312-49v9 Free Practice Test

- (Topic 3)
James is testing the ability of his routers to withstand DoS attacks. James sends ICMP ECHO requests to the broadcast address of his network. What type of DoS attack is James testing against his network?

1. A. Fraggle
2. B. Smurf
3. C. SYN flood
4. D. Trinoo

Correct Answer: B
The Fraggle attack is like a smurf attack, but uses UDP packets and not ICMP.

- (Topic 1)
What is the goal of forensic science?

1. A. To determine the evidential value of the crime scene and related evidence
2. B. Mitigate the effects of the information security breach
3. C. Save the good will of the investigating organization
4. D. It is a disciple to deal with the legal processes

Correct Answer: A

- (Topic 3)
Which Intrusion Detection System (IDS) usually produces the most false alarms due to the unpredictable behaviors of users and networks?

1. A. network-based IDS systems (NIDS)
2. B. host-based IDS systems (HIDS)
3. C. anomaly detection
4. D. signature recognition

Correct Answer: BC
NIDS and HIDS are types of IDS systems, Host or Network, and addresses placement of the probe. Anomaly detection is based on behavior analysis, and if you read the question, the question says “behavior” and if the behavior is unporedictable, then the IDS won’t know what is normal and what is bad.

- (Topic 3)
An Expert witness gives an opinion if:

1. A. The Opinion, inferences or conclusions depend on special knowledge, skill or training not within the ordinary experience of lay jurors
2. B. To define the issues of the case for determination by the finder of fact
3. C. To stimulate discussion between the consulting expert and the expert witness
4. D. To deter the witness form expanding the scope of his or her investigation beyond the requirements of the case

Correct Answer: A

- (Topic 3)
Before you are called to testify as an expert, what must an attorney do first?

1. A. engage in damage control
2. B. prove that the tools you used to conduct your examination are perfect
3. C. read your curriculum vitae to the jury
4. D. qualify you as an expert witness

Correct Answer: D