GIAC GSNA v2018-06-01 q400

GIAC.GSNA.v2018-06-01.
q400
Exam Code: GSNA

Exam Name: GIAC Systems and Network Auditor
Certification Provider: GIAC
Free Question Number: 400
Version: v2018-06-01
# of views: 781
# of Questions views: 75674
https://www.freecram.net/torrent/GIAC.GSNA.v2018-06-01.q400.html
NEW QUESTION: 1
You work as a Network Analyst for XYZ CORP. The company has a Unix-based network. You
want to view the directories in alphabetical order.
Which of the following Unix commands will you use to accomplish the task?
Answer:
C is incorrect. In Unix, the cp command is used for copying files.
NEW QUESTION: 2
DRAG DROP
You are developing a business solution for Haynes Super Leather Inc. A case study for the
organization is given in the exhibit. Based on the case study, you create different modules and
interfaces and want to define the functionality between them. Drag and drop the appropriate
functionalities that will make the interaction possible between modules and/or interfaces. Here,
functionalities can be repetitive.
(Click the Exhibit button on the toolbar to see the case study.)
Select and Place:
Answer:
Explanation/Reference:
Explanation:
The Internet through the restricted HTTP and HTTPS protocols. Therefore, the functionality
between the Corporate Intranet interface and the Internet interface in this diagram should be the
HTTP and HTTPS protocols.
In the case study, it is mentioned that the company uses a Web-based CustomerOrder
application for the existing order placement process.
Therefore, the functionality between the Corporate Intranet interface and the Customer Order
Form module in this diagram should be the Order Placement Process.
The Board of Directors wants to ensure that as soon as a customer clicks the SUBMIT button in
the customer order Web form, he is redirected to a Web page displaying the order payment
details, i.e., the customer payment Web form. Therefore, the functionality between the Customer
Order Form module and the Customer Payment Form module in this diagram should be the Order
Payment Process.
It is very obvious that both the customer order Web form and the customer payment Web form
will interact with the Internet through a client Web browser. Therefore, the functionality between
the Internet interface and the Customer Order Form and Customer Payment Form modules in this
diagram should be the Client Web Browser.
NEW QUESTION: 3
Martha works as a Web Developer for XYZ CORP. She is developing a Web site for the
company. In the Web site, she uses multiple and overlapping style definitions to control the
appearance of HTML elements.
What is this technique known as?
Answer:
A is incorrect. A style sheet is a set of additional tags used to describe the appearance of
individual HTML tags. These tags can
NEW QUESTION: 4
You work as a programmer for uCertify.Inc. You have a session object named session1 with an
attribute named Attribute1, and an HttpSessionBindingEvent object binding1 bound to session1.
Which of the following will be used to retrieve Attribute1?
A. Object obj=binding1.getSession().getAttribute("Attribute1");
B. Object obj=binding1.getAttribute("Attribute1");
C. Long MyAttribute=session1.getAttribute("Attribute1");
D. Object obj=session1.getAttribute("Attribute1");
E. Stringstr1=session1.getAttribute("Attribute1");
Answer: (SHOW ANSWER)
Explanation:
The following two code are used to retrieve Attribute1:
1.Object obj=session1.getAttribute("Attribute1"); The getAttribute() method is used to retrieve the
bound object with the specified name in this session, or null if no object is bound under the name.
2.Object obj=binding1.getSession().getAttribute("Attribute1"); The getSession() gets the current
valid session associated with this request. a String object.
B is incorrect. The HttpSessionBindingEvent object cannot use the getAttribute() method.
NEW QUESTION: 5
You work as a Network Administrator for ABC Inc. The company uses a secure wireless network.
John complains to you that his computer is not working properly. What type of security audit do
you need to conduct to resolve the problem?
Answer:
A is incorrect. It is not a valid type of security audit.
NEW QUESTION: 6
Anonymizers are the services that help make a user's own Web surfing anonymous. An
anonymizer removes all the identifying information from a user's computer while the user surfs
the Internet. It ensures the privacy of the user in this manner. After the user anonymizes a Web
access with an anonymizer prefix, every subsequent link selected is also automatically accessed
anonymously.
Which of the following are limitations of anonymizers?
A. ActiveX controls
B. Plugins
C. Secure protocols
D. Java applications
E. JavaScript
Explanation:
Anonymizers have the following limitations:
1. HTTPS: Secure protocols such as 'https:' cannot be properly anonymized, as the browser
needs to access the site directly to properly maintain the secure encryption.
2.Plugins: If an accessed site invokes a third-party plugin, there is no guarantee of an established
independent direct connection from the user computer to a remote site.
3.Java: Any Java application accessed through an anonymizer will not be able to bypass the Java
security wall.
4.ActiveX: ActiveX applications have almost unlimited access to the user's computer system.
5.JavaScript: The JavaScript scripting language is disabled with URL-based anonymizers.
NEW QUESTION: 7
Which of the following statements about a perimeter network are true? (Choose three)
A. It has a connection to the Internet through an external firewall and a connection to an internal
network through an interior firewall.
B. It has a connection to a private network through an external firewall and a connection to an
internal network through an interior firewall.
C. It is also known as a demilitarized zone or DMZ.
D. It prevents access to the internal corporate network for outside users.
Explanation:
A perimeter network, also known as a demilitarized zone or DMZ, is a small network that lies in
between the Internet and a private network. It has a connection to the Internet through an external
firewall and a connection to the internal network through an interior firewall. It allows outside
users access to the specific servers located in the perimeter network while preventing access to
the internal corporate network.
Servers, routers, and switches that maintain security by preventing the internal network from
being exposed on the Internet are placed in a perimeter network. A perimeter network is
commonly used for deploying e-mail and Web servers for a company.
NEW QUESTION: 8
Which of the following statements are true about data aggregation?
Answer:
B is incorrect. Data aggregation can be user-based. Personal data aggregation services offer the
user a single point for collection of their personal information from other Web sites. The customer
uses a single master personal identification number (PIN) to give them access to their various
accounts (such as those for financial institutions, airlines, book and music clubs, and so on).
Performing this type of data aggregation is sometimes referred to as "screen scraping."
NEW QUESTION: 9
Which of the following is an Internet mapping technique that relies on various BGP collectors that
collect information such as routing updates and tables and provide this information publicly?
Answer:
A is incorrect. Path MTU discovery (PMTUD) is a technique in computer networking for
determining the maximum transmission unit (MTU) size on the network path between two Internet
Protocol (IP) hosts, usually with the goal of avoiding IP fragmentation. Path MTU discovery works
by setting the DF (Don't Fragment) option bit in the IP headers of outgoing packets. Then, any
device along the path whose MTU is smaller than the packet will drop it, and send back an ICMP
"Fragmentation Needed" (Type 3, Code 4) message containing its MTU, allowing the source host
to reduce its path MTU appropriately. The process repeats until the MTU is small enough to
traverse the entire path without fragmentation. If the path MTU changes after the connection is
set up and is lower than the previously determined path MTU, the first large packet will cause an
ICMP error and the new, lower path MTU will be found. Conversely, if PMTUD finds that the path
allows a larger MTU than what is possible on the lower link, the OS will periodically reprobe to
see if the path has changed and now allows larger packets. On Linux this timer is set by default to
ten minutes.
NEW QUESTION: 10
Answer:
D is incorrect. SocketShield provides a protection shield to a computer system against malware,
viruses, spyware, and various types of keyloggers. SocketShield provides protection at the
following two levels:
1. Blocking: In this level, SocketShield uses a list of IP addresses that are known as purveyor of
exploits.
All http requests for any page in these domains are simply blocked.
2.Shielding: In this level, SocketShield blocks all the current and past IP addresses that are the
cause of unauthorized access.
NEW QUESTION: 11
Which of the following statements are true about the Enum tool?
A. It uses NULL and User sessions to retrieve user lists, machine lists, LSA policy information,
etc.
B. It is capable of performing brute force and dictionary attacks on individual accounts of
Windows NT/2000.
C. One of the countermeasures against the Enum tool is to disable TCP port 139/445.
D. It is a console-based Win32 information enumeration utility.
Explanation:
Enum is a console-based Win32 information enumeration utility. It uses null sessions to retrieve
user lists, machine lists, share lists, namelists, group and member lists, passwords, and LSA
policy information. It is also capable of performing brute force and dictionary attacks on individual
accounts. Since the Enum tool works on the NetBIOS NULL sessions, disabling the NetBIOS port
can be a good countermeasure against the Enum tool.
NEW QUESTION: 12
John works as a professional Ethical Hacker. He has been assigned the project of testing the
security of www.we-are-secure.com. He wants to use Kismet as a wireless sniffer to sniff the We-
are-secure network.
Which of the following IEEE-based traffic can be sniffed with Kismet?
A. 802.11g
B. 802.11n
C. 802.11b
D. 802.11a
Explanation:
Kismet can sniff IEEE 802.11a, 802.11b, 802.11g, and 802.11n-based wireless network traffic.
NEW QUESTION: 13
You work as the Network Administrator for XYZ CORP. The company has a Unix-based network.
You want to identify the list of users with special privileges along with the commands that they
can execute.
Which of the following Unix configuration files can you use to accomplish the task?
Answer:
C is incorrect. In Unix, the /proc/modules file shows the kernel modules that are currently loaded.
NEW QUESTION: 14
You have just taken over as the Network Administrator for a medium sized company. You want to
check to see what services are exposed to the outside world.
What tool would you use to accomplish this?
Answer:
D is incorrect. Packet sniffers are used to intercept traffic and to detect the contents of that traffic.
NEW QUESTION: 15
The routing algorithm uses certain variables to create a metric of a path. It is the metric that
actually determines the routing path.
In a metric, which of the following variables is used to define the 'largest size' of a message that
can be routed?
A. Load
B. MTU
C. Hop count
D. Bandwidth
Explanation:
The routing algorithm uses certain variables to create a metric of a path. It is the metric that is
actually used for path determination. Variables that are used to create a metric of a path are as
follows:
Hop count: It is the total number of routers that a data packet goes through to reach its
destination.
Cost: It is determined by the administrator or calculated by the router.
Bandwidth: It is defined as the bandwidth that the link provides.
Maximum transmission unit (MTU): It is the largest message size that a link can route.
Load: It states the amount of work the CPU has to perform and the number of packets the CPU
needs
to analyze and make calculations on.
NEW QUESTION: 16
Which TCP and UDP ports can be used to start a NULL session attack in NT and 2000 operating
systems?
A. 149 and 133
B. 203 and 333
C. 139 and 445
D. 198 and 173
Explanation:
A null session is an anonymous connection to a freely accessible network share called IPC$ on
Windows- based servers. It allows immediate read and write access with Windows NT/2000 and
read-access with Windows XP and 2003. The command to be inserted at the DOS-prompt is as
follows: net use \\IP address_or_host name\ipc$ "" "/user:" net use Port numbers 139 TCP and
445 UDP can be used to start a NULL session attack.
Valid GSNA Dumps shared by PassTestKing.com for Helping Passing GSNA Exam!
PassTestKing.com now offer the newest GSNA exam dumps, the PassTestKing.com GSNA
exam questions have been updated and answers have been corrected get the newest
PassTestKing.com GSNA dumps with Test Engine here:
https://www.passtestking.com/GIAC/GSNA-practice-exam-dumps.html (368 Q&As Dumps,
35%OFF Special Discount Code: freecram)
NEW QUESTION: 17
You want to make changes on a per-directory basis.
Answer:
D is incorrect. In Unix, the /var/log/btmp file is used to store information about failed logins.
NEW QUESTION: 18
Which of the following encryption modes are possible in WEP?
Answer:
C is incorrect. WEP does not support 256 bit encryption.
NEW QUESTION: 19
You want to append a tar file if the on-disk version of the tar file has a modification date more
recent than its copy in the tar archive.
Which of the following commands will you use to accomplish the task?
Answer:
C is incorrect. The tar -c command is used to create a new archive of specified files.
NEW QUESTION: 20
Answer:
A is incorrect. The analysis of risk does not ensure absolute safety. The main purpose of using a
risk-based audit strategy is to ensure that the audit adds value with meaningful information.
NEW QUESTION: 21
You work as a Network Architect for Tech Perfect Inc. The company has a TCP/IP based
Enterprise network. The company uses Cisco IOS technologies in the Enterprise network. You
have enabled system message logging (syslog) service on all the routers that are currently
working in the network. The syslog service provides all the reports, and important error and
notification messages. You want to store all the reports and messages.
Choose the locations where you can store all of these.
Answer:
A is incorrect. You cannot store syslog messages in the auxiliary line.
NEW QUESTION: 22
Which of the following is Microsoft's implementation of the file and application server for the
Internet and private intranets?
A. Internet Server Service (ISS)
B. Internet Server (IS)
C. WWW Server (WWWS)
D. Internet Information Server (IIS)
Explanation:
Microsoft Internet Information Server (IIS)is a Web Application server for the Internet and private
intranets.
IIS receives requests from users on the network using the World Wide Web (WWW) service and
transmits information using the Hypertext Transport Protocol (HTTP). IIS uses Microsoft
Transaction Server (MTS) to provide security, performance, and scalability with server side
packages.
NEW QUESTION: 23
Which of the following functions are performed by methods of the HttpSessionActivationListener
interface?
Answer:
B, C are incorrect. These functions are performed by the HttpSessionBindingListener interface.
The HttpSessionBindingListener interface causes an object of the implementing class to be
notified when it is added to or removed from a session. The HttpSessionBindingListener interface
has the following methods:
public void valueBound(event): This method takes an object of type HttpSessionBindingEvent as
an
argument. It notifies the object when it is bound to a session.
public void valueUnbound(HttpSessionBindingEvent event): This method takes an object of type
HttpSessionBindingEvent as an argument. It notifies the object when it is unbound from a
session.
NEW QUESTION: 24
What will be the output of the following command? echo $(date %M) > date.txt
A. The current time (Month) will be written in the date.txt file.
B. It will create a variable $(date %M).
C. It will print a string "date %M".
D. The current time (Minutes) will be written in the date.txt file.
Explanation:
The date command with the %M specifier prints the current time (Minutes). Since the output is
redirected towards the date.txt file, the current time (Minutes) will be printed in the date.txt file.
NEW QUESTION: 25
You are concerned about possible hackers doing penetration testing on your network as a
prelude to an attack.
What would be most helpful to you in finding out if this is occurring?
A. Examining your antivirus logs
B. Examining your domain controller server logs
C. Examining your firewall logs
D. Examining your DNS Server logs
Explanation:
Firewall logs will show all incoming and outgoing traffic. By examining those logs, you can do port
scans and use other penetration testing tools that have been used on your firewall.
NEW QUESTION: 26
Which of the following is an enterprise-grade network/application/performance monitoring
platform that tightly integrates with other smart building management systems, such as physical
access control, HVAC, lighting, and time/attendance control?
Answer:
B is incorrect. Andrisoft WANGuard Platform offers solutions for various network issues such as
WAN links monitoring, DDoS detection and mitigation, traffic accounting, and graphing.
NEW QUESTION: 27
You work as a Java Programmer for JavaSkills Inc. You are working with the Linux operating
system.
Nowadays, when you start your computer, you notice that your OS is taking more time to boot
than usual.
You discuss this with your Network Administrator. He suggests that you mail him your Linux
bootup report.
Which of the following commands will you use to create the Linux bootup report?
A. touch bootup_report.txt
B. dmesg > bootup_report.txt
C. dmesg | wc
D. man touch
Explanation:
According to the scenario, you can use dmesg > bootup_report.txt to create the bootup file. With
this command, the bootup messages will be displayed and will be redirected towards
bootup_report.txt using the > command.
NEW QUESTION: 28
eBox Platform is an open source unified network server (or a Unified Network Platform) for SMEs.
In which of the following forms can eBox Platform be used?
Answer:
D is incorrect. eBox Platform cannot act as a sandbox. A sandbox is a security mechanism for
separating running programs. It is often used to execute untested code, or untrusted programs,
from unverified third-parties, suppliers, and untrusted users.
NEW QUESTION: 29
HOTSPOT
You work as a Network Administrator for uCertify Inc. The company's Windows 2000-based
network is configured with Internet Security and Acceleration (ISA) Server 2000. All clients on the
network run Windows 2000 Professional. The company policy prevents you from installing the
Firewall Client software or configuring the Web Proxy service on any client computer. You
configure access policy rules to allow all the users to use the HTTP protocol for accessing all
Internet sites. However, users on the network report that they are unable to do so.
Mark the option that is configured incorrectly.
Hot Area:
Answer:
Explanation:
The company policy states that you cannot install the Firewall Client software or configure the
Web Proxy service on any client computer. Therefore, you will have to configure all client
computers as SecureNAT clients. The users are unable to access Internet Web sites because
you have enabled the Ask unauthenticated users for identification check box. SecureNAT clients
do not provide user name or computer name information to ISA Server when making requests.
Hence, all SecureNAT client requests are denied.
To resolve the issue, you will have to disable the Ask unauthenticated users for identification
check box.
NEW QUESTION: 30
A. vi data.txt.* > data.txt

B. less data.txt.* > data.txt
C. vi data.txt.*
D. cat data.txt.* > data.txt
Explanation:
The cat data.txt.* command will display both the splitted files, and the > command will redirect the
output into a new data.txt file.
NEW QUESTION: 31
Sarah works as a Web Developer for XYZ CORP. She is creating a Web site for her company.
Sarah wants greater control over the appearance and presentation of Web pages. She wants the
ability to precisely specify the display attributes and the appearance of elements on the Web
pages.
How will she accomplish this?
A. Use the Database Design wizard.
B. Make two templates, one for the index page and the other for all other pages.
C. Use Cascading Style Sheet (CSS).
D. Make a template and use it to create each Web page.
Explanation:
Sarah should use the Cascading Style Sheet (CSS) while creating Web pages. This will give her
greater control over the appearance and presentation of the Web pages and will also enable her
to precisely specify the display attributes and the appearance of elements on the Web pages.
NEW QUESTION: 32
Which of the following services are provided by the proxy servers?
A. Intrusion detection
B. Logging
C. Hiding network resources
D. Caching
Explanation:
A proxy server is a very important element for firewall applications. The services that it provides
are as follows:
Hide network resources: Proxy replaces the network IP address with a single IP address. Multiple
systems can use a single IP address.
Logging: A proxy server can log incoming and outgoing access, allowing a user to see every
possible details of successful and failed connections.
Cache: A proxy server can save information obtained from the Internet. It regularly updates these
copies and automatically shows these pages, and will thus not need to access the Internet to view
them.
NEW QUESTION: 33
Which of the following statements is NOT true about FAT16 file system?
Answer:
C, D are incorrect. All these statements are true about FAT16 file system.
NEW QUESTION: 34
Mark works as a project engineer in Tech Perfect Inc. His office is configured with Windows XP-
based computers. The computer that he uses is not configured with a default gateway. He is able
to access the Internet, but is not able to use e-mail services via the Internet. However, he is able
to access e-mail services via the intranet of the company.
Which of the following could be the reason of not being able to access e-mail services via the
Internet?
Answer:
C is incorrect. A router is a device that routes data packets between computers in different
networks. It is used to connect multiple networks, and it determines the path to be taken by each
data packet to its destination computer. A router maintains a routing table of the available routes
and their conditions. By using this information, along with distance and cost algorithms, the router
determines the best path to be taken by the data packets to the destination computer. A router
can connect dissimilar networks, such as Ethernet, FDDI, and Token Ring, and route data
packets among them. Routers operate at the network layer (layer 3) of the Open Systems
Interconnection (OSI) model.
NEW QUESTION: 35
You work as a Network Administrator for Infonet Inc. The company's network has an FTP server.
You want to secure the server so that only authorized users can access it.
What will you do to accomplish this?
Answer:
C is incorrect. Disabling the network adapter on the FTP server will disconnect the server from
the
network.
NEW QUESTION: 36
John works as a Network Administrator for We-are-secure Inc. The We-are-secure server is
based on Windows Server 2003. One day, while analyzing the network security, he receives an
error message that Kernel32.exe is encountering a problem. Which of the following steps should
John take as a countermeasure to this situation?
Answer:
A, B are incorrect. Since kernel.exe is not a real kernel file of Windows, there is no need to repair
or download any patch for Windows Server 2003 from the Microsoft site to repair the kernel. Note:
Such error messages can be received if the computer is infected with malware, such as
Worm_Badtrans.b, Backdoor.G_Door, Glacier Backdoor, Win32.Badtrans.29020, etc.
NEW QUESTION: 37
You work as a Network Administrator for Tech Perfect Inc. You have a laptop running Windows
Vista Ultimate. You want to configure Windows Defender on your laptop so that it does not take
any action automatically whenever it scans malicious software. Rather, it should recommend the
action and wait for your approval for taking any action.
Which of the following actions will you take to accomplish the task?
A. Clear the Use real-time protection check box in Defender Options
B. Clear the Automatically scan my computer check box in Defender Options
C. Select the Create a restore point before applying action to detected items check box in
Defender Options
D. Clear the Apply default actions to items detected during a scan check box in Defender Options.
Explanation:
According to the question, you want to prevent Windows Defender from taking any action
automatically during the scanning of your laptop. In order to accomplish this, you will have to clear
the Apply default actions to items detected during a scan check box in Defender Options.
If you clear the Applydefault actions to items detected during a scan check box, it will result in
Windows Defender only recommending an action to take for detected malicious software.
NEW QUESTION: 38
The SALES folder has a file named XFILE.DOC that contains critical information about your
company. This folder resides on an NTFS volume. The company's Senior Sales Manager asks
you to provide security for that file. You make a backup of that file and keep it in a locked
cupboard, and then you deny access on the file for the Sales group. John, a member of the Sales
group, accidentally deletes that file. You have verified that John is not a member of any other
group. Although you restore the file from backup, you are confused how John was able to delete
the file despite having no access to that file. What is the most likely cause?
Answer:
B, D are incorrect. The Deny Access permission works on files.
NEW QUESTION: 39
Which of the following methods is used to get a cookie from a client?
Note: Here, request is a reference of type HttpServletRequest, and response is a reference of
type HttpServletResponse.
Answer:
D is incorrect. The getCookies() method is present in the HttpServletRequest interface and not in
the HttpServletResponse interface.
NEW QUESTION: 40
A. It is a duplicate of the original site of the organization, with full computer systems as well as
near- complete backups of user data.
B. It is the most inexpensive backup site.
C. It can be used within an hour for data recovery.
D. It is cheaper than a coldsite but more expensive than a worm site.
Explanation:
A hot site is a duplicate of the original site of the organization, with full computer systems as well
as near- complete backups of user data. A hot site can be used within an hour for data recovery.
The capacity of the hot site may or may not match the capacity of the original site depending on
the organization's requirements. This type of backup site is the most expensive to operate. Hot
sites are popular with organizations that operate real time processes such as financial institutions,
government agencies, and ecommerce providers. the original site. A cold site is the most
inexpensive type of backup site for an organization to operate since it does not include backed up
copies of data and information from the original location of the organization, nor does it include
hardware already set up. A warm site is, quite logically, a compromise between hot and cold in
terms of resources and cost.
NEW QUESTION: 41
You work as a Network Administrator for XYZ CORP. The company has a Windows-based
network. You want to configure the ACL with a Cisco router.
Which of the following router prompts can you use to accomplish the task?
A. router(config-if)#
B. router(config)#
C. router(config-ext-nacl)#
D. router#
Explanation:
The auditor of a Cisco router should be familiar with the variety of privilege modes. The current
privilege mode can be quickly identified by looking at the current router prompt. The prime modes
of a Cisco router are as follows:
#Nonprivileged mode: router>
#Priviledged mode: router#
#Global configuration mode: router(config)#
#Interface configuration mode: router(config-if)#
#ACL configuration mode: router(config-ext-nacl)#
#Boot loader mode: router(boot)
#Remote connectivity config mode: router(config-line)#
NEW QUESTION: 42
Mark implements a Cisco unified wireless network for Tech Perfect Inc. Which functional area of
the Cisco unified wireless network architecture includes intrusion detection and prevention?
Answer:
D is incorrect. A wireless access point (WAP) is a device that allows wireless communication
devices to connect to a wireless network using Wi-Fi, Bluetooth, or related standards. The WAP
usually connects to a wired network, and it can transmit data between wireless devices and wired
devices on the network. Each access point can serve multiple users within a defined network
area. As people move beyond the range of one access point, they are automatically handed over
to the next one. A small WLAN requires a single access point. The number of access points in a
network depends on the number of network users and the physical size of the network.
NEW QUESTION: 43
You work as an IT Technician for XYZ CORP. You have to take security measures for the
wireless network of the company. You want to prevent other computers from accessing the
company's wireless network.
On the basis of the hardware address, which of the following will you use as the best possible
method to accomplish the task?
A. RAS
B. MAC Filtering
C. SSID
D. WEP
Explanation:
MAC filtering is a security access control technique that allows specific network devices to
access, or prevents them from accessing, the network. MAC filtering can also be used on a
wireless network to prevent certain network devices from accessing the wireless network. MAC
addresses are allocated only to hardware devices, not to persons.
NEW QUESTION: 44
Pervasive IS controls can be used across all the internal departments and external contractors to
define the direction and behavior required for the technology to function properly.
When these controls are implemented properly, which of the following areas show the reliability
improvement? (Choose three)
Answer:
A is incorrect. Pervasive IS controls do not have any relation with the reliability of the hardware
development.
NEW QUESTION: 45
You work as a Software Developer for UcTech Inc. You want to create a new session.
Which of the following methods can you use to accomplish the task?
A. getNewSession(true)
B. getSession(false)
C. getSession()
D. getSession(true)
E. getNewSession()
Explanation:
The getSession() method of the HttpServletRequest interface returns the current session
associated with the request, or creates a new session if no session exists. The method has two
syntaxes as follows:
public HttpSession getSession(): This method creates a new session if it does not exist.
public HttpSession getSession(boolean create): This method becomes similar to the above
method if
create is true, and returns the current session if create is false. It returns null if no session exists.
B is incorrect. The getSession(false) method returns a pre-existing session. It returns null if the
client has no session associated with it.
NEW QUESTION: 46
Which of the following terms related to risk management represents the estimated frequency at
which a threat is expected to occur?
Answer:
D is incorrect. Safeguard acts as a countermeasure for reducing the risk associated with a
specific threat or a group of threats.
NEW QUESTION: 47
Which of the following statements about a screened host is true?
Answer:
A is incorrect. A proxy server facilitates a more efficient use of the Internet connection bandwidth
and hides the real IP addresses of computers located behind the proxy.
NEW QUESTION: 48
You work as a Security Administrator in Tech Perfect Inc. The company has a TCP/IP based
network. The network has a vast majority of Cisco Systems routers and Cisco network switches.
You want to take a snapshot of the router running configuration and archive running configuration
of the router to persistent storage.
Which of the following steps will you take?
Answer:
B is incorrect. By restoring an archived primary bootset, you can restore a primary bootset from a
secure archive after an NVRAM has been erased or a disk has been formatted.
NEW QUESTION: 49
John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-
based network. John is working as a root user on the Linux operating system. You want to run
two programs, foo and bar. You also want to ensure that bar is executed if and only if foo has
executed successfully.
Which of the following command sequences will John use to accomplish the task?
Answer:
C is incorrect. In the foo | bar; command sequence, the output of the foo command will be the
input for the bar command.
NEW QUESTION: 50
A. Internal Style Sheet

