Phreaking#220 Demo questions ^  Lingo Q12: The art and science of cracking the phone network 											
B#220 Demo questions ^  CISSP1 Q.70: While referring to Physical Security, what does Positive pressurization means? 	^A: The pressure inside your sprinkler system is greater than zero.	^B: The air goes out of a room when a door is opened and outside air does not go into the room.	^C: Causes the sprinkler system to go off.	^D: A series of measures that increase pressure on employees in order to make them more productive.							
A#220 Demo questions ^  RedHat Q58.Which of the following commands would block all ICMP packets from the host 1.2.3.4 coming to your machine?	^A. iptables -A INPUT -s 1.2.3.4 -p icmp -j DROP	^B. iptables -A INPUT -s 1.2.3.4 -p icmp -j DENY	^C. iptables -A OUTPUT -s 1.2.3.4 -p icmp -j DENY	^D. iptables -A OUTPUT -s 1.2.3.4 -p icmp -j DROP							
B#220 Demo questions ^  CCNA Q.319 	At which OSI layer is the best path to a network determined?	^A: Data Link	^B: Network	^C: Physical	^D: Presentation	^E: Session	^F: Transport				
A,B	#220 Demo questions ^  Wlan4FE Q71 The Cisco Aironet 1200 Series is compliant with what IEEE standards? (Choose all thatapply.)		^A: 802.11a		^B: 802.11b		^C: 802.11x		^D: 802.11g		^E: 802.11c
B#220 Demo questions ^  CISSP3 Q.106:  What is not true with pre -shared key authentication within IKE / IPsec protocol:	^A: Pre-shared key authentication is normally based on simple passwords.	^B: Needs a PKI to work.	^C: Only one preshared key for all VPN connections is needed.	^D: Costly key management on large user groups.							
C#220 Demo questions ^  Compsec Q19. A problem with air conditioning is causing fluctuations in temperature in the server room. ^   The temperature is rising to 90 degrees when the air conditioner stops working, and then drops to 60 degrees when it starts working again. The problem keeps occurring over the next two days. ^  What problem may result from these fluctuations? (Select the best answer) 	^A. Electrostatic discharge 	^B. Power outages 	^C. Chip creep 	^D. Poor air quality 							
C#220 Demo questions ^  CISSP3 Q.13:  Due are is not related to:  	^A: Good faith	^B: Prudent man	^C: Profit	^D: Best interest							
D#220 Demo questions ^  Wlan4SE Q39. What is the angle of coverage that an antenna radiates?	^A. gain	^B. diversity	^C. bandwidth	^D. beamwidth	^E. Fresnel zone						
C#220 Demo questions ^  CCNA Q.300	Which commands displays RIP routing updates as they are sent and received by the router?	^A: show ip protocols	^B: show ip route rip	^C: debug ip rip	^D: debug ip updates	^E: debug ip transactions					
radio frequency	#220 Demo questions ^  Wlan4FE Q23 What is RF a shorthand for?										
C#220 Demo questions ^  CISSP1 Q.147: What is called the number of columns in a table? 	^A: Schema	^B: Relation	^C: Degree	^D: Cardinality							
C#220 Demo questions ^  Linux Q11. Which command will give you the total amount of free kilobytes on all disk partitions?	^A: du.	^B: df.	^C: df -k.	^D: du -k.	^E: free -a.						
B#220 Demo questions ^  RedHat Q27.What does the second field in the file /etc/auto.master refer to?	^A. The mount point	^B. The map file to be consulted	^C. Options	^D. A filesystem alias							
C#220 Demo questions ^  CIW Q36. What is the most common security problem on a client/server network?	^A: Outdated software	^B: Old login accounts	^C: Non-secured ports	^D: Browser flaws							
D#220 Demo questions ^  CCNA Q. 226 	What is an example of a valid MAC address? 	^A: 192.201.63.251 	^B: 19-22-01-63-25 	^C: 0000.1234.FEG 	^D: 00-00-12-34-FE-AA 						
B	#220 Demo questions ^  Wlan4FE Q29 Network managers are using WLANs to facilitate:		^A: security		^B: network moves		^C: cost savings		^D: performance tuning
B#220 Demo questions ^  CISSP4 Q.168:  In the world of keystroke dynamics, what represents the amount of time it takes a person to switch between keys?  	^A: Dynamic time	^B: Flight time	^C: Dwell time	^D: Systems time.					
A#220 Demo questions ^  CISSP4 Q.147:  Which of the following is an effective measure against a certain type of brute force password attack? ^A: Password used must not be a word found in a dictionary.	^B: Password history is used.	^C: Password reuse is not allowed.	^D: None of the choices.						
B#220 Demo questions ^  RedHat Q73.In order to set the time zone to 'US/Eastern' via Kickstart, what must be in the Kickstart configuration file?	^A. tz US/Eastern	^B. timezone US/Eastern	^C. It is not possible to set time zone	^D. timeconfig US/Eastern					
D#220 Demo questions ^  CISSP3 Q.52:  Making sure that the data is accessible when and where it is needed is which of the following?  	^A: Confidentiality	^B: Integrity	^C: Acceptability	^D: Availability					
C	#220 Demo questions ^  CCIE Q34 MPLS traffic engineering routing information is carried by:^A. BGP MEDs^B. MP-BGP^C. OSPF Opaque LSAs or IS-IS TLVs^D. RTP or RTCP packets								
A#220 Demo questions ^  CISSP2 Q.73:  What defines an imposed access control level? 	^A: MAC	^B: DAC	^C: SAC	^D: CAC					
A	#220 Demo questions ^  CCIE Q3 A network administrator is running OSPF demand circuit across an ISDN link. What statement iscorrect?^A. The calling router must be network type pointpoint.^B. OSPF demand circuit requires network type non-broadcast.^C. OSPF demand circuit will not trigger the link if an OSPF interface goes down.^D. OSPF demand circuit will bring up the link if the topology of the network changes.								
A#220 Demo questions ^  Wlan4SE Q57. Which Cisco antenna has the narrowest angle of radiation?	^A. 21 dBi dish	^B. 6 dBi patch	^C. 13.5 dBi Yagi	^D. 8.5 dBi patch					
B#220 Demo questions ^  CISSP4 Q.70:  The Lattice Based Access Control model was developed to deal mainly with ___________ in computer systems.  	^A: Access control	^B: Information flow	^C: Message routes	^D: Encryption					
D#220 Demo questions ^  CISSP1 Q.129: In the following choices there is one that is a typical biometric characteristics that is not used to uniquely authenticate an individual's identity? 	^A: Retina scans	^B: Iris scans	^C: Palm scans	^D: Skin scans					
C#220 Demo questions ^  CISSP4 Q.85:  Access controls that are not based on the policy are characterized as:  	^A: Secret controls	^B: Mandatory controls	^C: Discretionary controls	^D: Corrective controls					
D#220 Demo questions ^  CISSP3 Q.76:  Which of the following is addressed by Kerberos?  	^A: Confidentiality and integrity.	^B: Authorization and authentication.	^C: Validation and integrity.	^D: Confidentiality and integrity.					
A#220 Demo questions ^  CISSP1 Q.59: RAID Software can run faster in the operating system because neither use the hardware -level parity drives by? 	^A: Simple striping or mirroring.	^B: Hard striping or mirroring.	^C: Simple hamming code parity or mirroring.	^D: Simple striping or hamming code parity.					
D#220 Demo questions ^  CISSP4 Q.140:  Which of the following are the advantages of using passphrase?  	^A: Difficult to crack using brute force.	^B: Offers numerous characters.	^C: Easier to remember.	^D: All of the choices.					
