NEW QUESTION 1
Adam, a malicious hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct Man-in-The-Middle attack.
Which of the following is the destination MAC address of a broadcast frame?

• A. 0xDDDDDDDDD
• B. 0x00000000000
• C. 0xFFFFFFFFFFFF
• D. 0xAAAAAAAAAA

Answer: C

NEW QUESTION 2
In which of the following attacks does the attacker gather information to perform an access attack?

• A. Land attack
• B. Reconnaissance attack
• C. Vulnerability attack
• D. DoS attack

Answer: B

NEW QUESTION 3
You want to add a netbus Trojan in the chess.exe game program so that you can gain remote access to a friend's computer. Which of the following tools will you use to accomplish the task?
Each correct answer represents a complete solution. Choose all that apply.

• A. Tripwire
• B. Yet Another Binder
• C. Pretator Wrapper
• D. Beast

Answer: BC

NEW QUESTION 4
Which of the following is a version of netcat with integrated transport encryption capabilities?

• A. Encat
• B. Nikto
• C. Socat
• D. Cryptcat

Answer: D

NEW QUESTION 5
Which of the following tools can be used to detect the steganography?

• A. Dskprobe
• B. Blindside
• C. ImageHide
• D. Snow

Answer: A

NEW QUESTION 6
Which of the following options scans the networks for vulnerabilities regarding the security of a network?

• A. System enumerators
• B. Port enumerators
• C. Network enumerators
• D. Vulnerability enumerators

Answer: C

NEW QUESTION 7
An Active Attack is a type of steganography attack in which the attacker changes the carrier during the communication process. Which of the following techniques is used for smoothing the transition and controlling contrast on the hard edges, where there is significant color transition?

• A. Soften
• B. Rotate
• C. Sharpen
• D. Blur

Answer: D

NEW QUESTION 8
You run the following PHP script:
<?php $name = mysql_real_escape_string($_POST["name"]);
$password = mysql_real_escape_string($_POST["password"]); ?>
What is the use of the mysql_real_escape_string() function in the above script.
Each correct answer represents a complete solution. Choose all that apply.

• A. It can be used to mitigate a cross site scripting attack.
• B. It can be used as a countermeasure against a SQL injection attack.
• C. It escapes all special characters from strings $_POST["name"] and $_POST["password"] except ' and ".
• D. It escapes all special characters from strings $_POST["name"] and $_POST["password"].

Answer: BD

NEW QUESTION 9
CORRECT TEXT
Fill in the blank with the appropriate name of the tool.
______ scans for rootkits by comparing SHA-1 hashes of important files with known good ones in online database.

• A.

Answer: rkhunter

NEW QUESTION 10
A user is sending a large number of protocol packets to a network in order to saturate its resources and to disrupt connections to prevent communications between services. Which type of attack is this?

• A. Vulnerability attack
• B. Impersonation attack
• C. Social Engineering attack
• D. Denial-of-Service attack

Answer: D

NEW QUESTION 11
Which of the following statements are true about worms?
Each correct answer represents a complete solution. Choose all that apply.

• A. Worms cause harm to the network by consuming bandwidth, whereas viruses almost always corrupt or modify files on a targeted computer.
• B. Worms can exist inside files such as Word or Excel documents.
• C. One feature of worms is keystroke logging.
• D. Worms replicate themselves from one system to another without using a host file.

Answer: ABD

NEW QUESTION 12
Adam works as an Incident Handler for Umbrella Inc. He has been sent to the California unit to train the members of the incident response team. As a demo project he asked members of the incident response team to perform the following actions:
Remove the network cable wires.
Isolate the system on a separate VLAN
Use a firewall or access lists to prevent communication into or out of the system.
Change DNS entries to direct traffic away from compromised system
Which of the following steps of the incident handling process includes the above actions?

• A. Identification
• B. Containment
• C. Eradication
• D. Recovery

Answer: B

NEW QUESTION 13
You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company uses Check Point SmartDefense to provide security to the network of the company. You use SmartDefense on the HTTP servers of the company to fix the limitation for the maximum number of response headers allowed.
Which of the following attacks will be blocked by defining this limitation?
Each correct answer represents a complete solution. Choose all that apply.

• A. Land attack
• B. Code red worm
• C. Backdoor attack
• D. User-defined worm

Answer: BD

NEW QUESTION 14
Which of the following is a process of searching unauthorized modems?

• A. Espionage
• B. Wardialing
• C. System auditing
• D. Scavenging

Answer: B

NEW QUESTION 15
Adam works as a Network Administrator for Exambible Inc. He wants to prevent the network from DOS attacks. Which of the following is most useful against DOS attacks?

• A. SPI
• B. Distributive firewall
• C. Honey Pot
• D. Internet bot

Answer: A

NEW QUESTION 16
......