Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0/24. Which of the following has occurred?

A.

The gateway is not routing to a public IP address.

B.

The computer is using an invalid IP address.

C.

The gateway and the computer are not on the same network.

D.

The computer is not using a private IP address.

Which element of Public Key Infrastructure (PKI) verifies the applicant?

A.

Certificate authority

B.

Validation authority

C.

Registration authority

D.

Verification authority

If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?

A.

Hping

B.

Traceroute

C.

TCP ping

D.

Broadcast ping

A Certificate Authority (CA) generates a key pair that will be used for encryption and decryption of email. The integrity of the encrypted email is dependent on the security of which of the following?

A.

Public key

B.

Private key

C.

Modulus length

D.

Email server certificate

When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is

A.

OWASP is for web applications and OSSTMM does not include web applications.

B.

OSSTMM is gray box testing and OWASP is black box testing.

C.

OWASP addresses controls and OSSTMM does not.

D.

OSSTMM addresses controls and OWASP does not.

What are the three types of compliance that the Open Source Security Testing Methodology Manual (OSSTMM) recognizes?

A.

Legal, performance, audit

B.

Audit, standards based, regulatory

C.

Contractual, regulatory, industry

D.

Legislative, contractual, standards based

What is the primary drawback to using advanced encryption standard (AES) algorithm with a 256 bit key to share sensitive data?

A.

Due to the key size, the time it will take to encrypt and decrypt the message hinders efficient communication.

B.

To get messaging programs to function with this algorithm requires complex configurations.

C.

It has been proven to be a weak cipher; therefore, should not be trusted to protect sensitive data.

D.

It is a symmetric key algorithm, meaning each recipient must receive the key through a different channel than the message.

An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?

A.

Timing attack

B.

Replay attack

C.

Memory trade-off attack

D.

Chosen plain-text attack

Which NMAP feature can a tester implement or adjust while scanning for open ports to avoid detection by the network’s IDS?

A.

Timing options to slow the speed that the port scan is conducted

B.

Fingerprinting to identify which operating systems are running on the network

C.

ICMP ping sweep to determine which hosts on the network are not available

D.

Traceroute to control the path of the packets sent during the scan

Which of the following programs is usually targeted at Microsoft Office products?

A.

Polymorphic virus

B.

Multipart virus

C.

Macro virus

D.

Stealth virus