NEW QUESTION 1

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to make changes on a per-directory basis. Which of the following Unix configuration files can you use to accomplish the task?

• A. $HOME/.profile
• B. $HOME/Xrootenv.0
• C. $HOME/.htaccess
• D. /var/log/btmp

Answer: C

Explanation:
In Unix, the $HOME/.htaccess file provides a way to make configuration changes on a per directory basis. Answer A is incorrect. In Unix, the $HOME/.profile file contains the user's environment stuff and startup programs.
Answer B is incorrect. In Unix, the $HOME/Xrootenv.0 file contains networking and environment info. Answer D is incorrect. In Unix, the /var/log/btmp file is used to store information about failed logins.

NEW QUESTION 2

You are responsible for a number of Windows Server 2003 DNS servers on a large
corporate network. You have decided to audit the DNS server logs. Which of the following are likely errors you could encounter in the log? (Choose two)

• A. The DNS server could not create FTP socket for address [IP address of server].
• B. The DNS server could not open socket for domain name [domain name of server].
• C. The DNS server could not create a Transmission Control Protocol (TCP) socket.
• D. The DNS server could not open socket for address [IP address of server].

Answer: CD

Explanation:

There are a number of errors one could find in a Windows Server 2003 DNS log. They are as follows: The DNS server could not create a Transmission Control Protocol. The DNS server could not open socket for address. The DNS server could not initialize the Remote Procedure Call (RPC) service. The DNS server could not bind the main datagram socket. The DNS Server service relies on Active Directory to store and retrieve information for Active Directory-integrated zones. And several active directory errors are possible. Answer A is incorrect. DNS Servers do not create FTP connections. Answer B is incorrect. A DNS server looks up a name to return an IP, it would not and cannot connect to a domain name, it must connect to an IP address.

NEW QUESTION 3

You are the Security Administrator for an Internet Service Provider. From time to time your company gets subpoenas from attorneys and law enforcement for records of customers' access to the internet. What policies must you have in place to be prepared for such requests?

• A. Group access policies
• B. Backup policies
• C. User access policies
• D. Storage and retention policies

Answer: D

Explanation:

Storage and retention policies will determine how long you keep records (such as records of customers Web activity), how you will store them, and how you will dispose of them. This will allow you to know what records you should still have on hand should a legal request for such records come in. Answer C is incorrect. User policies might determine what a customer has access to, but won't help you identify what they actually did access. Answer A is incorrect. Group policies are usually pertinent to network administration, not the open and uncontrolled environment of an ISP. Answer B is incorrect. Backup policies dictate how data is backed up and stored.

NEW QUESTION 4

Brutus is a password cracking tool that can be used to crack the following authentications: HTTP (Basic Authentication) HTTP (HTML Form/CGI) POP3 (Post Office Protocol v3) FTP (File Transfer Protocol) SMB (Server Message Block) Telnet Which of the following attacks can be performed by Brutus for password cracking?

• A. Man-in-the-middle attack
• B. Hybrid attack
• C. Replay attack
• D. Brute force attack
• E. Dictionary attack

Answer: BDE

Explanation:

Brutus can be used to perform brute force attacks, dictionary attacks, or hybrid attacks.

NEW QUESTION 5

Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol?

• A. TIS authentication
• B. Kerberos authentication
• C. Rhosts (rsh-style) authentication
• D. Password-based authentication

Answer: ABC

Explanation:
The Rhosts (rsh-style), TIS, and Kerberos user authentication methods are supported by the SSH-1 protocol but not by SSH-2 protocol. Answer D is incorrect. Password-based authentication is supported by both the SSH-1 and SSH-2 protocols.

NEW QUESTION 6

Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

• A. Disaster recovery plan
• B. Continuity of Operations Plan
• C. Business continuity plan
• D. Contingency plan

Answer: D

Explanation:

A contingency plan is a plan devised for a specific situation when things could go wrong. Contingency plans include specific strategies and actions to deal with specific variances to assumptions resulting in a particular problem, emergency, or state of affairs. They also include a monitoring process and triggers for initiating planned actions. Answer A is incorrect. Disaster recovery is the process, policies, and procedures related to preparing for recovery or continuation of technology infrastructure critical to an organization after a natural or human-induced disaster. Answer C is incorrect. It deals with the plans and procedures that identify and prioritize the critical business functions that must be preserved. Answer B is incorrect. It includes the plans and procedures documented that ensure the continuity of critical operations during any period where normal operations are impossible.

NEW QUESTION 7

You run the wc -c file1.txt command. If this command displays any error message, you want to store the error message in the error.txt file. Which of the following commands will you use to accomplish the task?

