Which of the following elements of planning gap measures the gap between the total potential for the market and the actual current usage by all the consumers in the market?
- A . Project gap
- B . Product gap
- C . Competitive gap
- D . Usage gap
Which of the following terms refers to the method that allows or restricts specific types of packets from crossing over the firewall?
- A . Hacking
- B . Packet filtering
- C . Web caching
- D . Spoofing
You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails.
Which of the following will you use to accomplish this?
- A . PGP
- B . PPTP
- C . IPSec
- D . NTFS
Peter works as a Network Administrator for Net World Inc. The company wants to allow remote users to connect and access its private network through a dial-up connection via the Internet. All the data will be sent across a public network. For security reasons, the management wants the data sent through the Internet to be encrypted. The company plans to use a Layer 2 Tunneling Protocol (L2TP) connection.
Which communication protocol will Peter use to accomplish the task?
- A . IP Security (IPSec)
- B . Microsoft Point-to-Point Encryption (MPPE)
- C . Pretty Good Privacy (PGP)
- D . Data Encryption Standard (DES)
Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?
- A . ARP
- B . ICMP
- C . TCP
- D . IGMP
Which of the following security devices is presented to indicate some feat of service, a special accomplishment, a symbol of authority granted by taking an oath, a sign of legitimate employment or student status, or as a simple means of identification?
- A . Sensor
- B . Alarm
- C . Motion detector
- D . Badge
Which of the following is a method for transforming a message into a masked form, together with a way of undoing the transformation to recover the message?
- A . Cipher
- B . CrypTool
- C . Steganography
- D . MIME
Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them.
Which of the following access control models will he use?
- A . Policy Access Control
- B . Mandatory Access Control
- C . Discretionary Access Control
- D . Role-Based Access Control
Which of the following is used to authenticate asymmetric keys?
- A . Digital signature
- B . MAC Address
- C . Demilitarized zone (DMZ)
- D . Password
IPsec VPN provides a high degree of data privacy by establishing trust points between communicating devices and data encryption.
Which of the following encryption methods does IPsec VPN use? Each correct answer represents a complete solution. Choose two.
- A . MD5
- B . LEAP
- C . AES
- D . 3DES
A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services.
Which type of attack is this?
- A . Denial-of-Service attack
- B . Vulnerability attack
- C . Social Engineering attack
- D . Impersonation attack
Which of the following types of firewall functions at the Session layer of OSI model?
- A . Circuit-level firewall
- B . Application-level firewall
- C . Packet filtering firewall
- D . Switch-level firewall
Which of the following statements about a stream cipher are true? Each correct answer represents a complete solution. Choose three.
- A . It typically executes at a higher speed than a block cipher.
- B . It divides a message into blocks for processing.
- C . It typically executes at a slower speed than a block cipher.
- D . It divides a message into bits for processing.
- E . It is a symmetric key cipher.
Which of the following types of attack can be used to break the best physical and logical security mechanism to gain access to a system?
- A . Social engineering attack
- B . Cross site scripting attack
- C . Mail bombing
- D . Password guessing attack
You are the Security Consultant advising a company on security methods. This is a highly secure location that deals with sensitive national defense related data. They are very concerned about physical security as they had a breach last month. In that breach an individual had simply grabbed a laptop and ran out of the building.
Which one of the following would have been most effective in preventing this?
- A . Not using laptops.
- B . Keeping all doors locked with a guard.
- C . Using a man-trap.
- D . A sign in log.
You want to implement a network topology that provides the best balance for regional topologies in terms of the number of virtual circuits, redundancy, and performance while establishing a WAN network.
Which of the following network topologies will you use to accomplish the task?
- A . Bus topology
- B . Fully meshed topology
- C . Star topology
- D . Partially meshed topology
Which of the following protocols is an alternative to certificate revocation lists (CRL) and allows the authenticity of a certificate to be immediately verified?
