Question 1 Q: 1 Which of the following is included in the ISFA code of Ethics? Options A: Never injure or impugn the professional reputation or practice of colleagues, clients, or employers. B: Not intentionally injure or impugn the professional reputation or practice of colleagues, clients, competitors, or employers. C: Not intentionally injure or impugn the professional reputation or practice of colleagues, clients, or employers. D: Not intentionally injure or impugn the professional reputation or practice of colleagues, clients, or employers unless I have direct evidence of a law being broken. Save Question Show Answer Discussion 0 Clear Discussion Most voted Newest No comments yet. Be the first to comment. Post Be respectful. No spam. Correct Answer: C
Question 2 Q: 2 A "listening post" usually refers to: Options A: A sound recording device using in physical security. B: Video/audio devices used to record an investigation. C: Eavesdropping on electronic communications D: An IDS point of presence. Save Question Show Answer Discussion 0 Clear Discussion Most voted Newest No comments yet. Be the first to comment. Post Be respectful. No spam. Correct Answer: D
Question 3 Q: 3 To perform a successful traceback, the two most prominent problems that need to be solved are locating the source of IP packets and: Options A: the timestamp of the event B: determining the first node of a connection chain C: the reflector host D: the victim port Save Question Show Answer Discussion 0 Clear Discussion Most voted Newest No comments yet. Be the first to comment. Post Be respectful. No spam. Correct Answer: B
Question 4 Q: 4 Active shunting is the process in which an malicious attack is detected and the traffic is: Options A: is routed, dynamically, through a CVP server for content filtering B: is a automatically squelched at the source of the attack using protocol squelching. C: is illegal due to its intrusive nature. D: is blocked via dynamic ACLs in firewall or infrastructure divides. Save Question Show Answer Discussion 0 Clear Discussion Most voted Newest No comments yet. Be the first to comment. Post Be respectful. No spam. Correct Answer: D
Question 5 Q: 5 How many port/services are available using the TCP/IP suite? Options A: 6,553 B: unlimited C: 65,535 D: 65,353 Save Question Show Answer Discussion 0 Clear Discussion Most voted Newest No comments yet. Be the first to comment. Post Be respectful. No spam. Correct Answer: C
Question 6 Q: 6 During a brute force attack, an active trace may be initiated using what tool? Options A: Firewall log B: ARP C: Traceroute D: ARP/Traceroute Save Question Show Answer Discussion 0 Clear Discussion Most voted Newest No comments yet. Be the first to comment. Post Be respectful. No spam. Correct Answer: A
Question 7 Q: 7 "Backsplatter" is a conceptual method of identifying what type of malicious attack? Options A: Denial of Service from IP Spoofed Addresses B: IP Ping of Death attack C: SMURF attack using "sticky bombs" D: Any attack using the "sticky bomb" method of attack Save Question Show Answer Discussion 0 Clear Discussion Most voted Newest No comments yet. Be the first to comment. Post Be respectful. No spam. Correct Answer: A
Question 8 Q: 8 A method of countermeasure for trojan horse is which one of the following: Options A: View network connections with the netstat command B: Use the trojdel32 utility to search for unregistered DLL files C: Place a disk thrashing utility on the suspect system D: Perform background checks on all system administrators Save Question Show Answer Discussion 0 Clear Discussion Most voted Newest No comments yet. Be the first to comment. Post Be respectful. No spam. Correct Answer: A
Question 9 Q: 9 The major disadvantage to techniques that attempt to mark IP packets as they move through the internet is: Options A: A decrease in network efficiency B: An increase in the packet load C: An increase in bandwidth consumption D: All of the above Save Question Show Answer Discussion 0 Clear Discussion Most voted Newest No comments yet. Be the first to comment. Post Be respectful. No spam. Correct Answer: C
Question 10 Q: 10 Why is securing the crime scene critical in the earliest portions of the investigation in order to: Options A: Assess damage in the triage phase B: To preserve evidence C: All of the above D: None of the above Save Question Show Answer Discussion 0 Clear Discussion Most voted Newest No comments yet. Be the first to comment. Post Be respectful. No spam. Correct Answer: B
