DON'T WANT TO MISS A THING?

Certification Exam Passing Tips

Latest exam news and discount info

Curated and up-to-date by our experts

Yes, send me the newsletter

Latest GIAC GCPM Exam Questions for Effective Exam Preparation

The GIAC Certified Project Manager (GCPM) certification validates a practitioner's knowledge of technical project management methodology and implementation. GCPM certification holders have demonstrated the critical skill sets associated with making projects successful, including effective communication and time, cost, quality, procurement and risk management of IT projects and application development. Preparing for the GCPM exam with SPOTO's exam questions and answers, test questions, mock exams, and comprehensive study materials can greatly increase your chances of passing successfully. Their high-quality exam resources cover all the essential topics, providing you with the necessary foundation to ace the certification. With SPOTO's expertly crafted exam questions, rigorous practice tests, and in-depth exam preparation resources, you can confidently tackle the real GCPM exam and showcase your project management prowess.
Take other online exams

Question #1
Adam works as a professional Computer Hacking Forensic Investigator. He has been called by the FBI to examine data of the hard disk, which is seized from the house of a suspected terrorist. Adam decided to acquire an image of the suspected hard drive. He uses a forensic hardware tool, which is capable of capturing data from IDE, Serial ATA,SCSI devices, and flash cards. This tool can also produce MD5 and CRC32 hash while capturing the data. Which of the following tools is Adam using?
A. Wipe MASSter
B. ImageMASSter 4002i
C. ImageMASSter Solo-3
D. FireWire DriveDock
View answer
Correct Answer: C
Question #2
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully performed the following steps of the pre-attack phase to check the security of the We-are-secure network: l Gathering information l Determining the network range l Identifying active systemsNow, he wants to find the open ports and applications running on the network. Which of the following tools will he use to accomplish his task?
A. APNIC
B. ARIN
C. SuperScan
D. RIPE
View answer
Correct Answer: C
Question #3
Which of the following commands in MQC tool matches IPv4 and IPv6 packets when IP parameter is missing?
A. Match access-group
B. Match fr-dlci
C. Match IP precedence
D. Match cos
View answer
Correct Answer: C
Question #4
You work as a Software Developer for ABC Inc. The company uses Visual Studio.NET2005 as its application development platform. You create a Web service application using.NET Framework. The Web service provides confidential data of employees to applications that manage access to company facilities. The Web service is accessible by using TCP and is sheltered by using WSE 3.0. The company has implemented fingerprint readers to grant employees access to the facilities. All the captured images of the employees' f
A. Configure the Web service to use base64 encoding to pass the binary fingerprint image
B. Create a SOAP extension to manage encryption for the message
C. Configure the Web service to use Message Transmission Optimization Mechanism to pass the binary fingerprint image
D. Create a SOAP filter to manage encryption for the message
View answer
Correct Answer: C
Question #5
You work as a Network Administrator for Marioxnet Inc. You have the responsibility of handling two routers with BGP protocol for the enterprise's network. One of the two routers gets flooded with an unexpected number of data packets, while the other router starves with no packets reaching it. Which of the following attacks can be a potential cause of this?
A. Denial-of-Service
B. Eavesdropping
C. Spoofing
D. Packet manipulation
View answer
Correct Answer: A
Question #6
You work as a Windows Application Developer for ABC Inc. The company uses VisualStudio .NET 2008 as its application development platform. You are creating a WindowsForms application using .NET Framework 3.5. You need to develop a new control for the application. You must ensure that the control inherits the TreeView control by adding a custom node tag and a highlight color. What will you do?
A. Set the control's DrawMode property to OwnerDrawText, and then implement a custom DrawNode event handler
B. Set the control's DrawMode property to OwnerDrawAll, and then implement a custom DrawNode event handler
C. Write a code segment in the DrawNode event handler to give the highlight color
D. Override the OnPaint method
View answer
Correct Answer: A
Question #7
TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port will drop the packet. Which of the following operating systems can be easily identified with the help of TCP FIN scanning?
A. Windows
B. Red Hat
C. Solaris
D. Knoppix
View answer
Correct Answer: A
Question #8
TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the target port. If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port will drop the packet. Which of the following operating systems can be easily identified with the help of TCP FIN scanning?
A. Solaris
B. Red Hat
C. Knoppix
D. Windows
View answer
Correct Answer: D
Question #9
Which of the following is a correct sequence of different layers of Open SystemInterconnection (OSI) model?
