NEW QUESTION 1
Which of the following tools is used to analyze the files produced by several packet-capture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?

• A. tcptrace
• B. Nessus
• C. OpenVAS
• D. tcptraceroute

Answer: A

NEW QUESTION 2
During an Xmas scan what indicates a port is closed?

• A. No return response
• B. RST
• C. ACK
• D. SYN

Answer: B

NEW QUESTION 3
Which of the following tools are used for enumeration? (Choose three.)

• A. SolarWinds
• B. USER2SID
• C. Cheops
• D. SID2USER
• E. DumpSec

Answer: BDE

NEW QUESTION 4
Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp’s lobby. He checks his current SID, which is S-1-5-21-1223352397-1872883824-861252104-501. What needs to happen before Matthew has full administrator access?

• A. He must perform privilege escalation.
• B. He needs to disable antivirus protection.
• C. He needs to gain physical access.
• D. He already has admin privileges, as shown by the “501” at the end of the SID.

Answer: A

NEW QUESTION 5
Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?

• A. To determine who is the holder of the root account
• B. To perform a DoS
• C. To create needless SPAM
• D. To illicit a response back that will reveal information about email servers and how they treat undeliverable mail
• E. To test for virus protection

Answer: D

NEW QUESTION 6
Identify the correct terminology that defines the above statement.

• A. Vulnerability Scanning
• B. Penetration Testing
• C. Security Policy Implementation
• D. Designing Network Security

Answer: B

NEW QUESTION 7
A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client. What is a possible source of this problem?

• A. The WAP does not recognize the client’s MAC address
• B. The client cannot see the SSID of the wireless network
• C. Client is configured for the wrong channel
• D. The wireless client is not configured to use DHCP

Answer: A

NEW QUESTION 8
Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?

• A. Macro virus
• B. Stealth/Tunneling virus
• C. Cavity virus
• D. Polymorphic virus

Answer: B

NEW QUESTION 9
What does the –oX flag do in an Nmap scan?

• A. Perform an eXpress scan
• B. Output the results in truncated format to the screen
• C. Output the results in XML format to a file
• D. Perform an Xmas scan

Answer: C

NEW QUESTION 10
If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?

• A. –r
• B. –F
• C. –P
• D. –sP

Answer: B

NEW QUESTION 11
The “Gray-box testing” methodology enforces what kind of restriction?

• A. Only the external operation of a system is accessible to the tester.
• B. The internal operation of a system in only partly accessible to the tester.
• C. Only the internal operation of a system is known to the tester.
• D. The internal operation of a system is completely known to the tester.

Answer: B

NEW QUESTION 12
Fingerprinting an Operating System helps a cracker because:

• A. It defines exactly what software you have installed
• B. It opens a security-delayed window based on the port being scanned
• C. It doesn't depend on the patches that have been applied to fix existing security holes
• D. It informs the cracker of which vulnerabilities he may be able to exploit on your system

Answer: D

NEW QUESTION 13
The company ABC recently contracts a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent to the accountant but the CFO is worried because he wants to be sure that the information sent to the accountant was not modified once he approved it. Which of the following options can be useful to ensure the integrity of the data?

• A. The CFO can use a hash algorithm in the document once he approved the financial statements
• B. The CFO can use an excel file with a password
• C. The financial statements can be sent twice, one by email and the other delivered in USB and the accountant can compare both to be sure is the same document
• D. The document can be sent to the accountant using an exclusive USB for that document

Answer: A

NEW QUESTION 14
A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0/24. Which of the following has occurred?

• A. The computer is not using a private IP address.
• B. The gateway is not routing to a public IP address.
• C. The gateway and the computer are not on the same network.
• D. The computer is using an invalid IP address.

Answer: B

NEW QUESTION 15
When discussing passwords, what is considered a brute force attack?

• A. You attempt every single possibility until you exhaust all possible combinations or discover the password
• B. You threaten to use the rubber hose on someone unless they reveal their password
• C. You load a dictionary of words into your cracking program
• D. You create hashes of a large number of words and compare it with the encrypted passwords
• E. You wait until the password expires

Answer: A

NEW QUESTION 16
This kind of password cracking method uses word lists in combination with numbers and special characters:

• A. Hybrid
• B. Linear
• C. Symmetric
• D. Brute Force

Answer: A

NEW QUESTION 17
How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender’s identity?

• A. Hash value
• B. Private key
• C. Digital signature
• D. Digital certificate

Answer: D

NEW QUESTION 18
In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive, although slow. It usually tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary methods combined together to have variation of words, what would you call such an attack?

• A. Full Blown
• B. Thorough
• C. Hybrid
• D. BruteDics

Answer: C

NEW QUESTION 19
Which of the following tools can be used to perform a zone transfer?

• A. NSLookup
• B. Finger
• C. Dig
• D. Sam Spade
• E. Host
• F. Netcat
• G. Neotrace

Answer: ACDE

NEW QUESTION 20
Which DNS resource record can indicate how long any "DNS poisoning" could last?

• A. MX
• B. SOA
• C. NS
• D. TIMEOUT

Answer: B

NEW QUESTION 21
Bob, a network administrator at BigUniversity, realized that some students are connecting their notebooks in the wired network to have Internet access. In the university campus, there are many Ethernet ports available for professors and authorized visitors but not for students.
He identified this when the IDS alerted for malware activities in the network. What should Bob do to avoid this problem?

• A. Disable unused ports in the switches
• B. Separate students in a different VLAN
• C. Use the 802.1x protocol
• D. Ask students to use the wireless network

Answer: C

NEW QUESTION 22
......