Questions 151-175

Question 1

Which of the following is a serious vulnerability in the popular OpenSSL cryptographic software library? This
week this allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used
to secure the Internet.
A. SSL/TLS Renegotiation vulnerability
B. POODLE
C. Shellshock
D. Heartbleed bug

Answer 1

D. Heartbleed bug

Question 2

There are several ways to gain insight on how a cryptosystem works with the goal of reverse engineering the
process. A term describes when two pieces of data result in the same value is?
A. Escrow
B. Collusion
C. Collision
D. Polymorphism

Answer 2

C. Collision

Question 3

The company ABC recently contracts a new accountant. The accountants will be working with the financial
statements. Those financial statements need to be approved by the CFO and then they will be sent to the
accountant but the CFO is worried because he wants to be sure that the information sent to the accountant
was not modified once he approved it. Which of the following options can be useful to ensure the integrity of
the data?
A. The document can be sent to the accountant using an exclusive USB for that document.
B. The financial statements can be sent twice, one by e-mail and the other delivered in USB and the
accountant can compare both to be sure it is the same document.
C. The CFO can use a hash algorithm in the document once he approved the financial statements
D. The CFO can use in excel file with a password

Answer 3

C. The CFO can use a hash algorithm in the document once he approved the financial statements

Question 4

What is correct about digital signatures?
A. A digital signature cannot be moved from one signed document to another because it is a plain hash of the document content.
B. Digital signatures may be used in different documents of the same type.
C. A digital signature cannot be moved from one sign document to another because it is the hash of the
original document encrypted with the private key of the signing party.
D. Digital signatures are issued once for each user and can be used everywhere until they expire.

Answer 4

C. A digital signature cannot be moved from one sign document to another because it is the hash of the original document encrypted with the private key of the signing party.

Question 5

Which service in a PKI will vouch for the identity of an individual or company ?
A. KDC
B. CR
C. CBC
D. CA

Answer 5

D. CA

Question 6

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple, small size packets
to the target computer, making it very difficult for an IDS to detect the attack signatures.
Which tool can be used to perform session splicing attacks?
A. tcpsplice
B. Hydra
C. Burp
D. Whisker

Answer 6

D. Whisker

Question 7

The security concept of "separation of duties" is most similar to the operation of which type of security device?
A. Intrusion Detection System
B. Honeypot
C. Firewall
D. Bastion host

Answer 7

D. Bastion host

Question 8

You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing
traffic from this server will not be caught by a Network Based Intrusion Detection Systems (NIDS).
What is the best way to evade the NIDS?
A. Protocol Isolation
B. Out of band signalling
C. Alternate Data Streams
D. Encryption

Answer 8

D. Encryption

Question 9

Which of the following types of firewalls ensures that the packets are part of the established session?
A. Circuit-level firewall
B. Stateful inspection firewall
C. Application-level firewall
D. Switch-level firewall

Answer 9

B. Stateful inspection firewall

Question 10

Which of the following is an extremely common IDS evasion technique in the web world?
A. Subnetting
B. Spyware
C. Port knocking
D. Unicode Characters

Answer 10

D. Unicode Characters

Question 11

During a blackbox pen test you attempt to pass IRC traffic over port 80/TCP from a compromised web enabled
host. The traffic gets blocked; however, outbound HTTP traffic is unimpeded.
What type of firewall is inspecting outbound traffic?
A. Circuit
B. Packet Filtering
C. Stateful
D. Application

Answer 11

C. Stateful

Question 12

You just set up a security system in your network. In what kind of system would you find the following string of
characters used as a rule within its configuration?
alert tcp any any -> 192.168.100.0/24 21 (msg: “FTP on the network!”;)
A. An Intrusion Detection System
B. A Router IP Table
C. A firewall IP Table
D. FTP Server rule

Answer 12

A. An Intrusion Detection System

Question 13

Which of the following is designed to identify malicious attempts to penetrate systems?
A. Intrusion Detection System
B. Firewall
C. Proxy
D. Router

Answer 13

A. Intrusion Detection System

Question 14

You work as a Security Analyst for a retail organization. In securing the company’s network, you set up a
firewall and an IDS. However, hackers are able to attack the network. After investigating, you discover that your
IDS is not configuring properly and therefore is unable to trigger alarms when needed. What type of alert is the
IDS giving?
A. False Positive
B. True Negative
C. True Positive
D. False Negative

