NEW QUESTION 1

Which of the following statements are true about the Enum tool?

• A. It uses NULL and User sessions to retrieve user lists, machine lists, LSA policy information, etc.
• B. It is capable of performing brute force and dictionary attacks on individual accounts of Windows NT/2000.
• C. One of the countermeasures against the Enum tool is to disable TCP port 139/445.
• D. It is a console-based Win32 information enumeration utility.

Answer: ABCD

Explanation:

Enum is a console-based Win32 information enumeration utility. It uses null sessions to retrieve user lists, machine lists, share lists, name lists, group and member lists, passwords, and LSA policy information. It is also capable of performing brute force and dictionary attacks on individual accounts. Since the Enum tool works on the NetBIOS NULL sessions, disabling the NetBIOS port can be a good countermeasure against the Enum tool.

NEW QUESTION 2

Which of the following are the reasons for implementing firewall in any network?

• A. Create a choke point
• B. Log Internet activity
• C. Log system activity
• D. Limit access control
• E. Implementing security policy
• F. Limit network host exposure

Answer: ABEF

Explanation:

A firewall is a part of a computer system or network that is designed to block unauthorized access while permitting authorized communications. It is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all computer traffic between different security domains based upon a set of rules and other criteria. The four important roles of a firewall are as follows:
* 1. Implement security policy: A firewall is a first step in implementing security policies of an organization. Different policies are directly implemented at the firewall. A firewall can also work with network routers to implement Types-Of-Service (ToS) policies.
* 2. Creating a choke point: A firewall can create a choke point between a private network of
an organization and a public network. With the help of a choke point the firewall devices can monitor, filter, and verify all inbound and outbound traffic.
* 3. Logging Internet activity: A firewall also enforces logging of the errors and faults. It also provides alarming mechanism to the network.
* 4. Limiting network host exposure: A firewall can create a perimeter around the network to protect it from the Internet. It increases the security by hiding internal information.

NEW QUESTION 3

Which of the following tools uses Internet Control Message Protocol (ICMP)?

• A. Port scanner
• B. Brutus
• C. Fragroute
• D. Ping scanner

Answer: D

Explanation:

A ping scanner is a tool that sends ICMP ECHO requests across a network and rapidly makes a list of responding nodes. Internet Control Message Protocol (ICMP) is an integral part of IP. It is used to report an error in datagram processing. The Internet Protocol (IP) is used for host-to-host datagram service in a network. The network is configured with connecting devices called gateways. When an error occurs in datagram processing, gateways or destination hosts report the error to the source hosts through the
ICMP protocol. The ICMP messages are sent in various situations, such as when a datagram cannot reach its destination, when the gateway cannot direct the host to send traffic on a shorter route, when the gateway does not have the buffering capacity, etc. Answer A, B, C are incorrect. These tools do not use ICMP to perform their functions.

NEW QUESTION 4

What will be the output of the following command? echo $(date %M) > date.txt

• A. The current time (Month) will be written in the date.txt file.
• B. It will create a variable $(date %M).
• C. It will print a string "date %M".
• D. The current time (Minutes) will be written in the date.txt file.

Answer: D

Explanation:

The date command with the %M specifier prints the current time (Minutes). Since the output is redirected towards the date.txt file, the current time (Minutes) will be printed in the date.txt file.

NEW QUESTION 5

John works as a Network Administrator for Perfect Solutions Inc. The company has a
Linux-based network. John is working as a root user on the Linux operating system. He has a data.txt file in which each column is separated by the TAB character. Now, he wants to use this file as input for a data mining software he has created. The problem preventing him from accomplishing his task is that with his data mining software, he has used TAB as a delimiter to distinguish between columns. Hence, he is unable to use this file as input for the software. However, if he somehow replaces the TAB characters of the file with SPACE characters, he can use this file as an input file for his data mining software. Which of the following commands will John use to replace the TAB characters of the file with SPACE characters?

• A. expand -t 1 data.txt > data.txt
• B. cat data.txt
• C. chmod 755 data.txt
• D. touch data.txt

Answer: A

Explanation:
According to the scenario, John can replace the TAB characters with single space characters with the expand command. With the expand -t 1 data.txt > data.txt command, the TABs of data.txt are changed into single spaces and are redirected by using the > command into the data.txt file. Now, John can use the data.txt file as the input file for his data mining software.

NEW QUESTION 6

The employees of EWS Inc. require remote access to the company's Web servers. In order to provide solid wireless security, the company uses EAP-TLS as the authentication protocol. Which of the following statements are true about EAP-TLS?

• A. It uses password hash for client authentication.
• B. It uses a public key certificate for server authentication.
• C. It is supported by all manufacturers of wireless LAN hardware and software.
• D. It provides a moderate level of security.

Answer: BC

Explanation:

EAP-TLS can use only a public key certificate as the authentication technique. It is supported by all manufacturers of wireless LAN hardware and software. The requirement for a client-side certificate, however unpopular it may be, is what gives EAP- TLS its authentication strength and illustrates the classic convenience vs. security trade-off. Answer D is incorrect. EAP-TLS provides the highest level of security. Answer A is incorrect. EAP-TLS uses a public key certificate for server authentication.