CCC#220 Demo questions ^  History Q96:1997 In a proof-of-concept the CCC showed the German press how to read the information off a German Eurocheque-ATM card using a common, inexpensive magnetic-card reader									
A	#220 Demo questions ^  CCIE Q182 On a Full Duplex Gigabit link between a Router and a switch the collision counter is incrementing.What is the likely cause?^A. Collisions cannot occur on a Full Duplex Gigabit Link so this is either due to a bug or brokenequipment.^B. The Router is receiving too much traffic and is asserting the Collision signal to be able to slow down therate that the switch is sending traffic.^C. Both the Router and the Switch attempted to send at the same time, both detected this and then backedoff and retransmitted after a random amount of time.This is not the problem.^D. The switch and the router might be running 802.1q trunking.When using 802.1q trunking, a collision is counted every time a frame comes in on an incorrect lengthfield.								
A#220 Demo questions ^  CISSP2 Q.135:  Retinal scans check for: 	^A: Something you are.	^B: Something you have.	^C: Something you know.	^D: All of the choices.					
A#220 Demo questions ^  CISSP4 Q.113:  As a type of access control, which of the following asks for avoiding occurrence?  	^A: Preventive	^B: Deterrent	^C: Intrusive	^D: Detective					
B	#220 Demo questions ^  Wlan4FE Q112 How far is typical line of site, without the use of towers, buildings, etc?		^A: 2 miles		^B: 6 miles		^C: 18 miles		^D: 24 miles
A#220 Demo questions ^  CCNA Q. 141:	Which keystroke allows IOS to complete a partial command entry?	^A: <Tab>	^B: <Ctrl R>	^C: <Spacebar>	^D: <Right Arrow>				
B#220 Demo questions ^  CISSP4 Q.88:  Under DAC, a subjects rights must be ________ when it leaves an organization altogether.  	^A: recycled	^B: terminated	^C: suspended	^D: resumed					
A#220 Demo questions ^  RedHat Q63.What option must be specified in a directive in order to allow execution of CGI scripts in that directory?	^A. ExecCGI	^B. CGI	^C. Executable	^D. Includes					
B#220 Demo questions ^  History Q85:In December 1995 the tuscan group of Strano Network calls for the first global Netstrike, to protest against	^A:The war in Bosnia	^B: the nuclear experiments at Mururoa	^C: The sinking of Greenpeace's Rainbow Warroir ^D: The assassination of Rabin at peace rally 						
D#220 Demo questions ^  CCNA Q. 144:	Which command enables directly connected network 199.55.72.0 to be used by RIP?	^A: Router(Config)#220 Demo questions ^   rip 199.55.0.0	^B: Router(Config-router)#220 Demo questions ^   rip 199.55.72.0	^C: Router(Config-router)#220 Demo questions ^   network 199.55.0.0	^D: Router(Config-router)#220 Demo questions ^   network 199.55.72.0				
A#220 Demo questions ^  CISSP4 Q.198:  Which of the following correctly describe the features of SSO?  	^A: More efficient log-on.	^B: More costly to administer.	^C: More costly to setup.	^D: More key exchanging involved.					
B	#220 Demo questions ^  CCIE Q59 The IEEE 802.5 standard defines the specifications for token ring networks. The standard uses acentralized ring maintenance mechanism called active monitor that oversees the ring. What is NOT aresponsibility of the active monitor?^A. Checking for lost tokens.^B. Locating breaks in the ring.^C. Removing continuously circulating frames resulting from a failed sending device from the ring-^D. Cleaning up the ring when garbled frames appear.^E. Inserting delay bits to the ring if it is not big enough for the token to circulate.								
A	#220 Demo questions ^  Wlan4FE Q73 Cisco Aironet 1200 Series allows for both singleband configuration.		^A: True		^B: False		^C: This is not always true  must be judged case by case		
B#220 Demo questions ^  CCNA Q. 128:	What is a key use of a device hardware address?	^A: To obtain a vendor code/serial number from the user.	^B: To transmit a frame from one interface to another interface	^C: To transmit a packet from one local device to another local device.	^D: To transmit data from one local device to remote device across Internet.	^E: To contain logical information about a device to use an end-to-end transmission.			
A	#220 Demo questions ^  CCIE Q35 What type of EIGRP packets carry the Init flag embedded?^A. Hello^B. Update^C. Query^D. Reply^E. Ack								
B#220 Demo questions ^  CCNA Q. 169:	Which encapsulation type should be used for the S0 port of router R2?	^A: SAP	^B: HDLC	^C: ARPA	^D: Novel Ether				
B#220 Demo questions ^  CISSP3 Q.64:  Which of the following are NOT a countermeasure to traffic analysis?  	^A: Padding messages	^B: Eavesdropping	^C: Sending noise	^D: Covert channel analysis					
D#220 Demo questions ^  Compsec Q162. When a change to user security policy is made, the policy maker should provide appropriate documentation to: 	^A. The security administrator. 	^B. Auditors 	^C. Users 	^D. All staff. 					
B#220 Demo questions ^  CISSP4 Q.41:  Root login should only be allowed via:	^A: Rsh	^B: System console	^C: Remote program	^D: VNC					
A	#220 Demo questions ^  Wlan4FE Q33 The frequencies that an antenna is tuned for is referred to as the antenna's __________.		^A: bandwidth		^B: beamwidth		^C: Fresnel range		^D: frequency seperation
C#220 Demo questions ^  CISSP2 Q.53:  Under Role based access control, access rights are grouped by: 	^A: Policy name	^B: Rules	^C: Role name	^D: Sensitivity label					
A	#220 Demo questions ^  CCIE Q46 What is the goal of the ISIS CSNP and the PSNP packets?^A. PSNP are used either to acknowledge the receipt or to request the retransmission of the latest version ofan LSP while the CSNP are used for synchronizing the LS Database or adjacent neighbors.^B. CSNP are used either to acknowledge the receipt to or to request the retransmission of the latest versionof an LSP while the PSNP are used for synchronizing the LS Database of adjacent neighbors.^C. PSNP are used to acknowledge the receipt of the latest version of an LSP while the CSNP are usedeither for synchronizing the LS Database of adjacent neighbors or to request the retransmission of anLSP.^D. CSNP are used to acknowledge the receipt of the latest version of an LSP while the PSNP are usedeither for synchronizing the LS Database of adjacent neighbors or to request the retransmission of anLSP.								
B#220 Demo questions ^  RedHat Q87.Windows 2000 will work with plaintext passwords by default so the 'encrypt password' option is not necessary for Samba shares.	^A. True	^B. False							
B#220 Demo questions ^  CIW Q21. Kerstin connected to an e-commerce site and brought a new mouse pad with her credit card for $5.00 plus shipping and handling. She never received her mouse pad so she called her credit card company to cancel the transaction. She was not charged for the mouse pad, but she received multiple charges she knew nothing about. She tried to connect to the site again but could not find it. Which type of hacking attack occurred?	^A: Denial-of-service attack	^B: Hijacking attack	^C: Illicit server attack	^D: Spoofing attack					
B	#220 Demo questions ^  CCIE Q176 RTP typically uses which protocols as a transport?^A. IP/TCP^B. IP/UDP^C. IP/RTCP^D. H.323/H.245^E. None of the above.								
