1. Which of the following are parts of Kerberos authentication?

2. Of the following, which is a characteristic of a hot site?

3. Unauthorized access has been detected on the network. Someone had been logging in as one of the administrative assistants during off hours. Later, you find out she received an e-mail from the network administrator asking her to supply her password so that he could make changes to her profile. What types of attacks have been executed?

4. Which of the following algorithms is not an example of a symmetric encryption algorithm?

5. You are configuring a security policy for your company. Which of the following three components make up the security triad?

6. You are checking your network to ensure that the servers have been hardened correctly. You plan on using a vulnerability-scanning program. Which of the following programs can you use?

7. You have created a utility for purging old files. You have hidden code inside the utility that will install itself and cause the infected system to erase the hard drive's contents on April 1, 2004. Which of the following attacks has been used in your code?

8. Your company is in the process of setting up a DMZ segment. You have to allow Web traffic in the DMZ segment. Which TCP port do you have to open?

9. You have implemented a proxy firewall technology that can distinguish between an FTP get command and an FTP put command.

10. Under MAC, the category of a resource can be changed by whom?

11. What is the security protocol that has been developed for 802.11?

12. Which of the following would you use if you wanted to check the validity of a digital certificate?

13. A smartcard provides two-factor authentication. Which of the following must be provided for proper authentication?

14. Which of the following is true of Pretty Good Privacy (PGP)?

15. The main fan in your server died on Wednesday morning. It will be at least two days before it can be replaced. You decide to use another server instead but need to restore the data from the dead one. You have been doing differential backups and the last full backup was performed on Friday evening. The backup doesn't run on weekends. How many backup tapes will you need to restore the data?

16. Which is not a good choice for achieving security awareness among your users in your organization?

17. Which of the following is true about fiber-optic cable?

18. Which protocol is installed to provide centralized management of computers through a remotely installed agent?

19. Your company is in the process of setting up an ids system. You want to scan for irregular header lengths and information in the TCP/IP packet. Which IDS methodology is suitable for this purpose?

20. When encrypting and decrypting data using an asymmetric encryption algorithm, you do which of the following?

21. What type of an algorithm dodes MD5 use?

22. You are in sales and you receive an e-mail telling you about an easy way to make money. The e-mail instructs you to open the attached letter of intent, read it carefully, and then reply to the e-mail. Which of the following should you do?

23. A user using a known weakness in operating system code has made himself an administrator. This is an example of which of the following?

24. Which of the following components are not associated with risk?

25. You are a consultant for a small company. You have just learned about a patch that is available for Windows servers. You download and install the patch and several of the servers stop functioning properly. What should your next step be to return the servers to a functional state? [Choose the best answer].