Answer 14

D. False Negative

Question 15

You have compromised a server and successfully gained a root access. You want to pivot and pass traffic
undetected over the network and evade any possible IDS.
What is the best approach?
A. Use HTTP so that all traffic can be routed via a browser, thus evading the internal IDS.
B. Use Alternate Data Streams to hide the outgoing packets from this server.
C. Install and use Telnet to encrypt all outgoing traffic from this server.
D. Install Cryptcat and encrypt outgoing packets from this server.

Answer 15

D. Install Cryptcat and encrypt outgoing packets from this server.

Question 16

You are the Systems Administrator for a large corporate organization. You need to monitor all network traffic
on your local network for suspicious activities and receive notifications when an attack is occurring. Which tool
would allow you to accomplish this goal?
A. Host-based IDS
B. Firewall
C. Network-based IDS
D. Proxy

Answer 16

C. Network-based IDS

Question 17

Which intrusion detection system is a best applicable for large environments were critical assets on the
network need extra scrutiny and is ideal for observing sensitive network segments?
A. Firewalls
B. Network based intrusion detection system (NIDS)
C. Host based intrusion detection system (HIDS)
D. Honeypots

Answer 17

B. Network based intrusion detection system (NIDS)

Question 18

What does a firewall check to prevent particular ports and applications from getting the packets into an
organization?
A. Application layer port numbers and the transport layer headers
B. Transport layer port numbers and application layer headers
C. Network layer headers and session layer port numbers
D. Presentation layer headers and the session layer port numbers

Answer 18

B. Transport layer port numbers and application layer headers

Question 19

Firewalk has just completed the second phase (the scanning phase) and a technician receives the output
shown below. What conclusions can be drawn it based on the scan results? TCP port 21 - no response TCP
port 22 - no response TCP port 23 - Time-to-live exceeded.
A. The scan on port 23 was able to make a connection to the destination host prompting the firewall to
respond with a TTL error.
B. The firewall itself is blocking ports 21 through 23 and a service is listening on port 23 of the target host.
C. The scan on port 23 passed through the filtering device. This indicates the port 23 was not blocked at the
firewall.
D. The lack of response from ports 21 and 22 indicate that those services are not running on the destination
server

Answer 19

C. The scan on port 23 passed through the filtering device. This indicates the port 23 was not blocked at the
firewall.

Question 20

What is the way to decide how a packet will move from untrusted outside hosts to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass
through the packet filter and the firewall
A. Session hijacking
B. Man in the middle attack
C. Network sniffing
D. Firewalking

Answer 20

D. Firewalking

Question 21

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router
was accessed from the administrator’s Computer to update the router configuration. What type of an alert is
this?
A. False positive
B. False negative
C. True positive
D. True negative

Answer 21

A. False positive

Question 22

Bob received this text message on his mobile phone: ““Hello, this is Scott Smelby from the Yahoo Bank. Kindly contact me for a vital transaction on: scottsmelby@yahoo.com””. Which statement below is true?
A. This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.
B. Bob should write to scottsmelby@yahoo.com to verify the identity of Scott.
C. This is a scam because Bob does not know Scott
D. This is probably a legitimate message as it comes from a respectable organization.

Answer 22

A. This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.

Question 23

A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to
evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an
attacker could circumvent perimeter defenses and gain access to the Prometric Online Testing - Reports
https://ibt1.prometric.com/users/custom/report_queue/rq_str… corporate network. What tool should the analyst
use to perform a Blackjacking attack?
A. BBCrack
B. Paros Proxy
C. BBProxy
D. BB King

Answer 23

C. BBProxy

Question 24

Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a
linux platform?
A. Netstumbler
B. Nessus
C. Kismet
D. Abel

Answer 24

C. Kismet

Question 25

The purpose of a \_\_\_\_\_\_\_\_\_\_\_\_is the deny network access to local area networks and other information
assets by unauthorized wireless devices.
A. Wireless Intrusion Prevention System
B. Wireless Access Control List
C. Wireless Analyzer
D. Wireless Access Point

Answer 25

B. Wireless Access Control List