NEW QUESTION 7

Web applications are accessed by communicating over TCP ports via an IP address. Choose the two most common Web Application TCP ports and their respective protocol names. (Choose two)

• A. TCP Port 443 / S-HTTP or SSL
• B. TCP Port 80 / HTTPS or SSL
• C. TCP Port 443 / HTTPS or SSL
• D. TCP Port 80 / HTTP

Answer: CD

Explanation:
The two most common Web Application TCP ports are Port 443 and Port 80. HTTPS or SSL uses TCP port 443, whereas HTTP uses TCP Port 80. Answer B is incorrect. Port 80 is used for HTTP, not HTTPS. Answer A is incorrect. S-HTTP is not the protocol name for Port 443. HTTPS or SSL is the name used for Port 443 traffic.

NEW QUESTION 8

You are tasked with configuring your routers with a minimum security standard that includes the following: A local Username and Password configured on the router A strong privilege mode password Encryption of user passwords Configuring telnet and ssh to authenticate against the router user database Choose the configuration that best meets these requirements.

• A. RouterA(config)#service password-encryption RouterA(config)#username cisco password PaS$w0Rd RouterA(config)#enable secret n56e&$te RouterA(config)#line vty 0 4 RouterA(config-line)#login
• B. RouterA(config)#service password-encryption RouterA(config)#username cisco password PaS$w0Rd RouterA(config)#enable password n56e&$te RouterA(config)#line vty 0 4RouterA(config-line)#login local
• C. RouterA(config)#service password-encryption RouterA(config)#username cisco password PaS$w0Rd RouterA(config)#enable secret n56e&$te RouterA(config)#line vty 0 4RouterA(config-line)#login local
• D. RouterA(config)#service enable-password-encryption RouterA(config)#username cisco password PaS$w0Rd RouterA(config)#enable secret n56e&$te RouterA(config)#line vty 0 4RouterA(config-line)#login user

Answer: C

Explanation:

In order to fulfill the requirements, you should use the following set of commands: RouterA(config)#service password-encryption RouterA(config)#username cisco password PaS$w0Rd RouterA(config)#enable secret n56e&$te RouterA(config)#line vty 0 4 RouterA(config-line)#login local Answer D is incorrect. This configuration does not apply password encryption correctly. The command service enable-password- encryption is incorrect. The correct command is service password-encryption. Answer A is incorrect. This configuration applies the login command to the VTY lines. This would require the password to be set at the VTY Line 0 4 level. This effectively will not configure user-level access for the VTY lines. Answer B is incorrect. The enable password command is obsolete and considered insecure. The proper command is enable secret followed by the password value.

NEW QUESTION 9

Which of the following NFS mount options specifies whether a program using a file via an NFS connection should stop and wait for the server to come back online, if the host serving the exported file system is unavailable, or if it should report an error?

• A. intr
• B. hard or soft
• C. nfsvers=2 or nfsvers=3
• D. fsid=num

Answer: B

Explanation:

The hard or soft NFS mount options are used to specify whether a program using a file via an NFS connection should stop and wait (hard) for the server to come back online, if the host serving the exported file system is unavailable, or if it should report an error. Answer A is incorrect. The intr NFS mount option allows NFS requests to be interrupted if the server goes down or cannot be reached. Answer C is incorrect. The nfsvers=2 or nfsvers=3 NFS mount options are used to specify which version of the NFS protocol to use. Answer D is incorrect. The fsid=num NFS mount option forces the file handle and file attributes settings on the wire to be num.

NEW QUESTION 10

You work as a Security Administrator in Tech Perfect Inc. The company has a TCP/IP based network. The network has a vast majority of Cisco Systems routers and Cisco network switches. You want to take a snapshot of the router running configuration and archive running configuration of the router to persistent storage. Which of the following steps will you take?

• A. Secure the boot configuration
• B. Restore an archived primary bootset
• C. Verify the security of the bootset
• D. Enable the image resilience

Answer: A

Explanation:

In order to take a snapshot of the router running configuration and archive running configuration of the router to persistent storage, you should secure the boot configuration of the router using the secure boot-config command. Answer D is incorrect. You can enable the image resilience, if you want to secure the Cisco IOS image. Answer C is incorrect. By verifying the security of bootset, you can examine whether or not the Cisco IOS Resilient Configuration is enabled and the files in the bootset are secured. Answer B is incorrect. By restoring an archived primary bootset, you can restore a primary bootset from a secure archive after an NVRAM has been erased or a disk has been formatted.

NEW QUESTION 11

Which of the following is a method of the HttpSession interface and is used to retrieve the time when the session was created?

• A. getCreationTime()
• B. getSessionCreationTime()
• C. getSessionTime()
• D. getTime()

Answer: A

Explanation:

The getCreationTime() method returns the time when the session was created. The time is measured in milliseconds since midnight January 1, 1970. This method throws an IllegalStateException if it is called on an invalidated session.

NEW QUESTION 12

You want to append a tar file if the on-disk version of the tar file has a modification date more recent than its copy in the tar archive. Which of the following commands will you use to accomplish the task?

