Question 1

Which of the following is a component of a risk assessment?

Options :

A : Administrative safeguards

B : Physical security

C : DMZ

D : Logical interface

Answer: A

Question 2

What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

Options :

A : All are hacking tools developed by the legion of doom

B : All are tools that can be used not only by hackers, but also security personnel

C : All are DDOS tools

D : All are tools that are only effective against Windows

E : All are tools that are only effective against Linux

Answer: C

Question 3

Which of the following statements is TRUE?

Options :

A : Packet Sniffers operate on the Layer 1 of the OSI model.

B : Packet Sniffers operate on Layer 2 of the OSI model.

C : Packet Sniffers operate on both Layer 2 & Layer 3 of the OSI model.

D : Packet Sniffers operate on Layer 3 of the OSI model.

Answer: B

Question 4

Shiela is an information security analyst working at HiTech Security Solutions. She is performing service version discovery using Nmap to obtain information about the running services and their versions on a target system. Which of the following Nmap options must she use to perform service version discovery on the target host?

Options :

A : -SN

B : -SX

C : -sV

D : -SF

Answer: C

Question 5

Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing?

Options :

A : Install DNS logger and track vulnerable packets

B : Disable DNS timeouts

C : Install DNS Anti-spoofing

D : Disable DNS Zone Transfer

Answer: C