NEW QUESTION 1

You work as a Security manager for Qualoxizz Inc. Your company has number of network switches in the site network infrastructure. Which of the following actions will you perform to ensure the security of the switches in your company?

• A. Open up all the unused management ports.
• B. Set similar passwords for each management port.
• C. Set long session timeouts.
• D. Ignore usage of the default account settings.

Answer: D

Explanation:

A switch with a management port using a default user account permits an attacker to intrude inside by making connections using one or more of the well-known default user accounts (e.g., administrator, root, security). Therefore, the default account settings should not be used. Answer A is incorrect. The unused management ports on a switch should always be blocked to prevent port scanning attacks from the attackers. Answer B is incorrect. Setting similar passwords on all management ports increases the vulnerability of password cracking. The matching passwords on all ports can be used by the attacker to break into all ports once the password of one of the ports is known. Answer C is incorrect. Short timeout sessions should always be set to reduce the session period. If the connections to a management port on a switch do not have a timeout period set or have a large timeout period (greater than 9 minutes), then the connections will be more available for an attacker to hijack them.

NEW QUESTION 2

You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to set the user login features on the systems with the shadow passwords. Which of the following Unix configuration files can you use to accomplish the task?

• A. /etc/logrotate.conf
• B. /etc/login.defs
• C. /etc/magic
• D. /etc/filesystems

Answer: B

Explanation:

In Unix, the /etc/login.defs file is used by system administrators to set the user login features on the systems with the shadow passwords. Answer A is incorrect. In Unix, the /etc/logrotate.conf file configures the logrotate program used for managing log files. Answer C is incorrect. In Unix, the /etc/magic file contains the descriptions of various file formats for the file command. Answer D is incorrect. In Unix, the /etc/filesystems file is used to set the filesystem probe order when filesystems are mounted with the auto option.

NEW QUESTION 3

You work as a Java Programmer for JavaSkills Inc. You are working with the Linux operating system. Nowadays, when you start your computer, you notice that your OS is taking more time to boot than usual. You discuss this with your Network Administrator. He suggests that you mail him your Linux bootup report. Which of the following commands will you use to create the Linux bootup report?

• A. touch bootup_report.txt
• B. dmesg > bootup_report.txt
• C. dmesg | wc
• D. man touch

Answer: B

Explanation:

According to the scenario, you can use dmesg > bootup_report.txt to create the bootup file. With this command, the bootup messages will be displayed and will be redirected towards bootup_report.txt using the > command.

NEW QUESTION 4

Which of the following internal control components provides the foundation for the other components and encompasses such factors as management's philosophy and operating style?

• A. Information and communication
• B. Risk assessment
• C. Control activities
• D. Control environment

Answer: D

Explanation:
COSO defines internal control as, "a process, influenced by an entity's board of directors, management, and other personnel, that is designed to provide reasonable assurance in the effectiveness and efficiency of operations, reliability of financial reporting, and the compliance of applicable laws and regulations". The auditor evaluates the organization's control structure by understanding the organization's five interrelated control components, which are as follows:
* 1. Control Environment: It provides the foundation for the other components and encompasses such factors as management's philosophy and operating style.
* 2. Risk Assessment: It consists of risk identification and analysis.
* 3. Control Activities: It consists of the policies and procedures that ensure employees carry out management's directions. The types of control activities an organization must implement are preventative controls (controls intended to stop an error from occurring), detective controls (controls intended to detect if an error has occurred), and mitigating controls (control activities that can mitigate the risks associated with a key control not operating effectively).
* 4. Information and Communication: It ensures the organization obtains pertinent information, and then communicates it throughout the organization.
* 5. Monitoring: It involves reviewing the output generated by control activities and conducting special evaluations. In addition to understanding the organization's control components, the auditor must also evaluate the organization's General and Application controls. There are three audit risk components: control risk, detection risk, and inherent risk.

NEW QUESTION 5

You have just set up a wireless network for customers at a coffee shop. Which of the following are good security measures to implement? (Choose two)

• A. Using WPA encryption
• B. MAC filtering the router
• C. Not broadcasting SSID
• D. Using WEP encryption

Answer: AD

Explanation:

With either encryption method (WEP or WPA) you can give the password to customers who need it, and even change it frequently (daily if you like). So this won't be an inconvenience for customers.