A. Physical layer, data link layer, network layer, transport layer, presentation layer, session layer, and application layer
B. application layer, presentation layer, network layer, transport layer, session layer, data link layer, and physical layer
C. Physical layer, data link layer, network layer, transport layer, session layer, presentation layer, and application layer
D. Physical layer, network layer, transport layer, data link layer, session layer, presentation layer, and application layer
View answer
Correct Answer: C
Question #10
You have decided to implement an intrusion detection system on your network. You primarily are interested in the IDS being able to recognized known attack techniques.Which type of IDS should you choose?
A. Signature Based
B. Passive
C. Active
D. Anomaly Based
View answer
Correct Answer: A
Question #11
You work as a Software Developer for ABC Inc. The company has several branchesWorldwide. The company uses Visual Studio.NET 2005 as its application development platform. You are creating an applications using .NET Framework 2.0. You want to allow users to view various details of a given unmanaged code. What will you do to accomplish the task?
A. Use a COM/DCOM server
B. Use the Dispinterface
C. Use the Makecert
D. Use the dumpbin
View answer
Correct Answer: D
Question #12
Given that mylist = [1, 3, 2, 1, 4, 5, 3] how do you remove all occurrences of the number 1 from the list in Python?
A. mylist=[x for x in mylist if x!=1]
B. mylist
C. mylist
D. mylist
View answer
Correct Answer: A
Question #13
Which of the following modules of OS X kernel (XNU) provides the primary system program interface?
A. BSD
B. LIBKERN
C. I/O Toolkit
D. Mach
View answer
Correct Answer: A
Question #14
You want to ensure that everyone who sends you an email should encrypt it. However you do not wish to exchange individual keys with all people who send you emails. In order to accomplish this goal which of the following should you choose?
A. DES
B. AES
C. Symmetric Encryption
D. Public Key encryption
View answer
Correct Answer: D
Question #15
Every network device contains a unique built in Media Access Control (MAC) address, which is used to identify the authentic device to limit the network access. Which of the following addresses is a valid MAC address?
A. F936
B. A3-07-B9-E3-BC-F9
C. 1011-0011-1010-1110-1100-0001
D. 132
View answer
Correct Answer: B
Question #16
You work as a Network Administrator for Net Perfect Inc. The company has a WindowsServer -2008 network environment. The servers on the network run Windows Server 2008 R2. All client computers on the network run Windows 7 Ultimate. You have configured feature on the laptop of few sales managers so that they can access corporate network from remote locations. Their laptops run Windows 7 Ultimate. Which of the following options does the DirectAccess use to keep data safer while traveling through travels public
A. IPv6-over-IPsec
B. IPSec-over-IPv4
C. VPN
D. SSL
View answer
Correct Answer: A
Question #17
Jane works as a project manager for HRM Inc. Various projects are running under her administration. Holly, the team leader of a project, provides Jane the performance indexes of her project. The schedule variance (SV) of her project is 15. What does this figure illustrate?
A. Holly's project is behind the schedule
B. Holly's project is ahead of the schedule
C. Holly's project is right on target
D. Holly's project has costs that are higher than planned
View answer
Correct Answer: B
Question #18
You work as a Software Developer for ABC Inc. The company has several branchesWorldwide. The company uses Visual Studio.NET 2005 as its application development platform. You are creating an applications using .NET Framework 2.0. You want to allow users to view various details of a given unmanaged code. What will you do to accomplish the task?
A. Use a COM/DCOM server
B. Use the Dispinterface
C. Use the Makecert
D. Use the dumpbin
View answer
Correct Answer: D
Question #19
What concept do Rainbow Tables use to speed up password cracking?
A. Fast Lookup Crack Tables
B. Memory Swap Trades
C. Disk Recall Cracking
D. Time-Memory Trade-off
View answer
Correct Answer: D
Question #20
Which of the following are the factors that determine the degree to which the Return onInvestment overstates the economic value?Each correct answer represents a complete solution. Choose all that apply.
A. Capitalization policy
B. Growth rate of new investment
C. Growth rate of old investment
D. Length of project life
View answer
Correct Answer: ABD
Question #21
Which of the following RAID levels will you use to implement a RAID system for providing fault tolerance to a database?
A. RAID 10
B. RAID 1
C. RAID 5
D. RAID 0
View answer
Correct Answer: B
Question #22
cannot be used to access the router from a computer?
