Q1. You have determined that an attack is currently underway on your database server. An attacker is currently logged in, modifying data. You want to preserve logs, caching and other data on this affected server. Which of the following actions will best allow you to stop the attack and still preserve data?

A. Pull the server network cable

B. Shut down the server

C. Back up the system logs

D. Force an instant password reset

Q2. What is the primary drawback of using symmetric-key encryption?

A. Key transport across a network

B. Speed of encryption

C. Denial-of-service attacks

D. Inability to support convergence traffic

Q3. Which of the following is a primary auditing activity?

A. Encrypting data files

B. Changing login accounts

C. Checking log files

D. Configuring the firewall

Q4. A distributed denial-of-service (DDOS) attack has occurred where both ICMP and TCP packets have crashed the company's Web server. Which of the following techniques will best help reduce the severity of this attack?

A. Filtering traffic at the firewall

B. Changing your ISP

C. Installing Apache Server rather than Microsoft IIS

D. Placing the database and the Web server on separate systems

Q5. You have been assigned to provide security measures for your office's reception area. Although the company needs to provide security measures, costs must be kept to a minimum. Which of the following tools is the most appropriate choice?

A. Firewall

B. Intrusion-detection system

C. Camera

D. Security guard

Q6. An application is creating hashes of each file on an attached storage device. Which of the following will typically occur during this process?

A. An increase in the amount of time it takes for the system to respond to requests

B. Reduced risk of an attack

C. Increased risk of an attack

D. A reduction in the amount of time it takes for the system to respond to requests

Q7. You have implemented a version of the Kerberos protocol for your network. What service does Kerberos primarily offer?

A. Authentication

B. Encryption

C. Non-repudiation

D. Data integrity

Q8. Which of the following is most likely to pose a security threat to a Web server?

A. CGI scripts

B. Database connections

C. Flash or Silverlight animation files

D. LDAP servers

Q9. Consider the following diagram:

Which of the following best describes the protocol activity shown in the diagram, along with the most likely potential threat that accompanies this protocol?

A. The ICMP Time Exceeded message, with the threat of a denial-of-service attack

B. The SIP three-way handshake, with the threat of a buffer overflow

C. The TCP three-way handshake, with the threat of a man-in-the-middle attack

D. The DNS name query, with the threat of cache poisoning

Q10. You have been assigned to configure a DMZ that uses multiple firewall components. Specifically, you must configure a router that will authoritatively monitor and, if necessary, block traffic. This device will be the last one that inspects traffic before it passes to the

A. Screening router

B. Bastion host

C. Proxy server

D. Choke router