Spring Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65
marks4sure logo
You work as a Network Administrator for Net Perfect Inc. The company has a Windows 2000, TCP/IP-based class C network consisting of 200 hosts. The network uses private IP addressing. A computer on the network is connected to the Internet. The management plans to increase the number of hosts to 300. The management also wants all hosts to be able to access the Internet through the existing connection. Which of the following steps will you take to accomplish this?
Each correct answer represents a part of the solution. Choose two.
Which of the following services is provided by the message authentication code (MAC) ?
Which of the following tools is NOT used for logging network activities in the Linux operating system?
Each correct answer represents a complete solution. Choose all that apply.
An organization monitors the hard disks of its employees ' computers from time to time. Which policy does this pertain to?
John works as a Network Security Professional. He is assigned a project to test the security of www.we-are-secure.com. He is working on the Linux operating system and wants to install an Intrusion Detection System on the We-are-secure server so that he can receive alerts about any hacking attempts. Which of the following tools can John use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
You work as a Network Administrator for Web World Inc. You want to host an e-commerce Web site on your network. You want to ensure that storage of credit card information is secure. Which of the following conditions should be met to accomplish this?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following is a process of monitoring data packets that travel across a network?
Which of the following protocols is used with a tunneling protocol to provide security?
In which of the following processes, a DNS server may return an incorrect IP address, diverting traffic to another computer?
Which of the following protocols work at the session layer of the OSI model?
Each correct answer represents a complete solution. Choose two.
Which of the following are examples of passive attacks?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following are tunneling protocols?
Each correct answer represents a complete solution. Choose two.
Fill in the blank with the appropriate value.
Service Set Identifiers (SSIDs) are case sensitive text strings that have a maximum length of_______ characters.
Which of the following uses public-key encryption to encrypt and digitally sign e-mail messages during communication between e-mail clients?
Which of the following encryption algorithms are based on stream ciphers?
Each correct answer represents a complete solution. Choose two.
Maria works as a professional Ethical Hacker. She recently has been assigned a project to test the security of www.we-are-secure.com. The company has provided the following information about the infrastructure of its network:
•Network diagrams of the we-are-secure infrastructure
•Source code of the security tools
•IP addressing information of the we-are-secure network
Which of the following testing methodologies is we-are-secure.com using to test the security of its network?
John works as a Network Administrator for We-are-secure Inc. The We-are-secure server is based on Windows Server 2003. One day, while analyzing the network security, he receives an error message that Kernel32.exe is encountering a problem. Which of the following steps should John take as a countermeasure to this situation?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following defines the communication link between a Web server and Web applications?
Maria works as a professional Ethical Hacker. She is assigned a project to test the security of www.we-are-secure.com. She wants to test a DoS attack on the We-are-secure server. She finds that the firewall of the server is blocking the ICMP messages, but it is not checking the UDP packets. Therefore, she sends a large amount of UDP echo request traffic to the IP broadcast addresses. These UDP requests have a spoofed source address of the We-are-secure server.
Which of the following DoS attacks is Maria using to accomplish her task?
Which of the following protocols are used to provide secure communication between a client and a server over the Internet?
Each correct answer represents a part of the solution. Choose two.
Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active Directory domain-based network. The domain contains one hundred Windows XP Professional client computers. Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will use Wired Equivalent Privacy (WEP) for all the connections. According to the company ' s security policy, the client computers must be able to automatically connect to the wireless LAN. However, the unauthorized computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants to configure all the wireless access points and client computers to act in accordance with the company ' s security policy. What will he do to accomplish this?
Each correct answer represents a part of the solution. Choose three.
Which of the following entities is used by Routers and firewalls to determine which packets should be forwarded or dropped?
Which of the following involves changing data prior to or during input to a computer in an effort to commit fraud?
Which of the following is a set of exclusive rights granted by a state to an inventor or his assignee for a fixed period of time in exchange for the disclosure of an invention?
Which of the following is used to prevent the electronic emissions of a computer from being used by unauthorized users?
This is a Windows-based tool that is used for the detection of wireless LANs using the IEEE 802.11a, 802.11b, and 802.11g standards. The main features of these tools are as follows:
•It displays the signal strength of a wireless network, MAC address, SISD, channel details, etc.
•It is commonly used for the following purposes:
a. War driving
b. Detecting unauthorized access points
c. Detecting causes of interference on a WLAN
d. WEP ICV error tracking
e. Making Graphs and Alarms on 802.11 Data, including Signal Strength
This tool is known as __________.
Which of the following is referred to as Radio Frequency Interference (RFI) and Electromagnetic Interference (EMI)?
Which of the following are the ways of sending secure e-mail messages over the Internet?
