New Year Special Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: mxmas70

Home > GIAC > Management > GSLC

GSLC GIAC Security Leadership Certification (GSLC) Question and Answers

Question # 4

Which of the following is a valid space efficiency of RAID 3?

A.

1 - 1/n

B.

1/n

C.

1 - 2/n

D.

1

Full Access
Question # 5

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He finds that the We-are-secure server is vulnerable to attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against __________.

A.

DNS zone transfer

B.

SNMP enumeration

C.

IIS buffer overflow

D.

NetBIOS NULL session

Full Access
Question # 6

Which of the following statements about Digest authentication are true?

Each correct answer represents a complete solution. Choose two.

A.

Digest authentication is a more secure authentication method as compared to Basic authentication.

B.

In Digest authentication, passwords are sent across a network as a hash value, rather than as clear text.

C.

Digest authentication is used by wireless LANs, which follow the IEEE 802.11 standard.

D.

In Digest authentication, passwords are sent across a network as clear text, rather than as a has value.

Full Access
Question # 7

The Project Scope Management knowledge area focuses on which of the following processes?

Each correct answer represents a complete solution. Choose all that apply.

A.

Create Work Breakdown Structure (WBS)

B.

Verify Scope

C.

Select Sellers

D.

Control Scope

Full Access
Question # 8

A Web developer with your company wants to have wireless access for contractors that come in to work on various projects. The process of getting this approved takes time. So rather than wait, he has put his own wireless router attached to one of the network ports in his department. What security risk does this present?

A.

It is likely to increase network traffic and slow down network performance.

B.

An unauthorized WAP is one way for hackers to get into a network.

C.

None, adding a wireless access point is a common task and not a security risk.

D.

This circumvents network intrusion detection.

Full Access
Question # 9

Place the processes that are grouped under the Project Cost Management Knowledge Area in the image below.

A.

Full Access
Question # 10

Which of the following security protocols can be used to support MS-CHAPv2 for wireless client authentication?

Each correct answer represents a complete solution. Choose two.

A.

HTTP

B.

PEAP

C.

IPSec

D.

PPTP

Full Access
Question # 11

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He writes the following snort rule:

This rule can help him protect the We-are-secure server from the __________.

A.

I LOVE YOU virus

B.

Nimda virus

C.

Chernobyl virus

D.

Melissa virus

Full Access
Question # 12

Which of the following are the types of access controls?

Each correct answer represents a complete solution. Choose three.

A.

Physical

B.

Technical

C.

Administrative

D.

Automatic

Full Access
Question # 13

Which of the following is used to translate domain names into the numerical (binary) identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide?

A.

DFSR

B.

DNS

C.

DFS

D.

EFS

Full Access
Question # 14

Which of the following is a popular replacement for halon gas?

A.

FM-200

B.

CO2

C.

SO2

D.

Ozone

Full Access
Question # 15

Which of the following is a read-only copy of a zone and obtains its resource records from other name servers?

A.

Secondary zone

B.

Primary zone

C.

Stub zone

D.

SOA zone

Full Access
Question # 16

Which of the following blocks unwanted advertisements and small windows that pop up suddenly in IE, without user's initiation?

A.

Phishing filter

B.

Pop-up blocker

C.

Content Advisor

D.

Cookies

Full Access
Question # 17

You work as a Network Administrator in a company. The NIDS is implemented on the network. You want to monitor network traffic. Which of the following modes will you configure on the network interface card to accomplish the task?

A.

Half duplex

B.

Promiscuous

C.

Full Duplex

D.

Audit mode

Full Access
Question # 18

Mark works as a Network Administrator for We-are-secure Inc. He finds that the We-are-secure server has been infected with a virus. He presents to the company a report that describes the symptoms of the virus. A summary of the report is given below:

This virus has a dual payload, as the first payload of the virus changes the first megabyte of the hard drive to zero. Due to this, the contents of the partition tables are deleted and the computer hangs.

The second payload replaces the code of the flash BIOS with garbage values. This virus spreads under the Portable Executable File Format under Windows 95, Windows 98, and Windows ME.

Which of the following viruses has the symptoms as the one described above?

A.

Nimda

B.

Chernobyl

C.

I Love You

D.

Melissa

Full Access
Question # 19

Which of the following is used to detect malicious activity such as port scans or even attempts for cracking into computers by monitoring network traffic?

A.

IIPS

B.

NIDS

C.

PIDS

D.

