Sr.

QUESTION OPTION1 OPTION2 OPTION3 OPTION4

Another name for the Wireless Ethernet
1 802.11a is- Wi-Fi2 Wi-Fi1 Wi-Fi5 Wi-Fi6
Which Nmap scan is does not completely open
2 a TCP connection? SYN scan TCP connect XMAS tree scan ACK scan

State full firewall Bit oriented

Network layer firewall has two sub-categories and stateless Frame firewall and firewall and byte None of the
3 as firewall packet firewall oriented firewall mentioned

Which of the following is / are the types of Packet Filtering Dual Homed Screen Host All of the
4 firewall? Firewall Gateway Firewall Firewall mentioned
5 A proxy firewall filters at the Physical layer Application layer Data link layer Network layer
Application or Network &
6 A packet filter firewall filters at the transport Data link layer Physical Layer transport layer

A stateful firewall maintains a ___________

7 which is a list of active connections? Routing table Bridging table State table Connection table
A firewall needs to be ____ so that it can grow
8 with the network it protects. Robust Expensive Fast Scalable
____ server is a server that creates a secure
9 tunnel connection. RADIUS VPN Tunnel Authentication
What is the most common command to use
10 ICMP? Ping Trace Netstat NBTstat
Ports up to _______ are called well-known
11 ports. 1500 255 1023 1025
Zone Alarm is an example of a ________
12 firewall. Personal Corporate IDS None of the above

The practice of designing operational aspects of

a system to work with a minimal amount of
13 system privilege is called _____________. Least privilege Failover firewall IP forwarding Access denied
_______________ is an error-checking
procedure performed in the trailer section of an
14 IP packet. CRC ACK FQDN FIN

What is major drawback of anomaly detection These are very It generates many It doesnt detect
15 IDS ? slow at detection false alarms old attacks None of these
Using key
pre shared secret distribution center public key-
16 What is preferred way of encryption ? key (KDC) encryption symmetric key

It is used to protect
data from
unauthorized It is used to ensure
access during It is used to ensure data corruption It is used to ensure
17 What is not a role of encryption ? transmission user authentication doesn't happens data integrity

18 Which of the following is a strong password ? 19thAugust88 Delhi88 $tr0nGP@$$#9 !augustdelhi

Thresholding
An attacker, The IDS will not interferes with the
The use of alert thresholding in an IDS can working slowly Network packets distinguish among IDS' ability to
reduce the volume of repeated alerts, but enough, can evade are dropped if the packets originating reassemble
introduces which of the following detection by the volume exceeds from different fragmented
19 vulnerabilities? IDS the threshold sources packets
 Which type of access control is used on a router
20 or firewall to limit network activity? Mandatory Role-based Discretionary Rule-based

Which type of security document is written

21 with specific step-by-step details? Paradigm Policy Procedure Process
retain state filter specific
One advantage of an application-level firewall is information for filter packets at the monitor tcp commands, such as
22 the ability to each packet network level handshaking http:post
Which security strategy requires using several,
varying methods to protect IT systems against Three-way Exponential
23 attacks? handshake Defense in depth backoff algorithm Covert channels

Patterns in time Increased amount

What are common signs that a system has been gaps in system of failed logon
24 compromised or hacked? and/or event logs events All of the above None of the above

When analyzing the IDS logs, the system

administrator noticed an alert was logged when
the external router was accessed from the
administrator's computer to update the router
25 configuration. What type of an alert is this? Flase Positive True negative False negative False negative

User should access Companies should User must be able User must be able
all the information have only a few to access only the to access only the
stored in the employees with information and information and
Which of the following is the BEST example for business to better full access to the resources that are resources that are
the principle of least privilege as a system execute his/her information of the necessary for necessary for
26 security control? functions business legitimate purpose legitimate purpose

A security engineer has been asked to deploy a

secure remote access solution that will allow
employees to connect to the company's
internal network. Which of the following can be
implemented to minimize the opportunity for Mutual
27 the man-in-the-middle attack to occur? SSL Static IP addresses authentication IPSec

Which set of access control solutions Account and Fingerprint scanner

28 implements two-factor authentication? password USB token and PIN Password and PIN and retina scanner

They are placed at

What is the main advantage that a network- They do not use They are easier to the boundary, They will not
based IDS/IPS system has over a host-based host system install and allowing them to interfere with user
29 solution? resources configure inspect all traffic interfaces