Each correct answer represents a complete solution. Choose two.
Which of the following layers of the OSI model corresponds to the Host-to-Host layer of the TCP/IP model?
Which of the following acts as an intermediary between a user on the internal network and a service on the external network such as the Internet?
Which of the following refers to the emulation of the identity of a network computer by an attacking computer?
Which of the following access control models uses a predefined set of access privileges for an object of a system?
You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network.
You have configured a firewall on the network. A filter has been applied to block all the ports. You want to enable sending and receiving of emails on the network. Which of the following ports will you open?
Each correct answer represents a complete solution. Choose two.
Which of the following is the most common method used by attackers to identify wireless networks?
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. While examining a log report, he finds that an intrusion has been attempted by an attacker whose IP address is 0x40.0x3A.0x2B.0xE6. Which of the following decimal IP addresses will respond to the ping on the above Hexadecimal IP address?
You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails .
Which of the following will you use to accomplish this?
Which of the following types of activities can be audited for security?
Each correct answer represents a complete solution. Choose three.
You are a salesperson. You are authorized to access only the information that is essential for your work. Which of the following access control models is used in your organization?
Which of the following is a duplicate of the original site of an organization, with fully working systems as well as near-complete backups of user data?
Which of the following are based on malicious code?
Each correct answer represents a complete solution. Choose two.
Which of the following classes of IP addresses allows a maximum of 2,097,152 networks?
You work as a Network Administrator for Net Soft Inc. You are designing a data backup plan for your company ' s network. The backup policy of the company requires high security and easy recovery of data. Which of the following options will you choose to accomplish this?
Which of the following viruses masks itself from applications or utilities to hide itself by detection of anti-virus software?
Which of the following services are provided by Remote Authentication Dial-In User Service (RADIUS) ?
Each correct answer represents a complete solution. Choose three.
Which of the following features of a switch helps to protect network from MAC flood and MAC spoofing?
You work as a Network Administrator for Infonet Inc. The company uses Wired Equivalent Privacy (WEP) for wireless security. Who among the following can authenticate from the access point of the network?
You work as a Network Administrator for NetTech Inc. Employees in remote locations connect to the company ' s network using Remote Access Service (RAS). Which of the following will you use to protect the network against unauthorized access?
Which of the following statements about asymmetric encryption are true?
Each correct answer represents a complete solution. Choose two.
Fill in the blank with the appropriate value.
Twofish symmetric key block cipher operates on 128-bits block size using key sizes up to______ bits.
Which of the following provides the best protection against a man-in-the-middle attack?
You work as a Network Administrator for Infonet Inc. The company ' s network is connected to the Internet. The network has a Web server that is accessible to Internet users. For security, you want to keep the Web server separate from other servers on the network. Where will you place the Web server?
Which of the following are the goals of the cryptographic systems?
Each correct answer represents a complete solution. Choose three.
What are the benefits of using a proxy server on a network?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following can be done over telephone lines, e-mail, instant messaging, and any other method of communication considered private.
Which of the following works at the network layer and hides the local area network IP address and topology?
Which of the following is the process of finding weaknesses in cryptographic algorithms and obtaining the plaintext or key from the ciphertext?
Which of the following occurs when a packet is sent from a source computer to a destination computer?
Which of the following is used by attackers to obtain an authenticated connection on a network?
Which of the following protects from electrical and magnetic induction that causes interference to the power voltage?
You work as a Network Administrator for McRoberts Inc. The company has a TCP-based network, which is connected to the Internet. Users use their Web browsers to connect to Web servers and to view different Web pages. Which of the following protocols ensures a secure connection between a Web browser and a Web server?
You work as a Network Administrator for Rick International. The company has a TCP/IP-based network. A user named Kevin wants to set an SSH terminal at home to connect to the company ' s network. You have to configure your company ' s router for it. By default, which of the following standard ports does the SSH protocol use for connection?
Which of the following statements about a smart card are true?
Each correct answer represents a complete solution. Choose two.
Which of the following are considered Bluetooth security violations?
Each correct answer represents a complete solution. Choose two.
Which of the following refers to a computer that must be secure because it is accessible from the Internet and is vulnerable to attacks?
Fill in the blanks with the appropriate values.
International Data Encryption Algorithm (IDEA) is a _____ -bit block cipher that uses a ________-bit key.
You work in a company that accesses the Internet frequently. This makes the company ' s files susceptible to attacks from unauthorized access. You want to protect your company ' s network from external attacks. Which of the following options will help you in achieving your aim?
In which of the following IDS evasion attacks does an attacker send a data packet such that IDS accepts the data packet but the host computer rejects it?
