|
Question 1.
Which of the following statements is true concerning the authentication processes of PPTP and L2TP?
A. Their authentication processes are virtually the same.
B. PPTP authentication process is encrypted, where L2TP is not.
C. PPTP requires two levels of authentication; L2TP requires only one.
D. L2TP requires two levels of authentication; PPTP requires only one.
Answer: D
Question 2.
What does an intruder need to have to attack a network using network management tools like Hyena and LAN Browser?
A. Administrative Access.
B. Email Server
C. Wireless Card.
D. Application Layer Analyzer
Answer: A
Question 3.
You decide to utilize RBAC for your wireless VPN.
Which of the following is not an advantage of this arrangement?
A. Reduces administrative overhead.
B. Reduces unintentional denial of service occurrences.
C. Enables individualized account features.
D. Increases access of users to all network functions.
Answer: D
Question 4.
What is the term that refers to communications standards used to build and manage VPN connections and to encapsulate private data?
A. Pre-shared Keys
B. Tunneling Protocols
C. Passwords
D. Certificates
Answer: B
Question 5.
When WPA becomes a mandatory part of Wi-Fi certification testing, devices will be shipped with WPA security enabled by default.
What actions will the user have to take at that time?
A. Configure AP's for AES-CCMP
B. Configure AP's for certification testing.
C. No action is required. Device is preconfigured.
D. Configure a master key or authentication server.
Answer: D
Question 6.
Which of the following statements about WPA Pre-shared Keys is incorrect?
A. Allows use of manually entered keys or passwords.
B. Designed to be easy for home-user to configure
C. Passwords referred to as Master Keys.
D. Following password entry, TKIP is manually initiated.
Answer: D
Question 7.
Which of the following is used to ensure the security of packets en route to their destination?
A. Message Integrity Check
B. Authentication Server
C. Authenticator
D. Initialization Vector
Answer: A
Question 8.
Which IEEE standard is an interim security solution that implements and standardizes TKIP and 802.1x/EAP and is designed to run on existing hardware as a firmware patch.
A. 802.lx
B. WPA
C. 802.11i
D. 802.11f
Answer: B
Explanation:
There are several versions of WP
A. Having multiple and growing versions of WPA will undoubtedly cause some confusion among end-users and hardship on network administrators.
Question 9.
An advantage that VPN exhibits over 802.lx solutions is the ability to assign guest user, authorized user, and other types of privileges based on a user's function.
What is this called?
A. Pre-shared keys
B. Initialization vectoring
C. Broadcast key rotation
D. Role based access control
Answer: D
Question 10.
Which of the following is not a property of VPN connections?
A. Data Encryption
B. User Authentication
C. Encapsulation
D. Layer 2 Switch Routers
Answer: D
Question 11.
Which of the following is false concerning the use of Pre-Shared Keys in VPNs?
A. Can be either typed or pasted into the IPSec VPN configuration utility
B. Can configure multiple pre-shared keys for all L2TP/IPSec connections
C. if pre-shared key on VPN server is changed, a client using a pre-shared key will be unable to
connect.
D. Do not require investment in a PKI
Answer: B
Question 12.
Which of the following is not a type of VPN protocol?
A. PEAP
B. PPTP
C. L2TP
D. SSH2
Answer: A
Question 13.
In an attempt to compromise the passwords of a network, a hacker attempts a brute force attack.
What does this attack consist of?
A. A search is conducted using all known words.
B. A search is conducted using all possible combinations of numbers and letters.
C. A powerful RF signal is generated, forcing access.
D. A packet generator is used to overwhelm the access points.
Answer: B
Question 14.
Which category of general policy is designed to identify flaws in wireless networks before the networks become exposed to a malicious threat?
A. Impact analysis
B. Threat prevention
C. Risk assessment
D. Security auditing
Answer: D
Question 15.
Which of the following types of organizations should implement a wireless LAN security policy?
A. Organizations with critical data on their wireless LAN.
B. Organizations considering deploying a wireless LAN.
C. Organizations with only a wireless LAN
D. All organizations with any type of computer network
Answer: D
Question 16.
This Act sets out the provisions for access, use, disclosure, interception, and privacy protections of electronic communications.
A. 2003 U.S. A. Patriot Act
B. 1998 Identity Theft and Assumption Deterrence Act
C. 1986 Electronic Communications Privacy Act.
D. 1986 Computer Fraud and Abuse Act
Answer: C
Question 17.
