Winter Special - Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: top65certs

Free and Premium GIAC GSLC Dumps Questions Answers

Page: 1 / 21
Total 567 questions

GIAC Security Leadership Certification (GSLC) Questions and Answers

Question 1

You work as a Network Administrator for Infosec Inc. The company has a Windows 2003-based server. You have installed McAfee antivirus as well as anti-spyware software on the server. One day, you come to know that not only have the security applications running on the server (including software firewalls, anti-virus, and anti-spyware) been disabled, but the anti-virus and anti-spyware definitions have also been deleted. You suspect that this is due to malware infection. Which of the following types of malware is the most likely cause of the issue?

Options:

A.

Whack-A-Mole

B.

FireKiller 2000

C.

Beast

D.

SubSeven

Buy Now
Question 2

Which of the following are the examples of administrative controls?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Security policy

B.

Auditing

C.

Security awareness training

D.

Data Backup

Question 3

You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise. The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the Incident handling process involves your decision making?

Options:

A.

Containment

B.

Eradication

C.

Identification

D.

Preparation

Question 4

You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest domain-based network. The company has recently provided fifty laptops to its sales team members. You are required to configure an 802.11 wireless network for the laptops. The sales team members must be able to use their data placed at a server in a cabled network. The planned network should be able to handle the threat of unauthorized access and data interception by an unauthorized user. You are also required to prevent the sales team members from communicating directly to one another.

Which of the following actions will you perform to accomplish the task?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Implement the IEEE 802.1X authentication for the wireless network.

B.

Configure the wireless network to use WEP encryption for the data transmitted over a wireless network.

C.

Implement the open system authentication for the wireless network.

D.

Using group policies, configure the network to allow the wireless computers to connect to the infrastructure networks only.

E.

Using group policies, configure the network to allow the wireless computers to connect to the ad hoc networks only.

Question 5

Which of the following tools is based on Linux and used to carry out the Penetration Testing?

Options:

A.

JPlag

B.

BackTrack

C.

Vedit

D.

Ettercap

Question 6

John is a merchant. He has set up a LAN in his office. Some important files are deleted as a result of virus attack. John wants to ensure that it does not happen again. What will he use to protect his data from virus?

Options:

A.

Backup

B.

Symmetric encryption

C.

Firewall

D.

Antivirus

Question 7

Which of the following provides the best protection against a man-in-the-middle attack?

Options:

A.

Strong encryption

B.

Fiber-optic cable

C.

Firewall

D.

Strong password

Question 8

Which of the following password authentication schemes enables a user with a domain account to log on to a network once, using a password or smart card, and to gain access to multiple computers in the domain without being prompted to log in again?

Options:

A.

Single Sign-On

B.

Dynamic

C.

One-time password

D.

Kerberos

Question 9

You are the program manager for your organization. You have proposed a program that will cost $750,000 and will last for four years. Management is concerned with the cost of the program in relation to the return your program will bring. If the rate of return is six percent what is the minimum value your project should return in four years based on the investment of the program?

Options:

A.

$795,000

B.

$750,001

C.

$946,857

D.

$750,000

Question 10

You are concerned about war driving bringing hackers attention to your wireless network. What is the most basic step you can take to mitigate this risk?

Options:

A.

Implement WEP

B.

Don't broadcast SSID

C.

Implement MAC filtering

D.

Implement WPA

Question 11

Which of the following protocols does IPsec use to perform various security functions in the network?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Internet Key Exchange

B.

Encapsulating Security Payload

C.

Authentication Header

D.

Skinny Client Control Protocol

Question 12

A user has opened a Web site that automatically starts downloading malicious code onto his computer. What should he do to prevent this?

Each correct answer represents a complete solution. Choose two.

Options:

A.

Disable ActiveX Controls

B.

Disable Active Scripting

C.

Implement File Integrity Auditing

D.

Configure Security Logs

Question 13

Fill in the blank with the appropriate tool name.

________ is a wireless network cracking tool that exploits the vulnerabilities in the RC4 Algorithm, which comprises the WEP security parameters.

Options:

Question 14

Which of the following tools can be used for stress testing of a Web server?

Each correct answer represents a complete solution. Choose two.

Options:

A.

Internet bots

B.