Which of the following is a documentation of guidelines that computer forensics experts use to handle evidences?
Which of the following terms refers to the process in which headers and trailers are added around user data?
Which of the following ports is the default port for Layer 2 Tunneling Protocol (L2TP) ?
Which of the following protocols is used with a tunneling protocol to provide security?
The backup system that stores only those files that have been changed since the last backup is known as ______.
Which of the following statements about certification authority (CA) are true?
Each correct answer represents a complete solution. Choose two.
Which of the following are the major tasks of risk management?
Each correct answer represents a complete solution. Choose two.
Which of the following statements about a hoax are true?
Each correct answer represents a complete solution. Choose two.
SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol?
Each correct answer represents a complete solution. Choose all that apply.
You work as a Network Administrator of a TCP/IP network. You are having DNS resolution problem. Which of the following utilities will you use to diagnose the problem?
Which of the following processes is used by remote users to make a secure connection to internal resources after establishing an Internet connection?
Which of the following are the application layer protocols for security?
Each correct answer represents a complete solution. Choose three.
Which of the following are data link layer components?
Each correct answer represents a complete solution. Choose three.
You work as a Database Administrator for Bluewell Inc. The company has a SQL Server 2005 computer. The company asks you to implement a RAID system to provide fault tolerance to a database. You want to implement disk mirroring. Which of the following RAID levels will you use to accomplish the task?
What does the Internet encryption and authentication system named RSA stand for?
Which of the following are tunneling protocols?
Each correct answer represents a complete solution. Choose two.
Fill in the blank with the appropriate value.
Digital Subscriber Line must be installed within a _______ kilometer radius of the telephone company ' s access point.
Andrew works as a Network Administrator for Infonet Inc. The company ' s network has a Web server that hosts the company ' s Web site. Andrew wants to increase the security of the Web site by implementing Secure Sockets Layer (SSL) . Which of the following types of encryption does SSL use?
Each correct answer represents a complete solution. Choose two.
John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1.
Original cookie values:
ItemID1=2
ItemPrice1=900
ItemID2=1
ItemPrice2=200
Modified cookie values:
ItemID1=2
ItemPrice1=1
ItemID2=1
ItemPrice2=1
Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price.
Which of the following hacking techniques is John performing?
Which of the following protocols is used to establish a secure TELNET session over TCP/IP?
Which of the following are used to suppress paper or wood fires?
Each correct answer represents a complete solution. Choose two.
You work as a Network Administrator for NetTech Inc. To ensure the security of files, you encrypt data files using Encrypting File System (EFS) . You want to make a backup copy of the files and maintain security settings. You can backup the files either to a network share or a floppy disk. What will you do to accomplish this?
Which of the following types of attack can be used to break the best physical and logical security mechanism to gain access to a system?
Which of the following rate systems of Orange book has mandatory protection of the Trusted Computing Base (TCB)?
You are responsible for a Microsoft based network. Your servers are all clustered. Which of the following are the likely reasons for the clustering?
Each correct answer represents a complete solution. Choose two.
Which of the following steps can be taken to protect laptops and data they hold?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following statements about the One Time Password (OTP) security system are true?
Each correct answer represents a complete solution. Choose two.
Which of the following attacks involves multiple compromised systems to attack a single target?
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He writes the following snort rule:
This rule can help him protect the We-are-secure server from the __________.
Which of the following protocols work at the data-link layer?
Each correct answer represents a complete solution. Choose two.
Which of the following policies is set by a network administrator to allow users to keep their emails and documents for a fixed period of time?
Which of the following tools is a component of Cisco Adaptive Security Appliance (ASA) and provides an in-depth security design to prevent various types of problems such as viruses, spams, and spyware?
Which of the following protocols allows an e-mail client to access and manipulate a remote e-mail file without downloading it to the local computer?
Which of the following cables provides maximum security against electronic eavesdropping on a network?
Which of the following statements about a host-based intrusion prevention system (HIPS) are true?
Each correct answer represents a complete solution. Choose two.
Which of the following rated systems of the Orange book has mandatory protection of the TCB?
Which of the following are natural environmental threats that an organization faces?
Each correct answer represents a complete solution. Choose two.
John works as a professional Ethical Hacker. He has been assigned a project for testing the security of www.we-are-secure.com. He wants to corrupt an IDS signature database so that performing attacks on the server is made easy and he can observe the flaws in the We-are-secure server. To perform his task, he first of all sends a virus that continuously changes its signature to avoid detection from IDS. Since the new signature of the virus does not match the old signature, which is entered in the IDS signature database, IDS becomes unable to point out the malicious virus. Which of the following IDS evasion attacks is John performing?
