You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 domain-based network. The network has three Windows Server 2008 member servers and 150 Windows Vista client computers. According to the company's security policy, you want to apply a firewall profile to the network.Choose the firewall profiles supported by Windows Server 2008 and Windows Vista.

Select and Place:

Governance focus with high visibility throughout the organization is a benefit of having the CISO report to which executive role?

A. CSO

B. CIO

C. CRO

D. CTO

What type of policy addresses a governance-related function of an organization's security program?

A. Access control

B. Network monitoring

C. Data encryption

D. Security awareness

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He is using a tool to crack the wireless encryption keys. The description of the tool is as follows:

Which of the following tools is John using to crack the wireless encryption keys?

A. Kismet

B. PsPasswd

C. AirSnort

D. Cain

During which of the following processes, probability and impact matrix is prepared?

A. Perform Quantitative Risk Analysis

B. Plan Risk Responses

C. Monitoring and Control Risks

D. Perform Qualitative Risk Analysis

John works as an IT Technician for PassGuide Inc. One morning, John receives an e-mail from the company's Manager asking him to provide his logon ID and password, but the company policy restricts users from disclosing their logon IDs and passwords. Which type of possible attack is this?

A. Social engineering

B. DoS

C. Trojan horse

D. Replay attack

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He finds that the We-are-secure server is vulnerable to attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against __________.

A. DNS zone transfer

B. SNMP enumeration

C. IIS buffer overflow

D. NetBIOS NULL session

Which of the following statements about a host-based intrusion prevention system (HIPS) are true? Each correct answer represents a complete solution. Choose two.

A. It can handle encrypted and unencrypted traffic equally.

B. It can detect events scattered over the network.

C. It is a technique that allows multiple computers to share one or more IP addresses.

D. It cannot detect events scattered over the network.

Andrew works as a Software Developer for Mansoft Inc. The company's network has a Web server that hosts the company's Web site. Andrew wants to enhance the security of the Web site by implementing Secure Sockets Layer (SSL). Which of the following types of encryption does SSL use? Each correct answer represents a complete solution. Choose two.

A. IPSec

B. Symmetric

C. Secret

D. Asymmetric

You want to use PGP files for steganography. Which of the following tools will you use to accomplish the task?

A. Stealth

B. Snow

C. Blindside

D. ImageHide