Which of the following is used to describe the type of FTP access in which a user does not have
permissions to list the contents of directories, but can access the contents if he knows the path and
file name?
B
Which system is designed to analyze, detect, and report on security-related events?
B
Which of the following viruses is designed to prevent antivirus researchers from examining its code
by using various methods that make tracing and disassembling difficult?
A
Which of the following provides security by implementing authentication and encryption on Wireless
LAN (WLAN)?
A
Which of the following are the examples of administrative controls?
Each correct answer represents a complete solution. Choose all that apply.
A, C
John works as a Programmer for We-are-secure Inc. On one of his routine visits to the company, he
noted down the passwords of the employees while they were typing them on their computer
screens.
Which of the following social engineering attacks did he just perform?
A
Which of the following encryption algorithms is applied in the PGP encryption system?
D
Rick, the Network Administrator of the Fimbry Hardware Inc., wants to design the initial test model
for Internet Access. He wants to fulfill the following goals:
No external traffic should be allowed into the network.
Administrators should be able to restrict the websites which can be accessed by the internal users.
Which of the following technologies should he use to accomplish the above goals? (Click the Exhibit
button on the toolbar to see the case study.)
D
You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server 2008
network environment. The network is configured as a Windows Active Directory-based single forest
single domain network. The domain functional level is set to Windows Server 2003. You have
configured an Active Directory-integrated DNS zone on the network. A new security policy dictates
that each incoming DNS query should be recorded. Which of the following steps will you take to
implement the new security policy?
C
Which of the following are the goals of risk management?
Each correct answer represents a complete solution. Choose three.
A, B, D
The promiscuous mode is a configuration of a network card that makes the card pass all traffic it
receives to the central processing unit rather than just packets addressed to it. Which of the
following tools works by placing the host system network card into the promiscuous mode?
A
Janet is the project manager of the NHQ Project for her company. Janet is nearly done leading the
project and there have been no cost or schedule overruns in the development of the new software
for her company. The project team has been completing their work on time and there is still $75,000
left in the project budget. Janet decides to have the project team implement some extra features to
the project scope to use all of the $75,000 in the budget even though the customer didn't specifically
ask for the added features. This scenario is an example of which one of the following?
B
You are responsible for security at a company that uses a lot of Web applications. You are most
concerned about flaws in those applications allowing some attacker to get into your network. What
method would be best for finding such flaws?
D
Fill in the blank with the appropriate word.
A_______ is a computer system on the Internet that is expressly set up to attract and trap people
who attempt to penetrate other people's computer systems.
honeypot
Which of the following protocols is used as a transport protocol for Internet dial-up connections?
D