You are working as a project manager in your organization. You are nearing the final stages of project execution and looking towards the final risk monitoring and controlling activities. For your project archives, which one of the following is an output of risk monitoring and control?

A. Quantitative risk analysis

B. Risk audits

C. Qualitative risk analysis

D. Requested changes

You are the Network Administrator for a large corporate network. You want to monitor all network traffic on your local network for suspicious activities and receive a notification when a possible attack is in process. Which of the following actions will you take for this?

A. Install a DMZ firewall

B. Enable verbose logging on the firewall

C. Install a host-based IDS

D. Install a network-based IDS

Which of the following monitors program activities and modifies malicious activities on a system?

A. Back door

B. HIDS

C. RADIUS

D. NIDS

Which of the following statements about Secure Shell (SSH) are true?
Each correct answer represents a complete solution. Choose three.

A. It was designed as a replacement for TELNET and other insecure shells.

B. It is a network protocol used primarily on Linux and Unix based systems.

C. It allows data to be exchanged using a secure channel between two networked devices.

D. It is the core routing protocol of the Internet.

You are the project manager of SST project. You are in the process of collecting and distributing performance information including status report, progress measurements, and forecasts. Which of the following process are you performing?

A. Perform Quality Control

B. Verify Scope

C. Report Performance

D. Control Scope

You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise. The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the Incident handling process involves your decision making?

A. Containment

B. Identification

C. Preparation

D. Eradication

You work as an Application Developer for uCertify Inc. The company uses Visual Studio .NET Framework 3.5 as its application development platform. You are working on a WCF service. You have decided to implement transport level security. Which of the following security protocols will you use?

A. Kerberos

B. HTTPS

C. RSA

D. IPSEC

Which of the following policies define how Identification and Authorization occur and determine access control, audits, and network connectivity?

A. Information policies

B. Usage policies

C. Security policies

D. Administrative policies

E. Disaster Recovery Plans

F. Design Requirements

Which of the following is a pillar of Information Assurance CIA triad?

A. Integrity

B. Affiliation

C. Accessibility

D. Isolation

Mark works as a Network Administrator for NetTech Inc. The company has a Windows Server 2008 domain-based network. The network contains four Windows 2008 member servers and 250 Windows Vista client computers. One of the member servers works as a Web server that hosts an intranet Web site. According to the company security policy, Mark needs to fulfill the following requirements:
1. Encryption should be used for authentication of all traffic to the Web site.
2. SSL should not be used on the Web server for performance reasons.
3. Users should be authenticated using their Active Directory credentials.
In order to fulfill the requirements, Mark has disabled the Anonymous Authentication setting on the server. What else does he have to do?

A. Enable the Anonymous Authentication setting on the server.

B. Enable the Encrypting File System (EFS) on the server.

C. Enable the Digest Authentication setting on the server.

D. Enable the Windows Authentication setting on the server.

John works as a security manager in Mariotx.Inc. He has been tasked to resolve a network attack issue. To solve the problem, he first examines the critical information about the attacker's interaction to the network environment. He prepares a past record and behavioral document of the attack to find a direction of the solution. Then he decides to perform an action based on the previous hypothesis and takes the appropriate action against the attack. Which of the following strategies has John followed?

A. Maneuver warfare

B. Control theory

C. SWOT Analysis

D. OODA loop

Which of the following tools are used to determine the hop counts of an IP packet?
Each correct answer represents a complete solution. Choose two.

A. Netstat

B. Ping

C. TRACERT

D. IPCONFIG

Which of the following factors determine the strength of the encryption?

A. Character-set encoding

B. Length of the key

C. Operating system

D. Ease of use

Which of the following is the maximum variable key length for the Blowfish encryption algorithm?

A. 448 bit

B. 256 bit

C. 64 bit

D. 16 bit

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.we-are-secure.com. He is working on the Linux operating system. He wants to sniff the weare- secure network and intercept a conversation between two employees of the company through session hijacking. Which of the following tools will John use to accomplish the task?

A. Hunt

B. IPChains

C. Ethercap

D. Tripwire

You want to install a server that can be accessed by external users. You also want to ensure that these users cannot access the rest of the network. Where will you place the server?

A. Intranet

B. Local Area Network

C. Internet

D. Demilitarized Zone

E. Extranet

F. Wide Area Network

Which of the following is a remote access protocol that supports encryption?

