Labour Day Special - 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: c4sdisc65

GSLC PDF

$38.5

$109.99

3 Months Free Update

  • Printable Format
  • Value of Money
  • 100% Pass Assurance
  • Verified Answers
  • Researched by Industry Experts
  • Based on Real Exams Scenarios
  • 100% Real Questions

GSLC PDF + Testing Engine

$61.6

$175.99

3 Months Free Update

  • Exam Name: GIAC Security Leadership Certification (GSLC)
  • Last Update: Apr 23, 2024
  • Questions and Answers: 567
  • Free Real Questions Demo
  • Recommended by Industry Experts
  • Best Economical Package
  • Immediate Access

GSLC Engine

$46.2

$131.99

3 Months Free Update

  • Best Testing Engine
  • One Click installation
  • Recommended by Teachers
  • Easy to use
  • 3 Modes of Learning
  • State of Art Technology
  • 100% Real Questions included

GSLC Practice Exam Questions with Answers GIAC Security Leadership Certification (GSLC) Certification

Question # 6

Which of the following attacks is any form of cryptanalysis where the attacker can observe the operation of a cipher under several different keys whose values are initially unknown, but where some mathematical relationship connecting the keys is known to the attacker?

A.

Adaptive chosen-ciphertext

B.

Chosen-ciphertext

C.

Chosen-plain-supermodel

D.

Related-key

Full Access
Question # 7

In which of the following Person-to-Person social engineering attacks does an attacker pretend to be an outside contractor, delivery person, etc., in order to gain physical access to the organization?

A.

In person attack

B.

Third-party authorization attack

C.

Important user posing attack

D.

Impersonation attack

Full Access
Question # 8

Which of the following terms describes the statement given below?

"It is a service on a computer system (usually a server) that delays incoming connections for as long as possible. The technique was developed as a defense against a computer worm, and the idea is that network abuses, such as spamming or broad scanning, are less effective if they take too long."

A.

Honeytokens

B.

Honeynet

C.

Honeypot

D.

Tarpit

Full Access
Question # 9

What is another term that can be assigned to the pre-program analysis and research to determine if a program should be initiated?

A.

Business case creation

B.

Feasibility study creation

C.

Program scope statement definition

D.

Program charter creation

Full Access
Question # 10

Ryan wants to create an ad hoc wireless network so that he can share some important files with another employee of his company. Which of the following wireless security protocols should he choose for setting up an ad hoc wireless network?

Each correct answer represents a part of the solution. Choose two.

A.

WEP

B.

WPA-PSK

C.

WPA2 -EAP

D.

WPA-EAP

Full Access
Question # 11

Which of the following processes is described in the statement below?

"It is the process of implementing risk response plans, tracking identified risks, monitoring residual risk, identifying new risks, and evaluating risk process effectiveness throughout the project."

A.

Identify Risks

B.

Perform Quantitative Risk Analysis

C.

Perform Qualitative Risk Analysis

D.

Monitor and Control Risks

Full Access
Question # 12

Part of your change management plan details what should happen in the change control system for your project. Theresa, a junior project manager, asks what the configuration management activities are for scope changes. You tell her that all of the following are valid configuration management activities except for which one?

A.

Configuration Identification

B.

Configuration Item Costing

C.

Configuration Status Accounting

D.

Configuration Verification and Auditing

Full Access
Question # 13

You work as an Exchange Administrator for McRobert Inc. You are configuring a new Exchange 2000 Server computer and two storage groups, group A and group B, on your network. You have to configure the physical disks on the Exchange 2000 Server computer to provide better performance and availability. Which configuration will you use to achieve this?

A.

Mirrored ---- Transaction Log Files (group A)

Mirrored ---- Transaction Log Files (group B)

RAID5 ------ Information store (groups A and B)

B.

Single drive ---- Transaction Log Files (group A)

Single drive ---- Transaction Log Files (group B)

RAID5 --------- Information Store (groups A and B)

C.

Mirrored ---- Transaction Log Files ( groups A and B)

RAID5 ------ Information Store (groups A and B)

D.

