Which of the following is an attack with IP fragments that cannot be reassembled?
Which of the following types of firewall functions by creating two different communications, one between the client and the firewall, and the other between the firewall and the end server?
Sam works as a Security Manager for ABC Inc. The company has a Windows-based network. Sam wants to prevent specific traffic from IDP processing in order to reduce false positives.
Which of the following rulebases will he use to accomplish the task?
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.abc.com. You have searched all open ports of the ABC server. Now, you want to perform the next information-gathering step, i.e., passive OS fingerprinting.
Which of the following tools can you use to accomplish the task?
As a professional hacker, you want to crack the security of secureserver.com. For this, in the information gathering step, you performed scanning with the help of nmap utility to retrieve as many different protocols as possible being used by the secureserver.com so that you could get the accurate knowledge about what services were being used by the secure server.com.
Which of the following nmap switches have you used to accomplish the task?
Andrew works as a Forensic Investigator for PassGuide Inc. The company has a Windows-based environment. The company's employees use Microsoft Outlook Express as their e-mail client program. E-mails of some employees have been deleted due to a virus attack on the network. Andrew is therefore assigned the task to recover the deleted mails.
Which of the following tools can Andrew use to accomplish the task?
Each correct answer represents a complete solution. (Choose two.)
Which of the following Intrusion Detection Systems (IDS) is used to monitor rogue access points and the use of wireless attack tools?
Which of the following is used to provide hook handling facility within the Linux kernel in order to capture and manipulate network packets?
Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?
Which of the following limits the number of packets seen by tcpdump?
Which of the following are the types of intrusion detection systems?
Each correct answer represents a complete solution. (Choose all that apply.)
Which of the following are packet filtering tools for the Linux operating system?
Each correct answer represents a complete solution. (Choose all that apply.)
Which of the following is used as a default port by the TELNET utility?
Which of the following can be used to mitigate the evil twin phishing attack?
You work as a Network Architect for Tech Perfect Inc. The company has a corporate LAN network. You will have to perform the following tasks:
• Limit events that occur from security threats such as viruses, worms, and spyware.
• Restrict access to the network based on identity or security posture.
Which of the following services will you deploy in the network to accomplish the tasks?
Which of the following has a set of system-independent functions for packet capture and network analysis?
John works as a Security Manager for Gentech Inc. He uses an IDP engine to detect the type of interactive traffic produced during an attack in which the attacker wants to install the mechanism on a host system that facilitates the unauthorized access and breaks the system confidentiality.
Which of the following rulebases will he use to accomplish the task?
You want to create a binary log file using tcpdump.
Which of the following commands will you use?
You work as a Network Administrator for ABC Inc. The company has a corporate intranet setup. A router is configured on your network to connect outside hosts to the internetworking. For security, you want to prevent outside hosts from pinging to the hosts on the internetwork.
Which of the following steps will you take to accomplish the task?
Your customer is concerned about security. He wants to make certain no one in the outside world can see the IP addresses inside his network.
What feature of a router would accomplish this?
Which of the following algorithms is used as a default algorithm for ESP extension header in IPv6?
An organization has more than a couple of external business, and exchanges dynamic routing information with the external business partners. The organization wants to terminate all routing from a partner at an edge router, preferably receiving only summary routes from the partner.
Which of the following will be used to change all partner addresses on traffic into a range of locally assigned addresses?
Which of the following TShark options is used to set capture buffer size in MB?
Which of the following tools is used to analyze the files produced by several popular packetcapture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?
You work as a Network Troubleshooter for ABC Inc. You want to tunnel the IPv6 traffic across an IPv4 supporting portion of the company's network.
You are using the interface configuration mode for the tunnel.
Which of the following IP addresses will you enter after the tunnel source command?
Which of the following commands in MQC tool matches IPv4 and IPv6 packets when IP parameter is missing?
Which of the following is used to implement a procedure to control inbound and outbound traffic on a network?
You are implementing a host based intrusion detection system on your web server. You feel that the best way to monitor the web server is to find your baseline of activity (connections, traffic, etc.) and to monitor for conditions above that baseline.
This type of IDS is called __________.
You work as a Network Administrator for Net World Inc. You have configured a few routers on the company's network. You are required to accomplish the following goals:
• Encrypt all service passwords immediately.
• Ensure that encryption is also applied on the passwords changed in the future.
You run the following command service password-encryption.
Which of the goals will this action accomplish?
Audit trail or audit log is a chronological sequence of audit records, each of which contains evidence directly pertaining to and resulting from the execution of a business process or system function.
Under which of the following controls does audit control come?
The promiscuous mode is a configuration of a network card that makes the card pass all traffic it receives to the central processing unit rather than just packets addressed to it.
Which of the following tools works by placing the host system network card into the promiscuous mode?
You are tasked with configuring your routers with a minimum security standard that includes the following:
• A local Username and Password configured on the router
• A strong privilege mode password
• Encryption of user passwords
• Configuring telnet and ssh to authenticate against the router user database
Choose the configuration that meets these requirements best.
You work as a technician for Tech Perfect Inc. You are troubleshooting an Internet name resolution issue. You ping your ISP's DNS server address and find that the server is down. You want to continuously ping the DNS address until you have stopped the command.
Which of the following commands will you use?
You work as a Network Administrator for Rick International. The company has a TCP/IP-based network. A user named Kevin wants to set an SSH terminal at home to connect to the company's network. You have to configure your company's router for it.
By default, which of the following standard ports does the SSH protocol use for connection?
You work as the Security Administrator for Prodotxiss Inc. You want to ensure the security of your Wi-Fi enterprise network against the wireless snooping attacks.
Which of the following measures will you take over the site network devices of the network?
You are a professional Computer Hacking forensic investigator. You have been called to collect the evidences of Buffer Overflows or Cookie snooping attack.
Which of the following logs will you review to accomplish the task?
Each correct answer represents a complete solution. (Choose all that apply.)
Distributed Checksum Clearinghouse (DCC) is a hash sharing method of spam email detection.
Which of the following protocols does the DCC use?
Jacob is worried about sniffing attacks and wants to protect his SMTP transmissions from this attack.
What can he do to accomplish this?
You are the Administrator for a corporate network. You are concerned about denial of service attacks.
Which of the following would be most helpful against Denial of Service (DOS) attacks?
Adam, a malicious hacker purposely sends fragmented ICMP packets to a remote target. The total size of this ICMP packet once reconstructed is over 65,536 bytes.
On the basis of above information, which of the following types of attack is Adam attempting to perform?
Which of the following number ranges is used for the IPX Standard ACL?
Which of the following security protocols uses a single, manually configured, static key for data encryption that is shared by the client and the WAP?