Jimmy is standing outside a secure entrance to a facility. He is pretending to have a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it begins to close.

What just happened?


A. Masquerading
B. Tailgating
C. Phishing
D. Whaling

You want to analyze packets on your wireless network. Which program would you use?


A. Wireshark with Airpcap
B. Airsnort with Airpcap
C. Wireshark with Winpcap
D. Ethereal with Winpcap

Which of the following is considered an exploit framework and has the ability to perform automated attacks on services, ports, applications an unpatched security flaws in a computer system?


A. Nessus
B. Metasploit
C. Maltego
D. Wireshark

Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?


A. Stealth/ Tunneling virus
B. Macro virus
C. Cavity virus
D. Polymorphic virus

Which type of security feature stops vehicles from crashing through the doors of a building?


A. Turnstile
B. Bollards
C. Mantrap
D. Receptionist

Which of the following areas is considered a strength of symmetric key cryptography when compared with asymmetric algorithms?


A. Scalability
B. Speed
C. Key distribution
D. Security

A security analyst is performing an audit on the network to determine if there are any deviations from the security policies in place. The analyst discovers that a user from the IT department had a dial-out modem installed. Which security policy must the security analyst check to see if dial-out modems are allowed?


A. Firewall-management policy
B. Acceptable-use policy
C. Remote-access policy
D. Permissive policy

The following is part of a log file taken from the machine on the network with the IP address of 192.168.1.106:

What type of activity has been logged?


A. Port scan targeting 192.168.1.103
B. Teardrop attack targeting 192.168.1.106
C. Denial of service attack targeting 192.168.1.103
D. Port scan targeting 192.168.1.106

Which of the following incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an organization?


A. Preparation phase
B. Containment phase
C. Identification phase
D. Recovery phase

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems.

What is the best security policy concerning this setup?


A. Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.
B. As long as the physical access to the network elements is restricted, there is no need for additional measures.
C. There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.
D. The operator knows that attacks and down time are inevitable and should have a backup site.