NEW QUESTION 1

Which of the following is the default port for Hypertext Transfer Protocol (HTTP)?

• A. 20
• B. 443
• C. 80
• D. 21

Answer: C

Explanation:

Hypertext Transfer Protocol (HTTP) is a client/server TCP/IP protocol used on the World Wide Web (WWW) to display Hypertext Markup Language (HTML) pages. HTTP defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands. For example, when a client application or browser sends a request to the server using HTTP commands, the server responds with a message containing the protocol version, success or failure code, server information, and body content, depending on the request. HTTP uses TCP port 80 as the default port. Answer B is incorrect. Port 443 is the default port for Hypertext Transfer Protocol Secure (HTTPS) and Secure Socket Layer (SSL). Answer A, D are incorrect. By default, FTP server uses TCP port 20 for data transfer and TCP port 21 for session control.

NEW QUESTION 2

Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?

• A. Tiny
• B. NetBus
• C. Trojan Man
• D. EliteWrap

Answer: C

Explanation:

The Trojan Man is a Trojan wrapper that not only combines two programs, but also encrypts the resulting package in an attempt to foil antivirus programs.

NEW QUESTION 3

You work as a Network Administrator for ABC Inc. The company needs a secured wireless network. To provide network security to the company, you are required to configure a device that provides the best network perimeter security. Which of the following devices would you use to accomplish the task?

• A. Proxy server
• B. IDS
• C. Packet filtering firewall
• D. honeypot

Answer: C

Explanation:

Packet filtering firewalls work on the first three layers of the OSI reference model, which means all the work is done between the network and physical layers. When a packet originates from the sender and filters through a firewall, the device checks for matches to any of the packet filtering rules that are configured in the firewall and drops or rejects the packet accordingly. In a software firewall, packet filtering is done by a program called a packet filter. The packet filter examines the header of each packet based on a specific set of rules, and on that basis, decides to prevent it from passing (called DROP) or allow it to pass (called ACCEPT). A packet filter passes or blocks packets at a network interface based on source and destination addresses, ports, or protocols. The process is used in conjunction with packet mangling and Network Address Translation (NAT). Packet filtering is often part of a firewall program for protecting a local network from unwanted intrusion. This type of firewall can be best used for network perimeter security. Answer B is incorrect. An Intrusion detection system (IDS) is software and/or hardware designed to detect unwanted attempts at accessing, manipulating, and/or disabling of computer systems, mainly through a network, such as the Internet. These attempts may take the form of attacks, as examples, by crackers, malware and/or disgruntled employees. An IDS cannot directly detect attacks within properly encrypted traffic. An intrusion detection system is used to detect several types of malicious behaviors that can compromise the security and trust of a computer system. This includes network attacks against vulnerable services, data driven attacks on applications, host based attacks such as privilege escalation, unauthorized logins and access to sensitive files, and malware (viruses, trojan horses, and worms). Answer A is incorrect. A proxy server exists between a client's Web- browsing program and a real Internet server. The purpose of the proxy server is to enhance the performance of user requests and filter requests. A proxy server has a database called cache where the most frequently accessed Web pages are stored. The next time such pages are requested, the proxy server is able to suffice the request locally, thereby greatly reducing the access time. Only when a proxy server is unable to fulfill a request locally does it forward the request to a real Internet server. The proxy server can also be used for filtering user requests. This may be done in order to prevent the users from visiting non- genuine sites. Answer D is incorrect. A honeypot is a term in computer terminology used for a trap that is set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems. Generally it consists of a computer, data, or a network site that appears to be part of a network, but is actually isolated, and monitored, and which seems to contain information or a resource of value to attackers.

NEW QUESTION 4

What does CSS stand for?

• A. Cascading Style Sheet
• B. Coded System Sheet
• C. Cyclic Style Sheet
• D. Cascading Style System

Answer: A

Explanation:

A Cascading Style Sheet (CSS) is a separate text file that keeps track of design and formatting information, such as colors, fonts, font sizes, and margins, used in Web pages. CSS is used to provide Web site authors greater control on the appearance and presentation of their Web pages. It has codes that are interpreteA, Dpplied by the browser on to the Web pages and their elements. CSS files have .css extension.
There are three types of Cascading Style Sheets: External Style Sheet Embedded Style Sheet Inline Style Sheet

NEW QUESTION 5

Which of the following is required by a Web-based application to connect to a database?

