Question1: The Children's Online Privacy Protection Act makes it illegal for Web sites to collect information from children under __ years of age without verifiable permission of a parent?
Question2: Which of the following ports is used by a BOOTP client?
Question3: Which of the following is the default port for Simple Network Management Protocol (SNMP)?
Question4: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully performed the following steps of the preattack phase to check the security of the We-are-secure network:
* Gathering information
* Determining the network range
*I dentifying active systems
Now, he wants to find the open ports and applications running on the network. Which of the following tools will he use to accomplish his task?
Question5: Which of the following can be prevented by an organization using job rotation and separation of duties policies?
Question6: Which of the following is the most secure method of authentication?
Question7: Which of the following are the ways of sending secure e-mail messages over the Internet?
Each correct answer represents a complete solution. Choose two.
Question8: Which of the following devices performs protocol and format translations?
Question9: Which of the following protocols allows Cisco devices to acquire and utilize digital certificates from Certification Authorities (CAs)?
Question10: Which of the following terms describes an attempt to transfer DNS zone data?
Question11: Against which of the following does SSH provide protection?
Each correct answer represents a complete solution. Choose two.
Question12: Which of the following are the ways of sending secure e-mail messages over the Internet?
Each correct answer represents a complete solution. Choose two.
Question13: Which of the following standards works at the presentation layer?
Each correct answer represents a complete solution. Choose all that apply.
Question14: Which of the following does Certification Authority (CA) provide in an e-commerce system?
Each correct answer represents a complete solution. Choose two.
Question15: Which of the following command-line utilities queries the DNS server to check whether or not the zone database contains the correct information?
Question16: Which of the following protocols work at the network layer?
Each correct answer represents a complete solution. Choose three.
Question17: Which of the following terms describes an attempt to transfer DNS zone data?
Question18: Which of the following are the causes of power noise?
Each correct answer represents a complete solution. Choose two.
Question19: Which of the following access control models are used in the commercial sector?
Each correct answer represents a complete solution. Choose two.
Question20: Which of the following statements about Diffie-Hellman encryption are true?
Each correct answer represents a complete solution. Choose two.
Question21: Identify whether the given statement is true or false.
"Replay attack is a type of attack in which attackers capture packets containing passwords or digital signatures whenever packets pass between two hosts on a network."
Question22: Which of the following is used by attackers to obtain an authenticated connection on a network?
Question23: Which of the following protocols is used to verify the status of a certificate?
Question24: Which of the following are the basic architectures of microprocessors used in modern computers?
Each correct answer represents a complete solution. Choose two.
Question25: SUMULATION
Fill in the blank with the appropriate layer name of the OSI model.
Secure Socket Layer (SSL) operates at the _______ layer of the OSI model.
Question26: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He finds that the We-are-secure server is vulnerable to attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against
__________.
Question27: Which of the following needs to be documented to preserve evidences for presentation in court?
Question28: On which of the following does a CGI program execute?
Question29: John works as a Network Administrator for We-are-secure Inc. The We-are-secure server is based on Windows Server 2003. One day, while analyzing the network security, he receives an error message that Kernel32.exe is encountering a problem. Which of the following steps should John take as a countermeasure to this situation?
Each correct answer represents a complete solution. Choose all that apply.
Question30: Which of the following statements are true about worms?
Each correct answer represents a complete solution. Choose all that apply.
Question31: Which of the following methods is a behavior-based IDS detection method?
Question32: Which of the following statements about DMZ is true?
Question33: Which of the following standards is used in wireless local area networks (WLANs)?
Question34: Which of the following types of computers is used for attracting potential intruders?
Question35: SIMULATION
Fill in the blank with the appropriate value.
Digital Subscriber Line must be installed within a _______ kilometer radius of the telephone company's access point.
Question36: Which of the following encryption strengths is used to secure NTLM version 2 passwords?
Question37: Mark works as a Webmaster for Infonet Inc. He sets up an e-commerce site. He wants to accept online payments through credit cards on this site. He wants the credit card numbers to be encrypted. What will Mark do to accomplish the task?
Question38: John works as a Network Administrator for We-are-secure Inc. The We-are-secure server is based on Windows Server 2003. One day, while analyzing the network security, he receives an error message that Kernel32.exe is encountering a problem. Which of the following steps should John take as a countermeasure to this situation?
Each correct answer represents a complete solution. Choose all that apply.
Question39: Which of the following can be done over telephone lines, e-mail, instant messaging, and any other method of communication considered private.
Question40: Which of the following are tunneling protocols?
Each correct answer represents a complete solution. Choose two.
Question41: An organization monitors the hard disks of its employees' computers from time to time. Which policy does this pertain to?
Question42: Which of the following provides secure online payment services?
Question43: Which of the following is the main reason for implementing CCTV as part of the physical arrangement?
Question44: Which of the following entities are directly involved in Secure Electronic Transaction (SET)?
Each correct answer represents a complete solution. Choose three.
Question45: Which of the following are used to suppress electrical and computer fires?
Each correct answer represents a complete solution. Choose two.
Question46: Which of the following acts as an intermediary between a user on the internal network and a service on the external network such as the Internet?
Question47: You work as a Network Administrator for Web World Inc. You want to host an e-commerce Web site on your network. You want to ensure that storage of credit card information is secure. Which of the following conditions should be met to accomplish this?
Each correct answer represents a complete solution. Choose all that apply.
Question48: You work as a Network Administrator for Net Perfect Inc. The company has a Windows 2000, TCP/IP- based class C network consisting of 200 hosts. The network uses private IP addressing. A computer on the network is connected to the Internet. The management plans to increase the number of hosts to 300.
The management also wants all hosts to be able to access the Internet through the existing connection.
Which of the following steps will you take to accomplish this?
Each correct answer represents a part of the solution. Choose two.
Question49: Which of the following are used to suppress gasoline and oil fires?
Each correct answer represents a complete solution. Choose three.
Question50: Which of the following are considered Bluetooth security violations?
Each correct answer represents a complete solution. Choose two.
Question51: A ________ is a detailed step-by-step document that explains exactly what is to be done.
Question52: You are using a Windows-based sniffer named ASniffer to record the data traffic of a network. You have extracted the following IP Header information of a randomly chosen packet from the sniffer's log:
45 00 00 28 00 00 40 00 29 06 43 CB D2 D3 82 5A 3B 5E AA 72
Which of the following TTL decimal values and protocols are being carried by the IP Header of this packet?
Question53: Which of the following protocols allows an e-mail client to access and manipulate a remote e-mail file without downloading it to the local computer?
Question54: Which of the following rate systems of Orange book has mandatory protection of the Trusted Computing Base (TCB)?
Question55: Which of the following statements about the authentication concept of information security management is true?
Question56: Which of the following protocols provides certificate-based authentication for virtual private networks (VPNs)?
Question57: Which of the following types of attacks occurs when an unauthorized person obtains passwords and other information from the packets that are traveling between two hosts by using an intermediary program?
Question58: Which of the following statements about a smart card are true?
Each correct answer represents a complete solution. Choose two.
Question59: Which of the following is the default port for Secure Shell (SSH)?
Question60: Which of the following need to be reduced to suppress a fire?
Each correct answer represents a complete solution. Choose all that apply.
Question61: Which of the following are examples of passive attacks?
Each correct answer represents a complete solution. Choose all that apply.
Question62: You work as a Web Developer for WebCrunch Inc. You create a web site that contains information about the company's products and services. The web site is to be used by the company's suppliers only. Which of the following options will you use to specify the nature of access to the web site?
Question63: Which of the following are politically motivated threats that an organization faces?
Each correct answer represents a complete solution. Choose all that apply.
Question64: An authentication method uses smart cards as well as usernames and passwords for authentication.
Which of the following authentication methods is being referred to?
Question65: Which of the following protocols is responsible for requesting Web pages from a Web server and sending back the responses to the Web browser?
Question66: Which of the following is the most common method used by attackers to identify wireless networks?