HIDS

Full Access
Question # 20

Which of the following is the best encryption algorithm to encrypt and decrypt messages?

A.

RSA

B.

TripleDES

C.

DES

D.

AES

Full Access
Question # 21

A honey pot is a computer trap that is used to attract potential intruders or attackers. Which of the following are some advantages of honey pots?

Each correct answer represents a complete solution. Choose all that apply.

A.

Risk of takeover

B.

Limited view

C.

Reduced false positives

D.

Small set of data

Full Access
Question # 22

Which of the following encrypts its code differently with each infection or generation of infections?

A.

Boot sector virus

B.

Stealth virus

C.

Polymorphic virus

D.

Macro virus

Full Access
Question # 23

Fill in the blank with the appropriate type of router.

A _________ router performs packet-filtering and is used as a firewall.

Full Access
Question # 24

Which of the following is used to provide the service of exchanging data directly between two hosts on the same network?

A.

STP

B.

UDP

C.

TCP

D.

SNMP

Full Access
Question # 25

John works as a professional Ethical Hacker. He has been assigned the task of testing the security of www.we-are-secure.com. He installs a sniffer on the We-are-secure server thinking that the following protocols of the We-are-secure server are being used in the network:

• HTTP

• SSL

• SSH

• IPSec

Considering the above factors, which of the following types of packets can he expect to see captured in encrypted form when he checks the sniffer's log file?

Each correct answer represents a complete solution. Choose all that apply.

A.

SSH

B.

IPSec

C.

HTTP

D.

SSL

Full Access
Question # 26

Which of the following generates MD5 hashes to check the MD5 value for each file processed and compares it with other MD5 strings?

A.

Chaos MD5

B.

Mat-MD5

C.

md5sum command

D.

MD5 Checksum Verifier

Full Access
Question # 27

Which of the following statements are true about WPA?

Each correct answer represents a complete solution. Choose all that apply.

A.

WPA provides better security than WEP.

B.

Shared-key WPA is vulnerable to password cracking attacks if a weak passphrase is used.

C.

WPA-PSK converts the passphrase into a 256-bit key.

D.

WPA-PSK requires a user to enter an 8-character to 63-character passphrase into a wireless client.

Full Access
Question # 28

You are the project manager of the HQQ Project for your company. You are working with your project stakeholders to discuss the risks in the project that can adversely affect the project objectives. You are discussing the possibilities of causes for an identified risk event in your project. Your stakeholder is confused on the difference between causes and risk events. Which of the following is NOT an example of a cause for a project risk?

A.

Schedule constraints on the project

B.

Limited team members to complete the project work

C.

Quality assurance programs within the company

D.

Work permit requirements

Full Access
Question # 29

You are the Network Administrator for a bank. In addition to the usual security issues, you are concerned that your customers could be the victim of phishing attacks that use fake bank Web sites.

Which of the following would protect against this?

A.

Three factor authentication

B.

Two factor authentication

C.

Mutual authentication

D.

MAC

Full Access
Question # 30

Which of the following wireless security standards supported by Windows Vista provides the highest level of security?

A.

WPA-PSK

B.

WPA-EAP

C.

WPA2

D.

WEP

Full Access
Question # 31

You are concerned about possible hackers doing penetration testing on your network as a prelude to an attack. What would be most helpful to you in finding out if this is occurring?

A.

Examining your firewall logs

B.

Examining your antivirus logs

C.

Examining your domain controller server logs

D.

Examining your DNS Server logs

Full Access
Question # 32

Which of the following terms related to risk management represents the estimated frequency at which a threat is expected to occur?

A.

Single Loss Expectancy (SLE)

B.

Exposure Factor (EF)

C.

Annualized Rate of Occurrence (ARO)

D.

Safeguard

Full Access
Question # 33

A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which type of attack is this?

A.

Vulnerability attack

B.

Denial-of-Service attack

C.

Impersonation attack

D.

Social Engineering attack

Full Access
Question # 34

Which of the following is used to authenticate asymmetric keys?

A.

MAC Address

B.

Digital signature

C.

Demilitarized zone (DMZ)

D.

Password

Full Access
Question # 35

Which of the following tools can be used to read NetStumbler's collected data files and present street maps showing the logged WAPs as icons, whose color and shape indicates WEP mode and signal strength?

A.

NetStumbler

B.

WEPcrack

C.

StumbVerter

D.

Kismet

Full Access
Question # 36

Dawn is the project manager of the HQQ Project and she believes the project work is done. She has prepared the final project report, which includes information on the financial performance, schedule performance, and project team performance in the project. All of the following documents are used to measure the completeness of the project scope except for which one?

