EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following is the most secure place to host a server that will be accessed publicly through the Internet?

Question2: Mark works as a project engineer in Tech Perfect Inc. His office is configured with Windows XP-based computers. The computer that he uses is not configured with a default gateway. He is able to access the Internet, but is not able to use e-mail services via the Internet. However, he is able to access e-mail services via the intranet of the company.
Which of the following could be the reason of not being able to access e-mail services via the Internet?

Question3: Which of the following is Microsoft's implementation of the file and application server for the Internet and private intranets?

Question4: You have made a program secure.c to display which ports are open and what types of services are running on these ports. You want to write the program's output to standard output and simultaneously copy it into a specified file.
Which of the following commands will you use to accomplish the task?

Question5: Which of the following statements about URL rewriting are true?

Question6: Which of the following processes are involved under the COBIT framework?

Question7: Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2003 Active Directory domain-based network. The domain consists of a domain controller, two Windows 2003 member servers, and one hundred client computers. The company employees use laptops with Windows XP Professional. These laptops are equipped with wireless network cards that are used to connect to access points located in the Marketing department of the company. The company employees log on to the domain by using a user name and password combination. The wireless network has been configured with WEP in addition to 802.1x. Mark wants to provide the best level of security for the kind of authentication used by the company.
What will Mark do to accomplish the task?

Question8: The Security Auditor's Research Assistant (SARA) is a third generation network security analysis tool.
Which of the following statements are true about SARA? (Choose two)

Question9: Which of the following functions are performed by methods of the HttpSessionActivationListener interface?

Question10: You are the Security Consultant and you frequently do vulnerability assessments on client computers. You want to have a standardized approach that would be applicable to all of your clients when doing a vulnerability assessment.
What is the best way to do this?

Question11: A Cisco router can have multiple connections to networks. These connections are known as interfaces for Cisco Routers. For naming each interface, Cisco generally uses the type of interface as part of the name.
Which of the following are true about the naming conventions of Cisco Router interfaces?

Question12: You work as a Network Administrator for Tech Perfect Inc. You have a laptop running Windows Vista Ultimate. You want to configure Windows Defender on your laptop so that it does not take any action automatically whenever it scans malicious software. Rather, it should recommend the action and wait for your approval for taking any action.
Which of the following actions will you take to accomplish the task?

Question13: You work as the Project Engineer for XYZ CORP. The company has a Unix-based network. Your office consists of one server, seventy client computers, and one print device. You raise a request for printing a confidential page. After 30 minutes, you find that your print request job is not processed and is at the seventh position in the printer queue. You analyze that it shall take another one hour to print. You decide to remove your job from the printer queue and get your page printed outside the office.
Which of the following Unix commands can you use to remove your job from the printer queue?

Question14: Which of the following is a wireless auditing tool that is used to pinpoint the actual physical location of wireless devices in the network?

Question15: DRAG DROP
You work as a Network Administrator for Blue Well Inc. The company has a TCP/IP-based network environment. The network contains Cisco switches and a Cisco Catalyst router. The network is configured as shown in the image below:

You want to enable Host A to access the Internet. For this, you need to configure the default gateway settings. Choose the appropriate address to accomplish the task.
Select and Place:

Question16: Which of the following records is the first entry in a DNS database file?

Question17: HOTSPOT
George works as an Office Assistance in TechSoft Inc. All client computers in the company run Windows Vista operating system. He has turned on the Windows Firewall for security purposes. He prepares a document and wants to share it with other users of the company. When he tries to share the document, he gets a message that firewall has blocked the sharing of the files on his computer. He wants to ensure that that the firewall does not block sharing of the document. He opens Windows Firewall dialog box.
What actions will he perform in the dialog box to accomplish the task?
Hot Area:

Question18: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party.
Which of the following scanning techniques will John use to accomplish his task?

Question19: You work as the Network Administrator for Perfect Solutions Inc. The company has a Linux-based network.
You are a root user on the Red Hat operating system. You want to keep an eye on the system log file /var/ adm/messages.
Which of the following commands should you use to read the file in real time?

Question20: Which of the following statements about invalidating a session is true?

Question21: You are responsible for a number of Windows Server 2003 DNS servers on a large corporate network.
You have decided to audit the DNS server logs.
Which of the following are likely errors you could encounter in the log? (Choose two)

Question22: Which of the following tools can be used to perform tasks such as Windows password cracking, Windows enumeration, and VoIP session sniffing?

Question23: Which of the following responsibilities does not come under the audit process?

Question24: You run the wc -c file1.txt command. If this command displays any error message, you want to store the error message in the error.txt file.
Which of the following commands will you use to accomplish the task?

Question25: You are concerned about possible hackers doing penetration testing on your network as a prelude to an attack.
What would be most helpful to you in finding out if this is occurring?

Question26: An executive in your company reports odd behavior on her PDA. After investigation you discover that a trusted device is actually copying data off the PDA. The executive tells you that the behavior started shortly after accepting an e-business card from an unknown person.
What type of attack is this?

Question27: Which of the following is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems, and fax machines?

Question28: Which of the following tools hides information about IIS Webservers so that they can be prevented from various attacks performed by an attacker?

Question29: Which of the following statements are true about MS-CHAPv2?

Question30: You work as a Network Administrator for NTY Inc. The company has a secure wireless network. While auditing the network for maintaining security, you find an unknown node. You want to locate that node.
Which tool will you use to pinpoint the actual physical location of the node?

Question31: You work as a programmer for uCertify.Inc. You have a session object named session1 with an attribute named Attribute1, and an HttpSessionBindingEvent object binding1 bound to session1.
Which of the following will be used to retrieve Attribute1?

Question32: Network mapping provides a security testing team with a blueprint of the organization.
Which of the following steps is NOT a part of manual network mapping?

Question33: HOTSPOT
John works as an office assistance in an office. The office uses Windows Vista operating system. He wants to disable a program from running on a computer. He opens the Windows Defender window and clicks on the Tools link. He clicks on a link to view the list of programs running on the computer, selects a program and then clicks on the Disable button to disable it. Mark the option that John had chosen to view the list of programs running on the computer.
Hot Area:

Question34: DRAG DROP
Auditing is used to track user accounts for file and object access, logon attempts, system shutdown, and many more vulnerabilities to enhance the security of the network. It encompasses a wide variety of activities.
Place the different auditing activities in front of their descriptions.
Select and Place:

Question35: Data mining is a process of sorting through data to identify patterns and establish relationships. Which of the following data mining parameters looks for patterns where one event is connected to another event?

Question36: You work as a Security Administrator in Tech Perfect Inc. The company has a TCP/IP based network. The network has a vast majority of Cisco Systems routers and Cisco network switches. You have implemented four VPN connections in the network. You use the Cisco IOS on the network.
Which feature will you enable to maintain a separate routing and forwarding table for each VPN?

Question37: You work as a Network Administrator for XYZ CORP. The company has a Linux-based network. The company needs to provide secure network access. You have configured a firewall to prevent certain ports and applications from forwarding the packets to the company's intranet.
What does a firewall check to prevent these ports and applications from forwarding the packets to the intranet?

Question38: You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory- based single domain single forest network. The functional level of the forest is Windows Server 2003. The company has recently provided laptops to its sales team members. You have configured access points in the network to enable a wireless network. The company's security policy states that all users using laptops must use smart cards for authentication.
Which of the following authentication techniques will you use to implement the security policy of the company?

Question39: You are the Network Administrator for a company. You have decided to conduct a user access and rights review.
Which of the following would be checked during such a review? (Choose three)

Question40: Which of the following techniques can be used to determine the network ranges of any network?

Question41: Sam works as a Web Developer for McRobert Inc. He creates a Web site. He wants to include the following table in the Web site:
He writes the following HTML code to create the table:
1. <TABLE BORDER="1" WIDTH="500">
2. <TR>
3.
4.
5. </TR>
6. <TR>
7. <TD>
8. </TD>
9. <TD>
10. </TD>
11. <TD>
12. </TD>
13. </TR>
14. <TR>
15. <TD>
16. </TD>
17. <TD>
18. </TD>
19. <TD>
20. </TD>
21. </TR>
22. </TABLE>
Which of the following tags will Sam place at lines 3 and 4 to create the table?

Question42: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to allow direct access to the filesystems data structure.
Which of the following Unix commands can you use to accomplish the task?

Question43: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to impose some special access restrictions on users.
Which of the following Unix configuration files can you use to accomplish the task?

Question44: John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He is configuring the Apache Web server settings. He does not want the commands being used in the settings to be stored in the history.
Which of the following commands can he use to disable history?

Question45: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set the user login features on the systems with the shadow passwords.
Which of the following Unix configuration files can you use to accomplish the task?

Question46: DRAG DROP
You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory- based single domain single forest network. The functional level of the forest is Windows Server 2003. The Sales Managers in the company use laptops for connecting to the network. You are required to provide wireless connectivity on the network to all the Sales Managers. The security policy of the company dictates that the laptops should connect only to the access points on the network. The laptops should not be able to directly communicate with each other. You are required to implement the security policy of the company.
Choose the steps that you will take to accomplish the task.
Select and Place:

Question47: Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system.
Which of the following are the most likely threats to his computer? (Choose two)

Question48: Which of the following tools can be used by a user to hide his identity?

