defines standards for anti-virus software?

Question75: Which of the following can be used to protect a computer system from malware, viruses, spyware, and various types of keyloggers? Each correct answer represents a complete solution. Choose all that apply.

Question76: Adam, a novice Web user is getting large amount of unsolicited commercial emails on his email address.
He suspects that the emails he is receiving are the Spam. Which of the following steps will he take to stop the Spam?
Each correct answer represents a complete solution. Choose all that apply.

Question77: What does Wireless Transport Layer Security (WTLS) provide for wireless devices?
Each correct answer represents a complete solution. Choose all that apply.

Question78: Under the SMART scheme, the Predictive Failure Analysis Technology is used to determine the failure or crash for which of the following parts of a computer system?

Question79: Which of the following cryptographic algorithms uses a single key to encrypt and decrypt data?

Question80: Which of the following processes is described in the statement below?
"It is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness throughout the project."

Question81: Which of the following methods of encryption uses a single key to encrypt and decrypt data?

Question82: Which of the following is an information gathering technique that is used to identify risks?

Question83: Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?

Question84: You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails.
Which of the following will you use to accomplish this?

Question85: Which of the following processes is responsible for low risk, frequently occurring low cost changes?

Question86: Which of the following is used to authenticate asymmetric keys?

Question87: Which of the following techniques can be used by an administrator while working with the symmetric encryption cryptography? Each correct answer represents a complete solution. Choose all that apply.

Question88: Which of the following statements about digital signature is true?

Question89: You work as an executive manager for Mariotx.Inc. You entered into a business contract with a firm called Helfixnet.Inc. You passed on the contract details to Helfixnet.Inc and also got an acceptance approval. You later find that Helfixnet.Inc is violating the rules of the contract and they claim that they had never entered into any contract with Mariotx.Inc when asked. Which of the following directives of Information Assurance can you apply to ensure prevention from such issues?

Question90: In which type of access control do user ID and password system come under?

Question91: Which of the following firewalls operates at three layers- Layer3, Layer4, and Layer5?

Question92: Which of the following is the primary function of VPNs?

Question93: Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one?

Question94: A Cisco Unified Wireless Network has an AP that does not rely on the central control device of the network. Which type of AP has this characteristic?

Question95: Which of the following statements are true about UDP?
Each correct answer represents a complete solution. Choose all that apply.

Question96: Maria works as a professional Ethical Hacker. She is assigned a project to test the security of www.we- are-secure.com. She wants to test a DoS attack on the We-are-secure server. She finds that the firewall of the server is blocking the ICMP messages, but it is not checking the UDP packets. Therefore, she sends a large amount of UDP echo request traffic to the IP broadcast addresses. These UDP requests have a spoofed source address of the We-are-secure server. Which of the following DoS attacks is Maria using to accomplish her task?

Question97: Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?

Question98: John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are- secure.com. He enters a single quote in the input field of the login page of the Weare- secure Web site and receives the following error message:
Microsoft OLE DB Provider for ODBC Drivers error '0x80040E14'
This error message shows that the We-are-secure Website is vulnerable to __________.

Question99: Security is responsible for well-being of information and infrastructures in which the possibilities of successful yet undetected theft, tampering, and/or disruption of information and services are kept low or tolerable. Which of the following are the elements of security?
Each correct answer represents a complete solution. Choose all that apply.

Question100: You are concerned about outside attackers penetrating your network via your company Web server.
You wish to place your Web server between two firewalls
One firewall between the Web server and the outside world
The other between the Web server and your network
What is this called?

Question101: The SALES folder has a file named XFILE.DOC that contains critical information about your company. This folder resides on an NTFS volume. The company's Senior Sales Manager asks you to provide security for that file. You make a backup of that file and keep it in a locked cupboard, and then you deny access on the file for the Sales group. John, a member of the Sales group, accidentally deletes that file. You have verified that John is not a member of any other group.
Although you restore the file from backup, you are confused how John was able to delete the file despite having no access to that file.
What is the most likely cause?