Which of the following steps are generally followed in computer forensic examinations?
Each correct answer represents a complete solution. Choose three.
Which of the following statements about service pack are true?
Each correct answer represents a complete solution. Choose two.
Which of the following statements about Switched Multimegabit Data Service (SMDS) are true?
Each correct answer represents a complete solution. Choose two.
Which of the following categories of UTP cable has maximum data transfer rate of 155 Mbps?
Which of the following statements about Discretionary Access Control List (DACL) is true?
Which of the following type of errors occurs when a legitimate user incorrectly denied access to resources by the Biometrics authentication systems?
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?
Which term best describes an e-mail that contains incorrect and misleading information or warnings about viruses?
Which of the following are the ways of sending secure e-mail messages over the Internet?
Each correct answer represents a complete solution. Choose two.
Which of the following protocols provides maintenance and error reporting function?
Which of the following refers to a computer that must be secure because it is accessible from the Internet and is vulnerable to attacks?
Identify whether the given statement is true or false.
" Replay attack is a type of attack in which attackers capture packets containing passwords or digital signatures whenever packets pass between two hosts on a network. "
Which of the following types of computers is used for attracting potential intruders?
Identify whether the given statement is true or false.
" Replay attack is a type of attack in which attackers capture packets containing passwords or digital signatures whenever packets pass between two hosts on a network. "
A ________ attack occurs when an attacker successfully inserts an intermediary software or program between two communicating hosts.
Which of the following rated systems of the Orange book has mandatory protection of the TCB?
Mark works as a Network Administrator for NetTech Inc. The company has a Windows 2000 domain-based network. Users report that they are unable to log on to the network. Mark finds that accounts are locked out due to multiple incorrect log on attempts. What is the most likely cause of the account lockouts?
Which of the following formulas is used to determine the Single Loss Expectancy (SLE)?
__________ is the process of verifying the identity of a user and obtaining required evidences from the user.
At which of the following layers of the Open System Interconnection (OSI) model the Internet Control Message Protocol (ICMP) and the Internet Group Management Protocol (IGMP) work?
Which of the following is an international treaty that governs intellectual property?
Which of the following processes removes data from the media so that it is difficult to restore?
Which of the following port numbers is used by the HTTPS protocol for secure Web transmission?
You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser ' s address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.PassGuide.com. What is the most likely cause?
Which of the following actions might cause a privacy breach while surfing the Internet?
The _______ protocol allows applications to communicate across a network in a way designed to prevent eavesdropping and message forgery.
Which of the following encryption methods comes under symmetric encryption algorithm?
Each correct answer represents a complete solution. Choose three.
Which of the following should propose applicable and effective security controls for managing the risks?
Which of the following activities is used to take place after recording and registering an incident?
You work as a Network Administrator for NetTech Inc. Employees in remote locations connect to the company ' s network using Remote Access Service (RAS). Which of the following will you use to protect the network against unauthorized access?
Which of the following IP addresses are private addresses ?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following is a program that monitors data packets traveling across a network?
Which of the following protocols are used to provide secure communication between a client and a server over the Internet?
Each correct answer represents a part of the solution. Choose two.
Which of the following statements about System Access Control List (SACL) is true?
Which of the following protects against unauthorized access to confidential information via encryption and works at the network layer?
Which of the following protocols is responsible for requesting Web pages from a Web server and sending back the responses to the Web browser?
Which of the following statements about IPSec are true?
Each correct answer represents a complete solution. Choose two.
Which of the following types of Network Address Translation (NAT) uses a pool of public IP addresses?
Which of the following refers to a program that allows access to a system by skipping the security checks?
Wired Equivalent Privacy (WEP) is a security protocol for wireless local area networks (WLANs). It has two components, authentication and encryption. It provides security equivalent to wired networks for wireless networks. WEP encrypts data on a wireless network by using a fixed secret key. Which of the following statements are true about WEP?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following evidences are the collection of facts that, when considered together, can be used to infer a conclusion about the malicious activity/person?
Which of the following is the method of hiding data within another media type such as graphic or document?
Which of the following are the types of access controls?
Each correct answer represents a complete solution. Choose three.
Which of the following is a term used to refer to access of a wireless Internet connection by bringing one ' s own computer within the range of another ' s wireless connection, and using that service without the subscriber ' s explicit permission or knowledge?
A Web-based credit card company had collected financial and personal details of Mark before issuing him a credit card. The company has now provided Mark ' s financial and personal details to another company. Which of the following Internet laws has the credit card issuing company violated?
Which of the following should be implemented to protect an organization from spam ?
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He finds that the We-are-secure server is vulnerable to attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against
__________.
TESTED 02 May 2026