You are assisting a Department of Defense contract company to become compliant with the
stringent security policies set by the DoD. One such strict rule is that firewalls must only allow
incoming connections that were first initiated by internal computers. What type of firewall must you
implement to abide by this policy?

You are running known exploits against your network to test for possible vulnerabilities. To test the
strength of your virus software, you load a test network to mimic your production network. Your
software successfully blocks some simple macro and encrypted viruses. You decide to really test
the software by using virus code where the code rewrites itself entirely and the signatures change
from child to child, but the functionality stays the same. What type of virus is this that you are
testing?

In a virtual test environment, Michael is testing the strength and security of BGP using multiple
routers to mimic the backbone of the Internet. This project will help him write his doctoral thesis on
“bringing down the Internet”. Without sniffing the traffic between the routers, Michael sends
millions of RESET packets to the routers in an attempt to shut one or all of them down. After a few
hours, one of the routers finally shuts itself down. What will the other routers communicate
between themselves?

What is the following command trying to accomplish?

Your company uses Cisco routers exclusively throughout the network. After securing the routers to
the best of your knowledge, an outside security firm is brought in to assess the network security.
Although they found very few issues, they were able to enumerate the model, OS version, and
capabilities for all your Cisco routers with very little effort. Which feature will you disable to
eliminate the ability to enumerate this information on your Cisco routers?

George is performing security analysis for Hammond and Sons LLC. He is testing security
vulnerabilities of their wireless network. He plans on remaining as “stealthy” as possible during the
scan. Why would a scanner like Nessus is not recommended in this situation?

Jim performed a vulnerability analysis on his network and found no potential problems. He runs
another utility that executes exploits against his system to verify the results of the vulnerability test.
The second utility executes five known exploits against his network in which the vulnerability
analysis said were not exploitable. What kind of results did Jim receive from his vulnerability
analysis?

You work as a penetration tester for Hammond Security Consultants. You are currently working on
a contract for the state government of California. Your next step is to initiate a DoS attack on their
network. Why would you want to initiate a DoS attack on a system you are testing?

To test your website for vulnerabilities, you type in a quotation mark (? for the username field.
After you click Ok, you receive the following error message window:
What can you infer from this error window?
Exhibit:

You work as an IT security auditor hired by a law firm in Boston to test whether you can gain
access to sensitive information about the company clients. You have rummaged through their
trash and found very little information. You do not want to set off any alarms on their network, so
you plan on performing passive footprinting against their Web servers. What tool should you use?