B. External Style Sheet
C. Inline Style Sheet
D. Embedded Style Sheet
Explanation:
To apply the same style consistently throughout your Web site you should use external style
sheet.
Cascading style sheets (CSS) are used so that the Web site authors can exercise greater control
on the appearance and presentation of their Web pages. And also because they increase the
ability to precisely point to the location and look of elements on a Web page and help in creating
special effects.
Cascading Style Sheets have codes, which are interpreted and applied by the browser on to the
Web pages and their elements.
There are three types of cascading style sheets.
External Style Sheets
Embedded Style Sheets
Inline Style Sheets
External Style Sheets are used whenever consistency in style is required throughout a Web site.
A typical external style sheet uses a .css file extension, which can be edited using a text editor
such as a Notepad.
Embedded Style Sheets are used for defining styles for an active page.
Inline Style Sheets are used for defining individual elements of a page.
Reference: TechNet, Contents: Microsoft Knowledgebase, February 2000 issue PSS ID Number:
Q179628
NEW QUESTION: 51
You are responsible for a large network that has its own DNS servers. You periodically check the
log to see if there are any problems.
Which of the following are likely errors you might encounter in the log? (Choose three)
Answer:
A is incorrect. DNS Servers do not create SMTP connections.
NEW QUESTION: 52
You have been assigned a project to develop a Web site for a construction company. You plan to
develop a Web site and want to use cascading style sheets (CSS) as it helps you to get more
control over the appearance and presentation of your Web pages and also extends your ability to
precisely specify the position and appearance of the elements on a page and create special
effects. You want to define styles for individual elements of a page.
Which type of style sheet will you use?
A. Embedded Style Sheet
B. Internal Style Sheet
C. External Style Sheet
D. Inline Style Sheet
Explanation:
Cascading style sheets (CSS) are used so that the Web site authors can exercise greater control
on the appearance and presentation of their Web pages. And also because they increase the
ability to precisely point to the location and look of elements on a Web page and help in creating
special effects. Cascading Style Sheets have codes, which are interpreted and applied by the
browser on to the Web pages and their elements. There are three types of cascading style
sheets.
External Style Sheets
Embedded Style Sheets
Inline Style Sheets
External Style Sheets are used whenever consistency in style is required throughout a Web site.
A typical external style sheet uses a .css file extension, which can be edited using a text editor
such as a Notepad.
Embedded Style Sheets are used for defining styles for an active page.
Inline Style Sheets are used for defining individual elements of a page.
Q179628
NEW QUESTION: 53
Which of the following commands can be used to format text files?
A. wc
B. ps
C. tail
D. pr
Explanation:
The pr command is used to format text files according to the specified options. This command is
usually used to paginate or columnate files for printing.
Answer B is incorrect. The ps command reports the status of processes that are currently running
on a
Linux computer.
Answer A is incorrect. The wc command is used to count the number of bytes, words, and lines in
a given
file or in the list of files.
Answer C is incorrect. The tail command is used to display the last few lines of a text file or piped
data.
NEW QUESTION: 54
You want to change the number of characters displaying on the screen while reading a txt file.
However, you do not want to change the format of the txt file.
Which of the following commands can be used to view (but not modify) the contents of the text file
on the terminal screen at a time?
Answer:
B is incorrect. The tail command is used to display the last few lines of a text file or piped data.
NEW QUESTION: 55
John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from
the company for personal reasons. He wants to send out some secret information of the
company. To do so, he takes an image file and simply uses a tool image hide and embeds the
secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo
mail id. Since he is using the image file to send the data, the mail server of his company is unable
to filter this mail.
Which of the following techniques is he performing to accomplish his task?
Answer:
C is incorrect. John is not performing email spoofing. In email spoofing, an attacker sends emails
after writing another person's mailing address in the from field of the emailed.
NEW QUESTION: 56
DRAG DROP
You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based
network environment. The network has two switches and a router as shown in the image below:
The router connects the network to the Internet. For security, you want to disable CDP for the
interface connected to the Internet. However, you do not want to disable this information for the
internal network.
Select the command (or series of commands) that you will issue to accomplish this task.
Select and Place:
Answer:
Explanation:
In order to accomplish this task, you will have to issue the following commands:
interface s0/0
no cdp enable
According to the question, you are required to disable CDP only on the interface that is connected
to the Internet. For this, you will have to run the no cdp enable command on the interface. To
select the interface, the interface <interface id> command is issued. This will disable CDPonly on
the interface selected.
The no cdp run command is a global command and is used to disable CDP for the entire switch.
NEW QUESTION: 57
An executive in your company reports odd behavior on her PDA. After investigation you discover
that a trusted device is actually copying data off the PDA. The executive tells you that the
behavior started shortly after accepting an e-business card from an unknown person.
What type of attack is this?
A. Session Hijacking
B. Bluesnarfing
C. Privilege Escalation
D. PDA Hijacking
Explanation:
Bluesnarfing is a rare attack in which an attacker takes control of a bluetooth enabled device. One
way to do this is to get your PDA to accept the attacker's device as a trusted device.
NEW QUESTION: 58
You are concerned about rogue wireless access points being connected to your network.
What is the best way to detect and prevent these?
Answer:
C is incorrect. A protocol analyzer will help you analyze the specific traffic on a given node, but
won't be much help in directly detecting rogue access points.
NEW QUESTION: 59
DRAG DROP
Drag and Drop the layers of TCP/IP model according to their level of data encapsulation.
Select and Place:
Answer:
Explanation:
In the above diagram, the raw data is available in the Application layer of the TCP/IP model. The
data coded according to the Application layer protocols is encapsulated into one or more
transport layer protocols, which finally used by the lower layer protocols to affect the actual data
transfer.
In the Transport layer, the data is combined with the UDP header. The responsibilities of the
Transport Layer include end-to-end message transfer capabilities independent of the underlying
network, along with error control, segmentation, flow control, congestion control, and application
addressing (port numbers).
In the Internet layer, the data and UDP header are combined to form an IP data, which is
navigated by the IP header across the Internet for its exact destination.
In the Link layer, the IP data and IP header combine to form the final frame data, which is
accompanied by the Frame header and Frame Footer. The Link Layer is used to move packets
between the Internet Layer interfaces of two different hosts on the same link. Main function of the
Link layer is to add a packet header to prepare it for transmission and then actually transmit the
frame over a physical medium.
NEW QUESTION: 60
Answer:
D is incorrect. NetStumbler is a Windows-based tool that is used for the detection of wireless
LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. It detects wireless networks and
marks their relative position with a GPS.
NEW QUESTION: 61
Which of the following types of authentication tokens forms a logical connection to the client
computer but does not require a physical connection?
Answer:
C is incorrect. Disconnected tokens have neither a physical nor logical connection to the client
computer. They typically do not require a special input device, and instead use a built-in screen to
display the generated authentication data, which the user enters manually via a keyboard or
keypad.
Disconnected tokens are the most common type of security token used (usually in combination
with a password) in two-factor authentication for online identification.
NEW QUESTION: 62
Which of the following are attributes of the <TABLE> tag? (Choose three)
A. BORDER
B. ALIGN
C. TD
D. WIDTH
Explanation:
The WIDTH attribute of the <TABLE> tag is used to set the width of a table. Width can be
specified in pixels and percentage. For example, if a table of the same width as that of the parent
object has to be created, the WIDTH attribute must be set to 100%. The ALIGN attribute aligns
the table within the text flow.
By default alignment is set to left. The BORDER attribute of the <TABLE> tag is used to set the
width of the table border.
Answer C is incorrect. <TD> is not an attribute of the <TABLE> tag. It is a tag used to specify
cells in a table.
NEW QUESTION: 63
Web applications are accessed by communicating over TCP ports via an IP address. Choose the
two most common Web Application TCP ports and their respective protocol names. (Choose two)
A. TCP Port 443 / S-HTTP or SSL
B. TCP Port 80 / HTTPS or SSL
C. TCP Port 443 / HTTPS or SSL
D. TCP Port 80 / HTTP
Explanation:
The two most common Web Application TCP ports are Port 443 and Port 80. HTTPS or SSL uses
TCP port 443, whereas HTTP uses TCP Port 80.
Answer B is incorrect. Port 80 is used for HTTP, not HTTPS.
Answer A is incorrect. S-HTTP is not the protocol name for Port 443. HTTPS or SSL is the name
used for
Port 443 traffic.
NEW QUESTION: 64
Which of the following processes is described in the statement below?
"This is the process of numerically analyzing the effect of identified risks on overall project
objectives."
Answer:
B is incorrect. This is the process of implementing risk response plans, tracking identified risks,
monitoring residual risk, identifying new risks, and evaluating risk process effectiveness through
the project.
NEW QUESTION: 65
Which of the following statements about the traceroute utility are true?
Answer:
C, D are incorrect. Traceroute does not perform polymorphic shell code attacks. Attacking tools
such as AD Mutate are used to perform polymorphic shell code attacks.
NEW QUESTION: 66
Peter works as a Web Developer for XYZ CORP. He is developing a Web site for the company. In
one of the Web pages, Peter wants to ensure that certain information is consistent and visible
while the other information changes.
Which of the following will he use to accomplish this?
Answer:
C is incorrect. Data elements are used to access data in XML format from a Web server.
NEW QUESTION: 67
DRAG DROP
You work as a Network Administrator for Blue Well Inc. The company has a TCP/IP-based
network environment. The network contains Cisco switches and a Cisco Catalyst router. The
network is configured as shown in the image below:
You want to enable Host A to access the Internet. For this, you need to configure the default
gateway settings. Choose the appropriate address to accomplish the task.
Select and Place:
Answer:
Explanation:
According to the question, you are required to configure the default gateway setting on Host A so
that users can access the Internet through it. For a computer to communicate with computers on
another segment in a routed network, it is important to configure the default gateway. In order to
accomplish the task, you will have to set the address 192.168.19.203 as the default gateway
address.
NEW QUESTION: 68
You want to allow direct access to the filesystems data structure.
Which of the following Unix commands can you use to accomplish the task?
Answer:
C isincorrect. In Unix, the du command shows how much disk space a directory and all its files
contain.
NEW QUESTION: 69
John works as a professional Ethical Hacker. He is assigned a project to test the security of
www.we-are- secure.com. He is working on the Linux operating system. He wants to sniff the we-
are-secure network and intercept a conversation between two employees of the company through
session hijacking.
Which of the following tools will John use to accomplish the task?
Answer:
B is incorrect. Tripwire is a file and directory integrity checker.
NEW QUESTION: 70
Answer:
A is incorrect. IDS logs will only help you identify potential attacks. Unless you suspect the user of
intentionally trying to break into resources, an IDS log will not help in this scenario.
NEW QUESTION: 71
Which of the following commands will you use to watch a log file /var/adm/messages while the log
file is updating continuously?
Answer:
A is incorrect. The less command is used to view (but not change) the contents of a text file, one
screen at a time. It is similar to the more command. However, it has the extended capability of
allowing both forward and backward navigation through the file. Unlike most Unix text
editors/viewers, less does not need to read the entire file before starting; therefore, it has faster
load times with large files.
The command syntax of the less command is as follows:
less [options] file_name Where,
NEW QUESTION: 72
Patricia joins XYZ CORP., as a Web Developer. While reviewing the company's Web site, she
finds that many words including keywords are misspelled.
How will this affect the Web site traffic?
A. Leave a bad impression on users.
B. Search engine relevancy may be altered.
C. Link exchange with other sites becomes difficult.
D. The domain name cannot be registered.
Explanation:
Web site traffic depends upon the number of users who are able to locate a Web site. Search
engines are one of the most frequently used tools to locate Web sites. They perform searches on
the basis of keywords contained in the Web pages of a Web site. Keywords are simple text
strings that are associated with one or more topics of a Web page. Misspelled keywords prevent
Web pages from being displayed in the search results.
NEW QUESTION: 73
What does a firewall check to prevent certain ports and applications from getting the packets into
an Enterprise?
Answer:
A, C, D are incorrect. This information is not checked by a firewall.
NEW QUESTION: 74
Which of the following are the countermeasures against WEP cracking?
Answer:
D is incorrect. SSID stands for Service Set Identifier. It is used to identify a wireless network.
SSIDs are case sensitive text strings and have a maximum length of 32 characters. All wireless
devices on a wireless network must have the same SSID in order to communicate with each
other. The SSID on computers and the devices in WLAN can be set manually and automatically.
Configuring the same SSID as that of the other Wireless Access Points (WAPs) of other networks
will create a conflict. A network administrator often uses a public SSID that is set on the access
point. The access point broadcasts SSID to all wireless devices within its range. Some newer
wireless access points have the ability to disable the automatic SSID broadcast feature in order to
improve network security.
NEW QUESTION: 75
From an auditing perspective, database security can be broken down into four key categories:
Server Security
Database Connections
Table Access Control
Restricting Database Access.
Which of the following categories leads to the process of limiting access to the database server?
Answer:
C is incorrect. Restricting database access is important especially for the companies that have
their databases uploaded on the Internet. Internet-based databases have been the most recent
targets of attacks, due to their open access or open ports. It is very easy for criminals to conduct
a "port scan" to look for ports that are open that popular database systems are using by default.
The ports that are used by default can be changed, thus throwing off a criminal looking for open
ports set by default.
Following are the security measures that can be implemented to prevent open access from the
Internet:
Trusted IP addresses: Servers can be configured to answer pings from a list of trusted hosts only.
Server account disabling: The server ID can be suspended after three password attempts.
Special tools: Products can be used to send an alert when an external server is attempting to
breach the system's security. One such example is Real Secure by ISS.
NEW QUESTION: 76
TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote
device during standard layer 4 network communications. The combination of parameters may
then be used to infer the remote operating system (OS fingerprinting), or incorporated into a
device fingerprint.
Which of the following Nmap switches can be used to perform TCP/IP stack fingerprinting?
Answer:
D is incorrect. The nmap -sT switch is used to perform a TCP full scan.
NEW QUESTION: 77
In an IT organization, some specific tasks require additional detailed controls to ensure that the
workers perform their job correctly.
What do these detailed controls specify? (Choose three)
Answer:
C is incorrect. Input data should be verified before being accepted into an application.
NEW QUESTION: 78
In which of the following social engineering attacks does an attacker first damage any part of the
target's equipment and then advertise himself as an authorized person who can help fix the
problem.
Answer:
B, C, D are incorrect. Person-to-Person social engineering works on the personal level. It can be
classified as follows:
Impersonation: In the impersonation social engineering attack, an attacker pretends to be
someone else, for example, the employee's friend, a repairman, or a delivery person.
In Person Attack: In this attack, the attacker just visits the organization and collects information.
To accomplish such an attack, the attacker can call a victim on the phone, or might simply walk
into an office and pretend to be a client or a new worker.
Important User Posing: In this attack, the attacker pretends to be an important member of the
organization.
This attack works because there is a common belief that it is not good to question authority.
Third-Party Authorization: In this attack, the attacker tries to make the victim believe that he has
the approval of a third party. This works because people believe that most people are good and
they are being truthful about what they are saying.
NEW QUESTION: 79
You work as a Database Administrator for Dolliver Inc. The company uses Oracle 11g as its
database. You have used the LogMiner feature for auditing purposes.
Which of the following files store a copy of the data dictionary? (Choose two)
A. Online redo log files
B. Operating system flat file
C. Dump file
D. Control file
Explanation:
LogMiner requires a dictionary to translate object IDs into object names when it returns redo data
to you.
You have the following three options to retrieve the data dictionary:
The Online catalog: It is the most easy and efficient option to be used. It is used when a database
user have access to the source database from which the redo log files were created. The other
condition that should qualify is that there should be no changes to the column definitions in the
desired tables.
The Redo Log Files: This option is used when a database user does not have access to the
source database from which the redo log files were created and if there are any chances of
changes to the column definitions of the desired tables.
An operating system flat file: Oracle does not recommend to use this option, but it is retained for
backward compatibility. The reason for not preferring the option is that it does not guarantee
transactional consistency. LogMiner is capable to access the Oracle redo logs. It keeps the
complete record of all the activities performed on the database, and the associated data
dictionary, which is used to translate internal object identifiers and types to external names and
data formats. For offline analysis, LogMiner can be run on a separate database, using archived
redo logs and the associated dictionary from the source database.
NEW QUESTION: 80
A. There will be no effect on the session; it will last for its default time.
B. The session will never expire.
C. An error will occur during execution.
D. The session will expire immediately.
Explanation:
The <session-timeout> element of the deployment descriptor sets the session timeout. If the time
specified for timeout is zero or negative, the session will never timeout.
NEW QUESTION: 81
The Security Auditor's Research Assistant (SARA) is a third generation network security analysis
tool.
Which of the following statements are true about SARA? (Choose two)
Answer:
B is incorrect. SARA can be used to perform exhaustive XSS tests.
NEW QUESTION: 82
John works as a Network Administrator for Perfect Solutions Inc. The company has a Debian
Linux-based network. He is working on the bash shell in which he creates a variable VAR1. After
some calculations, he opens a new ksh shell. Now, he wants to set VAR1 as an environmental
variable so that he can retrieve VAR1 into the ksh shell.
Which of the following commands will John run to accomplish the task?
A. echo $VAR1
B. touch VAR1
C. export VAR1
D. env -u VAR1
Explanation:
Since John wants to use the variable VAR1 as an environmental variable, he will use the export
command to accomplish the task.
NEW QUESTION: 83
You work as the Network Administrator for XYZ CORP. The company has a Linux-based network.
You are a root user on the Red Hat operating system. You want to see first five lines of the
file /etc/passwd.
Which of the following commands should you use to accomplish the task?
A. head -n 5 /etc/passwd
B. head 5 -n /etc/passwd
C. tail -n 5 /etc/passwd
D. head /etc/passwd
Explanation:
The head -n 5 /etc/passwd command will show the first 5 lines of the file /etc/passwd.
NEW QUESTION: 84
You work as a Network Administrator for XYZ CORP. The company has a TCP/IP-based network
environment. The network contains Cisco switches and a Cisco router.
You run the following command for a router interface:
show interface serial0
You get the following output:
Serial0 is administratively down, line protocol is down
What will be your conclusion after viewing this output?
Answer:
C is incorrect. Encapsulation has nothing to do with the output displayed in the question.
NEW QUESTION: 85
You have been assigned a project to develop a Web site for a construction company. You plan to
develop a Web site and want to get more control over the appearance and presentation of the
Web pages. You also want to increase your ability to precisely specify the position and
appearance of the elements on a page and create special effects. You plan to use cascading
style sheets (CSS). You want to define styles only for the active page.
Which type of style sheet will you use?
A. Embedded Style Sheet
B. Inline Style Sheet
C. Internal Style Sheet
D. External Style Sheet
Explanation:
To define styles only for the active page you should use embedded style sheet. Cascading style
sheets (CSS) are used so that the Website authors can exercise greater control on the
appearance and presentation of their Web pages. And also because they increase the ability to
precisely point to the location and look of elements on a Web page and help in creating special
effects. Cascading Style Sheets have codes, which are interpreted applied by the browser on to
the Web pages and their elements. There are three types of cascading style sheets. External
Style Sheets Embedded Style Sheets Inline Style Sheets External Style Sheets are used
whenever consistency in style is required throughout a Web site. A typical external style sheet
uses a .css file extension, which can be edited using a text editor such as a Notepad. Embedded
Style Sheets are used for defining styles for an active page. Inline Style Sheets are used for
defining individual elements of a page.
Q179628 You want to enable Host A to access the Internet. For this, you need to configure the
default gateway settings. Choose the appropriate address to accomplish the task.
NEW QUESTION: 86
security of www.we-are-secure.com. He is using the Linux operating system. He wants to use a
wireless sniffer to sniff the We-are-secure network.
Which of the following tools will he use to accomplish his task?
Answer:
C is incorrect. Snadboy's Revelation is not a sniffer. It is used to see the actual password behind
the asterisks.
NEW QUESTION: 87
You work as the Network Technician for XYZ CORP. The company has a Linux-based network.
You are working on the Red Hat operating system. You want to view only the last 4 lines of a file
named /var/log/ cron.
Which of the following commands should you use to accomplish the task?
A. tail -n 4 /var/log/cron
B. tail /var/log/cron
C. cat /var/log/cron
D. head /var/log/cron
Explanation:
The tail -n 4 /var/log/cron command will show the last four lines of the file /var/log/cron.
NEW QUESTION: 88
You work as a Web Deployer for UcTech Inc. You write the <security constraint> element for an
application in which you write the <auth-constraint> sub-element as follows: <auth-constraint>
<role- name>*</role-name> </auth-constraint> Who will have access to the application?
A. Only the administrator
B. No user
C. All users
D. It depends on the application.
Explanation:
The <auth-constraint> element is a sub-element of the <security-constraint> element. It defines
the roles that are allowed to access the Web resources specified by the <web-resource-
collection> sub-elements.
The <auth-constraint> element is written in the deployment descriptor as follows:
<security-constraint> <web-resource-collection> ---------------- </web-resource-collection> <auth-
constraint> <role-name>Administrator</role-name> </auth-constraint> </security-constraint>
Writing Administrator within the <role-name> element will allow only the administrator to have
access to the resource defined within the <web-resource-collection> element.
NEW QUESTION: 89
You are the Security Administrator for an Internet Service Provider. From time to time your
company gets subpoenas from attorneys and law enforcement for records of customers' access
to the internet. What policies must you have in place to be prepared for such requests?
Answer:
A is incorrect. Group policies are usually pertinent to network administration, not the open and
uncontrolled environment of an ISP.
Answer B is incorrect. Backup policies dictate how data is backed up and stored.
NEW QUESTION: 90
Answer:
A, D are incorrect. These rule sets are used for outgoing traffic, i.e., traffic going from the intranet
to the Internet as the 'Output chain' rule is being used.
NEW QUESTION: 91
Which of the following statements is true about residual risks?
Answer:
C is incorrect. Vulnerability is a weakness or lack of safeguard that can be exploited by a threat,
thus causing harm to the information systems or networks. It can exist in hardware, operating
systems, firmware, applications, and configuration files. Vulnerability has been variously defined
in the current context as follows:
1.A security weakness in a Target of Evaluation due to failures in analysis, design,
implementation, or operation and such.
2.Weakness in an information system or components (e.g. system security procedures, hardware
design, or internal controls that could be exploited to produce an information-related misfortune.)
3. The existence of a weakness, design, or implementation error that can lead to an unexpected,
undesirable event compromising the security of the system, network, application, or protocol
involved.
NEW QUESTION: 92
You work as a Network Administrator for Net World International. The company has a Windows
Active Directory-based single domain single forest network. The functional level of the forest is
Windows Server
2003. There are ten Sales Managers in the company. The company has recently provided laptops
to all its Sales Managers. All the laptops run Windows XP Professional. These laptops will be
connected to the company's network through wireless connections. The company's management
wants to implement Shared Key authentication for these laptops. When you try to configure the
network interface card of one of the laptops for Shared Key authentication, you find no such
option. What will you do to enable Shared Key authentication?
A. Install PEAP-MS-CHAP v2
B. Enable WEP
C. Install Service Pack 1
D. Install EAP-TLS.
Explanation:
Shared Key authentication requires the use of the Wired Equivalent Privacy (WEP) algorithm. If
the WEP is not implemented, then the option for Shared Key authentication is not available. In
order to accomplish the task, you will have to enable the WEP on all the laptops.
NEW QUESTION: 93
You have made a program secure.c to display which ports are open and what types of services
are running on these ports. You want to write the program's output to standard output and
simultaneously copy it into a specified file.
Answer:
C is incorrect. The less command is used to view (but not change) the contents of a text file, one
load times with large files. The command syntax of the less command is as follows: less [options]
file_name Where,
Answer B is incorrect. The more command is used to view (but not modify) the contents of a text
file on the terminal screen at a time. The syntax of the more command is as follows: more
[options] file_name Where,
NEW QUESTION: 94
Which of the following statements is true about COLSPAN attribute?
A. COLSPAN is used to create columns in a table.
B. COLSPAN is used to divide one column into many columns.
C. COLSPAN is used to span one column across many rows.
D. COLSPAN is used to span one column across many columns.
Explanation:
COLSPAN attribute is used to span one column across many columns. COLSPAN is an attribute
of <TD> and <TH> tags that allow a singlecolumn in a table to take space that is occupied by
several columns. If the specified COLSPAN value is greater than the number of columns in the
table, then a new column is created at the end of the row.
Reference: MSDN, Contents: COLSPAN
NEW QUESTION: 95
DRAG DROP
You have designed a TCP/IP based routed network. Diagram of the network is given below:
You are configuring IS-IS protocol as an IP routing protocol in the given network. Drag and drop
the appropriate commands beside their respective command prompts which you are using at
router C.
Select and Place:
Answer:
Explanation:
The commands that are configured on router C are as follows:
Router C(config)#router isis
Router C(config)#net 49.0001.0000.0000.000c.00
RouterC(config)#interface ethernet 1
Router C(config-if)#ip router isis
Router C(config-if)#exit
Router C(config)#interface ethernet 2
Router C(config-if)#ip router isis
NEW QUESTION: 96
Mark is an attacker. He wants to discover wireless LANs by listening to beacons or sending probe
requests and thereby provide a launch point for further attacks.
Which of the following tools can he use to accomplish the task?
Answer:
B is incorrect. Wellenreiter is a tool that is used to perform MAC spoofing attacks.
NEW QUESTION: 97
You want to set the user login features on the systems with the shadow passwords.
Answer:
D is incorrect. In Unix, the /etc/filesystems file is used to set the filesystem probe order when
filesystems are mounted with the auto option.
NEW QUESTION: 98
Which of the following encryption encoding techniques is used in the basic authentication
method?
Answer:
C is incorrect. DES (ECB mode) is used in the NTLMv1 authentication method.
NEW QUESTION: 99
The tool works under Windows 9x/2000. Which of the following tools can be used to automate the
MITM attack?
Answer:
B is incorrect. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion detection
system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Kismet
can sniff
802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet can be used for the following tasks:
To identify networks by passively collecting packets
To detect standard named networks
To detect masked networks
To collect the presence of non-beaconing networks via data traffic
NEW QUESTION: 100
Answer:
B is incorrect. Correcting all risk issues does not come under auditing processes.
NEW QUESTION: 101

You work as a Network Administrator for XYZ CORP. The company has a Windows Server 2008
network environment. The network is configured as a Windows Active Directory-based single
forest single domain network. You have installed a Windows Server 2008 computer. You have
configured auditing on this server. The client computers of the company use the Windows XP
Professional operating system. You want to audit each event that is related to a user managing
an account in the user database on the computer where the auditing is configured. To accomplish
the task, you have enabled the Audit account management option on the server.
Which of the following events can be audited by enabling this audit option?
A. Access to an Active Directory object
B. Change of password for a user account
C. Addition of a user account to a group
D. Creation of a user account
Answer: B,C,D (LEAVE A REPLY)
Explanation:
Audit account management is one of the nine audit settings that can be configured on a Windows
computer. This option is enabled to audit each event that is related to a user managing an
account in the user database on the computer where the auditing is configured. These events
include the following:
Creating a user account
Adding a user account to a group
Renaming a user account
Changing password for a user account
This option is also used to audit the changes to the domain account of the domain controllers.
NEW QUESTION: 102

You work as a Network Administrator for Tech-E-book Inc. You are configuring the ISA Server
2006 firewall to provide your company with a secure wireless intranet. You want to accept
inbound mail delivery though an SMTP server.
What basic rules of ISA Server do you need to configure to accomplish the task.
Answer:
C is incorrect. There are no such ISA Server rule sets.
NEW QUESTION: 103

Which of the following Windows processes supports creating and deleting processes and threads,
running
16-bit virtual DOS machine processes, and running console windows?
Answer:
D is incorrect. This process includes most kernel-level threads, which manage the underlying
aspects of the operating system.
NEW QUESTION: 104

Which of the following tools combines two programs, and also encrypts the resulting package in
an attempt to foil antivirus programs?
A. Tiny
B. NetBus
C. Trojan Man
D. EliteWrap
Explanation:
The Trojan Man is a Trojan wrapper that not only combines two programs, but also encrypts the
resulting package in an attempt to foil antivirus programs.
NEW QUESTION: 105

You are the Network Administrator for a company. You have decided to conduct a user access
and rights review.
Which of the following would be checked during such a review? (Choose three)
A. Access Control Lists
B. Encryption Methods
C. User Roles
D. Firewalls
E. Group Membership
Explanation:
A user access and rights review must check all users, what groups they belong to, what roles
they have, and what access they have. Furthermore, such a review should also check logs to see
if users are appropriately utilizing their system rights and privileges.
NEW QUESTION: 106

Which of the following is the default port for Hypertext Transfer Protocol (HTTP)?
Answer:
A, D are incorrect. By default, FTP server uses TCP port 20 for data transfer and TCP port 21 for
session control.
NEW QUESTION: 107

Which of the following statements about Secure Sockets Layer (SSL) are true? (Choose two)
A. It provides connectivity between Web browser and Web server.
B. It provides mail transfer service.
C. It provides communication privacy, authentication, and message integrity.
D. It uses a combination of public key and symmetric encryption for security of data.
Explanation:
Secure Sockets Layer (SSL) is a protocol used to transmit private documents via the Internet.
SSL uses a combination of public key and symmetric encryption to provide communication
privacy, authentication, and message integrity. Using the SSL protocol, clients and servers can
communicate in a way that prevents eavesdropping and tampering of data on the Internet. Many
Web sites use the SSL protocol to obtain confidential user information, such as credit card
numbers. By convention, URLs that require an SSL connection start with https: instead of http:.
By default, SSL uses port 443 for secured communication. For a SSL connection between a Web
browser and Web server, you must enter https, for example, "https:// www.vzen.com", instead of
http as the protocol type in the URL. This will instruct the Web browser to use a different port for
communication. SSL uses TCP port 443 for communication.
NEW QUESTION: 108

You are the Network Administrator for a software development company. Your company creates
various utilities and tools. You have noticed that some of the files your company creates are
getting deleted from systems. When one is deleted, it seems to be deleted from all the computers
on your network.
Where would you first look to try and diagnose this problem?
Answer:
C is incorrect. Your system log can only tell you what is happening on that individual computer.
NEW QUESTION: 109

John works as a contract Ethical Hacker. He has recently got a project to do security checking for
www.we-are-secure.com. He wants to find out the operating system of the we-are-secure server
in the information gathering step.
Which of the following commands will he use to accomplish the task? (Choose two.)
Answer:
C is incorrect. "nc -v -n 208.100.2.25 80" is a Netcat command, which is used to banner grab for
getting information about the system and running services.
NEW QUESTION: 110

DRAG DROP
You work as a Network Administrator for SoftWorld Inc. All client computers in the company run
Windows Vista. You want to view the status of Windows Firewall. Choose in the correct order the
steps you will take to accomplish the task.
Select and Place:
Answer:
Explanation:
The steps to display the status of Windows Firewall are as follows:
1.Click the Start button, then click Control Panel.
2.In the Control Panel window, click Security.

