NEW QUESTION 1
Which of the following is an advantage of an Intrusion Detection System?

• A. It is a mature technolog
• B. It is the best network securit
• C. It never needs patchin
• D. It is a firewall replacemen

Answer: A

NEW QUESTION 2
You work as a Network Administrator for NetTech Inc. The company wants to encrypt its e-mails. Which of the following will you use to accomplish this?

• A. PPTP
• B. IPSec
• C. PGP
• D. NTFS

Answer: C

NEW QUESTION 3
Which aspect of UNIX systems was process accounting originally developed for?

• A. Data warehouse
• B. Time sharing
• C. Process tracking
• D. Real time

Answer: C

NEW QUESTION 4
Two clients connecting from the same public IP address (for example - behind the same NAT firewall) can connect simultaneously to the same web server on the Internet, provided what condition is TRUE?

• A. The server is not using a well-known por
• B. The server is on a different networ
• C. The client-side source ports are differen
• D. The clients are on different subnet

Answer: C

NEW QUESTION 5
Validating which vulnerabilities in a network environment are able to be exploited by an attacker is called what?

• A. Anomaly detection
• B. Vulnerability scanning
• C. Perimeter assessment
• D. Penetration testing

Answer: B

NEW QUESTION 6
Which of the following statements about the integrity concept of information security management are true?
Each correct answer represents a complete solution. Choose three.

• A. It ensures that unauthorized modifications are not made to data by authorized personnel or processe
• B. It determines the actions and behaviors of a single individual within a system
• C. It ensures that internal information is consistent among all subentities and also consistent with the real-world, external situatio
• D. It ensures that modifications are not made to data by unauthorized personnel or processe

Answer: ACD

NEW QUESTION 7
You have implemented a firewall on the company's network for blocking unauthorized network connections. Which of the following types of security control is implemented in this case?

• A. Detective
• B. Preventive
• C. Directive
• D. Corrective

Answer: B

NEW QUESTION 8
IPS devices that are classified as "In-line NIDS" devices use a combination of anomaly analysis, signature-based rules, and what else to identify malicious events on the network?

• A. Firewall compatibility rules
• B. Application analysis
• C. ICMP and UDP active scanning
• D. MAC address filtering

Answer: B

NEW QUESTION 9
What is the term for a game in which for every win there must be an equivalent loss?

• A. Asymmetric
• B. Untenable
• C. Zero-sum
• D. Gain-oriented

Answer: C

NEW QUESTION 10
Where is the source address located in an IPv4 header?

• A. At an offset of 20 bytes
• B. At an offset of 8 bytes
• C. At an offset of 16 bytes
• D. At an offset of 12 bytes

Answer: D

NEW QUESTION 11
You work as a Network Administrator for World Perfect Inc. The company has a Linux-based network. You have configured a Linux Web server on the network. A user complains that the Web server is not responding to requests. The process list on the server shows multiple instances of the HTTPD process. You are required to stop the Web service. Which of the following commands will you use to resolve the issue?

• A. killall httpd
• B. endall httpd
• C. kill httpd
• D. end httpd

Answer: A

NEW QUESTION 12
When an IIS filename extension is mapped, what does this mean?

• A. Files with the mapped extensions cannot be interpreted by the web serve
• B. The file and all the data from the browser's request are handed off to the mapped interprete
• C. The files with the mapped extensions are interpreted by CMD.EX
• D. The files with the mapped extensions are interpreted by the web browse

Answer: B

NEW QUESTION 13
Which common firewall feature can be utilized to generate a forensic trail of evidence and
to identify attack trends against your network?

• A. NAT
• B. State Table
• C. Logging
• D. Content filtering

Answer: C

NEW QUESTION 14
When designing wireless networks, one strategy to consider is implementing security mechanisms at all layers of the OSI model. Which of the following protection mechanisms would protect layer 1?

• A. Hardening applications
• B. Limit RF coverage
• C. Employing firewalls
• D. Enabling strong encryption

Answer: B

NEW QUESTION 15
A folder D:\Files\Marketing has the following NTFS permissions:
. Administrators: Full Control
. Marketing: Change and Authenticated
. Users: Read
It has been shared on the server as "MARKETING", with the following share permissions:
. Full Control share permissions for the Marketing group
Which of the following effective permissions apply if a user from the Sales group accesses the \\FILESERVER\MARKETING shared folder?

• A. No access
• B. Full Control
• C. Read
• D. Change

Answer: C

NEW QUESTION 16
An attacker gained physical access to an internal computer to access company proprietary
data. The facility is protected by a fingerprint biometric system that records both failed and successful entry attempts. No failures were logged during the time periods of the recent breach. The account used when the attacker entered the facility shortly before each incident belongs to an employee who was out of the area. With respect to the biometric entry system, which of the following actions will help mitigate unauthorized physical access to the facility?

• A. Try raising the Crossover Error Rate (CER)
• B. Try to lower the False Accept Rate (FAR)
• C. Try setting the Equal Error Rate (EER) to zero
• D. Try to set a lower False Reject Rate (FRR)

Answer: B

NEW QUESTION 17
The TTL can be found in which protocol header?

• A. It is found in byte 8 of the ICMP heade
• B. It is found in byte 8 of the IP heade
• C. It is found in byte 8 of the TCP heade
• D. It is found in byte 8 of the DNS heade

Answer: B

NEW QUESTION 18
Which of the following statements about IPSec are true?
Each correct answer represents a complete solution. Choose two.

• A. It uses Internet Protocol (IP) for data integrit
• B. It uses Authentication Header (AH) for data integrit
• C. It uses Password Authentication Protocol (PAP) for user authenticatio
• D. It uses Encapsulating Security Payload (ESP) for data confidentialit

Answer: BD

NEW QUESTION 19
How are differences in configuration settings handled between Domain and Local Group Policy Objects (GPOs)?

• A. Local and Domain GPOs control different configuration settings, so there will not be conflict
• B. Settings in the domain-wide GPO override conflicting settings in the local GPO on each compute
• C. Settings in the local GPO override conflicting settings when the domain-wide GPO is applie
• D. Precedence depends on which GPO was updated firs

Answer: B

NEW QUESTION 20
......