- A . RSTP
- B . SKIP
- C . OCSP
- D . HTTP
Which of the following does PEAP use to authenticate the user inside an encrypted tunnel? Each correct answer represents a complete solution. Choose two.
- A . GTC
- B . MS-CHAP v2
- C . AES
- D . RC4
Which of the following terms refers to a mechanism which proves that the sender really sent a particular message?
- A . Integrity
- B . Confidentiality
- C . Authentication
- D . Non-repudiation
Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective.
Which of the following types of hardware devices will Adam use to implement two-factor authentication?
- A . Biometric device
- B . One Time Password
- C . Proximity cards
- D . Security token
Maria works as a Network Security Officer for Gentech Inc. She wants to encrypt her network traffic. The specific requirement for the encryption algorithm is that it must be a symmetric key block cipher.
Which of the following techniques will she use to fulfill this requirement?
- A . IDEA
- B . PGP
- C . DES
- D . AES
Which of the following protocols uses public-key cryptography to authenticate the remote computer?
- A . SSH
- B . Telnet
- C . SCP
- D . SSL
Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?
- A . Authentication
- B . Non-repudiation
- C . Integrity
- D . Confidentiality
Which of the following are the examples of technical controls? Each correct answer represents a complete solution. Choose three.
- A . Auditing
- B . Network acchitecture
- C . System access
- D . Data backups
Which of the following tenets does the CIA triad provide for which security practices are measured? Each correct answer represents a part of the solution. Choose all that apply.
- A . Integrity
- B . Accountability
- C . Availability
- D . Confidentiality
Which of the following types of attacks cannot be prevented by technical measures only?
- A . Social engineering
- B . Brute force
- C . Smurf DoS
- D . Ping flood attack
Which of the following attacks can be overcome by applying cryptography?
- A . Web ripping
- B . DoS
- C . Sniffing
- D . Buffer overflow
Which of the following authentication methods prevents unauthorized execution of code on remote systems?
- A . TACACS
- B . S-RPC
- C . RADIUS
- D . CHAP
The simplest form of a firewall is a packet filtering firewall. Typically a router works as a packet-filtering firewall and has the capability to filter on some of the contents of packets.
On which of the following layers of the OSI reference model do these routers filter information? Each correct answer represents a complete solution. Choose all that apply.
- A . Transport layer
- B . Physical layer
- C . Data Link layer
- D . Network layer
Andrew works as a Network Administrator for Infonet Inc. The company’s network has a Web server that hosts the company’s Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL).
Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.
- A . Synchronous
- B . Secret
- C . Asymmetric
- D . Symmetric
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. John notices that the We-are-secure network is vulnerable to a man-in-themiddle attack since the key exchange process of the cryptographic algorithm it is using does not thenticate participants.
Which of the following cryptographic algorithms is being used by the We-are-secure server?
- A . Blowfish
- B . Twofish
- C . RSA
- D . Diffie-Hellman
Which of the following electrical events shows a sudden drop of power source that can cause a wide variety of problems on a PC or a network?
- A . Blackout
- B . Power spike
- C . Power sag
- D . Power surge
Which of the following is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in business continuity?
- A . RCO
- B . RTO
- C . RPO
- D . RTA
You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network.
Which of the following phases of the Incident handling process should you follow next to handle this incident?
- A . Containment
- B . Preparation
- C . Recovery
- D . Identification
You have decided to implement video surveillance in your company in order to enhance network security.
Which of the following locations must have a camera in order to provide the minimum level of security for the network resources? Each correct answer represents a complete solution. Choose two.
- A . Parking lot
- B . All hallways
- C . Server Rooms
- D . All offices
- E . All entrance doors
You work as a Network Administrator for NetTech Inc. You want to have secure communication on the company’s intranet. You decide to use public key and private key pairs.
What will you implement to accomplish this?