A.

Project charter

B.

Project WBS Dictionary

C.

Project scope statement

D.

Project WBS

Full Access
Question # 37

Which of the following statements about a certification authority (CA) is true?

A.

It is a non-profit organization that sets security standards for e-commerce.

B.

It issues physical certificates that confirm the identity of entities.

C.

It is a business-to-consumer (B2C) commerce model that is used for high-volume transactions.

D.

It is a trusted third-party organization that issues digital certificates to create digital signatures and public key pairs.

Full Access
Question # 38

Holly is the project manager of the GHQ Project for her organization. The project is using the AAA IT Integrators Corporation as a vendor to do a portion of the project work. Mitch Smith, the IT Directors for the AAA IT Integrators Corporation, reports that his team has completed the project work. Holly and her team review the deliverables and she confirms that Mitch's team has indeed completed the work according to the statement of work. What document should Holly refer to now to determine the next course of action with the AAA IT Integrators Corporation?

A.

Procurement management plan

B.

Statement of Work

C.

Contract

D.

Project management plan

Full Access
Question # 39

Which of the following is used to identify a particular 802.11 wireless LAN?

A.

Basic Service Set (BSS)

B.

Basic Service Set Identifier (BSSID)

C.

Independent Basic Service Set (IBSS)

D.

Service Set Identifier (SSID)

Full Access
Question # 40

You work as a Network Administrator for PassGuide Inc. Adam, your assistant, wants to perform a backup of the server. Which of the following authentication methods will you assign to Adam?

A.

RBAC

B.

OrBAC

C.

DAC

D.

NAC

Full Access
Question # 41

You work as a Network Administrator for Tech Perfect Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. You install access points for enabling a wireless network. The sales team members and the managers in the company will be using laptops to connect to the LAN through wireless connections. Therefore, you install WLAN network interface adapters on their laptops. However, you want to restrict the sales team members and managers from communicating directly to each other. Instead, they should communicate through the access points on the network. Which of the following topologies will you use to accomplish the task?

A.

Infrastructure

B.

Star

C.

Ad hoc

D.

Mesh

Full Access
Question # 42

You are the project manager of the NJJ project. Your enterprise environmental factors require that you establish certain risk management rules regarding low risks within your project. What is the best policy for risks with low probability and low impact in the project management?

A.

These risks should be placed in the risk register.

B.

These risks should be identified, but dismissed.

C.

These risks should be accepted.

D.

These risks should be placed on a watchlist for future monitoring.

Full Access
Question # 43

Andrew works as a Software Developer for Mansoft Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to enhance the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use?

Each correct answer represents a complete solution. Choose two.

A.

IPSec

B.

Symmetric

C.

Secret

D.

Asymmetric

Full Access
Question # 44

You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. All client computers on the network run Windows XP Professional. You configure a public key infrastructure (PKI) on the network. You configure a root CA and a subordinate CA on the network. For security reasons, you want to take the root CA offline. You are required to configure the CA servers to support for certificate revocation. Choose the steps you will require to accomplish the task.

A.

Full Access
Question # 45

You work as a project manager for TYU project. You are planning for risk mitigation. You need to identify the risks that will need a more in-depth analysis. Which of the following activities will help you in this?

A.

Qualitative analysis

B.

Quantitative analysis

C.

Risk identification

D.

Estimate activity duration

Full Access
Question # 46

Olive is the program manager for her organization. She has created a request for proposal for a large portion of her program. In this work to be procured she has set several requirements for the vendors to participate. The chief among these requirements is a vendor must have at least four licensed electricians in his team. This requirement for four licensed electricians is an example of which one of the following terms?

A.

Vendor analysis requirements

B.

Scoring model

C.

Evaluation criteria

D.

Screening system

Full Access
Question # 47

In which of the following attacks does an attacker create the IP packets with a forged (spoofed) source IP address with the purpose of concealing the identity of the sender or impersonating another computing system?

A.

Polymorphic shell code attack

B.

IP address spoofing

C.

Cross-site request forgery

D.

Rainbow attack

Full Access
Question # 48

You have installed Windows Vista Home Premium on your home computer. The computer is connected to the Internet through an ADSL connection. You want to protect yourself from the traps of fraudulent sites. Which of the following features of Internet Explorer 7+ will you use?

A.

Pop-up blocker

B.

Protected mode

C.