What is the method that 802.11 vendors use to attempt to hide wireless LAN's from Nets tumbler?
A. Use MAC address in the beacons.
B. Use Probe Response in the beacons.
C. Use Broadcast SSID in the beacons.
D. Use Re associate Requests in the beacons.
Answer: C
Question 18.
What is the most critical success factor in implementing a wireless security policy?
A. End-user buy in.
B. Executive sponsorship.
C. Technical thoroughness.
D. Accurate assessments.
Answer: B
Question 19.
What does the term SPAM refer to?
A. Sending worm viruses via email
B. Sending unsolicited bulk email.
C. Sending trojan horse email viruses
D. Uploading pornographic material to a company website
Answer: B
Question 20.
What is the term that refers to the actions a hacker takes immediately after intruding into a system to open up more security holes in the system?
A. Unauthorized access
B. Opening the front door.
C. Hijacking
D. Spy lining
Answer: B
Question 21.
Which IEEE standard provides an authentication framework for 802-based LANs. It is not a purely wireless standard, and its users are identified by individual user credentials rather than hardware identifiers?
A. 802.lx
B. 802.11b
C. 802.11i
D. 802.11f
Answer: A
Question 22.
During the interim phase of WPA, with some phases of IEEE 802.11i in place, what is a major consideration a network administrator must have about using TKIP?
A. Lost message integrity checks
B. Possibility of weak-key attacks
C. Possibility of replay attacks
D. Lack of interoperability between vendors
Answer: D
Question 23.
What benefit does Windows 2000 service pack 3, called Sys Key, provide for network security?
A. Prevents peer file sharing.
B. Prevents decryption of the WEP key.
C. Offers better virus protection.
D. Prevents password capture by LOphtCrack.
Answer: D
Question 24.
Proprietary protocols are sometimes used for added security.
Which of the following would not be considered a security advantage of using a proprietary protocol?
A. Uses per packet authentication
B. Entire communication process strongly encrypted
C. Uses features not yet available on the market
D. Uses leading-edge encryption algorithms
Answer: C
Question 25.
Which of the following is a network design flaw with respect to redundancy?
A. Multiple frequency bands are used
B. AP co-location used
C. All AP's on same VLAN behind a router
D. AP's installed with hot/cold failover switches
Answer: C
Question 26.
Which of the following terms refers to the process a hacker may use to discover open wireless LANs.
A. War Driving
B. War Chalking
C. Trace Routing
D. Search Engines
Answer: A
Question 27.
Public Key Authentication is one of the most secure methods used to authenticate secure shell.
What is the range of bit lengths for each key?
A. 128 to 256 bits
B. 64 to 128 bits
C. 1024 to 2048 bits
D. 512 to 1024 bits
Answer: C
Question 28.
Because its bit strength is greater, providing better security with only a slight increase in overhead, which of the following data integrity mechanisms is recommended for use with IPSec?
A. SHA-1
B. MD5
C. DES
D. RC4
Answer: A
Question 29.
Which statement is true of the Transport and Tunnel modes of IPSec?
A. Tunnel mode encrypts only the payload (data).
B. Transport mode encrypts both the header and payload.
C. Transport mode encrypts only the payload (data).
D. Both modes encrypt both the header and payload.
Answer: C
Question 30.
What type of information gathering is used by an intruder to determine usage levels of parts of a LAN, peak activity periods, and where data is headed on the network?
A. LAN Mapping
B. Trace Routing
C. Target Profiling
D. Traffic Pattern Analysis
Answer: D
Question 31.
In a hijack to create a denial of service in a wireless LAN, what is the focal point of the hijack?
A. Layer 2
B. Layer 3
C. DHCP File Server
D. Authorized Access Point
Answer: A
Question 32.
A network-based IDS configured in the passive mode detects a rogue device placed downstream of an AP. What is the IDS response to this occurrence?
A. Initiates a network intrusion alarm and prints an alarm log.
B. Initiates an alarm and prompts a 'deny' probe response from the AP.
C. Initiates an alarm and disconnects the AP from the network.
D. Initiates an alarm and sends transmission to RADIUS server to deny access.
Answer: A
Question 33.
An engineer is working on a Microsoft Excel spreadsheet at a thin client computer when someone trips over the power cable, shutting down the machine.
After power is restored and the thin client computer is restarted, how much data has been lost?
