Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

To create a botnet. the attacker can use several techniques to scan vulnerable machines. The attacker first collects Information about a large number of vulnerable machines to create a list. Subsequently, they infect the machines. The list Is divided by assigning half of the list to the newly compromised machines. The scanning process runs simultaneously. This technique ensures the spreading and installation of malicious code in little time.

Which technique is discussed here?

A.

Hit-list-scanning technique

B.

Topological scanning technique

C.

Subnet scanning technique

D.

Permutation scanning technique

John, a professional hacker, targeted an organization that uses LDAP for accessing distributed directory services. He used an automated tool to anonymously query the IDAP service for sensitive information such as usernames. addresses, departmental details, and server names to launch further attacks on the target organization.

What is the tool employed by John to gather information from the IDAP service?

A.

jxplorer

B.

Zabasearch

C.

EarthExplorer

D.

Ike-scan

Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing?

A.

Install DNS logger and track vulnerable packets

B.

Disable DNS timeouts

C.

Install DNS Anti-spoofing

D.

Disable DNS Zone Transfer

Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key. Suppose a malicious user Rob tries to get access to the account of a benign user Ned.

Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?

A.

“GET /restricted/goldtransfer?to=Rob&from=1 or 1=1’ HTTP/1.1Host: westbank.com”

B.

“GET /restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.com”

C.

“GET /restricted/accounts/?name=Ned HTTP/1.1 Host westbank.com”

D.

“GET /restricted/ HTTP/1.1 Host: westbank.com

Mary found a high vulnerability during a vulnerability scan and notified her server team. After analysis, they sent her proof that a fix to that issue had already been applied. The vulnerability that Marry found is called what?

A.

False-negative

B.

False-positive

C.

Brute force attack

D.

Backdoor

A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the bank?

A.

Place a front-end web server in a demilitarized zone that only handles external web traffic

B.

Require all employees to change their anti-virus program with a new one

C.

Move the financial data to another server on the same IP subnet

D.

Issue new certificates to the web servers from the root certificate authority

You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?

A.

nmap -A - Pn

B.

nmap -sP -p-65535 -T5

C.

nmap -sT -O -T0

D.

nmap -A --host-timeout 99 -T1

The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE’s Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the Transport Layer Security (TLS) protocols defined in RFC6520.

What type of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?

A.

Public

B.

Private

C.

Shared

D.

Root

Bob received this text message on his mobile phone: “Hello, this is Scott Smelby from the Yahoo Bank. Kindly contact me for a vital transaction on: scottsmelby@yahoo.com”. Which statement below is true?

A.

This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.

B.

This is a scam because Bob does not know Scott.

C.

Bob should write to scottmelby@yahoo.com to verify the identity of Scott.

D.

This is probably a legitimate message as it comes from a respectable organization.

After an audit, the auditors Inform you that there is a critical finding that you must tackle Immediately. You read the audit report, and the problem is the service running on port 389. Which service Is this and how can you tackle the problem?

A.

The service is LDAP. and you must change it to 636. which is LDPAPS.

B.

The service is NTP. and you have to change It from UDP to TCP in order to encrypt it

C.

The findings do not require immediate actions and are only suggestions.

D.

The service is SMTP, and you must change it to SMIME. which is an encrypted way to send emails.

Samuel, a professional hacker, monitored and Intercepted already established traffic between Bob and a host machine to predict Bob's ISN. Using this ISN, Samuel sent spoofed packets with Bob's IP address to the host machine. The host machine responded with <| packet having an Incremented ISN. Consequently. Bob's connection got hung, and Samuel was able to communicate with the host machine on behalf of Bob. What is the type of attack performed by Samuel in the above scenario?

A.

UDP hijacking

B.

Blind hijacking

C.

TCP/IP hacking

D.

Forbidden attack

Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp’s lobby. He checks his current SID, which is S-1-5-21-1223352397-1872883824-861252104-501. What needs to happen before Matthew has full administrator access?

A.

He must perform privilege escalation.

B.

He needs to disable antivirus protection.

C.

He needs to gain physical access.

D.

He already has admin privileges, as shown by the “501” at the end of the SID.

Identify the correct terminology that defines the above statement.

A.

Vulnerability Scanning

B.

Penetration Testing

C.

Security Policy Implementation

D.

Designing Network Security

What does the –oX flag do in an Nmap scan?

A.

Perform an eXpress scan

B.

Output the results in truncated format to the screen

C.

Output the results in XML format to a file

D.

Perform an Xmas scan

You are tasked to configure the DHCP server to lease the last 100 usable IP addresses in subnet to. 1.4.0/23. Which of the following IP addresses could be teased as a result of the new configuration?

A.

210.1.55.200

B.

10.1.4.254

C.

10..1.5.200

D.

10.1.4.156