NEW QUESTION 1
A firewall’s decision to forward or reject traffic in network filtering is dependent upon which of the following?

• A. Destination address
• B. Port numbers
• C. Source address
• D. Protocol used

Answer: D

NEW QUESTION 2
Identify the type of testing that is carried out without giving any information to the employees or
administrative head of the organization.

• A. Unannounced Testing
• B. Double Blind Testing
• C. Announced Testing
• D. Blind Testing

Answer: B

NEW QUESTION 3
A chipset is a group of integrated circuits that are designed to work together and are usually marketed as a single product.” It is generally the motherboard chips or the chips used on the expansion card.
Which one of the following is well supported in most wireless applications?

• A. Orinoco chipsets
• B. Prism II chipsets
• C. Atheros Chipset
• D. Cisco chipset

Answer: B

NEW QUESTION 4
In the process of hacking a web application, attackers manipulate the HTTP requests to subvert the application authorization schemes by modifying input fields that relate to the user ID, username, access group, cost, file names, file identifiers, etc.
They first access the web application using a low privileged account and then escalate privileges to access protected resources. What attack has been carried out?

• A. XPath Injection Attack
• B. Authorization Attack
• C. Authentication Attack
• D. Frame Injection Attack

Answer: B

NEW QUESTION 5
An antenna is a device that is designed to transmit and receive the electromagnetic waves that are generally called radio waves. Which one of the following types of antenna is developed from waveguide technology?

• A. Leaky Wave Antennas
• B. Aperture Antennas
• C. Reflector Antenna
• D. Directional Antenna

Answer: B

NEW QUESTION 6
Firewall is an IP packet filter that enforces the filtering and security policies to the flowing network traffic. Using firewalls in IPv6 is still the best way of protection from low level attacks at the network and transport layers.
Which one of the following cannot handle routing protocols properly?

• A. “Internet-router-firewall-net architecture”
• B. “Internet-firewall-router-net architecture”
• C. “Internet-firewall/router(edge device)-net architecture”
• D. “Internet-firewall -net architecture”

Answer: B

NEW QUESTION 7
Identify the port numbers used by POP3 and POP3S protocols.

• A. 113 and 981
• B. 111 and 982
• C. 110 and 995
• D. 109 and 973

Answer: C

NEW QUESTION 8
What is kept in the following directory? HKLMSECURITYPolicySecrets

• A. Service account passwords in plain text
• B. Cached password hashes for the past 20 users
• C. IAS account names and passwords
• D. Local store PKI Kerberos certificates

Answer: A

NEW QUESTION 9
Which type of vulnerability assessment tool provides security to the IT system by testing for vulnerabilities in the applications and operation system?

• A. Active/Passive Tools
• B. Application-layer Vulnerability Assessment Tools
• C. Location/Data Examined Tools
• D. Scope Assessment Tools

Answer: D

NEW QUESTION 10
As a security analyst you setup a false survey website that will require users to create a username and a strong password. You send the link to all the employees of the company. What information will you be able to gather?

• A. The employees network usernames and passwords
• B. The MAC address of the employees' computers
• C. The IP address of the employees computers
• D. Bank account numbers and the corresponding routing numbers

Answer: C

NEW QUESTION 11
Simon is a former employee of Trinitron XML Inc. He feels he was wrongly terminated and wants to hack into his former company's network. Since Simon remembers some of the server names, he attempts to run the AXFR and IXFR commands using DIG. What is Simon trying to accomplish here?

• A. Enumerate all the users in the domain
• B. Perform DNS poisoning
• C. Send DOS commands to crash the DNS servers
• D. Perform a zone transfer

Answer: D

NEW QUESTION 12
A framework for security analysis is composed of a set of instructions, assumptions, and limitations to analyze and solve security concerns and develop threat free applications.
Which of the following frameworks helps an organization in the evaluation of the company’s information security with that of the industrial standards?

• A. Microsoft Internet Security Framework
• B. Information System Security Assessment Framework
• C. The IBM Security Framework
• D. Nortell’s Unified Security Framework

Answer: B

NEW QUESTION 13
Which one of the following log analysis tools is a Cisco Router Log Format log analyzer and it parses logs, imports them into a SQL database (or its own built-in database), aggregates them, and generates the dynamically filtered reports, all through a web interface?

• A. Event Log Tracker
• B. Sawmill
• C. Syslog Manager
• D. Event Log Explorer

Answer: B

NEW QUESTION 14
What are the scanning techniques that are used to bypass firewall rules and logging mechanisms and disguise themselves as usual network traffic?

• A. Connect Scanning Techniques
• B. SYN Scanning Techniques
• C. Stealth Scanning Techniques
• D. Port Scanning Techniques

Answer: C

NEW QUESTION 15
Besides the policy implications of chat rooms, Internet Relay Chat (IRC) is frequented by attackers and used as a command and control mechanism. IRC normally uses which one of the following TCP ports?

• A. 6566 TCP port
• B. 6771 TCP port
• C. 6667 TCP port
• D. 6257 TCP port

Answer: C

NEW QUESTION 16
You are running known exploits against your network to test for possible vulnerabilities. To test the strength of your virus software, you load a test network to mimic your production network. Your software successfully blocks some simple macro and encrypted viruses.
You decide to really test the software by using virus code where the code rewrites itself entirely and the signatures change from child to child, but the functionality stays the same. What type of virus is this that you are testing?

• A. Metamorphic
• B. Oligomorhic
• C. Polymorphic
• D. Transmorphic

Answer: A

NEW QUESTION 17
An "idle" system is also referred to as what?

• A. Zombie
• B. PC not being used
• C. Bot
• D. PC not connected to the Internet

Answer: A

NEW QUESTION 18
An attacker injects malicious query strings in user input fields to bypass web service authentication mechanisms and to access back-end databases. Which of the following attacks is this?

• A. Frame Injection Attack
• B. LDAP Injection Attack
• C. XPath Injection Attack
• D. SOAP Injection Attack

Answer: D

NEW QUESTION 19
You have compromised a lower-level administrator account on an Active Directory network of a small company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of the Domain Controllers on port 389 using Idp.exe.
What are you trying to accomplish here?

• A. Poison the DNS records with false records
• B. Enumerate MX and A records from DNS
• C. Establish a remote connection to the Domain Controller
• D. Enumerate domain user accounts and built-in groups

Answer: D

NEW QUESTION 20
Which of the following is not a characteristic of a firewall?

• A. Manages public access to private networked resources
• B. Routes packets between the networks
• C. Examines all traffic routed between the two networks to see if it meets certain criteria
• D. Filters only inbound traffic but not outbound traffic

Answer: D

NEW QUESTION 21
Transmission Control Protocol (TCP) is a connection-oriented four layer protocol. It is responsible for breaking messages into segments, re-assembling them at the destination station, and re-sending. Which one of the following protocols does not use the TCP?

• A. Reverse Address Resolution Protocol (RARP)
• B. HTTP (Hypertext Transfer Protocol)
• C. SMTP (Simple Mail Transfer Protocol)
• D. Telnet

Answer: A

NEW QUESTION 22
A Demilitarized Zone (DMZ) is a computer host or small network inserted as a “neutral zone” between a company’s private network and the outside public network. Usage of a protocol within a DMZ environment is highly variable based on the specific needs of an organization.
Privilege escalation, system is compromised when the code runs under root credentials, and DoS attacks are the basic weakness of which one of the following Protocol?

• A. Lightweight Directory Access Protocol (LDAP)
• B. Simple Network Management Protocol (SNMP)
• C. Telnet
• D. Secure Shell (SSH)

Answer: D

NEW QUESTION 23
......