NEW QUESTION 1
Which of the information below can be gained through network sniffing? (Select all that apply)

• A. Telnet Passwords
• B. Syslog traffic
• C. DNS traffic
• D. Programming errors

Answer: ABC

NEW QUESTION 2
Tom works as a network administrator in a multinational organization having branches across North America and Europe. Tom wants to implement a storage technology that can provide centralized data storage and provide free data backup on the server. He should be able to perform data backup and recovery more efficiently with the selected technology. Which of the following storage technologies best suits Tom's requirements?

• A. DAS
• B. PAS
• C. RAID
• D. NAS

Answer: D

NEW QUESTION 3
Malone is finishing up his incident handling plan for IT before giving it to his boss for review. He is outlining the incident response methodology and the steps that are involved. Which step should Malone list as the last step in the incident response methodology?

• A. Malone should list a follow-up as the last step in the methodology
• B. Recovery would be the correct choice for the last step in the incident response methodology
• C. He should assign eradication to the last step.
• D. Containment should be listed on Malone's plan for incident response.

Answer: B

NEW QUESTION 4
John wants to implement a firewall service that works at the session layer of the OSI model. The firewall must also have the ability to hide the private network information. Which type of firewall service is John thinking of implementing?

• A. Application level gateway
• B. Circuit level gateway
• C. Stateful Multilayer Inspection
• D. Packet Filtering

Answer: B

NEW QUESTION 5
Cindy is the network security administrator for her company. She just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. She is worried about the current security state of her company's network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of IPs responds with a SYN/ACK response. Before the connection is established, she sends RST packets to those hosts to stop the session. She has done this to see how her intrusion detection system will log the traffic. What type of scan is Cindy attempting here?

• A. The type of scan she is usinq is called a NULL scan.
• B. Cindy is using a half-open scan to find live hosts on her network.
• C. Cindy is attempting to find live hosts on her company's network by using a XMAS scan.
• D. She is utilizing a RST scan to find live hosts that are listening on her network.

Answer: B

NEW QUESTION 6
A network administrator is monitoring the network traffic with Wireshark. Which of the following filters will she use to view the packets moving without setting a flag to detect TCP Null Scan attempts?

• A. TCRflags==0x000
• B. Tcp.flags==0X029
• C. Tcp.dstport==7
• D. Tcp.flags==0x003

Answer: A

NEW QUESTION 7
Fred is a network technician working for Johnson Services, a temporary employment agency in Boston. Johnson Services has three remote offices in New England and the headquarters in Boston where Fred works.
The company relies on a number of customized applications to perform daily tasks and unfortunately these applications require users to be local administrators. Because of this, Fred's supervisor wants to implement
tighter security measures in other areas to compensate for the inherent risks in making those users local admins. Fred's boss wants a solution that will be placed on all computers throughout the company and
monitored by Fred. This solution will gather information on all network traffic to and from the local computers without actually affecting the traffic. What type of solution does Fred's boss want to implement?

• A. Fred's boss wants a NIDS implementation.
• B. Fred's boss wants Fred to monitor a NIPS system.
• C. Fred's boss wants to implement a HIPS solution.
• D. Fred's boss wants to implement a HIDS solution.

Answer: D

NEW QUESTION 8
Geon Solutions INC., had only 10 employees when it started. But as business grew, the organization had to increase the amount of staff. The network administrator is finding it difficult to accommodate an increasing number of employees in the existing network topology. So the organization is planning to implement a new topology where it will be easy to accommodate an increasing number of employees. Which network topology will help the administrator solve the problem of needing to add new employees and expand?

• A. Bus
• B. Star
• C. Ring
• D. Mesh

Answer: B

NEW QUESTION 9
The agency Jacob works for stores and transmits vast amounts of sensitive government data that cannot be compromised. Jacob has implemented Encapsulating Security Payload (ESP) to encrypt IP traffic. Jacob wants to encrypt the IP traffic by inserting the ESP header in the IP datagram before the transport layer protocol header. What mode of ESP does Jacob need to use to encrypt the IP traffic?

• A. He should use ESP in transport mode.
• B. Jacob should utilize ESP in tunnel mode.
• C. Jacob should use ESP in pass-through mode.
• D. He should use ESP in gateway mode

Answer: B

NEW QUESTION 10
James is a network administrator working at a student loan company in Minnesota. This company processes over 20,000 student loans a year from colleges all over the state. Most communication between the company schools, and lenders is carried out through emails. Much of the email communication used at his company contains sensitive information such as social security numbers. For this reason, James wants to utilize email encryption. Since a server-based PKI is not an option for him, he is looking for a low/no cost solution to encrypt emails. What should James use?