• A. DSN
• B. DNS
• C. CGI
• D. FQDN

Answer: A

Explanation:

A Web-based application uses Data Source Name (DSN) to connect to a database. DSN is a logical name used by Open Database Connectivity (ODBC) to refer to connection information required to access dat Answer C is incorrect. The Common Gateway Interface (CGI) specification is used for creating executable programs that run on a Web server. CGI defines the communication link between a Web server and Web applications. It gives a network or Internet resource access to specific programs. For example, when users submit an HTML form on a Web site, CGI is used to pass this information to a remote application for processing, and retrieve the results from the application. It then returns these results to the user by means of an HTML page. Answer D is incorrect. Fully Qualified Domain Name (FQDN) is a unique name of a host or computer, which represents its position in the hierarchy. An FQDN begins with a host name and ends with the top-level domain name. FQDN includes the second-level domain and other lower level domains. For example, the FQDN of the address HTTP://WWW.UNI.ORG will be WWW.UNI.ORG where WWW is the host name, UNI is the second-level domain, and ORG is the top-level domain name. Answer B is incorrect. Domain Name System (DNS) is a hierarchical naming system used for locating domain names on private TCP/IP networks and the Internet. It provides a service for mapping DNS domain names to IP addresses and vice versa. DNS enables users to use friendly names to locate computers and other resources on an IP network. TCP/IP uses IP addresses to locate and connect to hosts, but for users, it is easier to use names instead of IP address to locate or connect to a site. For example, users will be more comfortable in using the host name www.uCertify.com rather than using its IP address 66.111.64.227.

NEW QUESTION 6

What is the extension of a Cascading Style Sheet?

• A. .hts
• B. .cs
• C. .js
• D. .css

Answer: D

Explanation:

A Cascading Style Sheet (CSS) is a separate text file that keeps track of design and formatting information, such as colors, fonts, font sizes, and margins, used in Web pages. CSS is used to provide Web site authors greater control on the appearance and presentation of their Web pages. It has codes that are interpreteA, Dpplied by the browser on to the Web pages and their elements. CSS files have .css extension. There are three types of Cascading Style Sheets: External Style Sheet Embedded Style Sheet Inline Style Sheet

NEW QUESTION 7

You work as the Network Technician for XYZ CORP. The company has a Linux-based network. You are working on the Red Hat operating system. You want to view only the last 4 lines of a file named /var/log/cron. Which of the following commands should you use to accomplish the task?

• A. tail -n 4 /var/log/cron
• B. tail /var/log/cron
• C. cat /var/log/cron
• D. head /var/log/cron

Answer: A

Explanation:

The tail -n 4 /var/log/cron command will show the last four lines of the file /var/log/cron.

NEW QUESTION 8

You work as a Web Deployer for UcTech Inc. You write the <security constraint> element for an application in which you write the <auth-constraint> sub-element as follows: <auth- constraint> <role-name>*</role-name> </auth-constraint> Who will have access to the application?

• A. Only the administrator
• B. No user
• C. All users
• D. It depends on the application.

Answer: C

Explanation:

The <auth-constraint> element is a sub-element of the <security-constraint> element. It defines the roles that are allowed to access the Web resources specified by the
<web-resource-collection> sub-elements. The <auth-constraint> element is written in the deployment descriptor as follows: <security-constraint> <web-resource-collection> -----------
----- </web-resource-collection> <auth-constraint> <role-name>Administrator</role-name>
</auth-constraint> </security-constraint> Writing Administrator within the <role-name> element will allow only the administrator to have access to the resource defined within the
<web-resource-collection> element.

NEW QUESTION 9

Which of the following firewalls inspects the actual contents of packets?

• A. Circuit-level firewall
• B. Stateful inspection firewall
• C. Packet filtering firewall
• D. Application-level firewall

Answer: D

Explanation:
The application level firewall inspects the contents of packets, rather than the source/destination or connection between the two. An Application level firewall operates at the application layer of the OSI model. Answer A is incorrect. The circuit-level firewall regulates traffic based on whether or not a trusted connection has been established. It operates at the session layer of the OSI model. Answer C is incorrect. The packet filtering firewall filters traffic based on the headers. It operates at the network layer of the OSI model. Answer B is incorrect. The stateful inspection firewall assures the connection between the two parties is valid and inspects packets from this connection to assure the packets are not malicious.

NEW QUESTION 10

Which of the following techniques are used after a security breach and are intended to limit the extent of any damage caused by the incident?

