Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

What is War Dialing?

A.

War dialing involves the use of a program in conjunction with a modem to penetrate the modem/PBX-based systems

B.

War dialing is a vulnerability scanning technique that penetrates Firewalls

C.

It is a social engineering technique that uses Phone calls to trick victims

D.

Involves IDS Scanning Fragments to bypass Internet filters and stateful Firewalls

This IDS defeating technique works by splitting a datagram (or packet) into multiple fragments and the IDS will not spot the true nature of the fully assembled datagram. The datagram is not reassembled until it reaches its final destination. It would be a processor-intensive task for IDS to reassemble all fragments itself, and on a busy system the packet will slip through the IDS onto the network. What is this technique called?

A.

IP Routing or Packet Dropping

B.

IDS Spoofing or Session Assembly

C.

IP Fragmentation or Session Splicing

D.

IP Splicing or Packet Reassembly

Attackers footprint target Websites using Google Hacking techniques. Google hacking is a term that refers to the art of creating complex search engine queries. It detects websites that are vulnerable to numerous exploits and vulnerabilities. Google operators are used to locate specific strings of text within the search results.

The configuration file contains both a username and a password for an SQL database. Most sites with forums run a PHP message base. This file gives you the keys to that forum, including FULL ADMIN access to the database. WordPress uses config.php that stores the database Username and Password.

Which of the below Google search string brings up sites with "config.php" files?

A.

Search:index config/php

B.

Wordpress:index config.php

C.

intitle:index.of config.php

D.

Config.php:index list

What type of attack is shown in the following diagram?

A.

Man-in-the-Middle (MiTM) Attack

B.

Session Hijacking Attack

C.

SSL Spoofing Attack

D.

Identity Stealing Attack

How do you defend against Privilege Escalation?

A.

Use encryption to protect sensitive data

B.

Restrict the interactive logon privileges

C.

Run services as unprivileged accounts

D.

Allow security settings of IE to zero or Low

E.

Run users and applications on the least privileges

You want to capture Facebook website traffic in Wireshark. What display filter should you use that shows all TCP packets that contain the word 'facebook'?

A.

display==facebook

B.

traffic.content==facebook

C.

tcp contains facebook

D.

list.display.facebook

Your computer is infected by E-mail tracking and spying Trojan. This Trojan infects the computer with a single file - emos.sys

Which step would you perform to detect this type of Trojan?

A.

Scan for suspicious startup programs using msconfig

B.

Scan for suspicious network activities using Wireshark

C.

Scan for suspicious device drivers in c:\windows\system32\drivers

D.

Scan for suspicious open ports using netstat

Which of the following tool would be considered as Signature Integrity Verifier (SIV)?

A.

Nmap

B.

SNORT

C.

VirusSCAN

D.

Tripwire

Most cases of insider abuse can be traced to individuals who are introverted, incapable of dealing with stress or conflict, and frustrated with their job, office politics, and lack of respect or promotion. Disgruntled employees may pass company secrets and intellectual property to competitors for monitory benefits.

Here are some of the symptoms of a disgruntled employee:

a. Frequently leaves work early, arrive late or call in sick

b. Spends time surfing the Internet or on the phone

c. Responds in a confrontational, angry, or overly aggressive way to simple requests or comments

d. Always negative; finds fault with everything

These disgruntled employees are the biggest threat to enterprise security. How do you deal with these threats? (Select 2 answers)

A.

Limit access to the applications they can run on their desktop computers and enforce strict work hour rules

B.

By implementing Virtualization technology from the desktop to the data centre, organizations can isolate different environments with varying levels of access and security to various employees

C.

Organizations must ensure that their corporate data is centrally managed and delivered to users just and when needed

D.

Limit Internet access, e-mail communications, access to social networking sites and job hunting portals

How does traceroute map the route a packet travels from point A to point B?

A.

Uses a TCP timestamp packet that will elicit a time exceeded in transit message

B.

Manipulates the value of the time to live (TTL) within packet to elicit a time exceeded in transit message

C.

Uses a protocol that will be rejected by gateways on its way to the destination

D.

Manipulates the flags within packets to force gateways into generating error messages

You want to hide a secret.txt document inside c:\windows\system32\tcpip.dll kernel library using ADS streams. How will you accomplish this?

