The security controls that are implemented to manage physical security are divided in various groups. Which of the following services are offered by the administrative physical security control group? Each correct answer represents a part of the solution. Choose all that apply.

A. Construction and selection

B. Site management

C. Awareness training

D. Access control

E. Intrusion detection

F. Personnel control

IPsec VPN provides a high degree of data privacy by establishing trust points between communicating devices and data encryption. Which of the following encryption methods does IPsec VPN use? Each correct answer represents a complete solution. Choose two.

A. MD5

B. LEAP

C. AES

D. 3DES

Which of the following types of firewall functions at the Session layer of OSI model?

A. Circuit-level firewall

B. Application-level firewall

C. Packet filtering firewall

D. Switch-level firewall

Which of the following terms refers to the method that allows or restricts specific types of packets from crossing over the firewall?

A. Hacking

B. Packet filtering

C. Web caching

D. Spoofing

In which of the following alternative processing sites is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility?

A. Hot Site

B. Mobile Site

C. Warm Site

D. Cold Site

You work as a Network Administrator for Blue Bell Inc. The company has a TCP-based network. The company has two offices in different cities. The company wants to connect the two offices by using a public network. You decide to configure a virtual private network (VPN) between the offices. Which of the following protocols is used by VPN for tunneling?

A. L2TP

B. HTTPS

C. SSL

D. IPSec

Which of the following are the countermeasures against a man-in-the-middle attack? Each correct answer represents a complete solution. Choose all that apply.

A. Using public key infrastructure authentication.

B. Using basic authentication.

C. Using Secret keys for authentication.

D. Using Off-channel verification.

Which of the following security protocols provides confidentiality, integrity, and authentication of network traffic with end-to-end and intermediate-hop security?

A. IPSec

B. SET

C. SWIPE

D. SKIP

You work as a CSO (Chief Security Officer) for Tech Perfect Inc. You want to perform the following tasks: Develop a risk-driven enterprise information security architecture. Deliver security infrastructure solutions that support critical business initiatives. Which of the following methods will you use to accomplish these tasks?

A. Service-oriented architecture

B. Sherwood Applied Business Security Architecture

C. Service-oriented modeling framework

D. Service-oriented modeling and architecture

Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective. Which of the following types of hardware devices will Adam use to implement two-factor authentication?

A. Biometric device

B. One Time Password

C. Proximity cards

D. Security token

You work as a Network Administrator for McRoberts Inc. You are expanding your company's network. After you have implemented the network, you test the connectivity to a remote host by using the PING command. You get the ICMP echo reply message from the remote host. Which of the following layers of the OSI model are tested through this process? Each correct answer represents a complete solution. Choose all that apply.

A. Layer 3

B. Layer 2

C. Layer 4

D. Layer 1

You are responsible for a Microsoft based network. Your servers are all clustered. Which of the following are the likely reasons for the clustering? Each correct answer represents a complete solution. Choose two.

A. Reduce power consumption

B. Ease of maintenance

C. Failover

D. Load balancing

In which of the following phases of the SDLC does the software and other components of the system faithfully incorporate the design specifications and provide proper documentation and training?

A. Initiation

B. Programming and training

C. Design

D. Evaluation and acceptance

Which of the following is a correct sequence of different layers of Open System Interconnection (OSI) model?

A. Physical layer, data link layer, network layer, transport layer, presentation layer, session layer, and application layer

B. Physical layer, network layer, transport layer, data link layer, session layer, presentation layer, and application layer

C. application layer, presentation layer, network layer, transport layer, session layer, data link layer, and physical layer

D. Physical layer, data link layer, network layer, transport layer, session layer, presentation layer, and application layer

Which of the following cryptographic system services ensures that information will not be disclosed to any unauthorized person on a local network?

A. Authentication

B. Non-repudiation

C. Integrity

D. Confidentiality

Which of the following encryption modes can make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way?

A. Cipher feedback mode

B. Cipher block chaining mode

C. Output feedback mode

D. Electronic codebook mode

Which of the following should the administrator ensure during the test of a disaster recovery plan?

