Which of the following is a framework of open standards developed by the Internet Engineering Task Force (IETF) that provides secure transmission of the sensitive data over an unprotected medium, such as the Internet?

1. A. DNSSEC
2. B. Netsec
3. C. IKE
4. D. IPsec

Correct Answer: D

Which of the following contents of a pen testing project plan addresses the strengths, weaknesses, opportunities, and threats involved in the project?

1. A. Project Goal
2. B. Success Factors
3. C. Objectives
4. D. Assumptions

Correct Answer: D

HTTP protocol specifies that arbitrary binary characters can be passed within the URL by using %xx notation, where 'xx' is the

1. A. ASCII value of the character
2. B. Binary value of the character
3. C. Decimal value of the character
4. D. Hex value of the character

Correct Answer: D

Identify the policy that defines the standards for the organizational network connectivity and security standards for computers that are connected in the organizational network.

1. A. Information-Protection Policy
2. B. Special-Access Policy
3. C. Remote-Access Policy
4. D. Acceptable-Use Policy

Correct Answer: C

Security auditors determine the use of WAPs on their networks with Nessus vulnerability scanner which identifies the commonly used WAPs.
One of the plug-ins that the Nessus Vulnerability Scanner uses is ID #11026 and is named “Access Point Detection”. This plug-in uses four techniques to identify the presence of a WAP.
Which one of the following techniques is mostly used for uploading new firmware images while upgrading the WAP device?

1. A. NMAP TCP/IP fingerprinting
2. B. HTTP fingerprinting
3. C. FTP fingerprinting
4. D. SNMP fingerprinting

Correct Answer: C