Spyware

C.

Anti-virus software

D.

Scripts

Question 15

Which of the following is a complete indexed set of records of the procurement process incorporated into the administrative closure process?

Options:

A.

Contract file

B.

Required resources and skills

C.

Required actions to complete the project scope

D.

Description of the work packages

Question 16

Which interface does an IPS sensor use to communicate with a security appliance for management purposes?

Options:

A.

Management interface

B.

User interface

C.

Command and control interface

D.

Monitoring interface

Question 17

You are advising a school district on disaster recovery plans. In case a disaster affects the main IT centers for the district they will need to be able to work from an alternate location. However, budget is an issue. Which of the following is most appropriate for this client?

Options:

A.

Warm site

B.

Hot site

C.

Off site

D.

Cold site

Question 18

Which of the following is used to describe the type of FTP access in which a user does not have permissions to list the contents of directories, but can access the contents if he knows the path and file name?

Options:

A.

Secure FTP

B.

Blind FTP

C.

Passive FTP

D.

Hidden FTP

Question 19

Which of the following statements about Encapsulating Security Payload (ESP) is true?

Options:

A.

ESP is always used in combination with Authentication Header (AH).

B.

ESP can encrypt data and verify data integrity.

C.

ESP is never used in combination with Authentication Header (AH).

D.

ESP only verifies data integrity.

Question 20

Victor wants to send an encrypted message to his friend. He is using certain steganography technique to accomplish this task. He takes a cover object and changes it accordingly to hide information. This secret information is recovered only when the algorithm compares the changed cover with the original cover. Which of the following Steganography methods is Victor using to accomplish the task?

Options:

A.

The distortion technique

B.

The substitution technique

C.

The cover generation technique

D.

The spread spectrum technique

Question 21

Which of the following viruses is designed to prevent antivirus researchers from examining its code by using various methods that make tracing and disassembling difficult?

Options:

A.

Armored virus

B.

Stealth virus

C.

Multipartite virus

D.

Polymorphic virus

Question 22

IDS systems can be classified in many different ways. Which of the following is not a way that IDS systems are commonly classified?

Options:

A.

Latent

B.

Network Based

C.

Passive

D.

Active

E.

Host Based

Question 23

Which of the following are examples of administrative controls that involve all levels of employees within an organization and determine which users have access to what resources and information?

Each correct answer represents a complete solution. Choose three.

Options:

A.

Training and awareness

B.

Employee registration and accounting

C.

Network authentication

D.

Encryption

E.

Disaster preparedness and recovery plans

Question 24

Which of the following tools can be used for steganography?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Anti-x

B.

Snow.exe

C.

Image hide

D.

Stegbreak

Question 25

Which of the following is the process of rewriting source and destination addresses of IP packets as they pass through a router or firewall?

Options:

A.

NAT

B.

Supernetting

C.

SNAT

D.

PAT

Question 26

Which of the following tools can be used to automate the MITM attack?

Options:

A.

Airjack

B.

Kismet

C.

IKECrack

D.

Hotspotter

Question 27

Which of the following statements are true about worms?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Worms can exist inside files such as Word or Excel documents.

B.

Worms cause harm to the network by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.

C.

Worms replicate themselves from one system to another without using a host file.

D.

One feature of worms is keystroke logging.

Question 28

Which of the following Acts enacted in United States allows the FBI to issue National Security Letters (NSLs) to Internet service providers (ISPs) ordering them to disclose records about their customers?

Options:

A.

Electronic Communications Privacy Act of 1986

B.

Wiretap Act

C.

Computer Fraud and Abuse Act

D.

Economic Espionage Act of 1996

Question 29

Which of the following statements are true about TCP/IP model?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

It is consists of various protocols present in each layer.

B.

It provides end-to-end connectivity specifying how data should be formatted, addressed, transmitted, routed and received at the destination.

C.

It is generally described as having five abstraction layers.

D.

It describes a set of general design guidelines and implementations of specific networking protocols to enable computers to communicate over a network.

Question 30

You work as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. You are working as a root user on the Linux operating system. Your company is facing an IP spoofing attack. Which of the following tools will you use to get an alert saying that an upcoming IP packet is being spoofed?

Options:

A.

Dsniff

B.

ethereal

C.