A#220 Demo questions ^  CISSP2 Q.155:  Biometric performance is most commonly measured in terms of: 	^A: FRR and FAR	^B: FAC and ERR	^C: IER and FAR	^D: FRR and GIC					
D#220 Demo questions ^  CISSP1 Q.116: Immune to the effects of electromagnetic interference (EMI) and therefore has a much longer effective usable length (up to two kilometers in some cases) is? 	^A: Coaxial cable	^B: Twisted Pair cable	^C: Axial cable	^D: Fiber Optic cable					
C	#220 Demo questions ^  Wlan4FE Q90 When configuring the Cisco Secure ACS server for use with WLANs, the NetworkAccess Server is _______.		^A: The ACS servers IP address		^B: The ACS servers DNS name		^C: Individual Access Points on the network		^D: The master Access Point on the network
A#220 Demo questions ^  Compsec Q338. Which of the following is NOT a field of a X.509 v.3 certificate? 	^A. private key	^B. issuer 	^C. serial number 	^D. subject					
D#220 Demo questions ^  Compsec Q186. Which encryption scheme relies on both the sender and receiver to use different keys to encrypt and decrypt messages? 	^A. Symmetric 	^B. Blowfish 	^C. Skipjack 	^D. Asymmetric 					
C 	#220 Demo questions ^  CCSA Q75. As a firewall administrator, you are required to create VPN1 users for authentication. ^  When you create a user for user authentication, the data is stored in the? ^A.  Inspect Engine.   ^B.  Rule base. ^C.  Users database    ^D.  Rulebase fws file ^E.  Inspect module. 								
tcp over DNS#220 Demo questions ^  CC Q14: a typical of application-layer tunneling is:									
D#220 Demo questions ^  Compsec Q136. Which of the following steps in the SSL (Secure Socket Layer) protocol allows for client and server authentication, MAC (Mandatory Access Control) and encryption algorithm negotiation, and selection of cryptographic keys? 	^A. SSL (Secure Sockets Layer) alert protocol. 	^B. SSL (Secure Sockets Layer) change cipher spec protocol. 	^C. SSL (Secure Sockets Layer) record protocol. 	^D. SSL (Secure Sockets Layer) handshake protocol. 					
A#220 Demo questions ^  CIW Q33. What host-level information would you want to obtain so you can exploit defaults and patches?	^A: Servers	^B: Routers and switches	^C: Databases	^D: Firewall types				
C#220 Demo questions ^  CISSP3 Q.39:  According to private sector data classification levels, how would salary levels and medical information be classified?  	^A: Public	^B: Sensitive	^C: Private	^D: Confidential				
C#220 Demo questions ^  History Q12: What did Robert Morris wrote in 1988?	^A: A Virus	^B: A Trojan	^C: A Worm	^D: A Hoax				
C#220 Demo questions ^  CIW Q26. Which service, command or tool discovers the IP addresses of all computers or routers between two computers on an internet/intranet network?	^A: Whois	^B: Port scanner	^C: Traceroute	^D: Nslookup				
B	#220 Demo questions ^  CCIE Q118 When doing an IPX ping from a Cisco router to a Novell server there is no response.What is a possible cause?^A. Novell Servers never responds to IPX pings.This only works between Cisco Routers.^B. Cisco IPX Pings are being sent to a Novell Server.^C. There is no IPX network configured on Loopback 0.^D. The IPX server table doesnt contain the correct SAP entry.^E. All of the above.							
B#220 Demo questions ^  CIW Q40. Kerstin wants to improve the security on her FTP server. She is worried about password-sniffing attacks. Which of the following is the best action for her to take?	^A: Disable anonymous logins	^B: Allow only anonymous logins	^C: Configure the firewall to block port 21	^D: Place the FTP server outside of the firewall				
SMTPS#220 Demo questions ^  CC Q23: a protocol built to encapsulate or pickyback other data:								
A,B#220 Demo questions ^  CCNA Q. 83:	What is the two most common request/reply pair with ICMP messages when using the ping command? (Choose two)	^A: Echo reply	^B: Echo request	^C: Source quench	^D: Fragment offset	^E: Information redirect	^F: Destination reachable	^G: Echo control message
Paris Hilton#220 Demo questions ^  History Q75: 2005 stores in New York are selling out of Sidekicks despite or, more likely, because of that fact that celebrity phone numbers and naughty pictures were stolen off one belonging to bad-girl heiress _________								
C,D#220 Demo questions ^  CCNA Q. 254 	Which of the following Ethernet standards can operate in full-duplex mode? (Choose two.) 	^A: 10Base2 	^B: 10Base5 	^C: 10BaseT 	^D: 100BaseT 			
B#220 Demo questions ^  CISSP2 Q.142:  On UNIX systems, passwords shall be kept: 	^A: In any location on behalf of root.	^B: In a shadow password file.	^C: In the /etc/passwd file.	^D: In root.				
B	#220 Demo questions ^  CCIE Q157 In IP multicast networks, the Reverse Path Forward (RPF) check is primarily used to:^A. Determine which interfaces should be including in the outgoing interface list.^B. Prevent multicast traffic from looping through the network.^C. Prevent multicast traffic from being sent by unauthorized sources.^D. Establish the reverse flow path of multicast traffic from the receiver to the source.							
B#220 Demo questions ^  CISSP4 Q.138:  Which of the following will you consider as most secure?  	^A: Password	^B: One time password	^C: Login phrase	^D: Login ID				
EXPORT_NO_SYMBOLS#220 Demo questions ^  Rootkist Q15: Normally functions defined in the LKM will be exported so that other LKM can use them. Hiding these symbols is necessary and macro can be used is ____________. This will prevent any symbol from being exported.								
D#220 Demo questions ^  CISSP2 Q.148:  Which of the following are measures against password sniffing? 	^A: Passwords must not be sent through email in plain text.	^B: Passwords must not be stored in plain text on any electronic media.	^C: You may store passwords electronically if it is encrypted.	^D: All of the choices.				
D#220 Demo questions ^  Compsec Q124. A malformed MIME (Multipurpose Internet Mail Extensions) header can: 	^A. Create a back door that will allow an attacker free access to a companys private network. 	^B. Create a virus that infects a users computer. 	^C. Cause an unauthorized disclosure of private information. 	^D. Cause an e-mail server to crash. 				
D#220 Demo questions ^  CISSP1 Q.78: Why is public key cryptography recommended for use in the process of securing facsimiles during transmission? 	^A: Keys are never transmitted over the network.	^B: Data compression decreases key change frequency.	^C: Key data is not recognizable from facsimile data.	^D: The key is securely passed to the receiving machine.				
A#220 Demo questions ^  CISSP3 Q.97:  Which of the following protocols is not implemented at the Internet layer of the TCP/IP protocol model?  	^A: User datagram protocol (UDP)	^B: Internet protocol (IP)	^C: Address resolution protocol (ARP)	^D: Internet control message protocol (ICMP)				
C#220 Demo questions ^  CISSP4 Q.115:  As a type of access control, which of the following asks for discouraging occurrence?  	^A: Detective	^B: Intrusive	^C: Deterrent	^D: Preventive				
A#220 Demo questions ^  Compsec Q260. Which of the following keys is contained in a digital certificate? 	^A. public key. 	^B. private key. 	^C. hashing key. 	^D. session key. 				
C#220 Demo questions ^  CCNA Q.312	Which command correctly configures an IP address on a Cisco router interface?	^A: router(config-if)#220 Demo questions ^   ip address 172.18.32.1 subnet mask 255.255.252.0	^B: router(config-if)#220 Demo questions ^   172.18.32.1 255.255.252.0	^C: router(config-if)#220 Demo questions ^   ip address 172.18.32.1 255.255.252.0	^D: router(config-if)#220 Demo questions ^   255.255.252.0 subnet mask 255.255.252.0	^E: router(config-if)#220 Demo questions ^   ip address 172.18.32.1/22	^F: router(config-if)#220 Demo questions ^   ip address 172.18.32.1 subnet mask /22	
A#220 Demo questions ^  Compsec Q375. While surfing the Internet a user encounters a pop-up window that prompts the user to download a browser plug-in. ^  The pop-up window is a certificate which validates the identity of the plug-in developer. Which of the following best describes this type of certificate? 	^A. software publisher certificate 	^B. web certificate 	^C. CA (Certificate Authority) certificate 	^D. server certificate 				
D 	#220 Demo questions ^  CCSA Q33. What variable is used to extend the interval of the Timeout in a NAT to prevent a hidden UDP connection from losing its port? ^A.  Fwx_udp_todefaultextend.  ^B.  Fwx_udp_expdefaultextend. ^C.  Fwx_udp_todefaultext ^D.  Fwx_udp_timeout. ^E.  Fwx_udp_expiration. 							
