Which of the following U.S. Federal laws addresses computer crime activities in communication
lines, stations, or systems?

John works as a professional Ethical Hacker. He has been assigned a project to test the security
of www.we-are-secure.com. He observes that the We-are-secure server is vulnerable to a special
type of DoS attack and he makes the following suggestions to the security authority to protect the
server from this DoS attack. The countermeasures against this type of DoS attack are as follows:
l Disabling IP-directed broadcasts at the We-are-secure router
l Configuring local computers so as not to respond to such ICMP packets that are configured to be
sent to IP broadcast addresses
Which of the following DoS attacks has John discovered as a vulnerability for the We-are-secure
security network?

Mark works as a Network Security Administrator for BlueWells Inc. The company has a
Windowsbased network. Mark is giving a presentation on Network security threats to the newly
recruited employees of the company. His presentation is about the External threats that the
company recently faced in the past. Which of the following statements are true about external
threats?
Each correct answer represents a complete solution. Choose three.

Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by
malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking
process?

You are a professional Computer Hacking forensic investigator. You have been called to collect
the evidences of Buffer Overflows or Cookie snooping attack. Which of the following logs will you
review to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

Rick, the Network Administrator of the Fimbry Hardware Inc., wants to design the initial test model
for Internet Access. He wants to fulfill the following goals:
·No external traffic should be allowed into the network.
·Administrators should be able to restrict the websites which can be accessed by the internal
users.
Which of the following technologies should he use to accomplish the above goals?
(Click the Exhibit button on the toolbar to see the case study.)

Mark works as a Network Security Administrator for Umbrella Inc. The company has a Windows
domain-based network. To provide security to the network, Mark plans to configure IDS. He wants
to ensure that attackers are not able to modify or delete the system files. To determine such
attacks, the IDS must be able to monitor the file structure of the system. Which of the following
intrusion detection technologies can be used to accomplish the task?

Which two security components should you implement on the sales personnel portable computers to increase security?
(Click the Exhibit button on the toolbar to see the case study.)
Each correct answer represents a complete solution. Choose two.

Mark works as a Network Administrator for Infonet Inc. The company has a Windows 2000 Active
Directory domain-based network. The domain contains one hundred Windows XP Professional
client computers. Mark is deploying an 802.11 wireless LAN on the network. The wireless LAN will
use Wired Equivalent Privacy (WEP) for all the connections. According to the company’s security
policy, the client computers must be able to automatically connect to the wireless LAN. However,
the unauthorized computers must not be allowed to connect to the wireless LAN and view the
wireless network. Mark wants to configure all the wireless access points and client computers to
act in accordance with the company’s security policy. What will he do to accomplish this?
Each correct answer represents a part of the solution. Choose three.

You work as a Security Administrator for DataSoft Inc. The company has a Windows-based
network. You have been assigned a project to strengthen the system security and also to provide
a user friendly environment to the employees so that they can work efficiently. Which of the
following concepts should you take into consideration to meet the goals of your project?