11.11 Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which of the following attacks allows the bypassing of access control lists on servers or routers, and helps an attacker to hide?

Each correct answer represents a complete solution. Choose two.

A.

DDoS attack

B.

IP spoofing attack

C.

MAC spoofing

D.

DNS cache poisoning

Which of the following statements is true about the difference between worms and Trojan horses?

A.

Trojan horses are a form of malicious codes while worms are not.

B.

Trojan horses are harmful to computers while worms are not.

C.

Worms replicate themselves while Trojan horses do not.

D.

Worms can be distributed through emails while Trojan horses cannot.

Which of the following statements about Encapsulating Security Payload (ESP) is true?

A.

ESP is always used in combination with Authentication Header (AH).

B.

ESP can encrypt data and verify data integrity.

C.

ESP is never used in combination with Authentication Header (AH).

D.

ESP only verifies data integrity.

You work as a Network Administrator for Tech Perfect Inc. The company has a Linux-based network. You have configured a VPN server for remote users to connect to the company's network. Which of the following encryption types will Linux use?

A.

CHAP

B.

MSCHAP

C.

RC2

D.

3DES

Which of the following are types of social engineering attacks?

Each correct answer represents a complete solution. Choose two.

A.

An unauthorized person calls a user and pretends to be a system administrator in order to get the user's password.

B.

An unauthorized person inserts an intermediary software or program between two communicating hosts to listen to and modify the communication packets passing between the two hosts.

C.

An unauthorized person modifies packet headers by using someone else's IP address to hide his identity.

D.

An unauthorized person gains entrance to the building where the company's database server resides and accesses the server by pretending to be an employee.

Which of the following tools works both as an encryption-cracking tool and as a keylogger?

A.

Magic Lantern

B.

KeyGhost Keylogger

C.

Alchemy Remote Executor

D.

SocketShield

An intruder is trying to get user passwords by pretending to be help desk staff. Which of the following types of security attacks do you think it is?

A.

Hacking

B.

Man-in-the-middle

C.

Spoofing

D.

Social Engineering

You are an Administrator for a network at an investment bank. You are concerned about individuals breeching your network and being able to steal data before you can detect their presence and shut down their access. Which of the following is the best way to address this issue?

A.

Implement a strong password policy.

B.

Implement a honey pot.

C.

Implement a strong firewall.

D.

Implement network based anti virus.

Adrian knows the host names of all the computers on his network. He wants to find the IP addresses of these computers. Which of the following TCP/IP utilities can he use to find the IP addresses of these computers?

Each correct answer represents a complete solution. Choose two.

A.

IPCONFIG

B.

PING

C.

NETSTAT

D.

TRACERT

You are a Network Administrator in an enterprise. You have been assigned the task of installing Windows 2000 and some other applications, on each computer on the network. But in the enterprise environment, it is not cost effective to install Windows 2000 and other applications, using the standard interactive setup on each computer. You plan to perform automated installation on multiple computers. Which of the following installation tasks can be automated?

Each correct answer represents a complete solution. Choose all that apply.

A.

Service Packs for Windows 2000 Server.

B.

Any application that does not run as a service.

C.

Additional language support for Windows 2000 Server, through the installation of various language packs.

D.

Any application that runs as a service.

E.

The core operating system of Windows 2000 Server.

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to use Kismet as a wireless sniffer to sniff the We-are-secure network. Which of the following IEEE-based traffic can be sniffed with Kismet?

Each correct answer represents a complete solution. Choose all that apply.

A.

802.11g

B.

802.11a

C.

802.11b

D.

802.11n

You work as a project manager for TYU project. You are planning for risk mitigation. You need to identify the risks that will need a more in-depth analysis. Which of the following activities will help you in this?

A.

Qualitative analysis

B.

Quantitative analysis

C.

Risk identification

D.

Estimate activity duration

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He installs a rootkit on the Linux server of the We-are-secure network. Which of the following statements are true about rootkits?

Each correct answer represents a complete solution. Choose all that apply.

A.

They allow an attacker to conduct a buffer overflow.

B.

They allow an attacker to replace utility programs that can be used to detect the attacker's activity.

C.

They allow an attacker to set a Trojan in the operating system and thus open a backdoor for anytime access.

D.

They allow an attacker to run packet sniffers secretly to capture passwords.

Fill in the blank with the appropriate word.

________ is also used to refer to any attempt to circumvent the security of other types of cryptographic algorithms and protocols in general, and not just encryption.

Which of the following activities result in change requests?

Each correct answer represents a complete solution. Choose all that apply.

A.

Preventive actions

B.

Inspection

C.

Defect repair

D.

Corrective actions