• A. tar -u
• B. tar -t
• C. tar -c
• D. tar –x

Answer: A

Explanation:

The tar -u command is used to append a tar file if the on-disk version of the tar file has a modification date more recent than its copy in the tar archive. Answer B is incorrect. The tar -t command is used to list the contents of an archive. Answer D is incorrect. The tar -x command is used to extract the files from an archive. Answer C is incorrect. The tar -c command is used to create a new archive of specified files.

NEW QUESTION 13

Which of the following records is the first entry in a DNS database file?

• A. CNAME
• B. SOA
• C. SRV
• D. MX

Answer: B

Explanation:

Start of Authority (SOA) record is the first record in any DNS database file. The SOA resource record includes the following fields: owner, TTL, class, type, authoritative server, refresh, minimum TTL, etc. Answer A is incorrect. Canonical Name (CNAME) is a resource record that creates an alias for the specified Fully Qualified Domain Name (FQDN). It hides the implementation details of a network from the clients that are connected to the network. Answer D is incorrect. MX is a mail exchange resource record in the database file of a DNS server. It specifies a mail exchange server for a DNS domain name. Answer C is incorrect. SRV resource record is a DNS record that enables users to specify the location of servers for a specific service, protocol, and DNS domain. For example, if there are two servers in a domain, creating SRV records specifies which hosts serve as Web servers, and resolvers can then retrieve all the SRV resource records for the Web servers.

NEW QUESTION 14

Which of the following tags will create two vertical frames, as given in the image below, where the left frame is half as wide as the right one?

• A. <FRAMESET ROWS = "*, *"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></FRAMESET>
• B. <FRAMESET ROWS = "1, 2"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></FRAMESET>
• C. <FRAMESET COLS = "*, *"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></FRAMESET>
• D. <FRAMESET ROWS = "*, 2*"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></FRAMESET>
• E. <FRAMESET COLS = "*, 2*"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></FRAMESET>

Answer: E

Explanation:
<FRAMESET> tag specifies a frameset used to organize multiple frames and nested framesets in an HTML document. It defines the location, size, and orientation of frames. An HTML document can either contain a
<FRAMESET> tag or a <BODY> tag. The COLS attribute of the
<FRAMESET> tag defines the width of the vertical frames. The ROWS attribute defines the height of the horizontal frames. The code in answer option E will create two identical frames. The left frame will be half as wide as the right frame because of the relative size attributes given in the <FRAMESET> tag, i.e.,
<FRAMESET COLS = "*, 2*">.

NEW QUESTION 15

What is the extension of a Cascading Style Sheet?

• A. .hts
• B. .cs
• C. .js
• D. .css

Answer: D

Explanation:

A Cascading Style Sheet (CSS) is a separate text file that keeps track of design and formatting information, such as colors, fonts, font sizes, and margins, used in Web pages. CSS is used to provide Web site authors greater control on the appearance and presentation of their Web pages. It has codes that are interpreteA, Dpplied by the browser on to the Web pages and their elements. CSS files have .css extension. There are three types of Cascading Style Sheets: External Style Sheet Embedded Style Sheet Inline Style Sheet

NEW QUESTION 16

Which of the following is Microsoft's implementation of the file and application server for the Internet and private intranets?

• A. Internet Server Service (ISS)
• B. Internet Server (IS)
• C. WWW Server (WWWS)
• D. Internet Information Server (IIS)

Answer: D

Explanation:

Microsoft Internet Information Server (IIS) is a WeA, Bpplication server for the Internet and private intranets. IIS receives requests from users on the network using the World Wide Web (WWW) service and transmits information using the Hypertext Transport Protocol (HTTP). IIS uses Microsoft Transaction Server (MTS) to provide security, performance, and scalability with server side packages.

NEW QUESTION 17

A Web developer with your company wants to have wireless access for contractors that come in to work on various projects. The process of getting this approved takes time. So rather than wait, he has put his own wireless router attached to one of the network ports in his department. What security risk does this present?

• A. None, adding a wireless access point is a common task and not a security risk.
• B. It is likely to increase network traffic and slow down network performance.
• C. This circumvents network intrusion detection.
• D. An unauthorized WAP is one way for hackers to get into a network.

Answer: D

Explanation:

Any unauthorized Wireless Access Point (WAP) is a serious security breach. Its configuration might be very unsecure. For example it might not use encryption or MAC filtering, thus allowing anyone in range to get on the network.

NEW QUESTION 18

John works as a Network Administrator for Perfect Solutions Inc. The company has a Debian Linux-based network. He is working on the bash shell in which he creates a variable VAR1. After some calculations, he opens a new ksh shell. Now, he wants to set VAR1 as an environmental variable so that he can retrieve VAR1 into the ksh shell. Which of the following commands will John run to accomplish the task?

• A. echo $VAR1
• B. touch VAR1
• C. export VAR1
• D. env -u VAR1

Answer: C

Explanation:
Since John wants to use the variable VAR1 as an environmental variable, he will use the export command to accomplish the task.

NEW QUESTION 19
......