• A. Safeguards
• B. Detective controls
• C. Corrective controls
• D. Preventive controls

Answer: C

Explanation:

Corrective controls are used after a security breach. After security has been breached, corrective controls are intended to limit the extent of any damage caused by the incident, e.g. by recovering the organization to normal working status as efficiently as possible. Answer D is incorrect. Before the event, preventive controls are intended to prevent an incident from occurring, e.g. by locking out unauthorized intruders. Answer B is incorrect. During the event, detective controls are intended to identify and characterize an
incident in progress, e.g. by sounding the intruder alarm and alerting the security guards or the police. Answer A is incorrect. Safeguards are those controls that provide some amount of protection to an asset.

NEW QUESTION 11

Pingdom is a website monitoring service. Which of the following services are provided by Pingdom?

• A. It creates complicated charts to spot trends and imprecisely pinpoint problems.
• B. It works as an iPhone application to make sure that a website is reachable and responding properly at all times.
• C. It is used to monitor sites and servers on the Internet.
• D. It is used to track the uptime, downtime, and performance of websites.

Answer: BCD

Explanation:
Pingdom is a website monitoring service that is used by administrators to monitor sites and servers on the Internet. It alerts the site owners if it detects a problem. Pingdom service is used to track the uptime, downtime, and overall performance of websites. Pingdom also works as an iPhone application to make sure that a website is reachable and responding properly at all times. If not so, it provides the administrator with the email and SMS alerts. It creates charts and tables that are easy to understand. These charts and tables enable an administrator to spot trends and accurately pinpoint problems. Answer A is incorrect. Pingdom creates charts that are easy to understand. These charts are used to spot trends and accurately pinpoint problems.

NEW QUESTION 12

You work as a Database Administrator for XYZ CORP. The company has a multi-platform network. The company requires a database that can receive data from various types of operating systems. You want to design a multidimensional database to accomplish the task. Which of the following statements are true about a multidimensional database?

• A. It is used to optimize Online Analytical Processing (OLAP) applications.
• B. It is used to optimize data warehouse.
• C. It is rarely created using input from existing relational databases.
• D. It allows users to ask questions that are related to summarizing business operations and trends.

Answer: ABD

Explanation:

A multidimensional database (MDB) is a type of database that is optimized for data warehouse and Online Analytical Processing (OLAP) applications. Multidimensional databases are frequently created using input from existing relational databases. Whereas a relational database is typically accessed using a Structured Query Language (SQL) query, a multidimensional database allows a user to ask questions like "How many Aptivas have been sold in Nebraska so far this year?" and similar questions related to summarizing business operations and trends. An OLAP application that accesses data from a multidimensional database is known as a MOLAP (multidimensional OLAP) application. Answer C is incorrect. A multidimensional database is frequently created using input from existing relational databases.

NEW QUESTION 13

What will happen if you write the following parameters in the web.xml file?
<session-config>
<session-timeout>0</session-timeout>
</session-config>

• A. There will be no effect on the session; it will last for its default time.
• B. The session will never expire.
• C. An error will occur during execution.
• D. The session will expire immediately.

Answer: B

Explanation:

The <session-timeout> element of the deployment descriptor sets the session timeout. If the time specified for timeout is zero or negative, the session will never timeout.

NEW QUESTION 14

You work as a Network Auditor for XYZ CORP. The company has a Windows-based network. While auditing the company's network, you are facing problems in searching the faults and other entities that belong to it. Which of the following risks may occur due to the existence of these problems?

• A. Residual risk
• B. Inherent risk
• C. Secondary risk
• D. Detection risk

Answer: D

Explanation:

Detection risks are the risks that an auditor will not be able to find what they are looking to detect. Hence, it becomes tedious to report negative results when material conditions (faults) actually exist. Detection risk includes two types of risk: Sampling risk: This risk occurs when an auditor falsely accepts or erroneously rejects an audit sample. Nonsampling risk: This risk occurs when an auditor fails to detect a condition because of not applying the appropriate procedure or using procedures inconsistent with the audit objectives (detection faults). Answer A is incorrect. Residual risk is the risk or danger of an action or an event, a method or a (technical) process that, although being abreast with science, still conceives these dangers, even if all theoretically possible safety measures would be applied (scientifically conceivable measures). The formula to calculate residual risk is (inherent risk) x (control risk) where inherent risk is (threats vulnerability). In the economic context, residual means "the quantity left over at the end of a process; a remainder". Answer B is incorrect. Inherent risk, in auditing, is the risk that the account or section being audited is materially misstated without considering internal controls due to error or fraud. The assessment of inherent risk depends on the professional judgment of the auditor, and it is done after assessing the business environment of the entity being audited. Answer C is incorrect. A secondary risk is a risk that arises as a straight consequence of implementing a risk response. The secondary risk is an outcome of dealing with the original risk. Secondary risks are not as rigorous or important as primary risks, but can turn out to be so if not estimated and planned properly.