• A. wc -c file1.txt >>error.txt
• B. wc -c file1.txt 1>error.txt
• C. wc -c file1.txt 2>error.txt
• D. wc -c file1.txt >error.txt

Answer: C

Explanation:

According to the scenario, you will use the wc -c file1.txt 2>error.txt command to accomplish the task. The 2> operator is an error redirector, which, while running a command, redirects the error (if it exists) on the specified file. Answer B, D are incorrect. The > or 1> redirector can be used to redirect the output of the wc -c file1.txt file to the error.txt file; however, you want to write the errors in the error.txt file, not the whole output. Answer A is incorrect. The >> operator will redirect the output of the command in the same manner as the > or 1> operator. Although the >> operator will not overwrite the error.txt file, it will append the error.txt file.

NEW QUESTION 8

You work as a Database Administrator for XYZ CORP. The company has a multi-platform network. The company requires a database that can receive data from various types of operating systems. You want to design a multidimensional database to accomplish the task. Which of the following statements are true about a multidimensional database?

• A. It is used to optimize Online Analytical Processing (OLAP) applications.
• B. It is used to optimize data warehouse.
• C. It is rarely created using input from existing relational databases.
• D. It allows users to ask questions that are related to summarizing business operations and trends.

Answer: ABD

Explanation:

A multidimensional database (MDB) is a type of database that is optimized for data warehouse and Online Analytical Processing (OLAP) applications. Multidimensional databases are frequently created using input from existing relational databases. Whereas a relational database is typically accessed using a Structured Query Language (SQL) query, a multidimensional database allows a user to ask questions like "How many Aptivas have been sold in Nebraska so far this year?" and similar questions related to summarizing business operations and trends. An OLAP application that accesses data from a multidimensional database is known as a MOLAP (multidimensional OLAP) application. Answer C is incorrect. A multidimensional database is frequently created using input from existing relational databases.

NEW QUESTION 9

Sarah works as a Web Developer for XYZ CORP. She develops a Web site for the company. She uses tables in the Web site. Sarah embeds three tables within a table. What is the technique of embedding tables within a table known as?

• A. Nesting tables
• B. Stacking tables
• C. CSS tables
• D. Horned tables

Answer: A

Explanation:

In general, nesting means embedding a construct inside another. Nesting tables is a technique in which one or more tables are embedded within a table. Answer B, C, D are incorrect. There are no techniques such as stacking tables, horned tables, or CSS tables.

NEW QUESTION 10

You have been assigned a project to develop a Web site for a construction company. You have to develop a Web site and want to get more control over the appearance and presentation of your Web pages. You also want to increase the ability to precisely specify the location and appearance of the elements on a page and create special effects. You plan to use Cascading style sheets (CSS). You want to apply the same style consistently throughout your Web site. Which type of style sheet will you use?

• A. Internal Style Sheet
• B. External Style Sheet
• C. Inline Style Sheet
• D. Embedded Style Sheet

Answer: B

Explanation:

To apply the same style consistently throughout your Web site you should use external style sheet. Cascading style sheets (CSS) are used so that the Web site authors can exercise greater control on the appearance and presentation of their Web pages. And also because they increase the ability to precisely point to the location and look of elements on a Web page and help in creating special effects. Cascading Style Sheets have codes, which are interpreteA, Dpplied by the browser on to the Web pages and their elements. There are three types of cascading style sheets. External Style Sheets Embedded Style Sheets Inline Style Sheets External Style Sheets are used whenever consistency in style is required throughout a Web site. A typical external style sheet uses a .css file extension, which can be edited using a text editor such as a Notepad. Embedded Style Sheets are used for defining styles for an active page.
Inline Style Sheets are used for defining individual elements of a page. Reference: TechNet, Contents: Microsoft Knowledgebase, February 2000 issue PSS ID Number: Q179628

NEW QUESTION 11

You work as a Software Developer for XYZ CORP. You create a SQL server database named DATA1 that will manage the payroll system of the company. DATA1 contains two tables named EmployeeData, Department. While EmployeeData records detailed information of the employees, Department stores information about the available departments in the company. EmployeeData consists of columns that include EmpID, EmpName, DtOBrth, DtOJoin, DeptNo, Desig, BasicSal, etc. You want to ensure that each employee ID is unique and is not shared between two or more employees. You also want to ensure that the employees enter only valid department numbers in the DeptNo column. Which of the following actions will you perform to accomplish the task?

• A. Define triggers in the EmployeeData table.
• B. Add stored procedures by using Transact-SQL queries.
• C. Add constraints to the EmployeeData table.
• D. Define indexes in the EmployeeData table.
• E. Define views in the database.