Question102: You want to ensure that everyone who sends you an email should encrypt it. However you do not wish to exchange individual keys with all people who send you emails. In order to accomplish this goal which of the following should you choose?

Question103: Mark works as a Customer Support Technician for uCertify Inc. The company provides troubleshooting support to users. Mark is troubleshooting a computer of a user who is working on Windows Vista. The user reports that his sensitive data is being accessed by someone because of security vulnerability in the component of Windows Vista. Which of the following features of Windows Security Center should Mark configure to save the user's data?

Question104: You are concerned about possible hackers doing penetration testing on your network as a prelude to an attack. What would be most helpful to you in finding out if this is occurring?

Question105: In a complex network, Router transfers data packets by observing some form of parameters or metrics provided in the routing table. Which of the following metrics is NOT included in the routing table?

Question106: Which of the following Acts enacted in United States allows the FBI to issue National Security Letters (NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers?

Question107: Mark works as a Network Administrator for NetTech Inc. The company has a Windows Server 2008 domain-based network. The network contains four Windows 2008 member servers and 250 Windows Vista client computers. One of the member servers works as a Web server that hosts an intranet Web site.
According to the company security policy, Mark needs to fulfill the following requirements:
1. Encryption should be used for authentication of all traffic to the Web site.
2. SSL should not be used on the Web server for performance reasons.
3. Users should be authenticated using their Active Directory credentials.
In order to fulfill the requirements, Mark has disabled the Anonymous Authentication setting on the server.
What else does he have to do?

Question108: Which of the following is the main purpose of using OODA loops?

Question109: In which of the following access control models can a user not grant permissions to other users to see a copy of an object marked as secret that he has received, unless they have the appropriate permissions?

Question110: Peter is a merchant. He uses symmetric encryption to send confidential messages to different users of his Web site. Which of the following is the other name for asymmetric encryption?

Question111: Which of the following are the differences between routed protocols and routing protocols?
Each correct answer represents a complete solution. Choose two.

Question112: You have decided to implement an intrusion detection system on your network. You primarily are interested in the IDS being able to recognized known attack techniques. Which type of IDS should you choose?

Question113: Which of the following statements about asymmetric encryption are true?
Each correct answer represents a complete solution. Choose two.

Question114: Andrew works as a Network Administrator for NetTech Inc. The company has a Windows Server 2008 domain-based network. The network contains five Windows 2008 member servers and 120 Windows XP Professional client computers. Andrew is concerned about the member servers that are not meeting the security requirements as mentioned in the security policy of the company. Andrew wants to compare the current security settings of the member servers with the security template that is configured according to the security policy of the company. Which of the following tools will Andrew use to accomplish this?

Question115: Which of the following refers to the process of verifying the identity of a person, network host, or system process?

Question116: Which of the following attacks saturates network resources and disrupts services to a specific computer?

Question117: Mark works as a Network Administrator for NetTech Inc. The network uses routers from multiple vendors.
Mark wants to implement a routing protocol on the company's network that provides VLSM support, scalability and minimal overhead on the network. Which of the following protocols will Mark use to fulfill the requirements?

Question118: Tom and Gary are in a debate over which software should be purchased as part of their project. Gary tells Tom that because he's the senior software developer and has been with the company for 12 years, he'll be making the decision on the software. What type of conflict resolution has happened in this instance?

Question119: The executive team wants you to track labor costs for your project as well as progress on task completion and the resulting dates. What information must you update for tasks to provide this information?

Question120: Which of the following cryptographic algorithm uses public key and private key to encrypt or decrypt data?

Question121: Which of the following types of attacks cannot be prevented by technical measures only?

Question122: You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process.
Which of the following actions will you take for this?

Question123: Which of the following techniques allows an attacker to take network traffic coming towards a host at one port and redirect it from that host to another host?

Question124: Rick is the project manager of a construction project. He is in a process to procure some construction equipments. There are four vendors available for supplying the equipments. Rick does not want one of them to participate in the bidding as he has some personal grudges against the owner of the vendor. This is the violation of which of the following categories of the Project Management Institute Code of Ethics and Professional Conduct?