• A. James could use PGP as a free option for encrypting the company's emails.
• B. James should utilize the free OTP software package.
• C. James can use MD5 algorithm to encrypt all the emails
• D. James can enforce mandatory HTTPS in the email clients to encrypt emails

Answer: A

NEW QUESTION 11
Identify the minimum number of drives required to setup RAID level 5.

• A. Multiple
• B. 3
• C. 4
• D. 2

Answer: B

NEW QUESTION 12
Management wants to bring their organization into compliance with the ISO standard for information security risk management. Which ISO standard will management decide to implement?

• A. ISO/IEC 27004
• B. ISO/IEC 27002
• C. ISO/IEC 27006
• D. ISO/IEC 27005

Answer: D

NEW QUESTION 13
If there is a fire incident caused by an electrical appliance short-circuit, which fire suppressant should be used to control it?

• A. Water
• B. Wet chemical
• C. Dry chemical
• D. Raw chemical

Answer: C

NEW QUESTION 14
Which of the following Event Correlation Approach checks and compares all the fields systematically and intentionally for positive and negative correlation with each other to determine the correlation across one or multiple fields?

• A. Automated Field Correlation
• B. Field-Based Approach
• C. Rule-Based Approach
• D. Graph-Based Approach

Answer: A

NEW QUESTION 15
The bank where you work has 600 windows computers and 400 Red Hat computers which primarily serve as bank teller consoles. You have created a plan and deployed all the patches to the Windows computers and you are now working on updating the Red Hat computers. What command should you run on the network to update the Red Hat computers, download the security package, force the package installation, and update all currently installed packages?

• A. You should run the up2date -d -f -u command
• B. You should run the up2data -u command
• C. You should run the WSUS -d -f -u command.
• D. You should type the sysupdate -d command

Answer: A

NEW QUESTION 16
Sean has built a site-to-site VPN architecture between the head office and the branch office of his company. When users in the branch office and head office try to communicate with each other, the traffic is
encapsulated. As the traffic passes though the gateway, it is encapsulated again. The header and payload both are encapsulated. This second encapsulation occurs only in the _________ implementation of a VPN.

• A. Full Mesh Mode
• B. Point-to-Point Mode
• C. Transport Mode
• D. Tunnel Mode

Answer: D

NEW QUESTION 17
A company wants to implement a data backup method which allows them to encrypt the data ensuring its security as well as access at any time and from any location. What is the appropriate backup method that should be implemented?

• A. Onsite backup
• B. Hot site backup
• C. Offsite backup
• D. Cloud backup

Answer: D

NEW QUESTION 18
If a network is at risk from unskilled individuals, what type of threat is this?

• A. External Threats
• B. Structured Threats
• C. Unstructured Threats
• D. Internal Threats

Answer: C

NEW QUESTION 19
The risk assessment team in Southern California has estimated that the probability of an incident that has potential to impact almost 80% of the bank's business is very high. How should this risk be categorized in the risk matrix?

• A. High
• B. Medium
• C. Extreme
• D. Low

Answer: C

NEW QUESTION 20
Which VPN QoS model guarantees the traffic from one customer edge (CE) to another?

• A. Pipe Model
• B. AAA model
• C. Hub-and-Spoke VPN model
• D. Hose mode

Answer: A

NEW QUESTION 21
During a security awareness program, management was explaining the various reasons which create threats to network security. Which could be a possible threat to network security?

• A. Configuring automatic OS updates
• B. Having a web server in the internal network
• C. Implementing VPN
• D. Patch management

Answer: B

NEW QUESTION 22
Eric is receiving complaints from employees that their systems are very slow and experiencing odd issues including restarting automatically and frequent system hangs. Upon investigating, he is convinced the systems are infected with a virus that forces systems to shut down automatically after period of time. What type of security incident are the employees a victim of?

• A. Scans and probes
• B. Malicious Code
• C. Denial of service
• D. Distributed denial of service

Answer: B

NEW QUESTION 23
Mark is monitoring the network traffic on his organization's network. He wants to detect a TCP and UDP ping sweep on his network. Which type of filter will be used to detect this on the network?

• A. Tcp.srcport==7 and udp.srcport==7
• B. Tcp.srcport==7 and udp.dstport==7
• C. Tcp.dstport==7 and udp.srcport==7
• D. Tcp.dstport==7 and udp.dstport==7

Answer: D

NEW QUESTION 24
John wants to implement a firewall service that works at the session layer of the OSI model. The firewall must also have the ability to hide the private network information. Which type of firewall service is John thinking of implementing?

• A. Application level gateway
• B. Stateful Multilayer Inspection
• C. Circuit level gateway
• D. Packet Filtering

Answer: C

NEW QUESTION 25
......