NEW QUESTION 1
Which of the following tools can be used for stress testing of a Web server?
Each correct answer represents a complete solution. Choose two.

• A. Internet bots
• B. Scripts
• C. Anti-virus software
• D. Spyware

Answer: AB

NEW QUESTION 2
Which of the following commands can be used for port scanning?

• A. nc -t
• B. nc -z
• C. nc -w
• D. nc -g

Answer: B

NEW QUESTION 3
Which of the following tools is used for vulnerability scanning and calls Hydra to launch a dictionary attack?

• A. Whishker
• B. Nessus
• C. SARA
• D. Nmap

Answer: B

NEW QUESTION 4
Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small- sized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks. Which of the following tools can be used to perform session splicing attacks?
Each correct answer represents a complete solution. Choose all that apply.

• A. Whisker
• B. Fragroute
• C. Nessus
• D. Y.A.T.

Answer: AC

NEW QUESTION 5
Your IDS discovers that an intruder has gained access to your system. You immediately stop that access, change passwords for administrative accounts, and secure your network. You discover an odd account (not administrative) that has permission to remotely access the network. What is this most likely?

• A. An example of privilege escalation.
• B. A normal account you simply did not notice befor
• C. Large networks have a number of accounts; it is hard to track them all.
• D. A backdoor the intruder created so that he can re-enter the network.
• E. An example of IP spoofing.

Answer: C

NEW QUESTION 6
Which of the following types of attacks is only intended to make a computer resource unavailable to its users?

• A. Denial of Service attack
• B. Replay attack
• C. Teardrop attack
• D. Land attack

Answer: A

NEW QUESTION 7
Your friend plans to install a Trojan on your computer. He knows that if he gives you a new version of chess.exe, you will definitely install the game on your computer. He picks up a Trojan and joins it to chess.exe. The size of chess.exe was 526,895 bytes originally, and after joining this chess file to the Trojan, the file size increased to 651,823 bytes. When he gives you this new game, you install the infected chess.exe file on your computer. He now performs various malicious tasks on your computer remotely. But you suspect that someone has installed a Trojan on your computer and begin to investigate it. When you enter the netstat command in the command prompt, you get the following results:
C:\WINDOWS>netstat -an | find "UDP" UDP IP_Address:31337 *:*
Now you check the following registry address:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
In the above address, you notice a 'default' key in the 'Name' field having " .exe" value in the corresponding 'Data' field. Which of the following Trojans do you think your friend may have installed on your computer on the basis of the above evidence?

• A. Qaz
• B. Donald Dick
• C. Tini
• D. Back Orifice

Answer: D

NEW QUESTION 8
Which of the following attacks can be overcome by applying cryptography?

• A. Buffer overflow
• B. Web ripping
• C. Sniffing
• D. DoS

Answer: C

NEW QUESTION 9
Mark works as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company uses Check Point SmartDefense to provide security to the network. Mark uses SmartDefense on the HTTP servers of the company to fix the limitation for the maximum response header length. Which of the following attacks can be blocked by defining this limitation?

• A. HTR Overflow worms and mutations
• B. Ramen worm attack
• C. Melissa virus attack
• D. Shoulder surfing attack

Answer: A

NEW QUESTION 10
You want to perform passive footprinting against we-are-secure Inc. Web server. Which of the following tools will you use?

• A. Nmap
• B. Ethereal
• C. Ettercap
• D. Netcraft

Answer: D

NEW QUESTION 11
Which of the following terms describes an attempt to transfer DNS zone data?

• A. Reconnaissance
• B. Encapsulation
• C. Dumpster diving
• D. Spam

Answer: A

NEW QUESTION 12
You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network. Which of the following phases of the Incident handling process should you follow next to handle this incident?

• A. Containment
• B. Preparation
• C. Recovery
• D. Identification

Answer: A

NEW QUESTION 13
Which of the following protocols uses only User Datagram Protocol (UDP)?

• A. POP3
• B. FTP
• C. ICMP
• D. TFTP

Answer: D

NEW QUESTION 14
CORRECT TEXT
Fill in the blank with the appropriate name of the attack.
______ takes best advantage of an existing authenticated connection

• A.

Answer: sessionhijacking

NEW QUESTION 15
Which of the following tasks can be performed by using netcat utility?
Each correct answer represents a complete solution. Choose all that apply.

• A. Checking file integrity
• B. Creating a Backdoor
• C. Firewall testing
• D. Port scanning and service identification

Answer: BCD

NEW QUESTION 16
......