- (Topic 8)
What is the best means of prevention against viruses?

1. A. Assign read only permission to all files on your system.
2. B. Remove any external devices such as floppy and USB connectors.
3. C. Install a rootkit detection tool.
4. D. Install and update anti-virus scanner.

Correct Answer: D
Although virus scanners only can find already known viruses this is still the best defense, together with users that are informed about risks with the internet.

- (Topic 6)
Which of the following is an automated vulnerability assessment tool?

1. A. Whack a Mole
2. B. Nmap
3. C. Nessus
4. D. Kismet
5. E. Jill32

Correct Answer: C
Nessus is a vulnerability assessment tool.

- (Topic 8)
Which of the following buffer overflow exploits are related to Microsoft IIS web server? (Choose three)

1. A. Internet Printing Protocol (IPP) buffer overflow
2. B. Code Red Worm
3. C. Indexing services ISAPI extension buffer overflow
4. D. NeXT buffer overflow

Correct Answer: ABC
Both the buffer overflow in the Internet Printing Protocol and the ISAPI
extension buffer overflow is explained in Microsoft Security Bulletin MS01-023. The Code Red worm was a computer worm released on the Internet on July 13, 2001. It attacked computers running Microsoft's IIS web server.

- (Topic 7)
John wishes to install a new application onto his Windows 2000 server. He wants to ensure that any application he uses has not been Trojaned. What can he do to help ensure this?

1. A. Compare the file's MD5 signature with the one published on the distribution media
2. B. Obtain the application via SSL
3. C. Compare the file's virus signature with the one published on the distribution media
4. D. Obtain the application from a CD-ROM disc

Correct Answer: A
MD5 was developed by Professor Ronald L. Rivest of MIT. What it does, to quote the executive summary of rfc1321, is:
[The MD5 algorithm] takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or
to produce any message having a given prespecified target message digest. The MD5 algorithm is intended for digital signature applications, where a large file must be "compressed" in a secure manner before being encrypted with a private (secret) key under a public-key cryptosystem such as RSA.
In essence, MD5 is a way to verify data integrity, and is much more reliable than checksum and many other commonly used methods.

- (Topic 3)
Which of the following represent weak password? (Select 2 answers)

1. A. Passwords that contain letters, special characters, and numbers Exampl
2. B. ap1$%##f@52
3. C. Passwords that contain only numbers Exampl
4. D. 23698217
5. E. Passwords that contain only special characters Exampl
6. F. &*#@!(%)
7. G. Passwords that contain letters and numbers Exampl
8. H. meerdfget123
9. I. Passwords that contain only letters Exampl
10. J. QWERTYKLRTY
11. K. Passwords that contain only special characters and numbers Exampl
12. L. 123@$45
13. M. Passwords that contain only letters and special characters Exampl
14. N. bob@&ba
15. O. Passwords that contain Uppercase/Lowercase from a dictionary list Exampl
16. P. OrAnGe

Correct Answer: EH