NEW QUESTION 6

Which of the following processes is described in the statement below? "This is the process of numerically analyzing the effect of identified risks on overall project objectives."

• A. Perform Quantitative Risk Analysis
• B. Monitor and Control Risks
• C. Perform Qualitative Risk Analysis
• D. Identify Risks

Answer: A

Explanation:

Perform Quantitative Risk Analysis is the process of numerically analyzing the effect of identified risks on overall project objectives. This process generally follows the Perform Qualitative Risk Analysis process. It is performed on risks that have been prioritized by the Perform Qualitative Risk Analysis process as potentially and substantially impacting the project's competing demands. The Perform Quantitative Risk Analysis should be repeated after Plan Risk Responses, as well as part of Monitor and Control Risks, to determine if the overall project risk has been decreased. Answer C is incorrect. This is the process of prioritizing risks for further analysis or action by accessing and combining their probability of occurrence and impact. Answer D is incorrect. This is the process of determiningbb which risks may affect the project and documenting their characteristics. Answer B is incorrect. This is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness through the project.

NEW QUESTION 7

You have been assigned a project to develop a Web site for a construction company. You plan to develop a Web site and want to get more control over the appearance and presentation of the Web pages. You also want to increase your ability to precisely specify the position and appearance of the elements on a page and create special effects. You plan to use cascading style sheets (CSS). You want to define styles only for the active page. Which type of style sheet will you use?

• A. Embedded Style Sheet
• B. Inline Style Sheet
• C. Internal Style Sheet
• D. External Style Sheet

Answer: A

Explanation:

To define styles only for the active page you should use embedded style sheet. Cascading style sheets (CSS) are used so that the Web site authors can exercise greater control on the appearance and presentation of their Web pages. And also because they increase the ability to precisely point to the location and look of elements on a Web page and help in creating special effects. Cascading Style Sheets have codes, which are interpreteA, Dpplied by the browser on to the Web pages and their elements. There are three types of cascading style sheets. External Style Sheets Embedded Style Sheets Inline
Style Sheets External Style Sheets are used whenever consistency in style is required throughout a Web site. A typical external style sheet uses a .css file extension, which can be edited using a text editor such as a Notepad. Embedded Style Sheets are used for defining styles for an active page. Inline Style Sheets are used for defining individual elements of a page. Reference: TechNet, Contents: Microsoft Knowledgebase, February 2000 issue PSS ID Number: Q179628 You want to enable Host A to access the Internet. For this, you need to configure the default gateway settings. Choose the appropriate address to accomplish the task.

NEW QUESTION 8

Which of the following statements about the <web-resource-collection> element are true?

• A. It has <web-resource-name> as one of its sub-elements.
• B. If there is no <http-method> sub-element, no HTTP method will be constrained.
• C. It can have at the most one <url-pattern> sub-element.
• D. It is a sub-element of the <security-constraint> element.

Answer: AD

Explanation:

The <web-resource-collection> element is a sub-element of the <security-
constraint> element and specifies the resources that will be constrained. Each <security- constraint> element should have one or more <web-resource-collection> sub-elements. The syntax of the <web-resource-collection> element is as follows: <security-constraint>
<web-resource-collection> <web-resource-name>ResourceName</web-resource-name>
<http-method>GET</http-method> <url-pattern>PatternName</url-pattern> </web- resource-collection> </security-constraint> The sub-elements of the <web-resource- collection> element are as follows: <web-resource-name>: This mandatory sub-element is the name of the Web resource collection. <description>: This is an optional sub-element that specifies a text description of the current security constraint. <http-method>: This optional sub-element specifies HTTP methods that are constrained. <url-pattern>: This sub-element specifies the URL to which the security constraint applies. There should be atleast one url-pattern element; otherwise, the <web-resource-collection> will be ignored. Answer C is incorrect. The <web-resource-collection> element can have any number of
<url-pattern> sub-elements. Answer B is incorrect. If there is no <http-method> sub- element, no HTTP methods will be allowed.

NEW QUESTION 9

You are concerned about rootkits on your network communicating with attackers outside your network. Without using an IDS how can you detect this sort of activity?