Question67: Which of the following encryption methods comes under symmetric encryption algorithm?
Each correct answer represents a complete solution. Choose three.
Question68: Which of the following safes are large enough to allow a person to enter?
Question69: Which of the following statements about the bridge are true?
Each correct answer represents a complete solution. Choose two.
Question70: Which of the following is the method of hiding data within another media type such as graphic or document?
Question71: John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. While examining a log report, he finds that an intrusion has been attempted by an attacker whose IP address is 0x40.0x3A.0x2B.0xE6. Which of the following decimal IP addresses will respond to the ping on the above Hexadecimal IP address?
Question72: John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are- secure.com. He enters a single quote in the input field of the login page of the Weare- secure Web site and receives the following error message:
Microsoft OLE DB Provider for ODBC Drivers error '0x80040E14'
This error message shows that the We-are-secure Website is vulnerable to __________.
Question73: Sam works as a Web Developer for McRobert Inc. He wants to control the way in which a Web browser receives information and downloads content from Web sites. Which of the following browser settings will Sam use to accomplish this?
Question74: Which of the following types of virus is capable of changing its signature to avoid detection?
Question75: Which of the following is a duplicate of the original site of an organization, with fully working systems as well as near-complete backups of user data?
Question76: Which of the following are the phases of the Certification and Accreditation (C&A) process?
Each correct answer represents a complete solution. Choose two.
Question77: Which of the following are the common roles with regard to data in an information classification program?
Each correct answer represents a complete solution. Choose all that apply.
Question78: Which of the following OSI model layers handles addressing and routing?
Question79: Which of the following statement about eavesdropping is true?
Question80: Which of the following is not a level of military data-classification system?
Question81: SIMULATION
Fill in the blank with the appropriate value.
Twofish symmetric key block cipher operates on 128-bits block size using key sizes up to______ bits.
Question82: Which of the following is a term that refers to unsolicited e-mails sent to a large number of e-mail users?
Question83: Which of the following is used to repair missing or damaged system files that might prevent Windows from starting correctly?
Question84: SIMULATION
Fill in the blanks with the appropriate values.
Blowfish is a _______ -bit block cipher that can support key lengths of up to ______ bits.
Question85: Which of the following classes of fire comes under Class C fire?
Question86: On which of the following OSI model layers does the Point-to-Point Protocol (PPP) work?
Question87: Which of the following entities is used by Routers and firewalls to determine which packets should be forwarded or dropped?
Question88: Which of the following tools is used to flood the local network with random MAC addresses?
Question89: Which of the following are used to suppress paper or wood fires?
Each correct answer represents a complete solution. Choose two.
Question90: SIMULATION
Fill in the blank with the appropriate value.
Primary Rate Interface (PRI) of an ISDN connection contains _______ B channels and ______ D channel.
Question91: Which of the following is an open source network intrusion detection system?
Question92: Which of the following ensures that a sender cannot deny sending a message?
Question93: Which of the following OSI model layers handles translation of data into standard format, data compression, and decompression?
Question94: Which of the following classes of fire comes under Class C fire?
Question95: Which of the following protects from electrical and magnetic induction that causes interference to the power voltage?
Question96: Which of the following defines the communication link between a Web server and Web applications?
Question97: Which of the following two components does Kerberos Key Distribution Center (KDC) consist of?
Each correct answer represents a complete solution. Choose two.
Question98: You are a salesperson. You are authorized to access only the information that is essential for your work.
Which of the following access control models is used in your organization?
Question99: SIMULATION
Fill in the blank with the appropriate layer name.
The Network layer of the OSI model corresponds to the _______________ layer of the TCP/IP model.
Question100: Which of the following acts as an intermediary between a user on the internal network and a service on the external network such as the Internet?
Question101: Which of the following formulas is used to determine the Single Loss Expectancy (SLE)?
Question102: This type of virus infects programs that can execute and load into memory to perform predefined steps for infecting systems. It infects files with the extensions .EXE, .COM, .BIN, and .SYS. As it can replicate or destroy these types of files, the operating system becomes corrupted and needs reinstallation. This type of virus is known as __________.
Question103: SIMULATION
Fill in the blank with the appropriate term.
A ___________ is a digital representation of information that identifies authorized users on the Internet and intranets.
Question104: What are the benefits of using a proxy server on a network?
Each correct answer represents a complete solution. Choose all that apply.
Question105: Which of the following statements about the availability concept of Information security management is true?
Question106: Which of the following tabs will you click in the Internet Options dialog box to include a websites as a trusted site?
Question107: Which of the following statements about smurf is true?
Question108: Which of the following protocols is used with a tunneling protocol to provide security?
Question109: Which of the following protocols provides functionalities for advanced management associated with the use of digital certificates such as certificate issuance, exchange, and revocation?
Question110: Which of the following is used by attackers to record everything a person types, including usernames, passwords, and account information?
Question111: Which of the following provides protection against network eavesdropping and signal interference and works at the physical layer?
Question112: John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. John wants to redirect all TCP port 80 traffic to UDP port 40, so that he can bypass the firewall of the We-are-secure server. Which of the following tools will John use to accomplish his task?
Question113: Which of the following is a documentation of guidelines that computer forensics experts use to handle evidences?
Question114: Which of the following occurs when a packet is sent from a source computer to a destination computer?
Question115: Which of the following encryption methods comes under symmetric encryption algorithm?
Each correct answer represents a complete solution. Choose three.
Question116: Which of the following is a process of monitoring data packets that travel across a network?
Question117: Which of the following tools can be used to perform tasks such as Windows password cracking, Windows enumeration, and VoIP session sniffing?
Question118: Which of the following methods is a behavior-based IDS detection method?
Question119: How many keys are used to encrypt data in symmetric encryption?
Question120: Which of the following protocols is responsible for the resolution of IP addresses to media access control (MAC) addresses?
Question121: Which of the following statements about Network Address Translation (NAT) is true?
Question122: Which of the following techniques allows an attacker to take network traffic coming towards a host at one port and redirect it from that host to another host.
Question123: Which of the following is used as a transmission media by the fiber-optic cables?
Question124: You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network.
A firewall has been configured on the network. You configure a filter on the router. You verify that SMTP operations have got affected and have stopped. Which of the following ports will you require to open on the router to resolve the issue?
Question125: Which of the following refers to going through someone's trash to find out useful or confidential information?
Question126: Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2000 domain- based network. Users report that they are unable to log on to the network. Mark finds that accounts are locked out due to multiple incorrect log on attempts. What is the most likely cause of the account lockouts?
Question127: Which of the following is a name, symbol, or slogan with which a product is identified?
Question128: You work as a Network Administrator for NetTech Inc. To ensure the security of files, you encrypt data files using Encrypting File System (EFS). You want to make a backup copy of the files and maintain security settings. You can backup the files either to a network share or a floppy disk. What will you do to accomplish this?
Question129: You work as a professional Ethical Hacker. You are assigned a project to test the security of www.we-are- secure.com. You are working on the Windows Server 2003 operating system. You suspect that your friend has installed the keyghost keylogger onto your computer. Which of the following countermeasures would you employ in such a situation?
Each correct answer represents a complete solution. Choose all that apply.
Question130: Samantha works as an Ethical Hacker for we-are-secure Inc. She wants to test the security of the weare- secure server for DoS attacks. She sends large number of ICMP ECHO packets to the target computer.
Which of the following DoS attacking techniques will she use to accomplish the task?
Question131: Which of the following is used to prevent the electronic emissions of a computer from being used by unauthorized users?
Question132: Which of the following defines the communication link between a Web server and Web applications?
Question133: Which of the following are based on malicious code?
Each correct answer represents a complete solution. Choose two.
Question134: Which of the following terms is used for a router that filters traffic before it is passed to the firewall?
Question135: Mark the list that mentions the correct levels of classification of the military data-classification system.
Select and Place:

