NEW QUESTION 1

Which of the following Web attacks is performed by manipulating codes of programming languages such as SQL, Perl, Java present in the Web pages?

• A. Cross-Site Request Forgery
• B. Code injection attack
• C. Cross-Site Scripting attack
• D. Command injection attack

Answer: B

NEW QUESTION 2

You are the Security Consultant and have been contacted by a client regarding their encryption and hashing algorithms. Their in-house network administrator tells you that their current hashing algorithm is an older one with known weaknesses and is not collision resistant. Which algorithm are they most likely using for hashing?

• A. PKI
• B. MD5
• C. SHA
• D. Kerberos

Answer: B

NEW QUESTION 3

Mark works as a Network Administrator for NetTech Inc. The network uses routers from multiple vendors. Mark wants to implement a routing protocol on the company's network that provides VLSM support, scalability and minimal overhead on the network. Which of the following protocols will Mark use to fulfill the requirements?

• A. RIPv1
• B. EIGRP
• C. CDP
• D. OSPF

Answer: D

NEW QUESTION 4

How should you configure USSOWA1 and USSTIME1 to allow secure access for remote employees?
(Click the Exhibit button on the toolbar to see the case study.)
Each correct answer represents a complete solution. Choose three.

• A. Place USSTIME1 on the internal network
• B. Place USSOWA1 on the internal network
• C. Enable all connections from external network
• D. Place USSTIME1 in a DMZ
• E. Place USSOWA1 in a DMZ
• F. Allow only TCP port 443 connections from the external network
• G. Allow only TCP port 80 connections from the external network

Answer: DEF

NEW QUESTION 5

John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?

• A. Web ripping
• B. Email spoofing
• C. Steganography
• D. Social engineering

Answer: C

NEW QUESTION 6

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He copies the whole structure of the We-are-secure Web site to the local disk and obtains all the files on the Web site. Which of the following techniques is he using to accomplish his task?

• A. TCP FTP proxy scanning
• B. Eavesdropping
• C. Fingerprinting
• D. Web ripping

Answer: D

NEW QUESTION 7

In a complex network, Router transfers data packets by observing some form of parameters or metrics provided in the routing table. Which of the following metrics is NOT included in the routing table?

• A. Bandwidth
• B. Load
• C. Delay
• D. Frequency

Answer: D

NEW QUESTION 8

Based on the case study, to implement more security, which of the following additional technologies should you implement for laptop computers?
(Click the Exhibit button on the toolbar to see the case study.) Each correct answer represents a complete solution. Choose two.

• A. Encrypted Data Transmissions
• B. Digital certificates
• C. Two-factor authentication
• D. PAP authentication
• E. Encrypting File System (EFS)

Answer: BE

NEW QUESTION 9

Which of the following processes is responsible for low risk, frequently occurring low cost changes?

• A. Incident Management
• B. IT Facilities Management
• C. Request Fulfillment
• D. Release Management

Answer: C

NEW QUESTION 10

Which of the following devices or hardware parts employs SMART model system as a monitoring system?

• A. Modem
• B. RAM
• C. Hard disk
• D. IDS

Answer: C

NEW QUESTION 11

Which of the following types of firewall functions at the Session layer of OSI model?

• A. Circuit-level firewall
• B. Application-level firewall
• C. Switch-level firewall
• D. Packet filtering firewall

Answer: A

NEW QUESTION 12

Key Distribution Center is used in which authentication method?

• A. Multi-factor
• B. Smart cards
• C. Biometrics
• D. Security tokens
• E. Kerberos
• F. Challenge Handshake Authentication Protocol

Answer: E

NEW QUESTION 13

The security of a computer against the unauthorized usage largely depends upon the efficiency of the applied access control method. Which of the following statements are true about a computer access control method?
Each correct answer represents a complete solution. Choose all that apply.

• A. It can be based upon fingerprint or eye recognition.
• B. It can be time-synchronous.
• C. It provides security against the virus attacks.
• D. It provides security against Eavesdropping.
• E. It checks the authenticity of a person.
• F. It is used to encrypt a message before transmitting it on a network.

Answer: ABE

NEW QUESTION 14

Which of the following statements about asymmetric encryption are true? Each correct answer represents a complete solution. Choose two.

• A. Asymmetric encryption is faster as compared to symmetric encryption.
• B. Asymmetric encryption uses a public key and a private key pair for data encryption.
• C. In asymmetric encryption, only one key is needed to encrypt and decrypt data.
• D. In asymmetric encryption, the public key is distributed and the private key is available only to the recipient of the message.

Answer: BD

NEW QUESTION 15

Which of the following refers to encrypted text?

• A. Plaintext
• B. Cookies
• C. Ciphertext
• D. Hypertext

Answer: C

NEW QUESTION 16
......