Single drive ----- Transaction Log Files (group A)

Single drive ----- Transaction Log Files (group B)

RAID5 ----------- Information Store (group A)

RAID5 ----------- Information Store (group B)

Full Access
Question # 14

You work as a Network Administrator for Net World Inc. The company has a Windows Active Directory-based single domain single forest network. The functional level of the forest is Windows Server 2003. A Public Key Infrastructure (PKI) is installed on a server in the domain. You are planning to go on vacation for two weeks. Your team has three assistant administrators. You are required to accomplish the following tasks:

• Delegate the authority to the assistant administrators to issue, approve, and revoke certificates.

• The solution must involve least administrative burden.

Which of the following steps will you take to accomplish the tasks?

A.

Assign the Certificate Managers role to the assistant administrator user accounts.

B.

Create a new global security group named CertAdmins.

Make the assistant administrators the members of the new group.

Assign the CA Administrator role to the CertAdmins group.

C.

Create a new global security group named CertAdmins.

Make the assistant administrators the members of the new group.

Assign the Enterprise Administrators role to the CertAdmins group.

D.

Create a new global security group named CertAdmins.

Make the assistant administrators the members of the new group.

Assign the Certificate Managers role to the CertAdmins group.

Full Access
Question # 15

You are the project manager of the Workstation Improvement Project for your organization. This project will replace 925 workstations with new computers for your company's employees. Mark Jones, the sales manager, has requested that your project add 250 laptops as part of this project as his employees do not have workstations as they travel as part of the sales process. Mark insists that his department in the company can pay for the cost of the laptops. All of the following are components that will be affected by this change request except for which one?

A.

There will be a need for additional time to install the laptops.

B.

There will be a need for an additional project scope statement because of the change request.

C.

There will be a need for additional procurement management processes.

D.

There will be a need for additional risk analysis for the laptops.

Full Access
Question # 16

In which of the following malicious hacking steps does email tracking come under?

A.

Maintaining Access

B.

Gaining access

C.

Reconnaissance

D.

Scanning

Full Access
Question # 17

Which of the following statements about Secure Shell (SSH) are true?

Each correct answer represents a complete solution. Choose three.

A.

It is the core routing protocol of the Internet.

B.

It was designed as a replacement for TELNET and other insecure shells.

C.

It is a network protocol used primarily on Linux and Unix based systems.

D.

It allows data to be exchanged using a secure channel between two networked devices.

Full Access
Question # 18

Which of the following terms describes an attempt to transfer DNS zone data?

A.

Reconnaissance

B.

Dumpster diving

C.

Spam

D.

Encapsulation

Full Access
Question # 19

You are the project manager of the GYG Project. A new scope change is being considered for your project. You are concerned, however, that the scope change may add costs, risks, and adversely affect the project schedule. What project management process is responsible for evaluating the full effect of a proposed scope change on your project?

A.

Schedule change control

B.

Scope change control

C.

Integrated change control

D.

Change Control Board approval process

Full Access
Question # 20

Which of the following viruses infects multiple targets?

A.

Macro virus

B.

Multipartite virus

C.

Polymorphic virus

D.

Stealth virus

Full Access
Question # 21

John, a malicious hacker, forces a router to stop forwarding packets by flooding it with many open connections simultaneously so that all hosts behind it are effectively disabled. Which of the following attacks is John performing?

A.

ARP spoofing

B.

Replay attack

C.

Rainbow attack

D.

DoS attack

Full Access
Question # 22

Mark works as a Network Administrator for Technet Inc. The company has a Windows 2003 domainbased network. The network has a file server that uses a RAID-5 volume. The RAID-5 volume is configured with five hard disk drives. Over the weekend, a drive in the RAID-5 volume fails. What will Mark do to restore the RAID-5 volume?

A.

Replace the failed drive with a new one, use Disk Management, select a new area of free space, and then regenerate the volume.

B.

Use FDISK to delete the RAID-5 volume, and then restore data from the tape backup.

C.

Use Disk Management, select the failed drive, and then regenerate the volume.

D.

Replace the failed drive with a new one, use FDISK, select a new area of free space, and then regenerate the volume.

Full Access
Question # 23

You are responsible for securing the network at a law firm. They are particularly interested in ensuring that sensitive documents are not disclosed to outside parties. In securing the printers and scanners, which of the following statements are true?

Each correct answer represents a complete solution. Choose three.

A.

Wireless printers can be compromised by a hacker.

B.

Ghosting of documents is the only real security issue with scanners and copiers.

C.

Immediately after an image has been scanned you can 'ghost' that document/image.

D.

Secure hard drives in printers, since they can store copies of documents.

E.

