Which of the following encryption algorithms are based on stream ciphers?
Each correct answer represents a complete solution. Choose two.

A. RC4

B. FISH

C. Blowfish

D. Twofish

authentication is true?

A. A user provides his user name and password for authentication.

B. A user uses a smart card for authentication.

C. A sensor scans some physical characteristics of a user and sends that information to the authentication server.

D. A user is issued a device that is used for authentication.

You work as a Network Administrator for NetTech Inc. Your computer has the Windows 2000 Server operating system. You want to harden the security of the server. Which of the following changes are required to accomplish this?
Each correct answer represents a complete solution. Choose two.

A. Rename the Administrator account.

B. Remove the Administrator account.

C. Disable the Guest account.

D. Enable the Guest account.

Which methods help you to recover your data in the event of a system or hard disk failure?
Each correct answer represents a complete solution. Choose two.

A. Install a RAID system

B. Use data encryption

C. Install and use a tape backup unit

D. Install UPS systems on all important devices

Which of the following groups represents the most likely source of an asset loss through the inappropriate use of computers?

A. Visitors

B. Customers

C. Employees

D. Hackers

Which of the following authentication protocols provides support for a wide range of authentication methods, such as smart cards and certificates?

A. EAP

B. CHAP

C. MS-CHAP v2

D. PAP

Which of the following services does Internet Information Server (IIS) provide along with HTTP?
Each correct answer represents a complete solution. Choose three.

A. SMTP

B. FTP

C. PPTP

D. NNTP

SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol?
Each correct answer represents a complete solution. Choose all that apply.

A. Blowfish

B. DES

C. RC4

D. IDEA

Which of the following are the responsibilities of the owner with regard to data in an information classification program?
Each correct answer represents a complete solution. Choose three.

A. Delegating the responsibility of the data protection duties to a custodian.

B. Determining what level of classification the information requires.

C. Running regular backups and routinely testing the validity of the backup data.

D. Reviewing the classification assignments at regular time intervals and making changes as the business needs change.

is true?

A. It is a rule list containing access control entries.

B. It specifies whether an audit activity should be performed when an object attempts to access a resource.

C. It is a list containing user accounts, groups, and computers that are allowed (or denied) access to the object.

D. It is a unique number that identifies a user, group, and computer account.

attacks?
Each correct answer represents a complete solution. Choose two.

A. Man-in-the-middle attack

B. Dictionary attack

C. Brute force attack

D. Password attack

Which of the following methods of encryption uses a single key to encrypt and decrypt data?

A. S/MIME

B. PGP

C. Symmetric

D. Asymmetric

Which of the following are used to suppress electrical and computer fires?
Each correct answer represents a complete solution. Choose two.

A. Halon

B. Soda acid

C. CO2

D. Water

are true?
Each correct answer represents a complete solution. Choose two.

A. It identifies a user who sends a message.

B. It is created by implementing a public-key encryption.

C. It is created by implementing a private-key encryption.

D. It identifies a user who deletes a message.

Which of the following can be done over telephone lines, e-mail, instant messaging, and any other method of communication considered private.

A. Shielding

B. Eavesdropping

C. Spoofing

D. Packaging

Which of the following access control models are used in the commercial sector?
Each correct answer represents a complete solution. Choose two.

A. Clark-Wilson model

B. Clark-Biba model

C. Bell-LaPadula model

D. Biba model

SIMULATION -
Fill in the blank with the appropriate value.
SHA-1 produces a _________ -bit message digest.

Which of the following terms is used for the process of securing a system or a device on a network infrastructure?

A. Authentication

B. Sanitization

C. Hardening

D. Cryptography

Which of the following port numbers is used by the HTTPS protocol for secure Web transmission?

A. 8080

B. 21

C. 110

D. 443

E. 80

F. 25

Which of the following are threats to network security?
Each correct answer represents a complete solution. Choose two.

A. Dial-up connections

B. Rogue employees

C. Disabled user accounts

D. Events auditing

In which of the following attacks does an attacker send a spoofed TCP SYN packet in which the target's IP address is filled in both the source and destination fields?

A. Jolt DoS attack

B. Ping of death attack

C. Teardrop attack

D. Land attack

Which term best describes an e-mail that contains incorrect and misleading information or warnings about viruses?

A. Hoax

B. Spam

C. Trojan horse

D. Virus

E. Rlogin

F. Blowfish

is true?

A. It does not insert false packets into the data stream.

B. It makes the computer’s network services unavailable.

C. It inserts false packets into the data stream.

D. It locks out the users’ accounts.

This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. The main features of these tools are as follows:
✑ It displays the signal strength of a wireless network, MAC address, SISD, channel details, etc.
✑ It is commonly used for the following purposes:
a. War driving
b. Detecting unauthorized access points
c. Detecting causes of interference on a WLAN
d. WEP ICV error tracking
e. Making Graphs and Alarms on 802.11 Data, including Signal Strength
This tool is known as __________.

A. Kismet

B. NetStumbler

C. Absinthe

D. THC-Scan

You work in a company that accesses the Internet frequently. This makes the company's files susceptible to attacks from unauthorized access. You want to protect your company's network from external attacks. Which of the following options will help you in achieving your aim?

