- Email support@dumps4free.com
Topic 1: Exam Pool A
Bob, a network administrator at BigUniversity, realized that some students are connecting
their notebooks in the wired network to have Internet access. In the university campus,
there are many Ethernet ports available for professors and authorized visitors but not for
students.
He identified this when the IDS alerted for malware activities in the network. What should
Bob do to avoid this problem?
A.
Disable unused ports in the switches
B.
Separate students in a different VLAN
C.
Use the 802.1x protocol
D.
Ask students to use the wireless network
Use the 802.1x protocol
You have gained physical access to a Windows 2008 R2 server which has an accessible
disc drive. When you attempt to boot the server and log in, you are unable to guess the
password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool
can change any user’s password or activate disabled Windows accounts?
A.
John the Ripper
B.
SET
C.
CHNTPW
D.
Cain & Abel
CHNTPW
What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming
through the firewall if your network is comprised of Windows NT, 2000, and XP?
A.
110
B.
135
C.
139
D.
161
E.
445
F.
1024
135
139
445
What is not a PCI compliance recommendation?
A.
Use a firewall between the public network and the payment card data.
B.
Use encryption to protect all transmission of card holder data over any public network.
C.
Rotate employees handling credit card transactions on a yearly basis to different
departments.
D.
Limit access to card holder data to as few individuals as possible.
Rotate employees handling credit card transactions on a yearly basis to different
departments.
Explanation:
https://www.pcisecuritystandards.org/pci_security/maintaining_payment_security
Build and Maintain a Secure Network
1. Install and maintain a firewall configuration to protect cardholder data.
2. Do not use vendor-supplied defaults for system passwords and other security
parameters.
Protect Cardholder Data
3. Protect stored cardholder data.
4. Encrypt transmission of cardholder data across open, public networks.
Maintain a Vulnerability Management Program
5. Use and regularly update anti-virus software or programs.
6. Develop and maintain secure systems and applications.
Implement Strong Access Control Measures
7. Restrict access to cardholder data by business need-to-know.
8. Assign a unique ID to each person with computer access.
9. Restrict physical access to cardholder data.
Regularly Monitor and Test Networks
10. Track and monitor all access to network resources and cardholder data.
11. Regularly test security systems and processes.
Maintain an Information Security Policy
12. Maintain a policy that addresses information security for employees and contractors.
A hacker is an intelligent individual with excellent computer skills and the ability to explore a
computer’s software and hardware without the owner’s permission. Their intention can
either be to simply gain knowledge or to illegally make changes.
Which of the following class of hacker refers to an individual who works both offensively
and defensively at various times?
A.
White Hat
B.
Suicide Hacker
C.
Gray Hat
D.
Black Hat
Gray Hat
| Page 2 out of 114 Pages |
| Previous |