Documente Academic
Documente Profesional
Documente Cultură
A.
B.
C.
D.
3.
A.
B.
C.
D.
4.
A.
B.
C.
D.
5.
A.
B.
C.
D.
6.
A.
B.
C.
D.
Robert is studying for his ENSA exam that he will be taking in a couple of weeks. He has
extensive knowledge of each module necessary to pass the test except the areas on
hardening routers. He is particularly lacking in knowledge on the protocols used by
routers and how secure and/or insecure those protocols are. What networking protocol
language used by routers should Robert focus on since it is very insecure?
A. To be able to pass his ENSA exam completely, Robert needs to study the SLIP protocol.
B. Although routers utilize different protocols, Robert need only study the ATM protocol
since that is the only one actually used by routers even though it is insecure.
C. Robert needs to study the RIP protocol since it is utilized by routers and is insecure.
7.
D. The ARP protocol, used by routers, is what Robert needs to focus on in studying for his
upcoming exam.
8.
A.
B.
C.
D.
9.
A.
B.
C.
D.
10.
A.
B.
C.
D.
11.
downturn in the economy. Because of this, the company is trying to cut costs wherever
possible. One of these areas in particular for Ron is network cabling. Before the cuts, Ron
would hire a cabling contractor to do any work but now he must do the work himself.
The companys management team re-organizes a number of departments by moving
them around the office. This forces Ron to run more Cat6 cable from the server room to
the new spaces where employees have been moved. He measures these new cable runs
and they end up being between 350 to 400 feet long. The network consists of three
Windows servers, fifty workstations running Windows XP, and a number of networked
printers.
To save more money, Ron is using Cat5 ends since he already had a number of them in
stock. Ron connects the new cable runs to 100 Mbps ports on two different switches.
After connecting the employees computers to these new cable runs, the users complain
their network connections appear to be dropping and/or not working at all. Why are
these users experiencing problems?
A. These particular users are having problems because Cat6 is not mean to be run for more
than 10 feet.
B. They are having issues because their Ethernet cable runs are too long.
C. They are experiencing problems because Ron used Cat5 ends with Cat6 cable.
D. The users are seeing issues because their network cables are plugged into different
switches.
12.
A.
B.
C.
D.
13.
A.
B.
C.
D.
Neville is the network administrator for his company. He is in the middle of a huge
security restructuring project which entails a security overhaul of the entire companys
network. After weeks of work, he is now moving the companys email transport server
into a new logical DMZ he has created.
This DMZ has a firewall that separates it from the internal network. He has setup the
server in the DMZ to only talk to the main email server in the internal network over
SMTP. What port must Neville open on the firewall to allow this traffic to pass?
Neville should open port 21 to allow the traffic through.
Neville must open port 443.
He needs to open port 25.
To allow the SMTP traffic to pass through, he needs to open port 53.
Coleman works as a network administrator for his company which is based out of
Atlanta. He has recently installed a number of network devices in different remote offices
and now needs to configure a way to access them remotely over secure channels.
He decides to use an SSH program to make the connections. He tries to connect to the
network devices but he cannot. What port does he need to open on the company firewalls
to allow him remote access over SSH?
Coleman needs to open port 22 on the firewalls.
He needs to open port 21.
Coleman should open port 443.
To allow SSH though the firewalls, he should open port 53.
14.
A.
B.
C.
D.
15.
A.
B.
C.
D.
16.
A.
B.
C.
D.
17.
Frank is an IT administrator for Lehman associates, a large law firm based out of Los
Angeles. He is worried about the security of his companys network so he decides to
install programs such as Wireshark at all ingresses of the network. He looks through the
logs one day at the Wireshark logs recorded from the companys T1 interface and notices
a number of packets originating from an odd source. He sees traffic coming from a
source being recorded as 1080:0:FF:0:8:800:200C:4171 and uses port 21 traffic. What
does this source address signify?
This address means that the source is using an IPv6 address and is spoofed and signifies
an IPv4 address of 127.0.0.1.
This source address signifies that the originator is using 802dot1x to try and penetrate
into Franks network.
This means that the source is using IPv8.
This source address is IPv6 and translates as 13.1.68.3.