Question136: Which of the following refers to a condition in which a hacker sends a bunch of packets that leave TCP ports half open?
Question137: Which of the following can provide security against man-in-the-middle attack?
Question138: Which of the following refers to a program that allows access to a system by skipping the security checks?
Question139: Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2000 domain- based network. Users report that they are unable to log on to the network. Mark finds that accounts are locked out due to multiple incorrect log on attempts. What is the most likely cause of the account lockouts?
Question140: Which of the following statements about RSA algorithm are true?
Each correct answer represents a complete solution. Choose two.
Question141: You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based Windows NT network. You are configuring a computer that will be used as a file server on the network. You have to decide the disk configuration for the computer to obtain better performance.
A fault tolerant disk configuration is not a requirement. Which of the following RAID levels will you choose to fulfil the requirement?
Question142: Which of the following is a program that monitors data packets traveling across a network?
Question143: Which of the following types of activities can be audited for security?
Each correct answer represents a complete solution. Choose three.
Question144: Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?
Question145: Which of the following are intrusion detection device?
Question146: Which of the following protocols work at the data-link layer?
Each correct answer represents a complete solution. Choose two.
Question147: Which of the following statements about asymmetric encryption are true?
Each correct answer represents a complete solution. Choose two.
Question148: SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol?
Each correct answer represents a complete solution. Choose all that apply.
Question149: At which of the following layers of the Open System Interconnection (OSI) model the Internet Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) work?
Question150: Which of the following statements about Microsoft hotfix are true?
Each correct answer represents a complete solution. Choose two.
Question151: An organization monitors the hard disks of its employees' computers from time to time. Which policy does this pertain to?
Question152: What is the hash value length of the Secure Hash Algorithm (SHA-1)?
Question153: You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory- based single domain single forest network. The functional level of the forest is Windows Server 2003. The company has recently provided laptops to its sales team members. You have configured access points in the network to enable a wireless network. The company's security policy states that all users using laptops must use smart cards for authentication. Which of the following authentication techniques will you use to implement the security policy of the company?
Question154: The Klez worm is a mass-mailing worm that exploits a vulnerability to open an executable attachment even in Microsoft Outlook's preview pane. The Klez worm gathers email addresses from the entries of the default Windows Address Book (WAB). Which of the following registry values can be used to identify this worm?
Question155: John works as a Network Security Professional. He is assigned a project to test the security of www.we- are-secure.com. He is working on the Linux operating system and wants to install an Intrusion Detection System on the We-are-secure server so that he can receive alerts about any hacking attempts. Which of the following tools can John use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
Question156: Which of the following rate systems of Orange book has mandatory protection of the Trusted Computing Base (TCB)?
Question157: Which of the following is executed when a predetermined event occurs?
Question158: Which of the following statements best explains how encryption works on the Internet?
Question159: Which of the following statements about digital signature is true?
Question160: You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based Windows NT network. You are configuring a computer that will be used as a file server on the network. You have to decide the disk configuration for the computer to obtain better performance.
A fault tolerant disk configuration is not a requirement. Which of the following RAID levels will you choose to fulfil the requirement?
Question161: Which of the following two components does Kerberos Key Distribution Center (KDC) consist of?
Each correct answer represents a complete solution. Choose two.
Question162: Which of the following heights of fence deters only casual trespassers?
Question163: Which of the following protocols is used to query and modify information stored within the directory services?
Question164: Which of the following is a term used to refer to access of a wireless Internet connection by bringing one's own computer within the range of another's wireless connection, and using that service without the subscriber's explicit permission or knowledge?
Question165: Which of the following tools can be used to perform polymorphic shell code attacks?
Question166: Which of the following types of fire comes under Class K fire?
Question167: Which of the following authentication methods support mutual authentication?
Each correct answer represents a complete solution. Choose two.
Question168: In which type of access control do user ID and password system come under?
Question169: What does TACACS stand for?
Question170: Which of the following statements about Switched Multimegabit Data Service (SMDS) are true?
Each correct answer represents a complete solution. Choose two.
Question171: Which of the following is the most secure method of authentication?
Question172: Which of the following services does Internet Information Server (IIS) provide along with HTTP?
Each correct answer represents a complete solution. Choose three.
Question173: SIMULATION
Fill in the blanks with the appropriate values.
Twofish symmetric algorithm operates on _______ -bit blocks and can support a key length of up to
________ bits.
Question174: Which of the following layers of the OSI model provides non-repudiation services?
Question175: Which of the following protocols transmits user credentials as plaintext?
Question176: Which of the following uses public-key encryption to encrypt and digitally sign e-mail messages during communication between e-mail clients?
Question177: Which of the following terms refers to a momentary low voltage?
Question178: Which of the following task force was formed to examine the impact of Electronic Publishing on the intellectual property rights?
Question179: Which of the following protocols is used as the directory access protocol?
Question180: Which of the following should propose applicable and effective security controls for managing the risks?
Question181: Which of the following handles a relatively wide range of frequencies, which may be divided into channels or frequency bins?
Question182: Which of the following steps are generally followed in computer forensic examinations?
Each correct answer represents a complete solution. Choose three.
Question183: Which of the following types of fire comes under Class K fire?
Question184: You work as a Network Administrator for NetTech Inc. The company's network is connected to the Internet.
For security, you want to restrict unauthorized access to the network with minimum administrative effort.
You want to implement a hardware-based solution. What will you do to accomplish this?
Question185: It is the technique for gathering information for a Web site owner about a user through a few lines of code that reside in the Web pages. This information is gathered through __________.
Question186: Which of the following tools is used for breaking digital watermark?
Question187: Which of the following tools can be used by a user to hide his identity?
Each correct answer represents a complete solution. Choose all that apply.
Question188: Which of the following file systems provides file-level security?
Question189: The _______ protocol allows applications to communicate across a network in a way designed to prevent eavesdropping and message forgery.
Question190: Which of the following statements about active attack is true?
Question191: You work as a Network Administrator for Infonet Inc. The company uses Wired Equivalent Privacy (WEP) for wireless security. Who among the following can authenticate from the access point of the network?
Question192: Which of the following terms is used for securing an operating system from an attack?
Question193: Which of the following statements about a stream cipher are true?
Each correct answer represents a complete solution. Choose three.
Question194: Which of the following encryption algorithms are based on stream ciphers?
Each correct answer represents a complete solution. Choose two.
Question195: Maria works as a professional Ethical Hacker. She is assigned a project to test the security of www.we- are-secure.com. She wants to test a DoS attack on the We-are-secure server. She finds that the firewall of the server is blocking the ICMP messages, but it is not checking the UDP packets. Therefore, she sends a large amount of UDP echo request traffic to the IP broadcast addresses. These UDP requests have a spoofed source address of the We-are-secure server.
Which of the following DoS attacks is Maria using to accomplish her task?
Question196: Which of the following authentication protocols provides support for a wide range of authentication methods, such as smart cards and certificates?
Question197: Which of the following rated systems of the Orange book has mandatory protection of the TCB?
Question198: Which of the following books deals with confidentiality?
Question199: Which of the following terms refers to the act of obtaining plain text from cipher text without a cryptographic key?
Question200: Which of the following types of attacks is mounted with the objective of causing a negative impact on the performance of a computer or network?
Question201: Which of the following is a documentation of guidelines that are used to create archival copies of important data?
Question202: Which of the following layers of the OSI model corresponds to the Host-to-Host layer of the TCP/IP model?
Question203: Which of the following provides high availability of data?
Question204: Which of the following evidences are the collection of facts that, when considered together, can be used to infer a conclusion about the malicious activity/person?
Question205: Which of the following statements about a hoax are true?
Each correct answer represents a complete solution. Choose two.
Question206: This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a,
802.11b, and 802.11g standards. The main features of these tools are as follows:
It displays the signal strength of a wireless network, MAC address, SISD, channel details, etc.

