Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

A security administrator notices that the log file of the company`s webserver contains suspicious entries:

Based on source code analysis, the analyst concludes that the login.php script is vulnerable to

A.

command injection.

B.

SQL injection.

C.

directory traversal.

D.

LDAP injection.

What is the outcome of the comm”nc -l -p 2222 | nc 10.1.0.43 1234"?

A.

Netcat will listen on the 10.1.0.43 interface for 1234 seconds on port 2222.

B.

Netcat will listen on port 2222 and output anything received to a remote connection on 10.1.0.43 port 1234.

C.

Netcat will listen for a connection from 10.1.0.43 on port 1234 and output anything received to port 2222.

D.

Netcat will listen on port 2222 and then output anything received to local interface 10.1.0.43.

How can a rootkit bypass Windows 7 operating system’s kernel mode, code signing policy?

A.

Defeating the scanner from detecting any code change at the kernel

B.

Replacing patch system calls with its own version that hides the rootkit (attacker's) actions

C.

Performing common services for the application process and replacing real applications with fake ones

D.

Attaching itself to the master boot record in a hard drive and changing the machine's boot sequence/options

Which Open Web Application Security Project (OWASP) implements a web application full of known vulnerabilities?

A.

WebBugs

B.

WebGoat

C.

VULN_HTML

D.

WebScarab

A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints out several audits that have been performed. Which of the following is likely to occur as a result?

A.

The consultant will ask for money on the bid because of great work.

B.

The consultant may expose vulnerabilities of other companies.

C.

The company accepting bids will want the same type of format of testing.

D.

The company accepting bids will hire the consultant because of the great work performed.

To send a PGP encrypted message, which piece of information from the recipient must the sender have before encrypting the message?

A.

Recipient's private key

B.

Recipient's public key

C.

Master encryption key

D.

Sender's public key

An engineer is learning to write exploits in C++ and is using the exploit tool Backtrack. The engineer wants to compile the newest C++ exploit and name it calc.exe. Which command would the engineer use to accomplish this?

A.

g++ hackersExploit.cpp -o calc.exe

B.

g++ hackersExploit.py -o calc.exe

C.

g++ -i hackersExploit.pl -o calc.exe

D.

g++ --compile –i hackersExploit.cpp -o calc.exe

A circuit level gateway works at which of the following layers of the OSI Model?

A.

 Layer 5 - Application

B.

Layer 4 – TCP

C.

Layer 3 – Internet protocol

D.

Layer 2 – Data link

Which of the following is a characteristic of Public Key Infrastructure (PKI)?

A.

Public-key cryptosystems are faster than symmetric-key cryptosystems.

B.

Public-key cryptosystems distribute public-keys within digital signatures.

C.

Public-key cryptosystems do not require a secure key distribution channel.

D.

Public-key cryptosystems do not provide technical non-repudiation via digital signatures.

A developer for a company is tasked with creating a program that will allow customers to update their billing and shipping information. The billing address field used is limited to 50 characters.  What pseudo code would the developer use to avoid a buffer overflow attack on the billing address field?

A.

if (billingAddress = 50) {update field} else exit

B.

if (billingAddress != 50) {update field} else exit

C.

if (billingAddress >= 50) {update field} else exit

D.

if (billingAddress <= 50) {update field} else exit

A network administrator received an administrative alert at 3:00 a.m. from the intrusion detection system. The alert was generated because a large number of packets were coming into the network over ports 20 and 21. During analysis, there were no signs of attack on the FTP servers. How should the administrator classify this situation?

A.

True negatives

B.

False negatives

C.

True positives

D.

False positives

When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?

A.

Network tap

B.

Layer 3 switch

C.

Network bridge

D.

Application firewall

Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products?

A.

Microsoft Security Baseline Analyzer

B.

Retina  

C.

Core Impact

D.

Microsoft Baseline Security Analyzer

Which of the following is an example of IP spoofing?

A.

SQL injections

B.

Man-in-the-middle

C.

Cross-site scripting

D.

ARP poisoning

One advantage of an application-level firewall is the ability to

A.

filter packets at the network level.

B.

filter specific commands, such as http:post.

C.

retain state information for each packet.

D.

monitor tcp handshaking.

When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is

A.

OWASP is for web applications and OSSTMM does not include web applications.

B.

OSSTMM is gray box testing and OWASP is black box testing.

C.

OWASP addresses controls and OSSTMM does not.

D.

OSSTMM addresses controls and OWASP does not.

What is a successful method for protecting a router from potential smurf attacks?

A.

Placing the router in broadcast mode

B.

Enabling port forwarding on the router

C.

Installing the router outside of the network's firewall

D.

Disabling the router from accepting broadcast ping messages

Which NMAP command combination would let a tester scan every TCP port from a class C network that is blocking ICMP with fingerprinting and service detection?

A.

NMAP -PN -A -O -sS 192.168.2.0/24

B.

NMAP -P0 -A -O -p1-65535 192.168.0/24

C.

NMAP -P0 -A -sT -p0-65535 192.168.0/16

D.

NMAP -PN -O -sS -p 1-1024 192.168.0/8

After an attacker has successfully compromised a remote computer, what would be one of the last steps that would be taken to ensure that the compromise is not traced back to the source of the problem?

A.

Install pactehs

B.

Setup a backdoor

C.

Cover your tracks

D.

Install a zombie for DDOS

Ethereal works best on ____________.

A.

Switched networks

B.

Linux platforms

C.

Networks using hubs

D.

Windows platforms

E.

LAN's