Question49: You work as a Database Administrator for Dolliver Inc. The company uses Oracle 11g as its database. You have used the LogMiner feature for auditing purposes.
Which of the following files store a copy of the data dictionary? (Choose two)

Question50: John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are- secure.com. He is working on the Linux operating system. He wants to sniff the we-are-secure network and intercept a conversation between two employees of the company through session hijacking.
Which of the following tools will John use to accomplish the task?

Question51: You work as a Network Administrator for XYZ CORP. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest single domain network. You have installed a Windows Server 2008 computer. You have configured auditing on this server. The client computers of the company use the Windows XP Professional operating system. You want to audit each event that is related to a user managing an account in the user database on the computer where the auditing is configured. To accomplish the task, you have enabled the Audit account management option on the server.
Which of the following events can be audited by enabling this audit option?

Question52: Which of the following are the drawbacks of the NTLM Web authentication scheme?

Question53: You work as a Network Administrator for XYZ CORP. The company's Windows 2000 network is configured with Internet Security and Acceleration (ISA) Server 2000. ISA Server is configured as follows: The server uses the default site and content rule and default IP packet filters. Packet filtering is enabled. The server has two protocol rules:

Users in the network complain that they are unable to access secure Web sites. However, they are able to connect to Web sites in which secure transmission is not required.
What is the most likely cause?

Question54: A sequence number is a 32-bit number ranging from 1 to 4,294,967,295. When data is sent over the network, it is broken into fragments (packets) at the source and reassembled at the destination system.
Each packet contains a sequence number that is used by the destination system to reassemble the data packets in the correct order. The Initial Sequence Number of your computer is 24171311 at login time. You connect your computer to a computer having the IP address 210.213.23.21. This whole process takes three seconds.
What will the value of the Initial Sequence Number be at this moment?

Question55: You work as a Database Administrator for XYZ CORP. The company has a multi-platform network. The company requires a database that can receive data from various types of operating systems. You want to design a multidimensional database to accomplish the task.
Which of the following statements are true about a multidimensional database?

Question56: Which of the following wireless security features provides the best wireless security mechanism?

Question57: You have purchased a laptop that runs Windows Vista Home Premium. You want to protect your computer from malicious applications, such as spyware, while connecting to the Internet. You configure Windows Defender on your laptop to schedule scan daily at 2 AM as shown in the image below:

You want Windows Defender to scan the laptop for all the known spyware and other potentially unwanted software, including the latest one. You do not want to manually perform this task.
Which of the following actions will you perform to accomplish the task?

Question58: TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. The combination of parameters may then be used to infer the remote operating system (OS fingerprinting), or incorporated into a device fingerprint.
Which of the following Nmap switches can be used to perform TCP/IP stack fingerprinting?

Question59: Which of the following commands will you use to watch a log file /var/adm/messages while the log file is updating continuously?

Question60: John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server. The output of the scanning test is as follows:
C.\whisker.pl -h target_IP_address -- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = -
= = Host: target_IP_address = Server: Apache/1.3.12 (Win32) ApacheJServ/1.1 mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22 + 200 OK: HEAD /cgi-bin/printenv John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server.
Which of the following statements about 'Printenv' vulnerability are true?

Question61: Which of the following statements about a screened host is true?

Question62: John works as a Network Auditor for XYZ CORP. The company has a Windows-based network. John wants to conduct risk analysis for the company.
Which of the following can be the purpose of this analysis? (Choose three)

Question63: You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. You want to configure the ACL with a Cisco router.
Which of the following router prompts can you use to accomplish the task?

Question64: Which of the following text editing tools can be used to edit text files without having to open them?

Question65: Which of the following can be the countermeasures to prevent NetBIOS NULL session enumeration in Windows 2000 operating systems?

Question66: George works as an office assistant in Soft Well Inc. The company uses the Windows Vista operating system. He wants to disable a program running on a computer.
Which of the following Windows Defender tools will he use to accomplish the task?

Question67: Which of the following listeners need not be configured in the deployment descriptor? (Choose two)

Question68: HOTSPOT
Sam works as a network administrator in Bluewell Inc. The company uses Windows Vista operating system. He wants to restore a program that is blocked by Windows Defender. He opens the Windows Defender window and clicks on the Tools link. He clicks on a link to view the list of programs blocked by Windows Defender, selects a program and then clicks on the Restore button to restore it. Mark the option that Sam had chosen to view the list of programs blocked by Windows Defender.
Hot Area:

Question69: DRAG DROP
You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory- based single domain single forest network. The functional level of the forest is Windows Server 2003. The company has recently provided laptops to its sales team members. You have configured access points in the network to enable a wireless network. The company's security policy states that all users using laptops must use smart cards for authentication. Select and place the authentication method you are required to configure to implement the security policy of the company.
Select and Place:

Question70: What will happen if you write the following parameters in the web.xml file?
<session-config>
<session-timeout>0</session-timeout>
</session-config>

Question71: Which of the following is a type of web site monitoring that is done using web browser emulation or scripted real web browsers?

Question72: Which of the following is the default port for Hypertext Transfer Protocol (HTTP)?

Question73: Which of the following types of attack is described in the statement below?
"It is a technique employed to compromise the security of network switches. In this attack, a switch is flooded with packets, each containing different source MAC addresses. The intention is to consume the limited memory set aside in the switch to store the MAC address-to-physical port translation table."

Question74: Which of the following is an enterprise-grade network/application/performance monitoring platform that tightly integrates with other smart building management systems, such as physical access control, HVAC, lighting, and time/attendance control?

Question75: Andrew works as a Network Administrator for Infonet Inc. The company has a Windows 2003 domain- based network. The network has five Windows 2003 member servers and 150 Windows XP Professional client computers. One of the member servers works as an IIS server. The IIS server is configured to use the IP address 142.100.10.6 for Internet users and the IP address 16.5.7.1 for the local network. Andrew wants the server to allow only Web communication over the Internet. He also wants to enable the local network users to access the shared folders and other resources.
How will Andrew configure the IIS server to accomplish this? (Choose three)

Question76: You have to ensure that your Cisco Router is only accessible via telnet and ssh from the following hosts and subnets: 10.10.2.103 10.10.0.0/24.
Which of the following sets of commands will you use to accomplish the task?

Question77: You work as a Network Administrator for XYZ CORP. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. The company's management has decided to provide laptops to its sales team members. These laptops are equipped with smart card readers. The laptops will be configured as wireless network clients. You are required to accomplish the following tasks: The wireless network communication should be secured. The laptop users should be able to use smart cards for getting authenticated. In order to accomplish the tasks, you take the following steps: Configure 802.1x and WEP for the wireless connections. Configure the PEAP-MS-CHAP v2 protocol for authentication.
What will happen after you have taken these steps?

Question78: You work as a Network Administrator for Tech Perfect Inc. For security issues, the company requires you to harden its routers. You therefore write the following code:
Router#config terminal
Router(config) #no ip bootp server
Router(config) #no ip name-server
Router(config) #no ntp server
Router(config) #no snmp server
Router(config) #no ip http server
Router(config) #^Z Router#
What services will be disabled by using this configuration fragment?

Question79: John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He has recently backed up his entire Linux hard drive into the my_backup.tgz file. The size of the my_backup.tgz file is 800MB. Now, he wants to break this file into two files in which the size of the first file named my_backup.tgz.aa should be
600MB and that of the second file named my_backup.tgz.ab should be 200MB.
Which of the following commands will John use to accomplish his task?

Question80: Which of the following are HTML tags, used to create a table?

Question81: Which of the following commands can be used to intercept and log the Linux kernel messages?

Question82: Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?

Question83: In 1947, the American Institute of Certified Public Accountants (AICPA) adopted GAAS to establish standards for audits.
Which of the following categories of audit standards established by GAAS are related to professional and technical competence, independence, and professional due care?

Question84: On which of the following does a CGI program execute?

Question85: Which of the following processes is described in the statement below?
"This is the process of numerically analyzing the effect of identified risks on overall project objectives."

Question86: Which of the following statements are true about locating rogue access points using WLAN discovery software such as NetStumbler, Kismet, or MacStumbler if you are using a Laptop integrated with Wi-Fi compliant MiniPCI card? (Choose two)

Question87: You are the Security Administrator for an Internet Service Provider. From time to time your company gets subpoenas from attorneys and law enforcement for records of customers' access to the internet. What policies must you have in place to be prepared for such requests?

Question88: You work as a Network Administrator for Blue Well Inc. The company has a TCP/IP-based routed network.
Two segments have been configured on the network as shown below:

One day, the switch in Subnet B fails. What will happen?

Question89: Which of the following methods is used to get a cookie from a client?
Note: Here, request is a reference of type HttpServletRequest, and response is a reference of type HttpServletResponse.