It is commonly used for the following purposes:

a. War driving
b. Detecting unauthorized access points
c. Detecting causes of interference on a WLAN
d. WEP ICV error tracking
e. Making Graphs and Alarms on 802.11 Data, including Signal Strength
This tool is known as __________.
Question207: Which of the following is a formula, practice, process, design, instrument, pattern, or compilation of information which is not generally known, but by which a business can obtain an economic advantage over its competitors?
Question208: Which of the following protocols are used to provide secure communication between a client and a server over the Internet?
Each correct answer represents a part of the solution. Choose two.
Question209: You work as a Network Administrator for Web World Inc. You want to host an e-commerce Web site on your network. You want to ensure that storage of credit card information is secure. Which of the following conditions should be met to accomplish this?
Each correct answer represents a complete solution. Choose all that apply.
Question210: Which of the following practices come in the category of denial of service attack?
Each correct answer represents a complete solution. Choose three.
Question211: Which of the following are the major tasks of risk management?
Each correct answer represents a complete solution. Choose two.
Question212: Which of the following languages enable programmers to store cookies on client computers?
Each correct answer represents a complete solution. Choose two.
Question213: Which of the following processes is known as Declassification?
Question214: Which of the following statements about the integrity concept of information security management are true?
Each correct answer represents a complete solution. Choose three.
Question215: Mark has been hired by a company to work as a Network Assistant. He is assigned the task to configure a dial-up connection. He is configuring a laptop. Which of the following protocols should he disable to ensure that the password is encrypted during remote access?
Question216: Which of the following statements about service pack are true?
Each correct answer represents a complete solution. Choose two.
Question217: Which of the following Windows RRAS authentication protocols uses completely unencrypted passwords?
Question218: Which of the following needs to be documented to preserve evidences for presentation in court?
Question219: Which of the following activities is used to take place after recording and registering an incident?
Question220: Which of the following areas of a network contains DNS servers and Web servers for Internet users?
Question221: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?
Question222: Which of the following types of evidence is considered as the best evidence?
Question223: John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He wants to test the effect of a virus on the We-are-secure server. He injects the virus on the server and, as a result, the server becomes infected with the virus even though an established antivirus program is installed on the server. Which of the following do you think are the reasons why the antivirus installed on the server did not detect the virus injected by John?
Each correct answer represents a complete solution. Choose all that apply.
Question224: Which of the following components come under the physical layer of the OSI model?
Each correct answer represents a complete solution. Choose all that apply.
Question225: Which of the following VPN protocols offer encryption?
Each correct answer represents a complete solution. Choose two.
Question226: Which of the following can be done over telephone lines, e-mail, instant messaging, and any other method of communication considered private.
Question227: Which of the following terms ensures that no intentional or unintentional unauthorized modification is made to data?
Question228: Which of the following is a link-state routing protocol?
Question229: Which of the following methods of encryption uses a single key to encrypt and decrypt data?
Question230: Which of the following statements about Encapsulating Security Payload (ESP) are true?
Each correct answer represents a complete solution. Choose two.
Question231: You are going to upgrade your hard disk's file system from FAT to NTFS. What are the major advantages of the NTFS file system over FAT16 and FAT32 file systems?
Each correct answer represents a complete solution. Choose all that apply.
Question232: Which of the following terms refers to a mechanism which proves that the sender really sent a particular message?
Question233: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. John notices that the We-are-secure network is vulnerable to a man-inthe- middle attack since the key exchange process of the cryptographic algorithm it is using does not authenticate participants. Which of the following cryptographic algorithms is being used by the Weare- secure server?
Question234: Which of the following types of attack can be used to break the best physical and logical security mechanism to gain access to a system?
Question235: Which of the following is used to prevent the electronic emissions of a computer from being used by unauthorized users?
Question236: Which of the following is executed when a predetermined event occurs?
Question237: Which of the following are the major tasks of risk management?
Each correct answer represents a complete solution. Choose two.
Question238: Which of the following statements best describes VeriSign?
Question239: John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company.
To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?
Question240: Which of the following processes is used by remote users to make a secure connection to internal resources after establishing an Internet connection?
Question241: Which of the following are methods used for authentication?
Each correct answer represents a complete solution. Choose all that apply.
Question242: Which of the following protocols provides maintenance and error reporting function?
Question243: Which of the following statements about Denial-of-Service (DoS) attack are true?
Each correct answer represents a complete solution. Choose three.
Question244: Which of the following access control models uses a predefined set of access privileges for an object of a system?
Question245: A Web-based credit card company had collected financial and personal details of Mark before issuing him a credit card. The company has now provided Mark's financial and personal details to another company.
Which of the following Internet laws has the credit card issuing company violated?
Question246: A ________ attack occurs when an attacker successfully inserts an intermediary software or program between two communicating hosts.
Question247: Which of the following statements regarding Secure Sockets Layer (SSL) are true?
Each correct answer represents a complete solution. Choose all that apply.
Question248: In which of the following cryptographic attacking techniques does an attacker obtain encrypted messages that have been encrypted using the same encryption algorithm?
Question249: Which of the following ports is used by a BOOTP server?
Question250: How many keys are used to encrypt data in symmetric encryption?
Question251: Which of the following are the goals of risk management?
Each correct answer represents a complete solution. Choose three.
Question252: Maria works as a professional Ethical Hacker. She recently has been assigned a project to test the security of www.we-are-secure.com. The company has provided the following information about the infrastructure of its network:
Network diagrams of the we-are-secure infrastructure