3.In the Security window, click Windows Firewall.
4.The Windows Firewall dialog box appears, displaying the status of Windows Firewall.
NEW QUESTION: 111
You have just set up a wireless network for customers at a coffee shop. Which of the following
are good security measures to implement? (Choose two)
A. Using WPA encryption
B. MAC filtering the router
C. Not broadcasting SSID
D. Using WEP encryption
Explanation:
With either encryption method (WEP or WPA) you can give the password to customers who need
it, and even change it frequently (daily if you like). So this won't be an inconvenience for
customers.
NEW QUESTION: 112

Which of the following statements are true about SSIDs?
A. Configuring the same SSID as that of the other Wireless Access Points (WAPs) of other
networks will create a conflict.
B. SSIDs are case insensitive text strings and have a maximum length of 64 characters.
C. All wireless devices on a wireless network must have the same SSID in order to communicate
with each other.
D. SSID is used to identify a wireless network.
Explanation:
SSID stands for Service SetIdentifier. It is used to identify a wireless network. SSIDs are case
sensitive text strings and have a maximum length of 32 characters. All wireless devices on a
wireless network must have the same SSID in order to communicate with each other. The SSID
on computers and the devices in WLAN can be set manually and automatically. Configuring the
same SSID as that of the other Wireless Access Points (WAPs) of other networks will create a
conflict. A network administrator often uses a public SSID that is set on the access point. The
access point broadcasts SSID to all wireless devices within its range. Some newer wireless
access points have the ability to disable the automatic SSID broadcast feature in order to improve
network security.
NEW QUESTION: 113

SIMULATION
Fill in the blanks with the appropriate protocol.
CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) is an
IEEE encryption protocol created to replace both TKIP and ______.
Answer:
WEP
Explanation:
CCMP (Counter Mode with Cipher Block Chaining Message Authentication Code Protocol) is an
IEEE
802.11i encryption protocol created to replace both TKIP, the mandatory protocol in WPA, and
WEP, the earlier, insecure protocol. CCMP is a mandatory part of the WPA2 standard, an
optional part of the WPA standard, and a required option for Robust Security Network (RSN)
Compliant networks. CCMP is also used in the ITU-T home and business networking standard.
CCMP, part of the 802.11i standard, uses the Advanced Encryption Standard (AES) algorithm.
Unlike in TKIP, key management and message integrity is handled by a single component built
around AES using a
128-bit key, a 128-bit block, and 10 rounds of encoding per the FIPS 197 standard.
NEW QUESTION: 114

based network. John is working as a root user on the Linux operating system. He wants to
forward all the kernel messages to the remote host having IP address 192.168.0.1.
Which of the following changes will he perform in the syslog.conf file to accomplish the task?
Answer:
C is incorrect.
This entry will not forward any kernel message to the remote host having IP address 192.168.0.1.
NEW QUESTION: 115

Which of the following are the disadvantages of Dual-Homed Host Firewall Architecture?
Answer:
B is incorrect. Dual-Homed Host Firewall Architecture can provide a very high level of control.
NEW QUESTION: 116
DRAG DROP
In Unix, 'less' is a program that allows backward as well as forward movement in a file. This
program is invoked with several options to change its behavior. Place the options of the less
program in front of their functions.
Select and Place:
Answer:
Explanation:
Less is a program in Unix that allows backward as well as forward movement in the file. The
syntax of the less command is as follows:
less [options] file_name
NEW QUESTION: 117

DRAG DROP
John works as a Network Administrator for Blue Well Inc. All client computers in the company run
the Windows Vista operating system. He wants to view the status of malware protection.
What steps will he take to accomplish the task?
Select and Place:
Answer:
Explanation:
John will click on the Security Center icon to view the malware status.
Malware is a combination of the terms malicious and software. It refers to a variety of hostile
programs, such as a virus or a Trojan horse, designed to damage or disrupt a computer. It
gathers information about a computer without the user's permission or knowledge.
The Windows Update icon is used to manually update Windows Vista and configure the settings
for the update.
The Power Options icon is used configure the settings for various power plans.
NEW QUESTION: 118

You want to impose some special access restrictions on users.
Answer:
D is incorrect. In Unix, the /etc/termcap file works as a terminal capability database.
NEW QUESTION: 119

Which of the following statements are true about KisMAC?
A. It scans for networks passively on supported cards.
B. It cracks WEP and WPA keys by Rainbow attack or by dictionary attack.
C. It is a wireless network discovery tool for Mac OS X.
D. Data generated by KisMAC can also be saved in pcap format.
Explanation:
KisMAC is a wireless network discovery tool for Mac OS X.
It has a wide range of features, similar to those of Kismet, its Linux/BSD namesake and far
exceeding those of NetStumbler, its closest equivalent on Windows. The program is geared
toward network security professionals, and is not as novice-friendly as similar applications.
KisMAC will scan for networks passively on supported cards - including Apple's AirPort, and
AirPort Extreme, and many third-party cards, and actively on any card supported by Mac OS X
itself. Cracking of WEP and WPA keys, both by brute force, and exploiting flaws such as weak
scheduling and badly generated keys is supported when a card capable of monitor mode is used,
and packet reinjection can be done with a supported card. GPS mapping can be performed when
an NMEA compatible GPS receiver is attached. Data can also be saved in pcap format and
loaded into programs such as Wireshark.
NEW QUESTION: 120
A. Use of well-known code

B. Use of uncommon code
C. Use of uncommon software
D. Use of more physical connections
Explanation:
In computer security, the term vulnerability is a weakness which allows an attacker to reduce a
system's Information Assurance. A computer or a network can be vulnerable due to the following
reasons:
Complexity: Large, complex systems increase the probability of flaws and unintended access
points.
Familiarity: Using common, well-known code, software, operating systems, and/or hardware
increases the probability an attacker has or can find the knowledge and tools to exploit the flaw.
Connectivity: More physical connections, privileges, ports, protocols, and services and time each
of those are accessible increase vulnerability.
Password management flaws: The computer user uses weak passwords that could be discovered
by brute force. The computer user stores the password on the computer where a program can
access it. Users re- use passwords between many programs and websites.
Fundamental operating system design flaws: The operating system designer chooses to enforce
sub optimal policies on user/program management. For example, operating systems with policies
such as default permit grant every program and every user full access to the entire computer.
This operating system flaw allows viruses and malware to execute commands on behalf of the
administrator.
Internet Website Browsing: Some Internet websites may contain harmful Spyware or Adware that
can be installed automatically on the computer systems. After visiting those websites, the
computer systems become infected and personal information will be collected and passed on to
third party individuals.
Software bugs: The programmer leaves an exploitable bug in a software program. The software
bug may allow an attacker to misuse an application.
Unchecked user input: The program assumes that all user input is safe. Programs that do not
check user input can allow unintended direct execution of commands or SQL statements (known
as Buffer overflows, SQL injection or other non-validated inputs).
Answers B, C are incorrect. Use of common software and common code can make a network
vulnerable.
NEW QUESTION: 121

Zorp is a proxy firewall suite developed by Balabit IT Security.
Which of the following statements are true about Zorp?
Answer:
D is incorrect. The GPL version of Zorp is completely usable and functional; however, it lacks
some of the more advanced functions available in the commercially available version only.
NEW QUESTION: 122

You configure a wireless router at your home. To secure your home Wireless LAN (WLAN), you
implement WEP. Now you want to connect your client computer to the WLAN.
Which of the following is the required information that you will need to configure the client
computer?
(Choose two)
A. SSID of the WLAN
B. WEP key
C. IP address of the router
D. MAC address of the router
Explanation:
In order to connect a client computer to a secured Wireless LAN (WLAN), you are required to
provide the following information:
SSID of the WLAN WEP key rticlesItemsReportsHelp
NEW QUESTION: 123

HOTSPOT
The network infrastructure of a company consists of a perimeter network. For security purposes,
the network zones have been created and divided into a firewall-based Border network and a
DMZ. The enterprise internal network is attacked by a latest Internet worm.
Which of the following devices in the enterprise network should be upgraded or reconfigured to
counter this type of attack?
Hot Area:
Answer:
Explanation:
The firewall in the enterprise network should be reconfigured or upgraded to detect and filter an
Internet worm. Firewall is used to protect the network from external attacks by hackers. Firewall
prevents direct communication between computers in the network and the external computers,
through the Internet.
Instead, all communication is done through a proxy server, outside the organization's network,
which decides whether or not it is safe to let a file pass through.
NEW QUESTION: 124

You have just installed a Windows 2003 server. What action should you take regarding the
default shares?
Answer:
D is incorrect. These are not necessary for Windows Server operations.
NEW QUESTION: 125

security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The
description of the tool is as follows:
It is Linux-based WLAN WEP cracking tool that recovers encryption keys.
It operates by passively monitoring transmissions.
It uses Ciphertext Only Attack and captures approximately 5 to 10 million packets to decrypt the
WEP
keys.
Which of the following tools is John using to crack the wireless encryption keys?
Answer:
C is incorrect. Kismet is an IEEE 802.11 wireless network sniffer and intrusion detection system.
NEW QUESTION: 126

John works as a professional Ethical Hacker. He has been assigned a project to test the security
of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure
server. The output of the scanning test is as follows:
C.\whisker.pl -h target_IP_address -- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - =
-=-=-
= = Host: target_IP_address = Server: Apache/1.3.12 (Win32) ApacheJServ/1.1 mod_ssl/2.6.4
OpenSSL/0.9.5a mod_perl/1.22 + 200 OK: HEAD /cgi-bin/printenv John recognizes /cgi-
bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server.
Which of the following statements about 'Printenv' vulnerability are true?
Answer:
B is incorrect. 'Printenv' does not maintain any log file of user activities.
NEW QUESTION: 127

You are concerned about rootkits on your network communicating with attackers outside your
network.
Without using an IDS how can you detect this sort of activity?
Answer:
C is incorrect. It is very unlikely that anything in your domain controller logs will show the
presence
of a rootkit, unless that rootkit is on the domain controller itself.
Answer A is incorrect. A DMZ is an excellent firewall configuration but will not aid in detecting
rootkits.
NEW QUESTION: 128

Many organizations create network maps of their network system to visualize the network and
understand the relationship between the end devices and the transport layer that provide
services. Which of the following are the techniques used for network mapping by large
organizations?
Each correct answer represents a complete solution. Choose three.
Answer:
D is incorrect. Packet crafting is a technique that allows probing firewall rule-sets and finding entry
points into the targeted system or network. This can be done with a packet generator. A packet
generator is a type of software that generates random packets or allows the user to construct
detailed custom packets. Packet generators utilize raw sockets. This is useful for testing
implementations of IP stacks for bugs and security vulnerabilities.
NEW QUESTION: 129

What is the purpose of Cellpadding attribute of <Table> tag?
A. Cellpadding is used to set the width of cell border and its content.
B. Cellpadding is used to set the width of a table.
C. Cellpadding is used to set the space between the cell border and its content.
D. Cellpadding is used to set the space between two cells in a table.
Explanation:
Cellpadding attribute is used to set the space, in pixels, between the cell border and its content. If
you have not set the value of Cellpadding attribute for a table, the browser takes the default value
as 1.
NEW QUESTION: 130
Answer:
B is incorrect. In Unix, the /etc/motd file automatically displays the message of the day after a
successful login.
NEW QUESTION: 131

Sam works as a Network Administrator for Blue Well Inc. All client computers in the company run
the Windows Vista operating. Sam creates a new user account. He wants to create a temporary
password for the new user such that the user is forced to change his password when he logs on
for the first time.
Which of the following options will he choose to accomplish the task?
Answer:
A is incorrect. This option sets the existing password as a permanent password for the user. Only
administrators can change the password of the user.
NEW QUESTION: 132
Which of the following is a method of the HttpSession interface and is used to retrieve the time
when the session was created?
A. getCreationTime()
B. getSessionCreationTime()
C. getSessionTime()
D. getTime()
Explanation:
The getCreationTime() method returns the time when the session was created. The time is
measured in milliseconds since midnight January 1, 1970. This method throws an
IllegalStateException if it is called on an invalidated session.
NEW QUESTION: 133

DRAG DROP
In Unix, there are different commands used for editing and viewing files. Drag and drop the
appropriate commands (available in Unix) in front of their respective functions that they perform.
Select and Place:
Answer:
Explanation:
Following are the basic file editing and viewing commands in Unix:
NEW QUESTION: 134

Sam works as a Web Developer for McRobert Inc. He creates a Web site. He wants to include
the following table in the Web site:
He writes the following HTML code to create the table:
1. <TABLE BORDER="1" WIDTH="500">
2. <TR>
3.
4.
5. </TR>
6. <TR>
7. <TD>
8. </TD>
9. <TD>
10. </TD>
11. <TD>
12. </TD>
13. </TR>
14. <TR>
15. <TD>
16. </TD>
17. <TD>
18. </TD>
19. <TD>
20. </TD>
21. </TR>
22. </TABLE>
Which of the following tags will Sam place at lines 3 and 4 to create the table?
Answer:
A, B are incorrect. There are no attributes such as SPAN and SPANWIDTH for the tag.
NEW QUESTION: 135

Which of the following is a technique for creating Internet maps? (Choose two)
A. AS PATH Inference
B. Object Relational Mapping
C. Active Probing
D. Network Quota
Explanation:
There are two prominent techniques used today for creating Internet maps:
Active probing: It is the first works on the data plane of the Internet and is called active probing. It
is used to infer Internet topology based on router adjacencies.
AS PATH Inference: It is the second works on the control plane and infers autonomous system
connectivity based on BGP data.
NEW QUESTION: 136

You have recently joined as a Network Auditor in XYZ CORP. The company has a Windows-
based network. You have been assigned the task to determine whether or not the company's goal
is being achieved.
As an auditor, which of the following tasks should you perform before conducting the data center
review?
Each correct answer represents a complete solution. Choose three.
Answer:
A is incorrect. An auditor should review the current organization chart. Reviewing the future
organization chart would not help in finding the current threats to the organization.
NEW QUESTION: 137

Which of the following tools is used for port scanning?
Answer:
A is incorrect. L0phtcrack is a tool which identifies and remediate security vulnerabilities that
result
from the use of weak or easily guessed passwords. It recovers Windows and Unix account
passwords to access user and administrator accounts.
NEW QUESTION: 138

HOTSPOT
In the image of the Screened Host Firewall Architecture given below, select the element that is
commonly known as the access router.
Hot Area:
Answer:
Explanation:
An access router is the common name of the exterior router present in the screened host firewall
architecture. It is attached to the perimeter network and the Internet. An access router is used to
protect both the perimeter network and the internal network from the Internet. It allows anything
that is outbound from the perimeter network. Access routers seldom do packet filtering. The rules
for packet filtering regarding the protection of internal machines are always the same on both the
interior router and the exterior router.
A Screened Host Firewall Architecture is used to provide services from a host that is attached
only to the internal network by using a separate router. In this type of firewall architecture, the key
security is provided by packet filtering.
The host exists in the internal network. The packet filtering on the screening router is configured
in such a way that the bastion host is the only system in the internal network that is open to the
Internet connections.
If any external system tries to access internal systems or services, then it will connect only to this
host. The bastion host therefore needs to be at a high level of security.
NEW QUESTION: 139

Mike works as a Network Engineer for XYZ CORP. The company has a multi-platform network.
Recently, the company faced lots of blended threat issues that lead to several drastic attacks.
Mike has been assigned a project to manage the resources and services of the company through
both Intranet and Internet to protect the company from these attacks. Mike needs a system that
provides auto-discovering and network topology building features to allow him to keep an intuitive
view of the IT infrastructure.
What will Mike use to meet the requirement of the project?
Answer:
D is incorrect. EM7 is a network monitoring system that is used to measure IT infrastructure
health
and performance. It is an NMS integrated system. It is designed to help in optimizing the
performance and availability of the networks, systems, and applications. It facilitates trouble-
ticketing, event management, reporting, IP management, DNS, and monitoring.
NEW QUESTION: 140
Answer:
B is incorrect. A warm site is, quite logically, a compromise between hot and cold. These sites will
have hardware and connectivity already established, though on a smaller scale than the original
production site or even a hot site. Warm sites will have backups on hand, but they may not be
complete and may be between several days and a week old. An example would be backup tapes
sent to the warm site by courier.
NEW QUESTION: 141
You work as the Network Administrator for a company. You configure a Windows 2000-based
computer as the Routing and Remote Access server, so that users can access the company's
network, remotely. You want to log a record of all the users who access the network by using
Routing and Remote Access.
What will you do to log all the logon activities?
A. On the Routing and Remote Access server, enable log authentication requests in auditing, and
define the path for the log file in Remote Access Logging.
B. On the Routing and Remote Access server, enable log authentication requests in Remote
Access Logging.
C. On the Routing and Remote Access server, enable log authentication requests in auditing.
D. Do nothing as the Windows 2000-based Routing and Remote Access server automatically
creates a log record for each connection attempt.
Explanation:
The Routing and Remote Access service can log all the records of authentication and accounting
information for connection attempts when Windows authentication or accounting is enabled. This
can be done by enabling the log authentication requests in the properties of the RemoteAccess
Logging folder, in the Routing and Remote Access snap-in, where you can configure the type of
activity to log, i.e., accounting or authentication activity and log file settings. This information is
stored in the form of a log file in '%SystemRoot%System32LogFiles' folder. For each
authentication attempt, the name of the remote access policy, that either accepted or rejected the
connection attempt, is recorded. The logged information is useful to track remote access usage,
and authentication attempts.
NEW QUESTION: 142

Which of the following protocols are used to provide secure communication between a client and
a server over the Internet? (Choose two)
A. TLS
B. SSL
C. HTTP
D. SNMP
Answer: A,B (LEAVE A REPLY)
Explanation:
SSL and TLS protocols are used to provide secure communication between a client and a server
over the Internet.
NEW QUESTION: 143

You want to print the super block and block the group information for the filesystem present on a
system.
Answer:
D is incorrect. In Unix, the e2label command is used to change the label of an ext2 filesystem.
NEW QUESTION: 144

HOTSPOT
George works as an Office Assistance in TechSoft Inc. All client computers in the company run
Windows Vista operating system. He has turned on the Windows Firewall for security purposes.
He prepares a document and wants to share it with other users of the company. When he tries to
share the document, he gets a message that firewall has blocked the sharing of the files on his
computer. He wants to ensure that that the firewall does not block sharing of the document. He
opens Windows Firewall dialog box.
What actions will he perform in the dialog box to accomplish the task?
Hot Area:
Answer:
Explanation:
George will click on the Allow a program through Windows Firewall link to open the Windows
Firewall Settings dialog box. He will then insert a check mark in the File and Printer Sharing
checkbox in the Exceptions tab of the Windows Firewall Settings dialog box.
NEW QUESTION: 145

Which of the following statements are true about a data mart?
Each correct answer represents a complete solution.
A. Most writers believe that the design of a data mart tends to start from an analysis of the data
already existing.
B. Users of a data mart can expect to have data presented in terms that are familiar to them.
C. A data mart is a repository of data gathered from operational data.
D. The emphasis of a data mart is on meeting the specific demands of a particular group of
knowledge users.
Explanation:
A data mart is a repository of data gathered from operational data and other sources that is
designed to serve a particular community of knowledge workers. In scope, the data may derive
from an enterprise-wide database or data warehouse or be more specialized. The emphasis of a
data mart is on meeting the specific demands of a particular group of knowledge users in terms of
analysis, content, presentation, and ease-of-use. Users of a data mart can expect to have data
presented in terms that are familiar.
In practice, the terms data mart and data warehouse each tend to imply the presence of the other
in some form. However, most writers using the term seem to agree that the design of a data mart
tends to start from an analysis of user needs and that a data warehouse tends to start from an
analysis of what data already exists and how it can be collected in such a way that the data can
later be used. A data warehouse is a central aggregation of data (which can be distributed
physically); a data mart is a data repository that may derive from a data warehouse or not and
that emphasizes ease of access and usability for a particular designed purpose. In general, a
data warehouse tends to be a strategic but somewhat unfinished concept; a data mart tends to be
tactical and aimed at meeting an immediate need.
A is incorrect. Writers using a data mart believe that the design of a data mart tends to start from
an analysis of user needs.
NEW QUESTION: 146

security of www.we-are-secure.com. He begins to perform a pre-attack test before conducting an
attack on the We- are-secure server.
Which of the following will John perform in the pre-attack phase?
Answer:
C is incorrect. In the enumeration phase, the attacker gathers information such as the network
user and group names, routing tables, and Simple Network Management Protocol (SNMP) data.
The techniques used in this phase are as follows:
1. Obtaining Active Directory information and identifying vulnerable user accounts
2. Discovering NetBIOS names
3. Employing Windows DNS queries
4. Establishing NULL sessions and queries
NEW QUESTION: 147

Which of the following commands can be used to convert all lowercase letters of a text file to
uppercase?
A. tac
B. tr
C. cat
D. less
Answer: B (LEAVE A REPLY)
Explanation:
You can use the tr command to convert all lowercase letters of a text file to uppercase. The tr
command is used to translate, squeeze, and/or delete characters from standard input, writing to
standard output. If you want to change all lowercase letters to uppercase, you will use the tr [a-z]
[A-Z] command. commands cannot translate the text from one form to another.
NEW QUESTION: 148

Which of the following statements about a session are true? (Choose two)
Answer:
A is incorrect. The creation time of a session can be obtained using the getCreationTime()
method
of the HttpSession.
NEW QUESTION: 149

DRAG DROP
You work as a Network Administrator for Hail International. The company has a Windows Server
2008 network environment. The network is configured as a Windows Active Directory-based
single forest single domain network. The company's headquarters is located at Los Angeles. The
company has branch offices in San Jose, Oakland, and San Francisco. All branch offices are
connected to the headquarters by using T1 leased lines. The fragment of the company's network
is shown below:
The routers are used to connect to the T1 lines to configure the private network. Each router at
each location is a server that is running Microsoft Windows Server 2008. The management of the
company wants to secure the WAN communication between the offices. The solution provided by
you must not be expensive.
Choose and place the correct actions required to configure the necessary components of the
network in order to accomplish the task.
Select and Place:
Answer:
Explanation:
In order to accomplish the task, you will have to configure the routers at all locations to use IPSec
in tunnel mode. Tunnel mode protects the WAN traffic. If you configure IPSec on routers, no
security for the WAN communication is required on other servers and workstations.
NEW QUESTION: 150
Answer:
B is incorrect. Nimda is a mass mailing virus that spreads itself in attachments named
README.EXE. It affects Windows 95, 98, ME, NT4, and Windows 2000 users. Nimda uses the
Unicode exploit to infect IIS Web servers.
NEW QUESTION: 151

Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active
Directory domain-based network. The domain contains one hundred Windows XP Professional
client computers.
Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will use Wired
Equivalent Privacy (WEP) for all the connections. According to the company's security policy, the
client computers must be able to automatically connect to the wireless LAN. However, the
unauthorized computers must not be allowed to connect to the wireless LAN and view the
wireless network. Mark wants to configure all the wireless access points and client computers to
act in accordance with the company's security policy.
What will he do to accomplish this? (Choose three)
Answer:
E is incorrect. Setting the authentication type for the wireless LAN to Open System will disable
Wired Equivalent Privacy (WEP). This level of WEP will not provide security.
NEW QUESTION: 152

ACID (atomicity, consistency, isolation, and durability) is an acronym and mnemonic device for
learning and remembering the four primary attributes ensured to any transaction by a transaction
manager.
Which of the following attributes of ACID confirms that the committed data will be saved by the
system such that, even in the event of a failure or system restart, the data will be available in its
correct state?
Answer:
C is incorrect. Isolation is the attribute of ACID which confirms that a transaction in process and
not yet committed must remain isolated from any other transaction.
NEW QUESTION: 153

Which of the following tools hides information about IIS Webservers so that they can be
prevented from various attacks performed by an attacker?
Answer:
D is incorrect. WinSSLMiM is an HTTPS Man in the Middle attacking tool. It includes FakeCert, a
tool used to make fake certificates. It can be used to exploit the Certificate Chain vulnerability in
Internet Explorer. The tool works under Windows 9x/2000.
NEW QUESTION: 154
You work as a Desktop Support Technician for XYZ CORP. The company uses a Windows-based
network comprising 50 Windows XP Professional computers. You want to include the Safe Mode
with Command Prompt feature into the boot.ini file of a Windows XP Professional computer.
Which of the following switches will you use?
A. /safeboot:network /sos /bootlog /noguiboot
B. /safeboot:minimal /sos /bootlog /noguiboot
C. /safeboot:minimal(alternateshell) /sos /bootlog /noguiboot
D. /safeboot:dsrepair /sos
Explanation:
Safe-mode boot switches are used in the Windows operating systems to use the afe-mode boot
feature.
To use this feature the user should press F8 during boot. These modes are available in the
Boot.ini file.
Users can also automate the boot process using this feature.
NEW QUESTION: 155

DRAG DROP
You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active
Directory- based single domain single forest network. The functional level of the forest is
Windows Server 2003. The company has recently provided laptops to its sales team members.
You have configured access points in the network to enable a wireless network. The company's
security policy states that all users using laptops must use smart cards for authentication. Select
and place the authentication method you are required to configure to implement the security
policy of the company.
Select and Place:
Answer:
Explanation:
In order to ensure that the laptop users use smart cards for authentication, you will have to
configure IEEE
802.1X authentication using the EAP-TLS protocol on the network.
NEW QUESTION: 156

Which of the following commands is most useful for viewing large files?
Answer:
C is incorrect. The touch command is not used to view the content of a file. It is used to create
empty files or to update file timestamps.
NEW QUESTION: 157

You work as a Network Administrator for Blue Well Inc. The company has a TCP/IP-based routed
network.
Two segments have been configured on the network as shown below:
One day, the switch in Subnet B fails. What will happen?
A. Communication between the two subnets will be affected.
B. The whole network will collapse.
C. Workstations on Subnet A will become offline
D. Workstations on Subnet B will become offline.
Explanation:
According to the question, the network is a routed network where two segments have been
divided and each segment has a switch. These switches are connected to a common router. All
workstations in a segment are connected to their respective subnet's switches.
Failure of the switch in Subnet B will make all workstations connected to it offline. Moreover,
communication between the two subnets will be affected, as there will be no link to connect to
Subnet B.
NEW QUESTION: 158

Which of the following text editing tools can be used to edit text files without having to open them?
Answer:
A is incorrect. The less command is used to view (but not change) the contents of a text file, one
load times with large files. The command syntax of the less command is as follows: less [options]
file_name Where,
Answer C is incorrect. The vi editor is an interactive, cryptic, and screen-based text editor used to
create and edit a file. It operates in either Input mode or Command mode. In Input mode, the vi
editor accepts a keystroke as text and displays it on the screen, whereas in Command mode, it
interprets keystrokes as commands. As the vi editor is case sensitive, it interprets the same
character or characters as different commands, depending upon whether the user enters a
lowercase or uppercase character. When a user starts a new session with vi, he must put the
editor in Input mode by pressing the "I" key. If he is not able to see the entered text on the vi
editor's screen, it means that he has not put the editor in Insert mode. The user must change the
editor to Input mode before entering any text so that he can see the text he has entered.
NEW QUESTION: 159

