A company has made the decision to host their own email and basic web services. The
administrator needs to set up the external firewall to limit what protocols should be allowed to get
to the public part of the company’s network. Which ports should the administrator open?
(Choose three.)

Which type of scan measures a person’s external features through a digital video camera?

In order to show improvement of security over time, what must be developed?

In the software security development life cyle process, threat modeling occurs in which phase?

Which of the following items of a computer system will an anti-virus program scan for viruses?

Which of the following can take an arbitrary length of input and produce a message digest output
of 160 bit?

A computer science student needs to fill some information into a secured Adobe PDF job
application that was received from a prospective employer. Instead of requesting a new document
that allowed the forms to be completed, the student decides to write a script that pulls passwords
from a list of commonly used passwords to try against the secured PDF until the correct password
is found or the list is exhausted.
Which cryptography attack is the student attempting?

A hacker, who posed as a heating and air conditioning specialist, was able to install a sniffer
program in a switched environment network. Which attack could the hacker use to sniff all of the
packets in the network?

Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request

Forgery (CSRF) vulnerable web application?

During a wireless penetration test, a tester detects an access point using WPA2 encryption. Which
of the following attacks should be used to obtain the key?