D#220 Demo questions ^  CISSP4 Q.214:  What attack floods networks with broadcast traffic so that the network is congested?  	^A: Spoofing	^B: Teardrop	^C: Brute force	^D: SMURF				
D#220 Demo questions ^  CISSP2 Q.231:  Application-based IDSs normally utilize information from which of the following sources? 	^A: Network packets and system logs.	^B: Operating system audit trails and network packets.	^C: Operating system audit trails and system logs.	^D: Applications transaction log files.				
C	#220 Demo questions ^  CCIE Q88 What is the first task required in password recovery on a Catalyst 5000 series switch?^A. Set the configuration register to ignore the startup configuration.^B. Set the boot register to 0x2142.^C. Power cycle the switch.^D. Reload the switch using the reload command.							
A,B,C,D#220 Demo questions ^  RedHat Q43.Which of the following types of devices can the Red Hat Network Administration Tool configure?	^A. Ethernet	^B. ISDN	^C. modem	^D. Token Ring				
C#220 Demo questions ^  Compsec Q101. What are the four major components of ISAKMP (Internet Security Association and Key Management Protocol)? ^A. Authentication of peers, threat management, communication management, and cryptographic key establishment. ^B. Authentication of peers, threat management, communication management, and cryptographic key establishment and management. 	^C. Authentication of peers, threat management, security association creation and management cryptographic key establishment and management.	^D management and cryptographic key management. 						
B#220 Demo questions ^  Compsec Q378. What is a network administrator protecting against by ingress/egress filtering traffic as follows:^  Any packet coming into the network must not have a source address of the internal network. ^  Any packet coming into the network must have a destination address from the internal netwoii ^  Any packet leaving the network must have a source address from the internal network. ^  Any packet leaving the network must not have a destination address from the internal networks ^  Any packet coming into the network or leaving the network must not have a source or destination address of a private address or an address listed in RFC19lS reserved space.	^A. SYN (Synchronize) flooding 	^B. spoofing 	^C. DoS (Denial of Service) attacks 	^D. dictionary attacks 				
C#220 Demo questions ^  Compsec Q121. What is the best defence against man in the middle attacks? 	^A. A firewall 	^B. Strong encryption 	^C. Strong authentication 	^D. Strong passwords 				
B#220 Demo questions ^  CISSP3 Q.98:  Which of the following is used to help business units understand the impact of a disruptive event?  	^A: A risk analysis.	^B: A business impact assessment.	^C: A vulnerability assessment.	^D: A disaster recovery plan.				
A,B,D#220 Demo questions ^  CCNA Q. 79:	Which three are typical operational phases in a basic connection oriented network service? (Choose three)	^A: Call setup	^B: Data transfer	^C: Load Balancing	^D: Call termination	^E: Call prioritization	^F: Data segmentation	^G: Data link identification
E 	#220 Demo questions ^  CCSA Q71. Which of the following user actions would you insert as an INTERNAL Authentication scheme? ^A.  The user enters the security dynamics passcode. ^B.  The user prompted for a response from the RADIUS server. ^C.  The user prompted for a response from the AXENT server.  ^D.  The user prompted for a response from the TACACS server. ^E.  The user enters an operating system account password. 						
D#220 Demo questions ^  Compsec Q95. You are the first person to arrive at a crime scene. An investigator and crime scene technician arrive afterwards to take over the investigation. ^  Which of the following tasks will the crime scene technician be responsible for performing? 	^A. Ensure that any documentation and evidence they possessed is handled over to the investigator. 	^B. Reestablish a perimeter as new evidence presents itself. 	^C. Establish a chain of command.	^D. Tag, bag, and inventory evidence. 			
A#220 Demo questions ^  Compsec Q118. A PKI (Public Key Infrastructure) document that serves as the vehicle on which to base common interoperability standards and common assurance criteria on an industry wide basis is a certificate: 	^A. Policy 	^B. Practice 	^C. Procedure 	^D. Process 			
D#220 Demo questions ^  CISSP4 Q.231:  Application-based IDSs normally utilize information from which of the following sources?  	^A: Network packets and system logs.	^B: Operating system audit trails and network packets.	^C: Operating system audit trails and system logs.	^D: Applications transaction log files.			
C#220 Demo questions ^  CCNA Q.320	Which layer in the TCP/IP model corresponds to the OSI network layer?	^A: Application	^B: Transport	^C: Internet	^D: Network	^E: Physical	
C#220 Demo questions ^  CCNA Q. 147:	Which statement about the Point-to-Point protocol (PPP) is true?	^A: PPP supports TCP/IP, but not Novell IPX	^B: PPP is being phased out of existence by the Serial Line Internet protocol	^C: PPP provides router-to-router and host-to-network connections over both synchronous and	asynchronous circuits.	^D: PPP is an ITU-T and ANSI standard that defines the process for sending data over a packet-switched	data network
B	#220 Demo questions ^  CCIE Q123 The interface command Router (config-if)  invert txclock is used for what purpose?^A. It switches TXD and RXD to correct mis-wired cables.^B. It corrects systems that use long cables that experience high error rates when operating at the highertransmission speeds.^C. It configures the serial interface to monitor the DSR signal as the line up/down indicator.^D. It is used to correct situations where it is possible to send backback data packets over serialinterfaces faster than some hosts can receive them.						
A 	#220 Demo questions ^  CCSA Q76. If users authenticated successfully, they have matched the User and Authentication rule restriction of the user group to which they belong. ^A.  True ^B.  False 						
D#220 Demo questions ^  CISSP1 Q.67: How do the Information Labels of Compartmented Mode Workstation differ from the Sensitivity Levels of B3 evaluated systems? 	^A: Information Labels in CMW are homologous to Sensitivity Labels, but a different term was chosen to emphasize that CMW's are not described in the Orange Book.	^B: Information La bels contain more information than Sensitivity Labels, thus allowing more granular access decisions to be made.	^C: Sensitivity Labels contain more information than Information Labels because B3+ systems should store more sensitive data than workstations.	^D: Information Labels contain more information than Sensitivity Labels, but are not used by the Reference Monitor to determine access permissions.			
E	#220 Demo questions ^  CCIE Q110 How does a router behave in relation to an EIGRP stub neighbor?^A. It will send only default-routes toward stub EIGRP neighbors.^B. It well send only summary routes toward stub EIGRP neighbors.^C. It will not query the stub EIGRP neighbor about any internal route.^D. It will not query the stub EIGRP neighbor about any external route.^E. It will not query the stub EIGRP neighbor about any route.						
A#220 Demo questions ^  Compsec Q332. An attacker attempting to penetrate a companys network through its remote access system would most likely gain access through what method? 	^A. war dialer.	^B. Trojan horse. 	^C. DoS (Denial of Service). 	^D. worm. 			
C#220 Demo questions ^  CISSP1 Q.154: What security model is dependant on security labels? 	^A: Discretionary access control	^B: Label-based access control	^C: Mandatory access control	^D: Non-discretionary access control			
Solar Sunrise#220 Demo questions ^  History Q31 1998: Intruders infiltrate and take control of more than 500 military, government and private sector computer systems. Whats the event called?							