NEW QUESTION 15

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following pre- attack phases while testing the security of the server: Footprinting Scanning Now he wants to conduct the enumeration phase. Which of the following tools can John use to conduct it?

• A. PsPasswd
• B. WinSSLMiM
• C. PsFile
• D. UserInfo

Answer: ACD

Explanation:

John can use the UserInfo, PsFile, and PsPasswd tools in the enumeration phase. UserInfo is a utility that retrieves all available information about any known user from any Windows 2000/NT operating system (accessible by TCP port 139). UserInfo returns mainly the following information: SID and Primary group Logon restrictions and smart card requirements Special group Password expiration Note: UserInfo works as a NULL user even if the RestrictedAnonymous value in the LSA key is set to 1 to specifically deny anonymous enumeration. PsFile is a command-line utility that shows a list of files on a system that are opened remotely. It also allows a user to close opened files either by name or by a file identifier. The command syntax for PsFile is as follows: psfile [\\RemoteComputer [-u Username [-p Password]]] [Id | path] [-c] -u specifies the optional user name for logging in to a remote computer. -p specifies a password for a user name. If this is omitted, the user is prompted to enter the password without it being echoed to the screen. Id is the identifier of the file about which the user wants to display information. -c closes the files identifed by the ID or path. PsPasswd is a tool that helps Network Administrators change an account password on the local or remote system. The command
syntax of PsPasswd is as follows: pspasswd [\\computer[,computer[,..] | @file [-u user [-p psswd]] Username [NewPassword]

NEW QUESTION 16

Which of the following statements are true about KisMAC?

• A. It scans for networks passively on supported cards.
• B. It cracks WEP and WPA keys by Rainbow attack or by dictionary attack.
• C. It is a wireless network discovery tool for Mac OS X.
• D. Data generated by KisMAC can also be saved in pcap forma
• E. \

Answer: ACD

Explanation:

KisMAC is a wireless network discovery tool for Mac OS X. It has a wide range of features, similar to those of Kismet, its Linux/BSD namesake and far exceeding those of NetStumbler, its closest equivalent on Windows. The program is geared toward network security professionals, and is not as novice-friendly as similar applications. KisMAC will scan for networks passively on supported cards - including Apple's AirPort, and AirPort Extreme, and many third-party cards, and actively on any card supported by Mac OS X itself. Cracking of WEP and WPA keys, both by brute force, and exploiting flaws
such as weak scheduling and badly generated keys is supported when a card capable of monitor mode is used, and packet reinjection can be done with a supported card. GPS mapping can be performed when an NMEA compatible GPS receiver is attached. Data can also be saved in pcap format and loaded into programs such as Wireshark.

NEW QUESTION 17

Which of the following aaa accounting commands should be used to enable logging of both the start and stop records for user terminal sessions on the router?

• A. aaa accounting auth proxy start-stop tacacs+
• B. aaa accounting system none tacacs+
• C. aaa accounting connection start-stop tacacs+
• D. aaa accounting exec start-stop tacacs+

Answer: D

Explanation:

In order to enable logging of both start and stop records for user terminal sessions on the router, the aaa accounting exec start-stop tacacs+ command should be used. The exec option performs accounting for EXEC shell sessions. Answer B is incorrect. The aaa accounting system none tacacs+ command disables accounting services on a specific interface for all system-level events that are not related with users such as reload. Answer C is incorrect. The aaa accounting connection start-stop tacacs+ command is used to enable logging of both start and stop records for all outbound connections that are established from the NAS (Network Access Server), such as Telnet, local-area transport (LAT), TN3270, packet assembler and disassembler (PAD), and rlogin. Answer A is incorrect. The aaa accounting auth proxy start-stop tacacs+ command is used to enable logging of both start and stop records for all authenticated proxy user events.

NEW QUESTION 18
......