Source code of the security tools

IP addressing information of the we-are-secure network

Which of the following testing methodologies is we-are-secure.com using to test the security of its network?
Question253: Which of the following methods of encryption uses a single key to encrypt and decrypt data?
Question254: Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?
Question255: Which of the following is an asymmetric encryption algorithm?
Question256: Which of the following statements about biometric authentication is true?
Question257: Which of the following terms is used for the process of securing a system or a device on a network infrastructure?
Question258: Which of the following statements about packet filtering is true?
Question259: Which of the following rate systems of the Orange book has no security controls?
Question260: Which of the following tools or services is used to find the entire IP address range used by an organization?
Question261: Which methods help you to recover your data in the event of a system or hard disk failure?
Each correct answer represents a complete solution. Choose two.
Question262: Which of the following statements about DES (Data Encryption Standard) is true?
Question263: Which of the following is a source port forwarder and redirector tool?
Question264: Peter works as a Network Administrator for Net World Inc. The company wants to allow remote users to connect and access its private network through a dial-up connection via the Internet. All the data will be sent across a public network. For security reasons, the management wants the data sent through the Internet to be encrypted. The company plans to use a Layer 2 Tunneling Protocol (L2TP) connection.
Which communication protocol will Peter use to accomplish the task?
Question265: Which of the following are the responsibilities of the custodian of data?
Each correct answer represents a complete solution. Choose two.
Question266: Which of the following are the types of access controls?
Each correct answer represents a complete solution. Choose three.
Question267: Which of the following layers of the OSI model provides end-to-end service?
Question268: Which of the following statements about buffer overflow are true?
Each correct answer represents a complete solution. Choose two.
Question269: SIMULATION
Fill in the blanks with the appropriate values.
International Data Encryption Algorithm (IDEA) is a ______ -bit block cipher that uses a _____-bit key.
Question270: Which of the following statements regarding the Secure Sockets Layer (SSL) security model are true?
Each correct answer represents a complete solution. Choose two.
Question271: Which of the following are threats to network security?
Each correct answer represents a complete solution. Choose two.
Question272: Which of the following are the types of access controls?
Each correct answer represents a complete solution. Choose three.
Question273: Which of the following types of safes can be chosen by an organization to store data backups or other types of valuables?
Each correct answer represents a complete solution. Choose three.
Question274: Which of the following protocols work at the Application layer of an OSI model?
Each correct answer represents a complete solution. Choose three.
Question275: Which of the following types of attacks is targeting a Web server with multiple compromised computers that are simultaneously sending hundreds of FIN packets with spoofed IP source IP addresses?
Question276: Which of the following are types of social engineering attacks?
Each correct answer represents a complete solution. Choose two.
Question277: Which of the following are the application layer protocols for security?
Each correct answer represents a complete solution. Choose three.
Question278: Which of the following encryption algorithms are based on block ciphers?
Question279: Which of the following attacks is specially used for cracking a password?
Question280: Which of the following entities is used by Routers and firewalls to determine which packets should be forwarded or dropped?
Question281: Which of the following terms refers to the method that allows or restricts specific types of packets from crossing over the firewall?
Question282: Which of the following is the process of finding weaknesses in cryptographic algorithms and obtaining the plaintext or key from the ciphertext?
Question283: Which of the following involves changing data prior to or during input to a computer in an effort to commit fraud?
Question284: Which of the following statements about symmetric encryption are true?
Each correct answer represents a complete solution. Choose three.
Question285: Which of the following cables provides maximum security against electronic eavesdropping on a network?
Question286: Which of the following is the default port for the NetBIOS name service?
Question287: Routers and firewalls use _______ to determine which packets should be forwarded or dropped.
Question288: Which of the following statements about Dynamic Host Configuration Protocol (DHCP) are true?
Each correct answer represents a complete solution. Choose two.
Question289: You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.PassGuide.com. What is the most likely cause?
Question290: Which of the following is a network service that stores and organizes information about a network users and network resources and that allows administrators to manage users' access to the resources?
Question291: Which of the following is ensured by the concept of availability in information system security?
Question292: Which of the following is a process of monitoring data packets that travel across a network?
Question293: What does the Internet encryption and authentication system named RSA stand for?
Question294: You work as a Network Administrator for NetTech Inc. The company's network has a Windows 2000 domain-based network. You want to prevent malicious e-mails from entering the network from the non- existing domains. What will you do to accomplish this?
Question295: Which of the following type of errors occurs when a legitimate user incorrectly denied access to resources by the Biometrics authentication systems?
Question296: Which of the following protocols provides maintenance and error reporting function?
Question297: Which of the following statements about System Access Control List (SACL) is true?
Question298: Which of the following are the centralized administration technologies?
Each correct answer represents a complete solution. Choose all that apply.
Question299: In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?
Question300: Which of the following statements are true about a Gantt chart?
Each correct answer represents a complete solution. Choose all that apply.
Question301: Which of the following protocols is used to retrieve e-mails from a remote mail server?
Question302: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?
Question303: Which of the following statements about packet filtering is true?
Question304: Which of the following services are provided by Remote Authentication Dial-In User Service (RADIUS)?
Each correct answer represents a complete solution. Choose three.
Question305: In which of the following IDS evasion attacks does an attacker send a data packet such that IDS accepts the data packet but the host computer rejects it?
Question306: A war dialer is a tool that is used to scan thousands of telephone numbers to detect vulnerable modems. It provides an attacker unauthorized access to a computer. Which of the following tools can an attacker use to perform war dialing?
Each correct answer represents a complete solution. Choose all that apply.
Question307: Which of the following IP addresses are private addresses?
Each correct answer represents a complete solution. Choose all that apply.
Question308: You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails.
Which of the following will you use to accomplish this?
Question309: Which of the following are the responsibilities of the owner with regard to data in an information classification program?
Each correct answer represents a complete solution. Choose three.
Question310: Which of the following steps can be taken to protect laptops and data they hold?
Each correct answer represents a complete solution. Choose all that apply.
Question311: You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails.
Which of the following will you use to accomplish this?
Question312: Which of the following is not a major concern in traditional business transactions as compare to online transactions?
Question313: Which of the following attributes are used by Lightweight Directory Access Protocol (LDAP) to notify the names of active directory elements?
Each correct answer represents a complete solution. Choose three.
Question314: Which of the following security models deal only with integrity?
Each correct answer represents a complete solution. Choose two.
Question315: Which of the following terms refers to the process in which headers and trailers are added around user data?
Question316: You work as a Network Administrator for Net World International. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server
2003. There are ten Sales Managers in the company. The company has recently provided laptops to all its Sales Managers. All the laptops run Windows XP Professional. These laptops will be connected to the company's network through wireless connections. The company's management wants to implement Shared Key authentication for these laptops. When you try to configure the network interface card of one of the laptops for Shared Key authentication, you find no such option. What will you do to enable Shared Key authentication?
Question317: Which of the following ports is used by the control connection on the FTP server?
Question318: Which of the following layers protocols handles file transfer and network management?
Question319: Perfect World Inc., provides its sales managers access to the company's network from remote locations.
The sales managers use laptops to connect to the network. For security purposes, the company's management wants the sales managers to log on to the network using smart cards over a remote connection. Which of the following authentication protocols should be used to accomplish this?
Question320: Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?
Question321: The TCP/IP protocol suite uses ____ to identify which service a certain packet is destined for.
Question322: Which of the following conditions the line to keep voltage steady and clean?
Question323: Which of the following tools is NOT used for logging network activities in the Linux operating system?
Each correct answer represents a complete solution. Choose all that apply.
Question324: Which of the following protocols work at the Session layer of the OSI model?
Question325: Which of the following is the default port for Secure Shell (SSH)?
Question326: Which of the following is the most secure authentication method?
Question327: Which of the following is the most secure place to host a server that will be accessed publicly through the Internet?
Question328: What are packet sniffers?
Question329: Which of the following is used to implement a procedure to control inbound and outbound traffic on a network?
Question330: Which of the following ports is assigned by the Internet Assigned Number Authority (IANA) for RADIUS accounting?
Question331: Which of the following authentication methods is used to access public areas of a Web site?
Question332: Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol?
Each correct answer represents a complete solution. Choose all that apply.
Question333: Which of the following ports is used by a BOOTP server?
Question334: Copper cabling comes under the _______ layer of the OSI model.
Question335: Which of the following are man-made threats that an organization faces?
Each correct answer represents a complete solution. Choose three.
Question336: Which of the following ports is assigned by Internet Assigned Number Authority (IANA) for RADIUS authentication?
Question337: Which of the following statements about extranet are true?
Each correct answer represents a complete solution. Choose two.
Question338: Which of the following protocols implements VPN using IPSec?
Question339: Which of the following is the rating for paper or wood fires?
Question340: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using the TFN and Trin00 tools to test the security of the We-aresecure server, so that he can check whether the server is vulnerable or not. Using these tools, which of the following attacks can John perform to test the security of the We-are-secure server?
Question341: Which of the following statements about Discretionary Access Control List (DACL) is true?
Question342: You work as a Network Administrator for NetTech Inc. The company has a network that consists of 200 client computers and ten database servers. One morning, you find that a hacker is accessing unauthorized data on a database server on the network. Which of the following actions will you take to preserve the evidences?
Each correct answer represents a complete solution. Choose three.
Question343: Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?
Question344: Identify whether the given statement is true or false.
"Availability is a term that refers to the reliable and timely access to data and resources that you are authorized to use."
Question345: Which of the following records is the first entry in a DNS database file?
Question346: Which of the following is a source port forwarder and redirector tool?
Question347: Which of the following statements about IEEE 802.1X standard are true?
Each correct answer represents a complete solution. Choose two.
Question348: Which of the following languages is a fourth-generation language?
Question349: Which of the following statements about digital signature are true?
Each correct answer represents a complete solution. Choose two.
Question350: Which of the following statements about role-based access control (RBAC) model is true?
Question351: Which of the following authentication protocols provides support for a wide range of authentication methods, such as smart cards and certificates?
Question352: You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network.
You have configured a firewall on the network. A filter has been applied to block all the ports. You want to enable sending and receiving of emails on the network. Which of the following ports will you open?
Each correct answer represents a complete solution. Choose two.
Question353: In which of the following scanning techniques does a scanner connect to an FTP server and request that server to start data transfer to the third system?
Question354: Which of the following protocols is used for sending e-mail messages between e-mail servers?
Question355: How many layers does the TCP/IP model consist of?
Question356: Which of the following refers to a computer that must be secure because it is accessible from the Internet and is vulnerable to attacks?
Question357: How many voice channels are available in a T2 line?
Question358: Which of the following policies is set by a network administrator to allow users to keep their emails and documents for a fixed period of time?
Question359: The Children's Online Privacy Protection Act makes it illegal for Web sites to collect information from children under __ years of age without verifiable permission of a parent?
Question360: Which of the following rated systems of the Orange book has mandatory protection of the TCB?
Question361: Which of the following functions are performed by a firewall?
Each correct answer represents a complete solution. Choose all that apply.
Question362: Which of the following are examples of passive attacks?
Each correct answer represents a complete solution. Choose all that apply.
Question363: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He writes the following snort rule:

