1.

As a consultant, you are evaluating the security of network infrastructure for a machine tools manufacturer as part of a more comprehensive review of their security controls. They have heard that the existing twisted-pair cabling is vulnerable to eavesdropping and this is a concern but there is also a limited budget for implementing the rest of the program. What is your recommendation?

Eavesdropping is a primary concern and the infrastructure should be upgraded to use coax cabling. Eavesdropping is a primary concern and the infrastructure should be upgraded to use fibre optic cabling. The risk of eavesdropping is better controlled using encryption. None of the above. 2. You have recently deployed IDP software to monitor the internal interface of your network firewall. Your help desk is now reporting a sharp increase in service incidents relating to network problems. What is the most likely cause?

The IDP software has correctly identified network intrusions that were going undetected previously and is blocking them. The IDP software has not been configured to recognise baseline network traffic accurately. The IDP software should have been configured for passive detection. The two cannot be connected as network-based IDP does not interfere with hosts.
3. Which of the following protocols is supported by PPTP?

IPX

SNA AppleTalk None of the above 4. With which type of attack, would you associate the 'hunt' tool?

Back Door DoS Hijacking Man-in-the-Middle 5. Which of the following is a symptom of a DoS attack?

Applications run automatically at startup. Your anti-virus software detects infected files. Your PC will not boot up. Your web server is not responding to external requests. 6.Which of the following password policies provides the BEST defence against a brute force password guessing attack?

Password must be at least 8 characters. Password must be changed within 90 days. Password must not be reused. Password must not be written down.

7. Which of the following steps are appropriate for hardening an internet web application server?

1. Document the directory structure and ensure that developers maintain accurate change documentation. 2. Enable logging on resource requests. 3. Remove all access permissions from the guest account. 4. Remove sample and help files from the server.

1, 2, 4 2, 3, 4 1, 3 1, 2, 3, 4 8. Which of the following can be provided by Kerberos?

1. Communications confidentiality 2. Mutual Authentication 3. Single Sign On 4. Strong Authentication

2, 3, 4 1, 2, 3 2, 4 1, 2, 3, 4

9. Why should a firewall be configured to block packets from an external network with source IP addresses belonging to the internal network?

The packets must have spoofed IP addresses. A firewall cannot block these packets but it can translate them back to valid public internet addresses. A firewall should be configured to ALLOW these packets. None of the above. 10. What port is used to communicate with a RADIUS server?

TCP Port 1812 UDP Port 1812 TCP and UDP Port 1812 The client and server negotiate a random, high port number 11. Which of the following access control models is least suited to centralised privilege management?

Discretionary Access Control Mandatory Access Control Role-based Access Control Rule-based Access Control 12. Which of the following aspects of privilege management is implemented using Kerberos?

User Management Single Sign On Need To Know Decentralized privilege management 13. What type of authentication is best employed if you are concerned that users might try to share their logon information?

Biometric Kerberos Smart Card Username / Password 14. What feature of Windows can make it particularly vulnerable to malware carried on USB flash media?

Anti-virus software does not identify the media and so does not scan files on it. Unpatched versions of Windows run files on flash media with elevated administrative privileges. Windows can AutoPlay files on the device. All of the above. 15. In a SYN Flood attack, which part of the TCP 3-way handshake is tampered with?

SYN SYN-ACK ACK All of the above 16. What type of access control is associated with clearance levels?

MAC DAC RBAC All of the above 17. Which of the following IP addresses is a valid public internet address?

89.45.36.1 10.1.23.254 172.16.16.1 172.30.1.1 18. Which of the following is NOT an example of a back door?

A PC running Remote Desktop Administrative access to a bespoke application PC modem configured to accept incoming calls Web server located in a DMZ

19. What type of security control depends on system logs?

Anti-virus scanner Firewall Host-based IDS Network-based IDS 20. Grommet's support department uses IM as a tool for supporting users. Which of the following attacks is MOST likely if strong authentication is not applied to the messaging system?

Brute force password guessing Man-in-the-Middle Session hijacking Social engineering 21. For system auditing to be secured against internal fraud, which of the following measures is MOST critical?

Configure IDS correctly. Make audit logs tamperproof. Prevent external access to the logging server. Store audit logs offsite. 22. Which of the following describes anomaly-based network IDS?

Examines packets for threats that match a signature database. Examines logs for threats that match a signature database. Examines network traffic for deviations from an expected baseline. Examines access logs for deviations from an expected baseline. 23. Which of the following is NOT a risk of setting up a full interaction honeypot?

1. A compromised host could be used to launch further attacks. 2. An attacker could harvest administrative logons for the real network. 3. It constitutes entrapment and you could be sued. 4. Your production network may be targeted by 'revenge' attacks.

1, 2 2, 3 3, 4 1, 4 24. Which of the following is NOT a capability of SSL/TLS?

Disk Encryption Mutual Authentication Secure File Transfer VPN

25. Which of the following is a benefit of change documentation?

Provides an audit trail of file access. Provides technicians with a procedure for implementing changes to systems architecture. Provides technicians with up-to-date information about system configuration. All of the above.