An algorithm which is a part of the U.S. government's long-term project to develop a set of standards for publicly available cryptography as authorized by the Computer Security Act of 1987 accepts a message of 264 bits in length and a 160-bit message output digest is produced to complicate text searching. Which of the following algorithms is a family of two similar hash functions, with different block sizes, and uses 32-bit words and 64-bit words?

A security strategy in which several protection layers are placed throughout an information system helps to prevent direct attacks against an information system and data because a break in one layer only leads the attacker to the next layer. What is this security strategy called?

Messy, a network defender, was hired to secure an organization's internal network. He deployed an IDS in which the detection process depends on observing and comparing the observed events with the normal behavior and then detecting any deviation from it. Identify the type of IDS employed by Messy in the above scenario.

Which of the following attacks CANNOT be detected by an Intrusion Detection System (IDS)? Each correct answer represents a complete solution. Choose all that apply.

Which of the following statements are true about routers? Each correct answer represents a complete solution. Choose all that apply.

Cheryl, a forensic expert, was recruited to investigate a malicious activity performed by an anonymous hackers' group on an organization's systems. Using an automated tool, Cheryl was able to extract the malware file and analyze the assembly code instructions, which helped him understand the malware's purpose. Which of the following tools helped Cheryl extract and analyze the assembly code of the malware?

Which of the following types of attacks cannot be prevented by technical measures only?

Mary was surfing the Internet, and she wanted to hide her details and the content she was surfing over the web. She employed a proxy tool that makes his online activity untraceable. Identify the type of proxy employed by John in the above scenario.

You are responsible for security at a company that uses a lot of Web applications. You are most concerned about flaws in those applications allowing some attacker to get into your network. What method would be best for finding such flaws?

Bob, a security professional, was recruited by an organization to ensure that application services are being delivered as expected without any delay. To achieve this. Bob decided to maintain different backup servers for the same resources so that if one backup system fails, another will serve the purpose. Identify the IA principle employed by Bob in the above scenario.

Bob. a network specialist in an organization, is attempting to identify malicious activities in the network. In this process. Bob analyzed specific data that provided him a summary of a conversation between two network devices, including a source IP and source port, a destination IP and destination port, the duration of the conversation, and the information shared during the conversation. Which of the following types of network-based evidence was collected by Bob in the above scenario?

Firewalking is a technique that can be used to gather information about a remote network protected by a firewall. This technique can be used effectively to perform information gathering attacks. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall. Which of the following are pre-requisites for an attacker to conduct firewalking? Each correct answer represents a complete solution. Choose all that apply.

Which of the following OSI layers is responsible for protocol conversion, data encryption/decryption, and data compression?

The security of the network can be increased in a number of ways, for instance, by installing a special kind of web server and through packet filtering. What type of server is implemented as an intermediary server between a client and a server to act as a shield and protect and hide the computer from the outside network?

Which of the following statements best describes a certification authority?

Each correct answer represents a complete solution. Choose all that apply.

You work as a Network Administrator for Tech Perfect Inc. The company requires a secure wireless network. To provide security, you are configuring ISA Server 2006 as a firewall. While configuring ISA Server 2006, which of the following is NOT necessary?

Which of the following attack allows attackers to bypass client-ID security mechanisms and gain access privileges, and then inject malicious scripts into specific web pages?

Which of the following representatives of incident response team takes forensic backups of the systems that are the focus of the incident?