NEW QUESTION 1
Which one of the following architectures has the drawback of internally considering the hosted services individually?

• A. Weak Screened Subnet Architecture
• B. "Inside Versus Outside" Architecture
• C. "Three-Homed Firewall" DMZ Architecture
• D. Strong Screened-Subnet Architecture

Answer: C

NEW QUESTION 2
How many possible sequence number combinations are there in TCP/IP protocol?

• A. 320 billion
• B. 32 million
• C. 4 billion
• D. 1 billion

Answer: C

NEW QUESTION 3
In the TCP/IP model, the transport layer is responsible for reliability and flow control from source to the destination. TCP provides the mechanism for flow control by allowing the sending and receiving hosts to communicate.
A flow control mechanism avoids the problem with a transmitting host overflowing the buffers in the receiving host.

• A. Sliding Windows
• B. Windowing
• C. Positive Acknowledgment with Retransmission (PAR)
• D. Synchronization

Answer: C

NEW QUESTION 4
Amazon, an IT based company, conducts a survey on the usage of the Internet. They found that company employees spend most of the time at work surfing the web for their personal use and for inappropriate web site viewing. Management decide to block all such web sites using URL filtering software.

How can employees continue to see the blocked websites?

• A. Using session hijacking
• B. Using proxy servers
• C. Using authentication
• D. Using encryption

Answer: B

NEW QUESTION 5
A penetration test consists of three phases: pre-attack phase, attack phase, and post-attack phase.

Active reconnaissance which includes activities such as network mapping, web profiling, and perimeter mapping is a part which phase(s)?

• A. Post-attack phase
• B. Pre-attack phase and attack phase
• C. Attack phase
• D. Pre-attack phase

Answer: D

NEW QUESTION 6
Identify the framework that comprises of five levels to guide agency assessment of their security programs and assist in prioritizing efforts for improvement:

• A. Information System Security Assessment Framework (ISSAF)
• B. Microsoft Internet Security Framework
• C. Nortells Unified Security Framework
• D. Federal Information Technology Security Assessment Framework

Answer: D

NEW QUESTION 7
You setup SNMP in multiple offices of your company. Your SNMP software manager is not receiving data from other offices like it is for your main office. You suspect that firewall changes are to blame.
What ports should you open for SNMP to work through Firewalls. (Select 2)

• A. 162
• B. 160
• C. 161
• D. 163

Answer: AC

NEW QUESTION 8
Harold is a web designer who has completed a website for ghttech.net. As part of the maintenance agreement he signed with the client, Harold is performing research online and seeing how much exposure the site has received so far. Harold navigates to google.com and types in the following search. link:www.ghttech.net
What will this search produce?

• A. All sites that link to ghttech.net
• B. Sites that contain the code: link:www.ghttech.net
• C. All sites that ghttech.net links to
• D. All search engines that link to .net domains

Answer: A

NEW QUESTION 9
What is the following command trying to accomplish?

• A. Verify that NETBIOS is running for the 192.168.0.0 network
• B. Verify that TCP port 445 is open for the 192.168.0.0 network
• C. Verify that UDP port 445 is open for the 192.168.0.0 network
• D. Verify that UDP port 445 is closed for the 192.168.0.0 networks

Answer: C

NEW QUESTION 10
Harold wants to set up a firewall on his network but is not sure which one would be the most appropriate. He knows he needs to allow FTP traffic to one of the servers on his network, but he wants to only allow FTP-PUT.
Which firewall would be most appropriate for Harold?

• A. Application-level proxy firewall
• B. Data link layer firewall
• C. Packet filtering firewall
• D. Circuit-level proxy firewall

Answer: A

NEW QUESTION 11
When you are running a vulnerability scan on a network and the IDS cuts off your connection, what type of IDS is being used?

• A. Passive IDS
• B. Active IDS
• C. Progressive IDS
• D. NIPS

Answer: B

NEW QUESTION 12
Which one of the following acts related to the information security in the US fix the responsibility of management for establishing and maintaining an adequate internal control structure and procedures for financial reporting?

• A. California SB 1386
• B. Sarbanes-Oxley 2002
• C. Gramm-Leach-Bliley Act (GLBA)
• D. USA Patriot Act 2001

Answer: B

NEW QUESTION 13
Wireless communication allows networks to extend to places that might otherwise go untouched by the wired networks. When most people say ‘Wireless’ these days, they are referring to one of the 802.11 standards. There are three main 802.11 standards: B, A, and G.
Which one of the following 802.11 types uses DSSS Modulation, splitting the 2.4ghz band into channels?

• A. 802.11b
• B. 802.11g
• C. 802.11-Legacy
• D. 802.11n

Answer: A

NEW QUESTION 14
Which of the following attributes has a LM and NTLMv1 value as 64bit + 64bit + 64bit and NTLMv2 value as 128 bits?

• A. Hash Key Length
• B. C/R Value Length
• C. C/R Key Length
• D. Hash Value Length

Answer: B

NEW QUESTION 15
What is kept in the following directory? HKLMSECURITYPolicySecrets

• A. Service account passwords in plain text
• B. Cached password hashes for the past 20 users
• C. IAS account names and passwords
• D. Local store PKI Kerberos certificates

Answer: A

NEW QUESTION 16
You are assisting a Department of Defense contract company to become compliant with the stringent
security policies set by the DoD. One such strict rule is that firewalls must only allow incoming connections that were first initiated by internal computers.
What type of firewall must you implement to abide by this policy?

• A. Circuit-level proxy firewall
• B. Packet filtering firewall
• C. Application-level proxy firewall
• D. Statefull firewall

Answer: D

NEW QUESTION 17
An "idle" system is also referred to as what?

• A. Zombie
• B. PC not being used
• C. Bot
• D. PC not connected to the Internet

Answer: A

NEW QUESTION 18
Which of the following policy forbids everything with strict restrictions on all usage of the company systems and network?

• A. Information-Protection Po
• B. Paranoid Policy
• C. Promiscuous Policy
• D. Prudent Policy

Answer: B

NEW QUESTION 19
To locate the firewall, SYN packet is crafted using Hping or any other packet crafter and sent to the firewall. If ICMP unreachable type 13 message (which is an admin prohibited packet) with a source IP address of the access control device is received, then it means which of the following type of firewall is in place?

• A. Circuit level gateway
• B. Stateful multilayer inspection firewall
• C. Packet filter
• D. Application level gateway

Answer: C

NEW QUESTION 20
Identify the type of testing that is carried out without giving any information to the employees or
administrative head of the organization.

• A. Unannounced Testing
• B. Double Blind Testing
• C. Announced Testing
• D. Blind Testing

Answer: B