When analyzing the IDS logs, the system

administrator notices connections from outside
of the LAN have been sending packets where
the Source IP address and Destination IP
address are the same. There have been no
alerts sent via email or logged in the IDS. Which
30 type of an alert is this? False positive False negative True negative True positive
A newly discovered flaw in a software HTTP header
application would be considered which kind of injection Input validation dead-day
31 security vulnerability? vulnerability flaw 0-day vulnerability vulnerability
 Extensible Point to Point
Smart cards use which protocol to transfer the Point to Point Authentication Tunneling Protocol Layer 2 Tunneling
32 certificate in a secure manner? Protocol (PPP) Protocol (EAP) (PPTP) Protocol (L2TP)

By decreasing an
By using informal By sharing security employee's
networks of secrets with vacation time,
communication, employees, By implementing addressing ad-hoc
establishing secret enabling written security employment
passing employees to procedures, clauses, and
procedures, and share secrets, and enabling employee ensuring that
immediately establishing a security training, managers know
How can a policy help improve an employee's terminating consultative help and promoting the employee
33 security awareness? employees line benefits of security strengths
Which solution can be used to emulate
computer services, such as mail and ftp, and to
capture information related to logins or
34 actions? Core server Honeypot Layer 4 switch Firewall

During a penetration test, the tester conducts

an ACK scan using NMAP against the external
interface of the DMZ firewall. NMAP reports
that port 80 is unfiltered. Based on this
response, which type of packet inspection is the
35 firewall conducting? Stateless Application Stateful Host
The digital
representation of Authentication A stored biometric A stored biometric
the biometric using a stored is no longer can be stolen and
might not be biometric 'something you used by an attacker
unique, even if the compares a copy to are' and instead to impersonate the
physical a copy instead of becomes individual
What is the main reason the use of a stored characteristic is the original to a 'something you identified by the
36 biometric is vulnerable to an attack? unique copy. have'. biometric
Which type of intrusion detection system can
monitor and alert on attacks, but cannot stop
37 them? Reactive Passive Detective Intuitive

The intrusion detection system at a software

development company suddenly generates
multiple alerts regarding attacks against the Investigate based
company's external webserver, VPN Investigate based Investigate based on the
concentrator, and DNS servers. What should on the potential Investigate based on the service maintenance
the security team do to determine which alerts effect of the on the order that level agreements schedule of the
38 to check first? incident the alerts arrived in of the systems affected systems

Run services with Review user roles Patch systems

least privileged and administrator regularly and Run administrator
accounts and privileges for upgrade and applications on
implement multi- maximum interactive login least privileges and
factor utilization of privileges at the use a content
What is the best defense against privilege authentication and automation system registry for
39 escalation vulnerability? authorization services administrator level tracking
 Blocks the
Stops checking Continues to connection with
When an alert rule is matched in a network- rules, sends an evaluate the Drops the packet the source IP
based IDS like snort, the IDS does which of the alert, and lets the packet until all and moves on to address in the
40 following? packet continue rules are checked the next one packet
If a sender uses AES to encrypt a message
before sending to a recipient, which type of key Recipient's public
41 does the sender have to use? A shared key key Sender's public key A session key

Fingerprinting to ICMP ping sweep

identify which Timing options to to determine Traceroute to
Which NMAP feature can a tester implement or operating systems slow the speed which hosts on the control the path of
adjust while scanning for open ports to avoid are running on the that the port scan network are not the packets sent
42 detection by the network's IDS? network is conducted available during the scan

Remove current
If the final set of security controls does not controls since they Continue to apply If the residual risk
eliminate all risk in a system, what could be Ignore any are not completely controls until is low enough, it
43 done next? remaining risk effective there is zero risk can be accepted
To reduce the attack surface of a system,
administrators should perform which of the
following processes to remove unnecessary
software, services, and insecure configuration
44 settings? Windowing Harvesting Hardening Stealthing
Which of the following is considered an
45 acceptable option when managing a risk? Deny the risk Mitigate the risk Reject the risk Initiate the risk

The use of technologies like IPSec can help

guarantee the following: authenticity, integrity,
46 confidentiality and security non-repudiation usability operability
Steve wants to send an encrypted message to
Jane using asymmetric key encryption method.
Which key is useful for encryption of the
47 message? Steve's public key Jane's private key Steve's private key Jane's public key
What is the procedure called where an ethical
hacker tests for vulnerabilities on a resource
48 from internet Penetration test Internal audit Blackbox audit External audit
What is the procedure called where an ethical
hacker tests for vulnerabilities on a resource
49 from within the network Penetration test Internal audit Blackbox audit External audit
What is the process of understanding if there is
any threat to a network resource and then Penetration
50 patching it is called Hijacking Hacking Ethical Hacking Testing