Despoof

D.

Neotrace

Question 31

Which of the following is used to translate domain names into the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide?

Options:

A.

DFSR

B.

DNS

C.

DFS

D.

EFS

Question 32

Which of the following are the countermeasures against a man-in-the-middle attack?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Using Off-channel verification.

B.

Using Secret keys for authentication.

C.

Using basic authentication.

D.

Using public key infrastructure authentication.

Question 33

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one?

Options:

A.

Configuration Identification

B.

Configuration Item Costing

C.

Configuration Status Accounting

D.

Configuration Verification and Auditing

Question 34

A sequence number is a 32-bit number ranging from 1 to 4,294,967,295. When data is sent over the network, it is broken into fragments (packets) at the source and reassembled at the destination system. Each packet contains a sequence number that is used by the destination system to reassemble the data packets in the correct order. The Initial Sequence Number of your computer is 24171311 at login time. You connect your computer to a computer having the IP address 210.213.23.21. This whole process takes three seconds. What will the value of the Initial Sequence Number be at this moment?

Options:

A.

24171811

B.

24171311

C.

24619311

D.

24171111

Question 35

In which of the following techniques does an attacker change the address of the phishing site in such a manner that it can bypass filters or other application defenses that have been put in place to block specific IP addresses?

Options:

A.

Dumpster diving

B.

Reverse social engineering

C.

Shoulder surfing

D.

URL obfuscation

Question 36

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of He receives the following e-mail:

The e-mail that John has received is an example of __________.

Options:

A.

Social engineering attacks

B.

Virus hoaxes

C.

Spambots

D.

Chain letters

Question 37

Complete the following sentence: Quality control is a(n)_______________ process while quality assurance is a(n)________________ process.

Options:

A.

Inspection, costly

B.

Management, inspection

C.

Inspection, prevention

D.

Prevention, inspection.

Question 38

The Incident handling process implemented in an enterprise is responsible to deal with all the incidents regarding the enterprise. Which of the following procedures will be involved by the preparation phase of the Incident handling process?

Options:

A.

Building up an incident response kit

B.

Setting up the initial position after an incident

C.

Working with QA to validate security of the enterprise

D.

Organizing a solution to remove an incident

Question 39

You work as a project manager for an IT project. You are analyzing activity sequences, durations, resource requirements, and schedule constraints to create the project schedule. In which of the following Knowledge Areas are you working on?

Options:

A.

Project Integration Management

B.

Project Time Management

C.

Project Scope Management

D.

Project Risk Management

Question 40

You work as an Exchange Administrator for McRobert Inc. You are configuring a new Exchange 2000 Server computer and two storage groups, group A and group B, on your network. You have to configure the physical disks on the Exchange 2000 Server computer to provide better performance and availability. Which configuration will you use to achieve this?

Options:

A.

Mirrored ---- Transaction Log Files (group A)

Mirrored ---- Transaction Log Files (group B)

RAID5 ------ Information store (groups A and B)

B.

Single drive ---- Transaction Log Files (group A)

Single drive ---- Transaction Log Files (group B)

RAID5 --------- Information Store (groups A and B)

C.

Mirrored ---- Transaction Log Files ( groups A and B)

RAID5 ------ Information Store (groups A and B)

D.

Single drive ----- Transaction Log Files (group A)

Single drive ----- Transaction Log Files (group B)

RAID5 ----------- Information Store (group A)

RAID5 ----------- Information Store (group B)

Question 41

How can you calculate the Annualized Loss Expectancy (ALE) that may occur due to a threat?

Options:

A.

Single Loss Expectancy (SLE) X Annualized Rate of Occurrence (ARO)

B.

Single Loss Expectancy (SLE)/ Exposure Factor (EF)

C.

Asset Value X Exposure Factor (EF)

D.

Exposure Factor (EF)/Single Loss Expectancy (SLE)

Question 42

Rick is a project manager of a construction project. He is aggregating the estimated costs of individual activities or work packages to establish a cost baseline. In which of the following Project Management Knowledge Areas is he working on?

Options:

A.

Project Cost Management

B.

Project Integration Management

C.

Project Time Management

D.

Project Scope Management

E.