Answer: BCDE

Explanation:

In the given scenario, you will add constraints to the EmpID and DeptNo columns of the EmployeeData table, as you want EmpID to be unique, and the number entered in the DeptNo column to be valid. A constraint enforces the integrity of a database. It defines rules regarding the values allowed in the columns of a table. A constraint is the standard mechanism for enforcing integrity. Using constraints is preferred to using triggers, rules, and defaults. Most of the RDBMS databases support the following five types of constraints: NOT NULL constraint: It specifies that the column does not accept NULL values. CHECK constraint: It enforces domain integrity by limiting the values that can be placed in a column. UNIQUE constraint: It enforces the uniqueness of values in a set of columns. PRIMARY KEY constraint: It identifies the column or set of columns whose values uniquely identify a row in a table. FOREIGN KEY constraint: It establishes a foreign key relationship between the columns of the same table or different tables. Following are the functions of constraints: Constraints enforce rules on data in a table whenever a row is inserted, updated, or deleted from the table. Constraints prevent the deletion of a table if there are dependencies from other tables. Constraints enforce rules at the column level as well as at the table level. Defining indexes in the EmployeeData table will help you find employee information based on EmpID, very fast. An index is a pointer to a table. It speeds up the process of data retrieval from a table. It is stored separately from a table for which it was created. Indexes can be created or dropped without affecting the data in a table. The syntax for creating an index is as follows: CREATE INDEX <Index name> Indexes can also be used for implementing data integrity in a table. A unique index does not allow duplicate values to enter in a row if a particular column is indexed as a unique index. The syntax for creating a unique index is as follows: CREATE UNIQUE INDEX <Index name> You will also add a stored procedure named AddEmp by using Transact-SQL queries. AddEmp will accept data values for new employees and will subsequently add a row in the EmployeeData table. Stored procedures are precompiled SQL routines that are stored on a database server. They are a combination of multiple SQL statements that form a logical unit and perform a particular task. Stored procedures provide the capability of combining multiple SQL statements and improve speed due to precompiled routines. Most of the DBMS provide support for stored procedures. They usually differ in their syntax and capabilities from one DBMS to another. A stored procedure can take three parameters: IN, OUT, and INOUT. Note: Stored procedures are very similar to functions and procedures of common programming languages. You will also define a view named DeptEmpView that will combine data from the Department and EmployeeData tables and thus produce the required result. A view can be thought of as a virtual table. The data accessible through a view is not stored in the database as a distinct object. Views are created by defining a SELECT statement. The result set of the SELECT statement forms the virtual table. A user can use this virtual table by referencing the view name in SQL statements in the same way a table is referenced. Answer A is incorrect. You do not need to define any triggers in the EmployeeData table, as they are not required while making the EmpID unique, or while entering valid data values in DeptNo. A trigger is a special kind of stored procedure that automatically runs when data in a specified table is updated, inserted, or deleted. Triggers can query other tables and can include complex SQL statements.

NEW QUESTION 12

You work as a Network Administrator for NTY Inc. The company has a secure wireless network. While auditing the network for maintaining security, you find an unknown node. You want to locate that node. Which tool will you use to pinpoint the actual physical location of the node?

• A. Kismet
• B. Ekahau
• C. WEPCrack
• D. AirSnort

Answer: B

Explanation:

Ekahau is an easy-to-use powerful and comprehensive tool for network site surveys and optimization. It is an auditing tool that can be used to pinpoint the actual physical location of wireless devices in the network. This tool can be used to make a map of the office and then perform the survey of the office. In the process, if one finds an unknown node, ekahau can be used to locate that node. Answer D is incorrect. AirSnort is a Linux-based WLAN WEP cracking tool that recovers encryption keys. AirSnort operates by passively monitoring transmissions. It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the WEP keys.
Answer A is incorrect. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion detection system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Kismet can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet can be used for the following tasks: To identify networks by passively collecting packets To detect standard named networks To detect masked networks To collect the presence of non-beaconing networks via data traffic Answer C is incorrect. WEPcrack is a wireless network cracking tool that exploits the vulnerabilities in the RC4 Algorithm, which comprises the WEP security parameters. It mainly consists of three tools, which are as follows: WeakIVGen: It allows a user to emulate the encryption output of 802.11 networks to weaken the secret key used to encrypt the network traffic. Prism-getIV: It analyzes packets of information until ultimately matching patterns to the one known to decrypt the secret key. WEPcrack: It pulls the all beneficial data of WeakIVGen and Prism-getIV to decipher the network encryption.

NEW QUESTION 13

Which of the following is the most secure place to host a server that will be accessed publicly through the Internet?

• A. A DNS Zone
• B. An Intranet
• C. A stub zone
• D. A demilitarized zone (DMZ)

Answer: D

Explanation:

A demilitarized zone (DMZ) is the most secure place to host a server that will be accessed publicly through the Internet. Demilitarized zone (DMZ) or perimeter network is a small network that lies in between the Internet and a private network. It is the boundary between the Internet and an internal network, usually a combination of firewalls and bastion hosts that are gateways between inside networks and outside networks. DMZ provides a large enterprise network or corporate network the ability to use the Internet while still maintaining its security. Answer B is incorrect. Hosting a server on the intranet for public access will not be good from a security point of view.

