Which Intrusion Detection System is the best applicable for large environments where critical assets on the network need extra scrutiny and is ideal for observing sensitive network segments?


A. Honeypots
B. Firewalls
C. Network-based intrusion detection system (NIDS)
D. Host-based intrusion detection system (HIDS)

Steve, a scientist who works in a governmental security agency, developed a technological solution to identify people based on walking patterns and implemented this approach to a physical control access.
A camera captures people walking and identifies the individuals using Steves approach.
After that, people must approximate their RFID badges. Both the identifications are required to open the door.
In this case, we can say:


A. Although the approach has two phases, it actually implements just one authentication factor
B. The solution implements the two authentication factors: physical object and physical characteristic
C. The solution will have a high level of false positives
D. Biological motion cannot be used to identify people

You are doing an internal security audit and intend to find out what ports are open on all the servers. What is the best way to find out?


A. Scan servers with Nmap
B. Scan servers with MBSA
C. Telnet to every port on each server
D. Physically go to each server

What would you enter, if you wanted to perform a stealth scan using Nmap?


A. nmap -sU
B. nmap -sS
C. nmap -sM
D. nmap -sT

From the following table, identify the wrong answer in terms of Range (ft).



A. 802.11b
B. 802.11g
C. 802.16(WiMax)
D. 802.11a

What type of vulnerability/attack is it when the malicious person forces the users browser to send an authenticated request to a server?


A. Cross-site request forgery
B. Cross-site scripting
C. Session hijacking
D. Server side request forgery

You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any users password or activate disabled Windows accounts?


A. John the Ripper
B. SET
C. CHNTPW
D. Cain & Abel

Websites and web portals that provide web services commonly use the Simple Object Access Protocol (SOAP). Which of the following is an incorrect definition or characteristics of the protocol?


A. Based on XML
B. Only compatible with the application protocol HTTP
C. Exchanges data between web services
D. Provides a structured model for messaging

A hacker is an intelligent individual with excellent computer skills and the ability to explore a computers software and hardware without the owners permission. Their intention can either be to simply gain knowledge or to illegally make changes.
Which of the following class of hacker refers to an individual who works both offensively and defensively at various times?


A. White Hat
B. Suicide Hacker
C. Gray Hat
D. Black Hat

Which of these is capable of searching for and locating rogue access points?


A. HIDS
B. NIDS
C. WISS
D. WIPS