A. Ensure that the plan works properly

B. Ensure that all the servers in the organization are shut down.

C. Ensure that each member of the disaster recovery team is aware of their responsibility.

D. Ensure that all client computers in the organization are shut down.

Which of the following elements of planning gap measures the gap between the total potential for the market and the actual current usage by all the consumers in the market?

A. Project gap

B. Product gap

C. Competitive gap

D. Usage gap

Which of the following refers to a location away from the computer center where document copies and backup media are kept?

A. Storage Area network

B. Off-site storage

C. On-site storage

D. Network attached storage

A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which type of attack is this?

A. Denial-of-Service attack

B. Vulnerability attack

C. Social Engineering attack

D. Impersonation attack

Which of the following protocols provides certificate-based authentication for virtual private networks (VPNs)?

A. PPTP

B. SMTP

C. HTTPS

D. L2TP

You work as a Chief Security Officer for Tech Perfect Inc. The company has a TCP/IP based network. You want to use a firewall that can track the state of active connections of the network and then determine which network packets are allowed to enter through the firewall. Which of the following firewalls has this feature?

A. Stateful packet inspection firewall

B. Proxy-based firewall

C. Dynamic packet-filtering firewall

D. Application gateway firewall

In which of the following network topologies does the data travel around a loop in a single direction and pass through each device?

A. Ring topology

B. Tree topology

C. Star topology

D. Mesh topology

Which of the following user authentications are supported by the SSH-1 protocol but not by the SSH-2 protocol? Each correct answer represents a complete solution. Choose all that apply.

A. TIS authentication

B. Rhosts (rsh-style) authentication

C. Kerberos authentication

D. Password-based authentication

You are the administrator for YupNo.com. You want to increase and enhance the security of your computers and simplify deployment. You are especially concerned with any portable computers that are used by remote employees. What can you use to increase security, while still allowing your users to perform critical tasks?

A. BitLocker

B. Smart Cards

C. Service Accounts

D. AppLocker

Which of the following techniques can be used by an administrator while working with the symmetric encryption cryptography? Each correct answer represents a complete solution. Choose all that apply.

A. Block cipher

B. Stream cipher

C. Transposition cipher

D. Message Authentication Code

A company named Money Builders Inc., hires you to provide consultancy for setting up their Windows network. The company's server room will be in a highly secured environment. You are required to suggest an authentication method for it. The CFO of the company wants the server to use thumb impressions for authentication. Which of the following authentication methods will you suggest?

A. Certificate

B. Smart card

C. Two-factor

D. Biometrics

Which of the following electrical events shows a sudden drop of power source that can cause a wide variety of problems on a PC or a network?

A. Blackout

B. Power spike

C. Power sag

D. Power surge

You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails. Which of the following will you use to accomplish this?

A. PGP

B. PPTP

C. IPSec

D. NTFS

You are responsible for security at a building that has a lot of traffic. There are even a significant number of non-employees coming in and out of the building. You are concerned about being able to find out who is in the building at a particular time. What is the simplest way to accomplish this?

A. Implement a sign in sheet at the main entrance and route all traffic through there.

B. Have all people entering the building use smart cards for access.

C. Implement biometric access.

D. Implement cameras at all entrances.

Which of the following layers of the OSI model corresponds to the Host-to-Host layer of the TCP/IP model?

A. The transport layer

B. The presentation layer

C. The session layer

D. The application layer

Which of the following are types of access control attacks? Each correct answer represents a complete solution. Choose all that apply.

A. Dictionary attack

B. Mail bombing

C. Spoofing

D. Brute force attack

You work as a Network Consultant. A company named Tech Perfect Inc. hires you for security reasons. The manager of the company tells you to establish connectivity between clients and servers of the network which prevents eavesdropping and tampering of data on the Internet. Which of the following will you configure on the network to perform the given task?

A. WEP

B. IPsec

C. VPN

D. SSL

A network is configured on a Bus topology. Which of the following conditions could cause a network failure? Each correct answer represents a complete solution.
Choose all that apply.

