NEW QUESTION 1
Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?

• A. Take over the session
• B. Reverse sequence prediction
• C. Guess the sequence numbers
• D. Take one of the parties offline

Answer: C

NEW QUESTION 2
Yancey is a network security administrator for a large electric company. This company provides power for over 100, 000 people in Las Vegas. Yancey has worked for his company for over 15 years and has become very successful. One day, Yancey comes in to work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years, he just wants the company to pay for what they are doing to him.
What would Yancey be considered?

• A. Yancey would be considered a Suicide Hacker
• B. Since he does not care about going to jail, he would be considered a Black Hat
• C. Because Yancey works for the company currently; he would be a White Hat
• D. Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing

Answer: A

NEW QUESTION 3
Which regulation defines security and privacy controls for Federal information systems and organizations?

• A. HIPAA
• B. EU Safe Harbor
• C. PCI-DSS
• D. NIST-800-53

Answer: D

NEW QUESTION 4
Steve, a scientist who works in a governmental security agency, developed a technological solution to identify people based on walking patterns and implemented this approach to a physical control access.
A camera captures people walking and identifies the individuals using Steve’s approach.
After that, people must approximate their RFID badges. Both the identifications are required to open the door. In this case, we can say:

• A. Although the approach has two phases, it actually implements just one authentication factor
• B. The solution implements the two authentication factors: physical object and physical characteristic
• C. The solution will have a high level of false positives
• D. Biological motion cannot be used to identify people

Answer: B

NEW QUESTION 5
What is a NULL scan?

• A. A scan in which all flags are turned off
• B. A scan in which certain flags are off
• C. A scan in which all flags are on
• D. A scan in which the packet size is set to zero
• E. A scan with an illegal packet size

Answer: A

NEW QUESTION 6
Which definition among those given below best describes a covert channel?

• A. A server program using a port that is not well known.
• B. Making use of a protocol in a way it is not intended to be used.
• C. It is the multiplexing taking place on a communication link.
• D. It is one of the weak channels used by WEP which makes it insecure

Answer: B

NEW QUESTION 7
What is the main security service a cryptographic hash provides?

• A. Integrity and ease of computation
• B. Message authentication and collision resistance
• C. Integrity and collision resistance
• D. Integrity and computational in-feasibility

Answer: D

NEW QUESTION 8
In the context of Windows Security, what is a 'null' user?

• A. A user that has no skills
• B. An account that has been suspended by the admin
• C. A pseudo account that has no username and password
• D. A pseudo account that was created for security administration purpose

Answer: C

NEW QUESTION 9
Which of the following is the best countermeasure to encrypting ransomwares?

• A. Use multiple antivirus softwares
• B. Pay a ransom
• C. Keep some generation of off-line backup
• D. Analyze the ransomware to get decryption key of encrypted data

Answer: C

NEW QUESTION 10
A pen tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?

• A. Libpcap
• B. Awinpcap
• C. Winprom
• D. Winpcap

Answer: D

NEW QUESTION 11
E- mail scams and mail fraud are regulated by which of the following?

• A. 18 U.S.
• B. pa
• C. 1030 Fraud and Related activity in connection with Computers
• D. 18 U.S.
• E. pa
• F. 1029 Fraud and Related activity in connection with Access Devices
• G. 18 U.S.
• H. pa
• I. 1362 Communication Lines, Stations, or Systems
• J. 18 U.S.
• K. pa
• L. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication

Answer: A

NEW QUESTION 12
A zone file consists of which of the following Resource Records (RRs)?

• A. DNS, NS, AXFR, and MX records
• B. DNS, NS, PTR, and MX records
• C. SOA, NS, AXFR, and MX records
• D. SOA, NS, A, and MX records

Answer: D

NEW QUESTION 13
By using a smart card and pin, you are using a two-factor authentication that satisfies

• A. Something you are and something you remember
• B. Something you have and something you know
• C. Something you know and something you are
• D. Something you have and something you are

Answer: B

NEW QUESTION 14
An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?

• A. Make sure that legitimate network routers are configured to run routing protocols with authentication.
• B. Disable all routing protocols and only use static routes
• C. Only using OSPFv3 will mitigate this risk.
• D. Redirection of the traffic cannot happen unless the admin allows it explicitly.

Answer: A

NEW QUESTION 15
Jim’s company regularly performs backups of their critical servers. But the company cannot afford to send backup tapes to an off-site vendor for long-term storage and archiving. Instead, Jim’s company keeps the backup tapes in a safe in the office. Jim’s company is audited each year, and the results from this year’s audit show a risk because backup tapes are not stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?

• A. Encrypt the backup tapes and transport them in a lock box.
• B. Degauss the backup tapes and transport them in a lock box.
• C. Hash the backup tapes and transport them in a lock box.
• D. Encrypt the backup tapes and use a courier to transport them.

Answer: A

NEW QUESTION 16
A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server's software. The “ps” command shows that the “nc” file is running as process, and the netstat command shows the “nc” process is listening on a network port.
What kind of vulnerability must be present to make this remote attack possible?

• A. File system permissions
• B. Privilege escalation
• C. Directory traversal
• D. Brute force login

Answer: A

NEW QUESTION 17
You are a Network Security Officer. You have two machines. The first machine (192.168.0.99) has snort installed, and the second machine (192.168.0.150) has kiwi syslog installed. You perform a syn scan in your network, and you notice that kiwi syslog is not receiving the alert message from snort. You decide to run wireshark in the snort machine to check if the messages are going to the kiwi syslog machine. What Wireshark filter will show the connections from the snort machine to kiwi syslog machine?

• A. tcp.srcport= = 514 && ip.src= = 192.168.0.99
• B. tcp.srcport= = 514 && ip.src= = 192.168.150
• C. tcp.dstport= = 514 && ip.dst= = 192.168.0.99
• D. tcp.dstport= = 514 && ip.dst= = 192.168.0.150

Answer: D

NEW QUESTION 18
The “Gray-box testing” methodology enforces what kind of restriction?

• A. Only the external operation of a system is accessible to the tester.
• B. The internal operation of a system in only partly accessible to the tester.
• C. Only the internal operation of a system is known to the tester.
• D. The internal operation of a system is completely known to the tester.

Answer: B

NEW QUESTION 19
Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

• A. ESP transport mode
• B. ESP confidential
• C. AH permiscuous
• D. AH Tunnel mode

Answer: A

NEW QUESTION 20
Which of the following Linux commands will resolve a domain name into IP address?

• A. >host-t a hackeddomain.com
• B. >host-t ns hackeddomain.com
• C. >host -t soa hackeddomain.com
• D. >host -t AXFR hackeddomain.com

Answer: A

NEW QUESTION 21
......