Question90: Pervasive IS controls can be used across all the internal departments and external contractors to define the direction and behavior required for the technology to function properly.
When these controls are implemented properly, which of the following areas show the reliability improvement? (Choose three)

Question91: DRAG DROP
You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based network environment. The network has two switches and a router as shown in the image below:

The router connects the network to the Internet. For security, you want to disable CDP for the interface connected to the Internet. However, you do not want to disable this information for the internal network.
Select the command (or series of commands) that you will issue to accomplish this task.
Select and Place:

Question92: Which of the following attacks allows the bypassing of access control lists on servers or routers, and helps an attacker to hide? (Choose two)

Question93: DRAG DROP
You are developing a business solution for Haynes Super Leather Inc. A case study for the organization is given in the exhibit. Based on the case study, you create different modules and interfaces and want to define the functionality between them. Drag and drop the appropriate functionalities that will make the interaction possible between modules and/or interfaces. Here, functionalities can be repetitive.
(Click the Exhibit button on the toolbar to see the case study.)
Select and Place:

Question94: Which of the following policies helps reduce the potential damage from the actions of one person?

Question95: Which of the following statements are true about a data mart?
Each correct answer represents a complete solution.

Question96: What is the purpose of Cellpadding attribute of <Table> tag?

Question97: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set some terminal characteristics and environment variables.
Which of the following Unix configuration files can you use to accomplish the task?

Question98: Which of the following types of firewall functions at the Session layer of OSI model?

Question99: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using the Linux operating system. He wants to use a wireless sniffer to sniff the We-are-secure network.
Which of the following tools will he use to accomplish his task?

Question100: You work as a Network Administrator for XYZ CORP. The company has a TCP/IP-based network environment. The network contains Cisco switches and a Cisco router. A user is unable to access the Internet from Host B.
You also verify that Host B is not able to connect to other resources on the network.
The IP configuration of Host B is shown below:

Which of the following is the most likely cause of the issue?

Question101: Which of the following are the countermeasures against WEP cracking?

Question102: You work as a Desktop Support Technician for XYZ CORP. The company uses a Windows-based network comprising 50 Windows XP Professional computers. You want to include the Safe Mode with Command Prompt feature into the boot.ini file of a Windows XP Professional computer.
Which of the following switches will you use?

Question103: Which of the following is a basic feature of the Unix operating system? (Choose three)

Question104: You are responsible for a large network that has its own DNS servers. You periodically check the log to see if there are any problems.
Which of the following are likely errors you might encounter in the log? (Choose three)

Question105: Mark works as a Web Developer for XYZ CORP. He is developing a Web site for the company. He wants to use frames in the Web site.
Which of the following is an HTML tag used to create frames?

Question106: You work as a Network Administrator for ABC Inc. The company uses a secure wireless network. John complains to you that his computer is not working properly. What type of security audit do you need to conduct to resolve the problem?

Question107: You work as the Network Administrator for a company. You configure a Windows 2000-based computer as the Routing and Remote Access server, so that users can access the company's network, remotely. You want to log a record of all the users who access the network by using Routing and Remote Access.
What will you do to log all the logon activities?

Question108: Which of the following statements about the /etc/profile file are true?

Question109: You have just taken over as the Network Administrator for a medium sized company. You want to check to see what services are exposed to the outside world.
What tool would you use to accomplish this?

Question110: Which of the following tools is used to make fake authentication certificates?

Question111: Which of the following is a prevention-driven activity to reduce errors in the project and to help the project meet its requirements?

Question112: You work as a Network Administrator for BetaTech Inc. You have been assigned the task of designing the firewall policy for the company.
Which of the following statements is unacceptable in the 'acceptable use statement' portion of the firewall policy?

Question113: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to see the username, real name, home directory, encrypted password, and other information about a user.
Which of the following Unix configuration files can you use to accomplish the task?

Question114: John works as a contract Ethical Hacker. He has recently got a project to do security checking for www.we-are-secure.com. He wants to find out the operating system of the we-are-secure server in the information gathering step.
Which of the following commands will he use to accomplish the task? (Choose two.)

Question115: Mark is an attacker. He wants to discover wireless LANs by listening to beacons or sending probe requests and thereby provide a launch point for further attacks.
Which of the following tools can he use to accomplish the task?

Question116: John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site.
Which of the following techniques is he using to accomplish his task?

Question117: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to see the local device files or 'links to device files' for a non-standard device driver.
Which of the following Unix configuration files should you use to accomplish the task?

Question118: Which of the following protocols is the mandatory part of the WPA2 standard in the wireless networking?

Question119: What are the different categories of PL/SQL program units?

Question120: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to identify the secure terminals from where the root can be allowed to log in.
Which of the following Unix configuration files can you use to accomplish the task?

Question121: Which of the following statements are true about WPA?

Question122: Which of the following is required by a Web-based application to connect to a database?

Question123: In which of the following attack techniques does an attacker try to intercept the successful handshake and then use a dictionary attack to retrieve the shared key?

Question124: Which of the following Web attacks is performed by manipulating codes of programming languages such as SQL, Perl, Java present in the Web pages?

Question125: You work as a Network Administrator for XYZ CORP. The company has a Linux-based network. You need to configure a firewall for the company. The firewall should be able to keep track of the state of network connections traveling across the network.
Which of the following types of firewalls will you configure to accomplish the task?

Question126: Which of the following are attributes of the <TABLE> tag? (Choose three)

Question127: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to see the local device files or 'links to device files' for a non-standard device driver.
Which of the following Unix configuration files should you use to accomplish the task?

Question128: Which of the following statements about a perimeter network are true? (Choose three)

Question129: You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP based switched network. A root bridge has been elected in the switched network. You have installed a new switch with a lower bridge ID than the existing root bridge.
What will happen?

Question130: John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He wants to break a dat a.txt file,
200MB in size, into two files in which the size of the first file named data.txt.aa should be 150MB and that of the second file named data.txt.ab should be 50MB. To accomplish his task and to further delete the data.txt file, he enters the following command:
split --verbose -b 150m data.txt data.txt. ; rm -vf data.txt
Which of the following commands can John use to join the splitted files into a new data.txt file?

Question131: Which of the following statements are true about SSIDs?

Question132: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set the hard disk geometry parameters, cylinders, heads, and sectors.
Which of the following Unix commands can you use to accomplish the task?

Question133: Martha works as a Web Developer for XYZ CORP. She is developing a Web site for the company. In the Web site, she uses multiple and overlapping style definitions to control the appearance of HTML elements.
What is this technique known as?

Question134: Which of the following internal control components provides the foundation for the other components and encompasses such factors as management's philosophy and operating style?

Question135: Which of the following encryption encoding techniques is used in the basic authentication method?

Question136: You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. The company wants to fix potential vulnerabilities existing on the tested systems. You use Nessus as a vulnerability scanning program to fix the vulnerabilities.
Which of the following vulnerabilities can be fixed using Nessus?

Question137: Which of the following is an attempt to give false information or to deny that a real event or transaction should have occurred?

Question138: You are the project manager of a Web development project. You want to get information about your competitors by hacking into their computers. You and the project team determine should the hacking attack not be performed anonymously, you will be traced. Hence, you hire a professional hacker to work on the project.
This is an example of what type of risk response?

Question139: Mark implements a Cisco unified wireless network for Tech Perfect Inc. Which functional area of the Cisco unified wireless network architecture includes intrusion detection and prevention?

Question140: In a network, a data packet is received by a router for transmitting it to another network. For forwarding the packet to the other available networks, the router is configured with a static or a dynamic route.
What are the benefits of using a static route?

Question141: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to print the super block and block the group information for the filesystem present on a system.
Which of the following Unix commands can you use to accomplish the task?

Question142: Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security equivalent to wired networks for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key.
Which of the following statements are true about WEP?

Question143: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to check the status of the printer and set its state.
Which of the following Unix commands can you use to accomplish the task?

Question144: John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail.
Which of the following techniques is he performing to accomplish his task?

Question145: Which of the following NFS mount options specifies whether a program using a file via an NFS connection should stop and wait for the server to come back online, if the host serving the exported file system is unavailable, or if it should report an error?

Question146: Mike works as a Network Engineer for XYZ CORP. The company has a multi-platform network. Recently, the company faced lots of blended threat issues that lead to several drastic attacks. Mike has been assigned a project to manage the resources and services of the company through both Intranet and Internet to protect the company from these attacks. Mike needs a system that provides auto-discovering and network topology building features to allow him to keep an intuitive view of the IT infrastructure.
What will Mike use to meet the requirement of the project?

Question147: SIMULATION
Fill in the blank with the appropriate command.
You want to search the most recent command that starts with the string 'user'. For this, you will enter the
________ command to get the desired result.

Question148: SIMULATION
Fill in the blanks with the appropriate protocol.
CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) is an IEEE encryption protocol created to replace both TKIP and ______.

Question149: Which of the following commands can you use to search a string 'pwd' in all text files without opening them? (Choose two)

Question150: Which of the following tools monitors the radio spectrum for the presence of unauthorized, rogue access points and the use of wireless attack tools?

Question151: Patricia joins XYZ CORP., as a Web Developer. While reviewing the company's Web site, she finds that many words including keywords are misspelled.
How will this affect the Web site traffic?