Privacy settings

D.

Phishing filter

Full Access
Question # 49

You are a Network Administrator in an enterprise. You have been assigned the task of installing Windows 2000 and some other applications, on each computer on the network. But in the enterprise environment, it is not cost effective to install Windows 2000 and other applications, using the standard interactive setup on each computer. You plan to perform automated installation on multiple computers. Which of the following installation tasks can be automated?

Each correct answer represents a complete solution. Choose all that apply.

A.

Service Packs for Windows 2000 Server.

B.

Any application that does not run as a service.

C.

Additional language support for Windows 2000 Server, through the installation of various language packs.

D.

Any application that runs as a service.

E.

The core operating system of Windows 2000 Server.

Full Access
Question # 50

You work as a Network Administrator for Blue Well Inc. The company has a Windows Server 2008 domain-based network. All client computers on the network run Windows Vista Ultimate. Andy, a Finance Manager, uses Windows Mail to download his e-mails to his inbox. He complains that every now and then he gets mails asking for revealing personal or financial information. He wants that such mails are not shown to him. Which of the following steps will you take to accomplish the task?

A.

Remove domain names of such emails from the Safe Sender's list.

B.

Configure phishing filter in Internet Explorer 7.0.

Configure it to filter all phishing mails.

C.

Configure phishing filter in Windows Mail.

Configure it to move such mails to the Junk Mail folder.

D.

Add domain names of such emails in the Block Sender's list.

Full Access
Question # 51

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He installs a rootkit on the Linux server of the We-are-secure network. Which of the following statements are true about rootkits?

Each correct answer represents a complete solution. Choose all that apply.

A.

They allow an attacker to conduct a buffer overflow.

B.

They allow an attacker to replace utility programs that can be used to detect the attacker's activity.

C.

They allow an attacker to set a Trojan in the operating system and thus open a backdoor for anytime access.

D.

They allow an attacker to run packet sniffers secretly to capture passwords.

Full Access
Question # 52

You are the program manager for your organization. You have proposed a program that will cost $750,000 and will last for four years. Management is concerned with the cost of the program in relation to the return your program will bring. If the rate of return is six percent what is the minimum value your project should return in four years based on the investment of the program?

A.

$795,000

B.

$750,001

C.

$946,857

D.

$750,000

Full Access
Question # 53

Which of the following statements about Encapsulating Security Payload (ESP) are true?

Each correct answer represents a complete solution. Choose two.

A.

It is an IPSec protocol.

B.

It is a text-based communication protocol.

C.

It uses TCP port 22 as the default port and operates at the application layer.

D.

It can also be nested with the Layer Two Tunneling Protocol (L2TP).

Full Access
Question # 54

You work as a Network Administrator for Infosec Inc. The company has a Windows 2003-based server. You have installed McAfee antivirus as well as anti-spyware software on the server. One day, you come to know that not only have the security applications running on the server (including software firewalls, anti-virus, and anti-spyware) been disabled, but the anti-virus and anti-spyware definitions have also been deleted. You suspect that this is due to malware infection. Which of the following types of malware is the most likely cause of the issue?

A.

Whack-A-Mole

B.

FireKiller 2000

C.

Beast

D.

SubSeven

Full Access
Question # 55

An organization has a standardized change management plan that all project managers must adhere to. A project manager has worked with the Change Control Board in his organization to approve a change to project scope. What should the standardized change management plan require the project manager to do with the approved scope change?

A.

Perform risk assessment on the new change.

B.

Communicate the change to the vendor.

C.

Create a cost estimate for the change.

D.

Update the WBS.

Full Access
Question # 56

Which of the following password authentication schemes enables a user with a domain account to log on to a network once, using a password or smart card, and to gain access to multiple computers in the domain without being prompted to log in again?

A.

Single Sign-On

B.

Dynamic

C.

One-time password

D.

Kerberos

Full Access
Question # 57

What is the term used to describe the cost of the solution after the solution has been implemented in production by a vendor?

A.

Total cost of ownership

B.

Total ownership costing

C.

Sustainability fees

D.

Lifecycle maintenance fees

Full Access
Question # 58

Which of the following layers of TCP/IP model is used to move packets between the Internet Layer interfaces of two different hosts on the same link?

A.

Application layer

B.

Transport Layer

C.

Link layer

D.

Internet layer

Full Access
Question # 59

Consider the following diagram:

What is the highlighted area of the diagram known as?

A.

Rule of Seven

B.

Control point

C.

