Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

Which initial procedure should an ethical hacker perform after being brought into an organization?

A.

Begin security testing.

B.

Turn over deliverables.

C.

Sign a formal contract with non-disclosure.

D.

Assess what the organization is trying to protect.

A computer technician is using a new version of a word processing software package when it is discovered that a special sequence of characters causes the entire computer to crash. The technician researches the bug and discovers that no one else experienced the problem. What is the appropriate next step?

A.

Ignore the problem completely and let someone else deal with it.

B.

Create a document that will crash the computer when opened and send it to friends.

C.

Find an underground bulletin board and attempt to sell the bug to the highest bidder.

D.

Notify the vendor of the bug and do not disclose it until the vendor gets a chance to issue a fix.

Which of the following techniques will identify if computer files have been changed?

A.

Network sniffing

B.

Permission sets

C.

Integrity checking hashes

D.

Firewall alerts

Which of the following is a preventive control?

A.

Smart card authentication

B.

Security policy

C.

Audit trail

D.

Continuity of operations plan

Which security control role does encryption meet?

A.

Preventative

B.

Detective

C.

Offensive

D.

Defensive

How can rainbow tables be defeated?

A.

Password salting

B.

Use of non-dictionary words

C.

All uppercase character passwords

D.

Lockout accounts under brute force password cracking attempts

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?

A.

Passive

B.

Reflective

C.

Active

D.

Distributive

The following is a sample of output from a penetration tester's machine targeting a machine with the IP address of 192.168.1.106:

What is most likely taking place?

A.

Ping sweep of the 192.168.1.106 network

B.

Remote service brute force attempt

C.

Port scan of 192.168.1.106

D.

Denial of service attack on 192.168.1.106

An NMAP scan of a server shows port 25 is open. What risk could this pose?

A.

Open printer sharing

B.

Web portal data leak

C.

Clear text authentication

D.

Active mail relay

A company has publicly hosted web applications and an internal Intranet protected by a firewall. Which technique will help protect against enumeration?

A.

Reject all invalid email received via SMTP.

B.

Allow full DNS zone transfers.

C.

Remove A records for internal hosts.

D.

Enable null session pipes.