Question152: DRAG DROP
You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest single domain network. The company has recently provided laptops to its sales team members. You have configured access points in the network to enable a wireless network. The company's security policy states that all users using laptops must use smart cards for authentication. Select and place the authentication method you are required to configure to implement the security policy of the company.
Select and Place:

Question153: SIMULATION
Fill in the blank with the command to complete the statement below. Do not enter the full path of the command.
The ________ command supports system logging and kernel message trapping.

Question154: A Web developer with your company wants to have wireless access for contractors that come in to work on various projects. The process of getting this approved takes time. So rather than wait, he has put his own wireless router attached to one of the network ports in his department.
What security risk does this present?

Question155: Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?

Question156: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He notices that UDP port 137 of the We-are-secure server is open. Assuming that the Network Administrator of We-are-secure Inc. has not changed the default port values of the services.
Which of the following services is running on UDP port 137?

Question157: You work as a Network Architect for Tech Perfect Inc. The company has a TCP/IP based Enterprise network. The company uses Cisco IOS technologies in the Enterprise network. You have enabled system message logging (syslog) service on all the routers that are currently working in the network. The syslog service provides all the reports, and important error and notification messages. You want to store all the reports and messages.
Choose the locations where you can store all of these.

Question158: Mark works as a Network Administrator for We-are-secure Inc. He finds that the We-are-secure server has been infected with a virus. He presents to the company a report that describes the symptoms of the virus.
A summary of the report is given below:
This virus has a dual payload, as the first payload of the virus changes the first megabyte of the hard drive to zero. Due to this, the contents of the partition tables are deleted and the computer hangs. The second payload replaces the code of the flash BIOS with garbage values. This virus spreads under the Portable Executable File Format under Windows 95, Windows 98, and Windows ME.
Which of the following viruses has the symptoms as the one described above?

Question159: You work as a Network Administrator for XYZ CORP. The company has a TCP/IP-based network environment. The network contains Cisco switches and a Cisco router.
You run the following command for a router interface:
show interface serial0
You get the following output:
Serial0 is administratively down, line protocol is down
What will be your conclusion after viewing this output?

Question160: Which of the following tools can be used to read NetStumbler's collected data files and present street maps showing the logged WAPs as icons, whose color and shape indicates WEP mode and signal strength?

Question161: Which of the following statements about the <web-resource-collection> element are true?

Question162: Mark works as the Network Administrator for XYZ CORP. The company has a Unix-based network. Mark wants to scan one of the Unix systems to detect security vulnerabilities. To accomplish this, he uses TARA as a system scanner.
What can be the reasons that made Mark use TARA?

Question163: Mark works as a Database Administrator for MarLinc Inc. How will he execute a SQL command from the SQL buffer?

Question164: Peter works as a Web Developer for XYZ CORP. He is developing a Web site for the company. Peter specifies MARGINHEIGHT="0" and MARGINWIDTH="0" in one of the Web pages.
How will this affect the Web page?

Question165: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to see the list of the filesystems mounted automatically at startup by the mount -a command in the /etc/rc startup file.
Which of the following Unix configuration files can you use to accomplish the task?

Question166: Every network device contains a unique built in Media Access Control (MAC) address, which is used to identify the authentic device to limit the network access.
Which of the following addresses is a valid MAC address?

Question167: Which of the following allows the use of multiple virtual servers using different DNS names resolved by the same IP address?

Question168: The tool works under Windows 9x/2000. Which of the following tools can be used to automate the MITM attack?

Question169: You have recently joined as a Network Auditor in XYZ CORP. The company has a Windows-based network. You have been assigned the task to determine whether or not the company's goal is being achieved.
As an auditor, which of the following tasks should you perform before conducting the data center review?
Each correct answer represents a complete solution. Choose three.

Question170: Which of the following types of firewall ensures that the packets are part of the established session?

Question171: John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. You want to run two programs, foo and bar. You also want to ensure that bar is executed if and only if foo has executed successfully.
Which of the following command sequences will John use to accomplish the task?

Question172: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to track the system for user logins. To accomplish the task, you need to analyze the log configuration files.
Which of the following Unix log configuration files can you use to accomplish the task?

Question173: You want to change the number of characters displaying on the screen while reading a txt file. However, you do not want to change the format of the txt file.
Which of the following commands can be used to view (but not modify) the contents of the text file on the terminal screen at a time?

Question174: Which of the following tools is a Windows-based commercial wireless LAN analyzer for IEEE 802.11b and supports all high level protocols such as TCP/IP, NetBEUI, and IPX?

Question175: You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory- based single domain single forest network. The functional level of the forest is Windows Server 2003. The company has recently provided fifty laptops to its sales team members. You are required to configure an
802.11 wireless network for the laptops. The sales team members must be able to use their data placed at a server in a cabled network. The planned network should be able to handle the threat of unauthorized access and data interception by an unauthorized user. You are also required to prevent the sales team members from communicating directly to one another.
Which of the following actions will you take to accomplish the task?

Question176: You work as a Software Developer for UcTech Inc. You want to create a new session.
Which of the following methods can you use to accomplish the task?

Question177: You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem.
Which of the following utilities will you use to diagnose the problem?

Question178: In a network, a data packet is received by a router for transmitting it to another network. In order to make decisions on where the data packet should be forwarded, the router checks with its routing table.
Which of the following lists does a router check in a routing table?

Question179: Victor works as a professional Ethical Hacker for SecureEnet Inc. He wants to scan the wireless network of the company. He uses a tool that is a free open-source utility for network exploration. The tool uses raw IP packets to determine the following:
What ports are open on our network systems.

What hosts are available on the network.

Identify unauthorized wireless access points.

What services (application name and version) those hosts are offering.

What operating systems (and OS versions) they are running.

What type of packet filters/firewalls are in use.

Which of the following tools is Victor using?

Question180: You work as a Network Auditor for XYZ CORP. The company has a Windows-based network. While auditing the company's network, you are facing problems in searching the faults and other entities that belong to it.
Which of the following risks may occur due to the existence of these problems?

Question181: Which of the following statements is true about COLSPAN attribute?

Question182: HOTSPOT
The network infrastructure of a company consists of a perimeter network. For security purposes, the network zones have been created and divided into a firewall-based Border network and a DMZ. The enterprise internal network is attacked by a latest Internet worm.
Which of the following devices in the enterprise network should be upgraded or reconfigured to counter this type of attack?
Hot Area:

Question183: You work as an IT Technician for XYZ CORP. You have to take security measures for the wireless network of the company. You want to prevent other computers from accessing the company's wireless network.
On the basis of the hardware address, which of the following will you use as the best possible method to accomplish the task?

Question184: Web applications are accessed by communicating over TCP ports via an IP address. Choose the two most common Web Application TCP ports and their respective protocol names. (Choose two)

Question185: Anonymizers are the services that help make a user's own Web surfing anonymous. An anonymizer removes all the identifying information from a user's computer while the user surfs the Internet. It ensures the privacy of the user in this manner. After the user anonymizes a Web access with an anonymizer prefix, every subsequent link selected is also automatically accessed anonymously.
Which of the following are limitations of anonymizers?

Question186: You are the Network Administrator for a software development company. Your company creates various utilities and tools. You have noticed that some of the files your company creates are getting deleted from systems. When one is deleted, it seems to be deleted from all the computers on your network.
Where would you first look to try and diagnose this problem?

Question187: Which of the following firewalls inspects the actual contents of packets?

Question188: You have an online video library. You want to upload a directory of movies. Since this process will take several hours, you want to ensure that the process continues even after the terminal is shut down or session is closed.
What will you do to accomplish the task?

Question189: Which of the following commands is most useful for viewing large files?

Question190: You are tasked with configuring your routers with a minimum security standard that includes the following:
A local Username and Password configured on the router A strong privilege mode password Encryption of user passwords Configuring telnet and ssh to authenticate against the router user database Choose the configuration that best meets these requirements.

Question191: You work as a Network Administrator for XYZ CORP. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest single domain network. You have installed a Windows Server 2008 computer as the domain controller. The client computers of the company use the Windows XP Professional operating system. When a user logs on to a client computer, it gets authenticated by the domain controller. You want to audit the logon events that would be generated on the domain controller.
Which of the following audit settings do you need to configure to accomplish the task?

Question192: What does CSS stand for?

Question193: You work as a Software Developer for UcTech Inc. You build an online book shop, so that users can purchase books using their credit cards. You want to ensure that only the administrator can access the credit card information sent by users.
Which security mechanism will you use to accomplish the task?

Question194: In which of the following CAATs (Computer Assisted Auditing Techniques) does an auditor perform tests on computer files and databases?

Question195: DRAG DROP
Drag and drop the corresponding prompt that is displayed in the command-line interface of a Cisco switch IOS for different access modes.
Select and Place:

Question196: Which of the following statements is NOT true about FAT16 file system?

Question197: You have been assigned a project to develop a Web site for a construction company. You plan to develop a Web site and want to use cascading style sheets (CSS) as it helps you to get more control over the appearance and presentation of your Web pages and also extends your ability to precisely specify the position and appearance of the elements on a page and create special effects. You want to define styles for individual elements of a page.
Which type of style sheet will you use?