Steve is a network administrator working with

abc technologies, their network is already
configured and functional, Steve wants to place
a new UTM device in their network and test for
network attacks reported by IPS module in
UTM. Steve doesn't want to make any changes
in the existing network. How can Steve deploy
UTM without any changes done to the existing set UTM in Routed set UTM in passive set UTM in sniffing set UTM in bridge
51 network. mode mode mode mode
 You have received an email from
techsupport@bankofamerica.com asking you
to login to internet banking. You suspect if this Using email Check email with
email is from some malicious hacker. How to headers with email Replying to the Contact the bank whatismyipaddress
52 check if this email is really from the bank or not tracker pro email sender customer service .com

DoS against DoS against similar

multiple systems systems in
Which of the following best describes a DoS against an across an different target DoS carried out by
53 distributed denial-of-service attack? entire subnet enterprise network networks multiple systems

An attacker sends a TCP SYN message to a

server and receives SYN/ACK from the server
but doesn't send the ACK response. What is this Half-Open Half-Closed
54 state of the server called connection Open connection connection Malformed session

WPA2 uses AES for wireless data encryption at

55 which of the following encryption levels? 128 bit and CRC 128 bit CCMP 128 bit TKIP 128 bit SERC
John is scanning network IP addresses of
freeapps.com using angry IP Scanner but
couldn't find any live host. Which application
can be used to find live hosts if ICMP has been
56 blocked? Angry IP Scanner Nmap Nessus Retina
keyloggers that are hidden from the victim are employee
57 called stealth keylogger fud keylogger monitors none
Sniffing done on a switch connected network is
58 called Switch sniffing Active sniffing Direct sniffing Passive sniffing

Which algorithm provides better security

59 against bruteforce attacks using 160-bit hashes MD5 SHA1 SHA2 AES

The time period between finding a vulnerability Patch

60 and a successful patch is found is called Zero-day Rootkit management Zombie
An NMAP scan of a server shows port 69 is Unauthenticated Web portal data
61 open. What risk could this pose? access leak Cleartext login Weak SSL version
Steve has been contacted by freeapps.com Sign a non-
domain for a vulnerability audit, what is the discloser Inspect the servers Install all security
62 first step to be taken aggrement Scan the servers physically patches
What is the tool used to create ARP poison
63 attack in a switch network Wireshark Sniff pass Cain & Able Tomas
What is the software used to bind trojan to a
64 genuine application called Wrapper Binder Scanner Sniffer

How to protect passwords against sniffing End-to-end Dedicated links to

65 attacks encryption of data Hashing of data server-host None
What is the best way to protect data on a hard Encrypt the
66 drive even if it is stolen. Folder passwords BIOS password harddrive None

Steve creates an application that connects back

to his computer from a victim computer when
67 executed. What is this attack method called? Trojan attack Virus attack Reverse tcp attack Forward tcp attack
Use wrong
passwords first and Use linux based
How to protect against a keylogger on a public Use virtual then correct live cd/USB to Install anti-virus to
68 computer keyboard passwords boot the system the system
 Universal Remote Universal Resource Uniform Resource Uniform Resource
69 URL stands for – Locator Language Locator Language
HTTPS stands for Hypertext Transfer Protocol
70 over TLS. TRUE FALSE
An HTTP connection uses port _________
whereas HTTPS uses port ____________ and
71 invokes SSL. 40; 80 60; 620 80; 443 620; 80
Personal Office Post Office Privacy Overall Privacy Over
72 The protocol ‘POP' stands for- Protocol Protocol Protocol Protocol

