A new server has been placed on the network. You have been assigned to protect this server using a packet-filtering firewall. To comply with this request, you have enabled the following ruleset:

Which choice describes the next step to take now that this ruleset has been enabled?
A. From the internal network, use your Web browser to determine whether all internal users can access the Web server.
B. From the internal network, use your e-mail client to determine whether all internal users can access the e-mail server.
C. From the external network, use your Web browser to determine whether all external users can access the Web server.
D. From the external network, use your e-mail client to determine whether all external users can access the e-mail server.
What is the primary drawback of using symmetric-key encryption?
A. Key transport across a network
B. Speed of encryption
C. Denial-of-service attacks
D. Inability to support convergence traffic
Which of the following is a typical target of a trojan on a Linux system?
A. Kernel modules
B. Shared libraries
C. Boot sector files
D. System32 DLL files
You want to create a quick solution that allows you to obtain real-time login information for the administrative account on an LDAP server that you feel may become a target. Which of the following will accomplish this goal?
A. Reinstall the LDAP service on the server so that it is updated and more secure.
B. Install an application that creates checksums of the contents on the hard disk.
C. Create a login script for the administrative account that records logins to a separate server.
D. Create a dummy administrator account on the system so that a potential hacker is distracted from the
real login account.
Which algorithm can use a 128-bit key, and has been adopted as a standard by various governments and corporations?
A. MARS
B. RC2
C. Advanced Encryption Standard (AES)
D. International Data Encryption Algorithm (IDEA)
A new video conferencing device has been installed on the network. You have been assigned to troubleshoot a connectivity problem between remote workers and the central company. Specifically, remote workers are having problems making any connection at all. Which technique will most likely help you solve this problem while retaining the existing level of security at the firewall?
A. Deny all use of UDP above Port 1024.
B. Configure the firewall to provide VPN access.
C. Configure a second network connection directly to the video conferencing device.
D. Allow all use of UDP below Port 1024.
Which tool is best suited for identifying applications and code on a Web server that can lead to a SQL injection attack?
A. A vulnerability scanner
B. A packet sniffer
C. An intrusion-detection system
D. A network switch
Which of the following activities is the most effective at keeping the actions of nae end users from putting the company's physical and logicalWhich of the following activities is the most effective at keeping the actions of na?e end users from putting the company's physical and logical resources at risk?
A. Configuring network intrusion-detection software to monitor end user activity
B. Conducting a training session at the time of hire
C. Reconfiguring the network firewall
D. Assembling a team of security professionals to monitor the network
At what layer of the OSI/RM does a packet filter operate?
A. Layer 1
B. Layer 3
C. Layer 5
D. Layer 7
Consider the following diagram:

Which of the following best describes the protocol activity shown in the diagram, along with the most likely potential threat that accompanies this protocol?
A. The ICMP Time Exceeded message, with the threat of a denial-of-service attack
B. The SIP three-way handshake, with the threat of a buffer overflow
C. The TCP three-way handshake, with the threat of a man-in-the-middle attack
D. The DNS name query, with the threat of cache poisoning