412-79V10

The term social engineering is used to describe the various tricks used to fool people (employees, business partners, or customers) into voluntarily giving away information that would not normally be known to the general public. What is the criminal practice of social engineering where an attacker uses the telephone system...

Which one of the following tools of trade is an automated, comprehensive penetration testing product for assessing the specific information security threats to an organization?A . Sunbelt Network Security Inspector (SNSI)B . CORE ImpactC . CanvasD . Microsoft Baseline Security Analyzer (MBSA)View AnswerAnswer: C

A framework for security analysis is composed of a set of instructions, assumptions, and limitations to analyze and solve security concerns and develop threat free applications. Which of the following frameworks helps an organization in the evaluation of the company’s information security with that of the industrial standards?A . Microsoft...

Which of the following statements is true about Multi-Layer Intrusion Detection Systems (mIDSs)?A . Decreases consumed employee time and increases system uptimeB . Increases detection and reaction timeC . Increases response timeD . Both Decreases consumed employee time and increases system uptime and Increases response timeView AnswerAnswer: A

In the context of penetration testing, what does blue teaming mean? A . A penetration test performed with the knowledge and consent of the organization's IT staffB . It is the most expensive and most widely usedC . It may be conducted with or without warningD . A penetration test...

TCP/IP provides a broad range of communication protocols for the various applications on the network. The TCP/IP model has four layers with major protocols included within each layer. Which one of the following protocols is used to collect information from all the network devices?A . Simple Network Management Protocol (SNMP)B...

Identify the framework that comprises of five levels to guide agency assessment of their security programs and assist in prioritizing efforts for improvement:A . Information System Security Assessment Framework (ISSAF)B . Microsoft Internet Security FrameworkC . Nortells Unified Security FrameworkD . Federal Information Technology Security Assessment FrameworkView AnswerAnswer: D

John and Hillary works at the same department in the company. John wants to find out Hillary's network password so he can take a look at her documents on the file server. He enables Lophtcrack program to sniffing mode. John sends Hillary an email with a link to Error! Reference source not...

You are the security analyst working for a private company out of France. Your current assignment is to obtain credit card information from a Swiss bank owned by that company. After initial reconnaissance, you discover that the bank security defenses are very strong and would take too long to penetrate. You decide...

Traffic on which port is unusual for both the TCP and UDP ports?A . Port 81B . Port 443C . Port 0D . Port 21View AnswerAnswer: C