connects the allows you to boost the signal

clients, servers and segment a large connects networks between two cable
peripherals to the network into with different segments or
What is the function of Network Interface network through a smaller, efficient protocols like wireless access
73 Cards? port networks TCP/IP points
A device which is used to boost the signal
between two cable segments or wireless access
74 points is Booster Repeater Switch Router
A device that provides a central connection
75 point for cables is – Switch Firewall Router Proxy Server
A device that connects networks with different
76 protocols – Switch Hub Router Proxy Server
A device that helps prevent congestion and
77 data collisions – Switch Hub Gateway Proxy Server
A device that is used to connect a number of
78 LANs is – Router Repeater Bridge Switch
None of the
79 Wi-Fi stands for- Wireless Fidelity Wireless LAN Wireless FLAN mentioned
Wired Protected Wireless Protected Wireless Personal Wired Personal
80 WPA stands for – Access Access Access Access
To create a
stronger To create a ghost To obtain a To hide malicious
connection with server on the remote access activity on the
81 Why would a hacker use a proxy server? the target. network. connection. network.
To hide information inside a picture, what
82 technology is used? Rootkits Bitmapping Steganography Image Rendering
To identify live To locate live To identify open
83 Why would a ping sweep be used? systems systems ports To locate firewalls
What protocol is the Active Directory database
84 based on? LDAP TCP SQL HTTP
Services running on a system are determined by The system's IP The Active The system's
85 _____________. address. Directory network name The port assigned
Network,
Port, network, and vulnerability and Passive, active, Server, client, and
86 What are the types of scanning? services port and interactive network
Enumeration is part of what phase of ethical
87 hacking? Reconnaissance Maintaining Access Gaining Access Scanning

88 Keyloggers are a form of ______________. Spyware Shoulder surfing Trojan Social engineering
 n attempt to crack An attempt to
An attempt to An attempt to passwords using a crack passwords by
crack passwords crack passwords by combination of replacing
using words that using both characters, characters with
can be found in dictionary words numbers, and numbers and
89 What are hybrid password attacks? dictionary. and bruteforce symbols. symbols.
90 Which form of encryption does WPA use? Shared key LEAP TKIP AES
What is the best statement for taking
advantage of a weakness in the security of an IT
91 system? Threat Attack Exploit Vulnerability
92 Which database is queried by Whois? ICANN ARIN APNIC DNS

Having individuals provide personal information

to obtain a free offer provided through the
Internet is considered what type of social
93 engineering? Web-based Human-based User-based Computer-based
A network of computers used in a denial-of-
94 service (DoS) attack is called: Worm. Botnet. Rootkit. Splog.

Which of the following is a type of program that

either pretends to have, or is described as
having, a set of useful or desirable features but
95 actually contains damaging code. Trojans Viruses Worm Adware

Which of the following is the type of software

96 that damages user files and system? Viruses Trojan horses Bots Worms

Which of the following is a program capable of

97 replicating with little or no user intervention? Virus Trojan horses Rootkit Worms

Which of the following is a software that, once

installed on your computer, tracks your internet
browsing habits and sends you popups
containing advertisements related to the sites
98 and topics you've visited? Backdoors Adware Bots Malware
What is the software called that's designed to
exploit a computer user and is a broad term
covering computer viruses, worms, Trojan,
99 adware, etc.? Backdoors Key-logger Malware Bots
What is the software called which when get
downloaded on computer scans your hard drive
for personal information and your internet
100 browsing habits? Spyware Antiware Malware rootkit
_________ are computer programs that are
designed by attackers to gain root or
101 administrative access to your computer. Backdoors Rootkits Antiware Malware

The attack that focuses on capturing small

packets from the network transmitted by other
computers and reading the data content in
102 search of any type of information is ____ Phishing Sniffing attack Scams Exploits
 _________ is the action of recording the keys
struck on a keyboard, typically covertly, so that
the person using the keyboard is unaware that
103 their actions are being monitored. Denial of service Exploits Scams Keylogging
Fear of losing Fear of the
104 What is ransomware based on? Fear of hackers important files Internet Fear of spyware
Limited to small Are not used
105 Switches are networks Inefficient presently Better than hub

Which of the following device copies electrical

106 signals from one ethernet to another? Bridge Repeater Hub Passive hub
Which of the following items is not used in
107 Local Area Connections(LAN)? computer modem printer cable
108 Speed of Ethernet is? 64Kbps 64Mbps 10Kbps 10Mbps
A ___________ is basically all of the
components, hardware and software, involved
in connecting computers across small and large
109 distances. LAN WAN network SAN
A _________ uses Gigabit Ethernet as a media
110 type WAN LAN MAN All
A _________ is a network that provides a
secure connection from a company to other
111 business partners. Intranet Extranet Internet All The Above

112 The TCP/IP protocol stack has ________ layers. 3 5 6 7

Provides for
Which of the following is not true concerning reliable Uses windowing Multiplexes Is more efficient
113 TCP? connections for flow control applications than UDP
Which of the following is a Network layer
114 protocol for the TCP/IP protocol stack? TCP UDP ICMP None of these
115 A Class A address has _________ host bits. 8 16 20 24