You want to see the list of the filesystems mounted automatically at startup by the mount -a
command in the /etc/rc startup file.
Answer:
B is incorrect. In Unix, the /etc/groups file contains passwords to let a user join a group.
NEW QUESTION: 160
Answer:
A is incorrect. It is not a valid command.
NEW QUESTION: 161

You work as a Software Developer for UcTech Inc. You build an online book shop, so that users
can purchase books using their credit cards. You want to ensure that only the administrator can
access the credit card information sent by users.
Which security mechanism will you use to accomplish the task?
Answer:
B is incorrect. Data integrity is a mechanism that ensures that the data is not modified during
transmission from source to destination. This means that the data received at the destination
should be exactly the same as that sent from the source.
NEW QUESTION: 162

Which of the following is a wireless auditing tool that is used to pinpoint the actual physical
location of wireless devices in the network?
A. KisMAC
B. Ekahau
C. Kismet
D. AirSnort
Explanation:
Ekahau is an easy-to-use powerful and comprehensive tool for network site surveys and
optimization. Itis an auditing tool that can be used to pinpoint the actual physical location of
wireless devices in the network.
This tool can be used to make a map of the office and then perform the survey of the office. In the
process, if one finds an unknown node, ekahau can be used to locate that node.
Answer D is incorrect. AirSnort is a Linux-based WLAN WEP cracking tool that recovers
encryption keys.
AirSnort operates by passively monitoring transmissions. It uses Ciphertext Only Attack and
captures approximately5 to 10 million packets to decrypt the WEP keys.
Answer C is incorrect. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion
detection
system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Kismet
can sniff802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet can be used for the following
tasks:
To identify networks by passively collecting packets
To detect standard named networks
To detect masked networks
To collect the presence of non-beaconing networks via data traffic
Answer A is incorrect. KisMAC is a wireless network discovery tool for Mac OS X. It has a wide
range of
features, similar to those of Kismet, its Linux/BSD namesake and far exceeding those of
NetStumbler, its closest equivalent on Windows. The program is geared toward network security
professionals, and is not as novice-friendly as similar applications. KisMAC will scan for networks
passively on supported cards - including Apple's AirPort, and AirPort Extreme, and many third-
party cards, and actively on any card supported by Mac OS X itself. Cracking of WEP and WPA
keys, both by brute force, and exploiting flaws such as weak scheduling and badly generated
keys is supported when a card capable of monitor mode is used, and packet reinjection can be
done with a supported card. GPS mapping can be performed when an NMEA compatible GPS
receiver is attached. Data can also be saved in pcap format and loaded into programs such as
Wireshark.
NEW QUESTION: 163

network. You want to use multiple security countermeasures to protect the integrity of the
information assets of the company. To accomplish the task, you need to create a complex and
multi-layered defense system.
Which of the following components can be used as a layer that constitutes 'Defense in depth'?
(Choose three)
A. Backdoor
B. Firewall
C. Antivirus software
D. Intrusion detection
Explanation:
The components of Defense in depth include antivirus software, firewalls, anti-spyware programs,
hierarchical passwords, intrusion detection, and biometric verification. In addition to electronic
countermeasures, physical protection of business sites along with comprehensive and ongoing
personnel training enhances the security of vital data against compromise, theft, or destruction.
Answer A is incorrect. A backdoor is any program that allows a hacker to connect to a computer
without going through the normal authentication process. The main advantage of this type of
attack is that the network traffic moves from inside a network to the hacker's computer. The traffic
moving from inside a network to the outside world is typically the least restrictive, as companies
are more concerned about what comes into a network, rather than what leaves it. It, therefore,
becomes hard to detect backdoors.
NEW QUESTION: 164

In which of the following techniques does an attacker take network traffic coming towards a host
at one port and forward it from that host to another host?
Answer:
B is incorrect. In UDP port scanning, a UDP packet is sent to each port of the target system. If the
remote port is closed, the server replies that the remote port is unreachable. If the remote Port is
open, no such error is generated. Many firewalls block the TCP port scanning, at that time the
UDP port scanning may be useful. Certain IDS and firewalls can detect UDP port scanning easily.
NEW QUESTION: 165

You work as a Network Administrator for XYZ CORP. The company has a small TCP/IP-based
network environment. The network contains a Cisco Catalyst 6000 family switch. A few sales
people come to your outer office and use your local network to access the Internet, as well as to
demonstrate their products.
What will you do to prevent your network from being accessed by any outside computers?
Answer:
D is incorrect. A port scanner is a software tool that is designed to search network host for open
ports. This tool is often used by administrators to check the security of their networks. It is also
used by hackers to compromise the network and systems.
NEW QUESTION: 166

DRAG DROP
Each listener interface method has an event associated with it. Drag and drop the appropriate
event names to match the respective listener interface methods.
Select and Place:
Answer:
Explanation:
TheHttpSessionBindingEvent class extends the HttpSessionEvent class.
The HttpSessionBindingEvent class is used with the following listeners:
HttpSessionBindingListener: It notifies the attribute when it is bound or unbound from a session.
HttpSessionAttributeListener: It notifies the class when an attribute is bound, unbound, or
replaced in a session.
The session binds the object by a call to the HttpSession.setAttribute() method and unbinds the
object by a call to the HttpSession.removeAttribute() method.
HttpSessionEvent is a class that is used with the following listeners:
HttpSessionListener: It notifies the class when a session is created or destroyed.
HttpSessionActivationListener: It notifies the attributes when a session is activated orpassivated.
NEW QUESTION: 167

You work as the Project Engineer for XYZ CORP. The company has a Unix-based network. Your
office consists of one server, seventy client computers, and one print device. You raise a request
for printing a confidential page. After 30 minutes, you find that your print request job is not
processed and is at the seventh position in the printer queue. You analyze that it shall take
another one hour to print. You decide to remove your job from the printer queue and get your
page printed outside the office.
Which of the following Unix commands can you use to remove your job from the printer queue?
A. tunelp
B. pr
C. lprm
D. gs
Answer: C (LEAVE A REPLY)
Explanation:
The basic Unix printing commands are as follows:
banner: It is used to print a large banner on a printer.
lpr: It is used to submit a job to the printer.
lpc: It enables one to check the status of the printer and set its state.
lpq: It shows the contents of a spool directory for a given printer.
lprm: It is used to remove a job from the printer queue.
gs: It works as a PostScript interpreter.
pr: It is used to print a file.
tunelp: It is used to set various parameters for the lp device.
NEW QUESTION: 168

You work as a professional Ethical Hacker. You are assigned a project to perform blackbox
testing of the security of www.we-are-secure.com. Now you want to perform banner grabbing to
retrieve information about the Webserver being used by we-are-secure.
Which of the following tools can you use to accomplish the task?
Answer:
B is incorrect. WinSSLMiM is an HTTPS Man in the Middle attacking tool. It includes FakeCert, a
tool used to make fake certificates. It can be used to exploit the Certificate Chain vulnerability in
Internet Explorer.
NEW QUESTION: 169

Which of the following types of firewall functions at the Session layer of OSI model?
A. Packet filtering firewall
B. Circuit-level firewall
C. Switch-level firewall
D. Application-level firewall
Explanation:
Circuit-level firewall operates at the Session layer of the OSI model. This type of firewall regulates
traffic based on whether or not a trusted connection has been established.
NEW QUESTION: 170
Answer:
C is incorrect. It deletes from the cursor till the end of the line.
NEW QUESTION: 171

of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the
local disk and obtains all the files on the Web site.
Which of the following techniques is he using to accomplish his task?
Answer:
B is incorrect. Fingerprinting is the easiest way to detect the Operating System (OS)of a remote
system. OS detection is important because, after knowing the target system's OS, it becomes
easier to hack into the system. The comparison of data packets that are sent by the target system
is done by fingerprinting. The analysis of data packets gives the attacker a hint as to which
operating system is being used by the remote system. There are two types of fingerprinting
techniques as follows:
Active fingerprinting
2.Passive fingerprinting
In active fingerprinting ICMP messages are sent to the target system and the response message
of the target system shows which OS is being used by the remote system. In passive
fingerprinting the number of hops reveals the OS of the remote system.
NEW QUESTION: 172

You work as a Network Administrator for NetTech Inc. Your computer has the Windows 2000
Server operating system. You want to harden the security of the server.
Which of the following changes are required to accomplish this? (Choose two)
A. Remove the Administrator account.
B. Disable the Guest account.
C. Rename the Administrator account.
D. Enable the Guest account.
Explanation:
For security, you will have to rename the Administrator account and disable the Guest account.
Renaming the Administrator account will ensure that hackers do not break into the network or
computer by guessing the password of the Administrator account. You can also create a fake
Administrator account that has no privileges and audit its use to detect attacks. Disabling the
Guest account will prevent users who do not have a domain or local user account from illegally
accessing the network or computer. By default, the Guest account is disabled on systems running
Windows 2000 Server. If the Guest account is enabled, you will have to disable it.
NEW QUESTION: 173

Which of the following techniques can be used to determine the network ranges of any network?
Answer:
C is incorrect. Snooping is an activity of observing the content that appears on a computer
monitor
or watching what a user is typing. Snooping also occurs by using software programs to remotely
monitor activity on a computer or network device. Hackers or attackers use snooping techniques
and equipment such as keyloggers to monitor keystrokes, capture passwords and login
information, and to intercept e- mail and other private communications. Sometimes, organizations
also snoop their employees legitimately to monitor their use of organizations' computers and track
Internet usage.
NEW QUESTION: 174

You want to track the system for user logins. To accomplish the task, you need to analyze the log
configuration files.
Which of the following Unix log configuration files can you use to accomplish the task?
Answer:
C is incorrect. In Unix, the /var/spool/mail file is the file where mailboxes are usually stored.
NEW QUESTION: 175

The employees of EWS Inc. require remote access to the company's Web servers. In order to
provide solid wireless security, the company uses EAP-TLS as the authentication protocol.
Which of the following statements are true about EAP-TLS?
Answer:
A is incorrect. EAP-TLS uses a public key certificate for server authentication.
NEW QUESTION: 176

Which of the following are the drawbacks of the NTLM Web authentication scheme?
Answer:
A, C are incorrect. NTLM authentication does not send the user's password (or hashed
representation of the password) across the network. Instead, NTLM authentication utilizes
challenge/ response mechanisms to ensure that the actual password never traverses the
network. How does it work?
When the authentication process begins, the client sends a login request to the telnet server. The
server replies with a randomly generated 'token' to the client. The client hashes the currently
logged-on user's cryptographically protected password with the challenge and sends the resulting
"response" to the server.
The server receives the challenge-hashed response and compares it in the following manner:
The server takes a copy of the original token.
Now it hashes the token against the user's password hash from its own user account database.
If the received response matches the expected response, the user is successfully authenticated
to the host.
NEW QUESTION: 177

What are the purposes of audit records on an information system? (Choose two)
A. Upgradation
B. Backup
C. Troubleshooting
D. Investigation
Explanation:
The following are the purposes of audit records on an information system:
Troubleshooting
Investigation
An IT audit is the process of collecting and evaluating records of an organization's information
systems, practices, and operations. The evaluation of records provides evidence to determine if
the information systems are safeguarding assets, maintaining data integrity, and operating
effectively and efficiently enough to achieve the organization's goals or objectives. These reviews
may be performed in conjunction with a financial statement audit, internal audit, or other form of
attestation engagement. Audit records are also used to troubleshoot system issues.
Answers A, B are incorrect. The audit records cannot be used for backup and upgradation
purposes.
NEW QUESTION: 178

You work as a Network Administrator for XYZ CORP. The company's Windows 2000 network is
configured with Internet Security and Acceleration (ISA) Server 2000. ISA Server is configured as
follows: The server uses the default site and content rule and default IP packet filters. Packet
filtering is enabled. The server has two protocol rules:
Users in the network complain that they are unable to access secure Web sites. However, they
are able to connect to Web sites in which secure transmission is not required.
What is the most likely cause?
A. A protocol rule that allows the use of HTTP has not been created.
B. An IP packet filter that allows the use of network traffic on port 80 has not been created.
C. An IP packet filter that allows the use of network traffic on port 443 has not been created.
D. A protocol rule that allows the use of HTTPS has not been created.
Explanation:
The default IP packet filter allows HTTP protocol (for non-secure communication) at port 80 to
access the Internet. However, to allow users to access secure Web sites, you will have to create
an additional packet filter to allow communication on port 443.
NEW QUESTION: 179

Which of the following statements is true about a relational database?
Answer:
D is incorrect. A relational database is a set of tables containing data fitted into predefined
categories. Each table (which is sometimes called a relation) contains one or more data
categories in columns. Each row contains a unique instance of data for the categories defined by
the columns.
NEW QUESTION: 180
Answer:
C is incorrect. A multidimensional database is frequently created using input from existing
relational databases.
NEW QUESTION: 181

You work as a Network Administrator for Tech Perfect Inc. For security issues, the company
requires you to harden its routers. You therefore write the following code:
Router#config terminal
Router(config) #no ip bootp server
Router(config) #no ip name-server
Router(config) #no ntp server
Router(config) #no snmp server
Router(config) #no ip http server
Router(config) #^Z Router#
What services will be disabled by using this configuration fragment?
A. BootP service
B. Finger
C. CDP
D. DNS function Explanation
Explanation:
The above configuration fragment will disable the following services from the router:
The BootP service The DNS function
The Network Time Protocol
The Simple Network Management Protocol Hyper Text Transfer Protocol
NEW QUESTION: 182

In a network, a data packet is received by a router for transmitting it to another network. For
forwarding the packet to the other available networks, the router is configured with a static or a
dynamic route.
What are the benefits of using a static route?
Answer:
A is incorrect. This is a property of a dynamic route. A static route cannot choose the best path. It
can only choose the paths that are manually entered. When there is a change in the network or a
failure occurs between two statically defined nodes, traffic will not be rerouted.
NEW QUESTION: 183

You are the Security Consultant and you frequently do vulnerability assessments on client
computers. You want to have a standardized approach that would be applicable to all of your
clients when doing a vulnerability assessment.
What is the best way to do this?
A. Utilize OVAL.
B. Create your own standard and use it with all clients.
C. Utilize each client's security policies when doing a vulnerability assessment for that client.
D. Utilize the Microsoft security recommendations.
Explanation:
Open Vulnerability Assessment Language (OVAL) is a common language for security
professionals to use when checking for the presence of vulnerabilities on computer systems.
OVAL provides a baseline method for performing vulnerability assessments on local computer
systems.
D is incorrect. While Microsoft security standards will be appropriate for many of your clients, they
won't help clients using Linux, Macintosh, or Unix. They also won't give you insight into checking
your firewalls or routers.
C is incorrect. This would not fulfill the requirement of having a standardized approach applicable
to all clients.
B is incorrect. This would not be the best way. You should use common industry standards, like
OVAL.
NEW QUESTION: 184

Which of the following statements about data integrity of a container are true? (Choose two)
Answer:
B is incorrect. This answer option also describes confidentiality.
NEW QUESTION: 185

based network. John is working as a root user on the Linux operating system. He has recently
backed up his entire Linux hard drive into the my_backup.tgz file. The size of the my_backup.tgz
file is 800MB. Now, he wants to break this file into two files in which the size of the first file named
my_backup.tgz.aa should be
600MB and that of the second file named my_backup.tgz.ab should be 200MB.
Which of the following commands will John use to accomplish his task?
A. split --verbose -b 200m my_backup.tgz my_backup.tgz
B. split --verbose -b 200m my_backup.tgz my_backup.tgz
C. split --verbose -b 600m my_backup.tgz my_backup.tgz
D. split --verbose -b 600m my_backup.tgz my_backup.tgz
Answer: D (LEAVE A REPLY)
Explanation:
According to the scenario, John wants to break the my_backup.tgz file into two files in which
thesize of the first file named my_backup.tgz.aa should be 600MB and that of the second file
named my_backup.tgz.ab should be 200MB. Hence, he will use the the split --verbose -b 600
my_backup.tgz my_backup.tgz.
command, which will automatically break the first file into 600MB named my_backup.tgz.aa, and
the rest of the data (200MB) will be assigned to the second file named my_backup.tgz.ab. The
reason behind the names is that the split command provides suffixes as 'aa', 'ab', 'ac', ..., 'az', 'ba',
'bb', etc. in the broken file names by default. Hence, both conditions, the file names as well as the
file sizes, match with this command.
Note: If the size of the tar file my_backup.tgz is 1300MB, the command split --verbose -b 600
my_backup.tgz my_backup.tgz. breaks the my_backup.tgz file into three files,i.e.,
my_backup.tgz.aa of size 600MB, my_backup.tgz.ab of size 600MB, and my_backup.tgz.ac of
size 100MB.
NEW QUESTION: 186

Which of the following is a prevention-driven activity to reduce errors in the project and to help the
project meet its requirements?
Answer:
B is incorrect. It is the practice of managing the whole life cycle (design, construction,
commissioning, operating, maintaining, repairing, modifying, replacing and
decommissioning/disposal) of physical and infrastructure assets such as structures, production,
distribution networks, transport systems, buildings, and other physical assets.
NEW QUESTION: 187

Victor works as a professional Ethical Hacker for SecureEnet Inc. He wants to scan the wireless
network of the company. He uses a tool that is a free open-source utility for network exploration.
The tool uses raw IP packets to determine the following:
What ports are open on our network systems.
What hosts are available on the network.
Identify unauthorized wireless access points.
What services (application name and version) those hosts are offering.
What operating systems (and OS versions) they are running.
What type of packet filters/firewalls are in use.
Which of the following tools is Victor using?
Answer:
B is incorrect. A sniffer is a software tool that is used to capture any network traffic. Since a sniffer
changes the NIC of the LAN card into promiscuous mode, the NIC begins to record incoming and
outgoing data traffic across the network. A sniffer attack is a passive attack because the attacker
does not directly connect with the target host. This attack is most often used to grab logins and
passwords from network traffic. Tools such as Ethereal, Snort, Windump, EtherPeek, Dsniff are
some good examples of sniffers.
These tools provide many facilities to users such as graphical user interface, traffic statistics
graph, multiple sessions tracking, etc.
NEW QUESTION: 188

You want to check the status of the printer and set its state.
Answer:
B is incorrect. In Unix, the lpq command is used to show the contents of a spool directory for a
given printer.
NEW QUESTION: 189

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP based
switched network. A root bridge has been elected in the switched network. You have installed a
new switch with a lower bridge ID than the existing root bridge.
What will happen?
Answer:
B, C, D are incorrect. All these are not valid options, according to the given scenario.
NEW QUESTION: 190
Answer:
A is incorrect. A cross site scripting attack is one in which an attacker enters malicious data into a
Website. For example, the attacker posts a message that contains malicious code to any
newsgroup site.
When another user views this message, the browser interprets this code and executes it and, as
a result, the attacker is able to take control of the user's system. Cross site scripting attacks
require the execution of client-side languages such as JavaScript, Java,VBScript, ActiveX, Flash,
etc. within a user's Webenvironment. With the help of a cross site scripting attack, the attacker
can perform cookie stealing, sessions hijacking, etc.
NEW QUESTION: 191

Which of the following security policies will you implement to keep safe your data when you
connect your Laptop to the office network over IEEE 802.11 WLANs? (Choose two)
Answer:
B is incorrect. You cannot use the packet analyzer to protect your network. Packet analyzer is
used to analyze data packets flowing in the network.
NEW QUESTION: 192
You work as a Network Administrator for XYZ CORP. The company has a Linux-based network.
You need to configure a firewall for the company. The firewall should be able to keep track of the
state of network connections traveling across the network.
Which of the following types of firewalls will you configure to accomplish the task?
Answer:
C is incorrect. An application firewall is a form of firewall that controls input, output, and/or access
from, to, or by an application or service. It operates by monitoring and potentially blocking the
input, output, or system service calls that do not meet the configured policy of the firewall. The
application firewall is typically built to monitor one or more specific applications or services (such
as a web or database service), unlike a stateful network firewall, which can provide some access
controls for nearly any kind of network traffic.
There are two primary categories of application firewalls:
Network-based application firewalls
Host-based application firewalls
NEW QUESTION: 193

Which of the following is an example of penetration testing?
A. Configuring firewall to block unauthorized traffic
B. Implementing HIDS on a computer
C. Simulating an actual attack on a network
D. Implementing NIDS on a network
Explanation:
Penetration testing is a method of evaluating the security of a computer system or network by
simulating an attack from a malicious source, known as a Black Hat Hacker, or Cracker. The
process involves an active analysis of the system for any potential vulnerabilities that may result
from poor or improper system configuration, known and/or unknown hardware or software flaws,
or operational weaknesses in process or technical countermeasures. This analysis is carried out
from the position of a potential attacker, and can involve active exploitation of security
vulnerabilities. Any security issues that are found will be presented to the system owner together
with an assessment of their impact and often with a proposal for mitigation or a technical solution.
The intent of a penetration testing is to determine feasibility of an attack and the amount of
business impact of a successful exploit, if discovered. It is a component of a full security of
penetration testing.
NEW QUESTION: 194

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based
network.
You have configured a firewall on the network. A filter has been applied to block all the ports. You
want to enable sending and receiving of emails on the network.
Which of the following ports will you open? (Choose two)
A. 25
B. 20
C. 80
D. 110
Explanation:
In order to enable email communication, you will have to open ports 25 and 110. Port 25 is used
by SMTP to send emails. Port 110 is used by POP3 to receive emails.
NEW QUESTION: 195

You are concerned about attackers simply passing by your office, discovering your wireless
network, and getting into your network via the wireless connection.
Which of the following are NOT steps in securing your wireless connection? (Choose two.)
Answer:
B is incorrect. Using WEP or WPA is one of the most basic security steps in securing your
wireless.
NEW QUESTION: 196

Adam works as a Security Analyst for Umbrella Inc. He is retrieving large amount of log data from
syslog servers and network devices such as Router and switches. He is facing difficulty in
analyzing the logs that he has retrieved. To solve this problem, Adam decides to use software
called Sawmill. Which of the following statements are true about Sawmill?
Answer:
D is incorrect. Sawmill Analytics software is available in three different forms; as a software
package for user deployment, as a turnkey on-premise system appliance, and as a SaaS service.
NEW QUESTION: 197
Which of the following is a basic feature of the Unix operating system? (Choose three)
A. It is highly portable across hardware.
B. All files can be individually protected using read, write, and execute permissions for the user,
group, and others.
C. It allows all the modules to be loaded into memory.
D. A user can execute multiple programs at the same time from a single terminal.
Answer: A,B,D (LEAVE A REPLY)
Explanation:
The basic features of Unix are as follows:
Multi-user: It supports more than one user to access the system simultaneously through a set of
terminals attached to a system.
Multi-tasking: A user can execute multiple programs at the same time from a single terminal.
Time sharing: The operating system shares CPU time among tasks.
Portability: It is highly portable across hardware.
Modularity: It allows only needed modules to be loaded into the memory.
File structure: It has an inverted tree like file structure, with files and directories created within the
file
structure.
Security: All files can be individually protected using read, write, and execute permissions for the
user,
group, and others.
Network support: It uses the TCP/IP protocol.
Advanced graphics: CAD-CAM applications perform the best in a Unix System with its varied
support
for graphics card.
NEW QUESTION: 198

Which of the following is a type of web site monitoring that is done using web browser emulation
or scripted real web browsers?
Answer:
C is incorrect. Network tomography is an important area of network measurement that deals with
monitoring the health of various links in a network using end-to-end probes sent by agents
located at vantage points in the network/Internet.
NEW QUESTION: 199

You work as a Software Developer for UcTech Inc. You are building a Web site that will contain
study materials on the Java language. The company wants that members can access all the
pages, but non- members have only limited access to the Web site pages.
Which of the following security mechanisms will you use to accomplish the task?
Answer:
A is incorrect. Data integrity is a mechanism that ensures that the data is not modified during
transmission from source to destination. This means that the data received at the destination
should be exactly the same as that sent from the source.
NEW QUESTION: 200
A. None, adding a wireless access point is a common task and not a security risk.
B. It is likely to increase network traffic and slow down network performance.
C. This circumvents network intrusion detection.
D. An unauthorized WAP is one way for hackers to get into a network.
Explanation:
Any unauthorized Wireless Access Point (WAP) is a serious security breach. Its configuration
might be very unsecure. For example, it might not use encryption or MAC filtering, thus allowing
anyone in range to get on the network.
NEW QUESTION: 201

You work as a Network Administrator for TechPerfect Inc. The company has a secure wireless
network.
Since the company's wireless network is so dynamic, it requires regular auditing to maintain
proper security. For this reason, you are configuring NetStumbler as a wireless auditing tool.
Which of the following statements are true about NetStumbler?
Answer:
B is incorrect. It can identify the channel being used. NetStumbler can be used for a variety of
services:
For war driving
To verify network configurations
To find locations with poor coverage in a WLAN
To detect causes of wireless interference
To detect unauthorized ("rogue") access points
To aim directional antennas for long-haul WLAN links
NEW QUESTION: 202
Data access auditing is a surveillance mechanism that watches over access to all sensitive
information contained within the database.
What are the questions addressed in a perfect data access auditing solution?
Answer:
C is incorrect. In the perfect data access auditing solution, it cannot be determined for whom the
data is being accessed. Only the person accessing the data can be identified.
NEW QUESTION: 203

Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network
connection using his computer running on Windows XP operating system.
Which of the following are the most likely threats to his computer? (Choose two)
Answer:
B is incorrect. In a ping flood attack, an attacker sends a large number of ICMP packets to the
target computer using the ping command, i.e., ping -f target_IP_address. When the target
computer receives these packets in large quantities, it does not respond and hangs.
NEW QUESTION: 204

DRAG DROP
Your company has been hired to provide consultancy, development, and integration services for a
company named Soul International. You have prepared a case study to plan the upgrade for the
company.
You are designing policy settings for the Web servers at the headquarters.
Place Allow or Deny in front of the type of traffic received by or sent to the Web servers from the
internal clients and the Internet.
(Click the Exhibit button on the toolbar to see the case study.)
Select and Place:
Answer:
Explanation:
HTTP/HTTPS is used for transferring HTML pages over the network. Hence, you should allow it
for both the Internet and internal clients traffic.
The Remote Desktop Protocol (RDP) is used to connect to servers remotely. Allowing it for the
Internet traffic is definitely a security threat. Hence, you should deny this for the Internet traffic.
According to the case study, the administrators must use RDP to connect to the servers in the
perimeter network. Hence, you will have to allow it for the internal clients traffic.
NEW QUESTION: 205

SIMULATION
Fill in the blank with the appropriate term.
When two routers are used in a firewall configuration, the internal router is known as a ______
router.
Answer:
choke
Explanation:
When two routers are used in a firewall configuration, the internal router is known as a choke
router. A choke router is an interior router present in the screened host firewall architecture. It is
attached to the perimeter network and protects the internal network from the Internet and the
perimeter net.
A choke router is basically employed for the job of packet filtering for the firewall. It is also used to
provide access to selected services that are outbound from the internal net to the Internet. These
services may include outgoing Telnet, FTP, WAIS, Archie, Gopher, etc.
NEW QUESTION: 206

Every network device contains a unique built in Media Access Control (MAC) address, which is
used to identify the authentic device to limit the network access.
Which of the following addresses is a valid MAC address?
Answer:
B is incorrect. This is not a valid MAC address as there four groups of four hexadecimal digits
exist.
NEW QUESTION: 207

Pingdom is a website monitoring service.
Which of the following services are provided by Pingdom?
Answer:
A is incorrect. Pingdom creates chartsthat are easy to understand. These charts are used to spot
trends and accurately pinpoint problems.
NEW QUESTION: 208

In which of the following does a Web site store information such as user preferences to provide
customized services to users?
Answer:
D is incorrect. Keywords are important terms used to search Web pages on a particular topic. For
example, if a user enters a keyword "Networking" in a search engine form, all Web pages
containing the term "Networking" will be displayed.
NEW QUESTION: 209

You run the wc -c file1.txt command. If this command displays any error message, you want to
store the error message in the error.txt file.
Answer:
A is incorrect.
The >> operator will redirect the output of the command in the same manner as the > or 1>
operator.
Although the >>operator will not overwrite the error.txt file, it will append the error.txt file.
NEW QUESTION: 210

