NEW QUESTION 1
Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory.
What kind of attack is Susan carrying on?

• A. A sniffing attack
• B. A spoofing attack
• C. A man in the middle attack
• D. A denial of service attack

Answer: C

NEW QUESTION 2
One of your team members has asked you to analyze the following SOA record. What is the version? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.) (Choose four.)

• A. 200303028
• B. 3600
• C. 604800
• D. 2400
• E. 60
• F. 4800

Answer: A

NEW QUESTION 3
Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has learnt to use these tools in his lab and is now ready for real world exploitation. He was able to effectively intercept communications between the two entities and establish credentials with both sides of the connections. The two remote ends of the communication never notice that Eric is relaying the information between the two. What would you call this attack?

• A. Interceptor
• B. Man-in-the-middle
• C. ARP Proxy
• D. Poisoning Attack

Answer: B

NEW QUESTION 4
Windows LAN Manager (LM) hashes are known to be weak.
Which of the following are known weaknesses of LM? (Choose three.)

• A. Converts passwords to uppercase.
• B. Hashes are sent in clear text over the network.
• C. Makes use of only 32-bit encryption.
• D. Effective length is 7 characters.

Answer: ABD

NEW QUESTION 5
Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet access, and block the access to workstations.
Bob also concluded that DMZ makes sense just when a stateful firewall is available, which is not the case of TPNQM SA.
In this context, what can you say?

• A. Bob can be right since DMZ does not make sense when combined with stateless firewalls
• B. Bob is partially righ
• C. He does not need to separate networks if he can create rules by destination IPs, one by one
• D. Bob is totally wron
• E. DMZ is always relevant when the company has internet servers and workstations
• F. Bob is partially righ
• G. DMZ does not make sense when a stateless firewall is available

Answer: C

NEW QUESTION 6
Why should the security analyst disable/remove unnecessary ISAPI filters?

• A. To defend against social engineering attacks
• B. To defend against webserver attacks
• C. To defend against jailbreaking
• D. To defend against wireless attacks

Answer: B

NEW QUESTION 7
You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place.
Your peer, Peter Smith who works at the same department disagrees with you.
He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of "weakest link" in the security chain.
What is Peter Smith talking about?

• A. Untrained staff or ignorant computer users who inadvertently become the weakest link in your securitychain
• B. "zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks
• C. "Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks
• D. Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway

Answer: A

NEW QUESTION 8
This TCP flag instructs the sending system to transmit all buffered data immediately.

• A. SYN
• B. RST
• C. PSH
• D. URG
• E. FIN

Answer: C

NEW QUESTION 9
The collection of potentially actionable, overt, and publicly available information is known as

• A. Open-source intelligence
• B. Real intelligence
• C. Social intelligence
• D. Human intelligence

Answer: A

NEW QUESTION 10
What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?

• A. Black-box
• B. Announced
• C. White-box
• D. Grey-box

Answer: D

NEW QUESTION 11
Which is the first step followed by Vulnerability Scanners for scanning a network?

• A. OS Detection
• B. Firewall detection
• C. TCP/UDP Port scanning
• D. Checking if the remote host is alive

Answer: D

NEW QUESTION 12
How does a denial-of-service attack work?

• A. A hacker prevents a legitimate user (or group of users) from accessing a service
• B. A hacker uses every character, word, or letter he or she can think of to defeat authentication
• C. A hacker tries to decipher a password by using a system, which subsequently crashes the network
• D. A hacker attempts to imitate a legitimate user by confusing a computer or even another person

Answer: A

NEW QUESTION 13
Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing?

• A. Install DNS logger and track vulnerable packets
• B. Disable DNS timeouts
• C. Install DNS Anti-spoofing
• D. Disable DNS Zone Transfer

Answer: C

NEW QUESTION 14
You have the SOA presented below in your Zone.
Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary servers attempt to contact the primary server before it considers that zone is dead and stops responding to queries?
collegae.edu.SOA, cikkye.edu ipad.college.edu. (200302028 3600 3600 604800 3600)

• A. One day
• B. One hour
• C. One week
• D. One month

Answer: C

NEW QUESTION 15
If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?

• A. Traceroute
• B. Hping
• C. TCP ping
• D. Broadcast ping

Answer: B

NEW QUESTION 16
Which of the following describes the characteristics of a Boot Sector Virus?

• A. Modifies directory table entries so that directory entries point to the virus code instead of the actual program.
• B. Moves the MBR to another location on the RAM and copies itself to the original location of the MBR.
• C. Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR.
• D. Overwrites the original MBR and only executes the new virus code.

Answer: C

NEW QUESTION 17
Some clients of TPNQM SA were redirected to a malicious site when they tried to access the TPNQM main site. Bob, a system administrator at TPNQM SA, found that they were victims of DNS Cache Poisoning. What should Bob recommend to deal with such a threat?

• A. The use of security agents in clients’ computers
• B. The use of DNSSEC
• C. The use of double-factor authentication
• D. Client awareness

Answer: B

NEW QUESTION 18
env x=’(){ :;};echo exploit’ bash –c ‘cat/etc/passwd’
What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host?

• A. Removes the passwd file
• B. Changes all passwords in passwd
• C. Add new user to the passwd file
• D. Display passwd content to prompt

Answer: D

NEW QUESTION 19
Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occurring during non-business hours. After further examination of all login activities, it is noticed that none of the logins have occurred during typical work hours. A Linux administrator who is investigating this problem realizes the system time on the Linux server is wrong by more than twelve hours. What protocol used on Linux servers to synchronize the time has stopped working?

• A. Time Keeper
• B. NTP
• C. PPP
• D. OSPP

Answer: B

NEW QUESTION 20
Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

• A. Nikto
• B. John the Ripper
• C. Dsniff
• D. Snort

Answer: A

NEW QUESTION 21
In the context of Windows Security, what is a 'null' user?

• A. A user that has no skills
• B. An account that has been suspended by the admin
• C. A pseudo account that has no username and password
• D. A pseudo account that was created for security administration purpose

Answer: C

NEW QUESTION 22
......