You are responsible for security at a building that has a lot of traffic. There are even a significant number of non-employees coming in and out of the building. You are concerned about being able to find out who is in the building at a particular time. What is the simplest way to accomplish this?

A. Implement a sign in sheet at the main entrance and route all traffic through there.

B. Have all people entering the building use smart cards for access.

C. Implement biometric access.

D. Implement cameras at all entrances.

Which of the following life cycle modeling activities establishes service relationships and message exchange paths?

A. Service-oriented logical design modeling

B. Service-oriented conceptual architecture modeling

C. Service-oriented discovery and analysis modeling

D. Service-oriented business integration modeling

Which of the following encryption modes can make protocols without integrity protection even more susceptible to replay attacks, since each block gets decrypted in exactly the same way?

A. Cipher feedback mode

B. Cipher block chaining mode

C. Output feedback mode

D. Electronic codebook mode

You are the administrator for YupNo.com. You want to increase and enhance the security of your computers and simplify deployment. You are especially concerned with any portable computers that are used by remote employees. What can you use to increase security, while still allowing your users to perform critical tasks?

A. BitLocker

B. Smart Cards

C. Service Accounts

D. AppLocker

You work as a Chief Security Officer for Tech Perfect Inc. You have configured IPSec and ISAKMP protocol in the company's network in order to establish a secure communication infrastructure. ccording to the Internet RFC 2408, which of the following services does the ISAKMP protocol offer to the network? Each correct answer represents a part of the solution. Choose all that apply.

A. It relies upon a system of security associations.

B. It provides key generation mechanisms.

C. It authenticates communicating peers.

D. It protects against threats, such as DoS attack, replay attack, etc.

You work as a CSO (Chief Security Officer) for Tech Perfect Inc. You have a disaster scenario and you want to discuss it with your team members for getting appropriate responses of the disaster. In which of the following disaster recovery tests can this task be performed?

A. Full-interruption test

B. Parallel test

C. Simulation test

D. Structured walk-through test

John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

A. Email spoofing

B. Social engineering

C. Web ripping

D. Steganography

A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which type of attack is this?

A. Denial-of-Service attack

B. Vulnerability attack

C. Social Engineering attack

D. Impersonation attack

Which of the following are the examples of technical controls? Each correct answer represents a complete solution. Choose three.

A. Auditing

B. Network acchitecture

C. System access

D. Data backups

Which of the following attacks can be overcome by applying cryptography?

A. Web ripping

B. DoS

C. Sniffing

D. Buffer overflow

Which of the following statements about a stream cipher are true? Each correct answer represents a complete solution. Choose three.

A. It typically executes at a higher speed than a block cipher.

B. It divides a message into blocks for processing.

C. It typically executes at a slower speed than a block cipher.

D. It divides a message into bits for processing.

E. It is a symmetric key cipher.

Which of the following keys is derived from a preshared key and Extensible Authentication Protocol (EAP)?

A. Pairwise Transient Key

B. Group Temporal Key

C. Private Key

D. Pairwise Master Key

You work as a CSO (Chief Security Officer) for Tech Perfect Inc. You want to perform the following tasks: Develop a risk-driven enterprise information security architecture. Deliver security infrastructure solutions that support critical business initiatives. Which of the following methods will you use to accomplish these tasks?

A. Service-oriented architecture

B. Sherwood Applied Business Security Architecture

C. Service-oriented modeling framework

D. Service-oriented modeling and architecture

In which of the following network topologies does the data travel around a loop in a single direction and pass through each device?

A. Ring topology

B. Tree topology

C. Star topology

D. Mesh topology

Which of the following is the duration of time and a service level within which a business process must be restored after a disaster in order to avoid unacceptable consequences associated with a break in business continuity?

A. RCO

B. RTO

C. RPO

D. RTA

You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails. Which of the following will you use to accomplish this?

A. PGP

B. PPTP

C. IPSec

D. NTFS

You are responsible for a Microsoft based network. Your servers are all clustered. Which of the following are the likely reasons for the clustering? Each correct answer represents a complete solution. Choose two.

