Which of the following encryption modes has the property to allow many error correcting codes to function normally even when applied before encryption?

A. OFB mode

B. CFB mode

C. CBC mode

D. PCBC mode

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of
Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

A. Containment

B. Preparation

C. Recovery

D. Identification

You are responsible for a Microsoft based network. Your servers are all clustered. Which of the following are the likely reasons for the clustering? Each correct answer represents a complete solution. Choose two.

A. Reduce power consumption

B. Ease of maintenance

C. Failover

D. Load balancing

An organization wants to allow a certificate authority to gain access to the encrypted data and create digital signatures on behalf of the user. The data is encrypted using the public key from a user's certificate. Which of the following processes fulfills the above requirements?

A. Key escrow

B. Key storage

C. Key revocation

D. Key recovery

Which of the following security architectures defines how to integrate widely disparate applications for a world that is Web-based and uses multiple implementation platforms?

A. Sherwood Applied Business Security Architecture

B. Service-oriented modeling and architecture

C. Enterprise architecture

D. Service-oriented architecture

You work as a Network Consultant. A company named Tech Perfect Inc. hires you for security reasons. The manager of the company tells you to establish connectivity between clients and servers of the network which prevents eavesdropping and tampering of data on the Internet. Which of the following will you configure on the network to perform the given task?

A. WEP

B. IPsec

C. VPN

D. SSL

In which of the following network topologies does the data travel around a loop in a single direction and pass through each device?

A. Ring topology

B. Tree topology

C. Star topology

D. Mesh topology

You are the Network Administrator for a small business. You need a widely used, but highly secure hashing algorithm. Which of the following should you choose?

A. AES

B. SHA

C. EAP

D. CRC32

Which of the following processes is used to identify relationships between mission critical applications, processes, and operations and all supporting elements?

A. Critical path analysis

B. Functional analysis

C. Risk analysis

D. Business impact analysis

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. John notices that the We-are- secure network is vulnerable to a man-in-the-middle attack since the key exchange process of the cryptographic algorithm it is using does not thenticate participants. Which of the following cryptographic algorithms is being used by the We-are-secure server?

A. Blowfish

B. Twofish

C. RSA

D. Diffie-Hellman

Which of the following disaster recovery tests includes the operations that shut down at the primary site, and are shifted to the recovery site according to the disaster recovery plan?

A. Structured walk-through test

B. Simulation test

C. Full-interruption test

D. Parallel test

Which of the following protocols uses the Internet key Exchange (IKE) protocol to set up security associations (SA)?

A. IPSec

B. L2TP

C. LEAP

D. ISAKMP

Which of the following are the goals of a public key infrastructure (PKI)? Each correct answer represents a part of the solution. Choose all that apply.

A. Authenticity

B. Globalization

C. Mobility

D. Integrity

E. Confidentiality

F. Nonrepudiation

Kerberos is a computer network authentication protocol that allows individuals communicating over a non-secure network to prove their identity to one another in a secure manner. Which of the following statements are true about the Kerberos authentication scheme? Each correct answer represents a complete solution.
Choose all that apply.

A. Kerberos requires continuous availability of a central server.

B. Dictionary and brute force attacks on the initial TGS response to a client may reveal the subject’s passwords.

C. Kerberos builds on Asymmetric key cryptography and requires a trusted third party.

D. Kerberos requires the clocks of the involved hosts to be synchronized.

Which of the following elements of planning gap measures the gap between the total potential for the market and the actual current usage by all the consumers in the market?

A. Project gap

B. Product gap

C. Competitive gap

D. Usage gap

Which of the following authentication protocols sends a user certificate inside an encrypted tunnel?

A. PEAP

B. EAP-TLS

C. WEP

D. EAP-FAST

In which of the following alternative processing sites is the backup facility maintained in a constant order, with a full complement of servers, workstations, and communication links ready to assume the primary operations responsibility?

A. Hot Site

B. Mobile Site

C. Warm Site

D. Cold Site

You work as a Network Administrator for Blue Bell Inc. The company has a TCP-based network. The company has two offices in different cities. The company wants to connect the two offices by using a public network. You decide to configure a virtual private network (VPN) between the offices. Which of the following protocols is used by VPN for tunneling?

A. L2TP

B. HTTPS

C. SSL

D. IPSec

A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which type of attack is this?

A. Denial-of-Service attack

B. Vulnerability attack

C. Social Engineering attack

D. Impersonation attack

Which of the following security protocols provides confidentiality, integrity, and authentication of network traffic with end-to-end and intermediate-hop security?

A. IPSec

B. SET

C. SWIPE

D. SKIP

Which of the following is used to authenticate asymmetric keys?

A. Digital signature

B. MAC Address

C. Demilitarized zone (DMZ)

D. Password

You work as a Network Administrator for NetTech Inc. You want to have secure communication on the company's intranet. You decide to use public key and private key pairs. What will you implement to accomplish this?

A. Microsoft Internet Information Server (IIS)

B. VPN

C. FTP server

D. Certificate server

An access control secures the confidentiality, integrity, and availability of the information and data of an organization. In which of the following categories can you deploy the access control? Each correct answer represents a part of the solution. Choose all that apply.

A. Detective access control

B. Corrective access control

C. Administrative access control

D. Preventive access control

Which of the following protocols is used to compare two values calculated using the Message Digest (MD5) hashing function?

A. CHAP

B. PEAP

C. EAP

D. EAP-TLS

You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries.
But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution? Each correct answer represents a part of the solution. Choose all that apply.