- A . Microsoft Internet Information Server (IIS)
- B . VPN
- C . FTP server
- D . Certificate server
Which of the following protocols is used to compare two values calculated using the Message Digest (MD5) hashing function?
- A . CHAP
- B . PEAP
- C . EAP
- D . EAP-TLS
Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?
- A . Risk analysis
- B . OODA loop
- C . Cryptography
- D . Firewall security
Which of the following statements about Public Key Infrastructure (PKI) are true? Each correct answer represents a complete solution. Choose two.
- A . It uses symmetric key pairs.
- B . It provides security using data encryption and digital signature.
- C . It uses asymmetric key pairs.
- D . It is a digital representation of information that identifies users.
Which of the following types of halon is found in portable extinguishers and is stored as a liquid?
- A . Halon-f
- B . Halon 1301
- C . Halon 11
- D . Halon 1211
Mark has been hired by a company to work as a Network Assistant. He is assigned the task to configure a dial-up connection. He is configuring a laptop.
Which of the following protocols should he disable to ensure that the password is encrypted during remote access?
- A . SPAP
- B . MSCHAP
- C . PAP
- D . MSCHAP V2
Which of the following disaster recovery tests includes the operations that shut down at the primary site, and are shifted to the recovery site according to the disaster recovery plan?
- A . Structured walk-through test
- B . Simulation test
- C . Full-interruption test
- D . Parallel test
In which of the following network topologies does the data travel around a loop in a single direction and pass through each device?
- A . Ring topology
- B . Tree topology
- C . Star topology
- D . Mesh topology
You are the Network Administrator for a small business. You need a widely used, but highly secure hashing algorithm.
Which of the following should you choose?
- A . AES
- B . SHA
- C . EAP
- D . CRC32
Which of the following can be configured so that when an alarm is activated, all doors lock and the suspect or intruder is caught between the doors in the dead-space?
- A . Man trap
- B . Biometric device
- C . Host Intrusion Detection System (HIDS)
- D . Network Intrusion Detection System (NIDS)
Which of the following refers to a location away from the computer center where document copies and backup media are kept?
- A . Storage Area network
- B . Off-site storage
- C . On-site storage
- D . Network attached storage
Which of the following encryption methods does the SSL protocol use in order to provide communication privacy, authentication, and message integrity? Each correct answer represents a part of the solution. Choose two.
- A . Public key
- B . IPsec
- C . MS-CHAP
- D . Symmetric
John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail.
Which of the following techniques is he performing to accomplish his task?
- A . Email spoofing
- B . Social engineering
- C . Web ripping
- D . Steganography
Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?
- A . Network-based
- B . Anomaly-based
- C . File-based
- D . Signature-based
Which of the following are the initial steps required to perform a risk analysis process? Each correct answer represents a part of the solution. Choose three.
- A . Estimate the potential losses to assets by determining their value.
- B . Establish the threats likelihood and regularity.
- C . Valuations of the critical assets in hard costs.
- D . Evaluate potential threats to the assets.
Which of the following protocols uses the Internet key Exchange (IKE) protocol to set up security associations (SA)?
- A . IPSec
- B . L2TP
- C . LEAP
- D . ISAKMP
Sam is creating an e-commerce site. He wants a simple security solution that does not require each customer to have an individual key.
Which of the following encryption methods will he use?
- A . Asymmetric encryption
- B . Symmetric encryption
- C . S/MIME
- D . PGP
Computer networks and the Internet are the prime mode of Information transfer today.
Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?
- A . Risk analysis
- B . Firewall security
- C . Cryptography
- D . OODA loop
An organization wants to allow a certificate authority to gain access to the encrypted data and create digital signatures on behalf of the user. The data is encrypted using the public key from a user’s certificate.
Which of the following processes fulfills the above requirements?
- A . Key escrow
- B . Key storage
- C . Key revocation
- D . Key recovery
Which of the following are the primary components of a discretionary access control (DAC) model? Each correct answer represents a complete solution. Choose two.
