Questions 126-150 Flashcards
When purchasing a biometric system, one of the considerations that should be reviewed is the processing
speed. Which of the following that best describes what is meant by processing?
A. The amount of time it takes to be either accepted or rejected from when an individual provides identification
and authentication information.
B. The amount of time it takes to convert biometric data into a template on a smart card.
C. The amount of time and resources that are necessary to maintain a biometric system.
D. How long it takes to set up individual user accounts
A. The amount of time it takes to be either accepted or rejected from when an individual provides identification
and authentication information.
An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and intrusion
detection systems (IDS) on the network of an organization that has experienced a possible breach of security.
When the investigator attempts to correlate the information in all of the logs, the sequence of many of the log
events do not match up.
What is the most likely cause?
A. The network devices are not all synchronized.
B. Proper chain of custody was not observed while collecting the logs.
C. The attacker altered or erased events from the logs.
D. The security breach was a false positive.
A. The network devices are not all synchronized.
If executives are found liable for not properly protecting their company’s assets in information systems, what
type of law would apply in this situation?
A. Common
B. International
C. Civil
D. Criminal
C. Civil
What two conditions must a digital signature meet?
A. Has to be unforgeable, and has to be authentic
B. Must be unique and have special characters
C. Has to be the same number of characters as a physical signature and must be unique.
D. Has to be legible and neat
A. Has to be unforgeable, and has to be authentic
The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the
host 10.0.0.3. Also he needs to permit all FTP traffic to the rest of the network and deny all other traffic. After
he applied his ACL configuration in the router no body can access the ftp and the permitted hosts cannot
access the INternet. According to the next configuration what is happening in the network?
access-list 102 deny tcp any any
access-list 104 permit udp host 10.0.0.3 any
access-list 110 permit tcp host 10.0.0.2 eq www any
access-list 108 permit tcp any eq ftp any
A. The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router.
B. The ACL 104 needs to be first because is UDP
C. The ACL for FTP must be before the ACL 110
D. The ACL 110 needs to be changed to port 80
A. The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router.
A penetration test was done at a company. After the test, a report was written and given to the company’s IT
authorities. A section from the report is shown below:
Access list should be written between VLANs
Port security should be enabled for the intranet.
A security solution which filters data packets should be set between intranet (LAN) and DMZ.
A WAF should be used in front of the web applications.
According to the section from the report, which of the following is true?
A. Possibility of SQL injection attack is eliminated.
B. A stateful firewall can be used between intranet (LAN) and DMZ.
C. But there is access control policy between the VLANs.
D. MAC spoof attacks cannot be performed.
B. A stateful firewall can be used between intranet (LAN) and DMZ.
You’re an ethical hacker who is auditing the ABC Company. When you verify the NOC one of the machines
has two connections, one wired and the other wireless. When you verify the configuration of his windows
system you find too static routes.
route add 10.0.0.0 mask 255.0.0.0 10.0.0.1
route add 0.0.0.0 mask 255.0.0.0 199.168.0.1
What is the main purpose of those static routes?
A. Both static routes indicate that the traffic is external with different gateway
B. Both static routes indicate that the traffic is internal with different gateway
C. The first static route indicates that the internal addresses are using the internal gateway and the second static route indicates that all the traffic that is not internal must go to an external gateway
D. The first static route indicates that the internal traffic will use an external gateway and the second static
routes indicates that the traffic will be rerouted
C. The first static route indicates that the internal addresses are using the internal gateway and the second static route indicates that all the traffic that is not internal must go to an external gateway
#!/usr/bin/python
import socket
buffer=[""A""]
counter=50
while len(buffer) <=100
buffer append(""A""*counter)
counter=counter+50
commands=
{""HELP"",""STATS"",""RTIME"",""LTIME"",""SRUN"",""TRUN"",""GMON"",""GDOG"",""KSTET"",""GTER"",""HT
ER"",""LTER"",""KSTAN.""]
for command in commands:
for buffstring in bufer:
print ""Exploiting"" +command +"":""+str(len(buffstring))
s=socket.socket(socketAF_INET, socket SOCK_STREAM)
s.connect(('127.0.0.1',9999))
s.recv(50)
s.send(command+buffstring)
s.close
What is the code written for?
A. Buffer Overflow
B. Encryption
C. Cross site scripting
D. SQL injectionA. Buffer Overflow
What is not a PCI compliance recommendation?
A. Rotate employees handling credit card transactions on a yearly basis to different departments.
B. Use encryption to protect all transmission of card holder data over any public network.
C. Limit access to card holder data to as few individuals as possible.
D. Use a firewall between the public network and the payment card data
A. Rotate employees handling credit card transactions on a yearly basis to different departments.
A large mobile telephony and data network operator has a data center that houses network elements. These
are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and
IPS systems. What is the best security policy concerning this setup?
A. Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.
B. The operator knows that attacks and down time are inevitable and should have a backup site
C. As long as the physical access to the network elements is restricted, there is no need for additional
measures
D. There is no need for specific security measures on the network elements as long as firewalls and IPS
systems exist.
A. Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.
Which of the following programming languages is most susceptible to buffer overflow attacks, due to its lack of
a built-in bounds checking mechanism?
Code:
#include
int main(){
char buffer[8];
strcpy(buffer,""11111111111111111111111111111"");
}
Output:
Segmentation fault
A. C++
B. C#
C. Java
D. PythonA. C++
Due to a slow down of normal network operations, IT department decided to monitor internet traffic for all of
the employees. From a legal stand point, what would be troublesome to take this kind of measure?
A. The network could still experience traffic slow down.
B. IT department would be telling employees who the boss is
C. All of the employees would stop normal work activities
D. Not informing the employees that they are going to be monitored could be an invasion of privacy.
D. Not informing the employees that they are going to be monitored could be an invasion of privacy.
In Risk Management, how is the term “likelihood” related to the concept of “threat?”
A. Likelihood is a possible threat-source that may exploit a vulnerability.
B. Likelihood is the probability that a threat-source will exploit a vulnerability.
C. Likelihood is the likely source of a threat that could exploit a vulnerability.
D. Likelihood is the probability that a vulnerability is a threat-source.
B. Likelihood is the probability that a threat-source will exploit a vulnerability.
This asymmetry cipher is based on factoring the product of two large prime numbers. A. MD5 B. SHA C. RC5 D. RSA
D. RSA
Which of the following is the structure designed to verify and authenticate the identity of individuals within the
enterprise taking part in a data exchange?
A. PKI
B. biometrics
C. SOA
D. single sign on
A. PKI