A#220 Demo questions ^  RedHat Q7.In order to allow the directory /share to be mounted by the host 'tiger' with read and write access, what must the export line look like?	^A. /share tiger(rw)	^B. tiger(rw) /share	^C. /share tiger	^D. /share tiger (rw)			
D#220 Demo questions ^  Linux Q48. What does the following line from /etc/syslog.conf a mean?^1:kern warm.mail.err /dev/tty10 ^2:	^A: The kern, warn, mail and err messages are logged to the /dev/tty10	^B: All messages to /dev/tty10 get logged to the files kern.warn and mail.err	^C: The kernel messages with priority warn and the messages from the mailer system with a priority of err get logged to the console 10	^D: Kernel messages with priority warn and above the messages form the mailer system with a priority of err and higher are logged to console 10.			
C#220 Demo questions ^  Compsec Q159. Incorrectly detecting authorized access as an intrusion or attack is called a false: 	^A. Negative 	^B. Intrusion 	^C. Positive 	^D. Alarm 			
A#220 Demo questions ^  Linux Q40. Which ps parameter would part use to display the processes of all other users?	^A: a	^B: b	^C: u	^D: x
B#220 Demo questions ^  Compsec Q73. Which of the following results in a domain name server resolving the domain name to a different and thus misdirecting Internet traffic? 	^A. DoS (Denial of Service) 	^B. Spoofing 	^C. Brure force attack 	^D. Reverse DNS (Domain Name Service) 
A#220 Demo questions ^  CISSP2 Q.144:  Why would a 16 characters password not desirable? 	^A: Hard to remember	^B: Offers numerous characters.	^C: Difficult to crack using brute force.	^D: All of the choices.
C#220 Demo questions ^  CISSP3 Q.16:  A password that is the same for each log-on session is called a?  	^A: one-time password	^B: two-time password	^C: static password	^D: dynamic password
C#220 Demo questions ^  CIW Q57. Laura is a system administrator who wants to block all NNTP traffic between her network and the Internet. How should she configure her firewall?	^A: Disable anonymous logins in the NNTP configuration manager	^B: Configure all routers to block broadcast packets	^C: Configure the firewall to block port 119	^D: Configure the firewall to block port 25
vanquish#220 Demo questions ^  Rootkits Q7: a DLL injection based Romanian rootkit that hides files, folders, registry entries and logs passwords				
B#220 Demo questions ^  CCNA Q. 30:	Users on network 192.168.69.0/28 are complaining that they cannot access the corporate intranet server at www.inhouse:com. In troubleshooting this problem, you find that you are able to telnet a workstation on this network to the internal webserver via its IP address. What is the likely cause of this problem? Other divisions in the company use applications that require less than 2 Mbps bandwidth of the enterprise server	^A: TCP/IP failure	^B: DNS failure	^C: FTP failure
D#220 Demo questions ^  CISSP4 Q.111:  You have very strict Physical Access controls. At the same time you have loose Logical Access Controls. What is true about this setting?  	^A: None of the choices.	^B: It can 100% secure your environment.	^C: It may secure your environment.	^D: It may not secure your environment.
Sapphire/Slammer Worm#220 Demo questions ^  Viruses Q11: As it began spreading throughout the Internet, it doubled in size every 8.5 seconds 				
free software foundation #220 Demo questions ^  Linux Q18. Which entity is primarily responsible for distributing the various Linux HOWTOs? (Use three Words) 				
A#220 Demo questions ^  Compsec Q336. What is the primary DISADVANTAGE of a third party relay? 	^A. Spammers can utilize the relay.	^B. The relay limits access to specific users.	^C. The relay restricts the types of e-mail that maybe sent. 	^D. The relay restricts spaminers from gaining access. 
A#220 Demo questions ^  Compsec Q111. When an ActiveX control is executed, it executes with the privileges of the: 	^A. Current user account 	^B. Administrator account 	^C. Guest account 	^D. System account 
A#220 Demo questions ^  CCNA Q. 260	What type of switching create variable latency through the switch?	^A: Store-and-forward	^B: Cut-through	^C: Fragment-free
source code for Whistler#220 Demo questions ^  History Q78:2000 Russian hackers planted the QAX Trojan disguised as Notepad in a Microsoft employee's email. What did they probaly got hold on?				
A#220 Demo questions ^  Wlan4SE Q59. Hopping code is found in.	^A. FHSS	^B. DSSS	^C. CDDS	^D. CSMA/CD
C#220 Demo questions ^  Compsec Q151. The action of determining with operating system is installed on a system simply by analyzing its response to certain network traffic is called: 	^A. OS (Operating System) scanning. 	^B. Reverse engineering. 	^C. Fingerprinting 	^D. Host hijacking. 
B#220 Demo questions ^  CISSP4 Q.166:  Which of the following are the valid categories of hand geometry scanning?  	^A: Electrical and image-edge detection.	^B: Mechanical and image-edge detection.	^C: Logical and image-edge detection.	^D: Mechanical and image-ridge detection.					
C 	#220 Demo questions ^  CCSA Q11. Changes made to the Security Policy do not take effect on the Enforcement Module until the administrator performs which of the following actions? ^A.  Saves the policy. ^B.  Verifies the policy. ^C.  Install the policy. ^D.  Stops firewall services on the Enforcement Module. ^E.  Stops firewall services on the Management module. 								
TCP and ICMP#220 Demo questions ^  Techno Q5:  Unlike trinoo, which uses UDP, or the original Tribe Flood Network, which uses ICMP for communication between the handler and agents, stacheldraht uses ___ and ___									
A#220 Demo questions ^  CISSP1 Q.157: The structures, transmission methods, transport formats, and security measures that are used to provide integrity, availability, authentication, and confidentiality for transmissions over private and public communications networks and media includes? 	^A: The Telecommunications and Network Security domain.	^B: The Telecommunications and Netware Security domain.	^C: The Technical communications and Network Security domain.	^D: The Telnet and Network Security domain.					
B#220 Demo questions ^  CISSP2 Q.5:  Which of the following are the limitations of the BLP model? 	^A: No policies for changing access data control.	^B: All of the choices.	^C: Contains covert channels.	^D: Static in nature.					
A#220 Demo questions ^  CISSP3 Q.45:  Most of unplanned downtime of information systems is attributed to which of the following?  	^A: Hardware failure	^B: Natural disaster	^C: Human error	^D: Software failure					
A#220 Demo questions ^  CISSP4 Q.189:  What type of attacks occurs when normal physical conditions are altered in order to gain access to sensitive information on the smartcard?  	^A: Physical attacks	^B: Logical attacks	^C: Trojan Horse attacks	^D: Social Engineering attacks					
B#220 Demo questions ^  Wlan4SE Q78. What is the highest transmission speed achievable with an IEEE 802.11b compatible radio?	^A. 2 Mbps	^B. 11 Mbps	^C. 15 Mbps	^D. 22 Mbps	^E. 54 Mbps				
B,C	#220 Demo questions ^  Wlan4FE Q31 A Cisco Workgroup Bridge (WGB) can associate to _________. (Choose two.)		^A: another Cisco WGB		^B: a Cisco Aironet Access Point		^C: a Cisco Aironet wireless bridge		^D: a non-Cisco 802.11b compliant Access Point
C#220 Demo questions ^  Compsec Q275. When setting password rules, which of the following would LOWER the level of security of a network? 	^A. Passwords must be greater than six characters and consist at least one non-alph^A. 	^B. All passwords are set to expire at regular intervals and users are required to choose new passwords that have not been used before. 	^C. Complex passwords that users CAN NOT remotely change are randomly generated by the administrator and given to users. 	^D. After a set number of failed attempts the server will lock out any user account forcing the user to call the administrator to re-enable the account. 					