A. All data. A thin client has no hard drive and can only make hard prints.
B. None. The data is located on the thin client's host server.
C. All data since the last save.
D. None. The thin client computer automatically saves data.
Answer: B
Question 34.
What is the principal security weakness of Enterprise Wireless Gateways?
A. Lack of protection for access points
B. Do not support IPSec protocol.
C. Lack of encryption on some Layers
D. Do not support RADIUS authentication.
Answer: A
Question 35.
Which of the following is not a component of the Kerberos system?
A. Key Distribution Center
B. Internal database of users
C. Client and server software applications
D. Security Policies
Answer: B
Question 36.
Why would an intruder choose a 900 MHz unit instead of 2.4 0Hz or 5.0Hz to place a rogue device onto a wireless network?
A. Prevents discovery of device.
B. Causes maximum disruption to the system.
C. Less expensive to deploy.
D. Offers less interference for transmission of data.
Answer: A
Question 37.
A self-replicating and self-proliferating virus often delivered in email is called a what?
A. Rogue
B. Spy ware
C. Trojan Horse
D. Worm
Answer: D
Question 38.
Which of the following is not true concerning a typical Kerberos implementation?
A. Dynamic encryption key distribution
B. New keys generated at start of every session
C. Mutual authentication
D. Clear text password entry and transmission
Answer: D
Question 39.
Before the inclusion of authentication protocols, DHCP was susceptible to hijacking. An attack would normally begin by jamming a particular channel.
What system response created the security hole?
A. Clients would be forced to roam, and would be unable to reconnect with the network.
B. Clients would be forced to roam, and then release their network IP addresses.
C. Clients would become saturated and would cease transmission of data.
D. Clients would be forced to roam, and then lease an IP address from a rogue DHCP server.
Answer: D
Question 40.
What is the term used for a system that inspects inbound and outbound traffic and attempts to identify suspicious activity?
A. Firewall
B. VPN Concentrator
C. Intrusion Detection System
D. Authentication Server
Answer: C
Question 41.
Which of the following actions would not represent a good baseline security action to be taken with SSIDs?
A. Keep SSID code settings confidential.
B. Change the default SSID setting to something cryptic
C. Change the SSID setting to the department name
D. Change the SSID setting to closed system
Answer: C
Question 42.
Which of the following actions will not enhance password "strength"?
A. Make passwords at least 8 characters in length
B. Change passwords monthly
C. Use mixed case, punctuation and numerals in passwords
D. Reuse passwords.
Answer: D
Question 43.
What is the general term referred to in U.S. code that means "any transfers of signs, signals, writing, images, sounds, data, or intelligence of any nature, transmitted in whole or part by wire, radio, EM, photo electronic or photo optical system..."
A. internet
B. world wide web
C. wireless transmission
D. electronic communications
Answer: D
Question 44.
What is the top target of a malicious hacker, bent on financial gain?
A. Identity theft
B. Credit card numbers
C. Corporate secrets
D. Personal information
Answer: B
Question 45.
What is the benefit of having an outside consultant perform a security audit of a network?
A. Reduces impact on staff
B. Saves money
C. Creates easy target to assign blame to
D. Provides fresh perspective on potential risks
Answer: D
Question 46.
In order to enhance the security of their wireless network, an organization decides to purchase enterprise class access points that support leading edge technologies.
Generally, how will this decision change the cost of their access points?
A. Raises cost by about 500%
B. Slightly lowered cost
C. Essentially the same.
D. Raises cost by about 200%
Answer: D
Question 47.
What type of device can be deployed on an enterprise class access point that will alert system management of a packet flooding type of denial of service attack?
A. Auto dialer
B. SNMP trap
C. Signal generator
D. RF antenna
Answer: B
Question 48.
A scenario where a hacker intrudes on one network to send malicious data, like SPAM or viruses, to another network is referred to as what?
A. Malicious data insertion
B. Hijacking
C. Illegal transmission
D. Third path attack
Answer: D
Question 49.
Which of the following issues is not one that must be addressed by a company's wireless security plan?
A. Capacity
B. Intrusion
C. Privacy
D. Resources
Answer: A
Question 50.
How does installing software that generates fake access points help to reduce the effectiveness of discovery tools like Nets tumbler and Kismet?
A. Forces the programs to channel hop.
B. Jams data transmission with multiple probe response frames.
C. Fools the programs into believing there are hundreds of access points on the network.
D. Overloads the discovery program with data.
Answer: C
Question 51.