A. Identification

B. Eradication

C. Recovery

D. Contamination

E. Preparation

You work as a CSO (Chief Security Officer) for Tech Perfect Inc. You want to perform the following tasks: Develop a risk-driven enterprise information security architecture. Deliver security infrastructure solutions that support critical business initiatives. Which of the following methods will you use to accomplish these tasks?

A. Service-oriented architecture

B. Sherwood Applied Business Security Architecture

C. Service-oriented modeling framework

D. Service-oriented modeling and architecture

Which of the following are the countermeasures against a man-in-the-middle attack? Each correct answer represents a complete solution. Choose all that apply.

A. Using public key infrastructure authentication.

B. Using basic authentication.

C. Using Secret keys for authentication.

D. Using Off-channel verification.

Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.

A. Synchronous

B. Secret

C. Asymmetric

D. Symmetric

Which of the following terms refers to a mechanism which proves that the sender really sent a particular message?

A. Integrity

B. Confidentiality

C. Authentication

D. Non-repudiation

Which of the following types of firewall functions at the Session layer of OSI model?

A. Circuit-level firewall

B. Application-level firewall

C. Packet filtering firewall

D. Switch-level firewall

In which of the following cryptographic attacking techniques does the attacker pick up the information to be encrypted and take a copy of it with the encrypted data?

A. Chosen ciphertext attack

B. Known plaintext attack

C. Chosen plaintext attack

D. Ciphertext only attack

Your company is covered under a liability insurance policy, which provides various liability coverage for information security risks, including any physical damage of assets, hacking attacks, etc. Which of the following risk management techniques is your company using?

A. Risk acceptance

B. Risk avoidance

C. Risk transfer

D. Risk mitigation

Which of the following refers to a location away from the computer center where document copies and backup media are kept?

A. Storage Area network

B. Off-site storage

C. On-site storage

D. Network attached storage

Which of the following tenets does the CIA triad provide for which security practices are measured? Each correct answer represents a part of the solution. Choose all that apply.

A. Integrity

B. Accountability

C. Availability

D. Confidentiality

Which of the following are types of access control attacks? Each correct answer represents a complete solution. Choose all that apply.

A. Dictionary attack

B. Mail bombing

C. Spoofing

D. Brute force attack

Which of the following protocols supports encapsulation of encrypted packets in secure wrappers that can be transmitted over a TCP/IP connection?

A. PPTP

B. UDP

C. IPSec

D. PAP

Which of the following encryption modes can make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way?

A. Cipher feedback mode

B. Cipher block chaining mode

C. Output feedback mode

D. Electronic codebook mode

IPsec VPN provides a high degree of data privacy by establishing trust points between communicating devices and data encryption. Which of the following encryption methods does IPsec VPN use? Each correct answer represents a complete solution. Choose two.

A. MD5

B. LEAP

C. AES

D. 3DES

You are the administrator for YupNo.com. You want to increase and enhance the security of your computers and simplify deployment. You are especially concerned with any portable computers that are used by remote employees. What can you use to increase security, while still allowing your users to perform critical tasks?

A. BitLocker

B. Smart Cards

C. Service Accounts

D. AppLocker

Mark works as a Network Administrator for NetTech Inc. He wants users to access only those resources that are required for them. Which of the following access control models will he use?

A. Policy Access Control

B. Mandatory Access Control

C. Discretionary Access Control

D. Role-Based Access Control

You are the Security Consultant advising a company on security methods. This is a highly secure location that deals with sensitive national defense related data.
They are very concerned about physical security as they had a breach last month. In that breach an individual had simply grabbed a laptop and ran out of the building. Which one of the following would have been most effective in preventing this?

A. Not using laptops.

B. Keeping all doors locked with a guard.

C. Using a man-trap.

D. A sign in log.

Which of the following keys is derived from a preshared key and Extensible Authentication Protocol (EAP)?

A. Pairwise Transient Key

B. Group Temporal Key

C. Private Key

D. Pairwise Master Key

Which of the following techniques can be used by an administrator while working with the symmetric encryption cryptography? Each correct answer represents a complete solution. Choose all that apply.

A. Block cipher

B. Stream cipher

C. Transposition cipher

D. Message Authentication Code

In which of the following phases of the SDLC does the software and other components of the system faithfully incorporate the design specifications and provide proper documentation and training?

A. Initiation

B. Programming and training

C. Design

D. Evaluation and acceptance

John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

A. Email spoofing

B. Social engineering

C. Web ripping

D. Steganography

You work as a Chief Security Officer for Tech Perfect Inc. You have configured IPSec and ISAKMP protocol in the company's network in order to establish a secure communication infrastructure. ccording to the Internet RFC 2408, which of the following services does the ISAKMP protocol offer to the network? Each correct answer represents a part of the solution. Choose all that apply.

A. It relies upon a system of security associations.

B. It provides key generation mechanisms.

C. It authenticates communicating peers.

D. It protects against threats, such as DoS attack, replay attack, etc.

Which of the following uses a Key Distribution Center (KDC) to authenticate a principle?

A. CHAP

B. PAP

C. Kerberos

D. TACACS

Which of the following electrical events shows a sudden drop of power source that can cause a wide variety of problems on a PC or a network?

A. Blackout

B. Power spike

C. Power sag

D. Power surge

Which of the following password authentication schemes enables a user with a domain account to log on to a network once, using a password or smart card, and to gain access to multiple computers in the domain without being prompted to log in again?

A. Single Sign-On

B. One-time password

C. Dynamic

D. Kerberos

You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails. Which of the following will you use to accomplish this?

A. PGP

B. PPTP

C. IPSec

D. NTFS