Javier is a network administrator working for a small oil and gas company based out of
Tulsa Oklahoma. Javier is the only IT employee working for the company since they are
not very big yet. Javier is currently working on patching all computers in the network
which consist of 30 Windows XP workstations.
Javier needs to install some specific patches during work hours because they are minor
ones but he does not want any of the users to see the installation process. What
command switch should Javier use to make the patches install in the background
without any user interaction?
Javier needs to use the /q command switch to make the patches run silently.
To make the patches run silently, he needs to run them with the /y command switch.
Javier should run the patches with the /z switch.
He needs to use the /n switch.
Bill is an IT intern working part time at a state agency in Nebraska while he attends
college. Bill is in his Junior year of college taking classes for his major in Information
Systems and Operations Management. Bill is currently taking a Network Theory class
where the fundamentals of networking are taught.
Bills professor is teaching the class about IEEE 802 and the standards it covers. Bills
teacher asks him what layer(s) of the OSI model IEEE 802 can be mapped to; what
should Bill give as the answer?
He should answer with that IEEE 802 is mapped to the Physical and Application layers.
Bill should answer that IEEE 802 is mapped to the Application and Network layers.
He should tell the professor that IEEE 802 is mapped to the Presentation and Session
layers of the OSI model.
He should say that IEEE 802 is mapped to the Data Link and Physical layers of the OSI
model.
Joshua is a network administrator working for the city of Denver. He is responsible for
the entire networks health and over 20 IT employees. Joshua has recently been charged
with connecting the citys Metropolitan Area Network (MAN) with the individual Local
A. You can block all incoming and outgoing traffic on TCP port 12005.
B. To prevent the WALEDAC virus from searching local computers, you should disable all
local file indexing.
C. On all computers running Windows, you should enable Data Execution Prevention for
all files with a .wla extension.
D. You should prevent searches on all local RAM disks for computers.
19.
20.
A.
B.
C.
D.
21.
A.
B.
C.
D.
Michael is the network administrator for his company. The company he works for has
50 workstations and 15 servers. He and another IT employee implemented a Voice
over IP solution six months ago and they have not had any problems with the system
since its inception. One Monday morning, the companys firewall completely crashes
so the manufacturer sends out a new replacement that same day.
After some minor configuration of the firewall, Michael is able to get the new firewall
in place and working. After a day or two, he starts receiving complaints from users that
incoming and outgoing phone calls on the VoIP phones are choppy and sometimes the
calls completely drop. He uses a TCP/IP traffic sniffer and notices that the firewall is
dropping or losing voice packets. What can Michael do on the firewall to help prevent
packet loss such as this?
He should increase the buffer size on the firewall to help prevent packet loss.
To prevent packet loss of voice traffic, Michael should allow all incoming and outgoing
DNS traffic.
UDP traffic on the firewall should be denied to ensure all VoIP packets arrive without
packet loss.
Michael needs to decrease the buffer size on the firewall.
Wayne, the facilities manager for CMF plastics, is creating the disaster recovery plans
for his company. CMF makes plastic containers which involves the use of many
different chemicals and compounds to produce. Two of the most hazardous materials
used in the production are potassium and magnesium. In the disaster recovery plan
that Wayne is producing, which class of fire should he accounted for in an incident?
He needs to prepare for a class 2 fire incident.
Since the company deals with hazardous materials, Wayne must prepare for a class E
fire.
Wayne needs to account for a possible class 1 fire.
He should account for a class D fire.
22.
A.
B.
C.
D.
23.
A.
B.
C.
D.
He also sees confusing offset values in the second and later fragments that appear to be
confusing the network devices when they try to break up the large packets. His primary
firewall appears to be pegging at 100% of its resources as well as a number of other
network devices inside that office. Xavier ends all active sessions on the outside of the
firewall and everything appears to go back to normal. What can Xavier do to prevent
his networks resources from being overwhelmed like that again?
Xavier can enable high availability on his firewall to have a backup firewall pickup if its
resources go beyond a certain level.
He could place a bastion host in his DMZ to capture all large UDP packet traffic.
Xavier should turn off all RIP traffic on his firewall and internal network devices.
He would be able to stop this from happening again if he enabled OSPF on his firewall.