Which type of attack against WEP is performed by capturing encrypted packets, changing some of the data within them, and then resending the packets?
A. Replay
B. Weak-key
C. Collision
D. Forgery
Answer: D
Question 52.
An access point is using an EAP protocol. A client device responds to an EAP request identity message by sending an EAP response packet.
What is the next action the AP takes?
A. AP forwards EAP-response to authentication server
B. AP enables port to authorized state.
C. AP sends an EAP-reject message to client
D. AP sends an EAP-success message to client
Answer: A
Question 53.
Creating three wired and wireless VLANs in an enterprise environment and separating them into full-time employee, part-time employee and guess access sectors would be an example of what kind of deployment strategy?
A. Segmentation by user group
B. Enterprise encryption gateway
C. Segmentation by device type
D. Enterprise wireless gateway
Answer: A
Question 54.
Which encryption scheme is a symmetric-key algorithm used to protect sensitive Federal information, but is a CPU intensive algorithm that will require co-processing in wireless systems?
A. DES/3DES
B. RC5
C. RC4
D. AES
Answer: D
Question 55.
Which of the following actions is not a form of social engineering?
A. Calling the help desk and asking for secure information.
B. Searching through a company's trash to find a phone list and org chart.
C. Sending fake instant messages asking for information from authorized sources.
D. Using a directional antenna and Nets tumbler to obtain LAN information.
Answer: D
Question 56.
Which is not a sub-routine performed during an RC5 encryption routine?
A. bitwise XOR
B. key expansion
C. variable rotation
D. integer addition
Answer: B
Question 57.
What method would an intruder use to force local client devices to roam, or to introduce interference to examine stability?
A. RF Jamming
B. Port Scanning
C. Operating System Fingerprinting
D. War walking
Answer: A
Question 58.
Which of the following actions will not enhance outdoor bridge link security?
A. Utilize strong encryption and authentication
B. Enable client connectivity at the bridge
C. Change the bridge default settings
D. Use 802.1x/EAP authentication.
Answer: B
Question 59.
Which of the following is the least effective manner of enforcing end-user compliance with corporate wireless security policy?
A. Small group accountability
B. Financial incentives
C. Restricting network use
D. Periodic spot checks
Answer: C
|
Question 1. In VBA what needs to be done in order to use DUOS methods and properties? A. Declare the collection B. Declare the object C. Mark the Required Declaration Option D. Mark a reference to the DUOS tables Answer: A, B Question 2. How are upgrades to the Great Plains application released? A. Package Files B. Services Packs C. Major Releases D. None of the above Answer: B, C Question 3. Using VBA, what type of events exist for Great Plains reports? A. Start Events B. End Events C. Band Events D. Field Events Answer: A, B, C Question 4. When exporting data from Great Plains to a mail merge, what is true about the data source? A. A new data source must always be created B. An existing data source can be used C. The data source can be an excel document D. The data source can be a text file Answer: B, C, D Question 5. You are asked to modify a Great Plains window by adding fields to it. Using Modifier, what type of fields can be added? A. Local Fields B. Fields from any table attached to the form C. Fields from the auto-linked table D. Fields from the table created by the user Answer: A, C Question 6. Declaring variables before using them in your code is recommended. Doing this alleviates incorrect names of a variables when writing code and the scope of the variable can also be defined. In the VBA options window you can mark an option called “Require Variable Declaration”. It this option is marked what displays in the code window before any procedure? A. Option Explicit B. Explicit C. Implicit D. Force Explicit Answer: A Question 7. Using VBA code, how do you verify if a window is open? A. Is Open Method B. Is Loaded Method C. Is Open Property D. Is Loaded Property Answer: D Question 8. In the VBA Properties window what options are listed for the Event Mode property? A. emOriginalonly B. emAlways C. emMudifiedOnly D. emNever Answer: A, C, D Question 9. In VBA what window event can be used to check which button the user pushed on a modal dialog message? A. After Modal Dialog B. Before Modal Dialog C. After Close D. Before Close Answer: A Question 10 In the Great Plains application, how can you visually identify that a window has been customized using Modifier? A. “Modified” is displayed at the top of the window B. “Modified” is displayed at the bottom of the window C. “Modified” appears after the title of the window D. A period appears before the title of the window Answer: D
Copyright © 2004 CertsBraindumps.com Inc. All rights reserved.