Question198: DRAG DROP
You work as a Network Administrator for Hail International. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest single domain network. The company's headquarters is located at Los Angeles. The company has branch offices in San Jose, Oakland, and San Francisco. All branch offices are connected to the headquarters by using T1 leased lines. The fragment of the company's network is shown below:

The routers are used to connect to the T1 lines to configure the private network. Each router at each location is a server that is running Microsoft Windows Server 2008. The management of the company wants to secure the WAN communication between the offices. The solution provided by you must not be expensive.
Choose and place the correct actions required to configure the necessary components of the network in order to accomplish the task.
Select and Place:

Question199: Which of the following statements about Secure Sockets Layer (SSL) are true? (Choose two)

Question200: You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. You have been assigned the task to design the authentication system for the remote users of the company. For security purposes, you want to issue security tokens to the remote users. The token should work on the one-time password principle and so once used, the next password gets generated.
Which of the following security tokens should you issue to accomplish the task?

Question201: In which of the following techniques does an attacker take network traffic coming towards a host at one port and forward it from that host to another host?

Question202: Sarah works as a Web Developer for XYZ CORP. She develops a Web site for the company. She uses tables in the Web site. Sarah embeds three tables within a table.
What is the technique of embedding tables within a table known as?

Question203: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to query an image root device and RAM disk size.
Which of the following Unix commands can you use to accomplish the task?

Question204: What will be the output of the following command? echo $(date %M) > date.txt

Question205: Which of the following protocols are used to provide secure communication between a client and a server over the Internet? (Choose two)

Question206: eBox Platform is an open source unified network server (or a Unified Network Platform) for SMEs. In which of the following forms can eBox Platform be used?

Question207: You work as a Network Administrator for Tech-E-book Inc. You are configuring the ISA Server 2006 firewall to provide your company with a secure wireless intranet. You want to accept inbound mail delivery though an SMTP server.
What basic rules of ISA Server do you need to configure to accomplish the task.

Question208: HOTSPOT
In the image of the Screened Host Firewall Architecture given below, select the element that is commonly known as the choke router.
Hot Area:

Question209: Which of the following methods can be helpful to eliminate social engineering threat? (Choose three)

Question210: Which of the following security policies will you implement to keep safe your data when you connect your Laptop to the office network over IEEE 802.11 WLANs? (Choose two)

Question211: You work as a Network Administrator for XYZ CORP. The company has a small TCP/IP-based network environment. The network contains a Cisco Catalyst 6000 family switch. A few sales people come to your outer office and use your local network to access the Internet, as well as to demonstrate their products.
What will you do to prevent your network from being accessed by any outside computers?

Question212: You work as a Web Developer for XYZ CORP. The company has a Windows-based network. You have been assigned the task to secure the website of the company. To accomplish the task, you want to use a website monitoring service.
What are the tasks performed by a website monitoring service?

Question213: Which of the following are the disadvantages of Dual-Homed Host Firewall Architecture?

Question214: You work as a professional Ethical Hacker. You are assigned a project to perform blackbox testing of the security of www.we-are-secure.com. Now you want to perform banner grabbing to retrieve information about the Webserver being used by we-are-secure.
Which of the following tools can you use to accomplish the task?

Question215: Which of the following features of a switch helps to protect network from MAC flood and MAC spoofing?

Question216: You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. You want to use multiple security countermeasures to protect the integrity of the information assets of the company. To accomplish the task, you need to create a complex and multi-layered defense system.
Which of the following components can be used as a layer that constitutes 'Defense in depth'? (Choose three)

Question217: Brutus is a password cracking tool that can be used to crack the following authentications: HTTP (Basic Authentication) HTTP (HTML Form/CGI) POP3 (Post Office Protocol v3) FTP (File Transfer Protocol) SMB (Server Message Block) Telnet Which of the following attacks can be performed by Brutus for password cracking?

Question218: Many organizations create network maps of their network system to visualize the network and understand the relationship between the end devices and the transport layer that provide services. Which of the following are the techniques used for network mapping by large organizations?
Each correct answer represents a complete solution. Choose three.

Question219: Sam works as a Network Administrator for Blue Well Inc. All client computers in the company run the Windows Vista operating. Sam creates a new user account. He wants to create a temporary password for the new user such that the user is forced to change his password when he logs on for the first time.
Which of the following options will he choose to accomplish the task?

Question220: Which of the following key combinations in the vi editor is used to copy the current line?

Question221: You have just installed a Windows 2003 server. What action should you take regarding the default shares?

Question222: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to see the local device files or 'links to device files' for a non-standard device driver.
Which of the following Unix configuration files should you use to accomplish the task?

Question223: The employees of EWS Inc. require remote access to the company's Web servers. In order to provide solid wireless security, the company uses EAP-TLS as the authentication protocol.
Which of the following statements are true about EAP-TLS?

Question224: Mark works as a Web Developer for XYZ CORP. He is developing a Web site for the company. The Manager of the company requires Mark to use tables instead of frames in the Web site.
What is the major advantage that a table-structured Web site has over a frame-structured Web site?

Question225: DRAG DROP
Each listener interface method has an event associated with it. Drag and drop the appropriate event names to match the respective listener interface methods.
Select and Place:

Question226: You work as a Computer Hacking Forensic Investigator for SecureNet Inc. You want to investigate Cross- Site Scripting attack on your company's Website. Which of the following methods of investigation can you use to accomplish the task?

Question227: Samantha works as a Web Developer for XYZ CORP. She is designing a Web site for the company. In a Web page, she uses the HTTP-EQUIV attribute to control the page cache.
Which of the following HTTP-EQUIV values controls the page cache in the browser folder?

Question228: You are concerned about an attacker being able to get into your network. You want to make sure that you are informed of any network activity that is outside normal parameters.
What is the best way to do this?

Question229: HOTSPOT
You work as a Network Administrator for McRobert Inc. The company has a Windows Active Directory- based single domain single forest network. The network includes fifty client computers running different Windows client operating systems.
A member server named MRIFS is configured as a file server on the network. You are required to implement the following:
The data communication must be encrypted whenever possible.
Each client computer must be able to access the server.
Configure the required options in the dialog box given below in order to accomplish the task.
Hot Area:

Question230: You work as a Network Administrator for Tech Perfect Inc. The company requires a secure wireless network. To provide security, you are configuring ISA Server 2006 as a firewall.
While configuring ISA Server 2006, which of the following is NOT necessary?

Question231: John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1.
Original cookie values: ItemID1=2 ItemPrice1=900 ItemID2=1 ItemPrice2=200 Modified cookie values: ItemID1=2 ItemPrice1=1 ItemID2=1 ItemPrice2=1 Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price.
Which of the following hacking techniques is John performing?

Question232: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to identify the list of users with special privileges along with the commands that they can execute.
Which of the following Unix configuration files can you use to accomplish the task?

Question233: Which of the following mechanisms is closely related to authorization?

Question234: Which of the following methods will free up bandwidth in a Wireless LAN (WLAN)?

Question235: You work as a Software Developer for UcTech Inc. You are building a Web site that will contain study materials on the Java language. The company wants that members can access all the pages, but non- members have only limited access to the Web site pages.
Which of the following security mechanisms will you use to accomplish the task?

Question236: You work as a Network Administrator for NetTech Inc. Your computer has the Windows 2000 Server operating system. You want to harden the security of the server.
Which of the following changes are required to accomplish this? (Choose two)

Question237: This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a,
802.11b, and 802.11g standards. The main features of these tools are as follows: It displays the signal strength of a wireless network, MAC address, SSID, channel details, etc. It is commonly used for the following purposes:
a.War driving
b.Detecting unauthorized access points
c. Detecting causes of interference on a WLAN d.WEP ICV error tracking
e. Making Graphs and Alarms on 802.11 Data, including Signal Strength
This tool is known as __________.

Question238: You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network.
Rick, your assistant, is configuring some laptops for wireless access. For security, WEP needs to be configured for wireless communication. By mistake, Rick configures different WEP keys in a laptop than that is configured on the Wireless Access Point (WAP).
Which of the following statements is true in such situation?

Question239: You work as a Network Analyst for XYZ CORP. The company has a Unix-based network. You want to view the directories in alphabetical order.
Which of the following Unix commands will you use to accomplish the task?

Question240: You work as a Software Developer for Cinera Softwares Inc. You create a DHTML page that contains ten TextBox controls to get information from the users who use your application. You want all the components placed on the DHTML page to be repositioned dynamically, when a user resizes the browser window.
Which of the following will you use for this?

Question241: Which of the following Windows processes supports creating and deleting processes and threads, running
16-bit virtual DOS machine processes, and running console windows?

Question242: Ryan wants to create an ad hoc wireless network so that he can share some important files with another employee of his company.
Which of the following wireless security protocols should he choose for setting up an ad hoc wireless network? (Choose two)

Question243: An attacker wants to connect directly to an unsecured station to circumvent the AP security or to attack the station.
Which of the following tools can be used to accomplish the task?