DRAG DROP
You work as a Software Developer for UcTech Inc. You create a session object and want that it
be destroyed if it is not called for 20 minutes.
Drag and drop the appropriate statements that you will use to accomplish the task.
Select and Place:
Answer:
Explanation:
Session timeout is an event that occurs when a session is invalidated if a user does not use the
session for a specified period of time. Session timeout can be set in the following two ways:
1.Setting timeout in deployment descriptor: This can be done by specifying timeout between the
<session- timeout> tags as follows:
<session-config>
<session-timeout> 10 </session-timeout>
<session-config>
This will set the time for session timeout to ten minutes.
2.Setting timeout programmatically: This will set the timeout for a specific session. The syntax for
setting the timeout programmatically is as follows:
session.setMaxInactiveInterval(10*60)
In this method, the timeout is specified in seconds. Hence, this will set the time for session
timeout to ten minutes.
NEW QUESTION: 211

You work as a Software Developer for UcTech Inc. You want to encode a URL, so that it can be
used with the sendRedirect() method to send the response to the client. In order to accomplish
this, you have to use a method of the HttpServletResponse interface.
Which of the following methods will you use?
Answer:
C is incorrect. The encodeURL() method of the HttpServletResponse interface returns a URL by
including the session ID in it. If the encoding is not required, the URL is returned unchanged. If
cookies are supported by the browser, the encodeURL() method returns the input URL
unchanged since the session ID will be persisted as a cookie.
The syntax of the encodeURL() method is as follows:
public String encodeURL(String urlstring) Here, urlstring is the URL to be encoded.
NEW QUESTION: 212

Which of the following responsibilities does not come under the audit process?
Answer:
D is incorrect. The auditor is not responsible for applying security policies.
NEW QUESTION: 213

You want to see the username, real name, home directory, encrypted password, and other
information about a user.
Answer:
B is incorrect. In Unix, the /etc/printcap file is the configuration file for printers.
NEW QUESTION: 214

DRAG DROP
George works as a Network Administrator for Blue Soft Inc. The company uses Windows Vista
operating system. The network of the company is continuously connected to the Internet.
What will George use to protect the network of the company from intrusion?
Select and Place:
Answer:
Explanation:
A firewall is a set of related programs configured to protect private networks connected to the
Internet from intrusion. It is used to regulate the network traffic between different computer
networks. It permits or denies the transmission of a network packet to its destination based on a
set of rules. A firewall is often installed on a separate computer so that an incoming packet does
not get into the network directly.
NEW QUESTION: 215

You have detected what appears to be an unauthorized wireless access point on your network.
However, this access point has the same MAC address as one of your real access points and is
broadcasting with a stronger signal.
What is this called?
Answer:
D is incorrect. A DOS may be used as part of establishing an evil twin, but this attack is not
specifically for denial of service.
Answer C is incorrect. While you must clone a WAP MAC address, the attack is not called WAP
cloning.
NEW QUESTION: 216
Which of the following tools monitors the radio spectrum for the presence of unauthorized, rogue
access points and the use of wireless attack tools?
Answer:
C is incorrect. A firewall is a tool to provide security to a network. It is used to protect an internal
network or intranet against unauthorized access from the Internet or other outside networks. It
restricts inbound and outbound access and can analyze all traffic between an internal network
and the Internet.
Users can configure a firewall to pass or block packets from specific IP addresses and ports.
NEW QUESTION: 217

A sequence number is a 32-bit number ranging from 1 to 4,294,967,295. When data is sent over
the network, it is broken into fragments (packets) at the source and reassembled at the
destination system.
Each packet contains a sequence number that is used by the destination system to reassemble
the data packets in the correct order. The Initial Sequence Number of your computer is 24171311
at login time. You connect your computer to a computer having the IP address 210.213.23.21.
This whole process takes three seconds.
What will the value of the Initial Sequence Number be at this moment?
A. 24171811
B. 24619311
C. 24171111
D. 24171311
Answer: B (LEAVE A REPLY)
Explanation:
You took 3 seconds to establish a connection. During this time, the value of the Initial Sequence
Number would become [24171311 + (1 * 64000) + (3 * 128000)], i.e., 24619311.
NEW QUESTION: 218

One of the sales people in your company complains that sometimes he gets a lot of unsolicited
messages on his PD A.
After asking a few questions, you determine that the issue only occurs in crowded areas like
airports. What is the most likely problem?
Answer:
A is incorrect. Spam would not be limited to when the person was in a crowded area.
NEW QUESTION: 219

Which of the following methods will free up bandwidth in a Wireless LAN (WLAN)?
A. Change hub with switch.
B. Deploying a powerful antenna.
C. Disabling SSID broadcast.
D. Implement WEP.
Explanation:
Disabling SSID broadcast will free up bandwidth in a WLAN environment. It is used to enhance
security of a Wireless LAN (WLAN). It makes difficult for attackers to find the access point (AP). It
is also used by enterprises to prevent curious people from trying to access the WLAN.
NEW QUESTION: 220
A. Setting up a honey pot

B. Vulnerability scanning
C. Setting up IDS
D. Port scanning
Explanation:
According to the question, you highest priority is to scan the Web applications for vulnerability.
NEW QUESTION: 221

Which of the following statements about system hardening are true? (Choose two)
A. It is used for securing the computer hardware.
B. It can be achieved by installing service packs and security updates on a regular basis.
C. It can be achieved by locking the computer room.
D. It is used for securing an operating system.
Explanation:
System hardening is a term used for securing an operating system. It can be achieved by
installing the latest service packs, removing unused protocols and services, and limiting the
number of users with administrative privileges.
NEW QUESTION: 222

Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs).
It has two components, authentication and encryption. It provides security equivalent to wired
networks for wireless networks. WEP encrypts data on a wireless network by using a fixed secret
key.
Which of the following statements are true about WEP?
Answer:
C is incorrect. WPA stands for Wi-Fi Protected Access. It is a wireless security standard. It
provides better security than WEP (Wired Equivalent Protection). Windows Vista supports both
WPA-PSK and WPA-EAP.
Each of these is described as follows:
WPA-PSK: PSK stands for Preshared key. This standard is meant for home environment. WPA-
PSK
requires a user to enter an 8- character to 63-character passphrase into a wireless client. The
WPA converts the passphrase into a 256-bit key.
WPA-EAP: EAP stands for Extensible Authentication Protocol. This standard relies on a back-end
server that runs Remote Authentication Dial-In User Service for user authentication. Note:
Windows Vista supports a user to use a smart card to connect to a WPA-EAP protected network.
NEW QUESTION: 223

You work as a Network Administrator for Techpearl Inc. You are configuring the rules for the
firewall of the company. You need to allow internal users to access secure external websites.
Which of the following firewall rules will you use to accomplish the task?
Answer:
B is incorrect. The TCP 172.16.1.0/24 any any 25 SMTP permit rule is used to allow internal mail
servers to deliver mails to external mail servers.
NEW QUESTION: 224

Data mining is a process of sorting through data to identify patterns and establish relationships.
Which of the following data mining parameters looks for patterns where one event is connected to
another event?
A. Sequence or path analysis
B. Forecasting
C. Clustering
D. Association
Explanation:
Data mining is a process of sorting through data to identify patterns and establish relationships.
Following are the data mining parameters:
Association: Looking for patterns where one event is connected to another event.
Sequence or path analysis: Looking for patterns where one event leads to another later event.
Classification: Looking for new patterns (may result in a change in the way the data is organized
but is
acceptable).
Clustering: Finding and visually documenting groups of facts not previously known.
Forecasting: Discovering patterns in data that can lead to reasonable predictions about the future
(This
area of data mining is known as predictive analytics).
NEW QUESTION: 225

Mark works as a Web Developer for XYZ CORP. He is developing a Web site for the company.
The Manager of the company requires Mark to use tables instead of frames in the Web site.
What is the major advantage that a table-structured Web site has over a frame-structured Web
site?
A. Easy maintenance
B. Speed
C. Better navigation
D. Capability of being bookmarked or added to the Favorites folder
Explanation:
The major advantage that a table-structured Web site has over a frame-structured Web site is
that users can bookmark the pages of a table- structured Web site, whereas pages of a frame-
structured Web site cannot be bookmarked or added to the Favorites folder. Non-frame Web sites
also give better results with search engines.
Better navigation: Web pages can be divided into multiple frames and each frame can display a
separate Web page. It helps in providing better and consistent navigation.
Easy maintenance: Fixed elements, such as a navigation link and company logo page, can be
created once and used with all the other pages. Therefore, any change in these pages is required
to be made only once.
NEW QUESTION: 226

Which of the following statements about session tracking is true?
A. When using cookies for session tracking, there is no restriction on the name of the session
tracking cookie.
B. When using cookies for session tracking, the name of the session tracking cookie must be
jsessionid.
C. A server cannot use cookie as the basis for session tracking.
D. A server cannot use URL rewriting as the basis for session tracking.
Explanation:
If you are using cookies for session tracking, the name of the session tracking cookie must be
jsessionid. A jsessionid can be placed only inside a cookie header. You can use HTTP cookies to
store information about a session. The servlet container takes responsibility of generating the
session ID, making a new cookie object, associating the session ID into the cookie, and setting
the cookie as part of response.
NEW QUESTION: 227

Which of the following records is the first entry in a DNS database file?
Answer:
C is incorrect. SRV resource record is a DNS record that enables users to specify the location of
servers for a specific service, protocol, and DNS domain. For example, if there are two servers in
a domain, creating SRV records specifies which hosts serve as Web servers, and resolvers can
then retrieve all the SRV resource records for the Web servers.
NEW QUESTION: 228

Which of the following types of audit constructs a risk profile for existing and new projects?
Answer:
D is incorrect. These are the audits to verify that controls are in place on the client (computer
receiving services), server, and on the network connecting the clients and servers.
NEW QUESTION: 229

You have purchased a laptop that runs Windows Vista Home Premium. You want to protect your
computer from malicious applications, such as spyware, while connecting to the Internet. You
configure Windows Defender on your laptop to schedule scan daily at 2 AM as shown in the
image below:
You want Windows Defender to scan the laptop for all the known spyware and other potentially
unwanted software, including the latest one. You do not want to manually perform this task.
Which of the following actions will you perform to accomplish the task?
A. Create a scheduled task to download definition files for Windows Defender every Sunday.
B. Configure Windows Defender to use the definition file placed on the Microsoft Update site for
scanning the laptop.
C. Select the Check for updated definitions before scanning check box in the Automatic Scanning
section.
D. Click the arrow beside the Help button Click the Check for updates option.
Explanation:
According to the question, Windows Defender should scan the laptop for all the known spyware
and other potentially unwanted software, including the latest one. Windows Defender uses
definitions to scan the system. Definitions are files that include the information of known spyware
and potentially unwanted software. To scan a computer for the latest spyware, Windows
Defender requires the latest definition files available on the Internet. For this, you have to
configure Windows Defender to check for the latest definitions and download them, if available,
before scanning the computer. Furthermore, the question also states that the task must be
performed automatically. In order to accomplish the task, you will have to select the Check for
updated definitions before scanning check box in the Automatic Scanning section.
NEW QUESTION: 230
Answer:
D is incorrect. The TOPMARGIN and LEFTMARGIN attributes are used in the <BODY> tag to
adjust the top and left margins of a Web page to be displayed in Internet Explorer. Specifying
TOPMARGIN="0" and LEFTMARGIN="0" within the <BODY> tag will create a borderless page
structure when viewed in Internet Explorer.
Answer C is incorrect. These attributes are used to adjust margins and not to delete text from
margins.
NEW QUESTION: 231

You work as a Network Administrator of a TCP/IP network. You are having DNS resolution
problem.
Which of the following utilities will you use to diagnose the problem?
Answer:
C is incorrect. TRACERT is a route-tracing Windows utility that displays the path an IP packet
takes to reach the destination. It shows the Fully Qualified Domain Name (FQDN) and the IP
address of each gateway along the route to the remote host.
NEW QUESTION: 232

Mark works as a Database Administrator for MarLinc Inc. How will he execute a SQL command
from the SQL buffer?
A. Enter an asterisk (*)
B. Enter a semicolon (;)
C. Press [ESC] twice
D. Press [RETURN] twice
E. Enter a slash(/)
Explanation:
SQL buffer stores the most recently used SQL commands and PL/SQL blocks. It does not store
the SQL* Plus commands. The SQL buffer can be edited or saved to a file. A SQL command or a
PL/SQL block can be executed by entering a semicolon (;) or a slash (/), or by using the RUN
command at the command prompt. When a semicolon (;) is entered at the end of a command, the
command is completed and executed. When a slash (/) is entered on a new line, the command in
the buffer is executed. It can also be used to execute a PL/SQL block. The RUN command is
used to execute a command in the buffer. A SQL command can be saved in the buffer by
entering a blank line.
Reference: Oracle8i Online Documentation, Contents: "SQL*PLUS Users Guide and Reference",
"Learning SQL*PLUS Basics, 3 of 4"
NEW QUESTION: 233

The employees of CCN Inc. require remote access to the company's proxy servers. In order to
provide solid wireless security, the company uses LEAP as the authentication protocol.
Which of the following is supported by the LEAP protocol?
Answer:
B is incorrect. LEAP uses password hash for server authentication.
NEW QUESTION: 234

Which of the following statements about the /etc/profile file are true?
Answer:
B is incorrect. Only the root user can change the settings of the /etc/profile file.
NEW QUESTION: 235

Which of the following types of servers are dedicated to provide resources to hosts on the
network?
(Choose three)
A. Web servers
B. Monitoring servers
C. Mail servers
D. Default gateway servers
E. Print servers
Explanation:
Following types of servers are dedicated to provide resources to other hosts on the network:
Mail servers
Print servers
Web servers
Default gateway does not provide resources to hosts on the network. Monitoring server is not a
type of server.
NEW QUESTION: 236

Which of the following wireless security features provides the best wireless security mechanism?
Answer:
C is incorrect. WAP uses TKIP (Temporal Key Integrity Protocol) to enhance data encryption, but
still vulnerable to different password cracking attacks.
NEW QUESTION: 237

You work as the Network Administrator for Perfect Solutions Inc. The company has a Linux-based
network.
You are a root user on the Red Hat operating system. You want to keep an eye on the system log
file /var/ adm/messages.
Which of the following commands should you use to read the file in real time?
A. tail -n 3 /var/adm/messages
B. tail -f /var/adm/messages
C. cat /var/adm/messages
D. tail /var/adm/messages
Explanation:
Using the -f option causes tail to continue to display the file in real time, showing added lines to
the end of the file as they occur.
NEW QUESTION: 238

Which of the following firewalls inspects the actual contents of packets?
Answer:
B is incorrect. The stateful inspection firewall assures the connection between the two parties is
valid and inspects packets from this connection to assure the packets are not malicious.
NEW QUESTION: 239

You want to identify the secure terminals from where the root can be allowed to log in.
A. /etc/services
B. /etc/ioports
C. /proc/interrupts
D. /etc/securetty
Explanation:
In Unix, the /etc/securetty file is used to identify the secure terminals from where the root can be
allowed to log in.
B is incorrect. In Unix, the /etc/ioports fileshows which I/O ports are in use at the moment.
A is incorrect. In Unix, the /etc/services file is the configuration file that lists the network services
that the system supports.
C is incorrect. In Unix, the /proc/interrupts file is the configuration file that shows the interrupts in
use and how many of each there has been.
NEW QUESTION: 240
Answer:
B is incorrect. Obiwan is a Web password cracking tool that is used to perform brute force and
hybrid attacks. It is effective against HTTP connections for Web servers that allow unlimited failed
login attempts by the user. Obiwan uses wordlists as well as alphanumeric characters as possible
passwords.
NEW QUESTION: 241

SIMULATION
Fill in the blank with the command to complete the statement below. Do not enter the full path of
the command.
The ________ command supports system logging and kernel message trapping.
Answer:
sysklogd
Explanation:
The sysklogd command is used to support system logging and kernel message trapping.
Sysklogd includes two system utilities: syslogd and klogd, which support system logging and
kernel message trapping. Since, this utility supports both internet and UNIX domain sockets, it
also supports both local and remote logging. Every logged message contains at least a time and
a hostname field and sometimes a program name field as well.
NEW QUESTION: 242

Which of the following Web attacks is performed by manipulating codes of programming
languages such as SQL, Perl, Java present in the Web pages?
Answer:
D is incorrect. Cross-site request forgery, also known as one-click attack or session riding, is a
type of malicious exploit of a website whereby unauthorized commands are transmitted from a
user that the website trusts. Unlike cross-site scripting (XSS), which exploits the trust a user has
for a particular site, CSRFexploits the trust that a site has in a user's browser. The attack works
by including a link or script in a page that accesses a site to which the user is known to have
authenticated.
NEW QUESTION: 243

network. The network has a vast majority of Cisco Systems routers and Cisco network switches.
You have implemented four VPN connections in the network. You use the Cisco IOS on the
network.
Which feature will you enable to maintain a separate routing and forwarding table for each VPN?
A. Intrusion Prevention System
B. VRF-aware firewall
C. Virtual Private Network
D. Stateful firewall
Explanation:
In this scenario, the company's network has a vast majority of Cisco Systems routers and Cisco
network switches. The security administrator of the company has implemented four VPN
connections in the network and uses the Cisco IOS on the network. He needs to maintain a
separate routing and forwarding table for each VPN in order to provide more secure
communication. To accomplish this task, he should enable the VRF-aware firewall feature on the
Cisco IOS routers.
NEW QUESTION: 244

Web mining allows a user to look for patterns in data through content mining, structure mining,
and usage mining.
What is the function of structure mining?
Answer:
D is incorrect. Usage mining is used to examine data related to a particular user's browser as well
as data gathered by forms the user may have submitted during Web transactions.
NEW QUESTION: 245

DRAG DROP
Place the protocols on the TCP/IP layer to which they are associated.
Select and Place:
Answer:
Explanation:
TCP/IP defines a large set of protocols that allow communication between various devices on a
network.
TCP/IP classifies the various protocols into different layers. Some of the common protocols are
listed in the table below:
NEW QUESTION: 246

Which of the following statements are true about MS-CHAPv2?
A. It is a connectionless protocol.
B. It provides an authenticator-controlled password change mechanism.
C. It is subject to offline dictionary attacks.
D. It can be replaced with EAP-TLS as the authentication mechanism for PPTP.
Explanation:
MS-CHAPv2 provides mutual authentication between peers by piggybacking a peer challenge on
the Response packet and an authenticator response on the Success packet. MS-CHAPv2 has
various features such as:
It is enabled by negotiating CHAP Algorithm 0x80 (0x81 for MS-CHAPv2) in LCP option 3,
Authentication Protocol.
It provides an authenticator-controlled password change mechanism.
It provides an authenticator-controlled authentication retry mechanism.
It defines failure codes returned in the Failure packet message field.
With weak passwords, MS-CHAPv2 is subject to offline dictionary attacks; hence, it can be
replaced with EAP-TLS as the authentication mechanism for PPTP.
NEW QUESTION: 247

HOTSPOT
Sam works as a network administrator in Bluewell Inc. The company uses Windows Vista
operating system. He wants to restore a program that is blocked by Windows Defender. He opens
the Windows Defender window and clicks on the Tools link. He clicks on a link to view the list of
programs blocked by Windows Defender, selects a program and then clicks on the Restore
button to restore it. Mark the option that Sam had chosen to view the list of programs blocked by
Windows Defender.
Hot Area:
Answer:
Explanation:
The user can then select a program and restore it.
NEW QUESTION: 248

You work as a Network Auditor for XYZ CORP. The company has a Windows-based network.
While auditing the company's network, you are facing problems in searching the faults and other
entities that belong to it.
Which of the following risks may occur due to the existence of these problems?
Answer:
C is incorrect. A secondary risk is a risk that arises as a straight consequence of implementing a
risk response. The secondary risk is an outcome of dealing with the original risk. Secondary risks
are not as rigorous or important as primary risks, but can turn out to be so if not estimated and
planned properly.
NEW QUESTION: 249

Network mapping provides a security testing team with a blueprint of the organization.
Which of the following steps is NOT a part of manual network mapping?
A. Gathering private and public IP addresses
B. Collecting employees information
C. Performing Neotracerouting
D. Banner grabbing
Explanation:
Using automated tools, such as NeoTraceroute, for mapping a network is a part of automated
network mapping. part of manual network mapping. Network mapping is the process of providing
a blueprint of the organization to a security testing team. There are two ways of performing
network mapping:
Manual Mapping: In manual mapping, a hacker gathers information to create a matrix that
contains the domain name information, IP addresses of the network, DNS servers, employee
information, company location, phone numbers, yearly earnings, recently acquired organizations,
email addresses, publicly available IP address ranges, open ports, wireless access points,
modem lines, and banner grabbing details.
Automated Mapping: In automated mapping, a hacker uses any automated tool to gather
information about the network. There are many tools for this purpose, such as NeoTrace, Visual
traceroute, Cheops, Cheops-ng, etc. The only advantage of automated mapping is that it is very
fast and hence it may generate erroneous results.
NEW QUESTION: 250
Answer:
B is incorrect. Address Resolution Protocol (ARP) is a network maintenance protocol of the TCP/
IP protocol suite. It is responsible for the resolution of IP addresses to media access control
(MAC) addresses of a network interface card (NIC). The ARP cache is used to maintain a
correlation between a MAC address and its corresponding IP address. ARP provides the protocol
rules for making this correlation and providing address conversion in both directions. ARP is
limited to physical network systems that support broadcast packets.
NEW QUESTION: 251

Which of the following types of attack is described in the statement below?
"It is a technique employed to compromise the security of network switches. In this attack, a
switch is flooded with packets, each containing different source MAC addresses. The intention is
to consume the limited memory set aside in the switch to store the MAC address-to-physical port
translation table."
Answer:
A is incorrect. Man-in-the-middle attacks occur when an attacker successfully inserts an
intermediary software or program between two communicating hosts. The intermediary software
or program allows attackers to listen to and modify the communication packets passing between
the two hosts. The software intercepts the communication packets and then sends the information
to the receiving host. The receiving host responds to the software, presuming it to be the
legitimate client.
NEW QUESTION: 252

In the DNS Zone transfer enumeration, an attacker attempts to retrieve a copy of the entire zone
file for a domain from a DNS server. The information provided by the DNS zone can help an
attacker gather user names, passwords, and other valuable information. To attempt a zone
transfer, an attacker must be connected to a DNS server that is the authoritative server for that
zone. Besides this, an attacker can launch a Denial of Service attack against the zone's DNS
servers by flooding them with a lot of requests.
Which of the following tools can an attacker use to perform a DNS zone transfer?
Answer:
A is incorrect. DSniff is a sniffer that can be used to record network traffic. Dsniff is a set of tools
that are used for sniffing passwords, e-mail, and HTTP traffic. Some of the tools of Dsniff include
dsniff, arpredirect, macof, tcpkill, tcpnice, filesnarf, and mailsnarf. Dsniff is highly effective for
sniffing both switched and shared networks. It uses the arpredirect and macof tools for switching
across switched networks. It can also be used to capture authentication information for FTP,
telnet, SMTP, HTTP, POP, NNTP, IMAP, etc.
NEW QUESTION: 253

Which of the following aaa accounting commands should be used to enable logging of both the
start and stop records for user terminal sessions on the router?
Answer:
A is incorrect. The aaa accounting auth proxy start-stop tacacs+ command is used to enable
logging of both start and stop records for all authenticated proxy user events.
NEW QUESTION: 254

In addition to denying and granting access, what other services does a firewall support?
Answer:
B is incorrect. It is an area where a firewall faces difficulty in securing the network. It is the area
where employees make alternate connections to the Internet for their personal use, resulting in
useless rendering of the firewall.
NEW QUESTION: 255

In which of the following is absolute size of frames expressed?
A. Bits
B. Percentage
C. Inches
D. Pixels
Explanation:
Absolute size of frames is expressed in pixels. Size is expressed in terms of the number of pixels
in a frame. Therefore, a change in the screen area of a display device does not affect the
absolute frame size of a Web page.
NEW QUESTION: 256
The following output is generated by running the show ip route command: RouterA#show ip route
< - - Output Omitted for brevity - -> Which next hop address will RouterA use in forwarding traffic
to 10.10.100.0/24?
A. 192.168.10.0
B. 172.18.60.1
C. 172.18.50.1
D. 172.18.1.1
Explanation:
The routing table displays various RIP and Connected routes. There is no routing entry for
10.10.100.0/24, but there is a default route in the routing table using 172.18.1.1 as the next hop
router. Given that
10.10.100.0/24 does not have a direct entry in the routing table, Router A will forward traffic to the
default route next hop address of 172.18.1.1.
A is incorrect. The address does not appear in the routing table as a next hop router, in addition
to
being an actual subnet number for 192.168.10.0/24.
C is incorrect. 172.18.50.1 is the next hop for reaching 192.168.11.0.
B is incorrect. 172.18.60.1 is the next hop for reaching 192.168.12.0.
NEW QUESTION: 257

Which of the following statements are true about security risks? (Choose three)
Answer:
A is incorrect. Security risks can never be removed completely but can be mitigated by taking
proper actions.
NEW QUESTION: 258

Which of the following tags will create two vertical frames, as given in the image below, where the
left frame is half as wide as the right one?
A. <FRAMESET ROWS = "*, *"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></
FRAMESET>
B. <FRAMESET ROWS = "1,2"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></
FRAMESET>
C. <FRAMESET COLS = "*, *"><FRAME SRC = "cell1.htm"><FRAME SRC =
"cell2.htm"></FRAMESET>
D. <FRAMESET ROWS = "*, 2*"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></
FRAMESET>
E. <FRAMESET COLS = "*, 2*"><FRAME SRC = "cell1.htm"><FRAME SRC = "cell2.htm"></
FRAMESET>
Explanation:
<FRAMESET> tag specifies a frameset used to organize multiple frames and nested framesets in
an HTML document. It defines the location, size, and orientation of frames. An HTML document
can either contain a <FRAMESET> tag or a <BODY> tag.
The COLS attribute of the <FRAMESET> tag defines the width of the vertical frames. The ROWS
attribute defines the height of the horizontal frames. The code in answer option E will create two
identical frames.
The left frame will be half as wide as the right frame because of the relative size attributes given
in the
<FRAMESET> tag, i.e., <FRAMESET COLS = "*, 2*">.
NEW QUESTION: 259

You are responsible for security at a company that uses a lot of Web applications. You are most
concerned about flaws in those applications allowing some attacker to get into your network.
What method would be best for finding such flaws?
A. Manual penetration testing
B. Automated penetration testing
C. Vulnerability scanning
D. Code review
Explanation:
Vulnerability scanning will be the best method to find flaws in applications allowing some attacker
to get into your network. There are a number of tools available that will check Web applications
for security flaws.
They examine the application and identify any potential flaws due to improper coding, such as
SQL injection attacks.
B and A are incorrect. Penetration testing is used to test the network defenses. It is an excellent
tool to check your firewall, IDS, policies, default shares, and other facets of your network
infrastructure.
However, it is not as useful in finding programming flaws in Web applications.
Answer D is incorrect. A code review might well discover some issues with the Web applications.
But it is long, tedious, and depends on the human reviewer noticing the coding flaws. So it is not
as good a solution as vulnerability scanning.
NEW QUESTION: 260
A. Use the position attribute of the Cascading Style Sheet.