A. Aux port
B. Console port
C. Serial port
D. Vty
View answer
Correct Answer: C
Question #23
What is the MOST important document to obtain before beginning any penetration testing?
A. Project plan
B. Exceptions document
C. Project contact list
D. A written statement of permission
View answer
Correct Answer: A
Question #24
You work as a Network Administrator for Infonet Inc. The company has a Windows Server2008 domain-based network. The network has three Windows Server 2008 member servers and 150 Windows Vista client computers. According to the company's security policy, you apply Windows firewall setting to the computers on the network. Now, you are troubleshooting a connectivity problem that might be caused by Windows firewall. What will you do to identify connections that Windows firewall allows or blocks?
A. Configure Internet Protocol Security (IPSec)
B. Configure Network address translation (NAT)
C. Disable Windows firewall logging
D. Enable Windows firewall logging
View answer
Correct Answer: D
Question #25
What will be printed below if the value of x is 7?
A. false
B. 7
C. true
D. 0
E. x
View answer
Correct Answer: B
Question #26
Which of the following protocols are used by Network Attached Storage (NAS)?Each correct answer represents a complete solution. Choose all that apply.
A. Apple Filing Protocol (AFP)
B. Server Message Block (SMB)
C. Network File System (NFS)
D. Distributed file system (Dfs)
View answer
Correct Answer: ABC
Question #27
Georgina works as a Software Developer for BlueChip Inc. She develops an application named App1 using Visual Studio .NET. The company wants her to deploy App1 to a customer's laptop. Georgina creates an assembly named Assembly1 to be stored in theGlobal Assembly Cache so that the Common Language Runtime (CLR) can locate and bind Assembly1.As the application executes, the CLR locates the path of Assembly1 through the codebase setting. But, it finds no element in the app.config file, and fails to b
A. Previously loaded assemblies
B. The application base or root directory
C. The Gacutil
D. Sub-directories in the application's root directory
E. The culture attribute of the assembly
F. The correct version of the assembly
G. The assembly's name
View answer
Correct Answer: BDEG
Question #28
Which of the following is the initiative of United States Department of Justice, which provides state and local law enforcement agencies the tools to prevent Internet crimes against children, and catches the distributors of child pornography on the Internet?
A. Innocent Images National Initiative (IINI)
B. Internet Crimes Against Children (ICAC)
C. Project Safe Childhood (PSC)
D. Anti-Child Porn
View answer
Correct Answer: B
Question #29
Which of the following statements about session tracking is true?
A. When using cookies for session tracking, there is no restriction on the name of the session tracking cookie
B. When using cookies for session tracking, the name of the session tracking cookie must be jsessionid
C. A server cannot use cookie as the basis for session tracking
D. A server cannot use URL rewriting as the basis for session tracking
View answer
Correct Answer: B
Question #30
Which of the following is a mandatory sub-element of the element of the deployment descriptor?
A.
B.
C.
D.
View answer
Correct Answer: A
Question #31
John works as a Software Developer for Blue Well Inc. He wants to create a class namedClass1 and implements the generic IComparable interface. He writes the following code: public class Class1 : System.IComparableHowever, John needs to compare one object of Class1 with another object. Which of the following code statement will John include in his application?
A. public int CompareTo(object obj){}
B. public object CompareTo(int obj){}
C. public object CompareTo(Class1 obj){}
D. public int CompareTo(Class1 obj){}
View answer
Correct Answer: D
Question #32
Where are Netcat's own network activity messages, such as when a connection occurs, sent?
A. Standard Error
B. Standard input
C. Standard Logfile
D. Standard Output
View answer
Correct Answer: A
Question #33
You work as a Software Developer for ABC Inc. You develop a multi-threaded application named MyMultThreadApp using Visual Studio .NET. The application logs all warning and informational messages in an event log that keeps track of significant events when the application is running. The event log records information that might be useful for troubleshooting or performance analysis. Which of the following are the considerations that you must keep in mind when logging events with multithreaded components?Each c
A. An exclusive lock should be obtained on the log to avoid race conditions
B. Each shared component should be thread-safe when interacting with an event log
C. The System
D. The Debug and Trace classes should be used to log events
View answer
Correct Answer: ABC
Question #34
What is the term used to describe the cost of the solution after the solution has been implemented in production by a vendor?