This rule can help him protect the We-are-secure server from the __________.
Question364: SIMULATION
Fill in the blank with the appropriate value.
International Data Encryption Algorithm (IDEA) operates on 64-bit blocks using a ________ -bit key.
Question365: Which of the following is a type of halon?
Question366: In which of the following attacks does the attacker confuse the switch itself into thinking two ports have the same MAC address?
Question367: Which of the following involves identifying and minimizing the effect of risks?
Question368: Which of the following statements about a brute force attack is true?
Question369: Which of the following protocols is used to provide security for wireless local area networks (WLANs)?
Question370: Which of the following is used for secure financial transactions over the Internet?
Question371: Which of the following is a technique used to attack an Ethernet wired or wireless network?
Question372: You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.PassGuide.com. What is the most likely cause?
Question373: Which of the following terms refers to the protection of data against unauthorized access?
Question374: Which of the following statements is true about a polymorphic virus?
Question375: Which of the following statements is true about transient noise?
Question376: Which of the following hashing algorithms produces a variable length hash value?
Question377: Which of the following statements about a fiber-optic cable are true?
Each correct answer represents a complete solution. Choose three.
Question378: You work in a company that accesses the Internet frequently. This makes the company's files susceptible to attacks from unauthorized access. You want to protect your company's network from external attacks.
Which of the following options will help you in achieving your aim?
Question379: Which of the following protocols is used to securely connect to a private network by a remote client using the Internet?
Question380: Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use?
Each correct answer represents a complete solution. Choose two.
Question381: Which of the following ports is the default port for IMAP4 protocol?
Question382: Which of the following terms is described by the statement given below?
"It allows the server to authenticate itself to the client by using public-key techniques. It then allows the client and server to cooperate in creating symmetric keys that are used for encryption, decryption, and tamper detection during the SSL session that follows."
Question383: Which of the following refers to a condition in which a computer repeatedly sends ICMP echo requests to another host?
Question384: In which of the following processes, a DNS server may return an incorrect IP address, diverting traffic to another computer?
Question385: Which of the following statements about incremental backup are true?
Each correct answer represents a complete solution. Choose two.
Question386: Which of the following are examples of passive attacks?
Each correct answer represents a complete solution. Choose all that apply.
Question387: You work as a Network Administrator for NetTech Inc. Your computer has the Windows 2000 Server operating system. You want to harden the security of the server. Which of the following changes are required to accomplish this?
Each correct answer represents a complete solution. Choose two.
Question388: Which of the following refers to encrypted text?
Question389: Which of the following methods can be helpful to eliminate social engineering threat?
Each correct answer represents a complete solution. Choose three.
Question390: Which of the following statements about DES (Data Encryption Standard) is true?
Question391: Which of the following statements about Network Address Translation (NAT) are true?
Each correct answer represents a complete solution. Choose three.
Question392: Which of the following techniques allows an attacker to take network traffic coming towards a host at one port and redirect it from that host to another host.
Question393: The 802.11b wireless standard has a data transfer speed of up to ________.
Question394: Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?
Question395: John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his task?
Question396: When no anomaly is present in an Intrusion Detection, but an alarm is generated, the response is known as __________.
Question397: Which of the following protocols is used with a tunneling protocol to provide security?
Question398: You work as a Network Administrator for NetTech Inc. You want to have secure communication on the company's intranet. You decide to use public key and private key pairs. What will you implement to accomplish this?
Question399: Which of the following is a reason to implement security logging on a DNS server?
Question400: You work as a Network Administrator for NetTech Inc. Employees in remote locations connect to the company's network using Remote Access Service (RAS). Which of the following will you use to protect the network against unauthorized access?
Question401: Which of the following protocols implements VPN using IPSec?
Question402: Which of the following are the differences between PPTP and L2TP?
Each correct answer represents a complete solution. Choose three.
Question403: Which of the following are the benefits of information classification for an organization?
Question404: Which of the following processes is known as sanitization?
Question405: Which of the following encryption strengths is used to secure NTLM version 2 passwords?
Question406: You work as a Network Administrator for Rick International. The company has a TCP/IP-based network. A user named Kevin wants to set an SSH terminal at home to connect to the company's network. You have to configure your company's router for it. By default, which of the following standard ports does the SSH protocol use for connection?
Question407: Which of the following protocols is used to send e-mails on the Internet?
Question408: Which of the following protocols work at the session layer of the OSI model?
Each correct answer represents a complete solution. Choose two.
Question409: Which of the following types of virus is capable of changing its signature to avoid detection?
Question410: Which of the following enables an inventor to legally enforce his right to exclude others from using his invention?
Question411: Which of the following books is used to examine integrity and availability?
Question412: Which of the following statements about Public Key Infrastructure (PKI) are true?
Each correct answer represents a complete solution. Choose two.
Question413: Which of the following devices reads the destination's MAC address from each incoming data packet and forwards the data packet to its destination?
Question414: At which of the following OSI model layers does the IPSec protocol work?
Question415: Which of the following should be implemented to protect an organization from spam?
Question416: A ________ attack occurs when an attacker successfully inserts an intermediary software or program between two communicating hosts.
Question417: Which of the following statements about certification authority (CA) are true?
Each correct answer represents a complete solution. Choose two.
Question418: Which of the following categories of UTP cable has maximum data transfer rate of 155 Mbps?
Question419: Which of the following access control models requires centralize database of user accounts?
Question420: These are false reports about non-existent viruses. In these reports, the writer often claims to do impossible things. Due to these false reports, the network administrator shuts down his network, which in turn affects the work of the company. These reports falsely claim to describe an extremely dangerous virus, and declare that the report is issued by a reputed company. These reports are known as
__________.
Question421: International Data Encryption Algorithm (IDEA) is a __________ block cipher.
Question422: You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer.
The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?
Question423: Which of the following is an attack with IP fragments that cannot be reassembled?
Question424: Which of the following protocols uses TCP port 22 as the default port and operates at the application layer?
Question425: Which of the following are ensured by the concept of integrity in information system security?
Each correct answer represents a complete solution. Choose two.
Question426: Which of the following records everything a person types using the keyboard?
Question427: Which of the following is an international treaty that governs intellectual property?
Question428: Which of the following protocols work at the Network layer of the OSI model?
Question429: Which of the following statements about buffer overflow is true?
Question430: Which of the following protocols is used to establish a secure TELNET session over TCP/IP?
Question431: Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2003 domainbased network. The company has two offices in different cities. The offices are connected through the Internet.
Both offices have a Windows 2003 server named SERV1 and SERV2 respectively. Mark is required to create a secure connection between both offices. He configures a VPN connection between the offices using the two servers. He uses L2TP for VPN and also configures an IPSec tunnel. Which of the following will he achieve with this configuration?
Each correct answer represents a part of the solution. Choose two.
Question432: Which of the following statements about Network Address Translation (NAT) are true?
Each correct answer represents a complete solution. Choose two.
Question433: Which of the following tools was developed by the FBI and is used for keystroke logging in order to capture encryption keys and other information useful for deciphering transmissions?
Question434: Which of the following key sizes is used by International Data Encryption Algorithm (IDEA)?
Question435: SSL session keys are available in which of the following lengths?
Question436: Which of the following layers are the sub layers of the data-link layer?
Each correct answer represents a complete solution. Choose all that apply.
Question437: Which of the following encryption algorithms are based on symmetric key cryptographic algorithms?
Each correct answer represents a complete solution. Choose all that apply.
Question438: You work as a Web Administrator for Perfect World Inc. The company is planning to host an Ecommerce Web site. You are required to design a security plan for it. Client computers with different operating systems will access the Web server. How will you configure the Web server so that it is secure and only authenticated users are able to access it?
Each correct answer represents a part of the solution. Choose two.
Question439: Which of the following are data link layer components?
Each correct answer represents a complete solution. Choose three.
Question440: John works as a contract Ethical Hacker. He has recently got a project to do security checking for www.we-are-secure.com. He wants to find out the operating system of the we-are-secure server in the information gathering step. Which of the following commands will he use to accomplish the task?
Each correct answer represents a complete solution. Choose two.
Question441: Which of the following can be prevented by an organization using job rotation and separation of duties policies?
Question442: Which of the following services are provided by Remote Authentication Dial-In User Service (RADIUS)?
Each correct answer represents a complete solution. Choose three.
Question443: In which of the following security tests does the security testing team simulate as an employee or other person with an authorized connection to the organization's network?
Question444: In which of the following security tests does the security testing team simulate as an employee or other person with an authorized connection to the organization's network?
Question445: Which of the following statements about a certificate is true?
Question446: Which of the following steps are generally followed in computer forensic examinations?
Each correct answer represents a complete solution. Choose three.
Question447: Which of the following uses a tunneling protocol?
Question448: Which of the following is required to be backed up on a domain controller to recover Active Directory?
Question449: Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?
Question450: Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol?
Each correct answer represents a complete solution. Choose all that apply.
Question451: John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He recommends a disk encryption tool to encrypt the secret files of the We-are- secure server. He presents a report to the We-are-secure authorities as given below:
It creates a virtual encrypted disk within a file and mounts it as a real disk.

It provides the following encryption algorithms:

AES-256

Serpent

Twofish

Mode of operation: XTS
It can also encrypt a partition or drive where an operations system is installed.

It provides two levels of plausible deniability in case an enemy forces it to reveal the password:

Hidden volume and hidden operating system

2nd layer of encryption for sensitive contents.

