The GMT enterprise is working on their internet and web usage policies. GMT would like to control internet bandwidth consumption by employees. Which group of policies would this belong to?

A. Enterprise Information Security Policy

B. Network Services Specific Security Policy

C. Issue Specific Security Policy

D. System Specific Security Policy

Which of the following is the full form of SAINT?

A. System Automated Integrated Network Tool

B. Security Admin Integrated Network Tool

C. System Admin Integrated Network Tool

D. System Administrators Integrated Network Tool

Docker provides Platform-as-a-Service (PaaS) through ________ and delivers containerized software packages.

A. Server-level virtualization

B. Network-level virtualization

C. OS-level virtualization

D. Storage-level virtualization

Which of the following statements are true about a wireless network?
Each correct answer represents a complete solution. Choose all that apply.

A. Data can be shared easily between wireless devices.

B. It provides mobility to users to access a network.

C. Data can be transmitted in different ways by using Cellular Networks, Mobitex, DataTAC, etc.

D. It is easy to connect.

DRAG DROP -
George works as a Network Administrator for Blue Soft Inc. The company uses Windows Vista operating system. The network of the company is continuously connected to the Internet. What will George use to protect the network of the company from intrusion?
Select and Place:
 

Which phase of incident response process involves collection of incident evidence and sending them to forensic department for further investigation?

A. Incident containment

B. Incident recording and assignment

C. Eradication

D. Preparation for incident response

Management decides to implement a risk management system to reduce and maintain the organization's risk at an acceptable level. Which of the following is the correct order in the risk management phase?

A. Risk Identification, Risk Assessment, Risk Treatment, Risk Monitoring & Review

B. Risk Identification, Risk Assessment, Risk Monitoring & Review, Risk Treatment

C. Risk Treatment, Risk Monitoring & Review, Risk Identification, Risk Assessment

D. Risk Assessment, Risk Treatment, Risk Monitoring & Review, Risk Identification

You are tasked to perform black hat vulnerability assessment for a client. You received official written permission to work with: company site, forum, Linux server with LAMP, where this site hosted. Which vulnerability assessment tool should you consider to use?

A. dnsbrute

B. hping

C. OpenVAS

D. wireshark

Which of the following conditions cannot enter the system ROM monitor mode? Each correct answer represents a complete solution. Choose all that apply.

A. The router does not find a valid operating system image.

B. The router does not have the configuration file.

C. The user interrupts the boot sequence.

D. It is necessary to set the operating parameters.

Which of the following cables is made of glass or plastic and transmits signals in the form of light?

A. Coaxial cable

B. Twisted pair cable

C. Plenum cable

D. Fiber optic cable

Which of the following attacks, the attacker cannot use the software, which is trying a number of key combinations in order to obtain your password?

A. Buffer overflow

B. Zero-day attack

C. Smurf attack

D. None

E. Shock brutal force

Ryan works as a network security engineer at an organization the recently suffered an attack. As a countermeasure, Ryan would like to obtain more information about the attacker and chooses to deploy a honeypot into the organizations production environment called Kojoney. Using this honeypot, he would like to emulate the network vulnerability that was attacked previously. Which type of honeypot is he trying to implement?

A. High interaction honeypots

B. Research honeypot

C. Low interaction honeypots

D. Pure honeypots

Which of the following refers to a potential occurrence of an undesired event that can eventually damage and interrupt the operational and functional activities of an organization?

A. Attack

B. Risk

C. Threat

D. Vulnerability

Which BC/DR activity includes action taken toward resuming all services that are dependent on business-critical applications?

A. Response

B. Recovery

C. Resumption

D. Restoration

CSMA/CD is specified in which of the following IEEE standards?

A. 802.3

B. 802.2

C. 802.1

D. 802.15

Which of the following can be used to suppress fire from Class K sources?

A. Water

B. Carbon dioxide

C. Foam

D. Dry Chemical

Which of the following tools is used to ping a given range of IP addresses and resolve the host name of the remote system?

A. SuperScan

B. Netscan

C. Hping

D. Nmap

Which of the following commands is used for port scanning?

A. nc -t

B. nc -z

C. nc -v

D. nc -d

The SOC manager is reviewing logs in AlienVault USM to investigate an intrusion on the network. Which CND approach is being used?