C#220 Demo questions ^  CISSP4 Q.53:  Under Role based access control, access rights are grouped by:  	^A: Policy name	^B: Rules	^C: Role name	^D: Sensitivity label					
C,D#220 Demo questions ^  CCNA Q. 54:	What are two characteristics of the RARP protocol? (Choose two.)	^A: It generates parameter problem messages.	^B: It maps IP addresses to Ethernet addresses.	^C: It maps Ethernet addresses to IP addresses.	^D: It is implemented directly on top of the data link layer.				
B#220 Demo questions ^  History Q32 1998: Intruders infiltrate and take control of more than 500 military, government and private sector computer systems. Who were behind this?	^A: Hackers from Iraq	^B: Two californian teenagers	^C: A student from the Philippines	^D: Melissa virus author David L. Smith					
B#220 Demo questions ^  CISSP4 Q.104:  The principle of accountability is a principle by which specific action cab be traced back to:  	^A: A policy	^B: An individual	^C: A group	^D: A manager					
A#220 Demo questions ^  CISSP4 Q.18:  Who should determine the appropriate access control of information?  	^A: Owner	^B: User	^C: Administrator	^D: Server					
B#220 Demo questions ^  CISSP4 Q.149:  What should you do immediately if the root password is compromised?  	^A: Change the root password.	^B: Change all passwords.	^C: Increase the value of password age.	^D: Decrease the value of password history.					
C#220 Demo questions ^  CISSP1 Q.123: Which integrity model defines a constrained data item, an integrity verification procedure and a transformation procedure? 	^A: The Take-Grant model	^B: The Biba integrity model	^C: The Clark Wilson integrity model	^D: The Bell-LaPadula integrity model					
C#220 Demo questions ^  CIW Q111. Which of the following do hackers target because it usually communicates in cleartext, and because it often carries sensitive information?	^A: Router	^B: DNS server	^C: FTP server	^D: E-mail server					
A#220 Demo questions ^  CCNA Q. 131:	How many valid host IP addresses are available on the following network/subnetwork? 176.12.44.16/30	^A: 2	^B: 30	^C: 254	^D: 16,382	^E: 65,534			
A,D	#220 Demo questions ^  Wlan4FE Q7 802.11b uses which of the following (Choose all that apply.)		^A: DSSS		^B: FHSS		^C: orthogonal frequency division multiplexing		^D: 2.4 GHz band
A#220 Demo questions ^  CISSP4 Q.86:  DAC are characterized by many organizations as:  	^A: Need-to-know controls	^B: Preventive controls	^C: Mandatory adjustable controls	^D: None of the choices					
C	#220 Demo questions ^  CCIE Q62 What flag in the TCP header tells the receiver to pass all the data to the receiving application uponarrival?^A. ACK^B. SYN^C. PSH^D. URG^E. RST								
B#220 Demo questions ^  Compsec Q299. A minor configuration change which can help secure DNS (Domain Name Service) information is: 	^A. block all unnecessary traffic by using port filtering. 	^B. prevent unauthorized zone transfers. 	^C. require password changes every 30 days. 	^D. change the default password. 					
Kevin Poulsen#220 Demo questions ^  History Q6: AKA Dark Dante, What is his real name?									
A,C#220 Demo questions ^  CCNA Q. 86:	Your network uses a class C address of 210.10.10.0 you must now split up the network into separate subnets to handle multiple buildings separated by router. Which two steps must you take to determine the proper subnet mask for your network? (Choose two)	^A: Determine the number of separate networks required	^B: Determine how many devices will require DHCP addressing.	^C: Determine the maximum number of host that will be on each subnet.	^D: Determine the minimum number of host that will be on each subnet.	^E: Determine which router will be the IP default gateway for each subnet.			
A,B	#220 Demo questions ^  Wlan4FE Q53 Cisco Aironet 350 Series Client Adapters are available in what formats? (Choose all thatapply.)		^A: PCI		^B: PCMCIA		^C: ISA		^D: VESA
A#220 Demo questions ^  CISSP3 Q.91:  The act of requiring two of the three factors to be used in the authentication process refers to?  	^A: Two-Factor Authentication	^B: One-Factor Authentication	^C: Bi-Factor Authentication	^D: Double Authentication					
B,D	#220 Demo questions ^  Wlan4FE Q67 How can you send more data across the airwaves? (Choose two.)		^A: utilize lower band frequencies		^B: use more complex modulation		^C: use better filtering on the receiver		^D: use more frequency (wider bandwidth)
A#220 Demo questions ^  RedHat Q11.'serviceconf' can be used to control xinetd managed services.	^A. True	^B. False							
C#220 Demo questions ^  Compsec Q46. A DMZ (Demilitarized Zone) typically contains: 	^A. A customer account database 	^B. Staff workstations 	^C. A FTP (File Transfer Protocol) server 	^D. A SQL (Structured Query Language) based database server 					
B#220 Demo questions ^  CISSP3 Q.48:  Ensuring that printed reports reach proper users and that receipts are signed before releasing sensitive documents are examples of?  	^A: Deterrent controls	^B: Output controls	^C: Information flow controls	^D: Asset controls					
D#220 Demo questions ^  CCNA Q. 117:	Which statement is true when a broadcast is sent in an Ethernet/802.3 LAN?	^A: The IP subnet used is 255.255.255.0	^B: The IP address used is 255.255.255.255	^C: The MAC address used is 00-00-00-00-00-00	^D: The MAC address used is FF-FF-FF-FF-FF-F^F:				
C#220 Demo questions ^  Compsec Q333. A companys web server is configured for the following services: HTTP (Hypertext Transfer Protocol), SSL (Secure Sockets Layer), FTP (Pile Transfer Protocol), SMTP (Simple Mail Transfer Protocol). ^  The web server is placed into a DMZ (Demilitarized Zone). What are the standard ports on the firewall that must be opened to allow traffic to and from the server? 	^A. 119,23,21,80. 	^B. 443, 119,21,1250. 	^C. 80,443,21,25. 	^D. 80,443, 110,21. 
B#220 Demo questions ^  CISSP2 Q.76:  You may describe MAC as: 	^A: Opportunistic	^B: Prohibitive	^C: None of the choices.	^D: Permissive
C#220 Demo questions ^  Compsec Q69. By definition, how many keys are needed to lock and unlock data using symmetrickey encryption? 	^A. 3+ 	^B. 2 	^C. 1 	^D. 0 
B#220 Demo questions ^  HTM Q7: What song is playing as Dade, The Freak and Serial Killer enter Kate's party?	^A:Voodoo People, The Prodigy	^B:Connected, The Stereo MC's	^C:Hey Boy, Hey Girl, The Chemical Brothers	^D:Teardrop, Massive Attack
A#220 Demo questions ^  Compsec Q83. Asymmetric cryptography ensures that: 	^A. Encryption and authentication can take place without sharing private keys. 	^B. Encryption of the secret key is performed with the fastest algorithm available. 	^C. Encryption occurs only when both parties have been authenticated. 	^D. Encryption factoring is limited to the session key. 
A#220 Demo questions ^  Compsec Q253. What should be done to secure a DHCP (Dynamic Host Configuration Protocol) service? 	^A. block ports 67 and 68 at the firewall. 	^B. block port 53 at the firewall. 	^C. block ports 25 and 26 at the firewall. 	^D. block port 110 at the flrewall. 
A#220 Demo questions ^  CISSP4 Q.191:  What is an effective countermeasure against Trojan horse attack that targets smart cards?  	^A: Singe-access device driver architecture.	^B: Handprint driver architecture.	^C: Fingerprint driver architecture.	^D: All of the choices.
