You are the Security Administrator of Xtrinity, Inc. You write security policies and conduct assessments to protect the company's network. During one of your periodic checks to see how well policy is being observed by the employees, you discover an employee has attached cell phone 3G modem to his telephone line and workstation. He has used this cell phone 3G modem to dial in to his workstation, thereby bypassing your firewall. A security breach has occurred as a direct result of this activity. The employee explains that he used the modem because he had to download software for a department project. How would you resolve this situation?

A. Reconfigure the firewall

B. Enforce the corporate security policy

C. Install a network-based IDS

D. Conduct a needs analysis

When writing shellcodes, you must avoid ____________ because these will end the string.

A. Root bytes

B. Null bytes

C. Char bytes

D. Unicode bytes

You generate MD5 128-bit hash on all files and folders on your computer to keep a baseline check for security reasons?

What is the length of the MD5 hash?

A. 32 character

B. 64 byte

C. 48 char

D. 128 kb

What command would you type to OS fingerprint a server using the command line?

A. Option A

B. Option B

C. Option C

D. Option D

The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106:

What is most likely taking place?

A. Ping sweep of the 192.168.1.106 network

B. Remote service brute force attempt

C. Port scan of 192.168.1.106

D. Denial of service attack on 192.168.1.106

Network Administrator Patricia is doing an audit of the network. Below are some of her findings concerning DNS. Which of these would be a cause for alarm? Select the best answer.

A. There are two external DNS Servers for Internet domains. Both are AD integrated.

B. All external DNS is done by an ISP.

C. Internal AD Integrated DNS servers are using private DNS names that are

D. unregistered.

E. Private IP addresses are used on the internal network and are registered with the internal AD integrated DNS server.

Which of the following is an automated vulnerability assessment tool?

A. Whack a Mole

B. Nmap

C. Nessus

D. Kismet

E. Jill32

You have initiated an active operating system fingerprinting attempt with nmap against a target system:

What operating system is the target host running based on the open ports shown above?

A. Windows XP

B. Windows 98 SE

C. Windows NT4 Server

D. Windows 2000 Server

What is GINA?

A. Gateway Interface Network Application

B. GUI Installed Network Application CLASS

C. Global Internet National Authority (G-USA)

D. Graphical Identification and Authentication DLL

Jim's organization has just completed a major Linux roll out and now all of the organization's systems are running the Linux 2.5 kernel. The roll out expenses has posed constraints on purchasing other essential security equipment and software. The organization requires an option to control network traffic and also perform stateful inspection of traffic going into and out of the DMZ.

Which built-in functionality of Linux can achieve this?

A. IP Tables

B. IP Chains

C. IP Sniffer

D. IP ICMP