Project Quality Management

Question 43

Mark works as a Network Administrator for BlueWell Inc. While surfing the Internet, he enters a URL in the Web browser. A Web page appears after entering the URL. Which of the following protocols can be used to resolve into the correct IP address?

Options:

A.

DNS

B.

SMTP

C.

DHCP

D.

ARP

Question 44

You work as a Network Administrator for Net World Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. A Public Key Infrastructure (PKI) is installed on a server in the domain. You are planning to go on vacation for two weeks. Your team has three assistant administrators. You are required to accomplish the following tasks:

• Delegate the authority to the assistant administrators to issue, approve, and revoke certificates.

• The solution must involve least administrative burden.

Which of the following steps will you take to accomplish the tasks?

Options:

A.

Assign the Certificate Managers role to the assistant administrator user accounts.

B.

Create a new global security group named CertAdmins.

Make the assistant administrators the members of the new group.

Assign the CA Administrator role to the CertAdmins group.

C.

Create a new global security group named CertAdmins.

Make the assistant administrators the members of the new group.

Assign the Enterprise Administrators role to the CertAdmins group.

D.

Create a new global security group named CertAdmins.

Make the assistant administrators the members of the new group.

Assign the Certificate Managers role to the CertAdmins group.

Question 45

You have inserted a Trojan on your friend's computer and you want to put it in the startup so that whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry entries will you edit to accomplish the task?

Options:

A.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

B.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Start

C.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Startup

D.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Auto

Question 46

You work as a technician for Tech Perfect Inc. A user named Rick calls you. He wants to configure a wireless network for his small office. He wants to adopt a wireless technology that supports high data transfer speed. Which of the following technologies will you suggest?

Options:

A.

802.11b

B.

Infrared

C.

Bluetooth

D.

802.11

Question 47

You are the project manager of a large project that will span several time zones. You'll be utilizing project team members from across several departments. Project team members won't be working on the project full-time and will join and leave the project based on assignments in the project schedule.

What project management plan can you create to help you manage when project times will be brought onto and released from the project team?

Options:

A.

Staffing management plan

B.

Team management plan

C.

Project management plan

D.

Human resources management plan

Question 48

Which of the following RAID standards distributes data across multiple disks in a way that gives improved speed at any given instant?

Options:

A.

RAID 01

B.

RAID 3/4

C.

RAID 1

D.

RAID 0

Question 49

Maria works as a Network Security Officer for Gentech Inc. She wants to encrypt her network traffic. The specific requirement for the encryption algorithm is that it must be a symmetric key block cipher.

Which of the following techniques will she use to fulfill this requirement?

Options:

A.

DES

B.

AES

C.

PGP

D.

IDEA

Question 50

John works as a Network Administrator for We-are-secure Inc. The We-are-secure server is based on Windows Server 2003. One day, while analyzing the network security, he receives an error message that Kernel32.exe is encountering a problem. Which of the following steps should John take as a countermeasure to this situation?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

He should upgrade his antivirus program.

B.

He should observe the process viewer (Task Manager) to see whether any new process is running on the computer or not. If any new malicious process is running, he should kill that process.

C.

He should download the latest patches for Windows Server 2003 from the Microsoft site, so that he can repair the kernel.

D.

He should restore his Windows settings.

Question 51

Which of the following programs can be used to detect stealth port scans performed by a malicious hacker?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

portsentry

B.

nmap

C.

scanlogd

D.

libnids

Question 52

Which of the following types of attacks cannot be prevented by a firewall?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Ping flood attack

B.

Phishing attack

C.

Shoulder surfing attack

D.

URL obfuscation attack

Question 53

You are responsible for the security computers in college labs. Since a number of students have significant computer skills, you wish to make security impossible to breach through normal operating system based means. Furthermore, you want to have the security require a password that must be entered before the operating system even loads. What will you do to accomplish the task?

Options:

A.

Implement biometric security.

B.

Implement bios security that prevents the system from loading if the correct password is not entered.

C.

Implement an operating system password that prevents the system from loading if the correct password is not entered.

D.

Implement hard drive encryption with a password tied into the operating system password.

Question 54

Which of the following malware spread through the Internet and caused a large DoS attack in 1988?

Options:

A.

LoveLetter worm

B.

Klez worm

C.

