IISFA ii0-001 practice test

Certified Information Forensics Investigator Exam


Question 1

Which method is NOT regarded as a prevention technique for IP spoofing:

  • A. Not relying on IP address based authentication
  • B. Intrusion Detection System implementation
  • C. Encryption requirement on all network traffic
  • D. Router based packet filtering
Answer:

C

Discussions

Question 2

A SYN attack exploits what aspect of TCP communications?

  • A. Three-way handshake
  • B. Unilateral communication
  • C. Transport layer communication
  • D. Connectionless oriented communication
Answer:

A

Discussions

Question 3

The result of an attack Traceback can be characterized by these three parameters, the degree of
which determines success:

  • A. confidentiality, integrity, and availability
  • B. precision, integrity, and timeliness
  • C. confidentiality, integrity, and accuracy
  • D. precision, accuracy, and timeliness
Answer:

D

Discussions

Question 4

In the OSI stack, which layer is associated with TCP transmissions?

  • A. The application layer
  • B. The data link layer
  • C. The transport layer
  • D. The network layer
Answer:

C

Discussions

Question 5

Which tool is used to confirm the name or IP address of an Internet host:

  • A. Ping
  • B. Traceroute
  • C. Nslookup
  • D. Finger
Answer:

C

Discussions

Question 6

Generally, which header is used to reveal reliable information from forged emails:

  • A. Reply-to header
  • B. Return-receipt-to header
  • C. Received header
  • D. Comments header
Answer:

C

Discussions

Question 7

Added "Received:" headers often include bogus information. All of the following items except one, is
usually incomplete:

  • A. "To:" header
  • B. IDs
  • C. Path
  • D. Dates
Answer:

A

Discussions

Question 8

Clues that a "Received:" header has been forged include all but one of the following:

  • A. Invalid IP address
  • B. Invalid host names
  • C. Invalid Subject line
  • D. Invalid format
Answer:

C

Discussions

Question 9

Widely known tricks used to forge common headers consist of the following except:

  • A. Bogus common headers
  • B. Adding bogus "Received:" headers
  • C. Changing the SMTP id
  • D. Using open relay sites
Answer:

C

Discussions

Question 10

Which header is not used to determine the source of an email?

  • A. "Received:" header
  • B. "Message-ID:" header
  • C. "Delivered:" header
  • D. "SMTP From:" header
Answer:

C

Discussions
To page 2