A. Total cost of ownership
B. Total ownership costing
C. Sustainability fees
D. Lifecycle maintenance fees
View answer
Correct Answer: A
Question #35
Which of the following are core TCP/IP protocols that can be implemented with WindowsNT to connect computers and internetworks?Each correct answer represents a complete solution. Choose all that apply.
A. Address Resolution Protocol (ARP)
B. Network Link Protocol (NWLink)
C. User Datagram Protocol (UDP)
D. Internet Control Message Protocol (ICMP)
View answer
Correct Answer: ACD
Question #36
What will the contents of the ?€__name__?€ variable be if the program ?€gpyc.py?€ is run as a standalone program?
A. The name of the Python version used to create the module
B. __main__
C. The name of the GCC compiler used to compile the module
D. gpyc
View answer
Correct Answer: B
Question #37
Which of the following are the countermeasures against WEP cracking?Each correct answer represents a part of the solution. Choose all that apply.
A. Changing keys often
B. Using the longest key supported by hardware
C. Using a 16 bit SSID
D. Using a non-obvious key
View answer
Correct Answer: ABD
Question #38
Which of the following items are generally analyzed by Internet filters?Each correct answer represents a complete solution. Choose three.
A. Content
B. Certificates
C. Uniform Resource Locators (URLs)
D. Network Topology
View answer
Correct Answer: ABC
Question #39
Which of the following plans provides measures and capabilities for recovering a major application or general support system?
A. Disaster recovery plan
B. Crisis communication plan
C. Contingency plan
D. Business continuity plan
View answer
Correct Answer: C
Question #40
You are working with a company that depends on real time data being available to employees, thus performance is an issue. They are trying to select the best method for handing the situation of a hard drive crashing. Which of the following would you recommend to them?
A. RAID 2
B. RAID 0
C. RAID 1
D. RAID 5
View answer
Correct Answer: D
Question #41
Given below are top-level class declarations. Which of these class declarations would not produce a compile-time error? abstract class P {} //1 private class Q {} //2 static class R {} //3 transient class S {} //4
A. Line 3
B. Line 1
C. Line 2
D. Line 4
View answer
Correct Answer: B
Question #42
You work as a professional Computer Hacking Forensic Investigator. A project has been assigned to you to investigate the DoS attack on a computer network of SecureEnet Inc.Which of the following methods will you perform to accomplish the task?Each correct answer represents a complete solution. Choose all that apply.
A. Look for core files or crash dumps on the affected systems
B. Sniff network traffic to the failing machine
C. Seize all computers and transfer them to the Forensic lab
D. Look for unusual traffic on Internet connections and network segments
View answer
Correct Answer: ABD
Question #43
A company named Tech Perfect Inc. has a TCP/IP based network. An IPS sensor is deployed in the network and configured to operate in promiscuous mode. IP blocking functionality works there in order to stop traffic from an attacking host and it helps in analyzing what happens in the network.The management wants to initiate a persistent connection with the managed devices until the block is removed. Which of the following will you configure in the network to accomplish the task?
A. Access Control List
B. Firewall
C. Network Admission Control
D. Virtual LAN
View answer
Correct Answer: C
Question #44
).IP addressing version 6 uses_____ -bit address. Its____ IP address assigned to a single host allows the host to send and receive data.
A. IP addressing version 6 uses 128 -bit address
View answer
Correct Answer: A
Question #45
What does the LIMIT function restrict in an SQL SELECT statement?
A. The number of queries that can be run against the table per second
B. The number of records a table is permitted to hold
C. The number of records that will be returned by a request
D. The number of subsequent SELECT statements that can be run against the table
View answer
Correct Answer: B
Question #46
Review the following Python code:
A. ?€?Jones?€?, ?€?Johnson?€?
B. ?€?Brown?€?, ?€?Williams?€?
C. ?€?Brown?€?, ?€?Jones?€?, ?€?Johnson?€?, ?€?Williams?€?
D. ?€?Johnson?€?, ?€?Johnson?€?, ?€?Williams?€?, ?€?Jones?€?, ?€?Jones?€?, ?€?Brown?€?
View answer
Correct Answer: A
Question #47
You work as a Network Administrator for NetTech Inc. When you enter http://66.111.64.227 in the browser's address bar, you are able to access the site. But, you are unable to access the site when you enter http://www.PassGuide.com. What is the most likely cause?
A. The site's Web server has heavy traffic
B. The site's Web server is offline
C. WINS server has no NetBIOS name entry for the server
D. DNS entry is not available for the host name
View answer
Correct Answer: D
Question #48
Which of the following methods is used to authenticate the users, and if the user has not been authenticated, the method returns false?