116 191.75.39.24 is a Class __________ address. A B C None of the Above

117 172.16.240.256 is a class __________ address. A B C None of the Above

118 Telnet protocol is an example of Application layer Presentation layer transport layer None of the Above

119 A device operating at the network layer is ? bridge Router repeater Hub
The performance of a data communication The number of The transmission The hardware and
120 network depends on users media software All of the Above

121 Which device operates at a physical layer? Bridge Router repeater Switch
Connection
122 UDP is __________ protocol Connectionless oriented neither Both
The physical Layer most popularly used in wired
123 LANs nowadays uses UTP cables STP cables coaxial cables Radio frequency

124 Which layer defines the physical topology? Transport Network Data Link Physical

125 Which of the following is a hashing algorithm? AES MD5 DES PGP
time-efficiency and reduce network
126 VLANs provides security traffic both a and b None of the Above
Membership in a VLAN can be based on
127 _________. port numbers MAC addresses A&B none
 Which of the following is not an option of the
128 security tringle Security Ease of use Functionality Cost

You have received an email from

techsupport@bankofamerica.com asking you
to login to internet banking. You suspect if this Using email Using email
email is from some malicious hacker. How to headers with mail Replying back to Contact the bank address with mail
129 check if this email is really from the bank or not analyzer software the email sender customer service analyzer software
John is scanning network IP addresses of
freeapps.com using angry IP Scanner but
couldn't find any live host. What could be the
130 reason for this? All hosts are OFF ICMP is blocked TCP is blocked UDP is blocked

John is scanning open ports on freeapps.com

and found ports 137, 139 & 445 open. Which
131 Operating System is installed on the server? Solaris Machintosh Redhat Linux Windows
How are user account passwords saved in Encrypted Hash value of Clear-text Encrypted hash
132 windows operating system password password password password
Capture mouse Capture Remote client
133 Which of these is not a function of keylogger Capture keystrokes clicks screenshots access
which of these protocols can be vulnerable to
134 man-in-the-middle attacks tcp arp udp icmp
AA-AA-AA-AA-AA-
135 What is Broadcast MAC Address ? EE-EE-EE-EE-EE-EE FF-FF-FF-FF-FF-FF AA None of above
136 What is Broadcast IP Address ? 127.0.0.1 255.0.0.0 255.255.0.0 255.255.255.255
Term that enables a user to have a large set of
addresses internally and one address externally Network Address Network Address
137 is called Translation Table Subnetting Classnet
In IPv4 Addresses, every Network Address
138 Translation router has a Mask address NAT address Router table translation table
What is the option type to be set in nslookup to
139 check for email servers? set type=a set type=ns set type=soa set type=mx
Which of the following is not an option of the
140 security triangle security ease of use Functionality Cost

Steve is footprinting freeapps.com domain but

cannot find any contact details about the
organization in their webpage. How can Steve access Call the
141 find the contact details? access Archive.org access whois.net netcraft.com Organization

Which of the following applications display the

available resources on a host along with details
142 like IP Address and MAC address etc., Mylanviewer Angry IP Scanner Mega Ping Super Scan
Which among these is not a vulnerability Shadow security
143 scanner Retina scanner Nessus Super Scan
Where are user name and passwords saved in
144 windows operating system System32 folder SAM file Windows folder Windows dll
Password hashes in SAM file can be cracked
145 using which of these applications L0ptcrack Opcrack Cain& Able A&B
Opcrack application uses bruteforce to crack
146 passwords TRUE FALSE
Hydra application is used to crack login
passwords for different protocols, what method Dictionary based
147 is used to crack the passwords Bruteforce attack Hybrid attack attack None
How to prevent MAC Spoofing and MAC Configure Port Configure port Configure
148 Flooding attacks against a switch security mirroring spanning tree Configure CDP
 Which type of virus is targeted at Microsoft
149 office packages Macro virus Stealth virus Polymorphic virus Multipart virus

What is the name of the virus that deletes all

the contents of user document files without
150 erasing the actual file is called Nexym.E Chernobyl Happy birthday None

What is the name of the virus that formats the

151 C: drive of a computer is called Nexym.E Chernobyl Happy birthday None
How does windows operating system protect a Cleat text
152 user password One-way hash Encryption password None

