In Microsoft file structures, sectors are grouped together to form:

A.

Clusters

B.

Drives

C.

Bitstreams

D.

Partitions

The efforts to obtain information before a trail by demanding documents, depositions,
questioned and answers written under oath, written requests for admissions of fact and examination of the scene is a description of what legal term?

A.

Detection

B.

Hearsay

C.

Spoliation

D.

Discovery

An Employee is suspected of stealing proprietary information belonging to your company
that he had no rights to possess. The information was stored on the Employees Computer
that was protected with the NTFS Encrypted File System (EFS) and you had observed him
copy the files to a floppy disk just before leaving work for the weekend. You detain the
Employee before he leaves the building and recover the floppy disks and secure his
computer. Will you be able to break the encryption so that you can verify that that the
employee was in possession of the proprietary information?

A.

EFS uses a 128-bit key that can't be cracked, so you will not be able to recover the information

B.

When the encrypted file was copied to the floppy disk, it was automatically unencrypted, so you can recover the information.

C.

The EFS Revoked Key Agent can be used on the Computer to recover the information

D.

When the Encrypted file was copied to the floppy disk, the EFS private key was also

Hackers can gain access to Windows Registry and manipulate user passwords, DNS settings, access rights or others features that they may need in order to accomplish their objectives. One simple method for loading an application at startup is to add an entry (Key) to the following Registry Hive:

A.

HKEY_LOCAL_MACHINE\hardware\windows\start

B.

HKEY_LOCAL_USERS\Software\Microsoft\old\Version\Load

C.

HKEY_CURRENT_USER\Microsoft\Default

D.

HKEY_LOCAL_MACHINE\Software\Microsoft\CurrentVersion\Run

An employee is attempting to wipe out data stored on a couple of compact discs (CDs) and
digital video discs (DVDs) by using a large magnet. You inform him that this method will not
be effective in wiping out the data because CDs and DVDs are ______________ media
used to store large amounts of data and are not affected by the magnet.

A.

logical

B.

anti-magnetic

C.

magnetic

D.

optical

A(n) _____________________ is one that's performed by a computer program rather than the attacker manually performing the steps in the attack sequence.

A.

blackout attack

B.

automated attack

C.

distributed attack

D.

central processing attack

Area density refers to:

A.

the amount of data per disk

B.

the amount of data per partition

C.

the amount of data per square inch

D.

the amount of data per platter

Which of the following file system is used by Mac OS X?

A.

EFS

B.

HFS+

C.

EXT2

D.

NFS

Terri works for a security consulting firm that is currently performing a penetration test on First National Bank in Tokyo. Terri's duties include bypassing firewalls and switches to gain access to the network. Terri sends an IP packet to one of the company's switches with
ACK bit and the source address of her machine set. What is Terri trying to accomplish by
sending this IP packet?

A.

Trick the switch into thinking it already has a session with Terri's computer

B.

Poison the switch's MAC address table by flooding it with ACK bits

C.

Crash the switch with a DoS attack since switches cannot send ACK bits

D.

Enable tunneling feature on the switch

What happens when a file is deleted by a Microsoft operating system using the FAT file system?

A.

only the reference to the file is removed from the FAT

B.

the file is erased and cannot be recovered

C.

a copy of the file is stored and the original file is erased

D.

the file is erased but can be recovered

This organization maintains a database of hash signatures for known software.

A.

International Standards Organization

B.

Institute of Electrical and Electronics Engineers

C.

National Software Reference Library

D.

American National standards Institute

What operating system would respond to the following command?

A.

Windows 95

B.

FreeBSD

C.

Windows XP

D.

Mac OS X