• A. By setting up a DMZ.
• B. You cannot, you need an IDS.
• C. By examining your domain controller server logs.
• D. By examining your firewall logs.

Answer: D

Explanation:

Firewall logs will show all incoming and outgoing traffic. By examining those logs you can detect anomalous traffic, which can indicate the presence of malicious code such as rootkits. Answer B is incorrect. While an IDS might be the most obvious solution in this scenario, it is not the only one. Answer C is incorrect. It is very unlikely that anything in your domain controller logs will show the presence of a rootkit, unless that rootkit is on the domain controller itself. Answer A is incorrect. A DMZ is an excellent firewall configuration but will not aid in detecting rootkits.

NEW QUESTION 10

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP- based network. Rick, your assistant, is configuring some laptops for wireless access. For security, WEP needs to be configured for wireless communication. By mistake, Rick configures different WEP keys in a laptop than that is configured on the Wireless Access Point (WAP). Which of the following statements is true in such situation?

• A. The laptop will be able to access the wireless network but the security will be compromised.
• B. The WAP will allow the connection with the guest account's privileges.
• C. The laptop will be able to access the wireless network but other wireless devices will be unable to communicate with it.
• D. The laptop will not be able to access the wireless network.

Answer: D

Explanation:

In order to communicate with WAP, a wireless device needs to be configured
with the same WEP key. If there is any difference in the key, the device will not be able to access and communicate with the wireless network.

NEW QUESTION 11

You have been assigned a project to develop a Web site for a construction company. You have to develop a Web site and want to get more control over the appearance and presentation of your Web pages. You also want to increase the ability to precisely specify the location and appearance of the elements on a page and create special effects. You plan to use Cascading style sheets (CSS). You want to apply the same style consistently throughout your Web site. Which type of style sheet will you use?

• A. Internal Style Sheet
• B. External Style Sheet
• C. Inline Style Sheet
• D. Embedded Style Sheet

Answer: B

Explanation:

To apply the same style consistently throughout your Web site you should use external style sheet. Cascading style sheets (CSS) are used so that the Web site authors can exercise greater control on the appearance and presentation of their Web pages. And also because they increase the ability to precisely point to the location and look of elements on a Web page and help in creating special effects. Cascading Style Sheets have codes, which are interpreteA, Dpplied by the browser on to the Web pages and their elements. There are three types of cascading style sheets. External Style Sheets Embedded Style Sheets Inline Style Sheets External Style Sheets are used whenever consistency in style is required throughout a Web site. A typical external style sheet uses a .css file extension, which can be edited using a text editor such as a Notepad. Embedded Style Sheets are used for defining styles for an active page.
Inline Style Sheets are used for defining individual elements of a page. Reference: TechNet, Contents: Microsoft Knowledgebase, February 2000 issue PSS ID Number: Q179628

NEW QUESTION 12

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He finds that the We-are-secure server is vulnerable to attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against .

• A. NetBIOS NULL session
• B. DNS zone transfer
• C. IIS buffer overflow
• D. SNMP enumeration

