Which of the following applications work as mass-emailing worms?
Each correct answer represents a complete solution. Choose two.
You work as a Security manager for Caterxiss Inc. The headquarters of your company is connected to the branch office in another state and a service partner in the same state. The network of the company is being attacked from the connected networks. You decide to analyze and then prevent the corporate headquarters network from these attacks using a Snort IDS.
What is the most appropriate spot on the network where you should set up an Intrusion detection system (IDS)?
You work as a Network Administrator for Infosec Inc. Nowadays, you are facing an unauthorized access in your Wi-Fi network. Therefore, you analyze a log that has been recorded by your favorite sniffer, Ethereal. You are able to discover the cause of the unauthorized access after noticing the following string in the log file:
(Wlan.fc.type_subtype eq 32 and llc.oui eq 0x00601d and llc.pid eq 0x0001)
When you find All your 802.11b are belong to us as the payload string, you are convinced about which tool is being used for the unauthorized access. Which of the following tools have you ascertained?
Holly is the project manager of the GHQ Project for her organization. The project is using the AAA IT Integrators Corporation as a vendor to do a portion of the project work. Mitch Smith, the IT Directors for the AAA IT Integrators Corporation, reports that his team has completed the project work. Holly and her team review the deliverables and she confirms that Mitch's team has indeed completed the work according to the statement of work. What document should Holly refer to now to determine the next course of action with the AAA IT Integrators Corporation?
Which of the following tools can be used to read NetStumbler's collected data files and present street maps showing the logged WAPs as icons, whose color and shape indicates WEP mode and signal strength?
A project team member has just identified a new project risk. The risk event is determined to have significant impact but a low probability in the project. Should the risk event happen it'll cause the project to be delayed by three weeks, which will cause new risk in the project. What should the project manager do with the risk event?
The 3-way handshake method is used by the TCP protocol to establish a connection between a client and the server. It involves three steps:
1. In the first step, a SYN message is sent from a client to the server.
2. In the second step, a SYN/ACK message is sent from the server to the client.
3. In the third step, an ACK (usually called SYN-ACK-ACK) message is sent from the client to the server. At this point, both the client and the server have received acknowledgements of the TCP connection. If the Initial Sequence Numbers of the client and server were 241713111 and 241824111 respectively at the time when the client was sending the SYN message in the first step of the TCP 3-way handshake method, what will be the value of the acknowledgement number field of the server's packet when the server was sending the SYN/ACK message to the client in the second step of the TCP 3-way handshake method?
These are false reports about non-existent viruses. In these reports, the writer often claims to do impossible things. Due to these false reports, the network administrator shuts down his network, which in turn affects the work of the company. These reports falsely claim to describe an extremely dangerous virus, and declare that the report is issued by a reputed company. These reports are known as __________.
Which of the following recovery plans includes specific strategies and actions to deal with specific variances to assumptions resulting in a particular security problem, emergency, or state of affairs?
Which of the following types of firewall ensures that the packets are part of the established session?
You are responsible for securing the network at a law firm. You are concerned about printer security.
What steps should you take to prevent printer security breaches?
Each correct answer represents a complete solution. Choose two.
Mark works as a Network Administrator for We-are-secure Inc. He finds that the We-are-secure server has been infected with a virus. He presents to the company a report that describes the symptoms of the virus. A summary of the report is given below:
This virus has a dual payload, as the first payload of the virus changes the first megabyte of the hard drive to zero. Due to this, the contents of the partition tables are deleted and the computer hangs.
The second payload replaces the code of the flash BIOS with garbage values. This virus spreads under the Portable Executable File Format under Windows 95, Windows 98, and Windows ME.
Which of the following viruses has the symptoms as the one described above?
PassGuide Research and Training Center is developing its new network model. Which of the following protocols should be implemented in the new network? (Click the Exhibit button on the toolbar to see the case study.) Each correct answer represents a complete solution. Choose two.
You work as a Network Administrator for Net Perfect Inc. The company has a TCP/IP-based network environment. The network contains a Cisco Catalyst router to connect the internal network to the Internet. You want to secure your network from various attacks such as virus, spam, spyware, phishing, etc. You want to secure the whole network through a separate hardware device. Which of the following will you use?
Which of the following terms describes the statement given below?
"It provides the testers with complete knowledge of the infrastructure to be tested, often including network diagrams, source code, and IP addressing information."
