March Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

On March 6, 2003, The SCO Group asserted that there are legal uncertainties regarding the use of the Linux operating system due to alleged violations of IBM's Unix licenses in the development of Linux code at IBM. What were the claims made by SCO on IBM regarding the use of the Linux operating system?

Each correct answer represents a complete solution. Choose all that apply.

A.

Interference with contract

B.

Breach of the GNU General Public License (GPL)

C.

Lanham Act violation

D.

Misappropriation of trade secrets

E.

Breach of IBM software agreement

Full Access
Question # 5

Mark works as a Network Security Administrator for BlueWells Inc. The company has a Windowsbased network. Mark is giving a presentation on Network security threats to the newly recruited employees of the company. His presentation is about the External threats that the company recently faced in the past. Which of the following statements are true about external threats?

Each correct answer represents a complete solution. Choose three.

A.

These are the threats that originate from within the organization.

B.

These are the threats intended to flood a network with large volumes of access requests.

C.

These threats can be countered by implementing security controls on the perimeters of the network, such as firewalls, which limit user access to the Internet.

D.

These are the threats that originate from outside an organization in which the attacker attempts to gain unauthorized access.

Full Access
Question # 6

Which of the following commands is used to make traceroute wait 5 seconds for a response to a packet?

A.

traceroute -r

B.

traceroute -w

C.

traceroute -q

D.

traceroute -T

Full Access
Question # 7

Which of the following is a form of cheating or copying someone else's work or idea without acknowledging the source?

A.

Plagiarism

B.

Turnitin

C.

Copyright

D.

Patent

Full Access
Question # 8

Peter works as a Technical Representative in a CSIRT for SecureEnet Inc. His team is called to investigate the computer of an employee, who is suspected for classified data theft. Suspect's computer runs on Windows operating system. Peter wants to collect data and evidences for further analysis. He knows that in Windows operating system, the data is searched in pre-defined steps for proper and efficient analysis. Which of the following is the correct order for searching data on a Windows based system?

A.

Volatile data, file slack, registry, memory dumps, file system, system state backup, interne t traces

B.

Volatile data, file slack, registry, system state backup, internet traces, file system, memory dumps

C.

Volatile data, file slack, internet traces, registry, memory dumps, system state backup, file system

D.

Volatile data, file slack, file system, registry, memory dumps, system state backup, interne t traces

Full Access
Question # 9

Which of the following technologies is used to detect unauthorized attempts to access and manipulate computer systems locally or through the Internet or an intranet?

A.

Demilitarized zone (DMZ)

B.

Intrusion detection system (IDS)

C.

Firewall

D.

Packet filtering

Full Access
Question # 10

Which of the following organizations is dedicated to computer security research and information sharing?

A.

NIPC

B.

FBI

C.

Honeynet Project

D.

IEEE

Full Access
Question # 11

Which method would provide the highest level of protection for all data transmitted on the internal network only?

(Click the Exhibit button on the toolbar to see the case study.)

A.

IPSec tunnel mode

B.

SSL

C.

PPTP

D.

IPSec transport mode

E.

SMB

Full Access
Question # 12

Which of the following tools is used to catch someone installing a rootkit or running a packet sniffer?

A.

chkrootkit

B.

rkhunter

C.

Blue Pill

D.

OSSEC

Full Access
Question # 13

In which of the following access control models can a user not grant permissions to other users to see a copy of an object marked as secret that he has received, unless they have the appropriate permissions?

A.

Role Based Access Control (RBAC)

B.

Mandatory Access Control (MAC)

C.

Access Control List (ACL)

D.

Discretionary Access Control (DAC)

Full Access
Question # 14

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He observes that the We-are-secure server is vulnerable to a special type of DoS attack and he makes the following suggestions to the security authority to protect the server from this DoS attack. The countermeasures against this type of DoS attack are as follows:

l Disabling IP-directed broadcasts at the We-are-secure router

l Configuring local computers so as not to respond to such ICMP packets that are configured to be sent to IP broadcast addresses

Which of the following DoS attacks has John discovered as a vulnerability for the We-are-secure security network?

A.

