Q2. You have implemented a version of the Kerberos protocol for your network. What service does Kerberos primarily offer?

A. Authentication

B. Encryption

C. Non-repudiation

D. Data integrity

View Answer

Q3. Which of the following is the primary weakness of symmetric-key encryption?

A. Data encrypted using symmetric-key encryption is subject to corruption during transport.

B. Symmetric-key encryption operates slower than asymmetric-key encryption.

C. Symmetric-key encryption does not provide the service of data confidentiality.

D. Keys created using symmetric-key encryption are difficult to distribute securely.

View Answer

Q4. Consider the following image of a packet capture:

This packet capture has recorded two types of attacks. Which choice lists both attack types?

A. A dictionary attack and a worm-based attackA.A dictionary attack and a worm-based attack

B. A syn flood attack and a spoofing attackB.A syn flood attack and a spoofing attack

C. A worm attack and a botnet attack C.A worm attack and a botnet attack

D. A SQL injection attack and a virus attackD.A SQL injection attack and a virus attack

View Answer

Q5. At what layer of the OSI/RM does a packet filter operate?

A. Layer 1

B. Layer 3

C. Layer 5

D. Layer 7

View Answer

Q6. You have discovered that the ls, su and ps commands no longer function as expected. They do not return information in a manner similar to any other Linux system. Also, the implementation of Tripwire you have installed on this server is returning new hash values. Which of the following has most likely occurred?

A. A trojan has attacked the system.

B. A SQL injection attack has occurred.

C. A spyware application has been installed.

D. A root kit has been installed on the system.

View Answer

Q7. Which of the following is a primary auditing activity?

A. Encrypting data files

B. Changing login accounts

C. Checking log files

D. Configuring the firewall

View Answer

Q8. Consider the following diagram:

Which type of attack is occurring?

A. Polymorphic virus-based attack

B. Denial-of-service attack

C. Distributed denial-of-service attack

D. Man-in-the-middle attack using a packet sniffer

View Answer

Q9. Which of the following activities is the most effective at keeping the actions of nae end users from putting the company's physical and logicalWhich of the following activities is the most effective at keeping the actions of na?e end users from putting the company's physical and logical resources at risk?

A. Configuring network intrusion-detection software to monitor end user activity

B. Conducting a training session at the time of hire

C. Reconfiguring the network firewall

D. Assembling a team of security professionals to monitor the network

View Answer

Q10. Which of the following is the most likely first step to enable a server to recover from a denial-of-service attack in which all hard disk data is lost?

A. Enable virtualization

B. Contact the backup service

C. Contact a disk recovery service

D. Rebuild your RAID 0 array

View Answer

Q11. Which of the following details should be included in documentation of an attack?

A. An overview of the security policy and suggestions for the next response plan

B. Estimates of how much the attack cost the company, and a list of the applications used by the attacker

C. The time and date of the attack, and the names of employees who were contacted during the response

D. The network resources involved in the attack, and recommendations for thwarting future attacks

View Answer