Q1. Jake is a network administrator who needs to get reports from all the computer and network devices on his network. Jake wants to use SNMP but is afraid that won't be secure since passwords and messages are in clear text. How can Jake gather network information in a secure manner? 

A. He can use SNMPv3 

B. Jake can use SNMPrev5 

C. He can use SecWMI 

D. Jake can use SecSNMP 

View Answer

Q2. Rebecca is a security analyst and knows of a local root exploit that has the ability to enable local users to use available exploits to gain root privileges. This vulnerability exploits a condition in the Linux kernel within the execve() system call. There is no known workaround that exists for this vulnerability. What is the correct action to be taken by Rebecca in this situation as a recommendation to management? 

A. Rebecca should make a recommendation to disable the () system call 

B. Rebecca should make a recommendation to upgrade the Linux kernel promptly 

C. Rebecca should make a recommendation to set all child-process to sleep within the execve() 

D. Rebecca should make a recommendation to hire more system administrators to monitor all child processes to ensure that each child process can't elevate privilege 

View Answer

Q3. This type of Port Scanning technique splits TCP header into several packets so that the packet filters are not able to detect what the packets intends to do. 

A. UDP Scanning 

B. IP Fragment Scanning 

C. Inverse TCP flag scanning 

D. ACK flag scanning 

View Answer

Q4. Jacob is looking through a traffic log that was captured using Wireshark. Jacob has come across what appears to be SYN requests to an internal computer from a spoofed IP address. What is Jacob seeing here? 

A. Jacob is seeing a Smurf attack. 

B. Jacob is seeing a SYN flood. 

C. He is seeing a SYN/ACK attack. 

D. He has found evidence of an ACK flood. 

View Answer

Q5. You want to hide a secret.txt document inside c:\windows\system32\tcpip.dll kernel library using ADS streams. How will you accomplish this? 

A. copy secret.txt c:\windows\system32\tcpip.dll kernel>secret.txt 

B. copy secret.txt c:\windows\system32\tcpip.dll:secret.txt 

C. copy secret.txt c:\windows\system32\tcpip.dll |secret.txt 

D. copy secret.txt >< c:\windows\system32\tcpip.dll kernel secret.txt 

View Answer

Q6. Which is the Novell Netware Packet signature level used to sign all packets ? 

A. 0 

B. 1 

C. 2 

D. 3 

View Answer

Q7. What type of port scan is shown below? 

A. Idle Scan 

B. Windows Scan 

C. XMAS Scan 

D. SYN Stealth Scan 

View Answer

Q8. Sandra is the security administrator of ABC.com. One day she notices that the ABC.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately. 

Which organization coordinates computer crime investigations throughout the United States? 

A. NDCA 

B. NICP 

C. CIRP 

D. NPC 

E. CIA 

View Answer

Q9. Exhibit 

You receive an e-mail with the message displayed in the exhibit. 

From this e-mail you suspect that this message was sent by some hacker since you have using their e-mail services for the last 2 years and they never sent out an e-mail as this. You also observe the URL in the message and confirm your suspicion about 340590649. You immediately enter the following at the Windows 2000 command prompt. 

ping 340590649 

You get a response with a valid IP address. What is the obstructed IP address in the e-mail URL? 

A. 192.34.5.9 

B. 10.0.3.4 

C. 203.2.4.5 

D. 199.23.43.4 

View Answer