Question125: The TCP/IP protocol suite uses ____ to identify which service a certain packet is destined for.

Question126: Which of the following protocols is used to provide remote monitoring and administration to network management machines on the network? The management machines will use this protocol to collect information for network monitoring. At times, the protocol can also be used for remote configuration.

Question127: Which of the following IDS/IPS detection methods do the URLs use to detect and prevent an attack?

Question128: You and your project team want to perform some qualitative analysis on the risks you have identified and documented in Project Web Access for your project. You would like to create a table that captures the likelihood and affect of the risk on the project. What type of a chart or table would you like to create for the project risks?

Question129: You work as a Software Developer for uCertify Inc. You have developed a Data Access Logic (DAL) component that will be part of a distributed application. You are conducting integration testing with other components of the distributed application. Which of the following types of testing methods will you need to perform to identify potential security-related issues? Each correct answer represents a part of the solution.
Choose two.

Question130: You work as a Network administrator for Infonet Inc. The company has 135 Windows XP Professional computers and twenty Windows 2003 Server computers. You want to specify the number of invalid logon attempts allowed before a user account is locked out. What will you do to accomplish the task?

Question131: Mark is implementing security on his e-commerce site. He wants to ensure that a customer sending a message is really the one he claims to be. Which of the following techniques will he use to ensure this?

Question132: You work as a Network Administrator for Marioxnet Inc. You have the responsibility of handling two routers with BGP protocol for the enterprise's network. One of the two routers gets flooded with an unexpected number of data packets, while the other router starves with no packets reaching it. Which of the following attacks can be a potential cause of this?

Question133: Sam works as a Web Developer for McRobert Inc. He wants to control the way in which a Web browser receives information and downloads content from Web sites. Which of the following browser settings will Sam use to accomplish this?

Question134: Which of the following books is used to examine integrity and availability?

Question135: Which of the following protocols provides connectionless integrity and data origin authentication of IP packets?

Question136: You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise. The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the Incident handling process involves your decision making?

Question137: You are the program manager of the BHG Program. One of the projects in your program will be using new materials that are somewhat untested. You are worried that there may be delays and waste because the project team is unaware of how to accurately use these materials. You elect to send the people that will be using the new materials through training on how to complete their project work. You also allow them to purchase some of the materials to experiment on their use before the actual project work is to be done.
You want to ensure that mistakes do not enter into the project. What type of action have you provided in this scenario?

Question138: What are the benefits of using a proxy server on a network?
Each correct answer represents a complete solution. Choose all that apply.

Question139: You work as a Security manager for Qualoxizz Inc. Your company has number of network switches in the site network infrastructure. Which of the following actions will you perform to ensure the security of the switches in your company?

Question140: You work as a SharePoint Administrator for TechWorld Inc. You must protect your SharePoint server farm from viruses that are accidentally uploaded to the SharePoint libraries. You have installed antivirus software that is designed for use with Windows SharePoint server. You have logged on to the Central Administration site.
How can you configure the SharePoint site so that the document libraries are protected?

Question141: John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. On the We-are-secure login page, he enters ='or''=' as a username and successfully logs in to the user page of the Web site. The We-are-secure login page is vulnerable to a
__________.

Question142: At which OSI layer does UDP operate?

Question143: You are the project manager of a new project in your organization. You and the project team have identified the project risks, completed risk analysis, and are planning the most appropriate risk responses.
Which of the following tools is most effective to choose the most appropriate risk response?

Question144: The MBR of a hard disk is a collection of boot records that contain disk information such as disk architecture, cluster size, and so on. The main work of the MBR is to locate and run necessary operating system files that are required to run a hard disk. In the context of the operating system, MBR is also known as the boot loader. Which of the following viruses can infect the MBR of a hard disk?
Each correct answer represents a complete solution. Choose two.

