You are on page 1of 6

1.

Which of the following are a benefit of removing unused or unneeded services

and protocols?
A. More machine resource availability B. More network throughput C. Less need for administration D. More security 2. The act of attempting to appear to be someone youre not in order to gain

access to a system is known as which of the following?


A. Spoofing B. DDoS C. Replay D. Sniffing 3. Which of the following is the best way to protect your organization from

revealing sensitive information through dumpster diving?


A. Establish a policy requiring employees to change passwords every 30 to 60 days. B. Teach employees the value of not disclosing restricted information over the

telephone to unknown parties.


C. Add a new firewall to the network. D. Shred all sensitive documentation. 4. PDAs, cell phones, and certain network cards have the ability to use

_____________ networks. Choose the BEST answer.


A. Wired B. Private C. Wireless D. Antique 5. There are three recognized levels of hacking ability in the Internet community.

The first is the skilled hacker, who writes the programs and scripts that script kiddies use for their attacks. Next comes the script kiddie, who knows how to run the scripts written by the skilled hackers. After the script kiddies come the _______________, who lack the basic knowledge of networks and security to launch an attack themselves.
A. Web kiddies B. Clickers C. Click kiddies D. Dunce kiddies 6. What are the two WEP key sizes available in 802.11 networks? A. 40-bit and 104-bit B. 24-bit and 64-bit C. 64-bit and 128-bit D. 24-bit and 104-bit 7. Which of the following is a weakness in WEP related to the IV? (Select all that apply) A. The IV is a static value, which makes it relatively easy for an attacker to brute

force the WEP key from captured traffic.


B. The IV is transmitted in plaintext and can be easily seen in captured traffic. C. The IV is only 24 bits in size, which makes it possible that two or more data

frames will be transmitted with the same IV, thereby resulting in an IV collision that an attacker can use to determine information about the network.
D. There is no weakness in WEP related to the IV. 8. You are creating a DMZ for a company and need to allow external users to access Web

servers in the DMZ using HTTP/S as well as allow internal users to access the same Web servers using standard HTTP. What is the best way to configure the external and internal firewalls to meet these requirements?
A. Open port 80 on the external firewall and port 443 on the internal firewall. B. Open port 443 on the external firewall and port 80 on the internal firewall. C. Open port 80 on the external firewall and port 110 on the internal firewall. D. Open port 110 on the external firewall and port 80 on the internal firewall.

9. You are setting up a test plan for verifying that new code being placed on a Web server

is secure and does not cause any problems with the production Web server. What is the best way to test the code prior to deploying it to the production Web server?
A. Test all new code on a development PC prior to transferring it to the production

Web server.
B. Test all new code on an active internal Web server prior to transferring it to the

production Web server.


C. Test all new code on a duplicate Web server prior to transferring it to the

production Web server.


D. Test all new code on another users PC prior to transferring it to the production

Web server.
10. The network team at your company has placed a sniffer on the network to analyze an

ongoing network-related problem. The team connects to the sniffer using Telnet to view the data going across the network. What would you recommend to increase the security of this connection without making it significantly more difficult for the network team members to do their jobs?
A. Require the network team to remove the sniffer immediately. B. Require the network team to view the data from the local console of the sniffer. C. Encrypt the connection to the sniffer using PAP. D. Use SSH to make the connection to the sniffer rather than Telnet. 11. Some new servers are being installed on your companys network and you have been

asked to work with the installer to ensure that they are as secure as possible from hack attempts. What is the most important step you should take to ensure that the servers OSs is secure?
A. Make sure that the installer is certified. B. Make sure that the latest OS service pack is installed. C. Make sure that the latest OS service pack and all security patches are installed. D. Make sure that the servers have locks on the hot-swap drive chassis. 12. Rick is a security auditor for your company. He is in the process of attempting to attack

one of your servers but when you check all of your production servers, you detect no attacks happening. Why is this so? A. Rick is actually attacking a server in someone elses network.
B. Rick is actually attacking a honeypot, not a production server. C. Rick is being stopped at the firewall. D. Rick is using the wrong account with which to launch the attack.

13. Public Key Cryptography is a system that uses a mix of symmetric and ___________

algorithms for the encryption of a secret key. A. Public


B. Asymmetric C. Private D. Certificate 14. A company consists of a main building with two smaller branch offices at opposite ends

of the city. The main building and branch offices are connected with fast links so that all employees have good connectivity to the network. Each of the buildings has security measures that require visitors to sign in, and all employees are required to wear identification badges at all times. You want to protect servers and other vital equipment so that the company has the best level of security at the lowest possible cost. Which of the following will you do to achieve this objective? A. Centralize servers and other vital components in a single room of the main building, and add security measures to this room so that they are well protected.
B. Centralize most servers and other vital components in a single room of the main

building, and place servers at each of the branch offices. Add security measures to areas where the servers and other components are located.
C. Decentralize servers and other vital components, and add security measures to

areas where the servers and other components are located.


D. Centralize servers and other vital components in a single room in the main

building. Because the building prevents unauthorized access to visitors and other persons, there is no need to implement physical security in the server room.
15. You have decided to implement biometrics as part of your security system. Before

purchasing a locking system that uses biometrics to control access to secure areas, you need to decide what will be used to authenticate users. Which of the following options relies solely on biometric authentication? A. Username and password
B. Fingerprints, retinal scans, PIN numbers, and facial characteristics C. Voice patterns, fingerprints, and retinal scans D. Strong passwords, PIN numbers, and digital imaging 16. A problem with air conditioning is causing fluctuations in temperature in the server

room. The temperature is rising to 90 degrees when the air conditioner stops working, and then drops to 60 degrees when it starts working again. The problem keeps occurring over the next two days. What problems may result from these fluctuations? (Select the best answer) A. Electrostatic discharge
B. Power outages C. Chip creep

D. Poor air quality 17. You are promoting user awareness in forensics, so users will know what to do when

incidents occur with their computers. Which of the following tasks should you instruct users to perform when an incident occurs? (Choose all that apply)
A. Shut down the computer B. Contact the incident response team C. Document what they see on the screen D. Log off the network 18. You are the first person to respond to the scene of an incident involving a computer

being hacked. After determining the scope of the crime scene and securing it, you attempt to preserve any evidence at the scene. Which of the following tasks will you perform to preserve evidence? (Choose all that apply)
A. Photograph any information displayed on the monitors of computers involved in

the incident.
B. Document any observations or messages displayed by the computer. C. Shut down the computer to prevent further attacks that may modify data. D. Gather up manuals, nonfunctioning devices, and other materials and equipment

in the area so they are ready for transport.


19. Forensic procedures must be followed exactly to ensure the integrity of data obtained in

an investigation. When making copies of data from a machine that is being examined, which of the following tasks should be done to ensure it is an exact duplicate?
A. Perform a cyclic redundancy check using a checksum or hashing algorithm. B. Change the attributes of data to make it read only. C. Open files on the original media and compare them to the copied data. D. Do nothing. Imaging software always makes an accurate image. 20. You receive a complaint from the network administrator of another company regarding

an attempted hacking of their Web site. Their firewall logs show that the attempt came from an IP address from your company. Upon hearing the IP address, you find that this is the IP address of the proxy server belonging to your company. Further investigation on your part will be needed to identify who actually performed the attempted intrusion on the other companys Web site. Who will you notify of this problem before starting the investigation?

A. Media outlets to publicize the incident B. The incident response team C. Users of the network to ensure they are aware that private information dealing

with employees may need to be shared with the other company


D. No one

You might also like