A. Retrospective

B. Reactive

C. Deterrent

D. Preventive

Which among the following filter is used to detect a SYN/FIN attack?

A. tcp.flags==0x002

B. tcp.flags==0x004

C. tcp.flags==0x003

D. tcp.flags==0x001

Which of the following steps OPSEC process examines every aspect of the proposed operation to identify the OPSEC indicators that can reveal important information and then compare them with indicators of the opponent's intelligence collection capabilities identified in the previous activity?

A. Identification of Critical Information

B. analysis weakness

C. risk assessment

D. Appropriate OPSEC measures

E. analysis of threats

Which VPN QoS model guarantees the traffic from one customer edge (CE) to another?

A. Pipe model

B. Hose model

C. AAA model

D. Hub-and-Spoke VPN model

Cindy is the network security administrator for her company. She just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. She is worried about the current security state of her company's network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of
IPs respond with a SYN/ACK response. Before the connection is established, she sends RST packets to those hosts to stop the session. She has done this to see how her intrusion detection system will log the traffic. What type of scan is Cindy attempting here?

A. The type of scan she is using is called a NULL scan.

B. Cindy is attempting to find live hosts on her company’s network by using a XMAS scan.

C. Cindy is using a half-open scan to find live hosts on her network.

D. She is utilizing a RST scan to find live hosts that are listening on her network.

Which of the following helps in viewing account activity and events for supported services made by AWS?

A. AWS CloudFormation

B. AWS Certificate Manager

C. AWS CloudHSM

D. AWS CloudTrial

Which of the following is a tool that runs on the Windows OS and analyzes iptables log messages to detect port scans and other suspicious traffic?

A. PSAD

B. Hping

C. NetRanger

D. Nmap

You are monitoring your network traffic with the Wireshark utility and noticed that your network is experiencing a large amount of traffic from a certain region. You suspect a DoS incident on the network. What will be your first reaction as a first responder?

A. Avoid Fear, Uncertainty and Doubt

B. Communicate the incident

C. Make an initial assessment

D. Disable Virus Protection

Which of the following is a 16-bit field that identifies the source port number of the application program in the host that is sending the segment?

A. Sequence Number

B. Header Length

C. Acknowledgment Number

D. Source Port Address

Which of the following steps of the OPSEC process examines each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then compare those indicators with the adversary's intelligence collection capabilities identified in the previous action?

A. Analysis of Threats

B. Application of Appropriate OPSEC Measures

C. Identification of Critical Information

D. Analysis of Vulnerabilities

E. Assessment of Risk

Which of the following is a free security-auditing tool for Linux?

A. SAINT

B. SATAN

C. Nessus

D. HPing

Dan and Alex are business partners working together. Their Business-Partner Policy states that they should encrypt their emails before sending to each other.
How will they ensure the authenticity of their emails?

A. Dan will use his digital signature to sign his mails while Alex will use Dan’s public key to verify the authenticity of the mails.

B. Dan will use his digital signature to sign his mails while Alex will use his private key to verify the authenticity of the mails.

C. Dan will use his private key to encrypt his mails while Alex will use his digital signature to verify the authenticity of the mails.

D. Dan will use his public key to encrypt his mails while Alex will use Dan’s digital signature to verify the authenticity of the mails.

Paul is a network security technician working on a contract for a laptop manufacturing company in Chicago. He has focused primarily on securing network devices, firewalls, and traffic traversing in and out of the network. He just finished setting up a server a gateway between the internal private network and the outside public network. This server will act as a proxy, limited amount of services, and will filter packets. What is this type of server called?

A. Session layer firewall.

B. SOCKS host.

C. Bastion host.

D. Edge transport server.

Which of the following attack signature analysis techniques are implemented to examine the header information and conclude that a packet has been altered?

A. Composite signature-based analysis

B. Atomic signature-based analysis

C. Content-based signature analysis

D. Context-based signature analysis

James is working as a Network Administrator in a reputed company situated in California. He is monitoring his network traffic with the help of Wireshark. He wants to check and analyze the traffic against a PING sweep attack. Which of the following Wireshark filters will he use?