A. Reduce power consumption

B. Ease of maintenance

C. Failover

D. Load balancing

Which of the following protocols is used to compare two values calculated using the Message Digest (MD5) hashing function?

A. CHAP

B. PEAP

C. EAP

D. EAP-TLS

Which of the following methods for identifying appropriate BIA interviewees' includes examining the organizational chart of the enterprise to understand the functional positions?

A. Executive management interviews

B. Overlaying system technology

C. Organizational chart reviews

D. Organizational process models

Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?

A. Network-based

B. Anomaly-based

C. File-based

D. Signature-based

You work as a Network Administrator for McRoberts Inc. You are expanding your company's network. After you have implemented the network, you test the connectivity to a remote host by using the PING command. You get the ICMP echo reply message from the remote host. Which of the following layers of the OSI model are tested through this process? Each correct answer represents a complete solution. Choose all that apply.

A. Layer 3

B. Layer 2

C. Layer 4

D. Layer 1

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of
Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

A. Containment

B. Preparation

C. Recovery

D. Identification

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. John notices that the We-are- secure network is vulnerable to a man-in-the-middle attack since the key exchange process of the cryptographic algorithm it is using does not thenticate participants. Which of the following cryptographic algorithms is being used by the We-are-secure server?

A. Blowfish

B. Twofish

C. RSA

D. Diffie-Hellman

Which of the following protocols should a Chief Security Officer configure in the network of his company to protect sessionless datagram protocols?

A. SWIPE

B. S/MIME

C. SKIP

D. SLIP

You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? Each correct answer represents a complete solution. Choose two.

A. MAC filtering the router

B. Not broadcasting SSID

C. Using WEP encryption

D. Using WPA encryption

You work as a Security Manager for Tech Perfect Inc. The management tells you to implement a hashing method in the organization that can resist forgery and is not open to the man-in-the-middle attack. Which of the following methods will you use to accomplish the task?

A. MD

B. NTLM

C. MAC

D. SHA

Sam is creating an e-commerce site. He wants a simple security solution that does not require each customer to have an individual key. Which of the following encryption methods will he use?

A. Asymmetric encryption

B. Symmetric encryption

C. S/MIME

D. PGP

A company named Money Builders Inc., hires you to provide consultancy for setting up their Windows network. The company's server room will be in a highly secured environment. You are required to suggest an authentication method for it. The CFO of the company wants the server to use thumb impressions for authentication. Which of the following authentication methods will you suggest?

A. Certificate

B. Smart card

C. Two-factor

D. Biometrics

Which of the following is a method for transforming a message into a masked form, together with a way of undoing the transformation to recover the message?

A. Cipher

B. CrypTool

C. Steganography

D. MIME

Which of the following keys are included in a certificate revocation list (CRL) of a public key infrastructure (PKI)? Each correct answer represents a complete solution. Choose two.

A. A foreign key

B. A private key

C. A public key

D. A primary key

Which of the following are the countermeasures against a man-in-the-middle attack? Each correct answer represents a complete solution. Choose all that apply.

A. Using public key infrastructure authentication.

B. Using basic authentication.

C. Using Secret keys for authentication.

D. Using Off-channel verification.

You work as a Network Consultant. A company named Tech Perfect Inc. hires you for security reasons. The manager of the company tells you to establish connectivity between clients and servers of the network which prevents eavesdropping and tampering of data on the Internet. Which of the following will you configure on the network to perform the given task?

A. WEP

B. IPsec

C. VPN

D. SSL

You are the Security Consultant advising a company on security methods. This is a highly secure location that deals with sensitive national defense related data.
They are very concerned about physical security as they had a breach last month. In that breach an individual had simply grabbed a laptop and ran out of the building. Which one of the following would have been most effective in preventing this?

A. Not using laptops.

B. Keeping all doors locked with a guard.

C. Using a man-trap.

D. A sign in log.

Which of the following encryption algorithms is used by the Clipper chip, which supports the escrowed encryption standard?

A. Skipjack

B. Blowfish

C. AES

D. IDEA

Andrew works as a Network Administrator for Infonet Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.