Fred is a network technician working for Johnson Services, a temporary employment
agency in Boston. Johnson Services has three remote offices in New England and the
headquarters in Boston where Fred works. The company relies on a number of
customized applications to perform daily tasks and unfortunately these applications
require the users to be local administrators.
Because of this, Freds supervisor wants to implement tighter security measures in
other areas to compensate for the inherent risks in making those users local admins.
Freds boss wants a solution that will be placed on all computers throughout the
company and monitored by Fred. This solution will gather information on all network
traffic to and from the local computers without actually affecting the traffic. What type
of solution does Freds boss want to implement?
He wants to implement a HIPS solution.
Freds boss wants to implement a HIDS solution.
He wants Fred to monitor a NIPS system.
This would be a NIDS implementation.
24.
A.
B.
C.
D.
25.
Thomas is a network technician who works on small company networks in his spare
time for extra money. On weekends, Thomas is currently working for a small medical
billing company setting up their network from scratch. He has built 10 workstations
and a server for them to use. Now he suggests the company implement some security
to protect their data.
The companys owner decides they do not have enough money to purchase a hardware
firewall. Thomas comes up with a less expensive solution of using a workstation with
two network cards. One network card is connected directly to the Internet and the
other to the internal network. All traffic is filtered through the computer for security.
What type of security measure is Thomas implementing as a less expensive solution to
a firewall?
As a less expensive solution, Thomas is using a NAT router to filter Internet traffic.
For security, Thomas is using a proxy DNS server.
He is utilizing a bastion router for security.
Thomas is using a dual homed host to screen Internet traffic.
Kyle is an IT technician working for Paulson Brothers, a large architectural firm in
Kansas City. The companys office has around 25 workstations and 4 servers. The
servers run applications but mostly store very important and confidential data. For this
reason, Kyle must backup the servers data daily to ensure nothing is ever lost.
Also, the power in the companys office is not always reliable so Kyle needs to make
sure the servers do not go down or are without power for too long of a period. Kyle
decides to purchase an Uninterruptible Power Supply (UPS) that has a pair of inverters
and converters that charge the battery and gives power when needed. What type of
UPS has Kyle purchased?
A. To ensure the servers are not without power for too long, Kyle has purchased a LineInteractive UPS.
B. This would be considered a Ferroresonant Standby UPS.
C. He has decided to buy a Standby UPS.
D. This type of UPS is referred to as a True Online UPS.
Stephanie is a network administrator that works for Nelson and Associates, an
investment firm in Miami. She has received reports from one of her users that is seeing
very slow network response time. She checks the port settings, signal strength for the
network cable, and makes sure the cable does not have any breaks or shorts in it from
the computer to the switch. She still cannot find anything wrong with the computer.
The computer is a Windows 2003 member server. Stephanie decides to install
Microsofts Network Monitor to see if that will show what the issue is. Where can
Stephanie find the Network Monitor program to install it?
A. Stephanie should go to Start, Run, and type in msconfig.
B. Stephanie cannot use Network monitor on this computer since it is a server.
C. Stephanie can go to Control Panel, Add/Remove Programs, Add/Remove Windows
Components, Management and Monitoring Tools.
26.
27.
A.
B.
C.
D.
28.
A.
B.
C.
D.
29.
Sarah is an IT security consultant currently working under contract for a large state
agency in New York. She has been given permission to perform any tests necessary
against the agencys network. The agencys network has come under many DoS attacks
in recent months, so the agencys IT team has tried to take precautions to prevent any
future DoS attacks.
To test this, Sarah attempts to gain unauthorized access or even overload one of the
agencys Cisco routers that are at IP address 192.168.254.97. She first creates a telnet
session over port 23 to the router. She uses a random username and tries to input a
very large password to see if that freezes up the router. This seems to have no affect on
the router yet. What other command could Sarah use to attempt to freeze up the
router?
The command: finger -l 9999 192.168.254.97 -m would force the router to freeze.
Ping -l 254 192.168.254.97 would make the router freeze.
If Sarah used the command: ping -r 999 192.168.254.97 -t, she could freeze up the
router and then attempt to gain access.
She could use the command: ping -l 56550 192.168.254.97 -t.
Malone is finishing up his incident handling plan for IT before giving it to his boss for
review. He is outlining the incident response methodology and the steps that are
involved. Which step should Malone list as the last step in the incident response
methodology?
