In the OSI model, where does PPTP encryption take place?
A. Transport layer
B. Application layer
C. Data link layer
D. Network layer
What is the main advantage that a network-based IDS/IPS system has over a host-based solution?
A. They do not use host system resources.
B. They are placed at the boundary,allowing them to inspect all traffic.
C. They are easier to install and configure.
D. They will not interfere with user interfaces.
An NMAP scan of a server shows port 25.is open..What risk could this pose?
A. Open printer sharing
B. Web portal data leak
C. Clear text authentication
D. Active mail relay
Which of the following are variants of mandatory access control mechanisms? (Choose two.)
A. Two factor authentication
B. Acceptable use policy
C. Username / password
D. User education program
E. Sign in register
An.attacker uses a communication channel within an operating system that is neither designed nor intended to transfer information. What is the name of the communications channel?
Which of the following is used to indicate a single-line comment in structured query language (SQL)?
What is the primary drawback to using advanced encryption standard (AES) algorithm with a 256 bit key to share sensitive data?
A. Due to the key size,the time it will take to encrypt and decrypt the message hinders efficient communication.
B. To get messaging programs to function with this algorithm requires complex configurations.
C. It has.been proven to be a weak cipher; therefore,should not be trusted to protect sensitive data.
D. It.is a symmetric key algorithm,meaning each recipient must receive the key through a different channel than the message.
Pentest results.indicate that voice over IP traffic is traversing a network..Which of the following tools will decode a packet capture and extract the voice conversations?
B. John the Ripper
Information gathered from social networking websites such as Facebook, Twitter and LinkedIn can be used to launch which of the following types of attacks? (Choose two.)
A. Smurf attack
B. Social engineering attack
C. SQL injection attack
D. Phishing attack
E. Fraggle attack
F. Distributed denial of service attack
Which of the following examples best represents a logical or technical.control?
A. Security tokens
B. Heating and air conditioning
C. Smoke and fire alarms
D. Corporate security policy