Morris worm

D.

SQL slammer worm

Question 55

Which method is used to configure several disk drives into a logical disk drive and provides faulttolerance, redundancy, lower latency, and higher bandwidth for read/write operations?

Options:

A.

DRM

B.

DAC

C.

RAID

D.

MAC

Question 56

John is a malicious attacker. He illegally accesses the server of We-are-secure Inc. He then places a backdoor in the We-are-secure server and alters its log files. Which of the following steps of malicious hacking includes altering the server log files?

Options:

A.

Reconnaissance

B.

Maintaining access

C.

Covering tracks

D.

Gaining access

Question 57

Dawn is the project manager of the HQQ Project and she believes the project work is done. She has prepared the final project report, which includes information on the financial performance, schedule performance, and project team performance in the project. All of the following documents are used to measure the completeness of the project scope except for which one?

Options:

A.

Project charter

B.

Project WBS Dictionary

C.

Project scope statement

D.

Project WBS

Question 58

Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?

Options:

A.

Single Loss Expectancy (SLE)

B.

Exposure Factor (EF)

C.

Annualized Rate of Occurrence (ARO)

D.

Safeguard

Question 59

An executive in your company reports odd behavior on her PDA. After investigation you discover that a trusted device is actually copying data off the PDA. The executive tells you that the behavior started shortly after accepting an e-business card from an unknown person. What type of attack is this?

Options:

A.

PDA Hijacking

B.

Session Hijacking

C.

Privilege Escalation

D.

Bluesnarfing

Question 60

This type of virus infects programs that can execute and load into memory to perform predefined steps for infecting systems. It infects files with the extensions .EXE, .COM, .BIN, and .SYS. As it can replicate or destroy these types of files, the operating system becomes corrupted and needs reinstallation. This type of virus is known as __________.

Options:

A.

Stealth virus

B.

Multipartite virus

C.

File virus

D.

Polymorphic virus

E.

Boot sector virus

Question 61

Joseph works as a Network Administrator for WebTech Inc. He has to set up a centralized area on the network so that each employee can share resources and documents with one another. Which of the following will he configure to accomplish the task?

Options:

A.

VPN

B.

Intranet

C.

Extranet

D.

WEP

Question 62

John works as a professional Ethical Hacker. He is assigned a project to test the security of He enters a single quote in the input field of the login page of the We-are- secure Web site and receives the following error message:

Microsoft OLE DB Provider for ODBC Drivers error '0x80040E14'

This error message shows that the We-are-secure Website is vulnerable to __________.

Options:

A.

A buffer overflow

B.

An XSS attack

C.

A SQL injection attack

D.

A Denial-of-Service attack

Question 63

Which of the following documents is described in the statement below?

"It is developed along with all processes of the risk management. It contains the results of the qualitative risk analysis, quantitative risk analysis, and risk response planning."

Options:

A.

Risk register

B.

Quality management plan

C.

Project charter

D.

Risk management plan

Question 64

You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

Options:

A.

Recovery

B.

Containment

C.

Preparation

D.

Identification

Question 65

Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?

Options:

A.

Disaster recovery plan

B.

Business continuity plan

C.

Contingency plan

D.

Continuity of Operations Plan

Question 66

You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based network environment. The network contains a Cisco Catalyst router to connect the internal network to the Internet. You want to secure your network from various attacks such as virus, spam, spyware, phishing, etc. You want to secure the whole network through a separate hardware device. Which of the following will you use?

Options:

A.

PIX-Firewall

B.

IDS

C.

IPS

D.

ASA

Question 67

Which of the following viruses replaces the boot sector data with its own malicious code?

Options:

A.

Chernobyl

B.

Explore.Zip

C.

MBR

D.

Nimda

Question 68

The Project Scope Management knowledge area focuses on which of the following processes?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

Create Work Breakdown Structure (WBS)

B.

Verify Scope

C.

Select Sellers

D.

Control Scope

Question 69

You are the Administrator of a Windows 2000 based network for Info Tech Inc. You install and configure Certificate Authorities (CAs) on the network. You are currently configuring the public key group policy for the domain.

You configure the group policy to specify automatic enrollment and renewal for certificates. But when you attempt to test this configuration, you find that the enrollment is not working properly.

