Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

Keystroke logging is the action of tracking (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored.

How will you defend against hardware keyloggers when using public computers and Internet Kiosks? (Select 4 answers)

A.

Alternate between typing the login credentials and typing characters somewhere else in the focus window

B.

Type a wrong password first, later type the correct password on the login page defeating the keylogger recording

C.

Type a password beginning with the last letter and then using the mouse to move the cursor for each subsequent letter.

D.

The next key typed replaces selected text portion. E.g. if the password is "secret", one could type "s", then some dummy keys "asdfsd".

Then these dummies could be selected with mouse, and next character from the password "e" is typed, which replaces the dummies

"asdfsd"

E.

The next key typed replaces selected text portion. E.g. if the password is "secret", one could type "s", then some dummy keys "asdfsd".

Then these dummies could be selected with mouse, and next character from the password "e" is typed, which replaces the dummies

"asdfsd"

In order to show improvement of security over time, what must be developed?

A.

Reports

B.

Testing tools

C.

Metrics

D.

Taxonomy of vulnerabilities

What is the main disadvantage of the scripting languages as opposed to compiled programming languages?

A.

Scripting languages are hard to learn.

B.

Scripting languages are not object-oriented.

C.

Scripting languages cannot be used to create graphical user interfaces.

D.

Scripting languages are slower because they require an interpreter to run the code.

A company has five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and 192.168.5.0. How can NMAP be used to scan these adjacent Class C networks?

A.

NMAP -P 192.168.1-5.

B.

NMAP -P 192.168.0.0/16

C.

NMAP -P 192.168.1.0, 2.0, 3.0, 4.0, 5.0

D.

NMAP -P 192.168.1/17

Which of the following processes evaluates the adherence of an organization to its stated security policy?

A.

Vulnerability assessment

B.

Penetration testing

C.

Risk assessment

D.

Security auditing

During a penetration test, the tester conducts an ACK scan using NMAP against the external interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this response, which type of packet inspection is the firewall conducting?

A.

Host

B.

Stateful

C.

Stateless

D.

Application

Which of the following techniques can be used to mitigate the risk of an on-site attacker from connecting to an unused network port and gaining full access to the network? (Choose three.)

A.

Port Security

B.

IPSec Encryption

C.

Network Admission Control (NAC)

D.

802.1q Port Based Authentication

E.

802.1x Port Based Authentication

F.

Intrusion Detection System (IDS)

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

A.

Usernames

B.

File permissions

C.

Firewall rulesets

D.

Passwords

In the software security development life cyle process, threat modeling occurs in which phase?

A.

Design

B.

Requirements

C.

Verification

D.

Implementation

Which vital role does the U.S. Computer Security Incident Response Team (CSIRT) provide?

A.

Incident response services to any user, company, government agency, or organization in partnership with the Department of Homeland Security

B.

Maintenance of the nation’s Internet infrastructure, builds out new Internet infrastructure, and decommissions old Internet infrastructure

C.

Registration of critical penetration testing for the Department of Homeland Security and public and private sectors

D.

Measurement of key vulnerability assessments on behalf of the Department of Defense (DOD) and State Department, as well as private sectors

After a client sends a connection request (SYN) packet to the server, the server will respond (SYN-ACK) with a sequence number of its choosing, which then must be acknowledged (ACK) by the client. This sequence number is predictable; the attack connects to a service first with its own IP address, records the sequence number chosen, and then opens a second connection from a forged IP address. The attack doesn't see the SYN-ACK (or any other packet) from the server, but can guess the correct responses. If the source IP address is used for authentication, then the attacker can use the one-sided communication to break into the server. What attacks can you successfully launch against a server using the above technique?

A.

Denial of Service attacks

B.

Session Hijacking attacks

C.

Web page defacement attacks

D.

IP spoofing attacks

Which of the following can take an arbitrary length of input and produce a message digest output of 160 bit?

A.

SHA-1

B.

MD5

C.

HAVAL

D.

MD4

What is the main advantage that a network-based IDS/IPS system has over a host-based solution?

A.

They do not use host system resources.

B.

They are placed at the boundary, allowing them to inspect all traffic.

C.

They are easier to install and configure.

D.

They will not interfere with user interfaces.

A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?

A.

-sO

B.

-sP

C.

-sS

D.

-sU

Information gathered from social networking websites such as Facebook, Twitter and LinkedIn can be used to launch which of the following types of attacks? (Choose two.)

A.

Smurf attack

B.

Social engineering attack

C.

SQL injection attack

D.

Phishing attack

E.

Fraggle attack

F.

Distributed denial of service attack

The Open Web Application Security Project (OWASP) testing methodology addresses the need to secure web applications by providing which one of the following services?

A.

An extensible security framework named COBIT

B.

A list of flaws and how to fix them

C.

Web application patches

D.

A security certification for hardened web applications

Which of the following is a hardware requirement that either an IDS/IPS system or a proxy server must have in order to properly function?

A.

Fast processor to help with network traffic analysis

B.

They must be dual-homed

C.

Similar RAM requirements

D.

Fast network interface cards

Which statement best describes a server type under an N-tier architecture?

A.

A group of servers at a specific layer

B.

A single server with a specific role

C.

A group of servers with a unique role

D.

A single server at a specific layer

A pentester gains acess to a Windows application server and needs to determine the settings of the built-in Windows firewall. Which command would be used?

A.

Netsh firewall show config

B.

WMIC firewall show config

C.

Net firewall show config

D.

Ipconfig firewall show config

ICMP ping and ping sweeps are used to check for active systems and to check

A.

if ICMP ping traverses a firewall.

B.

the route that the ICMP ping took.

C.

the location of the switchport in relation to the ICMP ping.

D.

the number of hops an ICMP ping takes to reach a destination.