B. Use the OnResize event for the DHTML page object.
C. Use the Resize event of the Document object.
D. Use the OnResize event of the Cascading Style Sheet.
Explanation:
position attribute of the Cascading Style Sheet. The DHTML page object modal gives access to
styles and style sheets. Therefore, you can easily set and change the position of an element.
Reference: MSDN, Index "Dynamic HTML(DHTML), in DHTML Applications", "Elements
Positioning in DHTML Application", Search "Positioning", "Dynamic HTML"
NEW QUESTION: 261

You work as a Network Administrator for XYZ CORP. The company has a Windows Active
Directory-based single domain single forest network. The functional level of the forest is Windows
Server 2003. The company's management has decided to provide laptops to its sales team
members. These laptops are equipped with smart card readers. The laptops will be configured as
wireless network clients. You are required to accomplish the following tasks: The wireless
network communication should be secured. The laptop users should be able to use smart cards
for getting authenticated. In order to accomplish the tasks, you take the following steps: Configure
802.1x and WEP for the wireless connections. Configure the PEAP-MS-CHAP v2 protocol for
authentication.
What will happen after you have taken these steps?
A. Both tasks will be accomplished.
B. The laptop users will be able to use smart cards for getting authenticated.
C. The wireless network communication will be secured.
D. None of the tasks will be accomplished.
Explanation:
As 802.1xand WEP are configured, this step will enable the secure wireless network
communication. For authentication, you have configured the PEAP-MS-CHAP v2 protocol. This
protocol can be used for authentication on wireless networks, but it cannot use a public key
infrastructure (PKI). No certificate can be issued without a PKI. Smart cards cannot be used for
authentication without certificates. Hence, the laptop users will not be able to use smart cards for
getting authenticated.
NEW QUESTION: 262

Which of the following mechanisms is closely related to authorization?
Answer:
A is incorrect. Sending secret data such as credit card information describes the mechanism of
confidentiality. Confidentiality is a mechanism that ensures that only the intended, Authorized
recipients are able to read data. The data is so encrypted that even if an unauthorized user gets
access to it, he will not get any meaning out of it.
NEW QUESTION: 263

Which of the following are the methods of the HttpSession interface? (Choose three)
Answer:
D is incorrect. The getSession(true) method is a method of the HttpServletRequest interface. The
getSession(true) method gets the current session associated with the client request. If the
requested session does not exist, the getSession(true) method creates a new session object
explicitly for the request and returns it to the client.
NEW QUESTION: 264

A Cisco router can have multiple connections to networks. These connections are known as
interfaces for Cisco Routers. For naming each interface, Cisco generally uses the type of
interface as part of the name.
Which of the following are true about the naming conventions of Cisco Router interfaces?
A. An interface connected to a serial connection always starts with an S.
B. An interface connected to a Token Ring segment always starts with To.
C. An Ethernet interface that is fast always starts with an F.
D. An interface connected to an Ethernet segment of the network always starts with an En.
Explanation:
A Cisco router can have multiple connections to networks. These connections are known as
interfaces for Cisco Routers. For naming each interface, Cisco generally uses the type of
interface as part of the name.
Following are some of the naming conventions of Cisco Router interfaces:
An Ethernet interface that is fast always starts with an F.
An interface connected to a serial connection always starts with an S.
An interface connected to an Ethernet segment of the network always starts with an E.
An interface connected to a Token Ring segment always starts with To.
NEW QUESTION: 265

Which of the following attacks allows the bypassing of access control lists on servers or routers,
and helps an attacker to hide? (Choose two)
Answer:
B is incorrect. In a distributed denial of service (DDOS) attack, an attacker uses multiple
computers throughout the network that has been previously infected. Such computers act as
zombies and work together to send out bogus messages, thereby increasing the amount of phony
traffic. The major advantages to an attacker of using a distributed denial-of-service attack are that
multiple machines can generate more attack traffic than one machine, multiple attack machines
are harder to turn off than one attack machine, and that the behavior of each attack machine can
be stealthier, making it harder to track down and shut down. TFN, TRIN00, etc. are tools used for
a DDoS attack.
NEW QUESTION: 266

You want to find out when a particular user was last logged in. To accomplish this, you need to
analyze the log configuration files.
Which of the following Unix log configuration files can you use to accomplish the task?
Answer:
B is incorrect. In Unix, the /var/log/messages is the main system message log file.
NEW QUESTION: 267

Ryan wants to create an ad hoc wireless network so that he can share some important files with
another employee of his company.
Which of the following wireless security protocols should he choose for setting up an ad hoc
wireless network? (Choose two)
Answer:
D is incorrect. WPA-EAP cannot be chosen for an ad hoc wireless network, as it requires
RADIUS
(Remote Authentication Dial-In User Service) server for authentication.
NEW QUESTION: 268

What are the different categories of PL/SQL program units?
A. Default
B. Unnamed
C. Primary
D. Named
Explanation:
A named block is a PL/SQL block that Oracle stores in the database and can be called by name
from any application. A named block is also known as a stored procedure. Named blocks can be
called from any PL/ SQL block. It has a declaration section, which is known as a header. The
header may include the name of a block, type of the block, and parameter. The name and list of
formal parameters are known as the signature of a subroutine. Once a named PL/SQL block is
compiled, it gets permanently stored as p-code after compilation in the shared pool of the system
global area. Therefore, the named block gets compiled only once.
An anonymous block is a PL/SQL block that appears in a user's application and is neither named
nor stored in the database. This block does not allow any mode of parameter. Anonymous block
programs are effective in some situations. They are basically used when building scripts to seed
data or perform one- time processing activities. They are also used when a user wants to nest
activity in another PL/SQL block's execution section. Anonymous blocks are compiled each time
they are executed.
NEW QUESTION: 269

You are tasked with creating an ACL to apply to Fa0/0 based on the following requirements:
The ACL must be protocol specific.
All traffic from host 10.10.45.2 and subnet 10.10.1.32/27 must be denied access through the
router.
Telnet and SSH must be denied for ALL hosts except the management host with the IP address
of
10.10.0.100.
This management host must not only have Telnet and SSH access, but access to any port in the
TCP and UDP suite to any destination.
HTTP, HTTPS, and DNS requests must be allowed for all hosts on subnets 10.10.2.0/24 and
10.10.3.0/24 to any destination.
All remaining traffic must be denied.
Cisco IOS applies an implied deny all at the end of an ACL.
However, you must provide this configuration manually so that engineers can see hit counts on
the deny all traffic when running the show ip access-lists command. Which of the following sets of
commands will you choose to complete the configuration on Router A?
A. RouterA(config)#access-list 110 deny ip host 10.10.45.2 anyRouterA(config)#access-list 110
deny ip
10.10.1.32 0.0.0.31 anyRouterA(config)#access-list 110 permit tcp host 10.10.0.100 anyRouterA
(config)#access-list 110 permit udp host 10.10.0.100 anyRouterA(config)#access-list 110 permit
tcp
10.10.2.0 0.0.1.255 any eq 80RouterA(config)#access-list 110 permit tcp 10.10.2.0 0.0.1.255 any
eq
443RouterA(config)#access-list 110 permit udp 10.10.2.0 0.0.1.255 any eq
53RouterA(config)#access- list 110 deny ip any anyRouterA(config)#interface
fa0/0RouterA(config-if)#ip access-group 110 out
B. RouterA(config)#access-list 110 deny ip host 10.10.45.2 anyRouterA(config)#access-list 110
deny ip
10.10.1.32 0.0.0.31 anyRouterA(config)#access-list 110 permit ip host 10.10.0.100
anyRouterA(config)
#access-list 110 permit tcp 10.10.2.0 0.0.1.255 any eq 80RouterA(config)#access-list 110 permit
tcp
10.10.2.0 0.0.1.255 any eq 443RouterA(config)#access-list 110 permit udp 10.10.2.0 0.0.1.255
any eq
53RouterA(config)#access-list 110 deny ip any any RouterA(config)#interface
fa0/0RouterA(config-if)
#ip access-group 110 in
C. RouterA(config)#access-list 110 deny ip host 10.10.45.2 anyRouterA(config)#access-list 110
deny ip
10.10.1.32 0.0.0.31 anyRouterA(config)#access-list 110 permit tcp host 10.10.0.100 anyRouterA
(config)#access-list 110 permit udp host 10.10.0.100 anyRouterA(config)#access-list 110 permit
tcp
10.10.2.0 0.0.1.255 any eq 80RouterA(config)#access-list 110 permit tcp 10.10.2.0 0.0.1.255 any
eq
443RouterA(config)#access-list 110 permit udp 10.10.2.0 0.0.1.255 anyeq
53RouterA(config)#access- list 110 deny ip any any RouterA(config)#interface
fa0/0RouterA(config-if)#ip access-group 110 in
D. RouterA(config)#access-list 99 deny ip host 10.10.45.2 anyRouterA(config)#access-list 99
deny ip
10.10.1.32 0.0.0.31 anyRouterA(config)#access-list 99 permit tcp host 10.10.0.100
anyRouterA(config)
#access-list 99 permit udp host 10.10.0.100 anyRouterA(config)#access-list 99 permit tcp
10.10.2.0
0.0.1.255 any eq 80RouterA(config)#access-list 99 permit tcp 10.10.2.0 0.0.1.255 any eq
443RouterA (config)#access-list 99 permit udp 10.10.2.0 0.0.1.255 any eq
53RouterA(config)#access-list 99 deny ip any anyRouterA(config)#interface fa0/0 RouterA(config-
if)#ip access-group 99 in
Explanation:
This ACL is an extended ACL. It meets the traffic requirements and is applied to Fa0/0 in the
appropriate direction of in, which matches traffic going into the interface. In addition, this ACL
meets the needs for subnets 10.10.2.0/24 and 10.10.3.0/24 by applying the subnet and wildcard
mask of 10.10.2.0 0.0.1.255 for the lines that apply http, https, and dns. These subnets are
covered by the wildcard mask 0.0.1.255.
This wildcard mask is applied to a range of hosts from 10.10.2.0 through 10.10.3.255 which
covers both of the subnets required. This is handy since both subnets are next to each other in
their network numbers.
Note: If the network numbers were not next to each other, for example 10.10.2.0/24 and
10.10.20.0/24, then the wildcard mask of 0.0.1.255 would be incorrect. A wildcard mask of
0.0.0.255 would be required.
The configuration of the ACL would then be applied using the following commands:  RouterA(config)#access-list 110 permit tcp 10.10.2.0
0.0.0.255 any eq 80 RouterA(config)#access-list 110 permit tcp 10.10.2.0 0.0.0.255 any eq 443
RouterA(config)#access-list
110 permit udp 10.10.2.0 0.0.0.255 any eq 53 RouterA(config)#access-list 110 permit tcp
10.10.20.0
0.0.0.255 any eq 80 RouterA(config)#access-list 110 permit tcp 10.10.20.0 0.0.0.255 any eq 443
RouterA (config)#access-list 110 permit udp 10.10.20.0 0.0.0.255 any eq 53
NEW QUESTION: 270
A. Parallel Simulation
B. Generalized Audit Software (GAS)
C. Test Data
D. Custom Audit Software (CAS)
Explanation:
CAATs (Computer Assisted Auditing Techniques) are used to test application controls as well as
perform substantive tests on sample items. Following are the types of CAATs:
Generalized Audit Software (GAS): It allows the auditor to perform tests on computer files and
databases.
Custom Audit Software (CAS): It is generally written by auditors for specific audit tasks. CAS is
necessary when the organization's computer system is not compatible with the auditor's GAS or
when the auditor wants to conduct some testing that may not be possible with the GAS.
Test Data: The auditor uses test data for testing the application controls in the client's computer
programs.
The auditor includes simulated valid and invalid test data, used to test the accuracy of the
computer system's operations. This technique can be used to check data validation controls and
error detection routines, processing logic controls, and arithmetic calculations, to name a few.
Parallel Simulation: The auditor must construct a computer simulation that mimics the client's
production programs.
Integrated TestFacility: The auditor enters test data along with actual data in a normal application
run.
NEW QUESTION: 271

Which of the following recovery plans includes specific strategies and actions to deal with specific
variances to assumptions resulting in a particular security problem, emergency, or state of
affairs?
Answer:
B is incorrect. It includes the plans and procedures documented that ensure the continuity of
critical operations during any period where normal operations are impossible.
NEW QUESTION: 272

You work as a professional Ethical Hacker. You are assigned a project to test the security of
www.we-are- secure.com. You are working on the Windows Server 2003 operating system. You
suspect that your friend has installed the keyghost keylogger onto your computer.
Which of the following countermeasures would you employ in such a situation?
Answer:
C is incorrect. An SNMP service is not used for keystroke logging. Hence, removing an SNMP
agent may be a valid option if, and only if, the server is vulnerable to SNMP enumeration.
NEW QUESTION: 273

You want to set some terminal characteristics and environment variables.
Answer:
A is incorrect. In Unix, the /etc/sysconfig/routed file is used to set up the dynamic routing policies.
NEW QUESTION: 274

You are tasked with configuring your routers with a minimum security standard that includes the
following:
A local Username and Password configured on the router A strong privilege mode password
Encryption of user passwords Configuring telnet and ssh to authenticate against the router user
database Choose the configuration that best meets these requirements.
Answer:
B is incorrect. The enable password command is obsolete and considered insecure. The proper
command is enable secret followed by the password value.
NEW QUESTION: 275

George works as an office assistant in Soft Well Inc. The company uses the Windows Vista
operating system. He wants to disable a program running on a computer.
Which of the following Windows Defender tools will he use to accomplish the task?
Answer:
B is incorrect. Quarantined items are used to remove or restore a program blocked by Windows
Defender.
NEW QUESTION: 276

DRAG DROP
You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Server
2008 network environment. The network is configured as a Windows Active Directory-based
single forest single domain network. The company has recently provided laptops to its sales team
members. You have configured access points in the network to enable a wireless network. The
company's security policy states that all users using laptops must use smart cards for
authentication. Select and place the authentication method you are required to configure to
implement the security policy of the company.
Select and Place:
Answer:
Explanation:
configure IEEE
NEW QUESTION: 277

You are the project manager of a Web development project. You want to get information about
your competitors by hacking into their computers. You and the project team determine should the
hacking attack not be performed anonymously, you will be traced. Hence, you hire a professional
hacker to work on the project.
This is an example of what type of risk response?
A. Transference
B. Mitigation
C. Acceptance
D. Avoidance
Explanation:
Whenever the risk is transferred to someone else, it is an example of transference risk response.
Transference usually has a fee attached to the service provider that will own the risk event.
NEW QUESTION: 278

SIMULATION
Fill in the blank with the appropriate tool name.
__________ is a wireless network cracking tool that exploits the vulnerabilities in the RC4
Algorithm, which comprises the WEP security parameters.
Answer:
WEPcrack
Explanation:
WEPcrack is a wireless network cracking tool that exploits the vulnerabilities in the RC4
algorithm, which comprises the WEP security parameters. It mainly consists of three tools:
* WeakIVGen: It allows a user to emulate the encryption output of 802.11 networks to weaken the
secret key used to encrypt the network traffic.
* Prism-getIV: It analyzes packets of information until ultimately matching patterns to the one
known to decrypt the secret key.
* WEPcrack: It pulls all beneficial data of WeakIVGen and Prism-getIV to decipher the network
encryption.
NEW QUESTION: 279

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based
network.
Rick, your assistant, is configuring some laptops for wireless access. For security, WEP needs to
be configured for wireless communication. By mistake, Rick configures different WEP keys in a
laptop than that is configured on the Wireless Access Point (WAP).
Which of the following statements is true in such situation?
A. The laptop will be able to access the wireless network but the security will be compromised.
B. The WAP will allow the connection with the guest account's privileges.
C. The laptop will be able to access the wireless network but other wireless devices will be unable
to communicate with it.
D. The laptop will not be able to access the wireless network.
Explanation:
In order to communicate with WAP, a wireless device needs to be configured with the same WEP
key. If there is any difference in the key, the device will not be able to access and communicate
with the wireless network.
NEW QUESTION: 280

DRAG DROP
In Unix, there are different commands used for editing and viewing files. Drag and drop the
appropriate commands (available in Unix) in front of their respective functions that they perform.
Select and Place:
Answer:
Explanation:
Following are the basic file editing and viewing commands in Unix:
NEW QUESTION: 281

Which of the following does an anti-virus program update regularly from its manufacturer's Web
site?
Answer:
B is incorrect. An anti-virus program does not update Permissions regularly from its
manufacturer's Web site.
NEW QUESTION: 282

You work as a Web Developer for XYZ CORP. The company has a Windows-based network. You
have been assigned the task to secure the website of the company. To accomplish the task, you
want to use a website monitoring service.
What are the tasks performed by a website monitoring service?
Answer:
A is incorrect. This task is performed under network monitoring. Network tomography deals with
monitoring the health of various links in a network using end-to-end probes sent by agents
located at vantage points in the network/Internet.
NEW QUESTION: 283

DRAG DROP
Choose and select the information present in the header of a single IP packet that are helpful in
packet filtering.
Select and Place:
Answer:
Explanation:
An IP packet is a formatted unit of data carried by a packet mode computer network. A packet
consists of two kinds of data:
control information and user data (also known as payload). The control information provides data
the network needs to deliver the user data, for example: source and destination addresses, error
detection codes like checksums, and sequencing information. Typically, control information is
found in packet headers and trailers, with user data in between.
IP packets are composed of a header and payload. Every IP packet has a set of headers
containing certain information. The main information is as follows:
IP source address
IP destination address
Protocol (whether the packet is a TCP, UDP, or ICMP packet)
TCP or UDP source port
TCP or UDP destination port
ICMP message type
The structure of an IP packet is as follows:
NEW QUESTION: 284
You have an online video library. You want to upload a directory of movies. Since this process will
take several hours, you want to ensure that the process continues even after the terminal is shut
down or session is closed.
What will you do to accomplish the task?
Answer:
A is incorrect. The bg command cannot run the command or process after the terminal is shut
down or session is closed.
NEW QUESTION: 285

Windows Server 2003. The company has recently provided laptops to its sales team members.
You have configured access points in the network to enable a wireless network. The company's
security policy states that all users using laptops must use smart cards for authentication.
Which of the following authentication techniques will you use to implement the security policy of
the company?
A. IEEE 802.1X using EAP-TLS
B. IEEE 802.1X using PEAP-MS-CHAP
C. Pre-shared key
D. Open system
Answer: A (LEAVE A REPLY)
Explanation:
configure IEEE
NEW QUESTION: 286
Which of the following methods can be helpful to eliminate social engineering threat? (Choose
three)
A. Data encryption
B. Data classification
C. Password policies
D. Vulnerability assessments
Explanation:
The following methods can be helpful to eliminate social engineering threat:
Password policies
Vulnerability assessments
Data classification
Password policy should specify that how the password can be shared. Company should
implement periodic penetration and vulnerability assessments. These assessments usually
consist of using known hacker tools and common hacker techniques to breach a network security.
Social engineering should also be used for an accurate assessment. Since social engineers use
the knowledge of others to attain information, it is essential to have a data classification model in
place that all employees know and follow.
Data classification assigns level of sensitivity of company information. Each classification level
specifies that who can view and edit data, and how it can be shared.
NEW QUESTION: 287

Which of the following statements are true about WPA?
A. WPA-PSK requires a user to enter an 8-character to 63-character passphrase into a wireless
client.
B. Shared-key WPA is vulnerable to password cracking attacks if a weak passphrase is used.
C. WPA-PSK converts the passphrase into a 256-bit key.
D. WPA provides better security than WEP.
Explanation:
WPA stands for Wi-Fi Protected Access. It is a wireless security standard. It provides better
security than WEP (Wired Equivalent Protection). Windows Vista supports both WPA-PSK and
WPA-EAP. Each of these is described as follows:
PSK requires a user to enter an 8- character to 63-character passphrase into a wireless client.
The WPA converts the passphrase into a 256-bit key.
server that runs Remote AuthenticationDial-In User Service for user authentication. Note:
Shared-key WPA is vulnerable to password cracking attacks if a weak passphrase is used. To
protect against a brute force attack, a truly random passphrase of 13 characters (selected from
the set of 95 permitted characters) is probably sufficient.
NEW QUESTION: 288

You work as a Network Auditor for XYZ CORP. The company has a Windows-based network.
You use DumpSec as an auditing and reporting program for security issues.
Which of the following statements is true about DumpSec? (Choose three)
Answer:
D is incorrect. It cannot kill running services. It can only report the current status of services
(running or stopped) in the Windows environment.
NEW QUESTION: 289

Sam works as a Network Administrator for XYZ CORP. The computers in the company run
Windows Vista operating system, and they are continuously connected to the Internet. This
makes the network of the company susceptible to attacks from unauthorized users.
Which of the following will Sam choose to protect the network of the company from such attacks?
Answer:
D is incorrect. Quarantined items is a tool of Windows Defender. It is used to remove or restore a
program blocked by Windows Defender.
NEW QUESTION: 290
A. Layer 2 switches allow for the creation of Virtual LANs providing options for further
segmentation and security.
B. Switches lower the number of collisions in the environment.
C. Switches create an environment best suited for half duplex communications. This improves
network performance and the amount of available bandwidth.
D. Layer 2 switches increase the number of broadcast domains in the environment.
Explanation:
Switches differ from hubs in that they break up Collision Domains. Each port on a switch equals
one Collision Domain. Therefore, a switch will lower the number of collisions within the
infrastructure. Managed switches typically offer the ability to create Virtual LANs. Virtual LANs
allow the switch to create multiple LANs/network segments that are Virtual. This allows the switch
to create additional environments where needed.
NEW QUESTION: 291

You work as a Network Administrator for XYZ CORP. The company has a Windows Server 2008
network environment. The network is configured as a Windows Active Directory-based single
forest single domain network. You have installed a Windows Server 2008 computer as the
domain controller. The client computers of the company use the Windows XP Professional
operating system. When a user logs on to a client computer, it gets authenticated by the domain
controller. You want to audit the logon events that would be generated on the domain controller.
Which of the following audit settings do you need to configure to accomplish the task?
Answer:
B is incorrect. The 'Audit logon events' option is enabled to audit each event that is related to a
user logging on to, logging off from, or making a network connection to the computer configured
to audit logon events.
NEW QUESTION: 292

Which of the following tools can be used by a user to hide his identity?
A. War dialer
B. IPchains
C. Proxy server
D. Rootkit
E. Anonymizer
Answer: B,C,E (LEAVE A REPLY)
Explanation:
A user can hide his identity using any firewall (such as IPChains), a proxy server, or an
anonymizer.
NEW QUESTION: 293

Which of the following controls define the direction and behavior required for technology to
function properly?
Answer:
C is incorrect. Application controls are embedded in programs. It constitutes the lowest subset in
the control family. An activity should be filtered through the general controls, then the pervasive
controls and detailed controls, before reaching the application controls level. Controls in the
higher level category help in protecting the integrity of the applications and their data. The
management is responsible to get applications tested prior to production through a recognized
test method. The goal of this test is to provide a technical certificate that each system meets the
requirement.
NEW QUESTION: 294

You work as a Network Administrator for XYZ CORP. The company has a TCP/IP-based network
environment. The network contains Cisco switches and a Cisco router. A user is unable to access
the Internet from Host B.
You also verify that Host B is not able to connect to other resources on the network.
The IP configuration of Host B is shown below:
Which of the following is the most likely cause of the issue?

A. An incorrect subnet mask is configured on Host B
B. The IP address of Host B is not from the correct IP address range of the network.
C. There is an IP address conflict on the network.
D. An incorrect default gateway is configured on Host B.
Answer: A (LEAVE A REPLY)
Explanation:
According to the network diagram, the IP address range used on the network is from the class C
private address range. The class C IP address uses the following default subnet mask:
255.255.255.0 The question specifies that the subnet mask used in Host B is 255.255.0.0, which
is an incorrect subnet mask.
NEW QUESTION: 295

Which of the following are HTML tags, used to create a table?
Answer:
C, E, and D are incorrect. There are no HTML tags suchas <TABLE SET>, <TT>, and <SET
TABLE>.
NEW QUESTION: 296

DRAG DROP
A wireless network uses multiple modulation schemes to make the signal strong so that it can
travel far.
These modulation schemes work with a certain IEEE standard. Choose and drop the correct
standards in the right pane according to the modulation scheme.
Select and Place:
Answer:
Explanation:
The modulation schemes and IEEE standards working with these modulation schemes are given
below:
NEW QUESTION: 297

HOTSPOT
You work as a Network Administrator for McRobert Inc. The company has a Windows Active
Directory- based single domain single forest network. The network includes fifty client computers
running different Windows client operating systems.
A member server named MRIFS is configured as a file server on the network. You are required to
implement the following:
The data communication must be encrypted whenever possible.
Each client computer must be able to access the server.
Configure the required options in the dialog box given below in order to accomplish the task.
Hot Area:
Answer:
Explanation:
In order to accomplish the task, you will have to select the Allow unsecured communication with
non-IPSec
-aware computers check box.
By enabling this option, IPSec will allow unsecured communication, if necessary. Disabling the
option blocks communication with computers that cannot initiate IPSec, such as legacy systems.
This option should be disabled to secure computers connected to the Internet.
NEW QUESTION: 298

Which of the following tools uses Internet Control Message Protocol (ICMP)?
Answer:
A, B, C are incorrect. These tools do not use ICMP to perform their functions.
NEW QUESTION: 299
In which of the following scanning techniques does a scanner connect to an FTP server and
request that server to start data transfer to the third system?
Answer:
C is incorrect. TCP SYN scanning is also known as half-open scanning because in this a full TCP
connection is never opened. The steps of TCP SYN scanning are as follows:
1.The attacker sends SYN packet to the target port.
2.If the port is open, the attacker receives SYN/ACK message.
3.Now the attacker breaks the connection by sending an RST packet.
4.If the RST packet is received, it indicates that the port is closed.
This type of scanning is hard to trace because the attacker never establishes a full 3-way
handshake connection and most sites do not create a log of incomplete TCP connections.
NEW QUESTION: 300
Answer:
D is incorrect. A hierarchical database is a database management system that implements the
hierarchical data model. A hierarchical database system organizes data in a family tree structure
such that each record has only one owner and the hierarchy is in a parent and child data
segment. This implies that the record can have repeated information in a child segment. The
best-known hierarchical DBMS is IMS.
NEW QUESTION: 301

Which of the following policies helps reduce the potential damage from the actions of one
person?
Answer:
D is incorrect. Risk assessment is a step in a risk management process.
NEW QUESTION: 302
You work as a Security manager for Qualoxizz Inc. Your company has number of network
switches in the site network infrastructure. Which of the following actions will you perform to
ensure the security of the switches in your company?
Answer:
C is incorrect. Short timeout sessions should always be set to reduce the session period. If the
connections to a management port on a switch do not have a timeout period set or have a large
timeout period (greater than 9 minutes), then the connections will be more available for an
attacker to hijack them.
NEW QUESTION: 303

Which of the following are the goals of risk management? (Choose three)
Answer:
D is incorrect. Identifying the accused does not come under the scope of risk management.
NEW QUESTION: 304

You work as a Computer Hacking Forensic Investigator for SecureNet Inc. You want to
investigate Cross- Site Scripting attack on your company's Website. Which of the following
methods of investigation can you use to accomplish the task?
Answer:
C is incorrect. This method is not used to investigate Cross-Site Scripting attack.
NEW QUESTION: 305

network. The company wants to fix potential vulnerabilities existing on the tested systems. You
use Nessus as a vulnerability scanning program to fix the vulnerabilities.
Which of the following vulnerabilities can be fixed using Nessus?
Answer:
D is incorrect. Nessus cannot be used to scan vulnerabilities that help in Code injection attacks.
NEW QUESTION: 306

DRAG DROP
Drag and drop the corresponding prompt that is displayed in the command-line interface of a
Cisco switch IOS for different access modes.
Select and Place:
Answer:
Explanation:
There are four major CLI access modes:
User: When a user accesses the command-line interface (CLI) of a Cisco switch IOS, the IOS
puts the user in user mode. The user mode allows the user to look around; it does not permit the
user to change or break any configuration. When the user enters a command, the switch
executes the command and displays the command result. A Limited set of commands is available
for use in the user mode. User mode is also called user EXEC mode. The prompt in this mode is
displayed as hostname > Enable: Privileged EXEC mode is an area from where more powerful
commands can be run while accessing CLI of a switch IOS. In this mode, more commands are
added to the set of commands available in user mode. Privileged EXEC mode is also known as
privileged mode or enable mode. For reaching privileged EXEC mode, the enable command is
required to be run from user mode. By default, a user cannot get into privileged EXEC mode
through SSH and Telnet sessions. The prompt changes from hostname > to hostname # when a
user moves to privileged EXEC mode from user mode.
Global configuration: Global configuration mode is an access mode of Cisco command-line
interface (CLI).
The configuration commands can be run in this mode only. Commands run in this mode update
the active configuration file as soon as the Enter key is pressed at the end of a command. The
config command is required to be run from the enable mode to switch to the global configuration
mode. The prompt changes to hostname (config)# from hostname# when access mode is
changed to global configuration mode from enable mode.
Interface configuration: Interface configuration mode is a subcommand mode of the global
configuration access mode of Cisco command-line interface (CLI). The interface command is
used to move from global configuration mode to the interface configuration mode. The prompt
changes to hostname (config-if)# from hostname (config)# when a user moves from global
configuration mode to interface configuration mode.
After entering the interface configuration mode, the commands executed affects only the interface
that the user has selected. For example, the interface FastEthernet 0/1 command will put a user
in the interface configuration mode.
Commands executed afterwards will affect only the FastEthernet 0/1.
NEW QUESTION: 307

