Download Questoes para a prova Eccouncil CND and more Exams United States History in PDF only on Docsity!
- James, a network admin in a large US based IT firm, was asked to audit and implement security controls over all network layers to achieve Defense-in-Depth. While working on this assignment, James has implemented both blacklisting and whitelisting ACLs. Which layer of defense-in-depth architecture is Jason working on currently?
1.a. Application Layer 1.b. (^) Host Layer 1.c. Internal Network Layer 1.d. Perimeter Layer
- (^) Xenon is a leading real estate firm located in Australia. Recently, the company had decided a bid amount for a prestigious construction project and was sure of being awarded the project. Unfortunately, the company lost the tender to one of its competitors. A few days later, while performing a network scan, the network admin identified that somebody had captured the confidential e-mails conversions related to the tender. Upon further investigation, the admin discovered that one of the switch ports was left open and an employee had plugged into the network using an Ethernet cable.
Which attack did the employee perform in the above situation?
1.e. (^) Network Sniffing 1.f. Password Attack 1.g. Social Engineering Attack 1.h. Man-in-the-Middle Attack
- (^) Arman transferred some money to his friend’s account using a net banking service. After a few hours, his friend informed him that he hadn’t received the money yet. Arman logged on to the bank’s website to investigate and discovered that the amount had been transferred to an unknown account instead. The bank, upon receiving Arman’s complaint, discovered that someone had established a station between Arman’s and the bank server’s communication system. The station intercepted the communication and inserted another account number replacing his friend’s account number. What is such an attack called?
1.i. Privilege Escalation 1.j. (^) DNS Poisoning 1.k. Man-in-the-Middle Attack 1.l. DNS Cache Poisoning
- Jorge has developed a core program for a mobile application and saved it locally on his system. The next day, when he tried to access the file to work on it further, he found it missing from his system. Upon investigation, it was discovered that someone got into his system since he had not changed his login credentials, and that they were the ones that were given to him by the admin when he had joined the organization. Which of the following network security vulnerabilities can be attributed to Jorge’s situation?
1.cc. System account vulnerabilities 1.dd. User account vulnerabilities 1.ee. Default password and settings 1.ff. Network device misconfiguration
- HexCom, a leading IT Company in the USA, realized that their employees were having trouble accessing multiple servers with different passwords. Due to this, the centralized server was also being overburdened by avoidable network traffic. To overcome the issue, what type of authentication can be given to the employees?
1.gg. Two-Factor Authentication 1.hh. Biometric Authentication 1.ii. Single Sign-on (SSO) 1.jj. Smart Card Authentication
- In Public Key Infrastructure (PKI), which authority is responsible for issuing and verifying the certificates?
1.kk. Registration authority 1.ll. (^) Certificate authority 1.mm. Digital Certificate authority 1.nn. Digital signature authority
- To secure his company’s network, Tim the network admin, installed a security device that inspected all inbound and outbound network traffic for suspicious patterns. The device was configured to alert him if it found any such suspicious activity. Identify the type of network security device installed by Tim?
1.oo. Firewall 1.pp. (^) Honeypot
1.qq. Proxy server 1.rr. (^) Intrusion Detection System (IDS)
- On which layer of the OSI model does the packet filtering firewalls work?
1.iii. Network Layer 1.jjj. Application Layer 1.kkk. Session Layer 1.lll. Physical Layer
- Which RAID level does not provide data redundancy?
1.mmm. RAID level 0 1.nnn. RAID level 1 1.ooo. (^) RAID level 50 1.ppp. RAID level 10
- Which encryption algorithm does S/MIME protocol implement for digital signatures in emails?
1.qqq. Rivest-Shamir-Adleman encryption 1.rrr. Digital Encryption Standard 1.sss. Triple Data Encryption Standard 1.ttt. Advanced Encryption Standard
- On which of the following OSI layers does the Pretty Good Privacy (PGP) work?
1.uuu. Application 1.vvv. Data Link 1.www. (^) Network 1.xxx. Transport
- Which of the following VPN topologies establishes a persistent connection between an organizations main office and its branch offices using a third-party network or the Internet?
1.yyy. Hub-and-Spoke
1.zzz. Full Mesh 1.aaaa. (^) Star 1.bbbb. Point-to-Point
- What is composite signature-based analysis?
1.cccc. (^) Multiple packet analysis is required to detect attack signatures 1.dddd. Attack signatures are contained in packet headers 1.eeee. Attack signatures are contained in packet payloads 1.ffff. Single Packet analysis is enough to identify attack signatures
1.wwww. (^) IDS/IPS 1.xxxx. Network Protocol Analyzer 1.yyyy. Proxy Server 1.zzzz. Honeypot
- Identify the firewall technology that monitors the TCP handshake between the packets to determine whether a requested session is legitimate.
1.aaaaa. Packet Filtering Firewall 1.bbbbb. Stateful Multilayer Inspection 1.ccccc. (^) Circuit Level Gateway 1.ddddd. Network Address Translation
- Which of the following commands can be used to disable unwanted services on Debian, Ubuntu and other Debian-based Linux distributions?
1.eeeee. # chkconfig [service name]off 1.fffff. # chkconfig [service name] –del 1.ggggg. # service [service name] stop 1.hhhhh. # update-rc.d -f [service name] remove
- Identify the network topology in which the network devices are connected such that every device has a point-to-point link to all the other devices.
1.iiiii. Star Topology 1.jjjjj. (^) Hybrid Topology 1.kkkkk. Mesh Topology 1.lllll. Bus Topology
- What can be the possible number of IP addresses that can be assigned to the hosts present in a subnet having 255.255.255.224 subnet mask?