A.

copy secret.txt c:\windows\system32\tcpip.dll kernel>secret.txt

B.

copy secret.txt c:\windows\system32\tcpip.dll:secret.txt

C.

copy secret.txt c:\windows\system32\tcpip.dll |secret.txt

D.

copy secret.txt >< c:\windows\system32\tcpip.dll kernel secret.txt

How would you describe an attack where an attacker attempts to deliver the payload over multiple packets over long periods of time with the purpose of defeating simple pattern matching in IDS systems without session reconstruction? A characteristic of this attack would be a continuous stream of small packets.

A.

Session Hijacking

B.

Session Stealing

C.

Session Splicing

D.

Session Fragmentation

This type of Port Scanning technique splits TCP header into several packets so that the packet filters are not able to detect what the packets intends to do.

A.

UDP Scanning

B.

IP Fragment Scanning

C.

Inverse TCP flag scanning

D.

ACK flag scanning

A Trojan horse is a destructive program that masquerades as a benign application. The software initially appears to perform a desirable function for the user prior to installation and/or execution, but in addition to the expected function steals information or harms the system.

The challenge for an attacker is to send a convincing file attachment to the victim, which gets easily executed on the victim machine without raising any suspicion. Today's end users are quite knowledgeable about malwares and viruses. Instead of sending games and fun executables, Hackers today are quite successful in spreading the Trojans using Rogue security software.

What is Rogue security software?

A.

A flash file extension to Firefox that gets automatically installed when a victim visits rogue software disabling websites

B.

A Fake AV program that claims to rid a computer of malware, but instead installs spyware or other malware onto the computer. This kind of software is known as rogue security software.

C.

Rogue security software is based on social engineering technique in which the attackers lures victim to visit spear phishing websites

D.

This software disables firewalls and establishes reverse connecting tunnel between the victim's machine and that of the attacker

One of the most common and the best way of cracking RSA encryption is to begin to derive the two prime numbers, which are used in the RSA PKI mathematical process. If the two numbers p and q are discovered through a _____________ process, then the private key can be derived.

A.

Factorization

B.

Prime Detection

C.

Hashing

D.

Brute-forcing

What framework architecture is shown in this exhibit?

A.

Core Impact

B.

Metasploit

C.

Immunity Canvas

D.

Nessus

You receive an e-mail like the one shown below. When you click on the link contained in the mail, you are redirected to a website seeking you to download free Anti-Virus software.

Dear valued customers,

We are pleased to announce the newest version of Antivirus 2010 for Windows which will probe you with total security against the latest spyware, malware, viruses, Trojans and other online threats. Simply visit the link below and enter your antivirus code:

Antivirus code: 5014

http://www.juggyboy/virus/virus.html

Thank you for choosing us, the worldwide leader Antivirus solutions.

Mike Robertson

PDF Reader Support

Copyright Antivirus 2010 ?All rights reserved

If you want to stop receiving mail, please go to:

http://www.juggyboy.com

or you may contact us at the following address: Media Internet Consultants, Edif. Neptuno, Planta Baja, Ave. Ricardo J. Alfaro, Tumba Muerto, n/a Panama

How will you determine if this is Real Anti-Virus or Fake Anti-Virus website?

A.

Look at the website design, if it looks professional then it is a Real Anti-Virus website

B.

Connect to the site using SSL, if you are successful then the website is genuine

C.

Search using the URL and Anti-Virus product name into Google and lookout for suspicious warnings against this site

D.

Download and install Anti-Virus software from this suspicious looking site, your Windows 7 will prompt you and stop the installation if the downloaded file is a malware

E.

Download and install Anti-Virus software from this suspicious looking site, your Windows 7 will prompt you and stop the installation if the downloaded file is a malware

In this type of Man-in-the-Middle attack, packets and authentication tokens are captured using a sniffer. Once the relevant information is extracted, the tokens are placed back on the network to gain access.

A.

Token Injection Replay attacks

B.

Shoulder surfing attack

C.

Rainbow and Hash generation attack

D.

Dumpster diving attack

What is the command used to create a binary log file using tcpdump?

A.

tcpdump -w ./log

B.

tcpdump -r log

C.

tcpdump -vde logtcpdump -vde ? log

D.

tcpdump -l /var/log/

Which of the following is NOT part of CEH Scanning Methodology?

A.

Check for Live systems

B.

Check for Open Ports

C.

Banner Grabbing

D.

Prepare Proxies

E.

Social Engineering attacks

F.

Scan for Vulnerabilities

G.

Draw Network Diagrams