A. Synchronous

B. Secret

C. Asymmetric

D. Symmetric

An access control secures the confidentiality, integrity, and availability of the information and data of an organization. In which of the following categories can you deploy the access control? Each correct answer represents a part of the solution. Choose all that apply.

A. Detective access control

B. Corrective access control

C. Administrative access control

D. Preventive access control

Which of the following terms refers to the method that allows or restricts specific types of packets from crossing over the firewall?

A. Hacking

B. Packet filtering

C. Web caching

D. Spoofing

Which of the following security protocols provides confidentiality, integrity, and authentication of network traffic with end-to-end and intermediate-hop security?

A. IPSec

B. SET

C. SWIPE

D. SKIP

You work as a Chief Security Officer for Tech Perfect Inc. The company has a TCP/IP based network. You want to use a firewall that can track the state of active connections of the network and then determine which network packets are allowed to enter through the firewall. Which of the following firewalls has this feature?

A. Stateful packet inspection firewall

B. Proxy-based firewall

C. Dynamic packet-filtering firewall

D. Application gateway firewall

Peter works as a Network Administrator for Net World Inc. The company wants to allow remote users to connect and access its private network through a dial-up connection via the Internet. All the data will be sent across a public network. For security reasons, the management wants the data sent through the Internet to be encrypted. The company plans to use a Layer 2 Tunneling Protocol (L2TP) connection. Which communication protocol will Peter use to accomplish the task?

A. IP Security (IPSec)

B. Microsoft Point-to-Point Encryption (MPPE)

C. Pretty Good Privacy (PGP)

D. Data Encryption Standard (DES)

Which of the following protocols provides certificate-based authentication for virtual private networks (VPNs)?

A. PPTP

B. SMTP

C. HTTPS

D. L2TP

In which of the following cryptographic attacking techniques does an attacker obtain encrypted messages that have been encrypted using the same encryption algorithm?

A. Chosen plaintext attack

B. Ciphertext only attack

C. Chosen ciphertext attack

D. Known plaintext attack

Which of the following tenets does the CIA triad provide for which security practices are measured? Each correct answer represents a part of the solution. Choose all that apply.

A. Integrity

B. Accountability

C. Availability

D. Confidentiality

Which of the following two cryptography methods are used by NTFS Encrypting File System (EFS) to encrypt the data stored on a disk on a file-by-file basis?

A. Twofish

B. Digital certificates

C. Public key

D. RSA

You work as a Network Administrator for Blue Bell Inc. The company has a TCP-based network. The company has two offices in different cities. The company wants to connect the two offices by using a public network. You decide to configure a virtual private network (VPN) between the offices. Which of the following protocols is used by VPN for tunneling?

A. L2TP

B. HTTPS

C. SSL

D. IPSec

Which of the following elements of planning gap measures the gap between the total potential for the market and the actual current usage by all the consumers in the market?

A. Project gap

B. Product gap

C. Competitive gap

D. Usage gap

Which of the following devices is a least expensive power protection device for filtering the electrical stream to control power surges, noise, power sags, and power spikes?

A. Line Conditioner

B. Surge Suppressor

C. Uninterrupted Power Supply (UPS)

D. Expansion Bus

Which of the following protocols multicasts messages and information among all member devices in an IP multicast group?

A. ARP

B. ICMP

C. TCP

D. IGMP

Perfect World Inc., provides its sales managers access to the company's network from remote locations. The sales managers use laptops to connect to the network. For security purposes, the company's management wants the sales managers to log on to the network using smart cards over a remote connection.
Which of the following authentication protocols should be used to accomplish this?

A. Challenge Handshake Authentication Protocol (CHAP)

B. Microsoft Challenge Handshake Authentication Protocol (MS-CHAP)

C. Open Shortest Path First (OSPF)

D. Extensible Authentication Protocol (EAP)

Which of the following protocols supports encapsulation of encrypted packets in secure wrappers that can be transmitted over a TCP/IP connection?

A. PPTP

B. UDP

C. IPSec

D. PAP