NEW QUESTION 1

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He wants to test the effect of a virus on the We-are- secure server. He injects the virus on the server and, as a result, the server becomes infected with the virus even though an established antivirus program is installed on the server. Which of the following do you think are the reasons why the antivirus installed on the server did not detect the virus injected by John?
Each correct answer represents a complete solution. Choose all that apply.

• A. The virus, used by John, is not in the database of the antivirus program installed on the ser ver.
• B. The mutation engine of the virus is generating a new encrypted code.
• C. John has created a new virus.
• D. John has changed the signature of the virus.

Answer: ABCD

NEW QUESTION 2

You are the project manager for BlueWell Inc. You are reviewing the risk register for your project. The risk register provides much information to you, the project manager and to the project team during the risk response planning. All of the following are included in the risk register except for which item?

• A. Trends in qualitative risk analysis results
• B. Symptoms and warning signs of risks
• C. List of potential risk responses
• D. Network diagram analysis of critical path activities

Answer: D

NEW QUESTION 3

You are the project manager for TTX project. You have to procure some electronics gadgets for the project. A relative of yours is in the retail business of those gadgets. He approaches you for your favor to get the order. This is the situation of _____.

• A. Bribery
• B. Irresponsible practice
• C. Illegal practice
• D. Conflict of interest

Answer: D

NEW QUESTION 4

How should you configure USSOWA1 and USSTIME1 to allow secure access for remote employees?
(Click the Exhibit button on the toolbar to see the case study.)
Each correct answer represents a complete solution. Choose three.

• A. Place USSTIME1 on the internal network
• B. Place USSOWA1 on the internal network
• C. Enable all connections from external network
• D. Place USSTIME1 in a DMZ
• E. Place USSOWA1 in a DMZ
• F. Allow only TCP port 443 connections from the external network
• G. Allow only TCP port 80 connections from the external network

Answer: DEF

NEW QUESTION 5

Which of the following statements about Public Key Infrastructure (PKI) is true?

• A. It uses symmetric key pairs.
• B. It uses public key encryption.
• C. It is a digital representation of information that identifies users.
• D. It provides security using data encryption and digital signature.

Answer: D

NEW QUESTION 6

You work as a Security manager for Orangesect Inc. The enterprise is using the OODA loop strategy to counter the security issues in the enterprise. Some of the IP addresses of the enterprise have been hacked. You match up the present hacking issue and condition with the past hacking experiences to find a solution. Which of the following phases of the OODA loop involves the procedure followed by you?

• A. The decide phase
• B. The orient phase
• C. The observe phase
• D. The act phase

Answer: B

NEW QUESTION 7

Which of the following types of firewalls forms a session flow table?

• A. Proxy server firewall
• B. Packet filtering firewall
• C. Stateless packet filtering firewall
• D. Stateful packet filtering firewall

Answer: D

NEW QUESTION 8

You work as a Software Developer for uCertify Inc. You have developed a Data Access Logic (DAL) component that will be part of a distributed application. You are conducting integration testing with other components of the distributed application. Which of the following types of testing methods will you need to perform to identify potential security- related issues? Each correct answer represents a part of the solution. Choose two.

• A. Unit testing
• B. Stress testing
• C. Load testing
• D. Black box testing
• E. White box testing

Answer: DE

NEW QUESTION 9

You work as a Software Developer for Mansoft Inc. You create an application. You want to use the application to encrypt data. You use the HashAlgorithmType enumeration to specify the algorithm used for generating Message Authentication Code (MAC) in Secure Sockets Layer (SSL) communications.
Which of the following are valid values for HashAlgorithmType enumeration? Each correct answer represents a part of the solution. Choose all that apply.

• A. MD5
• B. None
• C. DES
• D. RSA
• E. SHA1
• F. 3DES

Answer: ABE

NEW QUESTION 10

Which of the following types of authentications supported by OSPF? Each correct answer represents a complete solution. Choose three.

• A. MD5 authentication
• B. Simple password authentication
• C. Null authentication
• D. Kerberos v5 authentication

Answer: ABC

NEW QUESTION 11

You work as a Network Administrator for ABC Inc. The company has a secure wireless network.
However, in the last few days, an attack has been taking place over and over again. This attack is taking advantage of ICMP directed broadcast. To stop this attack, you need to disable ICMP directed broadcasts. Which of the following attacks is taking place?

• A. Smurf attack
• B. Sniffer attack
• C. Cryptographic attack
• D. FMS attack

Answer: A

NEW QUESTION 12

Which of the following Acts enacted in United States allows the FBI to issue National Security Letters (NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers?

• A. Electronic Communications Privacy Act of 1986
• B. Economic Espionage Act of 1996
• C. Computer Fraud and Abuse Act
• D. Wiretap Act

Answer: A

NEW QUESTION 13

Which of the following statements are true about UDP?
Each correct answer represents a complete solution. Choose all that apply.

• A. UDP is an unreliable protocol.
• B. FTP uses a UDP port for communication.
• C. UDP is a connectionless protocol.
• D. TFTP uses a UDP port for communication.
• E. UDP works at the data-link layer of the OSI model.

Answer: ACD

NEW QUESTION 14

At which OSI layer does UDP operate?

• A. Network layer
• B. Data-link layer
• C. Session layer
• D. Transport layer
• E. Presentation layer

Answer: D

NEW QUESTION 15

Which of the following components are usually found in an Intrusion detection system (IDS)?
Each correct answer represents a complete solution. Choose two.

• A. Console
• B. Sensor
• C. Firewall
• D. Modem
• E. Gateway

Answer: AB

NEW QUESTION 16

You are the program manager of the BHG Program. One of the projects in your program will be using new materials that are somewhat untested. You are worried that there may be delays and waste because the project team is unaware of how to accurately use these materials. You elect to send the people that will be using the new materials through training on how to complete their project work. You also allow them to purchase some of the materials to experiment on their use before the actual project work is to be done. You want to ensure that mistakes do not enter into the project. What type of action have you provided in this scenario?

• A. This is an example of team development.
• B. This is an example of a corrective action.
• C. This is an example of quality assurance.
• D. This is an example of a preventive action.

Answer: D

NEW QUESTION 17

John works as an Exchange Administrator for Apple Inc. The company has a Windows 2003 Active Directory domain-based network. The network contains several Windows Server 2003 servers. Three of them have been configured as domain controllers. John complains to the Network Administrator that he is unable to manage group memberships. Which of the following operations master roles is responsible for managing group memberships?

• A. PDC emulator
• B. Infrastructure master
• C. Schema master
• D. RID master

Answer: B

NEW QUESTION 18

You work as a Product manager for Marioiss Inc. You have been tasked to start a project for securing the network of your company. You want to employ configuration management to efficiently manage the procedures of the project. What will be the benefits of employing configuration management for completing this project?
Each correct answer represents a complete solution. Choose all that apply.

• A. It provides the risk analysis of project configurations.
• B. It provides object, orient, decide and act strategy.
• C. It provides the versions for network devices.
• D. It provides a live documentation of the project.

Answer: CD

NEW QUESTION 19
......