A. Icmp.type==8 or icmp.type==16

B. icmp.type==8 or icmp.type==0

C. icmp.type==8 and icmp.type==0

D. Icmp.type==0 and icmp.type==16

Management asked their network administrator to suggest an appropriate backup medium for their backup plan that best suits their organization's need. Which of the following factors will the administrator consider when deciding on the appropriate backup medium? (Choose all that apply.)

A. Reliability

B. Capability

C. Accountability

D. Extensibility

Which of the following is a compatible network device that converts various communication protocols and are used to connect different network technologies?

A. port

B. change

C. none

D. bridge

E. router

John works as a C programmer. He develops the following C program:
 
His program is vulnerable to a __________ attack.

A. SQL injection

B. Denial-of-Service

C. Buffer overflow

D. Cross site scripting

The Circuit-level gateway firewall technology functions at which of the following OSI layer?

A. Transport layer

B. Data-link layer

C. Session layer

D. Network layer

Which of the following is a Windows in-built feature that provides filesystem-level encryption in the OS (starting from Windows 2000), except the Home version of Windows?

A. EFS

B. Disk Utility

C. BitLocker

D. FileVault

Which of the following is a mechanism that helps to ensure that only the intended and authorized recipients are able to read the data?

A. access to information

B. none

C. integrity

D. authentication

E. confidence

Which among the following is used by anti-malware systems and threat intelligence platforms to spot and stop malicious activities at an initial stage?

A. Indicators of attack

B. Key risk indicators

C. Indicators of compromise

D. Indicators of exposure

Adam works as a Professional Penetration Tester. A project has been assigned to him to test the vulnerabilities of the CISCO Router of Umbrella Inc. Adam finds out that HTTP Configuration Arbitrary Administrative Access Vulnerability exists in the router. By applying different password cracking tools, Adam gains access to the router. He analyzes the router config file and notices the following lines: logging buffered errors logging history critical logging trap warnings logging 10.0.1.103
By analyzing the above lines, Adam concludes that this router is logging at log level 4 to the syslog server 10.0.1.103. He decides to change the log level from 4 to
0.
Which of the following is the most likely reason of changing the log level?

A. Changing the log level from 4 to 0 will result in the logging of only emergencies. This way the modification in the router is not sent to the syslog server.

B. By changing the log level, Adam can easily perform a SQL injection attack.

C. Changing the log level grants access to the router as an Administrator.

D. Changing the log level from 4 to 0 will result in the termination of logging. This way the modification in the router is not sent to the syslog server.

Who is an IR custodian?

A. An individual responsible for conveying company details after an incident

B. An individual who receives the initial IR alerts and leads the IR team in all the IR activities

C. An individual who makes a decision on the classifications and the severity of the incident identified

D. An individual responsible for the remediation and resolution of the incident that occurred

Emmanuel works as a Windows system administrator at an MNC. He uses PowerShell to enforce the script execution policy. He wants to allow the execution of the scripts that are signed by a trusted publisher. Which of the following script execution policy setting this?

A. AllSigned

B. Restricted

C. RemoteSigned

D. Unrestricted

Which of the following representatives of the incident response team takes forensic backups of systems that are the focus of an incident?

A. Technical representative

B. Lead investigator

C. Information security representative

D. Legal representative

Which Internet access policy starts with all services blocked and the administrator enables safe and necessary services individually, which provides maximum security and logs everything, such as system and network activities?

A. Internet access policy

B. Paranoid policy

C. Permissive policy

D. Prudent policy

Which of the following connects the SDN controller and SDN networking devices and relays information from network services to network devices such as switches and routers?

A. Southbound API

B. Eastbound API

C. Westbound API

D. Northbound API

Which of the following honeypots provides an attacker access to the real operating system without any restriction and collects a vast amount of information about the attacker?

A. High-interaction honeypot

B. Medium-interaction honeypot

C. Honeyd

D. Low-interaction honeypot

Which of the following encryption techniques do digital signatures use?

A. MD5

B. RSA

C. Blowfish

D. IDEA

Which of the following layers provides communication session management between host computers?

A. Application layer

B. Internet layer

C. Transport layer

D. Link layer

Which of the following UTP cables supports transmission up to 20MHz?

A. Category 2

B. Category 5e

C. Category 4

D. Category 1