Answer: C

Explanation:
Removing the IPP printing capability from a server is a good countermeasure against an IIS buffer overflow attack. A Network Administrator should take the following steps to prevent a Web server from IIS buffer overflow attacks: Conduct frequent scans for server vulnerabilities. Install the upgrades of Microsoft service packs. Implement effective firewalls. Apply URLScan and IISLockdown utilities. Remove the IPP printing capability. Answer B is incorrect. The following are the DNS zone transfer countermeasures: Do not allow DNS zone transfer using the DNS property sheet:
* a. Open DNS.
* b. Right-click a DNS zone and click Properties.
* c. On the Zone Transfer tab, clear the Allow zone transfers check box.
Configure the master DNS server to allow zone transfers only from secondary DNS servers:
* a. Open DNS.
* b. Right-click a DNS zone and click Properties.
* c. On the zone transfer tab, select the Allow zone transfers check box, and then do one of the following:
To allow zone transfers only to the DNS servers listed on the name servers tab, click on the Only to the servers listed on the Name Server tab. To allow zone transfers only to specific DNS servers, click Only to the following servers, and add the IP address of one or more servers. Deny all unauthorized inbound connections to TCP port 53. Implement DNS keys and encrypted DNS payloads. Answer D is incorrect. The following are the countermeasures against SNMP enumeration:
* 1. Removing the SNMP agent or disabling the SNMP service
* 2. Changing the default PUBLIC community name when 'shutting off SNMP' is not an option
* 3. Implementing the Group Policy security option called Additional restrictions for anonymous connections
* 4. Restricting access to NULL session pipes and NULL session shares
* 5. Upgrading SNMP Version 1 with the latest version 6.Implementing Access control list filtering to allow only access to the read-write community from approved stations or subnets Answer A is incorrect.
NetBIOS NULL session vulnerabilities are hard to prevent, especially if NetBIOS is needed as part of the infrastructure. One or more of the following steps can be taken to limit NetBIOS NULL session vulnerabilities: 1.Removing the SNMP agent or disabling the SNMP service 2.Changing the default PUBLIC community name when 'shutting off SNMP' is not an option 3.Implementing the Group Policy security option called Additional restrictions for anonymous connections 4.Restricting access to NULL session pipes and NULL session shares 5.Upgrading SNMP Version 1 with the latest version 6.Implementing
Access control list filtering to allow only access to the read-write community from approved stations or subnets nswer option A is incorrect. NetBIOS NULL session vulnerabilities are hard to prevent, especially if NetBIOS is needed as part of the nfrastructure. One or more of the following steps can be taken to limit NetBIOS NULL session vulnerabilities:
* 1. Null sessions require access to the TCP 139 or TCP 445 port, which can be disabled by a Network Administrator.
* 2. A Network Administrator can also disable SMB services entirely on individual hosts by unbinding WINS Client TCP/IP from the interface.
* 3. A Network Administrator can also restrict the anonymous user by editing the registry values:
* a.Open regedit32, and go to HKLM\SYSTEM\CurrentControlSet\LSA. b.Choose edit > add value. Value name: RestrictAnonymous Data Type: REG_WORD Value: 2

NEW QUESTION 13

Which of the following services are provided by the proxy servers?

• A. Intrusion detection
• B. Logging
• C. Hiding network resources
• D. Caching

Answer: BCD

Explanation:

A proxy server is a very important element for firewall applications. The services that it provides are as follows: Hide network resources: Proxy replaces the network IP address with a single IP address. Multiple systems can use a single IP address. Logging: A proxy server can log incoming and outgoing access, allowing a user to see every possible details of successful and failed connections. Cache: A proxy server can save information obtained from the Internet. It regularly updates these copies and automatically shows these pages, and will thus not need to access the Internet to view them.

NEW QUESTION 14

Which of the following backup sites takes the longest recovery time?

• A. Mobile backup site
• B. Warm site
• C. Cold site
• D. Hot site

Answer: C

Explanation:

A cold backup site takes the longest recovery time. It is the most inexpensive type of backup site for an organization to operate. It does not include backed up copies of data and information from the original location of the organization, nor does it include hardware already set up. The lack of hardware contributes to the minimal startup costs of the cold site, but requires additional time following the disaster to have the operation running at a capacity close to that prior to the disaster. Answer D is incorrect. A hot site is a duplicate of the original site of the organization, with full computer systems as well as near- complete backups of user data. Real time synchronization between the two sites may be used to completely mirror the data environment of the original site using wide area network links and specialized software. Ideally, a hot site will be up and running within a matter of hours or even less. Answer A is incorrect. Although a mobile backup site provides rapid recovery, it does not provide full recovery in time. Hence, a hot site takes the shortest recovery time. Answer B is incorrect. A warm site is, quite logically, a compromise between hot and cold. These sites will have hardware and connectivity already established, though on a smaller scale than the original production site or even a hot site. Warm sites will have backups on hand, but they may not be complete and may be between several days and a week old. An example would be backup tapes sent to the warm site by courier.

NEW QUESTION 15

You work as a Network Administrator for InfraTech Inc. You have been assigned the task of designing the firewall policy for the company. Which of the following statements can be considered acceptable in the 'contracted worker statement' portion of the firewall policy?