Question244: The employees of CCN Inc. require remote access to the company's proxy servers. In order to provide solid wireless security, the company uses LEAP as the authentication protocol.
Which of the following is supported by the LEAP protocol?

Question245: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to see the local device files or 'links to device files' for a non-standard device driver.
Which of the following Unix configuration files should you use to accomplish the task?

Question246: You work as a Security manager for Qualoxizz Inc. Your company has number of network switches in the site network infrastructure. Which of the following actions will you perform to ensure the security of the switches in your company?

Question247: DRAG DROP
Your company has been hired to provide consultancy, development, and integration services for a company named Soul International. You have prepared a case study to plan the upgrade for the company.
You are designing policy settings for the Web servers at the headquarters.
Place Allow or Deny in front of the type of traffic received by or sent to the Web servers from the internal clients and the Internet.
(Click the Exhibit button on the toolbar to see the case study.)
Select and Place:

Question248: You work as a Network Administrator for Tech Perfect Inc. You need to configure the company firewall so that only Simple Network Management Protocol (SNMP) and Secure HTTP (HTTPS) traffic is allowed into the intranet of the company. No other traffic should be allowed into the intranet.
Which of the following rule sets should you use on your firewall to accomplish the task? (Assume left to right equals top to bottom.)

Question249: You work as a Database Administrator for XYZ CORP. The company has a multi-platform network. The company requires fast processing of the data in the database of the company so that answers to queries can be generated quickly. To provide fast processing, you have a conceptual idea of representing the dimensions of data available to a user in the data cube format.
Which of the following systems can you use to implement your idea?

Question250: Which TCP and UDP ports can be used to start a NULL session attack in NT and 2000 operating systems?

Question251: Which of the following tags will create two vertical frames, as given in the image below, where the left frame is half as wide as the right one?

Question252: John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He successfully performs a brute force attack on the We-are-secure server.
Now, he suggests some countermeasures to avoid such brute force attacks on the We-are-secure server.
Which of the following are countermeasures against a brute force attack?

Question253: In an IT organization, some specific tasks require additional detailed controls to ensure that the workers perform their job correctly.
What do these detailed controls specify? (Choose three)

Question254: You have detected what appears to be an unauthorized wireless access point on your network. However, this access point has the same MAC address as one of your real access points and is broadcasting with a stronger signal.
What is this called?

Question255: You are concerned about war driving bringing hackers attention to your wireless network. What is the most basic step you can take to mitigate this risk?

Question256: John works as a Security Professional. He is assigned a project to test the security of www.we-are- secure.com. John wants to get the information of all network connections and listening ports in the numerical form.
Which of the following commands will he use?

Question257: You are concerned about rogue wireless access points being connected to your network.
What is the best way to detect and prevent these?

Question258: DRAG DROP
George works as a Network Administrator for Blue Soft Inc. The company uses Windows Vista operating system. The network of the company is continuously connected to the Internet.
What will George use to protect the network of the company from intrusion?
Select and Place:

Question259: You work as a Network Administrator for XYZ CORP. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest network.
You configure a new Windows Server 2008 server in the network. The new server is not yet linked to Active Directory. You are required to accomplish the following tasks:
Add a new group named "Sales".
Copy the "Returns" group from the older server to the new one.
Rename the "Returns" group to "Revenue".
View all group members, including for multiple groups/entire domain. You use Hyena to simplify and centralize all of these tasks.
Which of the assigned tasks will you be able to accomplish?

Question260: Sarah works as a Web Developer for XYZ CORP. She is creating a Web site for her company. Sarah wants greater control over the appearance and presentation of Web pages. She wants the ability to precisely specify the display attributes and the appearance of elements on the Web pages.
How will she accomplish this?

Question261: Which of the following types of audit constructs a risk profile for existing and new projects?

Question262: You want to record auditing information in the SYS.AUD$ table, and also want to record SQL bind variables as well as the SQL text in the audit trail.
Which of the following statements will accomplish this task?

Question263: Zorp is a proxy firewall suite developed by Balabit IT Security.
Which of the following statements are true about Zorp?

Question264: Which of the following aaa accounting commands should be used to enable logging of both the start and stop records for user terminal sessions on the router?

Question265: DRAG DROP
You work as a Software Developer for UcTech Inc. You create a session object and want that it be destroyed if it is not called for 20 minutes.
Drag and drop the appropriate statements that you will use to accomplish the task.
Select and Place:

Question266: You work as the Network Administrator for XYZ CORP. The company has a Linux-based network. You are a root user on the Red Hat operating system. You want to see first five lines of the file /etc/passwd.
Which of the following commands should you use to accomplish the task?

Question267: You work as a Network Administrator for Infonet Inc. The company's network has an FTP server. You want to secure the server so that only authorized users can access it.
What will you do to accomplish this?

Question268: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to find out when a particular user was last logged in. To accomplish this, you need to analyze the log configuration files.
Which of the following Unix log configuration files can you use to accomplish the task?

Question269: Choose the benefits of deploying switches over hubs in your infrastructure. (Choose two)

Question270: Audit trail or audit log is a chronological sequence of audit records, each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function.
Under which of the following controls does audit control come?

Question271: You work as a Network Administrator for Techpearl Inc. You are configuring the rules for the firewall of the company. You need to allow internal users to access secure external websites.
Which of the following firewall rules will you use to accomplish the task?

Question272: You work as a Network Administrator for TechPerfect Inc. The company has a secure wireless network.
Since the company's wireless network is so dynamic, it requires regular auditing to maintain proper security. For this reason, you are configuring NetStumbler as a wireless auditing tool.
Which of the following statements are true about NetStumbler?

Question273: In which of the following does a Web site store information such as user preferences to provide customized services to users?

Question274: DRAG DROP
John works as a Network Administrator for Blue Well Inc. All client computers in the company run the Windows Vista operating system.
He wants to view the status of Windows Defender. What steps will he take to accomplish the task?
Select and Place:

Question275: What is the extension of a Cascading Style Sheet?

Question276: You work as the Network Administrator of a Windows 2000 Active Directory network. Your company's offices are at Dallas and New York. Your company wants to configure a secure, direct Internet link. The company's management wants to accomplish the following tasks:
Keep the offices' internal resources secure from outsiders.
Keep communication secure between the two offices.
You install a firewall in each office.
Which of the tasks does this action accomplish?

Question277: Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol?

Question278: Which of the following commands can be used to find out where commands are located?

Question279: Which of the following does an anti-virus program update regularly from its manufacturer's Web site?

Question280: HOTSPOT
You work as a Network Administrator for uCertify Inc. The company's Windows 2000-based network is configured with Internet Security and Acceleration (ISA) Server 2000. All clients on the network run Windows 2000 Professional. The company policy prevents you from installing the Firewall Client software or configuring the Web Proxy service on any client computer. You configure access policy rules to allow all the users to use the HTTP protocol for accessing all Internet sites. However, users on the network report that they are unable to do so.
Mark the option that is configured incorrectly.
Hot Area:

Question281: DRAG DROP
John works as a Network Administrator for Blue Well Inc. The company uses Windows Vista operating system. He wants to configure the firewall access for specific programs. What steps will he take to accomplish the task?
Select and Place:

Question282: Peter works as a Web Developer for XYZ CORP. He is developing a Web site for the company. In one of the Web pages, Peter wants to ensure that certain information is consistent and visible while the other information changes.
Which of the following will he use to accomplish this?

Question283: Which of the following services are provided by the proxy servers?

Question284: You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? (Choose two)

Question285: Which of the following statements are true about the Enum tool?

Question286: John works as a Network Administrator for We-are-secure Inc. The We-are-secure server is based on Windows Server 2003. One day, while analyzing the network security, he receives an error message that Kernel32.exe is encountering a problem. Which of the following steps should John take as a countermeasure to this situation?

Question287: You work as the Network Technician for XYZ CORP. The company has a Linux-based network. You are working on the Red Hat operating system. You want to view only the last 4 lines of a file named /var/log/ cron.
Which of the following commands should you use to accomplish the task?

Question288: In which of the following scanning techniques does a scanner connect to an FTP server and request that server to start data transfer to the third system?

Question289: You are responsible for security at a company that uses a lot of Web applications. You are most concerned about flaws in those applications allowing some attacker to get into your network. What method would be best for finding such flaws?

Question290: DRAG DROP
You work as a Network Auditor for Net Perfect Inc. The company has a Windows-based network. You need to audit the network of the company. You need to plan the audit process to minimize the audit risk.
What steps will you take to minimize the possibility of audit risk?
Select and Place:

Question291: DRAG DROP
In Unix, there are different commands used for editing and viewing files. Drag and drop the appropriate commands (available in Unix) in front of their respective functions that they perform.
Select and Place:

Question292: You work as a Software Developer for Mansoft Inc. You create an application and use it to create users as members of the local Users group.
Which of the following code snippets imperatively demands that the current user is a member of the local Users group?

Question293: Which of the following statements is true about residual risks?