Which of the following tools is John recommending for disk encryption on the We-are-secure server?
Question452: Which of the following are tunneling protocols?
Each correct answer represents a complete solution. Choose two.
Question453: Which of the following is the method of hiding data within another media type such as graphic or document?
Question454: You are responsible for a Microsoft based network. Your servers are all clustered. Which of the following are the likely reasons for the clustering?
Each correct answer represents a complete solution. Choose two.
Question455: Which of the following types of computers is used for attracting potential intruders?
Question456: Which of the following is the best way of protecting important data against virus attack?
Question457: Which of the following methods of authentication uses finger prints to identify users?
Question458: Which of the following can be used to protect a computer system from malware, viruses, spyware, and various types of keyloggers?
Each correct answer represents a complete solution. Choose all that apply.
Question459: Which of the following statements about DMZ are true?
Each correct answer represents a complete solution. Choose two.
Question460: Which of the following protocols work at the network layer?
Each correct answer represents a complete solution. Choose three.
Question461: Which of the following processes is known as Declassification?
Question462: Which of the following is the rating for electronic or computer fires?
Question463: Which of the following allows an attacker to enter malicious data into a Website?
Question464: Which of the following needs to be documented to preserve evidences for presentation in court?
Question465: Which of the following viruses masks itself from applications or utilities to hide itself by detection of anti- virus software?
Question466: Which of the following services is provided by the message authentication code (MAC) ?
Question467: Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2000 domain- based network. Users report that they are unable to log on to the network. Mark finds that accounts are locked out due to multiple incorrect log on attempts. What is the most likely cause of the account lockouts?
Question468: Which of the following components come under the network layer of the OSI model?
Each correct answer represents a complete solution. Choose two.
Question469: In which of the following attacks does an attacker send a spoofed TCP SYN packet in which the target's IP address is filled in both the source and destination fields?
Question470: SIMULATION
Fill in the blank with the appropriate value.
SHA-1 produces a _________ -bit message digest.
Question471: Which of the following are the major tasks of risk management?
Each correct answer represents a complete solution. Choose two.
Question472: Which of the following provides the best protection against a man-in-the-middle attack?
Question473: Which of the following statements best describes VeriSign?
Question474: At which of the following layers of the Open System Interconnection (OSI) model the Internet Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) work?
Question475: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He notices that UDP port 137 of the We-are-secure server is open. Assuming that the Network Administrator of We-are-secure Inc. has not changed the default port values of the services, which of the following services is running on UDP port 137?
Question476: Which of the following statements about a bastion host is true?
Question477: Which of the following is the most secure policy for a firewall?
Question478: Which of the following statements about Digest authentication are true?
Each correct answer represents a complete solution. Choose two.
Question479: Which of the following statements about Due Care policy is true?
Question480: Brutus is a password cracking tool that can be used to crack the following authentications:
HTTP (Basic Authentication)

HTTP (HTML Form/CGI)

POP3 (Post Office Protocol v3)

FTP (File Transfer Protocol)

SMB (Server Message Block)

Telnet

Which of the following attacks can be performed by Brutus for password cracking?
Each correct answer represents a complete solution. Choose all that apply.
Question481: Which of the following provides protection from attacks at the application layer and prevents unauthorized access and packet spoofing?
Question482: Which of the following is the process of overwriting all addressable locations on a disk?
Question483: __________ is the process of verifying the identity of a user and obtaining required evidences from the user.
Question484: Which of the following statements about Discretionary Access Control List (DACL) is true?
Question485: Which of the following statements about Hypertext Transfer Protocol Secure (HTTPS) are true?
Each correct answer represents a complete solution. Choose two.
Question486: Which of the following statements about Network Address Translation (NAT) is true?
Question487: Which of the following access control models uses a role based method to determine access rights and permission?
Question488: Which of the following statements about IPSec are true?
Each correct answer represents a complete solution. Choose two.
Question489: Which of the following have been developed to address security issues in the e-commerce system?
Each correct answer represents a complete solution. Choose two.
Question490: Which of the following is used in asymmetric encryption?
Question491: Which of the following terms refers to the method that allows or restricts specific types of packets from crossing over the firewall?
Question492: Which of the following should propose applicable and effective security controls for managing the risks?
Question493: On which of the following OSI model layers does IPSec operate?
Question494: On which of the following OSI model layers does the Point-to-Point Protocol (PPP) work?
Question495: Which of the following is used to allow or deny access to network resources?
Question496: Which of the following components come under the network layer of the OSI model?
Each correct answer represents a complete solution. Choose two.
Question497: Which of the following types of halon is found in portable extinguishers and is stored as a liquid?
Question498: John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. While examining a log report, he finds that an intrusion has been attempted by an attacker whose IP address is 0x40.0x3A.0x2B.0xE6. Which of the following decimal IP addresses will respond to the ping on the above Hexadecimal IP address?
Question499: Which of the following encryption algorithms are based on stream ciphers?
Each correct answer represents a complete solution. Choose two.
Question500: Which of the following evidences are the collection of facts that, when considered together, can be used to infer a conclusion about the malicious activity/person?
Question501: Which of the following is not a level of military data-classification system?
Question502: Which of the following are the examples of administrative controls?
Each correct answer represents a complete solution. Choose all that apply.
Question503: Which of the following are politically motivated threats that an organization faces?
Each correct answer represents a complete solution. Choose all that apply.
Question504: Which of the following law does not protect intellectual property?
Question505: Which of the following is the rating for gasoline or oil fires?
Question506: What are the benefits of using a proxy server on a network?
Each correct answer represents a complete solution. Choose all that apply.
Question507: Which of the following terms is synonymous with the willful destruction of another person's property?
Question508: Which of the following is an entry in an object's discretionary access control list (DACL) that grants permissions to a user or group?
Question509: You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem. Which of the following utilities will you use to diagnose the problem?
Question510: Which of the following reads and writes data across network connections by using the TCP/IP protocol?
Question511: Which of the following are the ways of sending secure e-mail messages over the Internet?
Each correct answer represents a complete solution. Choose two.
Question512: Which of the following statements about the One Time Password (OTP) security system are true?
Each correct answer represents a complete solution. Choose two.
Question513: Which of the following statements is true about auditing?
Question514: Which of the following is a technique used to attack an Ethernet wired or wireless network?
Question515: Which of the following statements about smurf is true?
Question516: Which of the following protocols is used to establish a secure TELNET session over TCP/IP?
Question517: Which of the following is used by the Diffie-Hellman encryption algorithm?
Question518: Which of the following can be prevented by an organization using job rotation and separation of duties policies?
Question519: Which of the following performs packet screening for security on the basis of port numbers?
Question520: Which of the following statements about system hardening are true?
Each correct answer represents a complete solution. Choose two.
Question521: Which of the following allows an administrator to find weak passwords on the network?
Question522: John works as an Ethical Hacker for PassGuide Inc. He wants to find out the ports that are open in PassGuide's server using a port scanner. However, he does not want to establish a full TCP connection.
Which of the following scanning techniques will he use to accomplish this task?
Question523: You work as a Network Administrator for NetTech Inc. The company's network is connected to the Internet.
For security, you want to restrict unauthorized access to the network with minimum administrative effort.
You want to implement a hardware-based solution. What will you do to accomplish this?
Question524: Which of the following is used by attackers to obtain an authenticated connection on a network?
Question525: Which of the following key sizes is used by International Data Encryption Algorithm (IDEA)?
Question526: Which of the following types of coaxial cable is used for cable TV and cable modems?
Question527: Which of the following protocols implements VPN using IPSec?
Question528: Which of the following terms is used for the process of securing a system or a device on a network infrastructure?
Question529: John works as a C programmer. He develops the following C program:
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
int buffer(char *str) {
char buffer1[10];
strcpy(buffer1, str);
return 1;
}
int main(int argc, char *argv[]) {
buffer (argv[1]);
printf("Executed\n");
return 1;
}
His program is vulnerable to a __________ attack.
Question530: Which of the following statements about Secure Sockets Layer (SSL) are true?
Each correct answer represents a complete solution. Choose two.
Question531: How long are cookies in effect if no expiration date is set?
Question532: Which of the following security models dictates that subjects can only access objects through applications?
Question533: What will be the best strategy to prevent employees on a Local Area Network from performing unauthorized activities?
Question534: Which of the following is used to prevent the electronic emissions of a computer from being used by unauthorized users?
Question535: Which of the following is a type of scam that entice a user to disclose personal information such as social security number, bank account details, or credit card number?
Question536: Which of the following entities is used by Routers and firewalls to determine which packets should be forwarded or dropped?
Question537: Key escrow is a method of __________.
Question538: Which of the following features of a switch helps to protect network from MAC flood and MAC spoofing?
Question539: You work as a Network Administrator for Infonet Inc. The company's network has an FTP server.
You want to secure the server so that only authorized users can access it. What will you do to accomplish this?
Question540: Which of the following two components does Kerberos Key Distribution Center (KDC) consist of?
Each correct answer represents a complete solution. Choose two.
Question541: Which of the following are advantages of NTFS file system over FAT32 and FAT?
Each correct answer represents a part of the solution. Choose two.
Question542: Which of the following statement about snooping is true?
Question543: Which of the following terms is used for a router that filters traffic before it is passed to the firewall?
Question544: Which of the following devices reads the destination's MAC address from each incoming data packet and forwards the data packet to its destination?
Question545: You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem. Which of the following utilities will you use to diagnose the problem?
Question546: Which of the following protocols are used to provide secure communication between a client and a server over the Internet?
Each correct answer represents a part of the solution. Choose two.
Question547: Which of the following tools can be used by a user to hide his identity?
Each correct answer represents a complete solution. Choose all that apply.
Question548: In which of the following does a Web site store information such as user preferences to provide customized services to users?
Question549: Which of the following is a remote access protocol that supports encryption?
Question550: Identify whether the given statement is true or false.
"Social engineering is the art of convincing people and making them disclose useful information such as account names and passwords."
Question551: Which of the following ports is the default port for Layer 2 Tunneling Protocol (L2TP) ?
Question552: Which of the following are natural environmental threats that an organization faces?
Each correct answer represents a complete solution. Choose two.
Question553: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. In order to do so, he performs the following steps of the preattack phase successfully:
Information gathering