• A. No contractors shall have access to the authorized resources.
• B. No contractors shall be permitted to scan the network.
• C. No contractors shall have access to the unauthorized resources.
• D. No contractors can access FTP unless specifically granted permissions to use it.

Answer: BCD

Explanation:

There are different portions that can be included in the firewall policy. These portions include the acceptable use statement, the network connection statement, the contracted worker statement, and the firewall administrator statement. The contracted worker statement portion of the policy is related to the contracted or the temporary workers. It states the rights and permissions for these workers. Some of the items hat can be included in this portion are as follows: No contractors can use FTP unless specifically granted to use it. No contractors shall have access to TELNET unless specifically granted to use it. No contractors shall have access to unauthorized resources. No contractors shall have access to scan the network. Answer A is incorrect. Only authorized resources should be accessed by the contractors.

NEW QUESTION 16

You work as a Network Administrator for NetTech Inc. Your computer has the Windows 2000 Server operating system. You want to harden the security of the server. Which of the following changes are required to accomplish this? (Choose two)

• A. Remove the Administrator account.
• B. Disable the Guest account.
• C. Rename the Administrator account.
• D. Enable the Guest account.

Answer: BC

Explanation:

For security, you will have to rename the Administrator account and disable the Guest account. Renaming the Administrator account will ensure that hackers do not break into the network or computer by guessing the password of the Administrator account. You can also create a fake Administrator account that has no privileges and audit its use to detect attacks. Disabling the Guest account will prevent users who do not have a domain or local user account from illegally accessing the network or computer. By default, the Guest account is disabled on systems running Windows 2000 Server. If the Guest account is enabled, you will have to disable it.

NEW QUESTION 17

You work as a Software Developer for UcTech Inc. You want to encode a URL, so that it can be used with the sendRedirect() method to send the response to the client. In order to accomplish this, you have to use a method of the HttpServletResponse interface. Which of the following methods will you use?

• A. encodeResponseURL()
• B. encodeRedirectURL()
• C. encodeURL()
• D. encodeURLResponse()

Answer: B

Explanation:

The encodeRedirectURL() method of the HttpServletResponse interface, returns a URL by including a session ID in it for use in the sendRedirect() method. If the encoding is not required, the URL is returned unchanged. If browser supports cookies, the encodeRedirectURL() method returns the input URL unchanged, since the session ID will be persisted as a cookie. This method is different from the encodeURL as this method redirects the request to a different URL in the same session. The syntax of the encodeRedirectURL() method is as follows: public String encodeRedirectURL(String urlstring) Here, urlstring is the URL to be encoded. Answer C is incorrect. The encodeURL() method of the HttpServletResponse interface returns a URL by including the session ID in it. If the encoding is not required, the URL is returned unchanged. If cookies are supported by the browser, the encodeURL() method returns the input URL unchanged since the session ID will be persisted as a cookie. The syntax of the encodeURL() method is as follows: public String encodeURL(String urlstring) Here, urlstring is the URL to be encoded.

NEW QUESTION 18

Victor wants to use Wireless Zero Configuration (WZC) to establish a wireless network connection using his computer running on Windows XP operating system. Which of the following are the most likely threats to his computer? (Choose two)

• A. Information of probing for networks can be viewed using a wireless analyzer and may be used to gain access.
• B. Attacker can use the Ping Flood DoS attack if WZC is used.
• C. Attacker by creating a fake wireless network with high power antenna cause Victor's computer to associate with his network to gain access.
• D. It will not allow the configuration of encryption and MAC filterin
• E. Sending information is not secure on wireless network.

Answer: AC

Explanation:

Wireless Zero Configuration (WZC), also known as Wireless Auto Configuration, or WLAN AutoConfig is a wireless connection management utility included with Microsoft Windows XP and later operating systems as a service that dynamically selects a wireless network to connect to based on a user's preferences and various default settings. This can be used instead of, or in the absence of, a wireless network utility from the manufacturer of a computer's wireless networking device. The drivers for the wireless adapter query the NDIS Object IDs and pass the available network names to the service. WZC also introduce some security threats, which are as follows: WZC will probe for networks that are already connected. This information can be viewed by anyone using a wireless analyzer and can be used to set up fake access points to connect. WZC attempts to connect to the wireless network with the strongest signal. Attacker can create fake wireless networks with high- power antennas and cause computers to associate with his access point. Answer D is incorrect. WZC does not interfere in the configuration of encryption and MAC filtering. Answer B is incorrect. In a ping flood attack, an attacker sends a large number of ICMP packets to the target computer using the ping command, i.e., ping -f target_IP_address. When the target computer receives these packets in large quantities, it does not respond and hangs.