A. getCallerPrincipal()
B. getRemoteUser()
C. isUserInRole()
D. getCallerIdentity()
View answer
Correct Answer: C
Question #49
You work as a project manager for HRM Inc. You want to calculate the probability of loss due to cost overrun. Which of the following terms describes the above metric?
A. Cost risk
B. Residual risk
C. VAR
D. Secondary risk
View answer
Correct Answer: A
Question #50
Mark is hired as an Information Security Officer for BlueWell Inc. He wants to draw the attention of the management towards the significance of integrating information security in the business processes.Which of the following tasks should he perform first to accomplish the task?
A. He should perform a risk assessment
B. He should develop an information security policy
C. He should set up a security budget
D. He should obtain benchmarking information
View answer
Correct Answer: A
Question #51
Adam, a malicious hacker has successfully gained unauthorized access to the Linux system ofUmbrella Inc. Web server of the company runs on Apache. He has downloaded sensitive documents and database files from the computer. After performing these malicious tasks,Adam finally runs the following command on the Linux command box before disconnecting. for (( i = 0;i<11;i++ )); do dd if=/dev/random of=/dev/hda && dd if=/dev/zero of=/dev/hda doneWhich of the following actions does Adam want to perform by the above
A. Making a bit stream copy of the entire hard disk for later download
B. Deleting all log files present on the system
C. Wiping the contents of the hard disk with zeros
D. Infecting the hard disk with polymorphic virus strings
View answer
Correct Answer: C
Question #52
You work as a Programmer for InfoTech Inc. You develop two html pages named authenticate.jsp and error.jsp, which are deployed directly at the root of the Web application named Authentication. Which of the following deployment descriptor code declarations will be used to ensure that the error.jsp page will be displayed automatically if the client is not authenticated?
A. FORM /authenticate
B. FORM /authenticate
C. FORM /authenticate
D. FORM /authenticate
View answer
Correct Answer: A
Question #53
John works as a Software Developer for DawnStar Inc. He creates a class, namedMyClass1. He wants to generate a key pair that he will use to give the compiled assembly a strong name. Which of the following tools will he use to accomplish the task?
A. Installutil
B. Gacutil
C. Sn
D. Al
View answer
Correct Answer: C
Question #54
You work as a Network Administrator for Infonet Inc. The company's network has an FTP server.You want to secure the server so that only authorized users can access it. What will you do to accomplish this?
A. Stop the FTP service on the server
B. Disable anonymous authentication
C. Disable the network adapter on the server
D. Enable anonymous authentication
View answer
Correct Answer: B
Question #55
John works as a Web Developer for ProLabs Inc. He develops an ASP.NET application, namedMyWebApp1, using Visual Studio .NET. One of the pages in the application is named asPage1.aspx, which does not need to maintain session state. To improve the performance of the application, John wants to disable session state for Page1. Which of the following actions will he take to accomplish the task?
A. Set the EnableViewState attribute in the @ Page directive to false
B. Set the DisableSessionState attribute in the @ Page directive to true
C. In the sessionState configuration section of the application's Web
D. Set the EnableSessionState attribute in the @ Page directive to false
View answer
Correct Answer: D
Question #56
Which of the following is an input to the identify risks process?
A. Project scope statement
B. Residual risks
C. Return on investment
D. Referent power
View answer
Correct Answer: A
Question #57
You are a project manager for your organization. Your organization completes projects for other companies and your project has just ended. Although you were serving in a contractual-relationship for your company what should you do with the project records for the project you've completed for another entity?
A. The project information should be destroyed
B. The project information should stay with the company you completed the project for
C. The project information should be archived at your organization and at the client's organization
D. The project information should be archived at your organization
View answer
Correct Answer: D
Question #58
Which of the following types of attack can be used to break the best physical and logical security mechanism to gain access to a system?
A. Mail bombing
B. Cross site scripting attack
C. Social engineering attack
D. Password guessing attack
View answer
Correct Answer: C
Question #59
Mark is the Administrator of a Linux computer. He wants to check the status of failedTelnet-based login attempts on the Linux computer. Which of the following shell commands will he use to accomplish the task?
A. GREP
B. CP
C. FSCK
D. CAT
View answer
Correct Answer: A
Question #60
Which of the following access control models are used in the commercial sector?Each correct answer represents a complete solution. Choose two.
