- Email support@dumps4free.com
Topic 1: Exam Pool A
What is the minimum number of network connections in a multihomed firewall?
A.
3
B.
5
C.
4
D.
2
3
Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for endto-
end encryption of the connection?
A.
SFTP
B.
Ipsec
C.
SSL
D.
FTPS
Ipsec
Explanation: https://en.wikipedia.org/wiki/IPsec
Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and
encrypts the packets of data to provide secure encrypted communication between two
computers over an Internet Protocol network. It is used in virtual private networks (VPNs).
IPsec includes protocols for establishing mutual authentication between agents at the
beginning of a session and negotiation of cryptographic keys to use during the session.
IPsec can protect data flows between a pair of hosts (host-to-host), between a pair of
security gateways (network-to-network), or between a security gateway and a host
(network-to-host). IPsec uses cryptographic security services to protect communications
over Internet Protocol (IP) networks. It supports network-level peer authentication, dataorigin
authentication, data integrity, data confidentiality (encryption), and replay protection.
The initial IPv4 suite was developed with few security provisions. As a part of the IPv4
enhancement, IPsec is a layer 3 OSI model or internet layer end-to-end security scheme.
In contrast, while some other Internet security systems in widespread use operate above
layer 3, such as Transport Layer Security (TLS) that operates at the Transport Layer and
Secure Shell (SSH) that operates at the Application layer, IPsec can automatically secure
applications at the IP layer.
Which of the following is assured by the use of a hash?
A.
Authentication
B.
Confidentiality
C.
Availability
D.
Integrity
Integrity
Bob is doing a password assessment for one of his clients. Bob suspects that security
policies are not in place. He also suspects that weak passwords are probably the norm
throughout the company he is evaluating. Bob is familiar with password weaknesses and
key loggers.
Which of the following options best represents the means that Bob can adopt to retrieve
passwords from his clients hosts and servers?
A.
Hardware, Software, and Sniffing
B.
Hardware and Software Keyloggers
C.
Passwords are always best obtained using Hardware key loggers.
D.
Software only, they are the most effective
Hardware, Software, and Sniffing
Which is the first step followed by Vulnerability Scanners for scanning a network?
A.
OS Detection
B.
Firewall detection
C.
TCP/UDP Port scanning
D.
Checking if the remote host is alive
Checking if the remote host is alive
Explanation: Vulnerability scanning solutions perform vulnerability penetration tests on the
organizational network in three steps:
1. Locating nodes: The first step in vulnerability scanning is to locate live hosts in the target network using various scanning techniques.
2. Performing service and OS discovery on them: After detecting the live hosts in the
target network, the next step is to enumerate the open ports and services and the operating
system on the target systems.
3. Testing those services and OS for known vulnerabilities: Finally, after identifying the
open services and the operating system running on the target nodes, they are tested for
known vulnerabilities.
| Page 14 out of 114 Pages |
| Previous |