Correct Answer:

Explanation:

According to the question, you are required to configure the default gateway setting on Host A so that users can access the Internet through it. For a computer to communicate with computers on another segment in a routed network, it is

important to configure the default gateway. In order to accomplish the task, you will have to set the address 192.168.19.203 as the default gateway address.

Correct Answer: AC

There are two prominent techniques used today for creating Internet maps:

Active probing: It is the first works on the data plane of the Internet and is called active probing. It is used to infer Internet topology based on router adjacencies.

AS PATH Inference: It is the second works on the control plane and infers autonomous system connectivity based on BGP data.

Correct Answer: A

Piggybacking refers to access of a wireless Internet connection by bringing one's own computer within the range of another's wireless connection, and using that service without the subscriber's explicit permission or knowledge. It is a legally and ethically controversial practice, with laws that vary in jurisdictions around the world. While completely outlawed in some jurisdictions, it is permitted in others. The process of sending data along with the acknowledgment is called piggybacking. Answer: C is incorrect. Bluebugging is an attack used only in a Bluetooth network. Bluebugging is a form of bluetooth attack often caused by a lack of awareness. Bluebugging tools allow attacker to "take control" of the victim's phone via the usage of the victim's Bluetooth phone headset. It does this by pretending to be the users bluetooth headset and therefore "tricking" the phone to obey its call commands. Answer: D is incorrect. A worm is a software program that uses computer networks and security holes to replicate itself from one computer to another. It usually performs malicious actions, such as using the resources of computers as well as shutting down computers. Answer: B is incorrect. A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as a network saturation attack or bandwidth consumption attack. Attackers perform DoS attacks by sending a large number of protocol packets to the network. The effects of a DoS attack are as follows:

1.

Saturates network resources

2.

Disrupts connections between two computers, thereby preventing communications between services

3.

Disrupts services to a specific computer

4.

Causes failure to access a Web site

5.

Results in an increase in the amount of spam

6.

A Denial-of-Service attack is very common on the Internet because it is much easier to accomplish.

7.

Most of the DoS attacks rely on the weaknesses in the TCP/IP protocol.

Correct Answer: D

Absolute size of frames is expressed in pixels. Size is expressed in terms of the number of pixels in a frame. Therefore, a change in the screen area of a display device does not affect the absolute frame size of a Web page.

Correct Answer: B

ServerMask is a tool that is used to hide information about IISWebservers. Since IIS Webservers are vulnerable to various attacks, such as, code red worm, is unicode exploit, etc., to mitigate such attacks, ServerMask removes all unnecessary HTTP headers and response data, and file extensions like .asp or .aspx, whichare clear indicators that a site is running on a Microsoft server. Besides this, ServerMask modifies the ASP session ID cookies values, default messages, pages and scripts of all kinds to misguide an attacker. Answer: A is incorrect. httprint is a fingerprinting tool that is based on Web server characteristics to accurately identify Web servers. It works even when Web server may have been obfuscated by changing the server banner strings, or by plug-ins such as mod_security or servermask. Answer: C is incorrect. Whisker is an HTTP/Web vulnerability scanner that is written in the PERL language. Whisker runs on both the Windows and UNIX environments. It provides functions for testing HTTP servers for many known security holes, particularly the presence of dangerous CGIs. Answer: D is incorrect. WinSSLMiM is an HTTPS Man in the Middle attacking tool. It includes FakeCert, a tool used to make fake certificates. It can be used to exploit the Certificate Chain vulnerability in Internet Explorer. The tool works under Windows 9x/2000.

Correct Answer: A

In Unix, the /etc/passwd file contains username, real name, home directory, encrypted password, and other information about a user.

Answer: C is incorrect. In Unix, the /etc/hosts file lists the hosts for name lookup use that are locally required.

Answer: D is incorrect. In Unix, the /etc/inittab file is the configuration file for init. It controls startup run levels and determines scripts to start with.

Answer: B is incorrect. In Unix, the /etc/printcap file is the configuration file for printers.

Correct Answer: D

Authorization is a process that verifies whether a user has permission to access a Webresource. A Web server can restrict access to some of its resources to only those clients that log in using a recognized username and password. To be authorized, a user must first be authenticated. Answer: B is incorrect. Authentication is the process of verifying the identity of a user. This is usually done using a user name and password. This process compares the provided user name and password with those stored in the database of an authentication server. Answer: C is incorrect. Confidentiality is a mechanism that ensures that only the intended and authorized recipients are able to read data. The data is so encrypted that even if an unauthorized user gets access to it, he will not get any meaning out of it. Answer: A is incorrect. Data integrity is a mechanism that ensures that the data is not modified during transmission from source to destination. This means that the data received at the destination should be exactly the same as that sent from the source.