Recovery would be the correct choice for the last step in the incident response
methodology.
Malone should list a follow-up as the last step in the methodology.
He should assign eradication to the last step.
Containment should be listed on Malones plan for incident response.
Heather is a network administrator working at a local public college in her home town.
Heather makes sure that all campus computers can communicate with the internal
network and she troubleshoots any network issues as they arise. She has setup IPSec
tunnels between the main campus and a campus in Springfield. She has also setup an
IPSec tunnel between Springfield and Haworth where the college has another campus.
She has used OSPF on the firewalls so the traffic over the IPSec tunnels can pick the
best possible route. She is trying to connect to a server at Haworth from the main
campus but is not able to do so. She tests some connections and the main campus can
contact the Springfield campus and the Springfield campus can contact the Haworth
campus. Where on the firewalls can Heather look to see what is going on with the
traffic between the firewalls?
A. Heather can look in the routing tables on the firewall to see if OSPF is carrying the
traffic across the firewalls properly.
B. She needs to search through the IOS OSPF table to see how traffic is passing.
C. She should look in the ARP table of the firewall to see if traffic is passing through the
30.
A.
B.
C.
D.
31.
A.
B.
C.
D.
32.
Simon is the network administrator for Chesters Shipping, a large shipping company
based out of Atlanta. Simon had all his systems administrators implement hardware
and software firewalls last year to help ensure network security. On top of these, they
implemented IDS/IPS systems throughout the network to check for and stop any bad
traffic that may attempt to enter the network.
Although Simon and his administrators believed they were secure, a hacker group was
able to get into the network and modify files hosted on the companys websites. After
searching through firewall and server logs, no one could find how the attackers were
able to get in. He decides that the entire network needs to be monitored for critical and
essential file changes. This monitoring tool needs to alert administrators whenever a
critical file is changed in any way. What utility could Simon and his systems
administrators implement on the companys network to accomplish this?
SnortSam would be the best utility to implement since it keeps track of critical files as
well as files it is told to monitor.
Simon and his systems administrators need to use Loki to monitor specified files on
the companys network.
Simon could use Tripwire to notify administrators whenever a critical file is changed.
They can implement Strataguard on the network which monitors critical system and
registry files.
Alexis is a systems administrator working for a large bank in Oklahoma City. He is
currently working on how to update all 1000 of the banks computers with patches,
security updates, and firmware updates. The bank has around 600 windows computers
and 400 Red Hat computers which primarily serve as the bank teller consoles.
He has created a plan and deployed all the patches to the Windows computers and now
she is working on updating the Red Hat computers. What command should Alexis run
on the network to update the Red Hat computers, download the security package, force
the package installation, and update all currently installed packages?
To accomplish all these tasks, she will need to run the up2data -u command.
Alexis should run the up2date --d -f -u command.
She needs to run WSUS --d -f -u command.
Alexis needs to type in the sysupdate --d command.
James is a network administrator working at a student loan company in Minnesota.
This company processes over 20,000 student loans a year from colleges all over the
state. Most communication between the company, schools, and lenders is carried out
through email. Because of privacy laws that are in the process of being implemented,
James wants to get ahead of the game and become compliant before any sort of
auditing occurs.
A.
B.
C.
D.
33.
Much of the email communication used at his company contains sensitive information
such as social security numbers. For this reason, James wants to utilize email
encryption agency-wide. The only problem for James is that his department only has a
couple of servers, and they are utilized to their full capacity. Since a server-based PKI is
not an option for him, he is looking for a low/no cost solution to encrypt email. What
should James use?
James should utilize the free OTP software package.
James could use PGP as a free option for encrypting the companys email.
If James uses the free RSA email program he could encrypt all the email.
3DES would be the best free software solution to use for email encryption.
Timothy is the lead helpdesk technician working for his company, an interior design
firm in Florida. He has been working with the network administrator and IT directory
of his company to implement a Voice Over IP solution to replace the companys old
analog PBX system. Along with the VoIP system, the company brought digital PRI
phone line to replace the older analog lines.
Over a long weekend, Timothy and the other IT employees of his company change out
the old phone system with the new VoIP system. On Monday, they find that the fax
machines are not working. What type of device do they need to convert the analog
signals from the fax machine to digital to go out the new digital phone lines?
