NEW QUESTION 1
During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal Network.
What is this type of DNS configuration commonly called?

• A. DNS Scheme
• B. DynDNS
• C. Split DNS
• D. DNSSEC

Answer: C

NEW QUESTION 2
It is a vulnerability in GNU’s bash shell, discovered in September of 2004, that gives attackers access to run remote commands on a vulnerable system. The malicious software can take control of an infected machine, launch denial-of service attacks to disrupt websites, and scan for other vulnerable devices (including routers).
Which of the following vulnerabilities is being described?

• A. Shellshock
• B. Rootshock
• C. Shellbash
• D. Rootshell

Answer: A

NEW QUESTION 3
How does the Address Resolution Protocol (ARP) work?

• A. It sends a reply packet for a specific IP, asking for the MAC address.
• B. It sends a reply packet to all the network elements, asking for the MAC address from a specific IP.
• C. It sends a request packet to all the network elements, asking for the domainname from a specific IP.
• D. It sends a request packet to all the network elements, asking for the MAC address from a specific IP.

Answer: D

NEW QUESTION 4
Which tool allows analysis and pen testers to examine links between data using graphs and link analysis?

• A. Metasploit
• B. Maltego
• C. Wireshark
• D. Cain &Abel

Answer: B

NEW QUESTION 5
What does a firewall check to prevent particularports and applications from getting packets into an organizations?

• A. Transport layer port numbers and application layer headers
• B. Network layer headers and the session layer port numbers
• C. Application layer port numbers and the transport layer headers
• D. Presentation layer headers and the session layer port numbers

Answer: A

NEW QUESTION 6
What is the benefit of performing an unannounced Penetration Testing?

• A. The tester will have an actual security posture visibility of thetarget network.
• B. The tester could not provide an honest analysis.
• C. Network security would be in a “best state” posture.
• D. It is best to catch critical infrastructure unpatched.

Answer: A

NEW QUESTION 7
The “Gray box testing” methodology enforces what kind of restriction?

• A. Only the external operation of a system is accessible to the tester.
• B. Only the internal operation of a system is known to the tester.
• C. The internal operation of a system is completely known to the tester.
• D. The internal operation of a system is only partly accessible to the tester.

Answer: D

NEW QUESTION 8
The configuration allows a wired or wireless network interface controller to pass all trafice it receives to thecentral processing unit (CPU), rather than passing only the frames that the controller is intended to receive.
Which of the following is being described?

• A. WEM
• B. Multi-cast mode
• C. Promiscuous mode
• D. Port forwarding

Answer: B

NEW QUESTION 9
While using your bank’s online servicing you notice the following stringin the URL bar: “http://www.MyPersonalBank/Account?
Id=368940911028389&Damount=10980&Camount=21”
You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflect the changes.
What type of vulnerability is present on this site?

• A. SQL injection
• B. XSS Reflection
• C. Web Parameter Tampering
• D. Cookie Tampering

Answer: C

NEW QUESTION 10
The chance of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate theSLE, ARO, and ALE. Assume the EF = 1 (100%).
What is the closest approximate cost of this replacement and recovery operation per year?

• A. $100
• B. $146
• C. 440
• D. 1320

Answer: B

NEW QUESTION 11
You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line.
Which command would you use?

• A. c:services.msc
• B. c:ncpa.cp
• C. c:compmgmt.msc
• D. c:gpedit

Answer: C

NEW QUESTION 12
Your company performs penetration tests and security assessments for small and medium-
sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved with human trafficking.
What should you do?

• A. Copy the data to removable media and keep it in case you need it.
• B. Ignore the data and continue the assessment until completed as agreed.
• C. Confront theclient on a respectful manner and ask her about the data.
• D. Immediately stop work and contact the proper legal authorities.

Answer: D

NEW QUESTION 13
Which of the following incident handling process phases is responsible for defining rules, creating a back-up plan, and testing the plans for an enterprise?

• A. Preparation phase
• B. Recovery phase
• C. Identification phase
• D. Containment phase

Answer: A

NEW QUESTION 14
You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.
What is the best nmap command you will use?

• A. Nmap –T4 –F 10.10.0.0/24
• B. Nmap –T4 –q 10.10.0.0/24
• C. Nmap –T4 –O 10.10.0.0/24
• D. Nmap –T4 –r 10.10.0.0/24

Answer: A

NEW QUESTION 15
PGP, SSL, and IKE are all examples of which type of cryptography?

• A. Hash Algorithm
• B. Secret Key
• C. Public Key
• D. Digest

Answer: C

NEW QUESTION 16
You have successfully gained access to your client’s internal network and successfully comprised a linux server which is part of the internal IP network. You want to know which
Microsoft Windows workstation have the sharing enabled.
Which port would you see listeningon these Windows machines in the network?

• A. 1443
• B. 3389
• C. 161
• D. 445

Answer: D

NEW QUESTION 17
To maintain compliance with regulatory requirements, a security audit of the systems on a network must be performed to determine their compliance with security policies. Which one of the following tools would most likely be used in such as audit?

• A. Port scanner
• B. Protocol analyzer
• C. Vulnerability scanner
• D. Intrusion Detection System

Answer: C

NEW QUESTION 18
Port scanning can be used as part of a technical assessment to determine network vulnerabilities. The TCP XMAS scan is used to identify listening port on the targeted system.
If a scanned port is open, what happens?

• A. The port will ignore the packets.
• B. The port will send an RST.
• C. The port will send an ACK.
• D. The port will send a SYN.

Answer: A

NEW QUESTION 19
Ricardo wants to send secret messages to acompetitor company. To secure these messages, he uses a technique of hiding a secret message within an ordinary message, the technique provides 'security through obscurity'. What technique is Ricardo using?

• A. RSA algorithm
• B. Steganography
• C. Encryption
• D. Public-key cryptography

Answer: B

NEW QUESTION 20
The Open Web Application Security Project (OWASP) isthe worldwide not-for-profit charitable organization focused on improving the security of software. What item is the primary concern on OWASP’s Top Ten Project most Critical Web application Security Rules?

• A. Injection
• B. Cross site Scripting
• C. Cross site Request Forgery
• D. Path Disclosure

Answer: A