One way to defeat a multi-level security solution is to leak data via
Every company needs a formal written document which spells out to employees precisely what they are allowed to use the company's systems for, what is prohibited, and what will happen to them if they break the rules. Two printed copies of the policy should be given to every employee as soon as possible after they join the organisation. The employee should be asked to sign one copy, which should be safely filed by the company. No one should be allowed to use the company's computer systems until they have signed the policy in acceptance of its terms.
What is this document called?
Smart cards use which protocol to transfer the certificate in a secure manner?
An Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, Digital Subscriber Lines (DSL), wireless data services, and Virtual Private Networks (VPN) over a Frame Relay network.
Which AAA protocol is most likely able to handle this requirement?
Which of the following commands runs snort in packet logger mode?
During a recent security assessment, you discover the organisation has one Domain Name Server (DNS) in a Demilitarised Zone (DMZ) and a second DNS server on the internal network.
What is this type of DNS configuration commonly called?
Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?
A common cryptographical tool is the use of XOR. XOR the following binary values:
Websites and web portals that provide web services commonly use the Simple Object Access Protocol SOAP.
Which of the following is an incorrect definition or characteristics in the protocol?
In the OSI model, where does PPTP encryption take place?
A network administrator received an administrative alert at 3:00 a.m. from the intrusion detection system. The alert was generated because a large number of packets were coming into the network over ports 20 and 21.
During analysis, there were no signs of attack on the FTP servers. How should the administrator classify this situation?
Which of the following is a characteristic of Public Key Infrastructure (PKI)?
Sandra is the security administrator of XYZ.com. One day she notices that the XYZ.com Oracle database server has been compromised and customer information along with financial data has been stolen. The financial loss will be estimated in millions of pounds if the database gets into the hands of competitors. Sandra wants to report this crime to the law enforcement agencies immediately. Which organisation coordinates computer crime investigations throughout the United Kingdom?
What does the following command in netcat do? nc -l -u -p55555 < /etc/passwd
Using Windows CMD, how would an attacker list all the shares to which the current user context has access?
During the process of encryption and decryption, what keys are shared?
Which DNS resource record can indicate how long any "DNS poisoning" could last?
Least privilege is a security concept that requires that a user is
A hacker, who posed as a heating and air conditioning specialist, was able to install a sniffer program in a switched environment network.
If an attacker uses the command SELECT*FROM user WHERE name = 'x' AND userid IS NULL; --'; which type of SQL injection attack is the attacker performing?
On a Linux device, which of the following commands will start the Nessus client in the background so that the Nessus server can be configured?