NEW QUESTION 19

You work as a professional Ethical Hacker. You are assigned a project to perform blackbox testing of the security of www.we-are-secure.com. Now you want to perform banner grabbing to retrieve information about the Webserver being used by we-are-secure. Which of the following tools can you use to accomplish the task?

• A. Wget
• B. WinSSLMiM
• C. Whisker
• D. httprint

Answer: D

Explanation:

According to the scenario, you want to perform banner grabbing to retrieve information about the Webserver being used by we-are-secure. For this, you will use the httprint tool to accomplish the task. httprint is a fingerprinting tool that is based on Web server characteristics to accurately identify Web servers. It works even when Web server may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. It can also be used to detect Web enabled devices that do not contain a server banner string, such as wireless access points, routers, switches, cable modems, etc. httprint uses text signature strings for identification, and an attacker can also add signatures to the signature database. Answer A is incorrect. Wget is a Website copier that is used to analyze the vulnerabilities of a Website offline. Answer C is incorrect. Whisker is an HTTP/Web vulnerability scanner that is written in the PERL language. Whisker runs on both the Windows and UNIX environments. It provides functions for testing HTTP servers for many known security holes, particularly the presence of dangerous CGIs. Answer B is incorrect. WinSSLMiM is an HTTPS Man in the Middle attacking tool. It includes FakeCert, a tool used to make fake certificates. It can be used to exploit the Certificate Chain vulnerability in Internet Explorer. The tool works under Windows 9x/2000. Which of the following tools can be used to automate the MITM attack? A. Airjack B. Kismet C. Hotspotter D. IKECrack Answer A
Airjack is a collection of wireless card drivers and related programs. It uses a program called monkey_jack that is used to automate the MITM attack. Wlan_jack is a DoS tool in the set of airjack tools, which accepts a target source and BSSID to send continuous deauthenticate frames to a single client or an entire network. Another tool, essid_jack is used to send a disassociate frame to a target client in order to force the client to reassociate with the network and giving up the network SSID. Answer C is incorrect. Hotspotter is a wireless hacking tool that is used to detect rogue access point. It fools users to connect, and authenticate with the hacker's tool. It sends the deauthenticate frame to the victim's computer that causes the victim's wireless connection to be switched to a non- preferred connection. Answer D is incorrect. IKECrack is an IKE/IPSec authentication crack tool, which uses brute force for searching password and key combinations of Pre- Shared-Key authentication networks. The IKECrack tool undermines the latest Wi-Fi security protocol with repetitive attempts at authentication with random passphrases or keys. Answer B is incorrect. Kismet is a Linux-based 802.11 wireless network sniffer and intrusion detection system. It can work with any wireless card that supports raw monitoring (rfmon) mode. Kismet can sniff 802.11b, 802.11a, 802.11g, and 802.11n traffic. Kismet can be used for the following tasks: To identify networks by passively collecting packets To detect standard named networks To detect masked networks To collect the presence of non-beaconing networks via data traffic

NEW QUESTION 20

Which of the following types of firewall ensures that the packets are part of the established session?

• A. Stateful inspection firewall
• B. Switch-level firewall
• C. Circuit-level firewall
• D. Application-level firewall

Answer: A

Explanation:

The stateful inspection firewall combines the circuit level and the application level firewall techniques. It assures the session or connection between the two parties is valid. It also inspects packets from the session to assure that the packets are part of the established session and not malicious. Answer C is incorrect. The circuit-level firewall regulates traffic based on whether or not a trusted connection has been established. Answer D is incorrect. The application level firewall inspects the contents of packets, rather than the source/destination or connection between the two devices. Answer B is incorrect. There is no firewall type such as switch-level firewall.

NEW QUESTION 21
......