Which of the following steps are required in an idle scan of a closed port? Each correct answer represents a part of the solution. Choose all that apply.

A. The attacker sends a SYN/ACK to the zombie.

B. The zombie's IP ID increases by only 1.

C. In response to the SYN, the target sends a RST.

D. The zombie ignores the unsolicited RST, and the IP ID remains unchanged.

E. The zombie's IP ID increases by 2.

Which of the following are the various methods that a device can use for logging information on a Cisco router? Each correct answer represents a complete solution. Choose all that apply.

A. Buffered logging

B. Syslog logging

C. NTP logging

D. Terminal logging

E. Console logging

F. SNMP logging

You are advising a school district on disaster recovery plans. In case a disaster affects the main IT centers for the district they will need to be able to work from an alternate location. However, budget is an issue. Which of the following is most appropriate for this client?

A. Warm site

B. Cold site

C. Hot site

D. Off site

Which of the following classes of IP addresses provides a maximum of only 254 host addresses per network ID?

A. Class D

B. Class B

C. Class C

D. Class A

Which of the following layers provides communication session management between host computers?

A. Application layer

B. Internet layer

C. Transport layer

D. Link layer

The SOC manager is reviewing logs in AlienVault USM to investigate an intrusion on the network. Which CND approach is being used?

A. Retrospective

B. Reactive

C. Deterrent

D. Preventive

What is the best way to describe a mesh network topology?

A. A network in which every computer in the network has a connection to each and every computer in the network.

B. A network in which every computer meshes together to form a hybrid between a star and bus topology.

C. A network in which every computer in the network can communicate with a single central computer.

D. A network that is extremely cost efficient, offering the best option for allowing computers to communicate amongst each other.

Which of the information below can be gained through network sniffing? (Select all that apply)

A. Telnet Passwords

B. Syslog traffic

C. DNS traffic

D. Programming errors

Eric is receiving complaints from employees that their systems are very slow and experiencing odd issues including restarting automatically and frequent system hangs. Upon investigating, he is convinced the systems are infected with a virus that forces systems to shut down automatically after period of time. What type of security incident are the employees a victim of?

A. Scans and probes

B. Malicious Code

C. Denial of service

D. Distributed denial of service

Which type of risk treatment process Includes not allowing the use of laptops in an organization to ensure its security?

A. Risk avoidance

B. Mitigate the risk

C. Eliminate the risk

D. Reduce the risk