Correct Answer: BCD

Pervasive IS controls can be used across all the internal departments and external contractors. If the Pervasive IS controls are implemented properly, it improves the reliability of the following:

1.

Software development

2.

System implementation

3.

Overall service delivery

4.

Security administration

5.

Disaster recovery

6.

Business continuity planning

Answer: A is incorrect. Pervasive IS controls do not have any relation with the reliability of the hardware development.

Correct Answer: A

In order to take a snapshot of the router running configuration and archive running configuration of the router to persistent storage, you should secure the boot configuration of the router using the secure boot- config command.

Answer: D is incorrect. You can enable the image resilience, if you want to secure the Cisco IOS image. Answer: C is incorrect. By verifying the security of bootset, you can examine whether or not the Cisco IOS Resilient Configuration is

enabled and the files in the bootset are secured. Answer: B is incorrect. By restoring an archived primary bootset, you can restore a primary bootset from a secure archive after an NVRAM has been erased or a disk has been formatted.

Correct Answer: C

Removing the IPP printing capability from a server is a good countermeasure against an IIS buffer overflow attack. A Network Administrator should take the following steps to prevent a Web server from IIS buffer overflow attacks:

Conduct frequent scans for server vulnerabilities.

Install the upgrades of Microsoft service packs.

Implement effective firewalls.

Apply URLScan and IISLockdown utilities.

Remove the IPP printing capability.

Answer: B is incorrect. The following are the DNS zone transfer countermeasures:

Do not allow

DNS zone transfer using the DNS property sheet:

a.

Open DNS.

b.

Right-click a DNS zone and click Properties.

c.

On the Zone Transfer tab, clear the Allow zone transfers check box.

Configure the master DNS server to allow zone transfers only from secondary DNS servers:

a.

Open DNS.

b.

Right-click a DNS zone and click Properties.

c.

On the zone transfer tab, select the Allow zone transfers check box, and then do one of the following:

To allow zone transfers only to the DNS servers listed on the name servers tab, click on the Only to the servers listed on the Name Server tab.

To allow zone transfers only to specific DNS servers, click Only to the following servers, and add the IP address of one or more servers.

Deny all unauthorized inbound connections to TCP port 53.

Implement DNS keys and encrypted DNS payloads.

Answer: D is incorrect. The following are the countermeasures against SNMP enumeration:

1.

Removing the SNMP agent or disabling the SNMP service

2.

Changing the default PUBLIC community name when 'shutting off SNMP' is not an option

3.

Implementing the Group Policy security option called Additional restrictions for anonymous connections

4.

Restricting access to NULL session pipes and NULL session shares

5.

Upgrading SNMP Version 1 with the latest version

6.

Implementing Access control list filtering to allow only access to the read-write community from approved stations or subnets

Answer: A is incorrect. NetBIOS NULL session vulnerabilities are hard to prevent, especially if NetBIOS is needed as part of the infrastructure. One or more of the following steps can be taken to limit NetBIOS NULL session vulnerabilities: 1.Removing the SNMP agent or disabling the SNMP service 2.Changing the default PUBLIC community name when 'shutting off SNMP' is not an option 3.Implementing the Group Policy security option called Additional restrictions for anonymous connections 4.Restricting access to NULL session pipes and NULL session shares 5.UpgradingSNMP Version 1 with the latest version 6.Implementing Access control list filtering to allow only access to the read-write community from approved stations or subnets answer option A is incorrect. NetBIOS NULL session vulnerabilities are hard to prevent, especially if NetBIOS is needed as part of the infrastructure. One or more of the following steps can be taken to limit NetBIOS NULL session vulnerabilities:

1.

Null sessions require access to the TCP 139 or TCP 445 port, which can be disabled by a Network Administrator.

2.

A Network Administrator can also disable SMB services entirely on individual hosts by unbinding WINS Client TCP/IP from the interface.

3.

A Network Administrator can also restrict the anonymous user by editing the registry values:

a.Open regedit32, and go to HKLM\SYSTEM\CurrentControlSet\LSA. b. Choose edit > add value. Value name: RestrictAnonymous Data Type: REG_WORD Value: 2