Printers only have temporary data storage, so it is not possible to get data from a printer after a document is printed.

Full Access
Question # 24

You work as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. You are working as a root user on the Linux operating system. Your company is facing an IP spoofing attack. Which of the following tools will you use to get an alert saying that an upcoming IP packet is being spoofed?

A.

Dsniff

B.

ethereal

C.

Despoof

D.

Neotrace

Full Access
Question # 25

Which of the following evidences are the collection of facts that, when considered together, can be used to infer a conclusion about the malicious activity/person?

A.

Corroborating

B.

Direct

C.

Circumstantial

D.

Incontrovertible

Full Access
Question # 26

You work as a professional Ethical Hacker. You are assigned a project to perform blackbox testing of the security of www.we-are-secure.com. Now you want to perform banner grabbing to retrieve information about the Webserver being used by we-are-secure. Which of the following tools can you use to accomplish the task?

A.

Whisker

B.

WinSSLMiM

C.

httprint

D.

Wget

Full Access
Question # 27

Which of the following methods will free up bandwidth in a Wireless LAN (WLAN)?

A.

Deploying a powerful antenna.

B.

Change hub with switch.

C.

Disabling SSID broadcast.

D.

Implement WEP.

Full Access
Question # 28

Which of the following uses a variable-length Initialization Vector (IV), where the encrypted data begins?

A.

DES-OFB

B.

DES-ECB

C.

DES-CBC

D.

DES-CFB

Full Access
Question # 29

Which type of DNS zone is a read-only copy of the primary DNS zone?

A.

Secondary DNS zone

B.

Primary DNS zone

C.

Stub DNS zone

D.

SOA DNS zone

Full Access
Question # 30

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He finds that the We-are-secure server is vulnerable to attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against __________.

A.

DNS zone transfer

B.

SNMP enumeration

C.

IIS buffer overflow

D.

NetBIOS NULL session

Full Access
Question # 31

In which of the following does a Web site store information such as user preferences to provide customized services to users?

A.

Keyword

B.

Cookie

C.

Protocol

D.

ActiveX control

Full Access
Question # 32

Which of the following tools can be used to perform a whois query?

Each correct answer represents a complete solution. Choose all that apply.

A.

WsPingPro

B.

Traceroute

C.

Sam Spade

D.

SuperScan

Full Access
Question # 33

Joseph works as a Network Administrator for WebTech Inc. He has to set up a centralized area on the network so that each employee can share resources and documents with one another. Which of the following will he configure to accomplish the task?

A.

VPN

B.

Extranet

C.

Intranet

D.

WEP

Full Access
Question # 34

Which of the following is a process of monitoring data packets that travel across a network?

A.

ICMP

B.

SCP protocol

C.

Rootkit

D.

Packet sniffing

Full Access
Question # 35

Your IDS discovers that an intruder has gained access to your system. You immediately stop that access, change passwords for administrative accounts, and secure your network. You discover an odd account (not administrative) that has permission to remotely access the network. What is this most likely?

A.

An example of IP spoofing.

B.

A backdoor the intruder created so that he can re-enter the network.

C.

A normal account you simply did not notice before. Large networks have a number of accounts; it is hard to track them all.

D.

An example of privilege escalation.

Full Access
Question # 36

Which wireless security protocol is also known as IEEE 802.11i?

A.

WPA2

B.

WEP

C.

TKIP

D.

EAP

Full Access
Question # 37

Which of the following terms refers to a prolonged loss of power?

A.

Spike

B.

Brownout

C.

Surge

D.

Blackout

Full Access
Question # 38

Which of the following blocks unwanted advertisements and small windows that pop up suddenly in IE, without user's initiation?

A.

Phishing filter

B.

Pop-up blocker

C.

Content Advisor

D.

Cookies

Full Access
Question # 39

Which of the following is a structured review of the procurement process originated at the Plan Procurements process?

A.

Procurement document package

B.

Administer Procurements process

C.

Procurement auditing

D.

Project Procurement Management

Full Access
Question # 40

Which of the following is the encryption subsystem of the NTFS file system?

A.

IIS

B.

RSA

C.

ECC

D.

EFS

Full Access
Question # 41

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He writes the following snort rule:

GSLC question answer

This rule can help him protect the We-are-secure server from the __________.

A.

I LOVE YOU virus

B.

Nimda virus

C.

Chernobyl virus

D.