Determination of network range

Identification of active systems

Location of open ports and applications

Now, which of the following tasks should he perform next?
Question554: Which of the following is known as a message digest?
Question555: Which of the following are the types of password guessing attacks?
Each correct answer represents a complete solution. Choose two.
Question556: Which of the following types of attacks occurs when attackers enter a system or capture network traffic and make changes to selected files or data packets?
Question557: Which of the following protocols are used to provide secure communication between a client and a server over the Internet?
Each correct answer represents a part of the solution. Choose two.
Question558: Which of the following is a reason to implement security logging on a DNS server?
Question559: Which of the following is a reason to implement security logging on a DNS server?
Question560: Which of the following is generally practiced by the police or any other recognized governmental authority?
Question561: Which of the following terms refers to a steady lower voltage state without a complete loss of power?
Question562: SIMULATION
Fill in the blank with the appropriate value.
Service Set Identifiers (SSIDs) are case sensitive text strings that have a maximum length of_______ characters.
Question563: Which of the following is the default port for DNS zone transfer?
Question564: You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.PassGuide.com. What is the most likely cause?
Question565: Which of the following is the new permissions model in Microsoft Exchange Server 2010, which enables you to control, at broad and granular levels, what administrators and end-users can do?
Question566: Which of the following techniques are used to secure wireless networks?
Each correct answer represents a complete solution. Choose three.
Question567: Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security equivalent to wired networks for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. Which of the following statements are true about WEP?
Each correct answer represents a complete solution. Choose all that apply.
Question568: You work as a Network Administrator for Infonet Inc. The company's network is connected to the Internet.
The network has a Web server that is accessible to Internet users. For security, you want to keep the Web server separate from other servers on the network. Where will you place the Web server?
Question569: You are installing Windows 2000 Server. You decide to use RAID-5 volume disk configuration for fault tolerance. What is the minimum number of disk drives required for implementing RAID-5 volumes?
Question570: Which of the following refers to a computer that must be secure because it is accessible from the Internet and is vulnerable to attacks?
Question571: Where are user accounts and passwords stored in a decentralized privilege management environment?
Question572: Which of the following types of attacks slows down or stops a server by overloading it with requests?
Question573: Which of the following is the process of finding weaknesses in cryptographic algorithms and obtaining the plaintext or key from the ciphertext?
Question574: An attacker sends a large number of packets to a target computer that causes denial of service. Which of the following type of attacks is this?
Question575: Which of the following is a type of intruder detection that involves logging network events to a file for an administrator to review later?
Question576: Which of the following is NOT a countermeasure against a spoofing attack?
Question577: Which of the following types of attacks is only intended to make a computer resource unavailable to its users?
Question578: Which of the following is a process of monitoring data packets that travel across a network?
Question579: John works as a professional Ethical Hacker. He has been assigned a project for testing the security of www.we-are-secure.com. He wants to corrupt an IDS signature database so that performing attacks on the server is made easy and he can observe the flaws in the We-are-secure server. To perform his task, he first of all sends a virus that continuously changes its signature to avoid detection from IDS. Since the new signature of the virus does not match the old signature, which is entered in the IDS signature database, IDS becomes unable to point out the malicious virus. Which of the following IDS evasion attacks is John performing?
Question580: Which of the following is a program that monitors data packets traveling across a network?
Question581: Which of the following is an authentication protocol?
Question582: Which of the following database types is a collection of tables that are linked by their primary keys?
Question583: Which of the following technologies are forms of single sign-on (SSO)?
Each correct answer represents a complete solution. Choose three.
Question584: You work as a Network Administrator for NetTech Inc. The company's network has a Windows 2000 domain-based network. An employee of the company is dismissed for attempting to access secret data on the network. What measure will you take next to make the network secure?
Question585: Which of the following hardware devices prevents broadcasts from crossing over subnets?
Question586: Which of the following protocols is used to send e-mails on the Internet?
Question587: Which of the following refers to the emulation of the identity of a network computer by an attacking computer?
Question588: Which of the following types of firewalls looks deep into packets and makes granular access control decisions?
Question589: Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?
Question590: Which of the following types of Network Address Translation (NAT) uses a pool of public IP addresses?
Question591: Which of the following tools is a component of Cisco Adaptive Security Appliance (ASA) and provides an in-depth security design to prevent various types of problems such as viruses, spams, and spyware?
Question592: Which of the following can be prevented by an organization using job rotation and separation of duties policies?
Question593: Which of the following technologies are forms of single sign-on (SSO)?
Each correct answer represents a complete solution. Choose three.
Question594: Which of the following processes removes data from the media so that it is difficult to restore?
Question595: Which of the following statements about the Instant messaging programs are true?
Each correct answer represents a complete solution. Choose all that apply.
Question596: Which of the following methods backs up all changes made since the last full or normal backup?
Question597: John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1.
Original cookie values:
ItemID1=2
ItemPrice1=900
ItemID2=1
ItemPrice2=200
Modified cookie values:
ItemID1=2
ItemPrice1=1
ItemID2=1
ItemPrice2=1
Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price.
Which of the following hacking techniques is John performing?
Question598: Which of the following is referred to as Radio Frequency Interference (RFI) and Electromagnetic Interference (EMI)?
Question599: Which of the following classes of IP addresses allows a maximum of 2,097,152 networks?
Question600: You work as a Network Administrator for McRoberts Inc. The company has a TCP-based network, which is connected to the Internet. Users use their Web browsers to connect to Web servers and to view different Web pages. Which of the following protocols ensures a secure connection between a Web browser and a Web server?
Question601: Which of the following is the default port for TACACS?
Question602: Which of the following are the goals of the cryptographic systems?
Each correct answer represents a complete solution. Choose three.
Question603: In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone's DNS servers by flooding them with a lot of requests.
Which of the following tools can an attacker use to perform a DNS zone transfer?
Each correct answer represents a complete solution. Choose all that apply.
Question604: Which of the following protects against unauthorized access to confidential information via encryption and works at the network layer?
Question605: Which of the following protocols is built in the Web server and browser to encrypt data traveling over the Internet?
Question606: Which of the following federal laws are related to hacking activities?
Each correct answer represents a complete solution. Choose three.
Question607: Which of the following statements about a perimeter network are true?
Each correct answer represents a complete solution. Choose three.
Question608: Which of the following is a type of scam that entice a user to disclose personal information such as social security number, bank account details, or credit card number?
Question609: Mark works as a Network Administrator for We-are-secure Inc. He finds that the We-are-secure server has been infected with a virus. He presents to the company a report that describes the symptoms of the virus.
A summary of the report is given below:
This virus has a dual payload, as the first payload of the virus changes the first megabyte of the hard drive to zero. Due to this, the contents of the partition tables are deleted and the computer hangs. The second payload replaces the code of the flash BIOS with garbage values. This virus spreads under the Portable Executable File Format under Windows 95, Windows 98, and Windows ME.
Which of the following viruses has the symptoms as the one described above?
Question610: Which of the following IP addresses are private addresses?
Each correct answer represents a complete solution. Choose all that apply.
Question611: Which of the following provides the best protection against a man-in-the-middle attack?
Question612: In which of the following attacks does the attacker confuse the switch itself into thinking two ports have the same MAC address?
Question613: Which of the following types of activities can be audited for security?
Each correct answer represents a complete solution. Choose three.
Question614: Which of the following is an industry standard authentication protocol commonly used in UNIX networks?
Question615: Which of the following law does not protect intellectual property?
Question616: Which of the following are default ports for the FTP service?
Each correct answer represents a complete solution. Choose two.
Question617: Which of the following works at the network layer and hides the local area network IP address and topology?
Question618: Identify whether the given statement is true or false.
"Replay attack is a type of attack in which attackers capture packets containing passwords or digital signatures whenever packets pass between two hosts on a network."
Question619: Which of the following are the centralized administration technologies?
Each correct answer represents a complete solution. Choose all that apply.
Question620: Which of the following is the best method to stop vulnerability attacks on a Web server?
Question621: You work as a Network Administrator for NetTech Inc. The company's network has a Windows 2000 domain-based network. You want to prevent malicious e-mails from entering the network from the non- existing domains. What will you do to accomplish this?