A. Clark-Wilson model
B. Clark-Biba model
C. Bell-LaPadula model
D. Biba model
View answer
Correct Answer: AD
Question #61
Which of the following is a file management tool?
A. Defrag
B. MSCONFIG
C. Device Manager
D. Windows Explorer
View answer
Correct Answer: D
Question #62
Anonymizers are the services that help make a user's own Web surfing anonymous. An anonymizer removes all the identifying information from a user's computer while the user surfs the Internet. It ensures the privacy of the user in this manner. After the user anonymizes a Web access with an anonymizer prefix, every subsequent link selected is also automatically accessed anonymously.Which of the following are limitations of anonymizers?
A. ActiveX controls
B. Plugins
C. Secure protocols
D. Java applications
E. JavaScript
View answer
Correct Answer: ABCDE
Question #63
John works as a Software Developer for Blue Well Inc. He wants to create a class namedClass1 and implements the generic IComparable interface. He writes the following code: public class Class1 : System.IComparableHowever, John needs to compare one object of Class1 with another object. Which of the following code statement will John include in his application?
A. public int CompareTo(object obj){}
B. public object CompareTo(int obj){}
C. public object CompareTo(Class1 obj){}
D. public int CompareTo(Class1 obj){}
View answer
Correct Answer: D
Question #64
Tony works as a Software Developer for TechNet Inc. He creates a satellite assembly namedSatAssembly1. He wants to install SatAssembly1 in the global assembly cache. Therefore, he compiles the assembly by using the Al.exe tool and signs SatAssembly1. Which of the following possible tools will Tony use to sign SatAssembly1?Each correct answer represents a complete solution. Choose two.
A. Installer tool
B. File Signing tool
C.
D. Strong Name tool
View answer
Correct Answer: BC
Question #65
Which of the following tools can be used for stress testing of a Web server?Each correct answer represents a complete solution. Choose two.
A. Internet bots
B. Spyware
C. Anti-virus software
D. Scripts
View answer
Correct Answer: AD
Question #66
What will be printed when the code in the screen capture is run?
A. An error
B. -1
C. 1
D. 2
E. 3
View answer
Correct Answer: E
Question #67
Which of the following firewalls filters the traffic based on the header of the datagram?
A. Application-level firewall
B. Packet filtering firewall
C. Circuit-level firewall
D. Stateful inspection firewall
View answer
Correct Answer: B
Question #68
By gaining full control of router, hackers often acquire full control of the network. Which of the following methods are commonly used to attack Routers?Each correct answer represents a complete solution. Choose all that apply.
A. By launching Social Engineering attack
B. By launching Max Age attack
C. Route table poisoning
D. By launching Sequence++ attack
View answer
Correct Answer: BCD
Question #69
You work as a professional Computer Hacking Forensic Investigator for DataEnet Inc. You want to investigate e-mail information of an employee of the company. The suspected employee is using an online e-mail system such as Hotmail or Yahoo. Which of the following folders on the local computer will you review to accomplish the task?Each correct answer represents a complete solution. Choose all that apply.
A. History folder
B. Temporary Internet Folder
C. Download folder
D. Cookies folder
View answer
Correct Answer: ABD
Question #70
Which of the following tools is a component of Cisco Adaptive Security Appliance (ASA) and provides an in-depth security design to prevent various types of problems such as viruses, spams, and spyware?
A. Anti-x
B. LIDS
C. Scanlogd
D. KFSensor
View answer
Correct Answer: A
Question #71
You work as a Software Developer for ABC Inc. The company uses Visual Studio .NET as its application development platform. You create a method to call a COM component using the .NET Framework. You want to use declarative security to request the runtime to run a complete stack walk. You need to ensure that all callers be obliged to level of trust for COM interop before the callers execute the method. Which of the following attributes will you place on the method to accomplish the task?
A. [SecurityPermission(SecurityAction
B. [SecurityPermission(SecurityAction
C. [SecurityPermissionSecurityAction
D. [SecurityPermission(SecurityAction
View answer
Correct Answer: A
Question #72
Analyze the excerpt from a packet capture between the hosts 192.168.116.9 and192.168.116.101. What factual conclusion can the tester draw from this output?
A. Port 135 is filtered, port 139 is open
B. Pons 135 and 139 are filtered
C. Ports 139 and 135 are open
D. Port 139 is closed, port 135 is open
View answer
Correct Answer: C
Question #73
Which of the following provide data confidentiality services by encrypting the data sent between wireless systems?Each correct answer represents a complete solution. Choose two.