You want to record auditing information in the SYS.AUD$ table, and also want to record SQL bind
variables as well as the SQL text in the audit trail.
Which of the following statements will accomplish this task?
Answer:
A is incorrect. DB and XML auditing cannot be specified at the same time and the database must
be restarted for the auditing change to go into effect.
NEW QUESTION: 308

Which of the following user authentications are supported by the SSH-1 protocol but not by the
SSH-2 protocol?
Answer:
D is incorrect. Password-based authentication is supported by both the SSH-1 and SSH-2
protocols.
NEW QUESTION: 309

You have to ensure that your Cisco Router is only accessible via telnet and ssh from the following
hosts and subnets: 10.10.2.103 10.10.0.0/24.
Which of the following sets of commands will you use to accomplish the task?
Answer:
B is incorrect. This configuration is correct except for the access-group command. Access-group
is used to apply ACLs to an interface. Access-class is used to apply ACLs to VTY lines.
NEW QUESTION: 310

Answer:
D is incorrect. All group members can neither be viewed nor managed until the new server is
linked to Active Directory.
NEW QUESTION: 311

You work as a Network Administrator for InfraTech Inc. You have been assigned the task of
designing the firewall policy for the company.
Which of the following statements can be considered acceptable in the 'contracted worker
statement' portion of the firewall policy?
Answer:
A is incorrect. Only authorized resources should be accessed by the contractors.
NEW QUESTION: 312

Sarah works as a Web Developer for XYZ CORP. She develops a Web site for the company. She
uses tables in the Web site. Sarah embeds three tables within a table.
What is the technique of embedding tables within a table known as?
Answer:
B, C, D are incorrect. There are no techniques such as stacking tables, horned tables, or CSS
tables.
NEW QUESTION: 313

DRAG DROP
John works as a Network Administrator for Blue Well Inc. The company uses Windows Vista
operating system. He wants to configure the firewall access for specific programs. What steps will
he take to accomplish the task?
Select and Place:
Answer:
Explanation:
A firewall is a set of related programs configured to protect private networks connected to the
Internet from intrusion. It is used to regulate the network traffic between different computer
networks. It permits or denies the transmission of a network packet to its destination based on a
set of rules. A firewall is often installed on a separate computer so that an incoming packet does
not get into the network directly.
NEW QUESTION: 314

You work as an Exchange Administrator for XYZ CORP. The network design of the company is
given below:
Employees are required to use Microsoft Outlook Web Access to access their emails remotely.
You are required to accomplish the following goals: Ensure fault tolerance amongst the servers.
Ensure the highest level of security and encryption for the Outlook Web Access clients. What will
you do to accomplish these goals?
A. Install one front-end Exchange 2000 server and continue to run Microsoft Outlook Web Access
on the existing server. Place the new server on the perimeter network. Configure unique URLs for
each server. Configure Certificate Services. Create a rule on the firewall to direct port 443 to the
servers.
B. Install two front-end Exchange 2000 servers. Place the new servers on the internal network
and configure load balancing between them. Configure Certificate Services. Create a rule on the
firewall to redirect port 443 to the servers.
C. Install two front-end Exchange 2000 servers. Place the new servers on the perimeter network
and configure load balancing between them. Configure Certificate Services. Create a rule on the
firewall to redirect port 443 to the servers.
D. Install two Exchange 2000 servers. Place the new servers on the perimeter network. Configure
unique URLs for each server. Configure Certificate Services. Create a rule on the firewall to direct
port 443 to the servers.
Explanation:
To ensure fault tolerance among the servers and to get the highest possible level of security and
encryption for OWA clients, you must install two front-end Exchange 2000 servers. Place the new
servers on the perimeter network and configure load balancing between them. To enhance
security, you should also configure Certificate Services and create a rule on the firewall to redirect
port 443 to the servers. The most secure firewall configuration is placing a firewall on either side
of the front-end servers. This isolates the front-end servers in a perimeter network, commonly
referred to as a demilitarized zone (DMZ). It is always better to configure more than one front-end
server to get fault tolerance.
NEW QUESTION: 315

Which of the following statements about packet filtering is true?
A. It allows or restricts the flow of specific types of packets to provide security.
B. It is used to send confidential data on the public network.
C. It allows or restricts the flow of encrypted packets to provide security.
D. It is used to store information about confidential data.
Explanation:
Packet filtering is a method that allows or restricts the flow of specific types of packets to provide
security.
It analyzes the incoming and outgoing packets and lets them pass or stops them at a network
interface based on the source and destination addresses, ports, or protocols. Packet filtering
provides a way to define precisely which type of IP traffic is allowed to cross the firewall of an
intranet. IP packet filtering is important when users from private intranets connect to public
networks, such as the Internet.
NEW QUESTION: 316

John works as a Security Professional. He is assigned a project to test the security of www.we-
are- secure.com. John wants to get the information of all network connections and listening ports
in the numerical form.
Which of the following commands will he use?
Answer:
C is incorrect. The netstat -s command displays per-protocol statistics.
By default, statistics are shown for TCP, UDP and IP.
NEW QUESTION: 317

Which of the following commands can be used to find out where commands are located?
A. type
B. which
C. env
D. ls
Explanation:
The which and type commands can be used to find out where commands are located.
NEW QUESTION: 318

Which of the following statements about the <web-resource-collection> element are true?
Answer:
B is incorrect. If there is no <http-method> sub-element, no HTTP methods will be allowed.
NEW QUESTION: 319

Samantha works as a Web Developer for XYZ CORP. She is designing a Web site for the
company. In a Web page, she uses the HTTP-EQUIV attribute to control the page cache.
Which of the following HTTP-EQUIV values controls the page cache in the browser folder?
A. Window-target
B. Status-code
C. Content-type
D. Pragma
Explanation:
HTTP-EQUIV is an attribute of the META tag. It sets or retrieves information used to bind the
META tag's content to an HTTP response header. The pragma value of HTTP-EQUIV controls
the page cache.
NEW QUESTION: 320
Answer:
B, C, D are incorrect. These statements are true about the Basic Authentication scheme.
NEW QUESTION: 321

Which of the following is a technique of using a modem to automatically scan a list of telephone
numbers, usually dialing every number in a local area code to search for computers, Bulletin
board systems, and fax machines?
Answer:
B is incorrect. War driving, also called access pointmapping, is the act of locating and possibly
exploiting connections to wireless local area networks while driving around a city or elsewhere. To
do war driving, one needs a vehicle, a computer (which can be a laptop), a wireless Ethernet card
set to work in promiscuous mode, and some kind of an antenna which can be mounted on top of
or positioned inside the car. Because a wireless LAN may have a range that extends beyond an
office building, an outside user may be able to intrude into the network, obtain a free Internet
connection, and possibly gain access to company records and other resources.
NEW QUESTION: 322

Which of the following Web authentication techniques uses a single sign-on scheme?
A. NTLMauthentication
B. Digest authentication
C. Microsoft Passport authentication
D. Basic authentication
Explanation:
Microsoft Passport authentication is based on single sign-on authentication in which a user needs
to remember only one username and password to be authenticated for multiple services. The
Passport is a suite of services for authenticating users across a number of applications. The
Passport single sign-on service is an authentication service allowing users to create a single set
of credentials that will enable them to sign in to any participating site that supports the Passport
service. It enables the use of one set of credentials to access any Passport-enabled site such as
MSN, Hotmail, and MSN Messenger.
NEW QUESTION: 323

Which of the following tools is a Windows-based commercial wireless LAN analyzer for IEEE
802.11b and supports all high level protocols such as TCP/IP, NetBEUI, and IPX?
Answer:
C is incorrect. Cheops-ng is a network management tool that is used for mapping and monitoring
networks. It can detect a network of a host and provides OS detection for hosts. On some
services, Cheops-ng is able to see what program is running for a service and what is the version
number of that program. The main difference between Cheops and Cheops-ng is that Cheops-ng
does not have monitoring capabilities.
NEW QUESTION: 324

Which of the following listeners need not be configured in the deployment descriptor? (Choose
two)
A. HttpSessionBindingListener
B. HttpSessionAttributeListener
C. HttpSessionListener
D. HttpSessionActivationListener
Explanation:
Except for the HttpSessionActivationListener and the HttpSessionBindingListener, all other
listeners must be configured in the deployment descriptor.
HttpSessionBindingListener has methods that notify the object when it is added to or removed
from a session. It has methods that informs the attributes when the session is about to be
activated or passivated.
These methods are related to the attributes and not to the complete session. Hence, the
container takes care of them and need not be configured in the deployment descriptor.
NEW QUESTION: 325

HOTSPOT
John works as an office assistance in an office. The office uses Windows Vista operating system.
He wants to disable a program from running on a computer. He opens the Windows Defender
window and clicks on the Tools link. He clicks on a link to view the list of programs running on the
computer, selects a program and then clicks on the Disable button to disable it. Mark the option
that John had chosen to view the list of programs running on the computer.
Hot Area:
Answer:
Explanation:
The Software Explorer link will open a list of programs running on the computer.
NEW QUESTION: 326

Which of the following is required by a Web-based application to connect to a database?
Answer:
B is incorrect. Domain Name System (DNS) is a hierarchical naming system used for locating
domain names on private TCP/IP networks and the Internet. It provides a service for mapping
DNS domain names to IP addresses and vice versa. DNS enables users to use friendly names to
locate computers and other resources on an IP network. TCP/IP uses IP addresses to locate and
connect to hosts, but for users, it is easier to use names instead of IP address to locate or
connect to a site.
For example, users will be more comfortable in using the host name www.uCertify.com rather
than using its IP address 66.111.64.227.
NEW QUESTION: 327

Which of the following NFS mount options specifies whether a program using a file via an NFS
connection should stop and wait for the server to come back online, if the host serving the
exported file system is unavailable, or if it should report an error?
A. intr
B. hard or soft
C. nfsvers=2 or nfsvers=3
D. fsid=num
Explanation:
The hard or soft NFS mount options are used to specify whether a program using a file via an
NFS connection should stop and wait (hard) for the server to come back online, if the host serving
the exported file system is unavailable, or if it should report an error.
Answer A is incorrect. The intr NFS mount option allows NFS requests to be interrupted if the
server goes
down or cannot be reached.
Answer C is incorrect. The nfsvers=2 or nfsvers=3 NFS mount options are used to specify which
version
of the NFS protocol to use.
Answer D is incorrect. The fsid=num NFS mount option forces the file handle and file attributes
settings on
the wire to be num.
NEW QUESTION: 328

based network. John is working as a root user on the Linux operating system. He is configuring
the Apache Web server settings. He does not want the commands being used in the settings to
be stored in the history.
Which of the following commands can he use to disable history?
Answer:
C is incorrect. John cannot use the history !N command to accomplish his task. This command is
used to display the Nth history command.
NEW QUESTION: 329

You work as a Network Administrator for Tech Perfect Inc. The company requires a secure
wireless network. To provide security, you are configuring ISA Server 2006 as a firewall.
While configuring ISA Server 2006, which of the following is NOT necessary?
Answer:
A, B, C are incorrect. All these steps are mandatory for the configuration of the ISA Server 2006
firewall.
NEW QUESTION: 330
A. Enable the IP packet filter.

B. Permit all the ports on the network adapter that uses the IP address142.100.10.6.
C. Permit only port 25 on the network adapter that uses the IP address 142.100.10.6.
D. Permit all the ports on the network adapter that uses the IP address 16.5.7.1.
E. Permit only port 80 on the network adapter that uses the IP address 142.100.10.6.
Explanation:
In order to configure the IIS server to allow only Web communication over the Internet, Andrew
will have to use IP packet filtering to permit only port 80 on the network adapter that uses the IP
address 142.100.10.6 for connecting to the Internet. This is because Web communication uses
the Hyper Text Transfer Protocol (HTTP) that uses the TCP port 80. IP packet filtering restricts
the IP traffic received by the network interface by controlling the TCP or UDP port for incoming
data. Furthermore, Andrew wants to allow local users to access shared folders and all other
resources. Therefore, Andrew will have to enable all the ports on the network adapter that uses
the IP address 16.5.7.1 for the local network.
NEW QUESTION: 331

Which of the following statements are true about locating rogue access points using WLAN
discovery software such as NetStumbler, Kismet, or MacStumbler if you are using a Laptop
integrated with Wi-Fi compliant MiniPCI card? (Choose two)
Answer:
A, C are incorrect. The WLAN software such as NetStumbler, Kismet, or MacStumbler can search
rogue access points even when the victim is using data encryption. However, these tools cannot
determine the rogue access point even when it is attached to a wired network.
NEW QUESTION: 332

DRAG DROP
You work as a Network Auditor for Net Perfect Inc. The company has a Windows-based network.
You need to audit the network of the company. You need to plan the audit process to minimize
the audit risk.
What steps will you take to minimize the possibility of audit risk?
Select and Place:
Answer:
Explanation:
The auditor must plan and conduct the audit to ensure their audit risk (the risk of reaching an
incorrect conclusion based on the audit findings) will be limited to an acceptable level. To
eliminate the possibility of assessing audit risk too low, the auditor should perform the following
steps:
Obtain an Understanding of the Organization and its Environment: The understanding of the
organization and its environment is used to assess the risk of material misstatement/weakness
and to set the scope of the audit. The auditor's understanding should include information on the
nature of the entity, management, governance, objectives and strategies, and business
processes.
Identify Risks that May Result in Material Misstatements: The auditor must evaluate an
organization's business risks (threats to the organization's ability to achieve its objectives). An
organization's business risks can arise or change due to new personnel, new or restructured
information systems, corporate restructuring, and rapid growth to name a few.
Evaluate the Organization's Response to those Risks: Once the auditor has evaluated the
organization's response to the assessed risks, the auditor should then obtain evidence of
management's actions toward those risks. The organization's response (or lack thereof) to any
business risks will impact the auditor's assessed level of audit risk.
Assess the Risk of Material Misstatement: Based on the knowledge obtained in evaluating the
organization's responses to business risks, the auditor then assesses the risk of material
misstatements and determines specific audit procedures that are necessary based on that risk
assessment.
Evaluate Results and Issue Audit Report: At this level, the auditor should determine if the
assessments of risks were appropriate and whether sufficient evidence was obtained. The auditor
will issue either an unqualified or qualified audit report based on their findings.
NEW QUESTION: 333

of www.we-are-secure.com. He successfully performs a brute force attack on the We-are-secure
server.
Now, he suggests some countermeasures to avoid such brute force attacks on the We-are-
secure server.
Which of the following are countermeasures against a brute force attack?
A. The site should use CAPTCHA after a specific number of failed login attempts.
B. The site should increase the encryption key length of the password.
C. The site should restrict the number of login attempts to only three times.
D. The site should force its users to change their passwords from time to time.
Explanation:
Using CAPTCHA or restricting the number of login attempts are good countermeasures against a
brute force attack.
NEW QUESTION: 334

Which of the following can be the countermeasures to prevent NetBIOS NULL session
enumeration in Windows 2000 operating systems?
Answer:
A is incorrect. TCP port 53 is the default port for DNS zone transfer. Although disabling it can help
restrict DNS zone transfer enumeration, it is not useful as a countermeasure against the NetBIOS
NULL session enumeration.
NEW QUESTION: 335

Which of the following evidences are the collection of facts that, when considered together, can
be used to infer a conclusion about the malicious activity/person?
A. Incontrovertible
B. Corroborating
C. Direct
D. Circumstantial
Explanation:
Circumstantial evidences are the collection of facts that, when considered together, can be used
to infer a conclusion about the malicious activity/person.
Answer B is incorrect. Corroborating evidence is evidence that tends to support a proposition that
is
already supported by some evidence.
Answer A is incorrect. Incontrovertible evidence is a colloquial term for evidence introduced to
prove a fact
that is supposed to be so conclusive that there can be no other truth as to the matter; evidence so
strong, it overpowers contrary evidence, directing a fact-finder to a specific and certain
conclusion.
Answer C is incorrect. Direct evidence is testimony proof for any evidence, which expressly or
straight-
forwardly proves the existence of a fact.
NEW QUESTION: 336

HOTSPOT
You work as a Network Administrator of a Windows 2000 Active Directory-based single domain
network.
You have configured your Windows XP Professional computer at home to have a static IP
address assigned by your Internet service provider (ISP). It is always connected to the Internet
through a modem.
You have enabled the Internet Connection Firewall for the Internet connection. You use the PING
command to check the connectivity of your home computer from office, but you receive the
following error message:
Request timed out.
On examining the log file of the Internet Connection Firewall on your home computer, you find
DROP ICMP messages. You want to ping your home computer without compromising on
security.
Select the option in the Internet Connection Firewall Advanced Settings dialog box, which will be
required to be checked to accomplish the task.
Hot Area:
Answer:
Explanation:
The Internet Connection Firewall setting on your home computer is preventing PING from echoing
messages. Selecting the Allow incoming echo request check box on the ICMP tab of the Internet
Connection Firewall Advanced Settings dialog box will enable your computer to echo messages
back to the sender.
NEW QUESTION: 337

What does CSS stand for?
A. Cascading Style Sheet
B. Coded System Sheet
C. Cyclic Style Sheet
D. Cascading Style System
Explanation:
A Cascading Style Sheet (CSS) is a separate text file that keeps track of design and formatting
information, such as colors, fonts, font sizes, and margins, used in Web pages. CSS is used to
provide Web site authors greater control on the appearance and presentation of their Web pages.
It has codes that are interpreted and applied by the browser on to the Web pages and their
elements. CSS files have .css extension.
There are three types of Cascading Style Sheets:
External Style Sheet
Embedded Style Sheet
Inline Style Sheet
NEW QUESTION: 338

This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE
802.11a,
802.11b, and 802.11g standards. The main features of these tools are as follows: It displays the
signal strength of a wireless network, MAC address, SSID, channel details, etc. It is commonly
used for the following purposes:
a.War driving
b.Detecting unauthorized access points
c. Detecting causes of interference on a WLAN d.WEP ICV error tracking
e. Making Graphs and Alarms on 802.11 Data, including Signal Strength
This tool is known as __________.
Answer:
C is incorrect. Absinthe is an automated SQL injection tool.
NEW QUESTION: 339

SIMULATION
Fill in the blank with the appropriate command.
You want to search the most recent command that starts with the string 'user'. For this, you will
enter the
________ command to get the desired result.
Answer:
history !user
Explanation:
Here, you will use the history !user command to search the most recent command that starts with
the string
'user'. In the bash shell, the history command is used to view the recently executed commands.
History is on by default. A user can turn off history using the command set +o history and turn it
on using set -o history. An environment variable HISTSIZE is used to inform bash about how
many history lines should be kept. The following commands are frequently used to view and
manipulate history:
NEW QUESTION: 340
Answer:
D is incorrect. While MAC filtering may help prevent a hacker from accessing your network, it
won't keep him or her from finding your network.
NEW QUESTION: 341

Which of the following features of a switch helps to protect network from MAC flood and MAC
spoofing?
Answer:
C is incorrect. MAC Authentication Bypass feature is used to allow the RADIUS server to specify
the default VLAN/ACL for every device that doesn't authenticate by 802.1X.
NEW QUESTION: 342

On which of the following does a CGI program execute?
Answer:
A is incorrect. CGI programs do not execute on routers.
NEW QUESTION: 343

Samantha works as a Web Developer for XYZ CORP. She develops a Web application using
Visual InterDev. She wants to group a series of HTML elements together so that an action can be
performed collectively on them.
Which of the following tags will Samantha use to accomplish this?
Answer:
B is incorrect. There is no tag such as GROUP in HTML.
NEW QUESTION: 344

Which of the following applications work as mass-emailing worms? (Choose two.)
A. Chernobyl virus
B. I LOVE YOU virus
C. Nimda virus
D. Melissa virus
Explanation:
The Nimda and I LOVE YOU viruses work as mass-emailing worms.
NEW QUESTION: 345

based network. John is working as a root user on the Linux operating system. He executes the
following command in the terminal:
echo $USER, $UID.
Which of the following will be displayed as the correct output of the above command?
A. John, 0
B. root, 0
C. root, 500
D. John, 502
Explanation:
According to the scenario, John is a root user. Hence, the value of the environmental variables
$USER and
$UID will be root and 0, respectively.
NEW QUESTION: 346

network. You have been assigned the task to design the authentication system for the remote
users of the company. For security purposes, you want to issue security tokens to the remote
users. The token should work on the one-time password principle and so once used, the next
password gets generated.
Which of the following security tokens should you issue to accomplish the task?
Answer:
D is incorrect. Single sign-on software tokens are used by the multiple, related, but independent
software systems. Some types of single sign-on (SSO) solutions, like enterprise single sign-on,
use this token to store software that allows for seamless authentication and password filling. As
the passwords are stored on the token, users need not remember their passwords and therefore
can select more secure passwords, or have more secure passwords assigned.
NEW QUESTION: 347

Brutus is a password cracking tool that can be used to crack the following authentications: HTTP
(Basic Authentication) HTTP (HTML Form/CGI) POP3 (Post Office Protocol v3) FTP (File
Transfer Protocol) SMB (Server Message Block) Telnet Which of the following attacks can be
performed by Brutus for password cracking?
A. Man-in-the-middle attack
B. Hybrid attack
C. Replay attack
D. Brute force attack
E. Dictionary attack
Explanation:
Brutus can be used to perform brute force attacks, dictionary attacks, or hybrid attacks.
NEW QUESTION: 348

Which of the following internal control components provides the foundation for the other
components and encompasses such factors as management's philosophy and operating style?
A. Information and communication
B. Risk assessment
C. Control activities
D. Control environment
Explanation:
COSO defines internal control as, "a process, influenced by an entity's board of directors,
management, and other personnel, that is designed to provide reasonable assurance in the
effectiveness and efficiency of operations, reliability of financial reporting, and the compliance of
applicable laws and regulations". The auditor evaluates the organization's control structure by
understanding the organization's five interrelated control components, which are as follows:
1. Control Environment: It provides the foundation for the other components and encompasses
such factors as management's philosophy and operating style.
2. Risk Assessment: It consists of risk identification and analysis.
3. Control Activities: It consists of the policies and procedures that ensure employees carry out
management's directions.
The types of control activities an organization must implement are preventative controls (controls
intended to stop an error from occurring), detective controls (controls intended to detect if an error
has occurred), and mitigating controls (control activities that can mitigate the risks associated with
a key control not operating effectively).
4. Information and Communication: It ensures the organization obtains pertinent information, and
then communicates it throughout the organization.
5. Monitoring: It involves reviewing the output generated by control activities and conducting
special evaluations. In addition to understanding the organization's control components, the
auditor must also evaluate the organization's General and Application controls. There are three
audit risk components:
control risk, detection risk, and inherent risk.
NEW QUESTION: 349

based network. John is working as a root user on the Linux operating system. He has a data.txt
file in which each column is separated by the TAB character. Now, he wants to use this file as
input for a data mining software he has created. The problem preventing him from accomplishing
his task is that with his data mining software, he has used TAB as a delimiter to distinguish
between columns. Hence, he is unable to use this file as input for the software. However, if he
somehow replaces the TAB characters of the file with SPACE characters, he can use this file as
an input file for his data mining software.
Which of the following commands will John use to replace the TAB characters of the file with
SPACE characters?
A. expand -t 1 data.txt > data.txt
B. cat data.txt
C. chmod 755 data.txt
D. touch data.txt
Explanation:
According to the scenario, John can replace the TAB characters with single space characters with
the expand command. With the expand -t 1 data.txt > data.txt command, the TABs of data.txt are
changed into single spaces and are redirected by using the > command into the data.txt file. Now,
John can use the data.txt file as the input file for his data mining software.
NEW QUESTION: 350

DRAG DROP
the Windows Vista operating system. He installs an application on his computer. The application
is not running properly. Therefore, he wants to disable the application.
What steps will he take to accomplish the task?
Select and Place:
Answer:
Explanation:
John will click the Disable button in the Software Explorer page to Disable the application running
on his computer.
Windows Defender is a software product designed by Microsoft to provide continuous security
against malware. If it detects anything suspicious, an alert will appear on the screen. Windows
Defender can also be used to scan a computer for suspicious software. It can remove or
quarantine any malware or spyware it finds.
The Quarantined items link will open the Quarantined items page that will help a user to remove
or restore software that Windows Defender has prevented from running.
The Allowed items link will open the Allowed items page that will help a user to view software that
are not monitored with Windows Defender.
NEW QUESTION: 351

Which of the following statements about invalidating a session is true?
Answer:
B is incorrect. The invalidate() method belongs to the HttpSession interface.
NEW QUESTION: 352

DRAG DROP
Auditing is used to track user accounts for file and object access, logon attempts, system
shutdown, and many more vulnerabilities to enhance the security of the network. It encompasses
a wide variety of activities.
Place the different auditing activities in front of their descriptions.
Select and Place:
Answer:
Explanation:
Explanation: Auditing encompasses a wide variety of activities as follows:
Logging: It is the activity of recording information to a log file or database about events or
occurrences.
Log Analysis: It is a systematic form of monitoring where the logged information is analyzed in
detail. It is done to find out the trends and patterns as well as abnormal, unauthorized, illegal, and
policy-violating activities.
Intrusion Detection: It is a process to detect unwanted system access by monitoring both
recorded information and real time events.
Alarm Triggers: These are the notifications that are sent to an administrator whenever a specific
event occurs.
Monitoring: It is the activity of manually or programmatically reviewing logged information.
NEW QUESTION: 353

You work as a Network Administrator for XYZ CORP. The company has a Linux-based network.
The company needs to provide secure network access. You have configured a firewall to prevent
certain ports and applications from forwarding the packets to the company's intranet.
What does a firewall check to prevent these ports and applications from forwarding the packets to
the intranet?
Answer:
D, A, and B are incorrect. These are not checked by a firewall.
NEW QUESTION: 354

You want to fix partitions on a hard drive.
Answer:
C is incorrect. In Unix, the fsck command is used to add new blocks to a filesystem. This
command must not be run on a mounted file system.
NEW QUESTION: 355

security of www.we-are-secure.com. He notices that UDP port 137 of the We-are-secure server is
open. Assuming that the Network Administrator of We-are-secure Inc. has not changed the
default port values of the services.
Which of the following services is running on UDP port 137?
Answer:
B is incorrect. TELNET is a command-line connectivity tool that starts terminal emulation with a
remote host running the telnet server service. TELNET allows users to communicate with a
remote computer, offers the ability to run programs remotely, and facilitates remote
administration. The TELNET utility uses the Telnet protocol for connecting to a remote computer
running the Telnet server software, to access files. It uses TCP port 23 by default.
NEW QUESTION: 356

You work as a Software Developer for Mansoft Inc. You create an application and use it to create
users as members of the local Users group.
Which of the following code snippets imperatively demands that the current user is a member of
the local Users group?
A. System.AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
PrincipalPermission MyPermission = new PrincipalPermission(null, @"BUILTIN\Users", true);
MyPermission.Demand();
B. PrincipalPermission MyPermission = new PrincipalPermission(null, @"BUILTIN\Users", true);
C. System.AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
PrincipalPermission MyPermission = newPrincipalPermission(null, @"Users", true);
D. PrincipalPermission MyPermission = new PrincipalPermission(null, @"Users", true);
Explanation:
The PrincipalPermission class allows security checks against the active principal. This is done by
using the language constructs that are defined for both imperative and declarative security
actions. To perform an imperative security demand for membership in a built-in Microsoft
Windows group, you must first set the default principal policy to the Windows principal by calling
the SetPrincipalPolicy (PrincipalPolicy.WindowsPrincipal) statement. Construct a
PrincipalPermission object specifying the group name. To specify the group name, you can
provide just the group name, or you can preface the group name with either "BUILTIN\" or the
computer name and a backslash. Finally, call the PrincipalPermission.Demand method. There is
another method of identifying group membership, i.e. by using the PrincipalPermissionclass or the
PrincipalPermissionAttribute attribute derived from the System.Security.Permissions namespace.
The PrincipalPermission object identifies that the identity of the active principal should match its
information with the identity information that is passed to its constructor.
The identity information contains the user's identity name and role.
NEW QUESTION: 357

