You work as the Security Administrator for Prodotxiss Inc. You want to ensure the security of your Wi- Fi enterprise network against the wireless snooping attacks. Which of the following measures will you take over the site network devices of the network?
Which of the following types of firewall functions by creating two different communications, one between the client and the firewall, and the other between the firewall and the end server?
Which of the following modes is also referred to as client mode?
You are a professional Computer Hacking forensic investigator. You have been called to collect the evidences of Buffer Overflows or Cookie snooping attack. Which of the following logs will you review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of He wants to send malicious data packets in such a manner that one packet fragment overlaps data from a previous fragment so that he can perform IDS evasion on the We-are-secure server and execute malicious data. Which of the following tools can he use to accomplish the task?
An organization has more than a couple of external business, and exchanges dynamic routing information with the external business partners. The organization wants to terminate all routing from a partner at an edge router, preferably receiving only summary routes from the partner. Which of the following will be used to change all partner addresses on traffic into a range of locally assigned addresses?
Which of the following IPv6 transition technologies is used by the DirectAccess if a user is in a remote location and a public IPv4 address, instead of public IPv6 address, has been assigned to the computer?
Sam works as a Security Manager for Gentech Inc. The company has a Windows-based network. Sam wants to prevent specific traffic from IDP processing in order to reduce false positives. Which of the following rulebases will he use to accomplish the task?
Distributed Checksum Clearinghouse (DCC) is a hash sharing method of spam email detection.
Which of the following protocols does the DCC use?
You work as a Security Administrator for Tech Perfect Inc. The company has a switched network. You have configured tcpdump in the network which can only see traffic addressed to itself and broadcast traffic. What will you do when you are required to see all traffic of the network?
Adam, a malicious hacker purposely sends fragmented ICMP packets to a remote target. The total size of this ICMP packet once reconstructed is over 65,536 bytes.
On the basis of above information, which of the following types of attack is Adam attempting to perform?
Which of the following actions can be taken as the countermeasures against the ARP spoofing attack?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following programs can be used to detect stealth port scans performed by a malicious hacker?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following IPv6 address types is a single address that can be assigned to multiple interfaces?
You work as a Network Administrator for SmartCert Inc. The company's network contains five Windows 2003 servers and ninety Windows XP Professional client computers. You want to view all the incoming requests to an Internet Information Services (IIS) server and allow only requests that comply with a rule set, created by you, to be processed. You also want to detect the intrusion attempts by recognizing the strange characters in a URL on a Web server. What will you do to accomplish the task?
You work as a Desktop Support Technician for umbrella Inc. The company uses a Windows-based network. An employee from the sales department is facing problem in the IP configuration of the network connection. He called you to resolve the issue. You suspect that the IP configuration is not configured properly. You want to use the ping command to ensure that IPv4 protocol is working on a computer. While running the ping command from the command prompt, you find that Windows Firewall is blocking the ping command. What is the cause of the issue?
David works as the Security Manager for PassGuide Inc. He has been assigned a project to detect the attacks over multiple connections and sessions and to count the number of scanned ports in a defined time period. Which of the following rulebases will he use to accomplish the task?
You work as a Network Administrator for NetTech Inc. Your manager needs to access a particular server on the network from outside the company network. You have a registered IP address assigned to a router on the company network. Which of the following will be useful for accessing the server from outside the network?
A scenario involves a pool of users with private IP addresses who need to access the Internet; however, the company has a limited number of IP addresses and needs to ensure users occupy only one public IP address.
Which technology is used to allow a pool of users to share one global IP address for Internet access?
An organization has more than a couple of external business, and exchanges dynamic routing information with the external business partners. The organization wants to terminate all routing from a partner at an edge router, preferably receiving only summary routes from the partner. Which of the following will be used to change all partner addresses on traffic into a range of locally assigned addresses?
When no anomaly is present in an Intrusion Detection, but an alarm is generated, the response is known as __________.
Which of the following tools uses PDA and barcode technologies in order to enable effective identification, control, and reporting of items in a site?
Which of the following fields is NOT included in packet fragmentation?