A. MS-CHAP v2
B. WEP
C. PAP
D. WPA
View answer
Correct Answer: BC
Question #74
You write the following code.class Father {public void Method() {System.out.println("I am Father");}} public class Son extends Father {public static void main(String argv[]) {Son son = newSon();son.Method();}private void Method() {System.out.println("I am Son");}}Which of the following will be the result, when you try to compile and run the code?
A. I am Father will be displayed as the output
B. A runtime error will result
C. I am Son will be displayed as the output
D. The code will execute but without displaying any output
E. A compile-time error will result
View answer
Correct Answer: E
Question #75
Which of the following is a virus that can redirect the disk head to read another sector instead of the one in which it resides?
A. Multipartite virus
B. Macro virus
C. Stealth virus
D. Boot sector virus
View answer
Correct Answer: C
Question #76
You work as a Software Developer for ABC Inc. You develop a multi-threaded application named MyMultThreadApp using Visual Studio .NET. The application logs all warning and informational messages in an event log that keeps track of significant events when the application is running. The event log records information that might be useful for troubleshooting or performance analysis. Which of the following are the considerations that you must keep in mind when logging events with multithreaded components?Each c
A. An exclusive lock should be obtained on the log to avoid race conditions
B. Each shared component should be thread-safe when interacting with an event log
C. The System
D. The Debug and Trace classes should be used to log events
View answer
Correct Answer: ABC
Question #77
You work as a Network Administrator for Tech2tech Inc. You have configured a network- based IDS for your company.You have physically installed sensors at all key positions throughout the network such that they all report to the command console.What will be the key functions of the sensors in such a physical layout?Each correct answer represents a complete solution. Choose all that apply.
A. To collect data from operating system logs
B. To notify the console with an alert if any intrusion is detected
C. To analyze for known signatures
D. To collect data from Web servers
View answer
Correct Answer: BC
Question #78
What section of the penetration test or ethical hacking engagement final report is used to detail and prioritize the results of your testing?
A. Methodology
B. Conclusions
C. Executive Summary
D. Findings
View answer
Correct Answer: C
Question #79
An auditor assesses the database environment before beginning the audit. This includes various key tasks that should be performed by an auditor to identify and prioritize the users, data, activities, and applications to be monitored.Which of the following tasks need to be performed by the auditor manually?
A. Classifying data risk within the database systems
B. Monitoring data changes and modifications to the database structure, permission and user changes, and data viewing activities
C. Analyzing access authority
D. Archiving, analyzing, reviewing, and reporting of audit information
View answer
Correct Answer: AC
Question #80
Allen works as a Software Developer for ABC Inc. The company uses Visual Studio.NET as its application development platform. He creates an application using .NET Framework.He wants to encrypt all his e-mails that he sends to anyone. Which of the following will he use to accomplish the task?
A. PPP
B. FTP
C. PGP
D. PPTP
View answer
Correct Answer: C
Question #81
You work as a Network Administrator for Tech Perfect Inc. For security issues, the company requires you to harden its routers. You therefore write the following code:Router#config terminal -Router(config) #no ip bootp serverRouter(config) #no ip name-serverRouter(config) #no ntp server -Router(config) #no snmp server -Router(config) #no ip http serverRouter(config) #^Z Router#What services will be disabled by using this configuration fragment?
A. BootP service
B. Finger
C. CDP
D. DNS function Explanation:
View answer
Correct Answer: AD
Question #82
Mark works as the Network Administrator of a Windows 2000 based network. The network has a DNS server installed. He experiences host name resolution problems on the network. name resolution problems on the network.Which of the following tools will he use to do this?
A. NSLOOKUP
B. IPCONFIG
C. NBTSTAT
D. NETSTAT
View answer
Correct Answer: A
Question #83
Mark works as a Network Security Administrator for BlueWells Inc. The company has aWindowsbased network. Mark is giving a presentation on Network security threats to the newly recruited employees of the company. His presentation is about the External threats that the company recently faced in the past. Which of the following statements are true about external threats?Each correct answer represents a complete solution. Choose three.
A. These are the threats that originate from within the organization
B. These are the threats that originate from outside an organization in which the attacker attempts to gain unauthorized access
C. These threats can be countered by implementing security controls on the perimeters of the network, such as firewalls, which limit user access to the Internet
D. These are the threats intended to flood a network with large volumes of access requests
View answer
Correct Answer: BCD
Question #84
Normally, RAM is used for temporary storage of data. But sometimes RAM data is stored in the hard disk, what is this method called?