Mark works as the Network Administrator for XYZ CORP. The company has a Unix-based
network. Mark wants to scan one of the Unix systems to detect security vulnerabilities. To
accomplish this, he uses TARA as a system scanner.
What can be the reasons that made Mark use TARA?
Answer:
A is incorrect. It is a limitation of TARA that reduces its flexibility to be used for different
purposes.
NEW QUESTION: 358

You want to monitor the network infrastructure of a software-based company. The network
infrastructure of the company consists of the following:
Windows TCP/IP services
Web and mail servers
URLs Applications (MS Exchange, SQL etc.)
Which of the following network monitoring solutions can you use to accomplish the task?
Answer:
C is incorrect. Network Monitor (Netmon) is a protocol analyzer. It is used to analyze the network
traffic. It is installed by default during the installation of the operating system. It can be installed by
using Windows Components Wizard in the Add or Remove Programs tool in Control Panel.
Network Monitor is used to perform the following tasks:
1. Capture frames directly from the network.
2. Display and filter captured frames immediately after capture or a later time.
3. Edit captured frames and transmit them on the network.
4. Capture frames from a remote computer.
NEW QUESTION: 359

You want to set the hard disk geometry parameters, cylinders, heads, and sectors.
Answer:
B is incorrect. In Unix, the mkswap command sets up a Unix swap area on a device or file.
NEW QUESTION: 360
Answer:
B is incorrect. Netcat is a freely available networking utility that reads and writes data across
network connections by using the TCP/IP protocol. Netcat has the following features: It provides
outbound and inbound connections for TCP and UDP ports. It provides special tunneling such as
UDP to TCP, with the possibility of specifying all network parameters. It is a good port scanner. It
contains advanced usage options, such as buffered send-mode (one line every N seconds), and
hexdump (to stderr or to a specified file) of transmitted and received data. It is an optional
RFC854 telnet code parser and responder.
NEW QUESTION: 361

You work as a Network Administrator for BetaTech Inc. You have been assigned the task of
designing the firewall policy for the company.
Which of the following statements is unacceptable in the 'acceptable use statement' portion of the
firewall policy?
Answer:
A, B, D are incorrect. All of these statements stand true in the 'acceptable use statement' portion
of the firewall policy.
NEW QUESTION: 362

Windows Server 2003. The company has recently provided fifty laptops to its sales team
members. You are required to configure an
802.11 wireless network for the laptops. The sales team members must be able to use their data
placed at a server in a cabled network. The planned network should be able to handle the threat
of unauthorized access and data interception by an unauthorized user. You are also required to
prevent the sales team members from communicating directly to one another.
Which of the following actions will you take to accomplish the task?
A. Implement the open system authentication for the wireless network.
B. Configure the wireless network to use WEP encryption for the data transmitted over a wireless
network.
C. Using group policies, configure the network to allow the wireless computers to connect to the
infrastructure networks only.
D. Implement the IEEE 802.1X authentication for the wireless network.
E. Using group policies, configure the network to allow the wireless computers to connect to the
ad hoc networks only.
Explanation:
In order to enable wireless networking, you have to install access points in various areas of your
office building. These access points generate omni directional signals to broadcast network traffic.
Unauthorized users can intercept these packets. Hence, security is the major concern for a
wireless network. The two primary threats are unauthorized access and data interception.
In order to accomplish the task, you will have to take the following steps:
Using group policies, configure the network to allow the wireless computers to connect to the
infrastructure networks only. This will prevent the sales team members from communicating
directly to one another.
Implement the IEEE 802.1X authentication for the wireless network. This will allow only
authenticated users to access the network data and resources.
Configure the wireless network to use WEP encryption for data transmitted over a wireless
network. This will encrypt the network data packets transmitted over wireless connections.
Although WEP encryption does not prevent intruders from capturing the packets, it prevents them
from reading the data inside.
NEW QUESTION: 363

Which of the following standards is used in wireless local area networks (WLANs)?
Answer:
C is incorrect. IEEE 802.5 is a standard for wired networks, which defines the MAC layer for
token-ring networks.
NEW QUESTION: 364
You are concerned about an attacker being able to get into your network. You want to make sure
that you are informed of any network activity that is outside normal parameters.
What is the best way to do this?
Answer:
A is incorrect. A protocol analyzer does detect if a given protocol is moving over a particular
network segment.
NEW QUESTION: 365

Which of the following commands can you use to search a string 'pwd' in all text files without
opening them? (Choose two)
A. vi
B. grep
C. sed
D. locate
Explanation:
sed and grep are the two commands that can be used to search a specified string in all text files
without opening them. sed is a stream editor that is used to perform basic text transformations on
an input stream (a file or input from a pipeline).
NEW QUESTION: 366

What is the extension of a Cascading Style Sheet?
A. .hts
B. .cs
C. .js
D. .css
Explanation:
A Cascading Style Sheet (CSS) is a separate text file that keeps track of design and formatting
information, such as colors, fonts, font sizes, and margins, used in Web pages. CSS is used to
provide Web site authors greater control on the appearance and presentation of their Web pages.
It has codes that are interpreted and applied by the browser on to the Web pages and their
elements. CSS files have .css extension.
There are three types of Cascading Style Sheets:
External Style Sheet
Embedded Style Sheet
Inline Style Sheet
NEW QUESTION: 367
In which of the following attack techniques does an attacker try to intercept the successful
handshake and then use a dictionary attack to retrieve the shared key?
Answer:
B is incorrect. In a brute force attack, an attacker uses software that tries a large number of the
keys combinations in order to get a password. To prevent such attacks, users should create
passwords more difficult to guess, e.g., using a minimum of six characters, alphanumeric
combinations, and lower- upper case combinations, etc.
NEW QUESTION: 368

Which of the following are the reasons for implementing firewall in any network?
A. Create a choke point
B. Log Internet activity
C. Log system activity
D. Limit access control
E. Implementing security policy
F. Limit network host exposure
Explanation:
A firewall is a part of a computer system or network that is designed to block unauthorized access
while permitting authorized communications. It is a device or set of devices configured to permit,
deny, encrypt, decrypt, or proxy all computer traffic between different security domains based
upon a set of rules and other criteria. The four important roles of a firewall are as follows:
1. Implement security policy: A firewall is a first step in implementing security policies of an
organization.
Different policies are directly implemented at the firewall. A firewall can also work with network
routers to implement Types-Of-Service (ToS) policies.
2. Creating a choke point: A firewall can create a choke point between a private network of an
organization and a public network. With the help of a choke point the firewall devices can monitor,
filter, and verify all inbound and outbound traffic.
3. Logging Internet activity: A firewall also enforces logging of the errors and faults. It also
provides alarming mechanism to the network.
4. Limiting network host exposure: A firewall can create a perimeter around the network to protect
it from the Internet. It increases the security by hiding internal information.
NEW QUESTION: 369

Which of the following is the most secure place to host a server that will be accessed publicly
through the Internet?
Answer:
B is incorrect. Hosting a server on the intranet for public access will not be good from a security
point of view.
NEW QUESTION: 370
Answer:
A is incorrect. Safeguards are those controls that provide some amount of protection to an asset.
NEW QUESTION: 371

security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports
and applications running on the We-are-secure server. For this purpose, he wants to initiate
scanning with the IP address of any third party.
Which of the following scanning techniques will John use to accomplish his task?
Answer:
D is incorrect. TCP SYN scanning is also known as half-open scanning because in this a full TCP
connection is never opened. The steps of TCP SYN scanning are as follows:
1.The attacker sends SYN packet to the target port.
2. If the port is open, the attacker receives SYN/ACK message.
3. Now the attacker breaks the connection by sending an RST packet.
4. If the RST packet is received, it indicates that the port is closed. This type of scanning is hard
to trace because the attacker never establishes a full 3-way handshake connection and most
sites do not create a log of incomplete TCP connections.
NEW QUESTION: 372

You are responsible for a number of Windows Server 2003 DNS servers on a large corporate
network.
You have decided to audit the DNS server logs.
Which of the following are likely errors you could encounter in the log? (Choose two)
Answer:
B is incorrect. A DNS server looks up a name to return an IP, it would not and cannot connect to a
domain name, it must connect to an IP address.
NEW QUESTION: 373

Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2003
Active Directory domain-based network. The domain consists of a domain controller, two
Windows 2003 member servers, and one hundred client computers. The company employees
use laptops with Windows XP Professional. These laptops are equipped with wireless network
cards that are used to connect to access points located in the Marketing department of the
company. The company employees log on to the domain by using a user name and password
combination. The wireless network has been configured with WEP in addition to 802.1x. Mark
wants to provide the best level of security for the kind of authentication used by the company.
What will Mark do to accomplish the task?
Answer:
A is incorrect. IPSec has nothing to do with this issue.
NEW QUESTION: 374

Which of the following types of firewall ensures that the packets are part of the established
session?
Answer:
B is incorrect. There is no firewall type such as switch-level firewall.
NEW QUESTION: 375

Which of the following is used to execute a SQL statement from the SQL buffer?
A. Entering an asterisk (*)
B. Pressing [RETURN] once
C. Pressing [RETURN] twice
D. Entering a slash (/)
E. Pressing [ESC] twice.
Explanation:
A SQL statement or a PL/SQL block can be executed by entering a semicolon (;) or a slash (/), or
by using the RUN command at SQL prompt. When a semicolon (;) is entered at the end of a
command, the command is completed and executed. When a slash (/) is entered, the command
in the buffer is executed.
It can also be used to execute a PL/SQL block. The RUN command is used to execute a
command in the buffer. Note: The SQL buffer stores the most recently used SQL commands and
PL/SQL blocks. It does not store SQL* Plus commands. It can be edited or saved to a file. Note:
A SQL command can be saved in the buffer by entering a blank line.
Reference: Oracle8i Online Documentation, Contents: "SQL*PLUS Users Guide and Reference",
"Learning SQL*PLUS Basics,3 of 4", "Understanding SQL COMMAND Syntax"
NEW QUESTION: 376

Mark works as a Web Designer for XYZ CORP. The company has a Windows-based network.
Mark creates an HTML document that gives the following error on execution: "These hypertext
system features are not supported by HTML".
Which of the following can be the hypertext system features that are NOT supported by HTML?
(Choose three)
Answer:
C is incorrect. Hyperlink is supported by HTML as well as Hypertext.
NEW QUESTION: 377

Which of the following commands can be used to intercept and log the Linux kernel messages?
A. syslogd
B. klogd
C. sysklogd
D. syslog-ng
Explanation:
The klogd and sysklogd commands can be used to intercept and log the Linux kernel messages.
NEW QUESTION: 378

DRAG DROP
network.
Three Cisco IOS routers- router1, router2, and router3 are currently working in the network. You
want to accomplish the following tasks:
Configure router1 to act as an SSH server.
Configure domain name 'network.com'.
Generate a general-purpose RSA key pair and specify the IP key size of 1024.
Configure SSH time-out of 30 seconds and SSH authentication retries value 4.
Drag and drop the appropriate commands beside their respective command prompts in order to
accomplish the tasks.
Select and Place:
Answer:
Explanation:
In order to accomplish the given tasks, you will have to use the following commands:
router1(config)#ip domain-name network.com
router1(config)#crypto key zeroize rsa
router1(config)#crypto key generate rsa general-keys modulus 1024
router1(config)#ip ssh time-out 30
router1(config)#ip ssh authentication-retries 4
router1(config)#line vty 0 4
router1(config-line)#transport input ssh
NEW QUESTION: 379

You work as the Network Administrator of a Windows 2000 Active Directory network. Your
company's offices are at Dallas and New York. Your company wants to configure a secure, direct
Internet link. The company's management wants to accomplish the following tasks:
Keep the offices' internal resources secure from outsiders.
Keep communication secure between the two offices.
You install a firewall in each office.
Which of the tasks does this action accomplish?
A. The action taken will fulfill the secure communication concern.
B. The action taken will accomplish neither of the goals.
C. The action taken will fulfill the internal resource security concern.
D. The action taken will accomplish both the goals.
Explanation:
The action taken will fulfill the internal resource security concern. It has nothing to do with the
secured communication. Firewall is used to protect the network from external attacks byhackers.
Firewall prevents direct communication between computers in the network and the external
computers, through the Internet.
Instead, all communication is done through a proxy server, outside the organization's network,
which decides whether or not it is safe to let a file pass through. To achieve the secured
communication goal, you will have to configure a virtual private network (VPN) between the two
offices.
NEW QUESTION: 380
A. WPA-EAP
B. WEP
C. WPA-PSK
D. WPA2
Explanation:
WPA2 is an updated version of WPA. This standard is also known as IEEE 802.11i. WPA2 offers
enhanced protection to wireless networks than WPA and WEP standards. It is also available as
WPA2- PSK and WPA2-EAP for home and enterprise environment respectively. Answer: B is
incorrect. than WEP (Wired Equivalent Protection). Windows Vista supports both WPA-PSK and
WPA-EAP. Each of these is described as follows:
PSK
requires a user to enter an 8- character to 63-character passphrase into a wireless client. The
WPA converts the passphrase into a 256-bit key.
server that runs Remote Authentication Dial-In UserService for user authentication. Note:
NEW QUESTION: 381
Which of the following tools can be used to perform ICMP tunneling? (Choose two)
Answer:
D is incorrect. Ethereal is a network sniffer.
NEW QUESTION: 382

HOTSPOT
In the image of the Screened Host Firewall Architecture given below, select the element that is
commonly known as the choke router.
Hot Area:
Answer:
Explanation:
A choke router is an interior router present in the screened host firewall architecture. It is attached
to the perimeter network and protects the internal network from the Internet and the perimeter net.
A choke router is basically employed for the job of packet filtering for the firewall. It is also used to
provide access to selected services that are outbound from the internal net to the Internet. These
services may include outgoing Telnet, FTP, WAIS, Archie, Gopher, etc.
A Screened Host Firewall Architecture is used to provide services from a host that is attached
only to the internal network by using a separate router. In this type of firewall architecture, the key
security is provided by packet filtering.
The host exists in the internal network. The packet filtering on the screening router is configured
in such a way that the bastion host is the only system in the internal network that is open to the
Internet connections.
If any external system tries to access internal systems or services, then it will connect only to this
host. The bastion host therefore needs to be at a high level of security.
NEW QUESTION: 383
Which of the following statements about URL rewriting are true?
A. If cookies are supported by the browser, URL rewriting will return the URL unchanged.
B. The request.encodeRedirectURL() method is used to add a session id info to the URL and
send the request to another URL.
C. The request.encodeURL() method is used to add a session id info to the URL.
D. URL rewriting is used in cases where cookies are not supported by the browser.
Explanation:
By default, session tracking uses cookies to associate a session identifier with a unique user.
URL rewriting is used in cases where cookies are not supported by the browser.
NEW QUESTION: 384

Which of the following are known as safety critical software?
Answer:
C is incorrect. Software that intervenes when an unsafe condition is present or is about to happen
is known as safety critical software.
NEW QUESTION: 385

In a network, a data packet is received by a router for transmitting it to another network. In order
to make decisions on where the data packet should be forwarded, the router checks with its
routing table.
Which of the following lists does a router check in a routing table?
Answer:
B is incorrect. A routing table does not contain any list of packets.
NEW QUESTION: 386
Which of the following is an attempt to give false information or to deny that a real event or
transaction should have occurred?
Answer:
D is incorrect. Dictionary attack is a type of password guessing attack. This type of attack uses a
dictionary of common words to find out the password of a user. It can also use common words in
either upper or lower case to find a password. There are many programs available on the Internet
to automate and execute dictionary attacks.
NEW QUESTION: 387

You check performance logs and note that there has been a recent dramatic increase in the
amount of broadcast traffic.
What is this most likely to be an indicator of?
Answer:
A is incorrect. A misconfigured router could possibly cause an increase in broadcast traffic.
However, this are cent problem, the router is unlikely to be the issue.
NEW QUESTION: 388

Which of the following allows the use of multiple virtual servers using different DNS names
resolved by the same IP address?
Answer:
C is incorrect. HTML stands for Hypertext Markup Language. It is a set of markup symbols or
codes used to create Web pages and define formatting specifications. The markup tells the Web
browser how to display the content of the Web page.
NEW QUESTION: 389

DRAG DROP
the Windows Vista operating system.
He wants to view the status of Windows Defender. What steps will he take to accomplish the
task?
Select and Place:
Answer:
Explanation:
Windows Defender is a software product designed by Microsoftto provide continuous security
against malware. If it detects anything suspicious, an alert will appear on the screen. Windows
Defender can also be used to scan a computer for suspicious software. It can remove or
quarantine any malware or spyware it finds.
Clicking on the Security Center icon will show the status of malware protection, status of firewall,
and other security settings.
Clicking on the Windows Firewall icon will open the Windows Firewall dialog box and allow a user
to configure the Windows Firewall settings.
NEW QUESTION: 390
Answer:
A, D are incorrect. Protective or preventative controls serve to proactively define and possibly
enforce acceptable behaviors. As an example, a set of common accounting rules are defined and
must be followed by any publicly traded company. Each quarter, any particular company must
publicly state its current financial standing and accounting as reflected by an application of these
rules. These accounting rules and the SEC requirements serve as protective or preventative
controls.
NEW QUESTION: 391

DRAG DROP
Windows Server 2003. The Sales Managers in the company use laptops for connecting to the
network. You are required to provide wireless connectivity on the network to all the Sales
Managers. The security policy of the company dictates that the laptops should connect only to the
access points on the network. The laptops should not be able to directly communicate with each
other. You are required to implement the security policy of the company.
Choose the steps that you will take to accomplish the task.
Select and Place:
Answer:
Explanation:
In order to accomplish the task, you will have to take the following steps:
Install a WLAN access point on the network.
Install wireless network interface adapters on the laptops of the Sales Managers.
Create a Wireless Network policy and configure it to allow infrastructure networking only.
Apply the policy to the laptops of the Sales Managers.
Configuring the Wireless Network policy to allow infrastructure networking only will prevent the
Sales Managers from directly communicating with each other.
Although they will be able to communicate with each other by using this configuration, the
communication will be made through the access point.
The Ad hoc topology is used by wireless equipment, which are configured with the wireless
network interface adapters, to communicate directly with each other.
NEW QUESTION: 392

In 1947, the American Institute of Certified Public Accountants (AICPA) adopted GAAS to
establish standards for audits.
Which of the following categories of audit standards established by GAAS are related to
professional and technical competence, independence, and professional due care?
Answer:
B is incorrect. There was no such category of standard established by GAAS.
NEW QUESTION: 393

You want to query an image root device and RAM disk size.
Answer:
C is incorrect. In Unix, the setfdprm command sets floppy drive parameters.
NEW QUESTION: 394

Mark works as a Web Developer for XYZ CORP. He is developing a Web site for the company.
He wants to use frames in the Web site.
Which of the following is an HTML tag used to create frames?
Answer:
A, B, C are incorrect. There are no HTML tags such as <TABLESET>, <FRAMEWINDOW>, and
<REGION>.
NEW QUESTION: 395

You work as a Network Administrator for NTY Inc. The company has a secure wireless network.
While auditing the network for maintaining security, you find an unknown node. You want to
locate that node.
Which tool will you use to pinpoint the actual physical location of the node?
Answer:
C is incorrect. WEPcrack is a wireless network cracking tool that exploits the vulnerabilities in the
RC4 Algorithm, which comprises the WEP security parameters. It mainly consists of three tools,
which are as follows:
WeakIVGen: It allows a user to emulate the encryption output of 802.11 networks to weaken the
secret key used to encrypt the network traffic.
Prism-getIV: It analyzes packets of information until ultimately matching patterns to the one
known to decrypt the secret key.
WEPcrack: It pulls the all beneficial data of WeakIVGen and Prism-getIV to decipher the network
encryption.
NEW QUESTION: 396
An attacker wants to connect directly to an unsecured station to circumvent the AP security or to
attack the station.
Which of the following tools can be used to accomplish the task?
A. Wireless card
B. MacChanger
C. SirMACsAlot
D. USB adapter
Explanation:
Ad Hoc Association is a type of attack in which an attacker tries to connect directly to an
unsecured station to circumvent the AP security or to attack the station. Any wireless card or USB
adapter can be used to perform this attack.
NEW QUESTION: 397

You want to see the local device files or 'links to device files' for a non-standard device driver.
Which of the following Unix configuration files should you use to accomplish the task?
Answer:
B is incorrect. In Unix, the /etc/bootptab/ file contains the configuration for the BOOTP server
daemon.
NEW QUESTION: 398

An auditor assesses the database environment before beginning the audit. This includes various
key tasks that should be performed by an auditor to identify and prioritize the users, data,
activities, and applications to be monitored.
Which of the following tasks need to be performed by the auditor manually?
A. Classifying data risk within the database systems
B. Monitoring data changes and modifications to the database structure, permission and user
changes, and data viewing activities
C. Analyzing access authority
D. Archiving, analyzing, reviewing, and reporting of audit information
Explanation:
The Internal Audit Association lists the following as key components of a database audit:
Create an inventory of all database systems and use classifications. This should include
production and test data. Keep it up-to-date.
Classify data risk within the database systems. Monitoring should be prioritized for high, medium,
and low risk data.
Implement an access request process that requires database owners to authorize the "roles"
granted to database accounts (roles as in Role Based Access and not the native database roles).
Analyze access authority. Users with higher degrees of access permission should be under
higher scrutiny, and any account for which access has been suspended should be monitored to
ensure access is denied, attempts are identified.
Assess application coverage. Determine what applications have built-in controls, and prioritize
database auditing accordingly. All privileged user access must have audit priority. Legacy and
custom applications are the next highest priority to consider, followed by the packaged
applications.
Ensure technical safeguards. Make sure access controls are set properly.
Audit the activities. Monitor data changes and modifications to the database structure, permission
and user changes, and data viewing activities. Consider using network-based database activity
monitoring appliances instead of native database audit trails.
Archive, analyze, review, and report audit information. Reports to auditors and IT managers must
communicate relevant audit information, which can be analyzed and reviewed to determine if
corrective action is required. Organizations that must retain audit data for long-term use should
archive this information with the ability to retrieve relevant data when needed.
The first five steps listed are to be performed by the auditor manually.
Answers B, D are incorrect. These tasks are best achieved by using an automated solution.
NEW QUESTION: 399

You work as a Software Developer for XYZ CORP. You create a SQL server database named
DATA1 that will manage the payroll system of the company. DATA1 contains two tables named
EmployeeData, Department. While EmployeeData records detailed information of the employees,
Department stores information about the available departments in the company. EmployeeData
consists of columns that include EmpID, EmpName, DtOBrth, DtOJoin, DeptNo, Desig, BasicSal,
etc. You want to ensure that each employee ID is unique and is not shared between two or more
employees. You also want to ensure that the employees enter only valid department numbers in
the DeptNo column.
Which of the following actions will you perform to accomplish the task?
A. Define triggers in the EmployeeData table.
B. Add stored procedures by using Transact-SQL queries.
C. Add constraints to the EmployeeData table.
D. Define indexes in the EmployeeData table.
E. Define views in the database.
Explanation:
In the given scenario, you will add constraints to the EmpID and DeptNo columns of the
EmployeeData table, as you want EmpID to be unique, and the number entered in the DeptNo
column to be valid. A constraint enforces the integrity of a database. It defines rules regarding the
values allowed in the columns of a table. A constraint is the standard mechanism for enforcing
integrity. Using constraints is preferred to using triggers, rules, and defaults. Most of the RDBMS
databases support the following five types of constraints:
NOT NULL constraint: It specifies that the column does not accept NULL values.
CHECK constraint: It enforces domain integrity by limiting the values that can be placed in a
column.
UNIQUE constraint: It enforces the uniqueness of values in a set of columns.
PRIMARY KEY constraint: It identifies the column or set of columns whose values uniquely
identify a row in a table.
FOREIGN KEY constraint: It establishes a foreign key relationship between the columns of the
same table or different tables.
Following are the functions of constraints:
Constraints enforce rules on data in a table whenever a row is inserted, updated, or deleted from
the table.
Constraints prevent the deletion of a table if there are dependencies from other tables.
Constraints enforce rules at the column level as well asat the table level.
Defining indexes in the EmployeeData table will help you find employee information based on
EmpID, very fast.
An index is a pointer to a table.
It speeds up the process of data retrieval from a table.
It is stored separately from a table for which it was created.
Indexes can be created or dropped without affecting the data in a table.
The syntax for creating an index is as follows: CREATE INDEX <Index name> Indexes can also
be used for implementing data integrity in a table.
A unique index does not allow duplicate values to enter in a row if a particular column is indexed
as a unique index.
The syntax for creating a unique index is as follows: CREATE UNIQUE INDEX <Index name>
You will also add a stored procedure named AddEmp by using Transact-SQL queries. AddEmp
will accept data values for new employees and will subsequently add a row in the EmployeeData
table. Stored procedures are precompiled SQL routines that are stored on a database server.
They are a combination of multiple SQL statements that form a logical unit and perform a
particular task. Stored procedures provide the capability of combining multiple SQL statements
and improve speed due to precompiled routines. Most of the DBMS provide support for stored
procedures. They usually differ in their syntax and capabilities from one DBMS to another.
A stored procedure can take three parameters: IN, OUT, and INOUT. Note: Stored procedures
are very similar to functions and procedures of common programming languages. You will also
define a view named DeptEmpView that will combine data from the Department and
EmployeeData tables and thus produce the required result. A view can be thought of as a virtual
table. The data accessible through a view is not stored in the database as a distinct object. Views
are created by defining a SELECT statement. The result set of the SELECT statement forms the
virtual table. A user can use this virtual table by referencing the view name in SQL statements in
the same way a table is referenced. Answer: A is incorrect. You do not need to define any triggers
in the EmployeeData table, as they are not required while making the EmpID unique, or while
entering valid data values in DeptNo. A trigger is a special kind of stored procedure that
automatically runs when data in a specified table is updated, inserted, or deleted. Triggers can
query other tables and can include complex SQL statements.
NEW QUESTION: 400
A. AiroPeek
B. AirSnort
C. Kismet
D. NetStumbler
Explanation:
NetStumbler, a war driving tool, uses an organizationally unique identifier (OID) of 0x00601A, D
protocol identifier (PID) of 0x0001. Each version has a typical payload string. For example,
NetStumbler 3.2.3 has a payload string: 'All your 802.11b are belong to us'. Therefore, when you
see the OID and PID values, you discover that the attacker is using NetStumbler, and when you
see the payload string, you are able to ascertain that the attacker is using NetStumbler 3.2.3.

GIAC GSNA v2018-06-01 q400

Uploaded by

Copyright:

Available Formats

You might also like

GIAC GSNA v2018-06-01 q400

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

GIAC GSNA v2018-06-01 q400

Uploaded by

Copyright:

Available Formats

GIAC.GSNA.v2018-06-01.

Exam Code: GSNA

A. vi data.txt.* > data.txt

A. Internal Style Sheet

NEW QUESTION: 100

NEW QUESTION: 101

NEW QUESTION: 102

NEW QUESTION: 103

NEW QUESTION: 104

NEW QUESTION: 105

NEW QUESTION: 106

NEW QUESTION: 107

NEW QUESTION: 108

NEW QUESTION: 109

NEW QUESTION: 110

2.In the Control Panel window, click Security.

NEW QUESTION: 112

NEW QUESTION: 113

NEW QUESTION: 114

NEW QUESTION: 115

NEW QUESTION: 117

NEW QUESTION: 118

NEW QUESTION: 119

NEW QUESTION: 120

A. Use of well-known code

NEW QUESTION: 121

NEW QUESTION: 122

NEW QUESTION: 123

NEW QUESTION: 124

NEW QUESTION: 125

NEW QUESTION: 126

NEW QUESTION: 127

NEW QUESTION: 128

NEW QUESTION: 129

NEW QUESTION: 130

NEW QUESTION: 131

NEW QUESTION: 133

NEW QUESTION: 134

NEW QUESTION: 135

NEW QUESTION: 136

NEW QUESTION: 137

NEW QUESTION: 138

NEW QUESTION: 139

NEW QUESTION: 140

NEW QUESTION: 142

NEW QUESTION: 143

NEW QUESTION: 144

NEW QUESTION: 145

NEW QUESTION: 146

NEW QUESTION: 147

NEW QUESTION: 148

NEW QUESTION: 149

NEW QUESTION: 150

NEW QUESTION: 151

NEW QUESTION: 152

NEW QUESTION: 153

NEW QUESTION: 155