Jane has a powerpoint presentation with

password protection, jane tries to crack the
password of the file using some passwords in a Dictionary based
153 file. What is this method called. attack Bruteforce attack Hybrid attack Password guessing
Port 25 on a server is found to be open in nmap Web server is telnet server is mail server is dns server is
154 scan, what does it mean configured configured configured configured
Based on
Based on attack Based on virus vulnerabilities of Based on open
155 How does an IPS device identify the attack signatures signatures system ports
Secure Set
Secure Service Independent Secure Set Service Set
156 SSID stands for – Identifier Device Identifier Identifier
Installation of third party applications are
prohibited on many company hardware devices
such as laptops, mobiles, etc.' Which Mobile
Device security category of implementation None of the
157 does this fall under? Barrier security Traffic security Device security mentioned

Visual Performance Virtual Private Virtual Post

158 VPN stands for – Node Network Virtual Post Node Network
Which phase of hacking performs actual attack
159 on a network or system? Reconnaissance Maintaining Access Scanning Gaining Access
What type of rootkit will patch, hook, or
replace the version of system call in order to Library level Kernel level System level Application level
160 hide information? rootkits rootkits rootkits rootkits

To overload a
What is the purpose of a Denial of Service Exploit a weakness To execute a system so it is no To start services by
161 attack? in the TCP/IP stack Trojan on a system longer operational turning them on
Changing
manufacturer, or Balancing security
recommended, Additional unused concerns with
What are some of the most common settings of a newly features on Utilizing open functionality and
vulnerabilities that exist in a network or installed commercial source application ease of use of a
162 system? application. software packages. code system.

163 What is the sequence of a TCP connection? SYN-ACK-FIN SYN-SYN ACK-ACK SYN-ACK SYN-SYN-ACK

The first phase of hacking an IT system is

164 compromise of which foundation of security? Availability Confidentiality Integrity Authentication
 Identify all TCP
Installing and Comparing the TTL sessions that are
configuring a IDS values of the actual Implementing a initiated but does
that can read the IP and spoofed firewall to the not complete
165 How is IP address spoofing detected? header addresses network successfully
Performing hacking activities with the intent on
gaining visibility for an unfair situation is called
166 ________. Cracking Analysis Hacktivism Exploitation
What is the most important activity in system Information Cracking Escalating
167 hacking? gathering passwords privileges Covering tracks

168 A packet with no flags set is which type of scan? TCP XMAS IDLE NULL
169 Types of Sniffing Active Passive A&B none
TELNET,FTP,TFTP protocols fall in the following
170 layer of OSI model Transport Layer Presentation layer Application layer Data Link layer
Updating and
Node-to-Node Process-to-process maintanance of
171 The main function of Transport layer is delivery delivery Synchronization routing table
The layer responsible for end to end delivery of
172 the entire message is Network layer Transport Layer Session layer Application layer
In OSI model,which of the following layer
173 provides error-free delivery of data ? Network layer Transport Layer Session layer Application layer
Which of the following is not an example of
174 standard at the data link layer HDLC ADCCP TCP None of the Layer

When a router needs to send a packet destined

175 for another network, it must know the Datagram Medium Path Flow IP Address
176 What do you use the Aux port for? Console Terminal editing Modem Backup logging

Forwards the Sends it back out

What does a router do with a packet that it Sends it to the packet to the next the same interface
177 does not have a destination network for? Serial port Drops the packet hop it received it in
178 What TCP port is used by Telnet? 80 110 23 72

179 What TCP port is used to filter out Web traffic? 60 21 80 23

180 What port does secure HTTP use? 8080 22 442 443
What port does DNS use for connection
181 attempts? 22 24 53 442
182 FTP uses port ____ for the control port. 20 21 22 23
183 What is not an encryption standard ? AES TES Triple DES DES
Which of the following are forms of malicious Theft of Modification of Wiping of All of the
184 attack ? information data information mentioned
File sharing and
185 What are common security threats ? File Shredding permission File corrupting File integrity
From the following, which is not a common file
186 permission ? Write Execute Stop Read
Which of the following is least secure method
187 of authentication ? Key card fingerprint retina scan Password

Something you: Something you:

188 What are the three types of authentication? show, have, prove have, know, are

Which of the following algorithms provides

better protection against brute force attacks by
189 using a 160-bit message digest? MD4 MD5 RC4 SHA1
 In order to show improvement of security over Taxonomy of
190 time, what must be developed? Metrics Reports Testing tools vulnerabilities