Question294: You are the Security Consultant and have been hired to check security for a client's network. Your client has stated that he has many concerns but the most critical is the security of Web applications on their Web server.
What should be your highest priority then in checking his network?

Question295: Which of the following is an example of penetration testing?

Question296: Which of the following statements are true about security risks? (Choose three)

Question297: Which of the following statements about data integrity of a container are true? (Choose two)

Question298: DRAG DROP
In Unix, there are different commands used for editing and viewing files. Drag and drop the appropriate commands (available in Unix) in front of their respective functions that they perform.
Select and Place:

Question299: You work as a Web Deployer for UcTech Inc. You write the <security constraint> element for an application in which you write the <auth-constraint> sub-element as follows: <auth-constraint> <role- name>*</role-name> </auth-constraint> Who will have access to the application?

Question300: Web mining allows a user to look for patterns in data through content mining, structure mining, and usage mining.
What is the function of structure mining?

Question301: You work as a Network Administrator for InfraTech Inc. You have been assigned the task of designing the firewall policy for the company.
Which of the following statements can be considered acceptable in the 'contracted worker statement' portion of the firewall policy?

Question302: The routing algorithm uses certain variables to create a metric of a path. It is the metric that actually determines the routing path.
In a metric, which of the following variables is used to define the 'largest size' of a message that can be routed?

Question303: In addition to denying and granting access, what other services does a firewall support?

Question304: Which of the following backup sites takes the longest recovery time?

Question305: Which of the following types of servers are dedicated to provide resources to hosts on the network?
(Choose three)

Question306: In which of the following is absolute size of frames expressed?

Question307: DRAG DROP
You have designed a TCP/IP based routed network. Diagram of the network is given below:

You are configuring IS-IS protocol as an IP routing protocol in the given network. Drag and drop the appropriate commands beside their respective command prompts which you are using at router C.
Select and Place:

Question308: Which of the following statements are true about data aggregation?

Question309: DRAG DROP
You work as a Security Administrator in Tech Perfect Inc. The company has a TCP/IP based network.
Three Cisco IOS routers- router1, router2, and router3 are currently working in the network. You want to accomplish the following tasks:
Configure router1 to act as an SSH server.

Configure domain name 'network.com'.

Generate a general-purpose RSA key pair and specify the IP key size of 1024.

Configure SSH time-out of 30 seconds and SSH authentication retries value 4.

Drag and drop the appropriate commands beside their respective command prompts in order to accomplish the tasks.
Select and Place:

Question310: Which of the following applications work as mass-emailing worms? (Choose two.)

Question311: You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network.
You have configured a firewall on the network. A filter has been applied to block all the ports. You want to enable sending and receiving of emails on the network.
Which of the following ports will you open? (Choose two)

Question312: SIMULATION
Fill in the blank with the appropriate term.
When two routers are used in a firewall configuration, the internal router is known as a ______ router.

Question313: Which of the following are known as safety critical software?

Question314: You configure a wireless router at your home. To secure your home Wireless LAN (WLAN), you implement WEP. Now you want to connect your client computer to the WLAN.
Which of the following is the required information that you will need to configure the client computer?
(Choose two)

Question315: Which of the following statements about a session are true? (Choose two)

Question316: You are concerned about rootkits on your network communicating with attackers outside your network.
Without using an IDS how can you detect this sort of activity?

Question317: John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He executes the following command in the terminal:
echo $USER, $UID.
Which of the following will be displayed as the correct output of the above command?

Question318: Which of the following is used to execute a SQL statement from the SQL buffer?

Question319: Adam works as a Security Analyst for Umbrella Inc. He is retrieving large amount of log data from syslog servers and network devices such as Router and switches. He is facing difficulty in analyzing the logs that he has retrieved. To solve this problem, Adam decides to use software called Sawmill. Which of the following statements are true about Sawmill?

Question320: Which of the following evidences are the collection of facts that, when considered together, can be used to infer a conclusion about the malicious activity/person?

Question321: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to make changes on a per-directory basis.
Which of the following Unix configuration files can you use to accomplish the task?

Question322: DRAG DROP
A wireless network uses multiple modulation schemes to make the signal strong so that it can travel far.
These modulation schemes work with a certain IEEE standard. Choose and drop the correct standards in the right pane according to the modulation scheme.
Select and Place:

Question323: You work as an Exchange Administrator for XYZ CORP. The network design of the company is given below:

Employees are required to use Microsoft Outlook Web Access to access their emails remotely. You are required to accomplish the following goals: Ensure fault tolerance amongst the servers. Ensure the highest level of security and encryption for the Outlook Web Access clients. What will you do to accomplish these goals?

Question324: You are tasked with creating an ACL to apply to Fa0/0 based on the following requirements:
The ACL must be protocol specific.
All traffic from host 10.10.45.2 and subnet 10.10.1.32/27 must be denied access through the router.
Telnet and SSH must be denied for ALL hosts except the management host with the IP address of
10.10.0.100.
This management host must not only have Telnet and SSH access, but access to any port in the TCP and UDP suite to any destination.
HTTP, HTTPS, and DNS requests must be allowed for all hosts on subnets 10.10.2.0/24 and 10.10.3.0/24 to any destination.
All remaining traffic must be denied.
Cisco IOS applies an implied deny all at the end of an ACL.
However, you must provide this configuration manually so that engineers can see hit counts on the deny all traffic when running the show ip access-lists command. Which of the following sets of commands will you choose to complete the configuration on Router A?

Question325: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to use Kismet as a wireless sniffer to sniff the We-are-secure network.
Which of the following IEEE-based traffic can be sniffed with Kismet?

Question326: Which of the following is a method of the HttpSession interface and is used to retrieve the time when the session was created?

Question327: Which of the following tools is used for port scanning?

Question328: You are the Network Admin for a company. You are concerned about users having access to items they should not. Your concern is that they may inadvertently have been granted access to those resources.
When conducting a user access and rights review, which of the following is most likely to show you such unintentional granting of user rights?

Question329: You work as a Network Administrator for Net World International. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server
2003. There are ten Sales Managers in the company. The company has recently provided laptops to all its Sales Managers. All the laptops run Windows XP Professional. These laptops will be connected to the company's network through wireless connections. The company's management wants to implement Shared Key authentication for these laptops. When you try to configure the network interface card of one of the laptops for Shared Key authentication, you find no such option. What will you do to enable Shared Key authentication?

Question330: John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He wants to forward all the kernel messages to the remote host having IP address 192.168.0.1.
Which of the following changes will he perform in the syslog.conf file to accomplish the task?

Question331: Which of the following tools can be used to perform ICMP tunneling? (Choose two)

Question332: You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. You are concerned about the vulnerabilities existing in the network of the company.
Which of the following can be a cause for making the network vulnerable? (Choose two)

Question333: You want to repeat the last command you entered in the bash shell.
Which of the following commands will you use?

Question334: Which of the following commands can be used to convert all lowercase letters of a text file to uppercase?

Question335: Which of the following types of authentication tokens forms a logical connection to the client computer but does not require a physical connection?

Question336: You work as a Software Developer for UcTech Inc. You want to encode a URL, so that it can be used with the sendRedirect() method to send the response to the client. In order to accomplish this, you have to use a method of the HttpServletResponse interface.
Which of the following methods will you use?

Question337: DRAG DROP
Choose and select the information present in the header of a single IP packet that are helpful in packet filtering.
Select and Place:

Question338: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He begins to perform a pre-attack test before conducting an attack on the We- are-secure server.
Which of the following will John perform in the pre-attack phase?

Question339: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to do RARP mapping from hardware mapping addresses to IP addresses.
Which of the following Unix configuration files can you use to accomplish the task?

Question340: DRAG DROP
Drag and Drop the layers of TCP/IP model according to their level of data encapsulation.
Select and Place:

Question341: You have been assigned a project to develop a Web site for a construction company. You plan to develop a Web site and want to get more control over the appearance and presentation of the Web pages. You also want to increase your ability to precisely specify the position and appearance of the elements on a page and create special effects. You plan to use cascading style sheets (CSS). You want to define styles only for the active page.
Which type of style sheet will you use?

Question342: Which of the following statements is true about the Digest Authentication scheme?

Question343: Which of the following statements is true about a relational database?

Question344: Which of the following are the methods of the HttpSession interface? (Choose three)

Question345: What does a firewall check to prevent certain ports and applications from getting the packets into an Enterprise?

Question346: Which of the following controls define the direction and behavior required for technology to function properly?

Question347: Which of the following encryption modes are possible in WEP?

Question348: John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. John is working as a root user on the Linux operating system. He has a data.txt file in which each column is separated by the TAB character. Now, he wants to use this file as input for a data mining software he has created. The problem preventing him from accomplishing his task is that with his data mining software, he has used TAB as a delimiter to distinguish between columns. Hence, he is unable to use this file as input for the software. However, if he somehow replaces the TAB characters of the file with SPACE characters, he can use this file as an input file for his data mining software.
Which of the following commands will John use to replace the TAB characters of the file with SPACE characters?

Question349: Which of the following statements about session tracking is true?

