Which of the following networks interconnects devices centered on an individual person's workspace?
A. WLAN
B. WPAN
C. WWAN
D. WMAN
Which command is used to change the permissions of a file or directory?
A. rmdir
B. systemctl
C. kill
D. chmod
Cindy is the network security administrator for her company. She just got back from a security conference in Las Vegas where they talked about all kinds of old and new security threats; many of which she did not know of. She is worried about the current security state of her company's network so she decides to start scanning the network from an external IP address. To see how some of the hosts on her network react, she sends out SYN packets to an IP range. A number of IPs respond with a SYN/ACK response. Before the connection is established, she sends RST packets to those hosts to stop the session. She has done this to see how her intrusion detection system will log the traffic. What type of scan is Cindy attempting here?
A. The type of scan she is using is called a NULL scan.
B. Cindy is attempting to find live hosts on her company's network by using a XMAS scan.
C. Cindy is using a half-open scan to find live hosts on her network.
D. She is utilizing a RST scan to find live hosts that are listening on her network.
Which type of wireless network attack is characterized by an attacker using a high gain amplifier from a nearby location to drown out the legitimate access point signal?
A. Rogue access point attack
B. Ad Hoc Connection attack
C. Jamming signal attack
D. Unauthorized association
John is a network administrator and is monitoring his network traffic with the help of Wireshark. He suspects that someone from outside is making a TCP OS fingerprinting attempt on his organization's network. Which of following Wireshark filter(s) will he use to locate the TCP OS fingerprinting attempt? (Choose all that apply.)
A. tcp.flags=0x00
B. tcp.options.wscale_val==20
C. tcp.flags==0x2b
D. tcp.options.mss_val<1460
A newly joined network administrator wants to assess the organization against possible risk. He notices the organization doesn't have a __________ identified which helps measure how risky an activity is.
A. Risk Severity
B. Risk Matrix
C. Risk levels
D. Key Risk Indicator
You work as a Network Security Analyzer. You got a suspicious email while working on a forensic project. Now, you want to know the IP address of the sender so that you can analyze various information such as the actual location, domain information, operating system being used, contact information, etc. of the email sender with the help of various tools and resources. You also want to check whether this email is fake or real. You know that analysis of email headers is a good starting point in such cases. The email header of the suspicious email is given below:
What is the IP address of the sender of this email?
A. 209.191.91.180
B. 141.1.1.1
C. 172.16.10.90
D. 216.168.54.25
Which of the following are the six different phases of the Incident handling process? Each correct answer represents a complete solution. Choose all that apply.
A. Containment
B. Identification
C. Post mortem review
D. Preparation
E. Lessons learned
F. Recovery
G. Eradication
Which of the following is a technique for gathering information about a remote network protected by a firewall?
A. Firewalking
B. Warchalking
C. Wardriving
D. Wardialing
Which of the following honeypots provides an attacker access to the real operating system without any restriction and collects a vast amount of information about the attacker?
A. High-interaction honeypot
B. Medium-interaction honeypot
C. Honeyd
D. Low-interaction honeypot