Question 1: Which of the following are the two primary U.S. laws that address cybercrime?

 A. 1030 and 2701

 B. 2510 and 1029

 C. 2510 and 2701

 D. 1029 and 1030

Answer 1: B. Sections 1029 and 1030 are the main federal statutes that address computer hacking under U.S. Federal Law. Answers A, C, and D are incorrect, as Sections 2510 and 2701 are part of the Electronic Communication Privacy Act and address information in storage and in transit.

Question 2: Which of the following is the most serious risk associated with vulnerability assessment tools?

 A. False positives

 B. False negatives

 C. Non-specific reporting features

 D. Platform dependent

Answer 2: B. False-negative reporting of uncovered weaknesses means that potential vulnerabilities in the network are not identified and might not be addressed. This would leave the network vulnerable to attack from malicious hackers. Answer A is incorrect because false positives would indicate that defenses are in place but are weak and should be checked. Answer C is incorrect, as non-specific reporting features would not be as serious a discovery as false negatives. Answer D is incorrect, as many vulnerability scanners run only from a specific platform and are not as important as false negatives.

Question 3: You have successfully extracted the SAM from a Windows 2000 server. Is it possible to determine if an LM hash that you’re looking at contains a password fewer than eight characters long?

 A. A hash cannot be reversed; therefore, you are unable to tell.

 B. The rightmost portion of the hash will always have the same value.

 C. The hash always starts with 1404EE.

 D. The leftmost portion of the hash will always have the same value.

Answer 3: B. After the SAM has been extracted, you can examine the rightmost portion of the hash. Padding on a password is used when passwords are fewer than eight characters long. Therefore, answers A, C, and D are incorrect.

Question 4: You have been tasked with examining the web pages of a target site. You have grown tired of looking at each online. Which of the following offers a more efficient way of performing this task?

 A. Using wget to download all pages for further inspection

 B. Using pwdump to download all pages for further inspection

 C. Using dumpsec to download all pages for further inspection

 D. Using Achilles to download all pages for further inspection

Answer 4: A. Wget is used to retrieve HTTP, HTTPS, and FTP files and data. Answers B, C, and D are incorrect because pwdump is used to extract the SAM, dumpsec is used for examining user account details on a Windows system, and Achilles is used to proxy web pages.

Question 5: You would like to find out more information about a website from a company based in France. Which of the following is a good starting point?

 A. AfriNIC

 B. ARIN

 C. APNIC

 D. RIPE

Answer 5:  D. Regional registries maintain records from the areas from which they govern. RIPE is responsible for domains served within Europe and therefore would be a good starting point for a .fr domain. Answers A, B, and C are incorrect because AfriNIC is a proposed registry for Africa, ARIN is for North and South America, and APNIC is for Asian and Pacific countries.