Question: 1. Which two Linux commands can be used to display currently active processes? (Choose two answers)
netstat
tcpdump
top
ifconfig
proc

Question: 2. What command can you use to determine the MAC address of a Linux-based machine? (Choose one answer)
ipconfig
ifconfig
getmac
intmac

Question: 3. What three are valid permissions under Linux? (Choose three answers)
read
shared
execute
no permissions
full control

Question: 4. What two Linux commands can be used for pattern matching and filtering of output? (Choose two answers)
cat
echo
find
grep
more

Question: 5. In what two directory locations are non-OS software installed on Linux machines? (Choose two answers)
/bin
/home
/lib
/opt
/usr/local

Question: 6. What is the purpose of the 'sudo' command in Linux? (Choose one answer)
Provides a stateful 'undue' of the previous command.
Enters the administrator or superuser command mode.
Configures the pseudowire interface on Linux machines.
Allows a logged in user to run Linux commands as the administrator.

Question: 7. Where are user-specific passwords stored in a Linux OS? (Choose one answer)
/etc/password
/etc/shadow
/usr/local
/usr/password

Question: 8. What command is used to verify disk capacity of Linux hosts? (Choose one answer)
chkdsk
df
du
hwinfo

Question: 9. What does the linux command 'tar -cvf' do? (Choose one answer)
Activates task management and recovery tools.
Terminates active running processes specificed by the user.
Creates an archive from a set of files without verification.
Mounts terminal access ports for use by the Linux kernel.

Question: 10. Which command is used to view the contents of a directory within Linux? (Choose one answer)
cat
df
dir
ls

Question: 11. What function does Snort perform on Linux machines? (Choose one answer)
File scanning for malware and virus infections.
Simple Network Object management.
Real-time traffic analysis and packet logging in IP networks.
Simple messaging system for Linux system alerts.

Question: 12. What Linux command is used to verify the host network configuration? (Choose one answer)
biff
cat /etc/hosts
ifconfig
netconf

Question: 13. What three are characteristics of MAC addresses? (Choose three answers)
MAC addresses are used to forward packets in LAN switches.
MAC addresses are used by routers to build routing tables and make routing decisions.
The first three byes are the OUI which identifies the manufacturer of the network interface card.
Dynamic MAC addresses are assigned by DHCP.
MAC addresses are unique across the global internet.
3/3 points
OK

Question: 14. How many hosts can be assigned to the 192.168.100.0/24 network? (Choose two answers)
24
100
192
254

Question: 15. What is the purpose of a subnet mask in IPv4 addressing? (Choose one answer)
To help hosts determine the gateway address to send non-local packets to.
It masks the network in the IPv4 address allowing hosts to know their assigned host address.
It masks the IPv4 address to determine the all 1's or broadcast address.
It helps determine which portion of an IPv4 address represents the network.

Question: 16. What three are information stored in routing tables? (Choose three answers)
A mapping of layer 2 MAC addresses to layer 3 IP addresses.
A metric or cost associated with a particular network destination.
A list of outgoing interfaces to reach a particular network destination.
A list of MAC addresses used to forward packets onto their next-hop destinations.
A list of destination networks.

Question: 17. What three are types of routes typically found on Cisco routers? (Choose three answers)
connected
dynamic
hybrid
source
static

Question: 18. What are three IP address ranges considered routable private address space? (Choose three answers)
10.0.0.0 - 10.255.255.255
127.0.0.1 - 127.255.255.255
172.16.0.0 - 172.31.255.255
192.168.1.0 - 192.168.255.255
224.0.0.0 - 239.255.255.255

Question: 19. What two are used for Network Address Translation (NAT)? (Choose two answers)
NAT allows 48-bit MAC addresses to be properly mapped into 32-bit IP multicast addresses.
NAT allows mapping between Public IP addressing and specific ports so that external hosts can reach inside hosts on specific ports.
NAT is Network Address Translation and it is typically used so that public addresses can be assigned on the internal LAN.
It enables private IP networks that use unregistered IP addresses to connect to the Internet.
NAT allows two different networks using the same network address space to communicate without readdressing hosts.
1/2 points
"NAT allows one or many hosts to share a single public IP address for routing on to the Internet. When many to one NAT is used it is sometimes referred to as Overload. NAT allows users to map a goup of network addresses into a different network address. This use case is most common when two companies or location merge into a single IP network scheme and have independently elected to implement the same address scheme."
OK

Question: 20. What is Port Address Translation (PAT) used for? (Choose one answer)
One-to-One IP address mapping
Many-to-Many IP address mapping
Many-to-One IP address mapping
One-to-Many IP address mapping

Question: 21. What is the decimal equivalent of the binary number 11100000? (Choose one answer)
32
128
224
240

Question: 22. What is the function of Virtual Local Area Networks (VLANs)? (Choose one answer)
VLANs allow hosts with private IP address to communicate with devices on the Internet.
VLANs are used to segment a switch into multiple logical switches and broadcast domains.
VLANs are used to create loop-free layer 2 networks.
VLANs are used to forward layer two packets between hosts connected to layer 2 switches.