Frank is a network technician working for a medium-sized law firm in Memphis. Frank
and two other IT employees take care of all the technical needs for the firm. The firms
partners have asked that a secure wireless network be implemented in the office so
employees can move about freely without being tied to a network cable.
While Frank and his colleagues are familiar with wired Ethernet technologies, 802.3,
they are not familiar with how to setup wireless in a business environment. What IEEE
standard should Frank and the other IT employees follow to become familiar with
wireless?
A.
B.
C.
D.
35.
network.
She has decided on creating a honeypot environment inside the network that will
provide in-depth attack information such as keystrokes, information about the
attackers source computer, and method of attack. Even though this type of honeypot is
more complex and time consuming to set up, Meredith believes the information gained
will be worth the time. What type of honeypot has Meredith decided to setup?
A.
B.
C.
D.
36.
A. Timothy is using the Ikeprobe tool to obtain the IKE Aggressive Mode pre-shared keys
from the VPN servers.
B. He is using the Probescan isakmp tool.
C. He can make use of the Nmap isakmp tool to obtain the IKE Aggressive Mode preshared keys from VPN servers.
D. By making use of Ipsecscan tool, he can obtain the pre-shared keys from the VPN
servers.
37.
A.
B.
C.
D.
38.
Susan is a network technician who is going back to school to earn her Bachelors degree
in Information Technology. She is having to re-learn the fundamentals of networking
through textbooks; much of which she has already learned through work experience.
Her class is currently on the chapter studying the IEEE standards that cover
networking. They start with older standards such as Token ring which is covered under
802.5 standards and move onto Ethernet. What IEEE standard covers Ethernet
cabling?
This would be the 801.9 IEEE standard.
802.1 is the standard covering Ethernet.
802.3 is the IEEE standard that covers Ethernet.
The IEEE standard covering Ethernet is 802.6.
Lance is an IT consultant working on contract for Sherman Brothers, a shipping
company in San Francisco. Using a laptop, Lance scans the companys network with
Nmap and finds a number of interesting ports he might try to exploit. Lance can see
that a number of hosts appear to be listening on TCP port 1723. What service is
listening on these ports?
A. The Nmap scan results have shown Lance that TACACS is running on these hosts.
B. ISAKMP runs on TCP port 1723.
C. Hosts running IPSEC listen on TCP port 1723.
D. From this Nmap scan, Lance can see that PPTP is running on these hosts.
39.
A.
B.
C.
D.
40.
A.
B.
C.
D.
41.
Last week, 10 of your companys laptops were stolen from salesmen while at a conference
in Barcelona. These laptops contained proprietary company information. While doing
damage assessment, a news story leaks about the stolen laptops and also that sensitive
information from those computers was posted to a blog online. What built-in Windows
feature could you have implemented to protect the sensitive information on these
laptops?
A. You should have used 3DES which is built into Windows.
B. You should have utilized the built-in feature of Distributed File System (DFS) to protect
the sensitive information on the laptops.
C. You could have implemented Encrypted File System (EFS) to encrypt the sensitive files
on the laptops.
D. If you would have implemented Pretty Good Privacy (PGP) which is built into Windows,
the sensitive information on the laptops would not have leaked out.
42.
A. Frederick is attempting to send spoofed SYN packets to the target via a trusted third
party to port 81.
B. He is using HPING2 to send FIN packets to 10.0.1.24 over port 81.
C. By using this command for HPING2, Frederick is attempting to connect to the host at
10.0.1.24 through an SSH shell.
D. This HPING2 command that Frederick is using will attempt to connect to the 10.0.1.24
host over HTTP by tunneling through port 81.
43.
Blake is an IT contractor who has been hired on by an ISP to test all their network
equipments security. From an outside IP address, Blake performs a traceroute to find
where the company firewall is at.
Blake then uses a tool that changes the TTL value for packets to be one more than the
hop count of the firewall. This tool scans the firewall ports and whenever he gets the
message TTL exceeded error he knows that port on the firewall is open. What tool
Blake uses to accomplish this?
A. Hping2 changes the TTL value for packets to be one more than the hop count of the
firewall.