They are fast, They enforce

flexible, and have They are fast and They are high- strong user
little impact on flexible, and resolution source authentication and
What is the biggest advantage of using packet network protect against IP discrimination and audit log
191 filtering routers? performance spoofing identification tools generation
Which of the following processes evaluates the
adherence of an organization to its stated Vulnerability Penetration
192 security policy? assessment Security auditing testing Risk assessment

The root CA is used

to encrypt email The root CA is the
messages to The root CA stores recovery agent
Which of the following defines the role of a prevent the user's hash used to encrypt The CA is the
root Certificate Authority (CA) in a Public Key unintended value for data when a user's trusted root that
193 Infrastructure (PKI)? disclosure of data safekeeping certificate is lost issues certificates
Computers
establish a
connection with a
proxy firewall Firewall proxy Firewall proxy
which initiates a servers servers
new network decentralize all decentralize all
Which of the statements concerning proxy connection for the activity for an activity for an
194 firewalls is correct? client application application none

When creating a security program, which

approach would be used if senior management A top-down A top-down An IT assurance A senior creation
195 is supporting and enforcing the security policy? approach approach approach approach

Which of the following ensures that updates to

policies, procedures, and configurations are Regulatory Change
196 made in a controlled and documented fashion? Penetration testing compliance Peer review management

For messages sent through an insecure channel,

a properly implemented digital signature gives
the receiver reason to believe the message was
sent by the claimed sender. While using a
digital signature, the message digest is Receiver's private Sender's private Receiver's public
197 encrypted with which key? key key key Sender's public key

Which protocol and port number might be

needed in order to send log messages to a log
198 analysis tool that resides behind a firewall? UDP 415 UDP 541 UDP 924 UDP 514

To send a PGP encrypted message, which piece

of information from the recipient must the Master encryption Recipient's public Recipient's private
199 sender have before encrypting the message? key Sender's public key key key
A security policy will be more accepted by
employees if it is consistent and has the executive
200 support of the security officer management coworkers a supervisor

Switching in Internet is done by using datagram

201 approach to packet switching at the network layer application layer data link layer physical layer.
 Which of the following network attacks relies
on sending an abnormally large packet size that
202 exceeds TCP/IP specifications? TCP hijacking Ping of death Smurf attack SYN flooding
Which of the following techniques does a
vulnerability scanner use in order to detect a Analyzing service Injecting arbitrary
203 vulnerability on a target service? Port scanning response data Banner grabbing

A tester has been hired to do a web application

security test. The tester notices that the site is
dynamic and must make use of a back end
database. In order for the tester to see if SQL
injection is possible, what is the first character
that the tester should use to attempt breaking a
204 valid SQL request? Double quote Single quote Exclamation mark Exclamation mark
One way to defeat a multi-level security asymmetric
205 solution is to leak data via a covert channel steganography routing a bypass regulator
A security consultant decides to use multiple
layers of anti-virus defense, such as end user
desktop anti-virus and E-mail gateway. This
approach can be used to mitigate which kind of Social engineering ARP spoofing
206 attack? Scanning attack attack Forensic attack attack
While scanning for live hosts using Angry IP
Scanner steve did not find any live hosts and
determined to go with TCP scan to find the live
hosts. Which option in nmap can be used for
207 finding live hosts Tcp rst scan Udp syn scan Tcp ack scan Tcp syn scan
Configure port Configure Clear ARP entries
208 How to defend against ARP spoofing Configure Trunk security spanning tree regularly

An attacker sends a TCP SYN message to a

server and receives SYN/ACK from the server
but doesn't send the ACK response. What is this Half-closed TCP Half-Open TCP
209 state of the server called session Malformed session session Open connection

Stephen receives an email stating that there is a

problem with the bank server and some of the
customer data is missing. The mail is asking
Stephen to click on the internet banking link to
verify if all his details are available or not.
Stephen clicks on the link provided in email and
provides login details in the internet banking
portal but is being redirected back to the same
210 login portal again. What kind of attack is this Keylogging attack Sniffing attack Phishing attack Malware attack
Which switching technology reduces the size of
211 a broadcast domain? ISL 802.1Q VLANs STP
What is the location of SAM file in windows Windows/system3 Windows/system3 Windows/system3 C:/Users/{User
212 operating system 2/config 2/SAM 2/settings Profile}/SAM