A. PPP

B. SLIP

C. UDP

D. SNMP

Which of the following types of firewalls forms a session flow table?

A. Proxy server firewall

B. Packet filtering firewall

C. Stateless packet filtering firewall

D. Stateful packet filtering firewall

Which of the following statements about Public Key Infrastructure (PKI) are true?
Each correct answer represents a complete solution. Choose two.

A. It is a digital representation of information that identifies users.

B. It uses asymmetric key pairs.

C. It provides security using data encryption and digital signature.

D. It uses symmetric key pairs.

Adam works as a Professional Penetration Tester for Umbrella Inc. A project has been assigned to him to carry out a Black Box penetration testing as a regular evaluation of the system security and integrity of the company's network. Which of the following statements are true about the Black Box penetration testing?
Each correct answer represents a complete solution. Choose all that apply.

A. Black box testing provides the testers with complete knowledge of the infrastructure to be tested.

B. Black box testing simulates an attack from someone who is unfamiliar with the system.

C. Black box testing simulates an attack from someone who is familiar with the system.

D. Black box testing assumes no prior knowledge of the infrastructure to be tested.

The Klez worm is a mass-mailing worm that exploits a vulnerability to open an executable attachment even in Microsoft Outlook's preview pane. The Klez worm gathers email addresses from the entries of the default Windows Address Book (WAB). Which of the following registry values can be used to identify this worm?

A. HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun

B. HKEY_CURRENT_USERSoftwareMicrosoftWABWAB4Wab File Name = “file and pathname of the WAB file”

C. HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun

D. HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunServices

You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution? Each correct answer represents a part of the solution. Choose all that apply.

A. Recovery

B. Contamination

C. Identification

D. Eradication

E. Preparation

Mark is implementing security on his e-commerce site. He wants to ensure that a customer sending a message is really the one he claims to be. Which of the following techniques will he use to ensure this?

A. Packet filtering

B. Authentication

C. Firewall

D. Digital signature

At which OSI layer does UDP operate?

A. Network layer

B. Data-link layer

C. Session layer

D. Transport layer

E. Presentation layer

You are concerned about possible hackers doing penetration testing on your network as a prelude to an attack. What would be most helpful to you in finding out if this is occurring?

A. Examining your firewall logs

B. Examining your DNS Server logs

C. Examining your domain controller server logs

D. Examining your antivirus logs

Which of the following tools is an open source network intrusion prevention and detection system that operates as a network sniffer?

A. IPLog

B. Snort

C. Timbersee

D. Swatch

Availability Management allows organizations to sustain the IT service availability to support the business at a justifiable cost. Which of the following elements of Availability Management is used to perform at an agreed level over a period of time?
Each correct answer represents a part of the solution. Choose all that apply.

A. Maintainability

B. Resilience

C. Error control

D. Recoverability

E. Reliability

F. Security

G. Serviceability

Which of the following devices or hardware parts employs SMART model system as a monitoring system?

A. Modem

B. RAM

C. Hard disk

D. IDS

Mark is implementing security on his e-commerce site. He wants to ensure that a customer sending a message is really the one he claims to be. Which of the following techniques will he use to ensure this?

A. Authentication

B. Firewall

C. Packet filtering

D. Digital signature

Key Distribution Center is used in which authentication method?

A. Multi-factor

B. Smart cards

C. Biometrics

D. Security tokens

E. Kerberos

F. Challenge Handshake Authentication Protocol

Which of the following best describes the identification, analysis, and ranking of risks?

A. Design of experiments

B. Fast tracking

C. Fixed-price contracts

D. Plan Risk management

Tom works as the project manager for BlueWell Inc. He is working with his project to ensure timely and appropriate generation, retrieval, distribution, collection, storage, and ultimate disposition of project information. What is the process in which Tom is working?

A. Stakeholder expectation management

B. Stakeholder analysis

C. Work performance measurement

D. Project communication management

Which of the following refers to the process of verifying the identity of a person, network host, or system process?

A. Hacking

B. Authentication

C. Packet filtering

D. Auditing

Your corporate network uses a Proxy Server for Internet access. The Manufacturing group has access permission for WWW protocol in the Web Proxy service, and access permission for POP3 protocol, in the WinSock Proxy service. The Supervisors group has access permission for WWW and FTP Read protocols in the Web Proxy service, and access permission for the SMTP protocol in the WinSock Proxy service. The Quality Control group has access permission only for WWW protocol in the Web Proxy service. The Interns group has no permissions granted in any of the Proxy Server services. Kate is a member of all four groups. In the Proxy Server services, which protocols does Kate have permission to use?