Smurf attack

B.

Jolt attack

C.

Fraggle attack

D.

Teardrop attack

Full Access
Question # 15

Which of the following are the ways of sending secure e-mail messages over the Internet?

Each correct answer represents a complete solution. Choose two.

A.

S/MIME

B.

IPSec

C.

PGP

D.

TLS

Full Access
Question # 16

Which of the following statutes is enacted in the U.S., which prohibits creditors from collecting data from applicants, such as national origin, caste, religion etc?

A.

The Equal Credit Opportunity Act (ECOA)

B.

The Privacy Act

C.

The Fair Credit Reporting Act (FCRA)

D.

The Electronic Communications Privacy Act

Full Access
Question # 17

You work as a Network Administrator for Infonet Inc. The company's office has a wireless network. Wireless access point on the network works as a router and DHCP server. You want to configure a laptop to connect to the wireless network. What will you configure on the laptop to accomplish the task?

A.

Internet service provider's DNS server address

B.

I/O address

C.

Service Set Identifier

D.

Demilitarized zone

Full Access
Question # 18

Andrew works as a System Administrator for NetPerfect Inc. All client computers on the network run on Mac OS X. The Sales Manager of the company complains that his MacBook is not able to boot. Andrew wants to check the booting process. He suspects that an error persists in the bootloader of Mac OS X. Which of the following is the default bootloader on Mac OS X that he should use to resolve the issue?

A.

LILO

B.

GRUB

C.

NT Loader

D.

BootX

Full Access
Question # 19

Which of the following software can be used to protect a computer system from external threats (viruses, worms, malware, or Trojans) and malicious attacks?

Each correct answer represents a part of the solution. Choose all that apply.

A.

Employee monitoring software

B.

Burp Suite

C.

Antivirus

D.

Firewall

Full Access
Question # 20

Which of the following softwares is used to perform constant monitoring of the network infrastructure?

A.

Logdog

B.

THCHydra

C.

IPSentry

D.

Cain

Full Access
Question # 21

In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?

A.

Fraggle

B.

Jolt

C.

Teardrop

D.

Ping of death

Full Access
Question # 22

Andrew, a bachelor student of Faulkner University, creates a gmail account. He uses 'Faulkner' as the password for the gmail account. After a few days, he starts receiving a lot of e-mails stating that his gmail account has been hacked. He also finds that some of his important mails have been deleted by someone. Which of the following methods has the attacker used to crack Andrew's password?

Each correct answer represents a complete solution. Choose all that apply.

A.

Zero-day attack

B.

Social engineering

C.

Rainbow attack

D.

Buffer-overflow attack

E.

Brute force attack

F.

Dictionary-based attack

G.

Denial-of-service (DoS) attack

Full Access
Question # 23

Which of the following needs to be documented to preserve evidences for presentation in court?

A.

Incident response policy

B.

Account lockout policy

C.

Separation of duties

D.

Chain of custody

Full Access
Question # 24

What is the major difference between a worm and a Trojan horse?

A.

A worm is self replicating, while a Trojan horse is not.

B.

A worm is a form of malicious program, while a Trojan horse is a utility.

C.

A worm spreads via e-mail, while a Trojan horse does not.

D.

A Trojan horse is a malicious program, while a worm is an anti-virus software.

Full Access
Question # 25

You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement?

Each correct answer represents a complete solution. Choose two.

A.

Using WEP encryption

B.

Using WPA encryption

C.

Not broadcasting SSID

D.

MAC filtering the router

Full Access
Question # 26

Which of the following software helps in protecting the computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software?

Each correct answer represents a complete solution. Choose all that apply.

A.

BitDefender

B.

Windows Defender

C.

John the Ripper

D.

THC Hydra

Full Access
Question # 27

Which of the following statements are TRUE about Demilitarized zone (DMZ)?

Each correct answer represents a complete solution. Choose all that apply.

A.

The purpose of a DMZ is to add an additional layer of security to the Local Area Network of an organization.

B.

In a DMZ configuration, most computers on the LAN run behind a firewall connected to a public network like the Internet.

C.

