From the listing of attacks, choose the attack which exploits session initiation between a Transport
Control Program (TCP) client and server within a network?

While surfing the Internet a user encounters a pop-up window that prompts the user to download a
browser plug-in. The pop-up window is a certificate which validates the identity of the plug-in
developer. Which of the following BEST describes this type of certificate?

Which of the following authentication methods requires that the client authenticate itself to the
server and the server authenticate itself to the client?

A company’s new employees are asked to sign a document that describes the methods of and
purposes for accessing the company’s IT systems.
Which of the following BEST describes this document?

MITRE and CERT are:

Which of the following would be the FIRST step to take to mitigate the threat of non-essential
domain accounts?

Turnstiles, double entry doors and security guards are all prevention measures for which of the
following types of social engineering?

Which of the following type of fire suppression tools would cause the MOST damage to electrical
equipment?

A newly hired security specialist is asked to evaluate a company’s network security. The security
specialist discovers that users have installed personal software; the network OS has default
settings and no patches have been installed and passwords are not required to be changed
regularly. Which of the following would be the FIRST step to take?

Which of the following would be an easy way to determine whether a secure web page has a valid
certificate?