Pentest results indicate that voice over IP traffic is traversing a network. Which of the following
tools will decode a packet capture and extract the voice conversations?

Information gathered from social networking websites such as Facebook, Twitter and LinkedIn can
be used to launch which of the following types of attacks? (Choose two.)

Which of the following examples best represents a logical or technical control?

Which of the following resources does NMAP need to be used as a basic vulnerability scanner
covering several vectors like SMB, HTTP and FTP?

A penetration tester is hired to do a risk assessment of a company’s DMZ. The rules of
engagement states that the penetration test be done from an external IP address with no prior
knowledge of the internal IT systems. What kind of test is being performed?

How can a policy help improve an employee’s security awareness?

Which statement is TRUE regarding network firewalls preventing Web Application attacks?

An organization hires a tester to do a wireless penetration test. Previous reports indicate that the
last test did not contain management or control packets in the submitted traces. Which of the
following is the most likely reason for lack of management or control packets?

Which of the following techniques will identify if computer files have been changed?

Which of the following does proper basic configuration of snort as a network intrusion detection
system require?