Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

Backing up data is a security must. However, it also has certain level of risks when mishandled. Which of the following is the greatest threat posed by backups?

A.

A backup is the source of Malware or illicit information

B.

A backup is incomplete because no verification was performed

C.

A backup is unavailable during disaster recovery

D.

An unencrypted backup can be misplaced or stolen

LM hash is a compromised password hashing function. Which of the following parameters describe LM Hash:?

I – The maximum password length is 14 characters.

II – There are no distinctions between uppercase and lowercase.

III – It’s a simple algorithm, so 10,000,000 hashes can be generated per second.

A.

I

B.

I, II, and III

C.

II

D.

I and II

Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?

A.

Firewall

B.

Honeypot

C.

Core server

D.

Layer 4 switch

Which tool would be used to collect wireless packet data?

A.

NetStumbler

B.

John the Ripper

C.

Nessus

D.

Netcat

A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted.

Which cryptography attack is the student attempting?

A.

Man-in-the-middle attack

B.

Brute-force attack

C.

Dictionary attack

D.

Session hijacking

Which command line switch would be used in NMAP to perform operating system detection?

A.

-OS

B.

-sO

C.

-sP

D.

-O

Fingerprinting VPN firewalls is possible with which of the following tools?

A.

Angry IP

B.

Nikto

C.

Ike-scan

D.

Arp-scan

Which security control role does encryption meet?

A.

Preventative

B.

Detective

C.

Offensive

D.

Defensive

Which of the following parameters enables NMAP's operating system detection feature?

A.

NMAP -sV

B.

NMAP -oS

C.

NMAP -sR

D.

NMAP -O

When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy?

A.

A bottom-up approach

B.

A top-down approach

C.

A senior creation approach

D.

An IT assurance approach

When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?

A.

Network tap

B.

Layer 3 switch

C.

Network bridge

D.

Application firewall

One way to defeat a multi-level security solution is to leak data via

A.

a bypass regulator.

B.

steganography.

C.

a covert channel.

D.

asymmetric routing.

Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?

A.

Metasploit scripting engine

B.

Nessus scripting engine

C.

NMAP scripting engine

D.

SAINT scripting engine

A penetration tester is hired to do a risk assessment of a company's DMZ. The rules of engagement states that the penetration test be done from an external IP address with no prior knowledge of the internal IT systems. What kind of test is being performed?

A.

white box

B.

grey box

C.

red box

D.

black box

Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?

A.

They are written in Java.

B.

They send alerts to security monitors.

C.

They use the same packet analysis engine.

D.

They use the same packet capture utility.