Which of the following types of attacks cannot be prevented by technical measures only?

A. Social engineering

B. Brute force

C. Smurf DoS

D. Ping flood attack

Which of the following are the centralized administration technologies? Each correct answer represents a complete solution. Choose all that apply.

A. RADIUS

B. TACACS+

C. Media Access control

D. Peer-to-Peer

Which of the following encryption algorithms is used by the Clipper chip, which supports the escrowed encryption standard?

A. Skipjack

B. Blowfish

C. AES

D. IDEA

Which of the following tenets does the CIA triad provide for which security practices are measured? Each correct answer represents a part of the solution. Choose all that apply.

A. Integrity

B. Accountability

C. Availability

D. Confidentiality

Peter works as a Network Administrator for Net World Inc. The company wants to allow remote users to connect and access its private network through a dial-up connection via the Internet. All the data will be sent across a public network. For security reasons, the management wants the data sent through the Internet to be encrypted. The company plans to use a Layer 2 Tunneling Protocol (L2TP) connection. Which communication protocol will Peter use to accomplish the task?

A. IP Security (IPSec)

B. Microsoft Point-to-Point Encryption (MPPE)

C. Pretty Good Privacy (PGP)

D. Data Encryption Standard (DES)

Which of the following statements about Network Address Translation (NAT) are true? Each correct answer represents a complete solution. Choose three.

A. It hides the internal IP addressing scheme.

B. It protects network from the password guessing attacks.

C. It is used to connect private networks to the public Internet.

D. It shares public Internet addresses with a large number of internal network clients.

Fill in the blank with the appropriate encryption system. The encryption system is an asymmetric key encryption algorithm for the public-key cryptography, which is based on the Diffie- Hellman key agreement.

A. ElGamal

Which of the following should the administrator ensure during the test of a disaster recovery plan?

A. Ensure that the plan works properly

B. Ensure that all the servers in the organization are shut down.

C. Ensure that each member of the disaster recovery team is aware of their responsibility.

D. Ensure that all client computers in the organization are shut down.

Which of the following disaster recovery tests includes the operations that shut down at the primary site, and are shifted to the recovery site according to the disaster recovery plan?

A. Structured walk-through test

B. Simulation test

C. Full-interruption test

D. Parallel test

You work as a Security Manager for Tech Perfect Inc. The management tells you to implement a hashing method in the organization that can resist forgery and is not open to the man-in-the-middle attack. Which of the following methods will you use to accomplish the task?

A. MD

B. NTLM

C. MAC

D. SHA

In your office, you are building a new wireless network that contains Windows 2003 servers. To establish a network for secure communication, you have to implement IPSec security policy on the servers. What authentication methods can you use for this implementation? Each correct answer represents a complete solution. Choose all that apply.

A. Public-key cryptography

B. Kerberos

C. Preshared keys

D. Digital certificates

Which of the following processes is used by remote users to make a secure connection to internal resources after establishing an Internet connection?

A. Spoofing

B. Packet sniffing

C. Tunneling

D. Packet filtering