What does the following command in netcat do?
nc -l -u -p55555 < /etc/passwd
logs the incoming connections to /etc/passwd file
loads the /etc/passwd file to the UDP port 55555
grabs the /etc/passwd file when connected to UDP port 55555
deletes the /etc/passwd file when connected to the UDP port 55555
SHOW ANSWERSandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of dollars if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately. Which organization coordinates computer crime investigations throughout the United States?
NDCA
NICP
CIRP
NPC
CIA
SHOW ANSWERWhich of the following is a characteristic of Public Key Infrastructure (PKI)?
Public-key cryptosystems are faster than symmetric-key cryptosystems
Public-key cryptosystems distribute public-keys within digital signatures
Public-key cryptosystems do not require a secure key distribution channel.
Public-key cryptosystems do not provide technical non-repudiation via digital signatures.
SHOW ANSWERA network administrator received an administrative alert at 3:00 a.m. from the intrusion detection system. The alert was generated because a large number of packets were coming into the network over ports 20 and 21. During analysis, there were no signs of attack on the FTP servers. How should the administrator classify this situation?
True negatives
False negatives
True positives
False positives
SHOW ANSWERIn the OSI model, where does PPTP encryption take place?
Transport layer
Application layer
Data link layer
Network layer
SHOW ANSWERA common cryptographical tool is the use of XOR. XOR the following binary values:
10110001
00111010
10001011
11011000
10011101
10111100
SHOW ANSWERWhich of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?
Metasploit scripting engine
Nessus scripting engine
NMAP scripting engine
SAINT scripting engine
SHOW ANSWERDuring a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network. What is this type of DNS configuration commonly called?
Split DNS
DNSSEC
DynDNS
DNS Scheme
SHOW ANSWERPGP, SSL, and IKE are all examples of which type of cryptography?
Public Key
Secret Key
Hash Algorithm
Digest
SHOW ANSWERWhich of the following commands runs snort in packet logger mode?
./snort -dev -h ./log
./snort -dev -l ./log
./snort -dev -o ./log
./snort -dev -p ./log
SHOW ANSWERAn Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, Digital Subscriber Lines (DSL), wireless data services, and Virtual Private Networks (VPN) over a Frame Relay network. Which AAA protocol is most likely able to handle this requirement?
. RADIUS
DIAMETER
Kerberos
TACACS+
SHOW ANSWERSmart cards use which protocol to transfer the certificate in a secure manner?
Extensible Authentication Protocol (EAP)
Point to Point Protocol (PPP)
Point to Point Tunneling Protocol (PPTP)
Layer 2 Tunneling Protocol (L2TP)
SHOW ANSWEREvery company needs a formal written document which spells out to employees precisely what they are allowed to use the company's systems for, what is prohibited, and what will happen to them if they break the rules. Two printed copies of the policy should be given to every employee as soon as possible after they join the organization. The employee should be asked to sign one copy, which should be safely filed by the company. No one should be allowed to use the company's computer systems until they have signed the policy in acceptance of its terms. What is this document called?
Information Audit Policy (IAP)
Information Security Policy (ISP)
Penetration Testing Policy (PTP)
Company Compliance Policy (CCP)
SHOW ANSWER