Which is the first step followed by Vulnerability Scanners for scanning a network?

A. TCP/UDP Port scanning

B. Firewall detection

C. OS Detection

D. Checking if the remote host is alive

Which of the following cryptography attack is an understatement for the extraction of cryptographic secrets

(e.g.

the password to an encrypted file) from a person by a coercion or torture?

A.

Chosen-Cipher text Attack

B.

Ciphertext-only Attack

C.

Timing Attack

D.

Rubber Hose Attack

An attacker, using a rogue wireless AP, performed an MITM attack and injected an HTML code to embed a

malicious applet in all HTTP connections.

When users accessed any page, the applet ran and exploited many machines.

Which one of the following tools the hacker probably used to inject HTML code?

A. Wireshark

B. Ettercap

C. Aircrack-ng

D. Tcpdump

When a security analyst prepares for the formal security assessment - what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?

A. Data items and vulnerability scanning

B. Interviewing employees and network engineers

C. Reviewing the firewalls configuration

D. Source code review

Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

A. ESP transport mode

B. AH permiscuous

C. ESP confidential

D. AH Tunnel mode

What is not a PCI compliance recommendation?

A. Limit access to card holder data to as few individuals as possible.

B. Use encryption to protect all transmission of card holder data over any public network.

C. Rotate employees handling credit card transactions on a yearly basis to different departments.

D. Use a firewall between the public network and the payment card data.

Which of the following is a form of penetration testing that relies heavily on human interaction and often involves tricking people into breaking normal security procedures?

A. Social Engineering

B. Piggybacking

C. Tailgating

D. Eavesdropping

The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host 10.0.0.3. Also he needs to permit all FTP traffic to the rest of the network and deny all other traffic. After he applied his ACL configuration in the router nobody can access to the ftp and the permitted hosts cannot access to the Internet. According to the next configuration what is happening in the network?

A. The ACL 110 needs to be changed to port 80

B. The ACL for FTP must be before the ACL 110

C. The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router

D. The ACL 104 needs to be first because is UDP

Neil notices that a single address is generating traffic from its port 500 to port 500 of several other machines on the network. This scan is eating up most of the network bandwidth and Neil is concerned. As a security professional, what would you infer from this scan?

A. It is a network fault and the originating machine is in a network loop

B. It is a worm that is malfunctioning or hardcoded to scan on port 500

C. The attacker is trying to detect machines on the network which have SSL enabled

D. The attacker is trying to determine the type of VPN implementation and checking for IPSec

Under what conditions does a secondary name server request a zone transfer from a primary name server?

A. When a primary SOA is higher that a secondary SOA

B. When a secondary SOA is higher that a primary SOA

C. When a primary name server has had its service restarted

D. When a secondary name server has had its service restarted

E. When the TTL falls to zero