Question: 23. Which protocol is used to eliminate layer 2 loops? (Choose one answer)
Address Resolution Protocol (ARP)
Dynamic Host Configuration Protocol (DHCP)
Spanning Tree Protocol (STP)
Transmission Control Protocol (TCP)
802.1Q Protocol

Question: 24. What is a Default Gateway? (Choose one answer)
The default IP address of a local host
The IP address of last resort
Another name for DHCP server
The service that resolves names to IP addresses.

Question: 25. Which two statements regarding Public and Private IP addressing are correct? (Choose two answers)
224.45.1.1 is a private IP address
Private IP addresses can start with 192.168.x.x 
Private IP addresses are registered
Public IP addresses are registered
Private IP addresses are not routable

Question: 26. What is the binary equivalent of the decimal number 183? (Choose one answer)
10110011
10110111
11010111
11001001

Question: 27. Which three are fields contained in an IPv4 header (RFC 791)? (Choose three answers)
Destination MAC Address
Time To Live
Source IP Address
Source Port
Sequence Number
Header Checksum

Question: 28. What are two features of IPSec? (Choose two answers)
Establishes VPN connectivity
Authenticates each packet in a data flow
Allows encryption the IP header
Establishes Secure Shell (SSH) connections
Facilitates data link-layer security such as Transport Layer Security (TLS)

Question: 29. At which OSI layer does TCP operate? (Choose one answer)
data link
network
session
transport

Question: 30. What are two uses of DNS? (Choose two answers)
Enables use of Private IP addresses when accessing the Internet
Used to resolve a Mac address from an IP address
Used to resolve domain names from IP addresses
Used to resolve IP addresses from domain names
Used to dynamically assign IP addresses to hosts

Question: 31. What type of incorrect security alert can result from non-malicious activity being seen as malicious? (Choose one answer)
True positive
False positives
False Negative
True negative

Question: 32. Which of the following is an example of a false negative? (Choose one answer)
Anti-virus detects malware on a nonthreatening application
The IDS does not identify a buffer overflow
A user is locked out after mistyping the password too many times
The alarm system is triggered by a book falling off the desk

Question: 33. Cache Poisoning is most commonly associated with which protocols? (Choose two answers)
NTP
ARP
DNS
NCP

Question: 34. Which of the following design components are used to isolate network devices such as web servers? (Choose one answer)
A Layer 2 Switch
VPN
NAT
DMZ

Question: 35. Which of the following would be used as a secure substitute for Telnet? (Choose one answer)
SSH
SFTP
SSL
HTTPS

Question: 36. Which of the following could result from a successful attack? (Choose one answer)
DoS
DNS
POP3
WINS

Question: 37. Which Internet Protocol encrypts and decrypts user page requests, as well as the pages that are returned by a web server using SSL/TLS? (Choose one answer)
NNTP
FTP
HTTP
HTTPS

Question: 38. Which best describes Least Privilege? (Choose one answer)
The minimum number of IP addresses required to construct a DNS server
Entry level certificate for security professionals
A policy limiting access to resources required for a task
An ACL limiting access to only classified data

Question: 39. Which of the following is the best example of Defense-In-Depth? (Choose one answer)
All enterprise host devices use private IP addresses
All enterprise applications leverage TCP and UDP for client sessions
An enterprise Firewall and use of private IP addresses
An enterprise Firewall and host anti-virus applications
An enterprise IDS and use of private IP addresses

Question: 40. What is a PIN? (Choose one answer)
A Personal Identification Number
Performance Infrastructure broken
Automated software tools that 'Probe Interior Network' vulnerabilities
Private addressing Integration
A level 16 access privilege

Question:
41. What is the difference between a Firewall and an IDS? (Choose the best answer)
A Firewall is used to prevent Malware from entering a network, while an IDS drops Malware packets
Firewalls are used to prevent UDP connections, and an IDS is used to prevent TCP connections
A Firewall is an active, inline device and an IDS is a passive device that is often installed on a network tap or spanning port
Firewalls are used to prevent TCP connections, and an IDS is used to prevent UDP connections
Firewalls are only used in the DMZ, while an IDS is only used in the data center

