Question

1. (TCO A) A common motivation for a hacker is _____. (Points : 5)        economic motivation        to win a prize in a competition        to pass a job interview test        to answer a test question

Question 2.2. (TCO A) DNS information gained through WHOIS is used for what kind of reconnaissance? (Points : 5)        Active reconnaissance        Passive reconnaissance        Passive scanning        Active grouping

Question 3.3. (TCO B) Updates to programs and the operating system _____. (Points : 5)        should never be tested before installation due to licensing        should only be installed after they are tested        must all be installed as soon as possible        are never issued for Linux-based systems

Question 4.4. (TCO B) In relation to network security standards and guidelines, Cisco best practices include _____. (Points : 5)        Storing the operation system in NVRAM        installing hotfixes before service packs        using the same basic mode and privileged level passwords        using different basic mode and privileged level passwords

Question 5.5. (TCO C) _____ is a nonproprietary protocol that provides excellent reporting capabilities for the accounting function. (Points : 5)        RADIUS        TACACS+        AES        DES

Question 6.6. (TCO C) The public key infrastructure provides authentication through _____. (Points : 5)        private exchanges        advanced digital certificates        UDP/TCP        public general law certificates

Question 7.7. (TCO D) A routing protocol with built-in authentication is _____. (Points : 5)        RIP        OSPF        EIGRP        IS-IS

Question 8.8. (TCO E) The Diffie-Hellman algorithm is _____. (Points : 5)        a public key algorithm        a standards creation body for VPNs        obsolete at this time        only used for e-commerce sites

Question 9.9. (TCO F) The version of WPA2 that uses a preshared key is named _____. (Points : 5)        WEP        WPA2-PSK        WPA-PSK        Enterprise Server

Question 10.10. (TCO G) A vulnerability analysis tool that can intrude into a connection is _____. (Points : 5)        DSniff        Hunt        On Station        Ethernet

Answer 1

1.  economic motivation - Hackers generally hack the system to gain confidential information which they can sell or can get some money from. Rest of the things comes under ethical hacking.

2. Active reconnaissance: - Data obtained from DNS is done by Passive reconnaissance and then is used to launch Active reconnaissance.

3. must all be installed as soon as possible: - Because most updates include solving vulnerabilities of system, which needs to be installed as soon as possible.

4. using different basic mode and privileged level passwords: - Cisco applies various authentication levels and guidlines for network security managerment.

5. TACACS+ - RADIUS is used basically for applying additional layer of security.

6.  advanced digital certificates : - Digital signature is kind of a public key certificate which is used basically to authenticate the sender of a message using public key infrastructure or PKI

7. OSPF: - OSPF is a protocol having authentication key mechanism that can be used to build authentic rounting tables..

8. a public key algorithm - Diffie-Hellman or DH algorithm is primarily based on public key mechanism passed over public channel . It creates a key which is used to implement symmetric key ciphers.

9. WPA-PSK: - PSK here means pre shared key.

10. Hunt - Hunt is the tool that can intrude in a TCP/IP network and find out vulnerabilities in it. Dsniff is used to snif or find the vulnerabitities by network auditing.