1.mmmmm. 62
1.nnnnn. 30 1.ooooo. (^14) 1.ppppp. 126
- What is the IT security team responsible for effectively managing the security of the organization’s IT infrastructure, called?
1.qqqqq. Grey Team 1.rrrrr. Red Team 1.sssss. Blue Team 1.ttttt. Yellow Team
- Which of the following information security standards defines security policies, technologies and ongoing processes for organizations that handle cardholder information for debit, credit, prepaid, e-purse, ATM, and POS cards?
1.uuuuu. (^) Health Insurance Portability and Accountability Act (HIPAA) 1.vvvvv. Payment Card Industry Data Security Standard (PCI-DSS) 1.wwwww. Information Security Acts: Gramm-Leach-Bliley Act (GLBA) 1.xxxxx. Information Security Acts: Sarbanes Oxley Act (SOX)
- Which of the following Wireshark filters can a network administrator use to view the packets without any flags set in order to detect TCP Null Scan attempts?
1.yyyyy. TCP.flags==0x 1.zzzzz. tcp.flags==0X 1.aaaaaa. (^) tcp.flags==0x 1.bbbbbb. tcp.dstport==
- Which phase of vulnerability management deals with the actions for patching the discovered vulnerabilities?
1.cccccc. Assessment 1.dddddd. Verification 1.eeeeee. Remediation
- Which of the following Wireshark filters allows an administrator to detect SYN/FIN DDoS attempt on the network?
1.wwwwww. tcp.flags==0x 1.xxxxxx. tcp.flags==0X 1.yyyyyy. (^) TCP.flags==0x 1.zzzzzz. tcp.dstport==
- Which technique is used in RAID level 0 where the data is split into blocks and written evenly across multiple disks?
1.aaaaaaa. Disk mirroring 1.bbbbbbb. Disk stripping 1.ccccccc. Data splitting 1.ddddddd. Disk partition
- Which of the following tools can be used to update Debian-based Linux distribution?
1.eeeeeee. apt-get 1.fffffff. up2date 1.ggggggg. (^) swarets 1.hhhhhhh. autoupdate
- An IT company has just been hit with a severe external security breach. To enhance the company’s security posture, the network admin has decided to first block all the services and then individually enable only the necessary services. What is such an Internet access policy called?
1.iiiiiii. Prudent Policy 1.jjjjjjj. (^) Permissive Policy 1.kkkkkkk. Promiscuous Policy 1.lllllll. Paranoid Policy
- Which of the following standards does a cloud service provider has to comply with, to protect the privacy of its customer’s personal information?
1.mmmmmmm. ISO/IEC 27018 1.nnnnnnn. ISO/IEC 27019 1.ooooooo. ISO/IEC 27020 1.ppppppp. (^) ISO/IEC 27021
- Under which of the following acts can an international financial institution be prosecuted if it fails to maintain the privacy of its customer’s information?
1.qqqqqqq. (^) GLBA 1.rrrrrrr. FISMA 1.sssssss. DMCA 1.ttttttt. SOX
- Wallcot, a retail chain in US and Canada, wants to improve the security of their administration offices. They want to implement a mechanism with two doors. Only one of the doors can be opened at a time. Once people enter from the first door, they have to be authorized to open the next one. Failing the authorization, the person will be locked between the doors until an authorized person lets him or her out. What is such a mechanism called?
1.uuuuuuu. Mantrap 1.vvvvvvv. Physical locks 1.wwwwwww. Concealed detection device 1.xxxxxxx. (^) Alarm system
- David, a network and system admin, encrypted all the files in a Windows system that supports NTFS file system using Encrypted File Systems (EFS). He then backed up the same files into another Windows system that supports FAT file system. Later, he found that the backup files were not encrypted. What could be the reason for this?
1.yyyyyyy. EFS could only encrypt the files that follow NTFS 1.zzzzzzz. (^) FAT files cannot be encrypted 1.aaaaaaaa. EFS is not the encryption system used in Windows 1.bbbbbbbb. Copied files loses their encryption
- Patrick wants to change the file permission of a file with permission value 755 to 744. He used a Linux command chmod [permission Value] [File Name] to make these changes. What will be the change in the file access?
1.cccccccc. He changed the file permission from rwxr-xr-x to rwx-r--r-- 1.dddddddd. He changes the file permission from rwxr-xr-x to rw-rw-rw- 1.eeeeeeee. (^) He changed the file permission from rw------- to rw-r--r-- 1.ffffffff. He changed the file permission from rwxrwxrwx to rwx------
- An organization’s web server was recently compromised triggering its admin team into action to defend the network. The admin team wants to place the web server in such a way that, even if it is attacked, the other network resources will be unavailable to the attacker. Moreover, the network monitoring will easily detect the future attacks. How can the admin team implement this plan?
1.gggggggg. They can place the web server outside of the organization in a remote place 1.hhhhhhhh. They can remove the web server from their organization 1.iiiiiiii. They can place it in a separate DMZ area behind the firewall 1.jjjjjjjj. They can place it beside the firewall
- A stateful multilayer inspection firewall combines the aspects of Application level gateway, Circuit level gateway and Packet filtering firewall. On which layers of the OSI model, does the Stateful multilayer inspection firewall works?
1.kkkkkkkk. Network, Session & Application 1.llllllll. (^) Physical & application
1.mmmmmmmm. Session & network 1.nnnnnnnn. (^) Physical, session & application
