Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use
Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
If you wanted to use Public Key cryptography to encrypt data transmissions, which of the following ciphers could you use?
Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use
Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
What type of cryptographic system is represented in this image?
In Windows 2003, there are four methods of implementing IPSec. They are:
1 - Require Security
2 - Request Security
3 - Respond Only
4 - No IPSec Policy
Your network hosts many servers, and different security policies are in place in different locations in the network. The Clients and Servers in your network are configured as follows:
-You have servers numbered 1-9, which have a policy stating they require no network traffic security.
-You have servers numbered 10-19, which have a policy stating they are not required to be secure, but will encrypt network traffic if the client is able to receive it.
-You have servers numbered 20-29, which have a policy stating they are required to be secure and all network traffic they deliver must be secured.
-You have clients numbered 60-79 that are required to access secure servers 20-29.
-You have clients numbered 80-99 that are not required to access secure servers 20-29, but are required to access servers 1-9 and 10-19.
Based on the Client and Server configuration provided above, which of the following computers must implement IPSec method 3?
You are setting the permissions on a new file in Linux. What will be the level of permission given to the user if you assign an Octal value of 6?
When a cryptanalyst is using linguistic patterns to decrypt ciphertext, what is the analyst doing?
You wish to add a new user to your Linux system. The user account is called Lnx_1,the password is QW3RTY, and the group is Users. What is the correct command to add this user account?
What type of cryptographic system is represented in this image?
You wish to install a new Windows 2003 Server in your network, and are deciding which of the server roles will best suit your environment. From the following answers, select the option that is not a Windows 2003 Server Role.
Which one of the following is an incorrect mod equation?
When using the 3DES encryption ( C = EK1[DK2[EK1[P]]] ) , what is the function of D?
You are running a Linux Server for your organization. You realize after a security scan that the Telnet service is accepting connections, which you do not want. In order to disable the computers ability to accept incoming Telnet sessions, the easiest method for you to choose is which of the following?
After installing a new application on your SuSe Linux server, you need to read through the log files.
When you open the files, you notice they are very long, and you only wish to check the newest entries to the file. What command do you use to perform this action?
On your Linux computer you are examining the contents of various files to ensure they are secured and contain the designated information. Entries in the /etc/hosts file consist of which of the following?
Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use
Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
In Windows Server 2003, there are four methods of implementing IPSec. They are:
1 - Require Security
2 - Request Security
3 - Respond Only
4 - No IPSec Policy
Your network hosts many servers, and different security policies are in place in different locations in the network. The Clients and Servers in your network are configured as follows:
-You have servers numbered 1-9, which have a policy stating they require no network traffic security.
-You have servers numbered 10-19, which have a policy stating they are not required to be secure, but will encrypt network traffic if the client is able to receive it.
-You have servers numbered 20-29, which have a policy stating they are required to be secure and all network traffic they deliver must be secured.
-You have clients numbered 60-79 that are required to access secure servers 20-29.
-You have clients numbered 80-99 that are not required to access secure servers 20-29, but are required to access servers 1-9 and 10-19.
Based on the Client and Server configuration provided above, which of the following computers will implement IPSec method 4?
Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
One of your users calls to state that their computer is acting unusual. You go to investigate and find there is an unauthorized program installed on this computer. You examine the network and find that this program is now on other machines in the network. It seems to be unable to move through the network on its own, and is getting sent as an email attachment. What type of program is in the network?
You are forming the security policy for your organization. You have identified those in the organization who will participate in the creation of the policy. Several of the people you have contacted wish to know what will be on the agenda during the first meeting. During the very first policy design meeting, which of the following issues will you tell those in the policy committee to discuss?
To increase the security of your corporate website, you are running some basic checks on leaked information. You view the source code for a web page and see the following:
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<meta name="GENERATOR" content="FrontPage 4.0">
<meta name="ProgId" content="Editor.Document">
<title>Security Certifications for the IT Pro</title>
</head>
From this code, which of the following would an attacker most likely assume is the operating system that was used to create this web site?
You have been hired to work in the security division of a global Tier One ISP. You have been given a staff of 25 people all new to network security. You wish to bring them all up to speed on the components of the Internet and how they interact. Which one of the following is not a major component of the Internet?
Which of the following is the name of the Active X authentication system Microsoft has included to prevent Active X controls from being altered or corrupted by attackers wanting to perform unwarranted operations?
If an attacker uses a program that sends thousands of email messages to every user of the network, some of them with over 50MB attachments. What are the possible consequences to the email server in the network?
You have a series of new Windows Server 2003 systems, including 3 new web servers running IIS 6.0.
You are concerned about the overall security of your servers, and are checking with Microsoft for any patches or updates that you might need to apply to your systems. Which of the following would you apply if you need to implement an update based on a critical Microsoft Security Bulletin?
Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use
Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
To increase the security of your network and systems, it has been decided that EFS will be implemented in the appropriate situations. Two users are working on a common file, and often email this file back and forth between each other. Is this a situation where the use of EFS will create effective security, and why (or why not)?
Often times attackers will run scans against the network to identify different network and operating systems, and resources that are available. If an attacker runs scans on the network, and you are logging the connections, which of the following represent the legitimate combination of packets that will be sent between the attacker and target?
You work for a medium sized ISP and there have been several attacks of the DNS configuration recently.
You are particularly concerned with DNS Spoofing attacks. If an attacker is able to send out false data to a
DNS client before the response from the DNS server arrives, this is which type of DNS Spoofing?
You have just recently finished a complete Risk Analysis of your organization. During your presentation you present the controls you feel must be implemented. Which is considered to be the major factor in determining a specific control system to implement?
Recently, you have seen an increase in intrusion attempts and in network traffic. You decide to use Snort to run a packet capture and analyze the traffic that is present. Looking at the example, what type of traffic did Snort capture in this log file?
You are discussing the design and infrastructure of the Internet with several colleagues when a disagreement begins over the actual function of the Tier System in the Internets design. What is the function of the Tier System in the physical structure of the Internet?
Recently at your organization you have been requested to lead the team in performing a new Risk Analysis of the organization. During the first team meeting you identify to your team the three areas of Risk Analysis. What are those three areas?
Which two of the following are factors that must be considered in determining the likelihood of occurrence during a risk analysis review?