Q211 - Advanced encryption standard is an algorithm used for which of the following?

1. Data integrity
2. Key discovery
3. Bulk data encryption
4. Key recovery

Q212 - Which of the following tools can be used to perform a zone transfer?

1. NSLookup
2. Finger
3. Dig
4. Sam Spade
5. Host
6. Netcat
7. Neotrace

Q213 - By using a smart card and pin, you are using a two-factor authentication that satisfies

1. Something you know and something you are
2. Something you have and something you know
3. Something you have and something you are
4. Something you are and something you remember

Q214 - Your business has decided to add credit card numbers to the data it backs up to tape. Which of the following represents the best practice your business should observe?

1. Hire a security consultant to provide direction.
2. Do not back up cither the credit card numbers or then hashes.
3. Back up the hashes of the credit card numbers not the actual credit card numbers.
4. Encrypt backup tapes that are sent off-site.

Q215 - You are performing a penetration test. You achieved access via a buffer overflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator's bank account password and login information for the administrator's bitcoin account. What should you do?

1. Report immediately to the administrator
2. Do not report it and continue the penetration test.
3. Transfer money from the administrator's account to another account.
4. Do not transfer the money but steal the bitcoins.

Q216 - A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wire shark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?

1. tcp.port != 21
2. tcp.port = 23
3. tcp.port ==21
4. tcp.port ==21 || tcp.port ==22

Q217 - Some clients of TPNQM SA were redirected to a malicious site when they tried to access the TPNQM main site. Bob, a system administrator at TPNQM SA, found that they were victims of DNS Cache Poisoning. What should Bob recommend to deal with such a threat?

1. The use of security agents in clients' computers
2. The use of DNSSEC
3. The use of double-factor authentication
4. Client awareness

Q218 - During a security audit of IT processes, an IS auditor found that there were no documented security procedures. What should the IS auditor do?

1. Identify and evaluate existing practices
2. Create a procedures document
3. Conduct compliance testing
4. Terminate the audit

Q219 - A company's Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application. What kind of Web application vulnerability likely exists in their software?

1. Cross-site scripting vulnerability
2. Cross-site Request Forgery vulnerability
3. SQL injection vulnerability
4. Web site defacement vulnerability

Q220 - Which of the following defines the role of a root Certificate Authority (CA) in a Public Key Infrastructure (PKI)?

1. The root CA is the recovery agent used to encrypt data when a user's certificate is lost.
2. The root CA stores the user's hash value for safekeeping.
3. The CA is the trusted root that issues certificates.
4. The root CA is used to encrypt email messages to prevent unintended disclosure of data.

Q221 - Which service in a PKI will vouch for the identity of an individual or company?

1. KDC
2. CA
3. CR
4. CBC

Q222 - It is a vulnerability in GNU's bash shell, discovered in September of 2014, that gives attackers access to run remote commands on a vulnerable system. The malicious software can take control of an infected machine, launch denial-of-service attacks to disrupt websites, and scan for other vulnerable devices (including routers). Which of the following vulnerabilities is being described?

1. Shellshock
2. Rootshock
3. Rootshell
4. Shellbash

Q223 - What is the term coined for logging, recording and resolving events in a company?

1. Internal Procedure
2. Security Policy
3. Incident Management Process
4. Metrics

Q224 - Windows file servers commonly hold sensitive files, databases, passwords and more. Which of the following choices would be a common vulnerability that usually exposes them?

1. Cross-site scripting
2. SQL injection
3. Missing patches
4. CRLF injection

Q225 - Study the following log extract and identify the attack.

1. Hexcode Attack
2. Cross Site Scripting
3. Multiple Domain Traversal Attack
4. Unicode Directory Traversal Attack

Q226 - Password cracking programs reverse the hashing process to recover passwords. (True/False.)

1. True
2. False

Q227 - What does a firewall check to prevent particular ports and applications from getting packets into an organization?

1. Transport layer port numbers and application layer headers
2. Presentation layer headers and the session layer port numbers
3. Network layer headers and the session layer port numbers
4. Application layer port numbers and the transport layer headers

Q228 - While reviewing the result of scanning run against a target network you come across the following:

Which among the following can be used to get this output?

1. A Bo2k system query.
2. nmap protocol scan
3. A sniffer
4. An SNMP walk

Q229 - _________ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes.

1. Trojan
2. RootKit
3. DoS tool
4. Scanner
5. Backdoor

Q230 - Which of the following is a client-server tool utilized to evade firewall inspection?

1. tcp-over-dns
2. kismet
3. nikto
4. hping

Q231 - Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products?

1. Microsoft Security Baseline Analyzer
2. Retina
3. Core Impact
4. Microsoft Baseline Security Analyzer

Q232 - Which set of access control solutions implements two-factor authentication?

1. USB token and PIN
2. Fingerprint scanner and retina scanner
3. Password and PIN
4. Account and password

Q233 - An attacker is using nmap to do a ping sweep and a port scanning in a subnet of 254 addresses. In which order should he perform these steps?

1. The sequence does not matter. Both steps have to be performed against all hosts.
2. First the port scan to identify interesting services and then the ping sweep to find hosts responding to icmp echo requests.
3. First the ping sweep to identify live hosts and then the port scan on the live hosts. This way he saves time.
4. The port scan alone is adequate. This way he saves time.

Q234 - Which type of intrusion detection system can monitor and alert on attacks, but cannot stop them?

1. Detective
2. Passive
3. Intuitive
4. Reactive

Q235 - In the field of cryptanalysis, what is meant by a "rubber-hose" attack?

1. Attempting to decrypt cipher text by making logical assumptions about the contents of the original plain text.
2. Extraction of cryptographic secrets through coercion or torture.
3. Forcing the targeted key stream through a hardware-accelerated device such as an ASIC.
4. A backdoor placed into a cryptographic algorithm by its creator.

Q236 - An attacker has been successfully modifying the purchase price of items purchased on the company's web site. The security administrators verify the web server and Oracle database have not been compromised directly. They have also verified the Intrusion Detection System (IDS) logs and found no attacks that could have caused this. What is the mostly likely way the attacker has been able to modify the purchase price?

1. By using SQL injection
2. By changing hidden form values
3. By using cross site scripting
4. By utilizing a buffer overflow attack

Q237 - Which of the following is an extremely common IDS evasion technique in the web world?

1. unicode characters
2. spyware
3. port knocking
4. subnetting

Q238 - The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the central processing unit (CPU), rather than passing only the frames that the controller is intended to receive. Which of the following is being described?

1. promiscuous mode
2. port forwarding
3. multi-cast mode
4. WEM

Q239 - Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet access, and block the access to workstations. Bob also concluded that DMZ makes sense just when a stateful firewall is available, which is not the case of TPNQM SA. In this context, what can you say?

1. A. Bob can be right since DMZ does not make sense when combined with stateless firewalls
2. Bob is partially right. He does not need to separate networks if he can create rules by destination IPs, one by one
3. Bob is totally wrong. DMZ is always relevant when the company has internet servers and workstations
4. Bob is partially right. DMZ does not make sense when a stateless firewall is available

Q240 - Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

1. Overloading Port Address Translation
2. Dynamic Port Address Translation
3. Dynamic Network Address Translation
4. Static Network Address Translation