A. HTTP

B. FTP

C. Firewall

D. Gopher

SIMULATION -
Fill in the blank with the appropriate value.
Service Set Identifiers (SSIDs) are case sensitive text strings that have a maximum length of_______ characters.

Which of the following needs to be documented to preserve evidences for presentation in court?

A. Chain of custody

B. Incident response policy

C. Account lockout policy

D. Separation of duties

work?

A. Session layer

B. Transport layer

C. Application layer

D. Data-link layer

is used to send e-mails on the Internet?

A. HTTP

B. POP3

C. IMAP4

D. SMTP

In which of the following security tests does the security testing team simulate as an employee or other person with an authorized connection to the organization's network?

A. Remote dial-up network

B. Remote network

C. Stolen equipment

D. Local network

are true?
Each correct answer represents a complete solution. Choose two.

A. It allows the computers in a private network to share a global, ISP assigned address to connect to the Internet.

B. It reduces the need for globally unique IP addresses.

C. It allows external network clients access to internal services.

D. It provides added security by using Internet access to deny or permit certain traffic from the Bastion Host.

Which of the following books is used to examine integrity and availability?

A. Brown Book

B. Purple Book

C. Orange Book

D. Red Book

are true?
Each correct answer represents a complete solution. Choose two.

A. It can also be nested with the Layer Two Tunneling Protocol (L2TP).

B. It is an IPSec protocol.

C. It uses TCP port 22 as the default port and operates at the application layer.

D. It is a text-based communication protocol.

Which of the following uses public-key encryption to encrypt and digitally sign e-mail messages during communication between e-mail clients?

A. SSL

B. TLS

C. PGP

D. EAP

John works as a Network Security Professional. He is assigned a project to test the security of www.we-are-secure.com. He is working on the Linux operating system and wants to install an Intrusion Detection System on the We-are-secure server so that he can receive alerts about any hacking attempts. Which of the following tools can John use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

A. Snort

B. SARA

C. Samhain

D. Tripwire

In which of the following IDS evasion attacks does an attacker send a data packet such that IDS accepts the data packet but the host computer rejects it?

A. Fragmentation overlap attack

B. Evasion attack

C. Fragmentation overwrite attack

D. Insertion attack

Which of the following are the ways of sending secure e-mail messages over the Internet?
Each correct answer represents a complete solution. Choose two.

A. PGP

B. TLS

C. IPSec

D. S/MIME

Which of the following protocols allows Cisco devices to acquire and utilize digital certificates from Certification Authorities (CAs)?

A. Extensible Authentication Protocol (EAP)

B. Certificate Management Protocol (CMP)

C. Hypertext Transfer Protocol (HTTP)

D. Certificate Enrollment Protocol (CEP)

security system are true?
Each correct answer represents a complete solution. Choose two.

A. It requires a password only once to authenticate users.

B. It requires a new password every time a user authenticates himself.

C. It generates passwords by using either the MD4 or MD5 hashing algorithm.

D. It generates passwords by using Kerberos v5.

Which of the following rate systems of Orange book has mandatory protection of the Trusted Computing Base (TCB)?

A. B-rated system

B. A-rated system

C. D-rated system

D. C-Rated system

?

A. PPP

B. L2TP

C. PPTP

D. SLIP

Which of the following protocols is used to verify the status of a certificate?

A. CEP

B. HTTP

C. OSPF

D. OCSP

You work as a Network Administrator for NetTech Inc. The company's network has a Windows 2000 domain-based network. An employee of the company is dismissed for attempting to access secret data on the network. What measure will you take next to make the network secure?

A. Change the password of the employee’s user account.

B. Disable the employee’s user account.

C. Remove the password of the employee’s user account.

D. Disconnect the employee’s computer from the network.

Which of the following is a process of monitoring data packets that travel across a network?

A. Packet sniffing

B. Packet filtering

C. Shielding

D. Password guessing

?
Each correct answer represents a complete solution. Choose three.

A. Authentication

B. Data encryption

C. Authorization

D. Accounting

Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2003 domainbased network. The company has two offices in different cities. The offices are connected through the Internet. Both offices have a Windows 2003 server named SERV1 and SERV2 respectively. Mark is required to create a secure connection between both offices. He configures a VPN connection between the offices using the two servers. He uses L2TP for VPN and also configures an IPSec tunnel. Which of the following will he achieve with this configuration?
Each correct answer represents a part of the solution. Choose two.

A. Highest possible encryption for traffic between the offices

B. Encryption for the local files stored on the two servers

C. Extra bandwidth on the Internet connection

D. Mutual authentication between the two servers

Which of the following can be prevented by an organization using job rotation and separation of duties policies?

A. Buffer overflow

B. Collusion

C. Phishing

D. Eavesdropping

The TCP/IP protocol suite uses ____ to identify which service a certain packet is destined for.

A. MAC addresses

B. Port numbers

C. Subnet masks

D. IP addresses

Which of the following statements best explains how encryption works on the Internet?

A. Encryption encodes information using specific algorithms with a string of numbers known as a key

B. Encryption helps in transaction processing by e-commerce servers on the Internet.

C. Encryption validates a username and password before sending information to the Web server.

D. Encryption allows authorized users to access Web sites that offer online shopping.

Which of the following provides protection against network eavesdropping and signal interference and works at the physical layer?

A. IPSec protocol

B. Router

C. Switch

D. Shielded twisted pair (STP)