Control chart

D.

Six Sigma

Full Access
Question # 60

Maria works as a professional Ethical Hacker. She has been assigned the project of testing the security of www.gentech.com. She is using dumpster diving to gather information about Gentech Inc. In which of the following steps of malicious hacking does dumpster diving come under?

A.

Multi-factor authentication

B.

Role-based access control

C.

Mutual authentication

D.

Reconnaissance

Full Access
Question # 61

Which of the following viruses/worms uses the buffer overflow attack?

A.

Code red worm

B.

Klez worm

C.

Nimda virus

D.

Chernobyl (CIH) virus

Full Access
Question # 62

Which of the following activities result in change requests?

Each correct answer represents a complete solution. Choose all that apply.

A.

Preventive actions

B.

Inspection

C.

Defect repair

D.

Corrective actions

Full Access
Question # 63

You are the program manager for your organization. Management has asked that you determine when resources, such as leased equipment, are no longer needed so that you may release the resources to save time, money, and utilization of resources within your program. What program management process is management asking you to perform?

A.

Contract administration

B.

Resource management

C.

Procurement management

D.

Resource control

Full Access
Question # 64

Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active Directory domain-based network. The domain contains one hundred Windows XP Professional client computers. Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will use Wired Equivalent Privacy (WEP) for all the connections. According to the company's security policy, the client computers must be able to automatically connect to the wireless LAN. However, the unauthorized computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants to configure all the wireless access points and client computers to act in accordance with the company's security policy. What will he do to accomplish this?

Each correct answer represents a part of the solution. Choose three.

A.

Configure the authentication type for the wireless LAN to Open system.

B.

Install a firewall software on each wireless access point.

C.

Configure the authentication type for the wireless LAN to Shared Key.

D.

Disable SSID Broadcast and enable MAC address filtering on all wireless access points.

E.

Broadcast SSID to connect to the access point (AP).

F.

On each client computer, add the SSID for the wireless LAN as the preferred network.

Full Access
Question # 65

You are a project manager of a construction project. You are documenting project purchasing decisions, specifying the approach, and identifying potential sellers. You are in which of the following processes?

A.

Plan Procurements

B.

Administer Procurements

C.

Close Procurements

D.

Conduct Procurements

Full Access
Question # 66

Which of the following tools works both as an encryption-cracking tool and as a keylogger?

A.

Magic Lantern

B.

KeyGhost Keylogger

C.

Alchemy Remote Executor

D.

SocketShield

Full Access
Question # 67

Which of the following tools can be used to automate the MITM attack?

A.

Airjack

B.

Kismet

C.

IKECrack

D.

Hotspotter

Full Access
Question # 68

A sequence number is a 32-bit number ranging from 1 to 4,294,967,295. When data is sent over the network, it is broken into fragments (packets) at the source and reassembled at the destination system. Each packet contains a sequence number that is used by the destination system to reassemble the data packets in the correct order. The Initial Sequence Number of your computer is 24171311 at login time. You connect your computer to a computer having the IP address 210.213.23.21. This whole process takes three seconds. What will the value of the Initial Sequence Number be at this moment?

A.

24171811

B.

24171311

C.

24619311

D.

24171111

Full Access
Question # 69

Mark works as a Network Administrator for Technet Inc. The company has a Windows 2003 domainbased network. The network has a file server that uses a RAID-5 volume. The RAID-5 volume is configured with five hard disk drives. Over the weekend, a drive in the RAID-5 volume fails. What will Mark do to restore the RAID-5 volume?

A.

Replace the failed drive with a new one, use Disk Management, select a new area of free space, and then regenerate the volume.

B.

Use FDISK to delete the RAID-5 volume, and then restore data from the tape backup.

C.

Use Disk Management, select the failed drive, and then regenerate the volume.

D.

Replace the failed drive with a new one, use FDISK, select a new area of free space, and then regenerate the volume.

Full Access
Question # 70

Which of the following tools is a Windows-based commercial wireless LAN analyzer for IEEE 802.11b and supports all high level protocols such as TCP/IP, NetBEUI, and IPX?

A.

John the Ripper

B.

Cheops-ng

C.

AiroPeek

D.

Sam Spade

Full Access
Question # 71

You are concerned about rogue wireless access points being connected to your network. What is the best way to detect and prevent these?

A.

Network anti-spyware software

B.

Protocol analyzers

C.

Network anti-virus software

D.