- A . User’s group
- B . File and data ownership
- C . Smart card
- D . Access rights and permissions
Which of the following encryption modes can make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way?
- A . Cipher feedback mode
- B . Cipher block chaining mode
- C . Output feedback mode
- D . Electronic codebook mode
You work as a technician for Trade Well Inc. The company is in the business of share trading. To enhance security, the company wants users to provide a third key (apart from ID and password) to access the company’s Web site.
Which of the following technologies will you implement to accomplish the task?
- A . Smart cards
- B . Key fobs
- C . VPN
- D . Biometrics
Which of the following layers of the OSI model corresponds to the Host-to-Host layer of the TCP/IP model?
- A . The transport layer
- B . The presentation layer
- C . The session layer
- D . The application layer
You are the Network Administrator for a college. You watch a large number of people (some not even students) going in and out of areas with campus computers (libraries, computer labs, etc.). You have had a problem with laptops being stolen.
What is the most cost effective method to prevent this?
- A . Smart card access to all areas with computers.
- B . Use laptop locks.
- C . Video surveillance on all areas with computers.
- D . Appoint a security guard.
The ATM of a bank is robbed by breaking the ATM machine.
Which of the following physical security devices can now be used for verification and historical analysis of the ATM robbery?
- A . Key card
- B . Biometric devices
- C . Intrusion detection systems
- D . CCTV Cameras
You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a 128 bit hash value.
Which of the following should you use?
- A . AES
- B . SHA
- C . MD5
- D . DES
Which of the following are the countermeasures against a man-in-the-middle attack? Each correct answer represents a complete solution. Choose all that apply.
- A . Using public key infrastructure authentication.
- B . Using basic authentication.
- C . Using Secret keys for authentication.
- D . Using Off-channel verification.
Which of the following is an electrical event shows that there is enough power on the grid to prevent from a total power loss but there is no enough power to meet the current electrical demand?
- A . Power Surge
- B . Power Spike
- C . Blackout
- D . Brownout
Which of the following protocols is designed to efficiently handle high-speed data over wide area networks (WANs)?
- A . PPP
- B . X.25
- C . Frame relay
- D . SLIP
Which of the following statements best describes a certification authority?
- A . A certification authority is a technique to authenticate digital documents by using computer cryptography.
- B . A certification authority is a type of encryption that uses a public key and a private key pair for data encryption.
- C . A certification authority is an entity that issues digital certificates for use by other parties.
- D . A certification authority is a type of encryption that uses a single key to encrypt and decrypt data.
In which of the following alternative processing sites is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility?
- A . Hot Site
- B . Mobile Site
- C . Warm Site
- D . Cold Site
Which of the following should the administrator ensure during the test of a disaster recovery plan?
- A . Ensure that the plan works properly
- B . Ensure that all the servers in the organization are shut down.
- C . Ensure that each member of the disaster recovery team is aware of their responsibility.
- D . Ensure that all client computers in the organization are shut down.
The service-oriented modeling framework (SOMF) provides a common modeling notation to address alignment between business and IT organizations.
Which of the following principles does the SOMF concentrate on? Each correct answer represents a part of the solution. Choose all that apply.
- A . Disaster recovery planning
- B . SOA value proposition
- C . Software assets reuse
- D . Architectural components abstraction
- E . Business traceability
You want to connect a twisted pair cable segment to a fiber-optic cable segment.
Which of the following networking devices will you use to accomplish the task?
- A . Hub
- B . Switch
- C . Repeater
- D . Router
In your office, you are building a new wireless network that contains Windows 2003 servers. To establish a network for secure communication, you have to implement IPSec security policy on the servers.
What authentication methods can you use for this implementation? Each correct answer represents a complete solution. Choose all that apply.
- A . Public-key cryptography
- B . Kerberos
- C . Preshared keys
- D . Digital certificates