Question350: SIMULATION
Fill in the blank with the appropriate tool name.
__________ is a wireless network cracking tool that exploits the vulnerabilities in the RC4 Algorithm, which comprises the WEP security parameters.

Question351: Which of the following Web authentication techniques uses a single sign-on scheme?

Question352: Which of the following wireless security standards supported by Windows Vista provides the highest level of security?

Question353: Which of the following is a technique for creating Internet maps? (Choose two)

Question354: Which of the following tools works both as an encryption-cracking tool and as a keylogger?

Question355: Which of the following commands can be used to format text files?

Question356: Which of the following statements about system hardening are true? (Choose two)

Question357: Samantha works as a Web Developer for XYZ CORP. She develops a Web application using Visual InterDev. She wants to group a series of HTML elements together so that an action can be performed collectively on them.
Which of the following tags will Samantha use to accomplish this?

Question358: You check performance logs and note that there has been a recent dramatic increase in the amount of broadcast traffic.
What is this most likely to be an indicator of?

Question359: Which of the following statements are true about KisMAC?

Question360: In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone file for a domain from a DNS server. The information provided by the DNS zone can help an attacker gather user names, passwords, and other valuable information. To attempt a zone transfer, an attacker must be connected to a DNS server that is the authoritative server for that zone. Besides this, an attacker can launch a Denial of Service attack against the zone's DNS servers by flooding them with a lot of requests.
Which of the following tools can an attacker use to perform a DNS zone transfer?

Question361: You work as a Java Programmer for JavaSkills Inc. You are working with the Linux operating system.
Nowadays, when you start your computer, you notice that your OS is taking more time to boot than usual.
You discuss this with your Network Administrator. He suggests that you mail him your Linux bootup report.
Which of the following commands will you use to create the Linux bootup report?

Question362: Which of the following tools uses Internet Control Message Protocol (ICMP)?

Question363: Which of the following statements are true about a hot site?

Question364: Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

Question365: DRAG DROP
In Unix, 'less' is a program that allows backward as well as forward movement in a file. This program is invoked with several options to change its behavior. Place the options of the less program in front of their functions.
Select and Place:

Question366: Which of the following statements about packet filtering is true?

Question367: Pingdom is a website monitoring service.
Which of the following services are provided by Pingdom?

Question368: You are concerned about attackers simply passing by your office, discovering your wireless network, and getting into your network via the wireless connection.
Which of the following are NOT steps in securing your wireless connection? (Choose two.)

Question369: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows:
It is Linux-based WLAN WEP cracking tool that recovers encryption keys.

It operates by passively monitoring transmissions.

It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP

keys.
Which of the following tools is John using to crack the wireless encryption keys?

Question370: DRAG DROP
Place the protocols on the TCP/IP layer to which they are associated.
Select and Place:

Question371: Mark works as a Web Designer for XYZ CORP. The company has a Windows-based network. Mark creates an HTML document that gives the following error on execution: "These hypertext system features are not supported by HTML".
Which of the following can be the hypertext system features that are NOT supported by HTML? (Choose three)

Question372: One of the sales people in your company complains that sometimes he gets a lot of unsolicited messages on his PD A.
After asking a few questions, you determine that the issue only occurs in crowded areas like airports. What is the most likely problem?

Question373: You work as a Security Administrator in Tech Perfect Inc. The company has a TCP/IP based network. The network has a vast majority of Cisco Systems routers and Cisco network switches. You want to take a snapshot of the router running configuration and archive running configuration of the router to persistent storage.
Which of the following steps will you take?

Question374: ACID (atomicity, consistency, isolation, and durability) is an acronym and mnemonic device for learning and remembering the four primary attributes ensured to any transaction by a transaction manager.
Which of the following attributes of ACID confirms that the committed data will be saved by the system such that, even in the event of a failure or system restart, the data will be available in its correct state?

Question375: Which of the following standards is used in wireless local area networks (WLANs)?

Question376: Which of the following are the goals of risk management? (Choose three)

Question377: DRAG DROP
John works as a Network Administrator for Blue Well Inc. All client computers in the company run the Windows Vista operating system. He wants to view the status of malware protection.
What steps will he take to accomplish the task?
Select and Place:

Question378: DRAG DROP
You work as a Network Administrator for SoftWorld Inc. All client computers in the company run Windows Vista. You want to view the status of Windows Firewall. Choose in the correct order the steps you will take to accomplish the task.
Select and Place:

Question379: You want to monitor the network infrastructure of a software-based company. The network infrastructure of the company consists of the following:
Windows TCP/IP services

Web and mail servers

URLs Applications (MS Exchange, SQL etc.)

Which of the following network monitoring solutions can you use to accomplish the task?

Question380: Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?

Question381: What are the purposes of audit records on an information system? (Choose two)

Question382: The SALES folder has a file named XFILE.DOC that contains critical information about your company. This folder resides on an NTFS volume. The company's Senior Sales Manager asks you to provide security for that file. You make a backup of that file and keep it in a locked cupboard, and then you deny access on the file for the Sales group. John, a member of the Sales group, accidentally deletes that file. You have verified that John is not a member of any other group. Although you restore the file from backup, you are confused how John was able to delete the file despite having no access to that file. What is the most likely cause?

Question383: You have been assigned a project to develop a Web site for a construction company. You have to develop a Web site and want to get more control over the appearance and presentation of your Web pages. You also want to increase the ability to precisely specify the location and appearance of the elements on a page and create special effects. You plan to use Cascading style sheets (CSS). You want to apply the same style consistently throughout your Web site.
Which type of style sheet will you use?

Question384: John works as a Network Administrator for Perfect Solutions Inc. The company has a Debian Linux-based network. He is working on the bash shell in which he creates a variable VAR1. After some calculations, he opens a new ksh shell. Now, he wants to set VAR1 as an environmental variable so that he can retrieve VAR1 into the ksh shell.
Which of the following commands will John run to accomplish the task?

Question385: You want to append a tar file if the on-disk version of the tar file has a modification date more recent than its copy in the tar archive.
Which of the following commands will you use to accomplish the task?

Question386: Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active Directory domain-based network. The domain contains one hundred Windows XP Professional client computers.
Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will use Wired Equivalent Privacy (WEP) for all the connections. According to the company's security policy, the client computers must be able to automatically connect to the wireless LAN. However, the unauthorized computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants to configure all the wireless access points and client computers to act in accordance with the company's security policy.
What will he do to accomplish this? (Choose three)

Question387: You work as a professional Ethical Hacker. You are assigned a project to test the security of www.we-are- secure.com. You are working on the Windows Server 2003 operating system. You suspect that your friend has installed the keyghost keylogger onto your computer.
Which of the following countermeasures would you employ in such a situation?

Question388: HOTSPOT
You work as a Network Administrator of a Windows 2000 Active Directory-based single domain network.
You have configured your Windows XP Professional computer at home to have a static IP address assigned by your Internet service provider (ISP). It is always connected to the Internet through a modem.
You have enabled the Internet Connection Firewall for the Internet connection. You use the PING command to check the connectivity of your home computer from office, but you receive the following error message:
Request timed out.
On examining the log file of the Internet Connection Firewall on your home computer, you find DROP ICMP messages. You want to ping your home computer without compromising on security.
Select the option in the Internet Connection Firewall Advanced Settings dialog box, which will be required to be checked to accomplish the task.
Hot Area:

Question389: HOTSPOT
In the image of the Screened Host Firewall Architecture given below, select the element that is commonly known as the access router.
Hot Area:

Question390: From an auditing perspective, database security can be broken down into four key categories:
Server Security

Database Connections

Table Access Control

Restricting Database Access.

Which of the following categories leads to the process of limiting access to the database server?

Question391: You work as a Network Auditor for XYZ CORP. The company has a Windows-based network. You use DumpSec as an auditing and reporting program for security issues.
Which of the following statements is true about DumpSec? (Choose three)

Question392: You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to fix partitions on a hard drive.
Which of the following Unix commands can you use to accomplish the task?

Question393: Which of the following is an Internet mapping technique that relies on various BGP collectors that collect information such as routing updates and tables and provide this information publicly?

Question394: In which of the following social engineering attacks does an attacker first damage any part of the target's equipment and then advertise himself as an authorized person who can help fix the problem.

Question395: Data access auditing is a surveillance mechanism that watches over access to all sensitive information contained within the database.
What are the questions addressed in a perfect data access auditing solution?

Question396: DRAG DROP
John works as a Network Administrator for Blue Well Inc. All client computers in the company run the Windows Vista operating system. He installs an application on his computer. The application is not running properly. Therefore, he wants to disable the application.
What steps will he take to accomplish the task?
Select and Place:

Question397: Which of the following statements about the traceroute utility are true?

Question398: Sam works as a Network Administrator for XYZ CORP. The computers in the company run Windows Vista operating system, and they are continuously connected to the Internet. This makes the network of the company susceptible to attacks from unauthorized users.
Which of the following will Sam choose to protect the network of the company from such attacks?

Question399: The following output is generated by running the show ip route command: RouterA#show ip route < - - Output Omitted for brevity - -> Which next hop address will RouterA use in forwarding traffic to 10.10.100.0/24?