Which definition among those given below best describes a covert channel?

A. A server program using a port that is not well known.

B. Making use of a protocol in a way it is not intended to be used.

C. It is the multiplexing taking place on a communication link.

D. It is one of the weak channels used by WEP which makes it insecure

Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?

A. symmetric algorithms

B. asymmetric algorithms

C. hashing algorithms

D. integrity algorithms

Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.
Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers?

A. Hardware, Software, and Sniffing.

B. Hardware and Software Keyloggers.

C. Passwords are always best obtained using Hardware key loggers.

D. Software only, they are the most effective.

Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Ethernet ports available for professors and authorized visitors but not for students.
He identified this when the IDS alerted for malware activities in the network. What should Bob do to avoid this problem?

A. Disable unused ports in the switches

B. Separate students in a different VLAN

C. Use the 802.1x protocol

D. Ask students to use the wireless network

Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of communication?

A. 113

B. 69

C. 123

D. 161

What two conditions must a digital signature meet?

A. Has to be the same number of characters as a physical signature and must be unique.

B. Has to be unforgeable, and has to be authentic.

C. Must be unique and have special characters.

D. Has to be legible and neat.

What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

A. Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

B. Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.

C. Symmetric encryption allows the server to security transmit the session keys out-of-band.

D. Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.

Which of the following programs is usually targeted at Microsoft Office products?

A. Polymorphic virus

B. Multipart virus

C. Macro virus

D. Stealth virus

What does a firewall check to prevent particular ports and applications from getting packets into an organization?

A. Transport layer port numbers and application layer headers

B. Presentation layer headers and the session layer port numbers

C. Network layer headers and the session layer port numbers

D. Application layer port numbers and the transport layer headers

Which of the following incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an organization?

A. Preparation phase

B. Containment phase

C. Identification phase

D. Recovery phase

Which system consists of a publicly available set of databases that contain domain name registration contact information?

A. WHOIS

B. CAPTCHA

C. IANA

D. IETF

The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the Central Processing Unit (CPU), rather than passing only the frames that the controller is intended to receive. Which of the following is being described?

A. Multi-cast mode

B. Promiscuous mode

C. WEM

D. Port forwarding