Melissa virus

Full Access
Question # 42

Which of the following are symptoms of a virus attack on your computer?

Each correct answer represents a complete solution. Choose two.

A.

Sudden reduction in system resources.

B.

Corrupted or missing files.

C.

Unclear monitor display.

D.

Faster read/write access of the CD-ROM drive.

Full Access
Question # 43

You are concerned about attackers simply passing by your office, discovering your wireless network, and getting into your network via the wireless connection. Which of the following are NOT steps in securing your wireless connection?

Each correct answer represents a complete solution. Choose two.

A.

Using either WEP or WPA encryption

B.

Hardening the server OS

C.

MAC filtering on the router

D.

Not broadcasting SSID

E.

Strong password policies on workstations.

Full Access
Question # 44

Which of the following honeypots captures limited amounts of information, mainly transactional data and some limited interaction?

A.

Low-interaction

B.

High-interaction

C.

Network

D.

Medium-interaction

Full Access
Question # 45

You work as a Network Administrator in a company. The NIDS is implemented on the network. You want to monitor network traffic. Which of the following modes will you configure on the network interface card to accomplish the task?

A.

Half duplex

B.

Promiscuous

C.

Full Duplex

D.

Audit mode

Full Access
Question # 46

Which of the following is not a man-made threat?

A.

Tidal wave

B.

Vandalism

C.

Terrorism

D.

Theft

Full Access
Question # 47

Which of the following is a physical or logical subnetwork that contains and exposes external services of an organization to a larger network, usually the Internet?

A.

NAT

B.

Firewall

C.

DMZ

D.

VLAN

Full Access
Question # 48

Which of the following is used to communicate with an authentication server commonly used in UNIX networks?

A.

MS-CHAP

B.

IPX/SPX

C.

SMTP

D.

TACACS

Full Access
Question # 49

Which of the following attacks allows the bypassing of access control lists on servers or routers, and helps an attacker to hide?

Each correct answer represents a complete solution. Choose two.

A.

DDoS attack

B.

IP spoofing attack

C.

MAC spoofing

D.

DNS cache poisoning

Full Access
Question # 50

Which methodology is a method to analyze the involved tasks in completing a given project, especially the time needed to complete each task, and identifying the minimum time needed to complete the total project?

A.

PERT

B.

CPM

C.

FP

D.

Gantt

Full Access
Question # 51

You work as Network and Security Manager for PassGuide Inc. The management of the company is quite concerned about the security of the network. The management has assigned this task to you to improve the security. Which of the following access methods will you use if the method is to be primarily based on pre-established access, and users cannot change it?

A.

PAC

B.

OrBAC

C.

MAC

D.

RBAC

Full Access
Question # 52

You are advising a school district on disaster recovery plans. In case a disaster affects the main IT centers for the district they will need to be able to work from an alternate location. However, budget is an issue. Which of the following is most appropriate for this client?

A.

Warm site

B.

Hot site

C.

Off site

D.

Cold site

Full Access
Question # 53

You are the program manager for your organization. You have proposed a program that will cost $750,000 and will last for four years. Management is concerned with the cost of the program in relation to the return your program will bring. If the rate of return is six percent what is the minimum value your project should return in four years based on the investment of the program?

A.

$795,000

B.

$750,001

C.

$946,857

D.

$750,000

Full Access
Question # 54

You work as an Administrator for Bluesky Inc. The company has 145 Windows XP Professional client computers and eighty Windows 2003 Server computers. You want to install a security layer of WAP specifically designed for a wireless environment. You also want to ensure that the security layer provides privacy, data integrity, and authentication for client-server communications over a wireless network. Moreover, you want a client and server to be authenticated so that wireless transactions remain secure and the connection is encrypted. Which of the following options will you use to accomplish the task?

A.

Wireless Transport Layer Security (WTLS)

B.

Recovery Console

C.

Wired Equivalent Privacy (WEP)

D.

Virtual Private Network (VPN)

Full Access
Question # 55

Janet is the project manager of the NHQ Project for her company. Janet is nearly done leading the project and there have been no cost or schedule overruns in the development of the new software for her company. The project team has been completing their work on time and there is still $75,000 left in the project budget. Janet decides to have the project team implement some extra features to the project scope to use all of the $75,000 in the budget even though the customer didn't specifically ask for the added features. This scenario is an example of which one of the following?

A.

Scope creep

B.

