- (Topic 2)
Jason is the network administrator of Spears Technology. He has enabled SNORT IDS to detect attacks going through his network. He receives Snort SMS alerts on his iPhone whenever there is an attempted intrusion to his network.
He receives the following SMS message during the weekend.

An attacker Chew Siew sitting in Beijing, China had just launched a remote scan on Jason's network with the hping command.
Which of the following hping2 command is responsible for the above snort alert?

1. A. chenrocks:/home/siew # hping -S -R -P -A -F -U 192.168.2.56 -p 22 -c 5 -t 118
2. B. chenrocks:/home/siew # hping -F -Q -J -A -C -W 192.168.2.56 -p 22 -c 5 -t 118
3. C. chenrocks:/home/siew # hping -D -V -R -S -Z -Y 192.168.2.56 -p 22 -c 5 -t 118
4. D. chenrocks:/home/siew # hping -G -T -H -S -L -W 192.168.2.56 -p 22 -c 5 -t 118

Correct Answer: A

- (Topic 6)
Botnets are networks of compromised computers that are controlled remotely and surreptitiously by one or more cyber criminals. How do cyber criminals infect a victim's computer with bots? (Select 4 answers)

1. A. Attackers physically visit every victim's computer to infect them with malicious software
2. B. Home computers that have security vulnerabilities are prime targets for botnets
3. C. Spammers scan the Internet looking for computers that are unprotected and use these "open-doors" to install malicious software
4. D. Attackers use phishing or spam emails that contain links or attachments
5. E. Attackers use websites to host the bots utilizing Web Browser vulnerabilities

Correct Answer: BCDE
New Questions

- (Topic 4)
In keeping with the best practices of layered security, where are the best places to place intrusion detection/intrusion prevention systems? (Choose two.)

1. A. HID/HIP (Host-based Intrusion Detection/Host-based Intrusion Prevention)
2. B. NID/NIP (Node-based Intrusion Detection/Node-based Intrusion Prevention)
3. C. NID/NIP (Network-based Intrusion Detection/Network-based Intrusion Prevention)
4. D. CID/CIP (Computer-based Intrusion Detection/Computer-based Intrusion Prevention)

Correct Answer: AC

- (Topic 1)
Jack Hacker wants to break into Brown Co.'s computers and obtain their secret double fudge cookie recipe. Jack calls Jane, an accountant at Brown Co., pretending to be an administrator from Brown Co. Jack tells Jane that there has been a problem with some accounts and asks her to verify her password with him ''just to double check our records.'' Jane does not suspect anything amiss, and parts with her password. Jack can now access Brown Co.'s computers with a valid user name and password, to steal the cookie recipe. What kind of attack is being illustrated here?

1. A. Reverse Psychology
2. B. Reverse Engineering
3. C. Social Engineering
4. D. Spoofing Identity
5. E. Faking Identity

Correct Answer: C

- (Topic 7)
Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored? (Choose the best answer)

1. A. symmetric algorithms
2. B. asymmetric algorithms
3. C. hashing algorithms
4. D. integrity algorithms

Correct Answer: C
In cryptography, a cryptographic hash function is a hash function with certain additional security properties to make it suitable for use as a primitive in various information security applications, such as authentication and message integrity. A hash function takes a long string (or 'message') of any length as input and produces a fixed length string as output, sometimes termed a message digest or a digital fingerprint.