NEW QUESTION 14

Which of the following mechanisms is closely related to authorization?

• A. Sending secret data such as credit card information.
• B. Allowing access to a particular resource.
• C. Verifying username and password.
• D. Sending data so that no one can alter it on the way.

Answer: B

Explanation:

Authorization is a process that verifies whether a user has permission to access a Web resource. A Web server can restrict access to some of its resources to only those clients that log in using a recognized username and password. To be authorized, a user must first be authenticated. Answer C is incorrect. Verifying username and password describes the mechanism of authentication. Authentication is the process of verifying the identity of a user. This is usually done using a user name and password. This process compares the provided user name and password with those stored in the database of an authentication server. Answer D is incorrect. Sending data so that no one can alter it on the way describes the mechanism of data integrity. Data integrity is a mechanism that ensures that the data is not modified during transmission from source to destination. This means that the data received at the destination should be exactly the same as that sent from the source. Answer A is incorrect. Sending secret data such as credit card information describes the mechanism of confidentiality. Confidentiality is a mechanism that ensures that only the intendeA, Duthorized recipients are able to read data. The data is so encrypted that even if an unauthorized user gets access to it, he will not get any meaning out of it.

NEW QUESTION 15

Mark works as a Web Developer for XYZ CORP. He is developing a Web site for the company. The Manager of the company requires Mark to use tables instead of frames in the Web site. What is the major advantage that a table-structured Web site has over a frame-structured Web site?

• A. Easy maintenance
• B. Speed
• C. Better navigation
• D. Capability of being bookmarked or added to the Favorites folder

Answer: D

Explanation:

The major advantage that a table-structured Web site has over a frame- structured Web site is that users can bookmark the pages of a table- structured Web site, whereas pages of a frame-structured Web site cannot be bookmarked or added to the Favorites folder. Non-frame Web sites also give better results with search engines. Better navigation: Web pages can be divided into multiple frames and each frame can display a separate Web page. It helps in providing better and consistent navigation. Easy maintenance: Fixed elements, such as a navigation link and company logo page, can be created once and used with all the other pages. Therefore, any change in these pages is required to be made only once.

NEW QUESTION 16

You work as a Software Developer for UcTech Inc. You want to ensure that a class is informed whenever an attribute is added, removed, or replaced in a session. Which of the following is the event that you will use to accomplish the task?

• A. HttpSessionBindingEvent
• B. HttpAttributeEvent
• C. HttpSessionEvent
• D. HttpSessionAttributeEvent

Answer: A

Explanation:

To be informed whenever an attribute is added, removed, or replaced in a session, a class must have a method with HttpSessionBindingEvent as its attribute. The HttpSessionBindingEvent class extends the HttpSessionEvent class. The HttpSessionBindingEvent class is used with the following listeners: HttpSessionBindingListener: It notifies the attribute when it is bound or unbound from a session. HttpSessionAttributeListener: It notifies the class when an attribute is bound, unbound, or replaced in a session. The session binds the object by a call to the HttpSession.setAttribute() method and unbinds the object by a call to the HttpSession.removeAttribute() method. Answer C is incorrect. The HttpSessionEvent is associated with the HttpSessionListener interface and HttpSessionActivationListener.

NEW QUESTION 17

You work as a Network Administrator for XYZ CORP. The company has a TCP/IP-based network environment. The network contains Cisco switches and a Cisco router. A user is unable to access the Internet from Host B. You also verify that Host B is not able to connect to other resources on the network. The IP configuration of Host B is shown below:

Which of the following is the most likely cause of the issue?

• A. An incorrect subnet mask is configured on Host B.
• B. The IP address of Host B is not from the correct IP address range of the network.
• C. There is an IP address conflict on the network.
• D. An incorrect default gateway is configured on Host B.

Answer: A

Explanation:

According to the network diagram, the IP address range used on the network is from the class C private address range. The class C IP address uses the following default subnet mask: 255.255.255.0 The question specifies that the subnet mask used in Host B is 255.255.0.0, which is an incorrect subnet mask.

NEW QUESTION 18

Which of the following statements about URL rewriting are true?

• A. If cookies are supported by the browser, URL rewriting will return the URL unchanged.
• B. The request.encodeRedirectURL() method is used to add a session id info to the URL and send the request to another URL.
• C. The request.encodeURL() method is used to add a session id info to the URL.
• D. URL rewriting is used in cases where cookies are not supported by the browser.

Answer: AD

Explanation:

By default, session tracking uses cookies to associate a session identifier with a unique user. URL rewriting is used in cases where cookies are not supported by the browser.

NEW QUESTION 19
......