Gold plating

C.

Change management

D.

Value added change

Full Access
Question # 56

An intruder is trying to get user passwords by pretending to be help desk staff. Which of the following types of security attacks do you think it is?

A.

Hacking

B.

Man-in-the-middle

C.

Spoofing

D.

Social Engineering

Full Access
Question # 57

Which of the following are considered Bluetooth security violations?

Each correct answer represents a complete solution. Choose two.

A.

Bluebug attack

B.

Bluesnarfing

C.

SQL injection attack

D.

Social engineering

E.

Cross site scripting attack

Full Access
Question # 58

You are a project manager of a construction project. You are documenting project purchasing decisions, specifying the approach, and identifying potential sellers. You are in which of the following processes?

A.

Plan Procurements

B.

Administer Procurements

C.

Close Procurements

D.

Conduct Procurements

Full Access
Question # 59

Which system is designed to analyze, detect, and report on security-related events?

A.

HIPS

B.

NIPS

C.

NIDS

D.

HIDS

Full Access
Question # 60

Which of the following protocols is used as a transport protocol for Internet dial-up connections?

A.

SMTP

B.

SNMP

C.

DHCP

D.

PPP

Full Access
Question # 61

Which of the following is the practice of a domain name registrant using the five-day "grace period" (the Add Grace Period or AGP) at the beginning of the registration of an ICANN-regulated second-level domain to test the marketability of the domain?

A.

Proxy server

B.

Domain tasting

C.

NMap

D.

PsPasswd

Full Access
Question # 62

You are the project manager for your organization and are trying to determine which vendor your organization will use. You have determined that any vendor that would like to bid on your project work will need to have a Microsoft Certified System Engineer on staff, have eight years of Cisco experience, and have at least two references from similar projects. What have you created in this scenario?

A.

Screening system for the vendors

B.

Weighting system for the vendors

C.

Preferred vendors list

D.

Bidders conference

Full Access
Question # 63

Which of the following password authentication schemes enables a user with a domain account to log on to a network once, using a password or smart card, and to gain access to multiple computers in the domain without being prompted to log in again?

A.

Single Sign-On

B.

Dynamic

C.

One-time password

D.

Kerberos

Full Access
Question # 64

Which of the following features of IE prevent users from a type of scam that entice a user to disclose personal information such as social security number, bank account details, or credit card number?

A.

Pop-up blocker

B.

Cookie

C.

Content Advisor

D.

Phishing Filter

Full Access
Question # 65

A user has opened a Web site that automatically starts downloading malicious code onto his computer. What should he do to prevent this?

Each correct answer represents a complete solution. Choose two.

A.

Disable ActiveX Controls

B.

Disable Active Scripting

C.

Implement File Integrity Auditing

D.

Configure Security Logs

Full Access
Question # 66

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to use Kismet as a wireless sniffer to sniff the We-are-secure network. Which of the following IEEE-based traffic can be sniffed with Kismet?

Each correct answer represents a complete solution. Choose all that apply.

A.

802.11g

B.

802.11a

C.

802.11b

D.

802.11n

Full Access
Question # 67

You work in an enterprise as a Network Engineer. Your enterprise has a secure internal network. You want to apply an additional network packet filtering device that is intermediate to your enterprise's internal network and the outer network (internet). Which of the following network zones will you create to accomplish this task?

A.

Border network area

B.

Autonomous system area (AS)

C.

Demilitarized zone (DMZ)

D.

Site network area

Full Access
Question # 68

Consider the following diagram:

GSLC question answer

What is the highlighted area of the diagram known as?

A.

Rule of Seven

B.

Control point

C.

Control chart

D.

Six Sigma

Full Access
Question # 69

Complete the following sentence: Quality control is a(n)_______________ process while quality assurance is a(n)________________ process.

A.

Inspection, costly

B.

Management, inspection

C.

Inspection, prevention

D.

Prevention, inspection.

Full Access
Question # 70

Which of the following statements are true about an application-level gateway?

Each correct answer represents a complete solution. Choose all that apply.

A.

It allows client applications to use dynamic ephemeral TCP/UDP ports to communicate with the known ports used by the server applications.

B.

It does not allow customized NAT traversal filters to be plugged into the gateway to support address and port translation for certain application protocols.

C.

It is a security component that is added to a firewall or NAT employed in a computer network.

D.