B. To accomplish these results, Blake must have utilized the tool Snarf.
C. Blake uses Firewalk tool to accomplish this.
D. Blake used Httrack to see which ports on the firewall were open.
44.
Karen is a network security consultant that owns her own company. She has been hired
by a state government agency in Nebraska to perform a security audit and make
recommendations. Karen performs her audit over a span of three weeks and finds a
number of areas the agency needs to improve in.
A.
B.
C.
D.
45.
There is no web filtering currently taking place in a specific area; agency employees can
browse to any website whether they are unsuitable for work or not. She decides to install
a proxy server for the company to help filter appropriate and inappropriate web content.
At what OSI layer will the proxy server work on?
It will filter traffic on the application layer.
The proxy server will function on the session layer.
It will function on the physical layer.
Since the proxy server is going to filter traffic, it will work on the network layer.
Jonathan is an IT administrator who oversees a small marketing firm with 25
workstations and 5 servers. Most of the workstations are at the end of their warranty so
Jonathan has purchased computers to replace them. He also wants to donate the
computers to a school to help them out and for his company to be able to take a tax
write-off. All the computers have propriety data on them that cannot be left on them
when they are donated.
Jonathan does not want to leave any residual data on the donated computers in case the
companys data is found and used for financial gain. What operations can Jonathan carry
out on the PCs before donating to ensure the data cannot be recovered?
A. He should do a format /complete on the C: drive of the computer to ensure that none of
the data can be recovered.
B. Jonathan needs to install a Linux-based operation system on the computers which would
completely erase all data.
C. Jonathan should use a program that will write zeroes to the hard drive to fill it up.
D. He can move the hard drives jumpers from Master Select to Wipe for 10 minutes which
will completely erase all data contained on the hard drive.
46.
A.
B.
C.
D.
47.
Blake is a network security analyst for his company. Blake is auditing the recent work of
the systems and network administrators after installing a virtual server environment.
According to the companys security policy, all access to any network resources must use
Windows Active Directory Authentication. Blake looks at a Linux server that was recently
installed to run these virtual servers and learns that it is not using Windows
Authentication. What should Blake tell the administrators that they need to do on this
server to force Windows Authentication?
Blake should instruct them to edit the PAM file to enforce Windows Authentication.
Blake should tell the administrators to edit the shadow file.
He needs to have the administrators remove the /var/bin/localauth.conf file.
To enforce Windows authentication, he should tell them to edit the ADLIN file
Patrick is an IT administrator working for an airline company based out of Atlanta.
Because of the recent economy, the company was forced to lay off its two web developers.
Luckily, Patrick knows how to create and develop web pages since he does that in his
spare time to earn extra money.
He has developed a logon page using Java on one of the companys websites with the
following code. To ensure the logon procedure is safe, Patrick runs the code through a
security analyzer but it fails. What vulnerability or issue is the code susceptible to?
48.
Miles is working on one of his network routers that has been showing signs of a future
failure. The router has been dropping packets randomly off and on for two weeks now.
Miles logs onto his router using Telnet and types in his username and password.
Miles then tries to execute some commands but they will not work even though they
normally do. He receives an error saying that he is not logged into the correct mode for
using those commands. What mode should Miles log into to execute these commands?
A.
B.
C.
D.
49.
A. George should have the ISP block port 179 on their firewall to stop these DoS attacks.
B. He should have them configure their network equipment to recognize SYN source IP
addresses that never complete their connections.
C. He should configure the ISPs firewall so that it blocks FIN packets that are sent to the
broadcast address of the companys internal IP range.
D. He needs to tell the ISP to block all UDP traffic coming in on port 1001 to prevent future
reflective DoS attacks against their network.
50.
Johnnie is a network technician that works for Felden Books, a publishing company in
New York City. He is responsible for troubleshooting any minor network issues that arise
for company employees. If a network problem becomes too large or complex, he hands
the issue off to the network administrator. All workstations on the network receive IP
addresses automatically from a DHCP server named SVR10.
All workstations also are running Windows XP. He receives a call from Susan in
Accounting about a problem with her computer. He takes a look and something appears
to be wrong with the network card or IP address on her computer. He calls the network
administrator and he tells Johnnie to have the computer get a new IP address from the
DHCP server. What command can Johnnie use to get a new IP address?
A.
B.
C.
D.