D#220 Demo questions ^  CISSP2 Q.59:  Which of the following RFC talks about Rule Based Security Policy? 	^A: 1316 ^B: 1989	^C: 2717	^D: 2828	
C#220 Demo questions ^  CIW Q74. Which of the following do hackers target because it usually communicates in Cleartext?	^A: Router	^B: DNS server	^C: FTP server	^D: E-mail server
D#220 Demo questions ^  CISSP4 Q.203:  What protocol was UDP based and mainly intended to provide validation of dial up user login passwords?  	^A: PPTP	^B: L2TP	^C: IPSec	^D: TACACS
C#220 Demo questions ^  CISSP3 Q.89:  In an organization, an Information Technology security function should:	^A: Be a function within the information systems function of an organization.	^B: Report directly to a specialized business unit such as legal, corporate security or insurance.	^C: Be lead by a Chief Security Officer and report directly to the CEO.	^D: Be independent but report to the Information Systems function.
B#220 Demo questions ^  CISSP1 Q.94: Which of the following best corresponds to the type of memory addressing where the address location that is specified in the program instruction contains the address of the final desired location? 	^A: Direct addressing	^B: Indirect addressing	^C: Indexed addressing	^D: Program addressing
D#220 Demo questions ^  CISSP4 Q.184:  Which of the following is a disadvantage of memory only card?  ^A: High cost to develop.	^B: High cost to operate.	^C: Physically infeasible.	^D: Easy to counterfeit.	
D#220 Demo questions ^  CISSP1 Q.30: What are two types of system assurance?	^A: Operational Assurance and Architecture Assurance.	^B: Design Assurance and Implementation Assurance.	^C: Architecture Assurance and Implementation Assurance.	^D: Operational Assurance and Life-Cycle Assurance.
C#220 Demo questions ^  CISSP4 Q.110:  The main categories of access control do NOT include:	^A: Administrative Access Control	^B: Logical Access Control	^C: Random Access Control	^D: Physical Access Control
A#220 Demo questions ^  CISSP1 Q.165: A server cluster looks like a? 	^A: Single server from the user's point of view.	^B: Dual server from the user's point of view.	^C: Tripe server from the user's point of view.	^D: Quardle server from the user's point of view.
B#220 Demo questions ^  Linux Q45. In what file do you change default variables for all users?	^A: /etc/bashrc	^B: /etc/profile	^C: ~/.bash_profile	^D: /etc/skel/.bashrc	^E: /etc/skel/.bash_profile				
D	#220 Demo questions ^  CCIE Q74 router ospf 1redistribute igrp 20 metric 50 subnets^  What is the effect if the subnets keyword in the above configuration?^A. It forces IGRP to support VLSM in this context.^B. It causes OSPF to recognize classful networks.^C. It has not effect, IGRP always summarizes on class boundaries anyway.^D. It causes OSPF to accept networks with non-classful masks.								
D#220 Demo questions ^  CCNA Q. 193:	Given the following criteria for granting access from a remote site to your LAN : restrict access on interface E0	E0=128.12.22.55	Deny access to telnet, FTP	All other types of operations.	Which line should come last in configuring your access list?	^A: Access-List 101	^B: Access-List 101 deny E0 telnet FTP	^C: Access list 101 allow all except FTP telnet	^D: Access list 101 permit IP 0.0.0.0 255.255.255.255 any
B#220 Demo questions ^  CIW Q73. A hacker has just changed the information for a zone during a zone transfer. This attack caused false information to be passed on to network hosts as if it were legitimate. Which type of server is the target in such an attack?	^A: An e-mail server	^B: A DNS server	^C: A router	^D: A FTP server					
D#220 Demo questions ^  Wlan4SE Q89. CSMA/CA is a	^A. feature no longer supported by Cisco	^B. media security protocol	^C. feature no longer supported by the latest WLAN standards	^D. media access protocol					
C	#220 Demo questions ^  CCIE Q4 In a PIMv2 Sparse Mode network, the incoming interface for a (*, G) mroute entry is calculated using:^A. The address of the source.^B. The address of the PIM neighbor that send the PIM (*, G) Join message.^C. The address of a directory connected member of group G.^D. The address of the currently active Rendezvous Point for group G.^E. The address of the Mapping Agent.								
Berkeley Blue and Oak Toebark#220 Demo questions ^  History Q8: Name two members of Californias Homebrew Computer Club									
B#220 Demo questions ^  Compsec Q402. A security designer is planning the implementation of security mechanisms in a RBAC (Role Based Access Control) compliant system. The designer has determined that there are three types of resources in the system inclading files, printers, and mailboxes. The organization has four distinct departments with distinct functions including Sales, Marketing, Management, and Production. Each department needs access to different resources. Each user has a workstation. Which roles should be created to support the REAC (Role Based Access Control) model?	^A. file, printer, and mailbox roles	^B. sales, marketing, management, and production roles 	^C. user and workstation roles	^D. allow access and deny access roles 					
A#220 Demo questions ^  Compsec Q293. The Bell La-Padula access control model consists of four elements. These elements are 	^A. subjects, objects, access modes and security levels. 	^B. subjects, objects, roles and groups. 	^C. read only, read/write, write only and read/write/delete. 	^D. groups, roles, access modes and security levels. 					
C#220 Demo questions ^  CISSP3 Q.87:  The continual effort of making sure that the correct policies, procedures and standards are in place and being followed is described as what?	^A: Due care	^B: Due concern	^C: Due diligence	^D: Due practice					
B#220 Demo questions ^  CISSP2 Q.42:  What should you do to the user accounts as soon as employment is terminated? 	^A: Disable the user accounts and erase immediately the data kept.	^B: Disable the user accounts and have the data kept for a specific period of time.	^C: None of the choices.	^D: Maintain the user accounts and have the data kept for a specific period of time.					
D#220 Demo questions ^  Linux Q13. You are concerned that core files are taking up excessive space on your /home file system. Which command would you use to remove all files named core that are older than a week?	^A: cd /home rm -r -mtime +7 core	^B: find /home -older +7 -exec rm {core}\	^C: find /home -atime +1 -name core -exec rm {}\	^D: find /home -mtime +7 -name core -exec rm{}\	^E: find /home -mtime +1 -name core -exec rm {}\				
A#220 Demo questions ^  CISSP2 Q.80:  Under MAC, classification reflects: 	^A: Sensitivity	^B: Subject	^C: Privilege	^D: Object					
B#220 Demo questions ^  Wlan4SE Q71. A directional antenna focuses the RF signal more in one direction than others, thus decreasing the range more in that direction.	^A. True	^B. False	^C. This is not always true  must be judged case by case						
The Wily Hackers#220 Demo questions ^  History Q97: 1989 ___ ____ ______ have been arrested in Berlin, Hamburg and Hannover, and they are accused of computer espionage for the Soviet KGB. 									
C#220 Demo questions ^  CISSP1 Q.39: According to private sector data classification levels, how would salary levels and medical information be classified? 	^A: Public	^B: Sensitive	^C: Private	^D: Confidential					
A#220 Demo questions ^  Compsec Q75. Honey pots are useful in preventing attackers from gaining access to critical system. True or false? 	^A. True 	^B. False 	^C. It depends on the style of attack used. 		
C#220 Demo questions ^  CISSP4 Q.210:  What attack takes advantage of operating system buffer overflows?  	^A: Spoofing	^B: Brute force	^C: DoS	^D: Exhaustive	
A#220 Demo questions ^  CCNA Q. 231 	What is a disadvantage of using a connection-oriented protocol such as TCP? 	^A: Packet acknowledgement may add overhead 	^B: Packets are not tagged with sequence numbers 	^C: Loss or duplication of data packets is more likely to occur 	^D: The application layer must assume responsibility for correct sequencing of the data packets. 