It converts the network layer address information found inside an application payload. The hosts can be on either side of the firewall/NAT.

Full Access
Question # 71

John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He enters a single quote in the input field of the login page of the We-are- secure Web site and receives the following error message:

Microsoft OLE DB Provider for ODBC Drivers error '0x80040E14'

This error message shows that the We-are-secure Website is vulnerable to __________.

A.

A buffer overflow

B.

An XSS attack

C.

A SQL injection attack

D.

A Denial-of-Service attack

Full Access
Question # 72

Which of the following statements about reconnaissance is true?

A.

It is a computer that is used to attract potential intruders or attackers.

B.

It is any program that allows a hacker to connect to a computer without going through the normal authentication process.

C.

It describes an attempt to transfer DNS zone data.

D.

It is also known as half-open scanning.

Full Access
Question # 73

You are the Network Administrator for a bank. In addition to the usual security issues, you are concerned that your customers could be the victim of phishing attacks that use fake bank Web sites.

Which of the following would protect against this?

A.

Three factor authentication

B.

Two factor authentication

C.

Mutual authentication

D.

MAC

Full Access
Question # 74

Place the processes that are grouped under the Project Cost Management Knowledge Area in the image below.

GSLC question answer

GSLC question answer

A.

Full Access
Question # 75

You are responsible for network security at a defense contractor. You are very concerned about sensitive data not getting out of your network. You have specific concerns about employees or contractors sending out files via FTP, or even spyware sending out data. You have blocked and monitored ports (as many as you can) on your firewall, and of course, run an anti spyware package.

Which of the following is another step you should take in preventing sensitive data from being sent out of your network without authorization?

A.

Implement an IDS.

B.

Utilize a DMZ firewall.

C.

Block all employees from emailing outside your network.

D.

Employ network wide anti virus.

Full Access
Question # 76

Which of the following types of attacks occurs when an attacker successfully inserts an intermediary software or program between two communicating hosts?

A.

Dictionary attack

B.

Man-in-the-middle attack

C.

Denial-of-service attack

D.

Password guessing attack

Full Access
Question # 77

You have inserted a Trojan on your friend's computer and you want to put it in the startup so that whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry entries will you edit to accomplish the task?

A.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

B.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Start

C.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Startup

D.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Auto

Full Access
Question # 78

Which of the following types of cryptography algorithms uses the MD series of encryption algorithms?

A.

Digital signature

B.

Hash algorithm

C.

Public-key

D.

Quantum

Full Access
Question # 79

John is a malicious attacker. He illegally accesses the server of We-are-secure Inc. He then places a backdoor in the We-are-secure server and alters its log files. Which of the following steps of malicious hacking includes altering the server log files?

A.

Reconnaissance

B.

Maintaining access

C.

Covering tracks

D.

Gaining access

Full Access
Question # 80

PassGuide Research and Training Center is developing its new network model. Which of the following protocols should be implemented in the new network? (Click the Exhibit button on the toolbar to see the case study.) Each correct answer represents a complete solution. Choose two.

A.

IPX/SPX

B.

NetBEUI

C.

TCP/IP

D.

AppleTalk

Full Access
Question # 81

A war dialer is a tool that is used to scan thousands of telephone numbers to detect vulnerable modems. It provides an attacker unauthorized access to a computer. Which of the following tools can an attacker use to perform war dialing?

Each correct answer represents a complete solution. Choose all that apply.

A.

Wingate

B.

ToneLoc

C.

THC-Scan

D.

NetStumbler

Full Access
Question # 82

Which of the following tasks can be performed by a malicious bot/botnet?

Each correct answer represents a complete solution. Choose all that apply.

A.

Harvesting email addresses from contact forms or guestbook pages.

B.

Performing a spoofing attack.

C.

Downloading entire Web site to suck the bandwidth of a target.

D.

Stealing various information like credit card numbers, login, ids, etc.

E.

Performing DDoS attacks.

Full Access
Question # 83

The Project Scope Management knowledge area focuses on which of the following processes?

Each correct answer represents a complete solution. Choose all that apply.

A.

Create Work Breakdown Structure (WBS)

B.

Control Scope

C.

Select Sellers

D.

Verify Scope

Full Access
Question # 84

When no anomaly is present in an Intrusion Detection, but an alarm is generated, the response is known as __________.

A.

True positive

B.

True negative

C.

False negative

D.

False positive

Full Access