An application was designed to connect back to

an IP address 119.218.47.128 when executed
on any linux system of a user. What is this Reverse UDP Reverse TCP Reverse proxy
213 connection method called Web connect connection connection connection
Which among these software can be used for IP
214 scanning in kali linux dmitry sub domainer net discover net reconsuire
 How does a security administrator identify an
215 incident Firewall log Anti-malware logs IPS logs All The Above
Which among these is an opensource SIEM
216 application Alienvault OSSIM HP ArcSight IBM Qradar McAfee endpoint

217 Which among these is not a SIEM application Alienvault OSSIM HP ArcSight IBM Qradar McAfee endpoint
Which website can be used to find the location whatismyipaddres
218 where a server has been hosted? whois.net technicalinfo.net s.com google.com
Recommending
Which of the following is not a job of an ethical Auditing the Patching the the security
219 hacker Network Vulnerabilities patches None of above
Which website can be used to find information
about a vulnerability along with the exploit and
220 solution. netcraft.com Securityfocus.com Cve.mitre.com technicalinfo.net
Administrator password can be cleared using
221 hiren's boot cd TRUE FALSE
Cisco password Cisco level 7 Windows user Linux user
222 Tomas can be used to crack which passwords hashes passwords passwords passwords
keylogger can be classified into what category
223 of malware virus worm adware spyware
Promiscuous mode is useful to capture
passwords, which application is used to enable
224 promiscuous mode Airpcap Winpcap Tcpdump None
Use a non- Use a numeric
How to defend against dictionary based dictionary word as character as Use a simple
225 password cracking attacks password password password None

Which of the following programming languages

226 is most vulnerable to buffer overflow attacks? Java Python C++ Perl
Which networking protocol maps a MAC
227 address to IP address ICMP ARP HTTP UDP
Destructive in Cannot multiply in Cannot spread Slows down the
228 Which of this is not a property of virus nature number across a network computer
To protect data exchanged over a public
network we encrypt the traffic. What are the Symmetric and
two different types of encryption methods Physical key asymmetric key
229 used. encryption encryption Hash encryption Vpn key encryption
How can a hacker distribute malware to the
230 victims Download links Torrents None ALL
Metasploit framework is an advanced
penetration testing tool in backtrack and kali
linux. Metasploit framework has been written
231 in which language Ruby Perl Python Java
Metasploit framework is an advanced
penetration testing tool in backtrack and kali
linux. Metasploit framework depends on which
232 database application Oracle Db2 Postgresql Access

How is password cracking generally classified Online and Offline Stealth password Active password passive password
233 into password cracking cracking cracking cracking
How to detect the missing security patches and Using windows Using belarc
234 updates on a windows pc update advisor Using ccleaner Using anti-virus

235 Belarc advisor is a free software used to identify Virus infections Keyloggers Open ports Running services
236 Phishing is a form of ____________________. Spamming Identify Theft Impersonation Scanning
HTTP is a easy
To identify proxy Web activity is not To bypass a protocol to work
237 Why would HTTP Tunneling be used? servers scanned firewall with

In _________________ attacks, the attacker

manages to get an application to execute an
238 SQL query created by the attacker. SQL injection Sniffing attack Direct Application

Even with two-factor authentication, users may

239 still be vulnerable to_____________attacks. Radiant Cross attack scripting Man-in-the-middle
Both Hash tables
240 Key value pairs is usually seen in Hash tables Heaps and Heaps Skip list

An attack between
the time a new
software
vulnerability is
discovered and the An attack on the An attack on the
time a patch for first day a software first day a
Which of the following is known as a zero-day fixing the problem program is software program
241 attack? is released. released. is released. None of the above.

What process does a ransomware hacker Encrypting Moving operating Deleting key Copying a users
242 perform on a user's system? important files system data system data personal data
_________ describe(s) users working from
243 home. SOHO Branch Office Regional Office Corporate Office
Which of the following is a valid subnet mask
244 value? 255.0.255.255 0.0.0.255 255.255.254.0 255.255.255.256
_______ are rules that govern a communication
245 exchange media Interfaces protocols All of the Above

246 Encryption and Decryption are functions of Transport Layer Session Layer Presentation Layer Network Layer
247 Flow control in OSI model is done by Data Link Layer Session Layer Transport Layer Network Layer

248 In respect of OSI model, LANs implement Lower two layers All Seven layers Upper five layers Session layer
UDP in the INTERNET protocol suite is related
249 to layer 4 Layer3 Layer2 layer1
The Media access Control sublayer resides in
250 which layer Transport Layer Network layer Physical layer Data Link layer