Q1. Which of the following terms refers to the access of a wireless Internet connection by bringing one's own computer within the range of another's wireless connection, and using that service without the subscriber's explicit permission or knowledge?
A. Samhain
B. Snooping
C. Piggybacking
D. Vampire tap
Answer: C
Q2. Mark works as a Network Administrator for BlueWell Inc. The company has a Windows-based network. Mark has retained his services to perform a security assessment of the company's network that has various servers exposed to the Internet. So, it may be vulnerable to an attack. Mark is using a single perimeter ?rewall, but he does not know if that is enough. He wants to review the situation and make some reliable recommendations so that he can protect the data over company's network. Which of the following will Mark use to inspect network information on the basis of source and destination address?
A. Stateless packet inspection
B. Tricky packet inspection
C. Stateful packet inspection
D. Reaction based packet inspection
Answer: A
Q3. You work as an Exchange Administrator for TechWorld Inc. The company has a Windows 2008 Active Directory-based network. The network contains an Exchange Server 2010 organization. You are in the process of choosing an authentication method for Exchange ActiveSync. You need an authentication method that requires both, a password and an external device. Which of the following authentication methods will you choose for Exchange ActiveSync?
A. Device-based authentication
B. Basic authentication
C. Certificate-based authentication
D. Token-based authentication
Answer: D
Q4. Which of the following is a Windows configuration option that enables administrators to restrict
communication among domain members only?
A. Demilitarized zone
B. Server isolation
C. Domain isolation
D. Domain kiting
Answer: C
Q5. Which of the following is method that can be used to identify Internet software in Software Restriction Policies?
A. Restriction rule
B. Identification rule
C. Internet rule
D. Zone rule
Answer: D
Q6. Which of the following is a set of rules that control the working environment of user accounts and computer accounts?
A. Mandatory Access Control
B. Access control list
C. Group Policy
D. Intrusion detection system
Answer: C
Q7. Which of the following is a attack type that is used to poison a network or computer to the point where the system is turned into unusable state?
A. Mail bombing
B. Pharming
C. Protocol spoofing
D. Denial of service (DOS)
Answer: D
Q8. Which of the following is the edge between the private and locally managed-and-owned side of a network and the public side that is commonly managed by a service provider?
A. Internet
B. Network perimeter
C. Intranet
D. VLAN
Answer: B
Q9. Mark work as a System Administrator for TechMart Inc. The company has a Windows-based network. Mark wants to allow the remote travel agents to be able to access the corporate network so that they are free to check email and post appointments that are booked for the particular day.
Mark has decided to permit the travel agents to use their home computers but he is required to be assured that the information is not compromised by anyone because the security of client information is on the top priority for him. Mark is concerned about probable attackers will be able to penetrate the VPN. Which of the following will Mark use to attract the attackers for understanding their methods?
A. CIA Triangle
B. Attack surface
C. Honeypot
D. Social engineering
Answer: C
Q10. Which of the following are the main features of a key logger? Each correct answer represents a complete solution. Choose all that apply.
A. It can be delivered via FTP or e-mail.
B. It can record all keystrokes.
C. It can capture all screenshots.
D. It can detect viruses on the computer.
Answer: ABC