A. A break in a network cable

B. 75 ohm terminators at open ends

C. A powered off workstation

D. An open-ended cable without terminators

Which of the following security architectures defines how to integrate widely disparate applications for a world that is Web-based and uses multiple implementation platforms?

A. Sherwood Applied Business Security Architecture

B. Service-oriented modeling and architecture

C. Enterprise architecture

D. Service-oriented architecture

You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? Each correct answer represents a complete solution. Choose two.

A. MAC filtering the router

B. Not broadcasting SSID

C. Using WEP encryption

D. Using WPA encryption

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. John notices that the We-are- secure network is vulnerable to a man-in-the-middle attack since the key exchange process of the cryptographic algorithm it is using does not thenticate participants. Which of the following cryptographic algorithms is being used by the We-are-secure server?

A. Blowfish

B. Twofish

C. RSA

D. Diffie-Hellman

Mark has been hired by a company to work as a Network Assistant. He is assigned the task to configure a dial-up connection. He is configuring a laptop. Which of the following protocols should he disable to ensure that the password is encrypted during remote access?

A. SPAP

B. MSCHAP

C. PAP

D. MSCHAP V2

Maria works as a Network Security Officer for Gentech Inc. She wants to encrypt her network traffic. The specific requirement for the encryption algorithm is that it must be a symmetric key block cipher. Which of the following techniques will she use to fulfill this requirement?

A. IDEA

B. PGP

C. DES

D. AES

Which of the following keys are included in a certificate revocation list (CRL) of a public key infrastructure (PKI)? Each correct answer represents a complete solution. Choose two.

A. A foreign key

B. A private key

C. A public key

D. A primary key

Which of the following processes is used to identify relationships between mission critical applications, processes, and operations and all supporting elements?

A. Critical path analysis

B. Functional analysis

C. Risk analysis

D. Business impact analysis

Peter works as a Network Administrator for Net World Inc. The company wants to allow remote users to connect and access its private network through a dial-up connection via the Internet. All the data will be sent across a public network. For security reasons, the management wants the data sent through the Internet to be encrypted. The company plans to use a Layer 2 Tunneling Protocol (L2TP) connection. Which communication protocol will Peter use to accomplish the task?

A. IP Security (IPSec)

B. Microsoft Point-to-Point Encryption (MPPE)

C. Pretty Good Privacy (PGP)

D. Data Encryption Standard (DES)

Which of the following uses a Key Distribution Center (KDC) to authenticate a principle?

A. CHAP

B. PAP

C. Kerberos

D. TACACS

Which of the following decides access control on an object in the mandatory access control (MAC) environment?

A. Sensitivity label

B. Event log

C. System Access Control List (SACL)

D. Security log

You work as a technician for Trade Well Inc. The company is in the business of share trading. To enhance security, the company wants users to provide a third key (apart from ID and password) to access the company's Web site. Which of the following technologies will you implement to accomplish the task?

A. Smart cards

B. Key fobs

C. VPN

D. Biometrics

Which of the following disaster recovery tests includes the operations that shut down at the primary site, and are shifted to the recovery site according to the disaster recovery plan?

A. Structured walk-through test

B. Simulation test

C. Full-interruption test

D. Parallel test

Which of the following password authentication schemes enables a user with a domain account to log on to a network once, using a password or smart card, and to gain access to multiple computers in the domain without being prompted to log in again?

A. Single Sign-On

B. One-time password

C. Dynamic

D. Kerberos

Which of the following heights of fence deters only casual trespassers?

A. 8 feet

B. 3 to 4 feet

C. 2 to 2.5 feet

D. 6 to 7 feet

You want to implement a network topology that provides the best balance for regional topologies in terms of the number of virtual circuits, redundancy, and performance while establishing a WAN network. Which of the following network topologies will you use to accomplish the task?

A. Bus topology

B. Fully meshed topology

C. Star topology

D. Partially meshed topology

Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?

A. Network-based

B. Anomaly-based

C. File-based

D. Signature-based