What is the most likely cause?

Options:

A.

The group policy is not enabled for the domain.

B.

You failed to add the CA certificate to the trusted root certification authorities container.

C.

Certificate enrollment and renewal is not enabled for the group policy.

D.

An enterprise CA is not online.

Question 70

Which of the following authentication methods is used to enable a Web browser to provide credentials when making a request during an HTTP transaction?

Options:

A.

Anonymous authentication

B.

Digest authentication

C.

Integrated Windows authentication

D.

Basic authentication

Question 71

You are concerned about attackers simply passing by your office, discovering your wireless network, and getting into your network via the wireless connection. Which of the following are NOT steps in securing your wireless connection?

Each correct answer represents a complete solution. Choose two.

Options:

A.

MAC filtering on the router

B.

Strong password policies on workstations.

C.

Not broadcasting SSID

D.

Using either WEP or WPA encryption

E.

Hardening the server OS

Question 72

What does noise in a power line indicate?

Options:

A.

Power degradation that is low and less than normal

B.

Interference superimposed onto the power line

C.

Momentary high voltage

D.

Prolonged loss of power

Question 73

In Which of the following types of white box testing are the test cases designed based on data flow within the code?

Options:

A.

Data flow testing

B.

Control flow testing

C.

Path testing

D.

Branch testing

Question 74

Which type of repudiation states that the creator of the message denies ever creating the message even after creating it?

Options:

A.

Repudiation of submission

B.

Repudiation of creation

C.

Repudiation of receipt

D.

Repudiation of origin

Question 75

Which of the following is used to indicate that the project team has decided not to change the project management plan to deal with a risk or is unable to identify any other suitable response strategy?

Options:

A.

Risk avoidance

B.

Risk transference

C.

Risk acceptance

D.

Risk mitigation

Question 76

Which of the following port numbers is used by the LDAP protocol when it is secured?

Options:

A.

335

B.

120

C.

442

D.

636

Question 77

Which of the following tools can be used to perform polymorphic shell code attacks?

Options:

A.

ADMutate

B.

TrueCrypt

C.

Fragroute

D.

Mendax

Question 78

You work as a Network Administrator in a company. The NIDS is implemented on the network. You want to monitor network traffic. Which of the following modes will you configure on the network interface card to accomplish the task?

Options:

A.

Half duplex

B.

Promiscuous

C.

Full Duplex

D.

Audit mode

Question 79

Which of the following is a cryptographic approach employed by many cryptographic algorithms and cryptosystems?

Options:

A.

Symmetric-key cryptography

B.

Public-key cryptography

C.

Asymmetric-key cryptography

D.

Quantum cryptography

Question 80

Your IDS discovers that an intruder has gained access to your system. You immediately stop that access, change passwords for administrative accounts, and secure your network. You discover an odd account (not administrative) that has permission to remotely access the network. What is this most likely?

Options:

A.

An example of IP spoofing.

B.

A backdoor the intruder created so that he can re-enter the network.

C.

A normal account you simply did not notice before. Large networks have a number of accounts; it is hard to track them all.

D.

An example of privilege escalation.

Question 81

SSH is a network protocol that allows data to be exchanged between two networks using a secure channel. Which of the following encryption algorithms can be used by the SSH protocol?

Each correct answer represents a complete solution. Choose all that apply.

Options:

A.

DES

B.

Blowfish

C.

IDEA

D.

RC4

Question 82

Which of the following colors is used for ultra secret information?

Options:

A.

Yellow

B.

Blue

C.

Red

D.

Orange

Question 83

Joseph works as a Network Administrator for WebTech Inc. He has to set up a centralized area on the network so that each employee can share resources and documents with one another. Which of the following will he configure to accomplish the task?

Options:

A.

VPN

B.

Extranet

C.

Intranet

D.

WEP

Question 84

Which of the following is an input of the close procurements process?

Options:

A.

Organizational process asset updates

B.

Procurement credentials

C.

Project management plan

D.

Closed procurements

Question 85

Which of the following is a type of encryption that uses a single key to encrypt and decrypt data?

Options:

A.

Database encryption

B.

Symmetric encryption

C.

Asymmetric encryption

D.

XML encryption

Page: 1 / 21
Total 567 questions