Site surveys

Full Access
Question # 72

Maria works as a professional Ethical Hacker. She recently has been assigned a project to test the security of www.we-are-secure.com. The company has provided the following information about the infrastructure of its network:

• Network diagrams of the we-are-secure infrastructure

• Source code of the security tools

• IP addressing information of the we-are-secure network

Which of the following testing methodologies is we-are-secure.com using to test the security of its network?

A.

Blackbox

B.

Alpha testing

C.

Whitebox

D.

Graybox

Full Access
Question # 73

Which of the following types of security will be the cause of concern if the server has been stolen from the organization's premises?

A.

Information security

B.

Operational security

C.

Physical security

D.

User authentication

Full Access
Question # 74

Which of the following tools can be used to detect the steganography?

A.

Blindside

B.

ImageHide

C.

Dskprobe

D.

Snow

Full Access
Question # 75

What is the major difference between a worm and a Trojan horse?

A.

A worm is a form of malicious program, while a Trojan horse is a utility.

B.

A Trojan horse is a malicious program, while a worm is an anti-virus software.

C.

A worm is self replicating, while a Trojan horse is not.

D.

A worm spreads via e-mail, while a Trojan horse does not.

Full Access
Question # 76

Which of the following terms describes the statement given below?

"It is a service on a computer system (usually a server) that delays incoming connections for as long as possible. The technique was developed as a defense against a computer worm, and the idea is that network abuses, such as spamming or broad scanning, are less effective if they take too long."

A.

Honeytokens

B.

Honeynet

C.

Honeypot

D.

Tarpit

Full Access
Question # 77

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one?

A.

Configuration Identification

B.

Configuration Item Costing

C.

Configuration Status Accounting

D.

Configuration Verification and Auditing

Full Access
Question # 78

You are the project manager of the GYG Project. A new scope change is being considered for your project. You are concerned, however, that the scope change may add costs, risks, and adversely affect the project schedule. What project management process is responsible for evaluating the full effect of a proposed scope change on your project?

A.

Schedule change control

B.

Scope change control

C.

Integrated change control

D.

Change Control Board approval process

Full Access
Question # 79

Which of the following are based on malicious code?

Each correct answer represents a complete solution. Choose two.

A.

Trojan horse

B.

Worm

C.

Biometrics

D.

Denial-of-Service (DoS)

Full Access
Question # 80

Which of the following types of attacks cannot be prevented by technical measures only?

A.

Social engineering

B.

Smurf DoS

C.

Brute force

D.

Ping flood attack

Full Access
Question # 81

You work as a Network Administrator for McNeil Inc. The company has a Windows Server 2008 network environment. The network is configured as a Windows Active Directory-based single forest domain-based network. The company's management has decided to provide laptops to its sales team members. These laptops are equipped with smart card readers. The laptops will be configured as wireless network clients. You are required to accomplish the following tasks:

The wireless network communication should be secured.

The laptop users should be able to use smart cards for getting authenticated.

In order to accomplish the tasks, you take the following steps:

Configure 802.1x and WEP for the wireless connections.

Configure the PEAP-MS-CHAP v2 protocol for authentication

What will happen after you have taken these steps?

A.

The laptop users will be able to use smart cards for getting authenticated.

B.

None of the tasks will be accomplished.

C.

Both tasks will be accomplished.

D.

The wireless network communication will be secured.

Full Access
Question # 82

The Incident handling process implemented in an enterprise is responsible to deal with all the incidents regarding the enterprise. Which of the following procedures will be involved by the preparation phase of the Incident handling process?

A.

Building up an incident response kit

B.

Setting up the initial position after an incident

C.

Working with QA to validate security of the enterprise

D.

Organizing a solution to remove an incident

Full Access
Question # 83

Which of the following refers to the process of verifying the identity of a person, network host, or system process?

A.

Auditing

B.

Packet filtering

C.

Authentication

D.

Hacking

Full Access
Question # 84

Which of the following attacks is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the keys is known to the attacker?

A.

Adaptive chosen-ciphertext

B.

Chosen-ciphertext

C.

Chosen-plain-supermodel

D.

Related-key

Full Access
Question # 85

You check the logs on several clients and find that there is traffic coming in on an odd port (port 1872). All clients have the Windows XP firewall turned on. What should you do to block this unwanted traffic?

A.

Trace back that traffic and find its origin.

B.

Check the exceptions in the firewall and unselect that port exception.

C.

Perform a virus scan to find the virus responsible for this traffic.

D.

Shut down the service that connects to that port.

Full Access