NEW QUESTION 1
Which of the following statements are true about snort?
Each correct answer represents a complete solution. Choose all that apply.

• A. It develops a new signature to find vulnerabilitie
• B. It detects and alerts a computer user when it finds threats such as buffer overflows, stealth port scans, CGI attacks, SMB probes and NetBIOS queries, NMAP and other port scanners, well-known backdoors and system vulnerabilities, and DDoS client
• C. It encrypts the log file using the 256 bit AES encryption scheme algorith
• D. It is used as a passive trap to record the presence of traffic that should not be found on a network, such as NFS or Napster connection

Answer: ABD

NEW QUESTION 2
You work as a Desktop Support Technician for umbrella Inc. The company uses a Windows-based network. An employee of the production department is facing the problem in the IP configuration of the network connection.
He called you to resolve the issue. You suspect that the IP configuration is not configured properly. You want to use the ping command to ensure that IPv4 protocol is working on a computer. While running the ping command from the command prompt, you find that Windows Firewall is blocking the ping command. You enter the following command in the elevated command prompt on the computer:
netsh advfirewall firewall add rule name="ICMPv4" protocol=icmpv4:any,any dir=in action=allow
Which of the following actions will this command perform?

• A. Permit ICMPv4 packet to pass through the firewal
• B. Permit ICMPv4 Echo Reques
• C. Enable packet filtering by Windows Firewal
• D. Disable Firewall temporaril

Answer: A

NEW QUESTION 3
Which of the following tools is described below?
It is a set of tools that are used for sniffing passwords, e-mail, and HTTP traffic. Some of its tools include arpredirect, macof, tcpkill, tcpnice, filesnarf, and mailsnarf. It is highly effective for sniffing both switched and shared networks. It uses the arpredirect and macof tools for switching across switched networks. It can also be used to capture authentication information for FTP, telnet, SMTP, HTTP, POP, NNTP, IMAP, etc.

• A. LIDS
• B. Dsniff
• C. Cain
• D. Libnids

Answer: B

NEW QUESTION 4
An attacker wants to launch an attack on a wired Ethernet. He wants to accomplish the following tasks:
Sniff data frames on a local area network.
Modify the network traffic.
Stop the network traffic frequently.
Which of the following techniques will the attacker use to accomplish the task?

• A. IP spoofing
• B. Eavesdropping
• C. ARP spoofing
• D. Session hijacking

Answer: C

NEW QUESTION 5
What are the advantages of an application layer firewall?
Each correct answer represents a complete solution. Choose all that apply.

• A. It provides detailed logging information for management purpose
• B. It prevents most of the spoofing and DoS attack
• C. It monitors and filters dat
• D. It provides authentication to a devic

Answer: ABC

NEW QUESTION 6
Which of the following Linux/UNIX commands is used to delete files permanently so that the files cannot be recovered?

• A. del
• B. shred
• C. erase
• D. rm

Answer: B

NEW QUESTION 7
Which of the following protocols uses only User Datagram Protocol (UDP)?

• A. FTP
• B. ICMP
• C. TFTP
• D. POP3

Answer: C

NEW QUESTION 8
Which of the following utilities provides an efficient way to give specific users permission to use specific system commands at the root level of a Linux operating system?

• A. SSH
• B. SUDO
• C. Apache
• D. Snort

Answer: B

NEW QUESTION 9
Which of the following methods is used by forensic investigators to acquire an image over the network in a secure manner?

• A. Linux Live CD
• B. DOS boot disk
• C. Secure Authentication for EnCase (SAFE)
• D. EnCase with a hardware write blocker

Answer: C

NEW QUESTION 10
Which of the following statements about FTP is true?

• A. It holds files transmitted through POP3 mai
• B. It manages network device
• C. It connects file servers on the World Wide We
• D. It transfers files between computer
• E. It allows password free file transfer

Answer: D

NEW QUESTION 11
Which of the following NETSH commands for interface Internet protocol version 4 (IPv4) is used to add a DNS server to a list of DNS servers for a specified interface?

• A. net dnsserver
• B. add address
• C. add dnsserver
• D. add neighbors

Answer: C

NEW QUESTION 12
Trinity wants to send an email to her friend. She uses the MD5 generator to calculate cryptographic hash of her email to ensure the security and integrity of the email. MD5 generator, which Trinity is using operates in two steps:
Creates check file
Verifies the check file
Which of the following MD5 generators is Trinity using?

• A. Secure Hash Signature Generator
• B. Mat-MD5
• C. Chaos MD5
• D. MD5 Checksum Verifier

Answer: D

NEW QUESTION 13
Which of the following is the process of categorizing attack alerts produced from IDS?

• A. Blocking
• B. Site policy implementation
• C. Intrusion classify
• D. Alarm filtering

Answer: D

NEW QUESTION 14
Which of the following is the process of categorizing attack alerts produced from IDS?

• A. Site policy implementation
• B. Blocking
• C. Intrusion classify
• D. Alarm filtering

Answer: D

NEW QUESTION 15
Allen works as a professional Computer Hacking Forensic Investigator. A project has been assigned to him to investigate a computer, which is used by the suspect to sexually harass the victim using instant messenger program. Suspect's computer runs on Windows operating system. Allen wants to recover password from instant messenger program, which suspect is using, to collect the evidence of the crime. Allen is using Helix Live for this purpose. Which of the following utilities of Helix will he use to accomplish the task?

• A. Asterisk Logger
• B. Access PassView
• C. Mail Pass View
• D. MessenPass

Answer: D

NEW QUESTION 16
Which of the following tools is used to locate lost files and partitions to restore data from a formatted, damaged, or lost partition in Windows and Apple Macintosh computers?

• A. Easy-Undelete
• B. VirtualLab
• C. File Scavenger
• D. Recover4all Professional

Answer: B

NEW QUESTION 17
You work as a Desktop Support Technician for umbrella Inc. The company uses a Windows-based network. An employee from the sales department is facing problem in the IP configuration of the network connection. He called you to resolve the issue. You suspect that the IP configuration is not configured properly. You want to use the ping command to ensure that IPv4 protocol is working on a computer. While running the ping command from the command prompt, you find that Windows Firewall is blocking the ping command. What is the cause of the issue?

• A. Core Networking Firewall rules do not allow IPv4 or IPv6.
• B. Windows Firewall rules do not allow Core Networking Tool
• C. Windows Firewall blocks the command line tool
• D. Core Networking Firewall rules do not allow ICMPv4 or ICMPv6 Echo Request

Answer: D

NEW QUESTION 18
......