If executives are found liable for not properly protecting their company’s assets and information systems, what
type of law would apply in this situation?

An attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server
and NTP server because of the importance of their job. The attacker gains access to the DNS server and
redirects the direction www.google.com to his own IP address. Now when the employees of the office want to
go to Google they are being redirected to the attacker machine. What is the name of this kind of attack?

What two conditions must a digital signature meet?

Craig received a report of all the computers on the network that showed all the missing patches and weak
passwords. What type of software generated this report?

Which of the following statements regarding ethical hacking is incorrect?

During a security audit of IT processes, an IS auditor found that there were no documented security
procedures. What should the IS auditor do?

Ricardo wants to send secret messages to a competitor company. To secure these messages, he uses a
technique of hiding a secret message within an ordinary message. The technique provides ‘security throughobscurity’.
What technique is Ricardo using?

Which of the following incident handling process phases is responsible for defining rules, collaborating human
workforce, creating a back-up plan, and testing the plans for an organization?

Which of the following types of firewalls ensures that the packets are part of the established session?

You work as a Security Analyst for a retail organization. In securing the company’s network, you set up a
firewall and an IDS. However, hackers are able to attack the network. After investigating, you discover that your
IDS is not configured properly and therefore is unable to trigger alarms when needed. What type of alert is the
IDS giving?