Hosts in the DMZ have full connectivity to specific hosts in the internal network.

D.

Demilitarized zone is a physical or logical sub-network that contains and exposes external services of an organization to a larger un-trusted network.

Full Access
Question # 28

John works as an Office Assistant in DataSoft Inc. He has received an e-mail from duesoft_lotterygroup@us.com with the following message:

The DueSoft Lottery Incorporation

This is to inform you that you have just won a prize of $7,500.00 for this year's Annual Lottery promotion, which was organized by Msn/Yahoo Lottery in conjunction with DueSoft. We collect active online e-mails and select five people every year as our winners through an electronic balloting machine. Please reply within three days of receiving this e-mail with your full details like Name, Address, Sex, Occupation, Age, State, Telephone number, and Country to claim your prize.

If John replies to this e-mail, which of the following attacks may he become vulnerable to?

A.

Salami attack

B.

Man-in-the-Middle attack

C.

Phishing attack

D.

DoS attack

Full Access
Question # 29

Which of the following is a name, symbol, or slogan with which a product is identified?

A.

Copyright

B.

Trademark

C.

Trade secret

D.

Patent

Full Access
Question # 30

Which of the following malicious software is used by several advertising websites for downloading and displaying advertisements in the Web browser without user permission?

A.

Worm

B.

Blended threat

C.

Adware

D.

Trojan horse

Full Access
Question # 31

Which of the following types of attacks cannot be prevented by technical measures only?

A.

Brute force

B.

Ping flood attack

C.

Smurf DoS

D.

Social engineering

Full Access
Question # 32

Which of the following types of firewall functions by creating two different communications, one between the client and the firewall, and the other between the firewall and the end server?

A.

Stateful firewall

B.

Packet filter firewall

C.

Proxy-based firewall

D.

Endian firewall

Full Access
Question # 33

Fill in the blank with the appropriate word ___is software that is a subcategory of malware and refers to unwanted software that performs malicious actions on a user's computer. Some its examples are Trojan, adware, and spyware.

A.

Crimeware

Full Access
Question # 34

Peter works as a professional Computer Hacking Forensic Investigator for eLaw-Suit law firm. He is working on a case of a cyber crime. Peter knows that the good investigative report should not only communicate the relevant facts, but also present expert opinion. This report should not include the cases in which the expert acted as a lay witness. Which of the following type of witnesses is a lay witness?

A.

One who can give a firsthand account of something seen, heard, or experienced.

B.

One with special knowledge of the subject about which he or she is testifying.

C.

One who observes an event.

D.

One who is not qualified as an expert witness.

Full Access
Question # 35

TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port will drop the packet. Which of the following operating systems can be easily identified with the help of TCP FIN scanning?

A.

Red Hat

B.

Windows

C.

Knoppix

D.

Solaris

Full Access
Question # 36

You work as a Network Administrator for Infonet Inc. The company's network is connected to the Internet. The network has a Web server that is accessible to Internet users. For security, you want to keep the Web server separate from other servers on the network. Where will you place the Web server?

A.

With the authentication server

B.

In a demilitarized zone (DMZ)

C.

With the database server

D.

In a virtual private network (VPN)

Full Access
Question # 37

You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases. The email header of the suspicious email is given below:

What is the IP address of the sender of this email?

A.

209.191.91.180

B.

216.168.54.25

C.

172.16.10.90

D.

141.1.1.1

Full Access
Question # 38

Jason, a Malicious Hacker, is a student of Baker university. He wants to perform remote hacking on the server of DataSoft Inc. to hone his hacking skills. The company has a Windows-based network. Jason successfully enters the target system remotely by using the advantage of vulnerability. He places a Trojan to maintain future access and then disconnects the remote session.

The employees of the company complain to Mark, who works as a Professional Ethical Hacker for DataSoft Inc., that some computers are very slow. Mark diagnoses the network and finds that some irrelevant log files and signs of Trojans are present on the computers. He suspects that a malicious hacker has accessed the network. Mark takes the help from Forensic Investigators and catches Jason. Which of the following mistakes made by Jason helped the Forensic Investigators catch him?

A.

