Question 55

- (Topic 1)
Ryan wants to create an ad hoc wireless network so that he can share some important files with another employee of his company. Which of the following wireless security protocols should he choose for setting up an ad hoc wireless network?
(Choose two)

Correct Answer:BC
Ryan can either choose WEP or WPA-PSK wireless protocol to set an ad hoc wireless network. Answer A is incorrect. WPA2-EAP cannot be chosen for an ad hoc wireless network, as it requires RADIUS (Remote Authentication Dial- In User Service) server for authentication. Answer D is incorrect. WPA-EAP cannot be chosen for an ad hoc wireless network, as it requires RADIUS (Remote Authentication Dial-In User Service) server for authentication.

Question 56

- (Topic 4)
In which of the following attacking methods does an attacker distribute incorrect IP address?

Correct Answer:A

In DNS poisoning attack, an attacker distributes incorrect IP address. DNS cache poisoning is a maliciously created or unintended situation that provides data to a caching name server that did not originate from authoritative Domain Name System (DNS) sources. Once a DNS server has received such non-authentic datA, Caches it for future performance increase, it is considered poisoned, supplying the non-authentic data to the clients of the server. To perform a cache poisoning attack, the attacker exploits a flaw in the DNS software. If the server does not correctly validate DNS responses to ensure that they are from an authoritative source, the server will end up caching the incorrect entries locally and serve them to other users that make the same request. Answer B is incorrect. IP (Internet Protocol) address spoofing is an attack in which an attacker creates the IP packets with a forged (spoofed) source IP address with the purpose of concealing the identity of the sender or impersonating another computing system. The basic protocol for sending data over the Internet and many other computer networks is the Internet Protocol ("IP"). The header of each IP packet contains, among other things, the numerical source and destination address of the packet. The source address is normally the address that the packet was sent from. By forging the header so it contains a different address, an attacker can make it appear that the packet was sent by a different machine. The machine that receives spoofed packets will send response back to the forged source address, which means that this technique is mainly used when the attacker does not care about the response or the attacker has some way of guessing the response. Answer D is incorrect. Man-in-the-middle attacks occur when an attacker successfully inserts an intermediary software or program between two communicating hosts. The intermediary software or program allows attackers to listen to and modify the communication packets passing between the two hosts. The software intercepts the communication packets and then sends the information to the receiving host. The receiving host responds to the software, presuming it to be the legitimate client. Answer C is incorrect. MAC flooding is a technique employed to compromise the security of network switches. In a typical MAC flooding attack, a switch is flooded with packets, each containing different source MAC addresses. The intention is to consume the limited memory set aside in the switch to store the MAC address-to-physical port translation table. The result of this attack causes the switch to enter a state called failopen mode, in which all incoming packets are broadcast out on all ports (as with a hub), instead of just down the correct port as per normal operation. A malicious user could then use a packet sniffer (such as Wireshark) running in promiscuous mode to capture sensitive data from other computers (such as unencrypted passwords, e- mail and instant messaging conversations), which would not be accessible were the switch operating normally.

Question 57

- (Topic 3)
Which of the following types of servers are dedicated to provide resources to hosts on the network? (Choose three)

Correct Answer:ACE

Following types of servers are dedicated to provide resources to other hosts on the network: Mail servers Print servers Web servers Default gateway does not provide resources to hosts on the network. Monitoring server is not a type of server.

Question 58

- (Topic 4)
You are the Security Administrator for an Internet Service Provider. From time to time your company gets subpoenas from attorneys and law enforcement for records of customers' access to the internet. What policies must you have in place to be prepared for such requests?

Correct Answer:D

Storage and retention policies will determine how long you keep records (such as records of customers Web activity), how you will store them, and how you will dispose of them. This will allow you to know what records you should still have on hand should a legal request for such records come in. Answer C is incorrect. User policies might determine what a customer has access to, but won't help you identify what they actually did access. Answer A is incorrect. Group policies are usually pertinent to network administration, not the open and uncontrolled environment of an ISP. Answer B is incorrect. Backup policies dictate how data is backed up and stored.

Question 59

- (Topic 2)
You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to impose some special access restrictions on users. Which of the following Unix configuration files can you use to accomplish the task?

Correct Answer:C
In Unix, the /etc/usertty file is used to impose some special access restrictions on users. Answer B is incorrect. In Unix, the /etc/terminfo file contains the details for the terminal I/O. Answer A is incorrect. In Unix, the /var/run/utmp file is the configuration file that contains information about the currently logged in users. Mostly, the 'Who' and 'w' commands use this file. Answer D is incorrect. In Unix, the /etc/termcap file works as a terminal capability database.

Question 60

- (Topic 1)
You work as the Network Administrator for XYZ CORP. The company has a Unix-based network. You want to fix partitions on a hard drive. Which of the following Unix commands can you use to accomplish the task?

Correct Answer:D

The fdisk command is a menu-based command available with Unix for hard disk configuration. This command can perform the following tasks: Delete a partition on a hard disk. Create a partition on a hard disk. Change the partition type. Display the partition table. Answer B is incorrect. In Unix, the exportfs command is used to set up filesystems to export for nfs (network file sharing). Answer A is incorrect. In Unix, the fdformat command formats a floppy disk. Answer C is incorrect. In Unix, the fsck command is used to add new blocks to a filesystem. This command must not be run on a mounted file system.

START GSNA EXAM