Which protocol is used for setting up secured channels between two devices, typically in VPNs?
IPSECPEM
SET
PPP
SHOW ANSWERIn IPv6 what is the major difference concerning application layer vulnerabilities compared to IPv4?
Vulnerabilities in the application layer are independent of the network layer. Attacks and mitigation techniques are almost identical.Implementing IPv4 security in a dual-stack network offers protection from IPv6 atttacks too.
Vulnerabilities in the application layer are greatly different from IPv4
Due to the extensive security measures built in IPv6, application layer vulnerabilities need not be addressed
SHOW ANSWERWhich of these is capable of search for and locating rogue access points?
HIDS
WIPSNIDS
WISS
SHOW ANSWERWhich of the following security policies defines the use of VPN for gaining access to an internal corporate network?
Network security policy
Remote access policyInformation protection policy
Access control policy
SHOW ANSWERA security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?
Acceptable-use policy
Firewall-management policy
Remote-access policy
Permissive policy
SHOW ANSWERIn order to have an anonymous Internet surf, which of the following is best choice?
Use Tor network with multi-node
Use SSL sites when entering personal information
Use shared WiFi
Use public VPN
SHOW ANSWERWhich of the following is a passive wireless packet analyzer that works on Linux-based systems?
Burp Suite
OpenVAS
tshark
Kismet SHOW ANSWERA new wireless client that is 802.11 compliant cannot connect to a wireless network given that the client can see the network and it has compatible hardware and software installed. Upon further tests and investigation it was found out that the Wireless Access Point (WAP) was not responding to the association requests being sent by the wireless client. What MOST likely is the issue on this scenario?
The client cannot see the SSID of the wireless network
The WAP does not recognize the client’s MAC address.
The wireless client is not configured to use DHCP.
Client is configured for the wrong channel
SHOW ANSWERYou’ve just discovered a server that is currently active within the same network with the machine you recently compromised. You ping it but it did not respond. What could be the case?
TCP/IP doesn’t support ICMP
ARP is disabled on the target server
ICMP could be disabled on the target serverYou need to run the ping command with root privileges
SHOW ANSWER…….. is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communications. It is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or mobile phone to a tainted hotspot by posing as a legitimate provider. This type of attack may be used to steal the passwords of unsuspecting users by either snooping the communication link or by phishing, which involves setting up a
fraudulent web site and luring people there. Fill in the blank with appropriate choice.
Collision Attack
Evil Twin AttackSinkhole Attack
Signal Jamming Attack
SHOW ANSWERIn 2007, this wireless security algorithm was rendered useless by capturing packets and discovering the passkey in a matter of seconds. This security flaw led to a network invasion of TJ Maxx and data theft through a technique known as wardriving. Which algorithm is this referring to?
Wi-Fi Protected Access 2
Wired Equivalent PrivacyWi-Fi Protected Access (WPA)
Temporal Key Integrity Protocol
SHOW ANSWERA technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0/24. Which of the following has occurred?
The computer is not using a private IP address
The gateway and the computer are not on the same network
The computer is using an invalid IP address
The gateway is not routing to a public IP address SHOW ANSWERAn attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server and NTP server because of the importance of their job. The attacker gain access to the DNS server and redirect the direction http://www.google.com to his own IP address. Now when the employees of the office wants to go to Google they are being redirected to the attacker machine. What is the name of this kind of attack?
DNS spoofing
Smurf Attack
ARP Poisoning
MAC Flooding
SHOW ANSWERA large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the Prometric Online Testing – Reports https://ibt1.prometric.com/users/custom/report_queue/rq_str… corporate network. What tool should the analyst use to perform a Blackjacking attack?
BBCrack
Paros Proxy
Blooover
BBProxy SHOW ANSWER