Jason did not perform a vulnerability assessment.

B.

Jason did not perform port scanning.

C.

Jason did not perform covering tracks.

D.

Jason did not perform foot printing.

E.

Jason did not perform OS fingerprinting.

Full Access
Question # 39

Which of the following is the phase of Incident handling process in which the distinction between an event and an incident is made?

A.

Identification phase

B.

Preparation phase

C.

Eradication phase

D.

Differential phase

Full Access
Question # 40

Which of the following is a technique of attacks in which the attacker secretly listens to the private conversation between victims?

A.

Eavesdropping

B.

Denial of service

C.

Dialler attack

D.

Intrusion

Full Access
Question # 41

An Anti-Virus software is used to prevent, detect, and remove malware from a system, including computer viruses, worms, and Trojan horses. Which of the following companies are the providers of Anti-virus softwares?

Each correct answer represents a complete solution. Choose all that apply.

A.

Kaspersky Lab

B.

Symantec Corporation

C.

AVG Technologies

D.

McAfee Inc.

E.

F-Secure Corporation

Full Access
Question # 42

Which two technologies should research groups use for secure VPN access while traveling?

(Click the Exhibit button on the toolbar to see the case study.)

Each correct answer represents a complete solution. Choose two.

A.

SSL

B.

Kerberos authentication

C.

Smart cards

D.

Encrypting File System (EFS)

E.

PPTP

Full Access
Question # 43

Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS) to encrypt the data stored on a disk on a file-by-file basis?

A.

Digital certificates

B.

Twofish

C.

Public key

D.

RSA

Full Access
Question # 44

Jason, a Malicious Hacker, is a student of Baker university. He wants to perform remote hacking on the server of DataSoft Inc. to hone his hacking skills. The company has a Windows-based network. Jason successfully enters the target system remotely by using the advantage of vulnerability. He places a Trojan to maintain future access and then disconnects the remote session.

The employees of the company complain to Mark, who works as a Professional Ethical Hacker for DataSoft Inc., that some computers are very slow. Mark diagnoses the network and finds that some irrelevant log files and signs of Trojans are present on the computers. He suspects that a malicious hacker has accessed the network. Mark takes the help from Forensic Investigators and catches Jason. Which of the following mistakes made by Jason helped the Forensic Investigators catch him?

A.

Jason did not perform a vulnerability assessment.

B.

Jason did not perform port scanning.

C.

Jason did not perform covering tracks.

D.

Jason did not perform foot printing.

E.

Jason did not perform OS fingerprinting.

Full Access
Question # 45

Which of the following proxy servers is also referred to as transparent proxies or forced proxies?

A.

Reverse proxy server

B.

Tunneling proxy server

C.

Intercepting proxy server

D.

Anonymous proxy server

Full Access
Question # 46

What does CSIRT stand for?

A.

Computer Security Incident Response Team

B.

Chief Security Incident Response Team

C.

Computer Security Information Response Team

D.

Chief Security Information Response Team

Full Access
Question # 47

Mark has been assigned a project to configure a wireless network for a company. The network should contain a Windows 2003 server and 30 Windows XP client computers. Mark has a single dedicated Internet connection that has to be shared among all the client computers and the server. The configuration needs to be done in a manner that the server should act as a proxy server for the client computers. Which of the following programs can Mark use to fulfill this requirement?

A.

Wingate

B.

SOCKS

C.

Sniffer

D.

Microsoft Internet Security & Acceleration Server (ISA)

Full Access
Question # 48

Which of the following DoS attacks attempts to block service or reduce activity on a host by sending ping requests directly to the victim?

A.

Land attack

B.

Ping flood attack

C.

SYN flood attack

D.

Teardrop attack

Full Access
Question # 49

Which of the following Trojans is used by attackers to modify the Web browser settings?

A.

WMA/TrojanDownloader.GetCodec

B.

Win32/Pacex.Gen

C.

Win32/FlyStudio

D.

Trojan.Lodear

Full Access
Question # 50

What is the size of Master Boot Record (MBR)?

A.

512 bytes

B.

256 bytes

C.

1 KB

D.

2 KB

Full Access