Question145: Which Wireless network standard operates at 2.4 GHz and transfers data at a rate of 54 Mbps?

Question146: Which of the following provide data confidentiality services by encrypting the data sent between wireless systems?
Each correct answer represents a complete solution. Choose two.

Question147: You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

Question148: Hardening a system is one of the practical methods of securing a computer system. Which of the following techniques is used for hardening a computer system?

Question149: You work as a Network Administrator for NetTech Inc. Employees in remote locations connect to the company's network using Remote Access Service (RAS). Which of the following will you use to protect the network against unauthorized access?

Question150: Which of the following can be used to prevent routing loops in distance vector routing protocols?
Each correct answer represents a complete solution. Choose two.

Question151: Your Company is receiving false and abusive e-mails from the e-mail address of your partner company.
When you complain, the partner company tells you that they have never sent any such e-mails. Which of the following types of cyber crimes involves this form of network attack?

Question152: Which of the following is a valid IP address for class B Networks?

Question153: Which of the following security applications is used to secure a database from unauthorized accesses in a network infrastructure?

Question154: You discover that someone has been logging onto your network after office hours. After investigating this you find the login belongs to someone who left the company 12 months ago. What would have been the best method to prevent this?

Question155: You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value. Which of the following should you use?

Question156: Which of the following tools are used to determine the hop counts of an IP packet?
Each correct answer represents a complete solution. Choose two.

Question157: Which of the following is most useful against DOS attacks?

Question158: You work as a project manager for TYU project. You are planning for risk mitigation. You need to identify the risks that will need a more in-depth analysis. Which of the following activities will help you in this?

Question159: Which of the following is prepared by the business and serves as a starting point for producing the IT Service Continuity Strategy?

Question160: Mark is implementing security on his e-commerce site. He wants to ensure that a customer sending a message is really the one he claims to be. Which of the following techniques will he use to ensure this?

Question161: Which of the following Web attacks is performed by manipulating codes of programming languages such as SQL, Perl, Java present in the Web pages?

Question162: Which of the following are core TCP/IP protocols that can be implemented with Windows NT to connect computers and internetworks?
Each correct answer represents a complete solution. Choose all that apply.

Question163: John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his task?

Question164: Which of the following statements are true about classless routing protocols?
Each correct answer represents a complete solution. Choose two.

Question165: Which of the following is a remote access protocol that supports encryption?

Question166: You switch on your mobile Bluetooth device to transfer data to another Bluetooth device. Which of the following Information assurance pillars ensures that the data transfer is being performed with the targeted authorized Bluetooth device and not with any other or unauthorized device?

Question167: Which of the following roles is used to ensure that the confidentiality, integrity, and availability of the services are maintained to the levels approved on the Service Level Agreement (SLA)?

Question168: Which of the following types of viruses can prevent itself from being detected by an antivirus application?

Question169: Sam is creating an e-commerce site. He wants a simple security solution that does not require each customer to have an individual key. Which of the following encryption methods will he use?

Question170: Which of the following protocols implements VPN using IPSec?

Question171: In packet filtering types of firewalls, which of the following specifies what traffic can and cannot traverse the firewall?

Question172: You work as a security manager for hackoxiss Inc. The company consists of a perimeter network as its internal network. A number of ethical hackers are employed in the company. You are getting complaints that some employees of the company are trying to intrude other systems on the outer network (Internet). In which of the following ways will you secure the internal as well as the outer network?

Question173: This type of virus infects programs that can execute and load into memory to perform predefined steps for infecting systems. It infects files with the extensions .EXE, .COM, .BIN, and .SYS. As it can replicate or destroy these types of files, the operating system becomes corrupted and needs reinstallation. This type of virus is known as __________.

Question174: You have an antivirus program for your network. It is dependent upon using lists of known viruses. What is this type of scan called?

Question175: NIST Special Publication 800-50 is a security awareness program. It is designed for those people who are currently working in the information technology field and want to the information security policies.
Which of the following are its significant steps?
Each correct answer represents a complete solution. Choose two.