- (Topic 3)
What is the extension of a Cascading Style Sheet?

1. A. .hts
2. B. .cs
3. C. .js
4. D. .css

Correct Answer: D

A Cascading Style Sheet (CSS) is a separate text file that keeps track of design and formatting information, such as colors, fonts, font sizes, and margins, used in Web pages. CSS is used to provide Web site authors greater control on the appearance and presentation of their Web pages. It has codes that are interpreteA, Dpplied by the browser on to the Web pages and their elements. CSS files have .css extension. There are three types of Cascading Style Sheets: External Style Sheet Embedded Style Sheet Inline Style Sheet

- (Topic 3)
You work as a Network Administrator for XYZ CORP. The company has a Windows-based network. The company wants to fix potential vulnerabilities existing on the tested systems. You use Nessus as a vulnerability scanning program to fix the vulnerabilities. Which of the following vulnerabilities can be fixed using Nessus?

1. A. Vulnerabilities that allow a remote cracker to control sensitive data on a system
2. B. Misconfiguration (e.
3. C. open mail relay, missing patches, etc.)
4. D. Vulnerabilities that allow a remote cracker to access sensitive data on a system
5. E. Vulnerabilities that help in Code injection attacks

Correct Answer: ABC

Nessus is a proprietary comprehensive vulnerability scanning program. It is free of charge for personal use in a non-enterprise environment. Its goal is to detect potential vulnerabilities on the tested systems. For example: Vulnerabilities that allow a remote cracker to control or access sensitive data on a system. Misconfiguration (e.g. open mail relay, missing patches, etc). Default passwords, a few common passwords, and blank/absent passwords on some system accounts. Nessus can also call Hydra (an external tool) to launch a dictionary attack. Denials of service against the TCP/IP stack by using mangled packets. On UNIX (including Mac OS X), it consists of nessusd, the Nessus daemon, which does the scanning, and nessus, the client, which controls scans and presents the vulnerability results to the user. For Windows, Nessus 3 installs as an executable and has a self-contained scanning, reporting, and management system. Operations: In typical operation, Nessus begins by doing a port scan with one of its four internal portscanners (or it can optionally use Amap or Nmap ) to determine which ports are open on the target and then tries various exploits on the open ports. The vulnerability tests, available as subscriptions, are written in NASL (Nessus Attack Scripting Language), a scripting language optimized for custom network interaction. Tenable Network Security produces several dozen new vulnerability checks (called plugins) each week, usually on a daily basis. These checks are available for free to the general public; commercial customers are not allowed to use this Home Feed any more. The Professional Feed (which is not free) also gives access to support and additional scripts (audit and compliance tests). Optionally, the results of the scan can be reported in various formats, such as plain text, XML, HTML, and LaTeX. The results can also be saved in a knowledge base for debugging. On UNIX, scanning can be automated through the use of a command-line client. There exist many different commercial, free and open source tools for both UNIX and Windows to manage individual or distributed Nessus scanners. If the user chooses to do so (by disabling the option 'safe checks'), some of Nessus's vulnerability tests may try to cause vulnerable services or operating systems to crash. This lets a user test the resistance of a device before putting it in production. Nessus provides additional functionality beyond testing for known network vulnerabilities. For instance, it can use Windows credentials to examine patch levels on computers running the Windows operating system, and can perform password auditing using dictionary and brute force methods. Nessus 3 and later can also audit systems to make sure they have been configured per a specific policy, such as the NSA's guide for hardening Windows servers. Answer D is incorrect. Nessus cannot be used to scan vulnerabilities that help in Code injection attacks.

- (Topic 4)
A sequence number is a 32-bit number ranging from 1 to 4,294,967,295. When data is sent over the network, it is broken into fragments (packets) at the source and reassembled at the destination system. Each packet contains a sequence number that is used by the destination system to reassemble the data packets in the correct order. The Initial Sequence Number of your computer is 24171311 at login time. You connect your computer to a computer having the IP address 210.213.23.21. This whole process takes three seconds. What will the value of the Initial Sequence Number be at this moment?

1. A. 24171811
2. B. 24619311
3. C. 24171111
4. D. 24171311

Correct Answer: B

You took 3 seconds to establish a connection. During this time, the value of the Initial Sequence Number would become [24171311 + (1 * 64000) + (3 * 128000)], i.e., 24619311.

- (Topic 3)
The employees of CCN Inc. require remote access to the company's proxy servers. In order to provide solid wireless security, the company uses LEAP as the authentication protocol. Which of the following is supported by the LEAP protocol?

1. A. Dynamic key encryption
2. B. Public key certificate for server authentication
3. C. Strongest security level
4. D. Password hash for client authentication

Correct Answer: AD

LEAP can use only password hash as the authentication technique. Not only LEAP, but EAP-TLS, EAP-TTLS, and PEAP also support dynamic key encryption and mutual authentication. Answer C is incorrect. LEAP provides only a moderate level of security. Answer B is incorrect. LEAP uses password hash for server authentication.

- (Topic 4)
Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active Directory domain-based network. The domain contains one hundred Windows XP Professional client computers. Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will use Wired Equivalent Privacy (WEP) for all the connections. According to the company's security policy, the client computers must be able to automatically connect to the wireless LAN. However, the unauthorized computers must not be allowed to connect to the wireless LAN and view the wireless network. Mark wants to configure all the wireless access points and client computers to act in accordance with the company's security policy. What will he do to accomplish this? (Choose three)

1. A. Configure the authentication type for the wireless LAN to Shared Key
2. B. On each client computer, add the SSID for the wireless LAN as the preferred network
3. C. Install a firewall software on each wireless access point
4. D. Disable SSID Broadcast and enable MAC address filtering on all wireless access points
5. E. Configure the authentication type for the wireless LAN to Open system
6. F. Broadcast SSID to connect to the access point (AP)

Correct Answer: ABD

To configure all the wireless access points and client computers to act in accordance with the company's security policy, Mark will take the following actions: Configure the authentication type for the wireless LAN to Shared Key. Shared Key authentication provides access control. Disable SSID Broadcast and enable MAC address filtering on all the wireless access points. Disabling SSID Broadcast and enabling MAC address filtering will prevent unauthorized wireless client computers from connecting to the access point (AP). Only the computers with particular MAC addresses will be able to connect to the wireless access points. On each client computer, add the SSID for the wireless LAN as the preferred network. Answer E is incorrect. Setting the authentication type for the wireless LAN to Open System will disable Wired Equivalent Privacy (WEP). This level of WEP will not provide security.