A. WWW only

B. FTP Read and SMTP only

C. WWW, FTP Read, POP3, and SMTP

D. WWW and POP3 only

You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 domainbased network. The network has three Windows Server 2008 member servers and 150 Windows Vista client computers. According to the company's security policy, you apply Windows firewall setting to the computers on the network. Now, you are troubleshooting a connectivity problem that might be caused by Windows firewall. What will you do to identify connections that Windows firewall allows or blocks?

A. Configure Network address translation (NAT).

B. Disable Windows firewall logging.

C. Configure Internet Protocol Security (IPSec).

D. Enable Windows firewall logging.

Which of the following layers of the OSI model corresponds to the Host-to-Host layer of the TCP/IP model?

A. The presentation layer

B. The application layer

C. The transport layer

D. The session layer

Sam works as a Web Developer for McRobert Inc. He wants to control the way in which a Web browser receives information and downloads content from Web sites. Which of the following browser settings will Sam use to accomplish this?

A. Proxy server

B. Cookies

C. Security

D. Certificate

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

A. Containment

B. Preparation

C. Recovery

D. Identification

Mark is implementing security on his e-commerce site. He wants to ensure that a customer sending a message is really the one he claims to be. Which of the following techniques will he use to ensure this?

A. Packet filtering

B. Authentication

C. Firewall

D. Digital signature

You send and receive messages on Internet. A man-in-the-middle attack can be performed to capture and read your message. Which of the following Information assurance pillars ensures the security of your message or data against this type of attack?

A. Authentication

B. Non-repudiation

C. Data availability

D. Confidentiality

Which of the following security applications is used to secure a database from unauthorized accesses in a network infrastructure?

A. Antivirus

B. Anti-Malware

C. Anti-Spoofing

D. Firewall

Which of the following is prepared by the business and serves as a starting point for producing the IT Service Continuity Strategy?

A. Disaster Invocation Guideline

B. Business Continuity Strategy

C. Index of Disaster-Relevant Information

D. Availability/ ITSCM/ Security Testing Schedule

Which of the following is used in asymmetric encryption?

A. Public key and user key

B. Public key and private key

C. SSL

D. NTFS

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his task?

A. TCP FTP proxy scanning

B. Eavesdropping

C. Fingerprinting

D. Web ripping

SIMULATION -
Fill in the blank with the appropriate value. SHA-1 produces a ______-bit message digest.

Which of the following cryptographic algorithm uses public key and private key to encrypt or decrypt data?

A. Symmetric

B. Numeric

C. Hashing

D. Asymmetric

What is a variant with regard to Configuration Management?

A. A CI that has the same name as another CI but shares no relationship.

B. A CI that has the same essential functionality as another CI but a bit different in some small manner.

C. A CI that particularly refers to a hardware specification.

D. A CI that particularly refers to a software version.

Which of the following components are usually found in an Intrusion detection system (IDS)?
Each correct answer represents a complete solution. Choose two.

A. Console

B. Sensor

C. Firewall

D. Modem

E. Gateway

Andrew works as a Network Administrator for NetTech Inc. The company has a Windows Server 2008 domain-based network. The network contains five Windows 2008 member servers and 120 Windows XP Professional client computers. Andrew is concerned about the member servers that are not meeting the security requirements as mentioned in the security policy of the company. Andrew wants to compare the current security settings of the member servers with the security template that is configured according to the security policy of the company. Which of the following tools will Andrew use to accomplish this?

A. Security Configuration and Analysis Tool

B. Active Directory Migration Tool (ADMT)

C. Task Manager

D. Group Policy Management Console (GPMC)

Which of the following statements are TRUE regarding asymmetric encryption and symmetric encryption? Each correct answer represents a complete solution. Choose all that apply.

A. Data Encryption Standard (DES) is a symmetric encryption key algorithm.

B. In symmetric encryption, the secret key is available only to the recipient of the message.

C. Symmetric encryption is commonly used when a message sender needs to encrypt a large amount of data.

D. Asymmetric encryption uses a public key and a private key pair for data encryption.