Question: 42. What is IP spoofing? (Choose one answer)
When you change the file extension to get past malware inspection
When you translate a MAC address into an IP address
Altering source IP address to evade detection
Altering destination IP address to evade detection
Using a public IP address to represent a private IP address

Question: 43. What is Phishing? (Choose one answer)
A process where legitimate administrators perform penetration testing
A defensive mechanism network administrators use to identify mobile users
The process used to insert malware into a networking device
An email-based attack used to compromise hosts through distribution of infected files or links to infected sites
An in-depth analysis of a compromised host

Question: 44. What is Malware? (Choose one answer)
Another name for broken network hardware
A file that contains destructive executable code
An HTTP feature that prevents web sites from accepting connections from malicious HTTP servers
Code that monitors malicious web connections and issues warnings
TCP connections that stop responding when a service stops running

Question: 45. Which service is used to Authenticate users? (Choose one answer)
NTP
DHCP
TACACS
ARP
STP

Question: 46. Which of the following is an example of a "Brute Force" attack? (Choose one answer)
The simplest form of attack against a site using repetitive login attempts and rotating usernames and passwords
A finely crafted attack that results in physical damage to a host
Any attack that results in physical damage to a server
A sweep of all open connections to a host followed by a spoofed disconnect for each connection

Question: 47. What is used to uniquely identify known Malware? (Choose one answer)
The combination of file name and extension are the key identification elements for Malware
A hash-based algorithm run against a suspected malware file with the results compared to a database of known malware
The source IP address that sent the suspected malware file
Detonation of the suspected malware file in a sandbox is the only way to uniquely identify malware
There is no way to uniquely identify suspected malware files

Question: 48. What differentiates a Next Generation Firewall (NGFW) from a standard Firewall (FW)? (Choose one answer)
A standard firewall does not maintain a TCP state table 
A standard firewall looks at OSI layers 2-5; a NGFW looks at layers 3-4 
A NGFW supports multiple domains; a standard FW only supports one domain 
Only Cisco markets NGFWs; any other brand is a FW 
A standard FW looks at OSI layers 3-4; a NGFW looks at more information including the application layer protocol commands. 

Question: 49. True or False. It is considered a best security practice to place a login banner on Cisco switches and routers using the "banner" command.
TRUE
FALSE

Question: 50. Which of the following Windows commands can be used to see processes that are running and the TCP port that is being used as well? (Choose one answer)
psinfo
net session
ipconfig
netstat

Question: 51. What protocol can you use on a Windows machine to allow for secure remote access? (Choose one answer)
Bash
CMD
RSH
SSH
Telnet

Question: 52. As a security administrator for your Windows networked environment, you have been notified that your systems might have been breached by malware that has modified entries in the HOSTS file.  Which service can be affected by this breach? (Choose one answer)
ARP
DNS
LMHOSTS
NetBIOS

Question: 53. Which protocol commonly provides the underlying secure authentication in a Windows Active Directory environment? (Choose one answer)
Kerberos
LDAP
RADIUS
TACACS+

Question: 54. You are tasked with changing the password policy across all Windows PCs in the company?  Which would be the BEST way for performing this task with the least amount of overhead? (Choose one answer)
Certificate revocation
Key escrow
Group policy
Security group

Question: 55. You receive a call that a Windows-based computer is infected with malware and is running too slowly to boot and run a malware scanner. Which of the following is the BEST way to run the malware scanner? (Choose one answer)
Kill all system processes
Enable the firewall
Boot from CD/USB
Disable the network connection

Question: 56. What is the minimal security access level normally required to add or modify application programs on a Windows PC? (Choose one answer)
Administrator
Guest
Operator
User

Question: 57. What utility should be used to access the registry on a Windows 7 PC? (Choose one answer)
edit
hexedit
ifconfig
msconfig
regedit

Question: 58. What command is used to open a command line interpreter within Windows? (Choose one answer)
cmd
putty
shell
term

Question: 59. How do you switch between logged-in user accounts in Windows 7? (Choose one answer)
Choose Start -> All Programs -> Switch User
Reboot
Windows 7 does not support multiple users
ctl-alt-del, then choose 'Switch User'

Question: 60. How can you determine the last date and time a Windows application file was modified? (Choose three answers)
Run 'dir' from the command line
Right click on the file name in a directory, and choose properties
View file details within a directory
Open the associated application and view the file from within the application

Question: 61. Performance Monitor (PerfMon) is used for what in the Windows 7 OS? (Choose one answer)
To log inbound TCP connection performance
To monitor system and program performance
To manage user access and permissions which can negatively impact system performance
To set memory limits for hosted services