A. Cache memory
B. Static memory
C. Virtual memory
D. Volatile memory
View answer
Correct Answer: C
Question #85
You are an Incident manager in Orangesect.Inc. You have been tasked to set up a new extension of your enterprise. The networking, to be done in the new extension, requires different types of cables and an appropriate policy that will be decided by you. Which of the following stages in the Incident handling process involves your decision making?
A. Containment
B. Identification
C. Preparation
D. Eradication
View answer
Correct Answer: C
Question #86
You work as a Network Administrator for Tech Perfect Inc. You are required to verify security policies configured in the company's networks. Which of the following applications will you use to accomplish the task?
A. Network enumerator
B. Web application security scanner
C. Computer worm
D. Port scanner
View answer
Correct Answer: D
Question #87
You are project manager of HHK project. Examine the network diagram given below:
A. Four days
B. Zero, it is on the critical path
C. Six days
D. Five days
View answer
Correct Answer: A
Question #88
Hannah works as a Programmer in a college of Information Technology. The company uses Visual Studio .NET as its application development platform. The Dean of the college wants to obtain the performance report of each student. Hannah develops an application named StudentPerformanceReport by using Visual C# .NET. This application uses a SQLServer database named Database1 and a stored procedure named PROC1. PROC1 executes a query that returns the internal assessment result of each student.Hannah uses a TextBox
A. AssessmentText
B. AssessmentText
C. AssessmentText
D. AssessmentText
View answer
Correct Answer: BC
Question #89
Mark works as a Network Administrator for Perfect Inc. The company has both wired and wireless networks. An attacker attempts to keep legitimate users from accessing services that they require. Mark uses IDS/IPS sensors on the wired network to mitigate the attack.Which of the following attacks best describes the attacker's intentions?
A. Land attack
B. Internal attack
C. DoS attack
D. Reconnaissance attack
View answer
Correct Answer: C
Question #90
You work as a Software Developer for ABC Inc. The company uses Visual Studio .NET as its application development platform. You create a method to call a COM component using the .NET Framework. You want to use declarative security to request the runtime to run a complete stack walk. You need to ensure that all callers be obliged to level of trust for COM interop before the callers execute the method. Which of the following attributes will you place on the method to accomplish the task?
A. [SecurityPermission(SecurityAction
B. [SecurityPermission(SecurityAction
C. [SecurityPermissionSecurityAction
D. [SecurityPermission(SecurityAction
View answer
Correct Answer: A
Question #91
Which of the following is used to communicate with an authentication server commonly used in UNIX networks?
A. MS-CHAP
B. IPX/SPX
C. SMTP
D. TACACS
View answer
Correct Answer: D
Question #92
Which of the following are some of the parts of a project plan?Each correct answer represents a complete solution. Choose all that apply.
A. Risk identification
B. Project schedule
C. Team members list
D. Risk analysis
View answer
Correct Answer: ABC
Question #93
Which of the following options cannot be accessed from Windows Update?
A. Restore Hidden Updates
B. Check for Updates
C. View Update History
D. View AntiVirus Software Update
View answer
Correct Answer: D
Question #94
Which of the following tools is used to detect spam email without checking the content?
A. Kismet
B. EtherApe
C. DCC
D. Sniffer
View answer
Correct Answer: C
Question #95
When sniffing wireless frames, the interface mode plays a key role in successfully collecting traffic. Which of the mode or modes are best used for sniffing wireless traffic?
A. Master Ad-hoc
B. RFMON
C. RFMON
D. Ad-hoc
View answer
Correct Answer: A
Question #96
command used?
A. DCE
B. ETHERNET
C. VIRTUAL LINE VTY
D. DTE
View answer
Correct Answer: A
Question #97
Which of the following statements about the element are true?Each correct answer represents a complete solution. Choose all that apply.
A. It is an optional sub-element of the element
B. It has and as its sub-elements
C. If the element is not present, all users can access the resource
D. If the element has no sub-element, all users can access the resource
View answer
Correct Answer: AC

View Answers after Submission

Please submit your email and WhatsApp to get the answers of questions.

Note: Please make sure your email ID and Whatsapp are valid so that you can get the correct exam results.

Email:
Whatsapp/phone number: