Which of the following security protocols provides confidentiality, integrity, and authentication of network traffic with end-to-end and intermediate-hop security?

A. IPSec

B. SET

C. SWIPE

D. SKIP

Which of the following authentication protocols sends a user certificate inside an encrypted tunnel?

A. PEAP

B. EAP-TLS

C. WEP

D. EAP-FAST

In which of the following phases of the SDLC does the software and other components of the system faithfully incorporate the design specifications and provide proper documentation and training?

A. Initiation

B. Programming and training

C. Design

D. Evaluation and acceptance

You have been assigned the task of selecting a hash algorithm. The algorithm will be specifically used to ensure the integrity of certain sensitive files. It must use a
128 bit hash value. Which of the following should you use?

A. AES

B. SHA

C. MD5

D. DES

Which of the following is an entry in an object's discretionary access control list (DACL) that grants permissions to a user or group?

A. Access control entry (ACE)

B. Discretionary access control entry (DACE)

C. Access control list (ACL)

D. Security Identifier (SID)

Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?

A. Policy Access Control

B. Mandatory Access Control

C. Discretionary Access Control

D. Role-Based Access Control

Which of the following protocols is an alternative to certificate revocation lists (CRL) and allows the authenticity of a certificate to be immediately verified?

A. RSTP

B. SKIP

C. OCSP

D. HTTP

A company named Money Builders Inc., hires you to provide consultancy for setting up their Windows network. The company's server room will be in a highly secured environment. You are required to suggest an authentication method for it. The CFO of the company wants the server to use thumb impressions for authentication. Which of the following authentication methods will you suggest?

A. Certificate

B. Smart card

C. Two-factor

D. Biometrics

You work as a Network Administrator for Blue Bell Inc. The company has a TCP-based network. The company has two offices in different cities. The company wants to connect the two offices by using a public network. You decide to configure a virtual private network (VPN) between the offices. Which of the following protocols is used by VPN for tunneling?

A. L2TP

B. HTTPS

C. SSL

D. IPSec

An access control secures the confidentiality, integrity, and availability of the information and data of an organization. In which of the following categories can you deploy the access control? Each correct answer represents a part of the solution. Choose all that apply.

A. Detective access control

B. Corrective access control

C. Administrative access control

D. Preventive access control

Which of the following electrical events shows a sudden drop of power source that can cause a wide variety of problems on a PC or a network?

A. Blackout

B. Power spike

C. Power sag

D. Power surge

Sam is creating an e-commerce site. He wants a simple security solution that does not require each customer to have an individual key. Which of the following encryption methods will he use?

A. Asymmetric encryption

B. Symmetric encryption

C. S/MIME

D. PGP

You work as a technician for Trade Well Inc. The company is in the business of share trading. To enhance security, the company wants users to provide a third key (apart from ID and password) to access the company's Web site. Which of the following technologies will you implement to accomplish the task?

A. Smart cards

B. Key fobs

C. VPN

D. Biometrics

You are the Network Administrator for a small business. You need a widely used, but highly secure hashing algorithm. Which of the following should you choose?

A. AES

B. SHA

C. EAP

D. CRC32

Which of the following encryption modes can make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way?

A. Cipher feedback mode

B. Cipher block chaining mode

C. Output feedback mode

D. Electronic codebook mode

In which of the following network topologies does the data travel around a loop in a single direction and pass through each device?

A. Ring topology

B. Tree topology

C. Star topology

D. Mesh topology

Which of the following techniques can be used by an administrator while working with the symmetric encryption cryptography? Each correct answer represents a complete solution. Choose all that apply.

A. Block cipher

B. Stream cipher

C. Transposition cipher

D. Message Authentication Code

Which of the following are the countermeasures against a man-in-the-middle attack? Each correct answer represents a complete solution. Choose all that apply.

A. Using public key infrastructure authentication.

B. Using basic authentication.

C. Using Secret keys for authentication.

D. Using Off-channel verification.

Kerberos is a computer network authentication protocol that allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner. Which of the following statements are true about the Kerberos authentication scheme? Each correct answer represents a complete solution.
Choose all that apply.

A. Kerberos requires continuous availability of a central server.

B. Dictionary and brute force attacks on the initial TGS response to a client may reveal the subject’s passwords.

C. Kerberos builds on Asymmetric key cryptography and requires a trusted third party.

D. Kerberos requires the clocks of the involved hosts to be synchronized.

Which of the following keys is derived from a preshared key and Extensible Authentication Protocol (EAP)?

A. Pairwise Transient Key

B. Group Temporal Key

C. Private Key

D. Pairwise Master Key

Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.

A. Synchronous

B. Secret

C. Asymmetric

D. Symmetric

Which of the following plans is a comprehensive statement of consistent actions to be taken before, during, and after a disruptive event that causes a significant loss of information systems resources?

A. Disaster recovery plan

B. Contingency plan

C. Business Continuity plan

D. Continuity of Operations plan

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of
Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

A. Containment

B. Preparation

C. Recovery

D. Identification

Which of the following keys are included in a certificate revocation list (CRL) of a public key infrastructure (PKI)? Each correct answer represents a complete solution. Choose two.

A. A foreign key

B. A private key

C. A public key

D. A primary key

Which of the following encryption modes has the property to allow many error correcting codes to function normally even when applied before encryption?

A. OFB mode

B. CFB mode

C. CBC mode

D. PCBC mode

Which of the following are man-made threats that an organization faces? Each correct answer represents a complete solution. Choose three.

A. Theft

B. Employee errors

C. Strikes

D. Frauds

Which of the following attacks can be overcome by applying cryptography?

A. Web ripping

B. DoS

C. Sniffing

D. Buffer overflow

Which of the following terms refers to a mechanism which proves that the sender really sent a particular message?

A. Integrity

B. Confidentiality

C. Authentication

D. Non-repudiation

You want to implement a network topology that provides the best balance for regional topologies in terms of the number of virtual circuits, redundancy, and performance while establishing a WAN network. Which of the following network topologies will you use to accomplish the task?

A. Bus topology

B. Fully meshed topology

C. Star topology

D. Partially meshed topology

In which of the following cryptographic attacking techniques does the attacker pick up the information to be encrypted and take a copy of it with the encrypted data?

A. Chosen ciphertext attack

B. Known plaintext attack

C. Chosen plaintext attack

D. Ciphertext only attack

Which of the following statements about a stream cipher are true? Each correct answer represents a complete solution. Choose three.

A. It typically executes at a higher speed than a block cipher.

B. It divides a message into blocks for processing.

C. It typically executes at a slower speed than a block cipher.

D. It divides a message into bits for processing.

E. It is a symmetric key cipher.

Which of the following protocols is used to compare two values calculated using the Message Digest (MD5) hashing function?

A. CHAP

B. PEAP

C. EAP

D. EAP-TLS

Which of the following encryption algorithms is used by the Clipper chip, which supports the escrowed encryption standard?

A. Skipjack

B. Blowfish

C. AES

D. IDEA

Which of the following uses a Key Distribution Center (KDC) to authenticate a principle?

A. CHAP

B. PAP

C. Kerberos

D. TACACS

Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol? Each correct answer represents a complete solution. Choose all that apply.

A. TIS authentication

B. Rhosts (rsh-style) authentication

C. Kerberos authentication

D. Password-based authentication

Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS) to encrypt the data stored on a disk on a file-by-file basis?

A. Twofish

B. Digital certificates

C. Public key

D. RSA

Which of the following are types of access control attacks? Each correct answer represents a complete solution. Choose all that apply.

A. Dictionary attack

B. Mail bombing

C. Spoofing

D. Brute force attack

Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?

A. ARP

B. ICMP

C. TCP

D. IGMP

Mark has been hired by a company to work as a Network Assistant. He is assigned the task to configure a dial-up connection. He is configuring a laptop. Which of the following protocols should he disable to ensure that the password is encrypted during remote access?

A. SPAP

B. MSCHAP

C. PAP

D. MSCHAP V2

You work as a Network Administrator for NetTech Inc. You want to have secure communication on the company's intranet. You decide to use public key and private key pairs. What will you implement to accomplish this?

A. Microsoft Internet Information Server (IIS)

B. VPN

C. FTP server

D. Certificate server

You work as a CSO (Chief Security Officer) for Tech Perfect Inc. You have a disaster scenario and you want to discuss it with your team members for getting appropriate responses of the disaster. In which of the following disaster recovery tests can this task be performed?

A. Full-interruption test

B. Parallel test

C. Simulation test

D. Structured walk-through test

Which of the following life cycle modeling activities establishes service relationships and message exchange paths?

A. Service-oriented logical design modeling

B. Service-oriented conceptual architecture modeling

C. Service-oriented discovery and analysis modeling

D. Service-oriented business integration modeling

Which of the following methods for identifying appropriate BIA interviewees' includes examining the organizational chart of the enterprise to understand the functional positions?

A. Executive management interviews

B. Overlaying system technology

C. Organizational chart reviews

D. Organizational process models

In which of the following alternative processing sites is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility?

A. Hot Site

B. Mobile Site

C. Warm Site

D. Cold Site

You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? Each correct answer represents a complete solution. Choose two.

A. MAC filtering the router

B. Not broadcasting SSID

C. Using WEP encryption

D. Using WPA encryption

Which of the following protocols should a Chief Security Officer configure in the network of his company to protect sessionless datagram protocols?

A. SWIPE

B. S/MIME

C. SKIP

D. SLIP

Computer networks and the Internet are the prime mode of Information transfer today. Which of the following is a technique used for modifying messages, providing Information and Cyber security, and reducing the risk of hacking attacks during communications and message passing over the Internet?

A. Risk analysis

B. Firewall security

C. Cryptography

D. OODA loop

Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective. Which of the following types of hardware devices will Adam use to implement two-factor authentication?

A. Biometric device

B. One Time Password

C. Proximity cards

D. Security token

A network is configured on a Bus topology. Which of the following conditions could cause a network failure? Each correct answer represents a complete solution.
Choose all that apply.

A. A break in a network cable

B. 75 ohm terminators at open ends

C. A powered off workstation

D. An open-ended cable without terminators

Which of the following refers to a location away from the computer center where document copies and backup media are kept?

A. Storage Area network

B. Off-site storage

C. On-site storage

D. Network attached storage