John is using Firewalk to test the security of his Cisco PIX firewall. He is also utilizing a sniffer located on a
subnet that resides deep inside his network. After analyzing the sniffer log files, he does not see any of the
traffic produced by Firewalk. Why is that?

George is a senior security analyst working for a state agency in Florida. His state’s congress just passed a bill
mandating every state agency to undergo a security audit annually. After learning what will be required, George
needs to implement an IDS as soon as possible before the first audit occurs. The state bill requires that an IDS
with a “time-based induction machine” be used.
What IDS feature must George implement to meet this requirement?

What is the target host IP in the following command?

Kimberly is studying to be an IT security analyst at a vocational school in her town. The school offers many
different programming as well as networking languages. What networking protocol language should she learn
that routers utilize?

Meyer Electronics Systems just recently had a number of laptops stolen out of their office. On these laptops
contained sensitive corporate information regarding patents and company strategies. A month after the laptops
were stolen, a competing company was found to have just developed products that almost exactly duplicated
products that Meyer produces. What could have prevented this information from being stolen from the laptops?

Bill is the accounting manager for Grummon and Sons LLC in Chicago. On a regular basis, he needs to send
PDF documents containing sensitive information through E-mail to his customers.
Bill protects the PDF documents with a password and sends them to their intended recipients.
Why PDF passwords do not offer maximum protection?

John and Hillary works at the same department in the company. John wants to find out Hillary’s network
password so he can take a look at her documents on the file server. He enables Lophtcrack program to sniffing
mode. John sends Hillary an email with a link to Error! Reference source not found. What information will he be
able to gather from this?

An “idle” system is also referred to as what?

Larry is an IT consultant who works for corporations and government agencies. Larry plans on shutting down
the city’s network using BGP devices and zombies? What type of Penetration Testing is Larry planning to carry
out?

You are the network administrator for a small bank in Dallas, Texas. To ensure network security, you enact a
security policy that requires all users to have 14 character passwords. After giving your users 2 weeks notice,
you change the Group Policy to force 14 character passwords. A week later you dump the SAM database from
the standalone server and run a password-cracking tool against it. Over 99% of the passwords are broken
within an hour. Why were these passwords cracked so Quickly?