Which of the following is a version of netcat with integrated transport encryption capabilities?
Which of the following techniques correlates information found on multiple hard drives?
You work as a Network Adminstrator at PassGuide Inc. You want to implement a solution that will automatically disallow connections if an attack is suspected. Which of the following technologies will you choose to accomplish the task?
Fill in the blank with the appropriate tool name.
__________ consists of flexible system architecture that provides a proper way for conducting industrial audits when it is required to identify unique positions of items.
You work as a Network Administrator for Tech Perfect Inc. The company has a wireless LAN infrastructure. The management wants to prevent unauthorized network access to local area networks and other information assets by the wireless devices. What will you do?
Which of the following is used for debugging the network setup itself by determining whether all necessary routing is occurring properly, allowing the user to further isolate the source of a problem?
Which of the following intrusion detection systems (IDS) monitors network traffic and compares it against an established baseline?
An IDS is a group of processes working together in a network. These processes work on different computers and devices across the network. Which of the following processes does an IDS perform?
Each correct answer represents a complete solution. Choose all that apply.
You work as a Network Administrator for BlueTech Inc. You want to configure Snort as an IDS for your company's wireless network, but you are concerned that Snort does not support all types of traffic. What traffic does Snort support?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following is a maintenance protocol that permits routers and host computers to swap basic control information when data is sent from one computer to another?
Which of the following tools allows an attacker to intentionally craft the packets to gain unauthorized access?
Each correct answer represents a complete solution. Choose two.
Which of the following forms on NAT maps multiple unregistered IP addresses to a single registered IP address by using different ports?
A scenario involves a pool of users with private IP addresses who need to access the Internet; however, the company has a limited number of IP addresses and needs to ensure users occupy only one public IP address.
Which technology is used to allow a pool of users to share one global IP address for Internet access?
You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based routed network. Two routers have been configured on the network. A router receives a packet. Which of the following actions will the router take to route the incoming packet?
Each correct answer represents a part of the solution. Choose two.
An organization has more than a couple of external business, and exchanges dynamic routing information with the external business partners. The organization wants to terminate all routing from a partner at an edge router, preferably receiving only summary routes from the partner. Which of the following will be used to change all partner addresses on traffic into a range of locally assigned addresses?
Which of the following limits the number of packets seen by tcpdump?
You work as a Network Administrator for Net Perfect Inc. The company has a Windows Server 2008- based network. You have created a test domain for testing IPv6 addressing. Which of the following types of addresses are supported by IPv6?
Each correct answer represents a complete solution. Choose all that apply.
You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. A Cisco switch is configured on the network. You change the original host name of the switch through the hostname command. The prompt displays the changed host name. After some time, power of the switch went off due to some reason. When power restored, you find that the prompt is displaying the old host name. What is the most likely cause?
You are implementing a host based intrusion detection system on your web server. You feel that the best way to monitor the web server is to find your baseline of activity (connections, traffic, etc.) and to monitor for conditions above that baseline. This type of IDS is called __________.
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of In order to do so, he performs the following steps of the preattack phase successfully:
l Information gathering
l Determination of network range
l Identification of active systems
l Location of open ports and applications
Now, which of the following tasks should he perform next?
Which of the following tools performs comprehensive tests against web servers for multiple items, including over 6100 potentially dangerous files/CGIs?
Which of the following can be monitored by using the host intrusion detection system (HIDS)?
Each correct answer represents a complete solution. Choose two.
Adam works as a Security administrator for Umbrella Inc. He runs the following traceroute and notices that hops 19 and 20 both show the same IP address.