D#220 Demo questions ^  CISSP2 Q.8:  Which of the following is best known for capturing security requirements of commercial applications? 	^A: Lattice	^B: Biba	^C: Bell LaPadula	^D: Clark and Wilson	
A#220 Demo questions ^  CISSP1 Q.75: Which of the following, used to extend a network, has a storage capacity to store frames and act as a store -and-forward device? 	^A: Bridge	^B: Router	^C: Repeater	^D: Gateway	
B#220 Demo questions ^  CISSP4 Q.163:  Which of the following are the types of eye scan in use today?  	^A: Retinal scans and body scans.	^B: Retinal scans and iris scans.	^C: Retinal scans and reflective scans.	^D: Reflective scans and iris scans.	
B#220 Demo questions ^  Compsec Q381. Which of the following most accurately describes a DMZ (Demilitarized Zone)?	^A. an application program with a state that authenticates the user and allows the user to be categorized based on privilege 	^B. a network between a protected network and an external network in order to provide an additional layer of security 	^C. the entire area between the network of origin and the destination network	^D. an application that allows the user to remove any offensive of an attacker 	
D#220 Demo questions ^  CISSP4 Q.159:  The quality of finger prints is crucial to maintain the necessary:  	^A: FRR	^B: ERR and FAR	^C: FAR	^D: FRR and FAR	
C#220 Demo questions ^  CIW Q101. Lucy is a system administrator who wants to block all NNTP traffic between her network and the Internet. How should she configure her firewall?	^A: Configure the firewall to block all incoming and outgoing packets except for those with the source and destination port of 119. Then, allow all traffic with destination ports above 1024 to transverse the firewall.	^B: Configure the firewall to block all incoming packets with the source port of 119, and outgoing packets with a source port lower than 1024. Then, block all packets with the destination port of 119 and with a source port lower than 1024.	^C: Configure the firewall to block incoming packets with the destination port of 119, and to block outgoing packets with the destination port of 119.	^D: Configure the firewall to block all incoming packets with the source port of 119.	
statistical analysis#220 Demo questions ^  Techno Q1: Cracking a PIN code is not simply a matter of scanning through all the possible number combinations, better is to use: 					
C#220 Demo questions ^  CIW Q115. When assessing the risk to a machine or network, what step should you take first?	^A: Analyzing, categorizing and prioritizing resources	^B: Evaluating the existing perimeter and internal security	^C: Checking for a written security policy	^D: Analyzing the use of existing management and control architecture	
D#220 Demo questions ^  CISSP1 Q.103: When should a post-mortem review meeting be held after an intrusion has been properly taken care of? 	^A: Within the first three months after the investigation of the intrusion is completed.	^B: Within the first week after prosecution of intruders have taken place, whether successful or not.	^C: Within the first month after the investigation of the intrusion is completed.	^D: Within the first week of completing the investigation of the intrusion.	
B#220 Demo questions ^  Compsec Q27. A recent audit shows that a user logged into a server with their user account and executed a program. ^  The user then performed activities only available to an administrator. ^ This is an example of an attack? 	^A. Trojan horse 	^B. Privilege escalation 	^C. Subseven back door 	^D. Security policy removal 	
A#220 Demo questions ^  RedHat Q81.In order to use Kickstart with a configuration file on an NFS server using eth1 to access the network, what would be the proper boot command for this?	^A. linux ks=nfs:/ ksdevice=eth1	^B. linux ks	^C. linux ks=:/ ksdevice=eth1	^D. linux ks=nfs:/ dev=eth1	
D#220 Demo questions ^  CISSP2 Q.13:  When will BLP consider the information flow that occurs? 	^A: When a subject alters on object.	^B: When a subject accesses an object.	^C: When a subject observer an object.	^D: All of the choices.	
A#220 Demo questions ^  Compsec Q257. A system administrator discovers suspicious activity that might indicate a computer crime. The administrator should flrst: 	^A. refer to incident response plan. 	^B. change ownership of any related files to prevent tampering. 	^C. move any related programs and files to non-erasable media. 	^D. set the system time to ensure any logged information is accurate. 	
A#220 Demo questions ^  CIW Q18. Luke is documenting all of his network attributes. He wants to know the type of network-level information that is represented by the locations of access panels, wiring closets and server rooms. Which of the following is the correct term for this activity?	^A: Network mapping	^B: IP service routing	^C: Router and switch designing	^D: War dialing		
B#220 Demo questions ^  Compsec Q15. You are explaining SSL to a junior administrator and come up to the topic of handshaking. How many steps are employed between the client and server in the SSL handshake process? 	^A. Five 	^B. Six 	^C. Seven 	^D. Eight 		
D#220 Demo questions ^  Compsec Q11. When visiting an office adjacent to the server room, you discover the lock to the window is broken. ^   Because it is not your office you tell the resident of the office to contact the maintenance person and have it fixed. After leaving, you fail to follow up on whether the windows was actually repaired. ^  What affect will this have on the likelihood of a threat associated with the vulnerability actually occurring? 	^A. If the window is repaired, the likelihood of the thread occurring will increase. 	^B. If the window is repaired, the likelihood of the threat occurring will remain constant. 	^C. If the window is not repaired the, the likelihood of the threat occurring will decrease. 	^D. If the window is not repaired, the likelihood of the threat occurring will increase. 		
B#220 Demo questions ^  Compsec Q145. A password security policy can help a system administrator to decrease the probability that a password can be guessed by reducing the passwords: 	^A. Length 	^B. Lifetime 	^C. Encryption level 	^D. Alphabet set 		
B#220 Demo questions ^  CISSP3 Q.62:  What uses a key of the same length as the message?  	^A: Running key cipher	^B: One-time pad	^C: Steganography	^D: Cipher block chaining		
B#220 Demo questions ^  Compsec Q281. As it relates to digital certificates, SSLv3.0 (Secure Sockets Layer version 3.0) added which of the following key functionalities? The ability to: 	^A. act as a CA (Certificate Authority). 	^B. force client side authentication via digital certificates. 	^C. use x.400 certificates. 	^D. protect transmissions with 1024-bit symmetric encryption. 		
B#220 Demo questions ^  CISSP2 Q.37:  How often should logging be run? 	^A: Once every week.	^B: Always	^C: Once a day.	^D: During maintenance.		
A#220 Demo questions ^  CISSP4 Q.193:  What are the valid types of one time password generator?  	^A: All of the choices.	^B: Transaction synchronous	^C: Synchronous/PIN synchronous	^D: Asynchronous/PIN asynchronous		
B#220 Demo questions ^  CIW Q108. What is another term for a network security manager who acts as a potential hacker (a person looking for security loopholes)?	^A: An agent	^B: An auditor	^C: An assessor	^D: An analyzer		
D#220 Demo questions ^  Compsec Q323. The basic strategy that should be used when configuring the rules for a secure firewall is: 	^A. permit all. 	^B. deny all. 	^C. default permit. 	^D. default deny . 		
A#220 Demo questions ^  CISSP4 Q.117:  What type of access control focuses on restoring resources?  	^A: Recovery	^B: Preventive	^C: Intrusive	^D: Corrective		
B#220 Demo questions ^  Compsec Q85. When a session is initiated between the Transport Control Program (TCP) client and server in a network, a very small buffer space exist to handle the usually rapid hand-shaking exchange of messages that sets up the session. ^  What kind of attack exploits this functionality? 	^A. Buffer Overflow 	^B. SYN Attack 	^C. Smurf 	^D. Birthday Attack 		