1 172.16.1.254 (172.16.1.254) 0.724 ms 3.285 ms 0.613 ms 2 ip68-98-176-
1.nv.nv.cox.net (68.98.176.1) 12.169 ms 14.958 ms 13.416 ms 3 ip68-98-176-
1.nv.nv.cox.net (68.98.176.1) 13.948 ms ip68-100-0-1.nv.nv. cox.net (68.100.0.1)
16.743 ms 16.207 ms 4 ip68-100-0-137.nv.nv.cox.net (68.100.0.137) 17.324 ms 13.933
ms 20.938 ms 5 68.1.1.4 (68.1.1.4) 12.439 ms 220.166 ms 204.170 ms
6 so-6-0-0.gar2.wdc1.Level3.net (67.29.170.1) 16.177 ms 25.943 ms 14.104 ms 7
unknown.Level3.net (209.247.9.173) 14.227 ms 17.553 ms 15.415 ms "PassGuide" -
8 so-0-1-0.bbr1.NewYork1.level3.net (64.159.1.41) 17.063 ms 20.960 ms 19.512 ms 9
so-7-0-0.gar1. NewYork1.Level3.net (64.159.1.182) 20.334 ms 19.440 ms 17.938 ms
10 so-4-0-0.edge1.NewYork1.Level3.
net (209.244.17.74) 27.526 ms 18.317 ms 21.202 ms 11 uunet-level3-
oc48.NewYork1.Level3.net
(209.244.160.12) 21.411 ms 19.133 ms 18.830 ms 12 0.so-6-0-0.XL1.NYC4.ALTER.NET
(152.63.21.78)
21.203 ms 22.670 ms 20.111 ms 13 0.so-2-0-0.TL1.NYC8.ALTER.NET (152.63.0.153)
30.929 ms 24.858 ms
23.108 ms 14 0.so-4-1-0.TL1.ATL5.ALTER.NET (152.63.10.129) 37.894 ms 33.244 ms
33.910 ms 15 0.so-7-0-0.XL1.MIA4.ALTER.NET (152.63.86.189) 51.165 ms 49.935 ms
49.466 ms 16 0.so-3-0-0.XR1.MIA4.ALTER.
NET (152.63.101.41) 50.937 ms 49.005 ms 51.055 ms 17 117.ATM6-
0.GW5.MIA1.ALTER.NET (152.63.82.73) 51.897 ms 50.280 ms 53.647 ms 18 PassGuidegw1.
customer.alter.net (65.195.239.14) 51.921 ms 51.571 ms 56.855 ms 19
(65.195.239.22) 52.191 ms 52.571 ms 56.855 ms 20
(65.195.239.22) 53.561 ms 54.121 ms 58.333 ms
Which of the following is the most like cause of this issue?
Which of the following terms is used to represent IPv6 addresses?
Which of the following components are usually found in an Intrusion detection system (IDS)?
Each correct answer represents a complete solution. Choose two.
John works as the Security Manager for PassGuide Inc. He wants to create the Profiler database that stores information about the network activity at Layer 3, Layer 4, and Layer 7. Which of the following will he use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following commands configures a router to encrypt all passwords entered after the command has been executed, as well as all passwords already on the running configuration?
What is the easiest way to verify that name resolution is functioning properly on a TCP/IP network?
Which of the following proxy servers is also referred to as transparent proxies or forced proxies?
Sam works as a Network Administrator for Gentech Inc. He has been assigned a project to develop the rules that define the IDP policy in the rulebase. Which of the following will he define as the components of the IDP policy rule?
Each correct answer represents a complete solution. Choose all that apply.
You work as a Network Administrator for Tech Perfect Inc. The office network is configured as an IPv6 network. You have to configure a computer with the IPv6 address, which is equivalent to an IPv4 publicly routable address. Which of the following types of addresses will you choose?
When client data is encapsulated into an LWAPP header, the wireless LAN controller improves the coverage areas. Which information does the wireless LAN controller check?
Each correct answer represents a part of the solution. Choose two.
Which of the following ICMPv6 neighbor discovery messages is sent by hosts to request an immediate router advertisement, instead of waiting for the next scheduled advertisement?
A company named Tech Perfect Inc. has a TCP/IP based network. An IPS sensor is deployed in the network and configured to operate in promiscuous mode. IP blocking functionality works there in order to stop traffic from an attacking host and it helps in analyzing what happens in the network.
The management wants to initiate a persistent connection with the managed devices until the block is removed. Which of the following will you configure in the network to accomplish the task?
On which of the following interfaces of the router is the clock rate command used?