Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers)

A.

Bogus ECHO reply packets are flooded on the network spoofing the IP and MAC address

B.

The ICMP packets signal the victim system to reply and the combination of traffic saturates the bandwidth of the victim's network

C.

ECHO packets are flooded on the network saturating the bandwidth of the subnet causing denial of service

D.

A DDoS ICMP flood attack occurs when the zombies send large volumes of ICMP_ECHO_REPLY packets to the victim system.

Annie has just succeeded in stealing a secure cookie via a XSS attack. She is able to replay the cookie even while the session is invalid on the server. Why do you think this is possible?

A.

It works because encryption is performed at the application layer (single encryption key)

B.

The scenario is invalid as a secure cookie cannot be replayed

C.

It works because encryption is performed at the network layer (layer 1 encryption)

D.

Any cookie can be replayed irrespective of the session status

Consider the following code:

URL:http://www.certified.com/search.pl?

text=

If an attacker can trick a victim user to click a link like this, and the Web application does not validate input, then the victim's browser will pop up an alert showing the users current set of cookies. An attacker can do much more damage, including stealing passwords, resetting your home page, or redirecting the user to another Web site.

What is the countermeasure against XSS scripting?

A.

Create an IP access list and restrict connections based on port number

B.

Replace "<" and ">" characters with "& l t;" and "& g t;" using server scripts

C.

Disable Javascript in IE and Firefox browsers

D.

Connect to the server using HTTPS protocol instead of HTTP

Which type of hacker represents the highest risk to your network?

A.

black hat hackers

B.

grey hat hackers

C.

disgruntled employees

D.

script kiddies

SNMP is a connectionless protocol that uses UDP instead of TCP packets (True or False)

A.

true

B.

false

This tool is widely used for ARP Poisoning attack. Name the tool.

A.

Cain and Able

B.

Beat Infector

C.

Poison Ivy

D.

Webarp Infector

Peter extracts the SID list from Windows 2008 Server machine using the hacking tool "SIDExtracter". Here is the output of the SIDs:

From the above list identify the user account with System Administrator privileges?

A.

John

B.

Rebecca

C.

Sheela

D.

Shawn

E.

Somia

F.

Chang

G.

Micah

Attacking well-known system defaults is one of the most common hacker attacks. Most software is shipped with a default configuration that makes it easy to install and setup the application. You should change the default settings to secure the system.

Which of the following is NOT an example of default installation?

A.

Many systems come with default user accounts with well-known passwords that administrators forget to change

B.

Often, the default location of installation files can be exploited which allows a hacker to retrieve a file from the system

C.

Many software packages come with "samples" that can be exploited, such as the sample programs on IIS web services

D.

Enabling firewall and anti-virus software on the local system

Samuel is the network administrator of DataX Communications, Inc. He is trying to configure his firewall to block password brute force attempts on his network. He enables blocking the intruder's IP address for a period of 24 hours' time after more than three unsuccessful attempts. He is confident that this rule will secure his network from hackers on the Internet.

But he still receives hundreds of thousands brute-force attempts generated from various IP addresses around the world. After some investigation he realizes that the intruders are using a proxy somewhere else on the Internet which has been scripted to enable the random usage of various proxies on each request so as not to get caught by the firewall rule.

Later he adds another rule to his firewall and enables small sleep on the password attempt so that if the password is incorrect, it would take 45 seconds to return to the user to begin another attempt. Since an intruder may use multiple machines to brute force the password, he also throttles the number of connections that will be prepared to accept from a particular IP address. This action will slow the intruder's attempts.

Samuel wants to completely block hackers brute force attempts on his network.

What are the alternatives to defending against possible brute-force password attacks on his site?

A.

Enforce a password policy and use account lockouts after three wrong logon attempts even though this might lock out legit users

B.

Enable the IDS to monitor the intrusion attempts and alert you by e-mail about the IP address of the intruder so that you can block them at the

Firewall manually

C.

Enforce complex password policy on your network so that passwords are more difficult to brute force

D.

You cannot completely block the intruders attempt if they constantly switch proxies

In which part of OSI layer, ARP Poisoning occurs?

A.

Transport Layer

B.

Datalink Layer

C.

Physical Layer

D.

Application layer

In the context of password security: a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive - though slow. Usually, it tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary combined together to have variations of words, what would you call such an attack?

A.

Full Blown Attack

B.

Thorough Attack

C.

Hybrid Attack

D.

BruteDict Attack

Steven the hacker realizes the network administrator of Acme Corporation is using syskey in Windows 2008 Server to protect his resources in the organization. Syskey independently encrypts the hashes so that physical access to the server, tapes, or ERDs is only first step to cracking the passwords. Steven must break through the encryption used by syskey before he can attempt to use brute force dictionary attacks on the hashes. Steven runs a program called "SysCracker" targeting the Windows 2008 Server machine in attempting to crack the hash used by Syskey. He needs to configure the encryption level before he can launch the attack. How many bits does Syskey use for encryption?

A.

40-bit encryption

B.

128-bit encryption

C.

256-bit encryption

D.

64-bit encryption

BankerFox is a Trojan that is designed to steal users' banking data related to certain banking entities.

When they access any website of the affected banks through the vulnerable Firefox 3.5 browser, the Trojan is activated and logs the information entered by the user. All the information entered in that website will be logged by the Trojan and transmitted to the attacker's machine using covert channel.

BankerFox does not spread automatically using its own means. It needs an attacking user's intervention in order to reach the affected computer.

What is the most efficient way an attacker located in remote location to infect this banking Trojan on a victim's machine?

A.

Physical access - the attacker can simply copy a Trojan horse to a victim's hard disk infecting the machine via Firefox add-on extensions

B.

Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

C.

Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

D.

Custom packaging - the attacker can create a custom Trojan horse that mimics the appearance of a program that is unique to that particular computer

E.

Downloading software from a website? An attacker can offer free software, such as shareware programs and pirated mp3 files

What file system vulnerability does the following command take advantage of?

type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe

A.

HFS

B.

Backdoor access

C.

XFS

D.

ADS

What is the correct command to run Netcat on a server using port 56 that spawns command shell when connected?

A.

nc -port 56 -s cmd.exe

B.

nc -p 56 -p -e shell.exe

C.

nc -r 56 -c cmd.exe

D.

nc -L 56 -t -e cmd.exe

Google uses a unique cookie for each browser used by an individual user on a computer. This cookie contains information that allows Google to identify records about that user on its database. This cookie is submitted every time a user launches a Google search, visits a site using AdSense etc. The information stored in Google's database, identified by the cookie, includes

    Everything you search for using Google

    Every web page you visit that has Google Adsense ads

How would you prevent Google from storing your search keywords?

A.

Block Google Cookie by applying Privacy and Security settings in your web browser

B.

Disable the Google cookie using Google Advanced Search settings on Google Search page

C.

Do not use Google but use another search engine Bing which will not collect and store your search keywords

D.

Use MAC OS X instead of Windows 7. Mac OS has higher level of privacy controls by default.

You just purchased the latest DELL computer, which comes pre-installed with Windows 7, McAfee antivirus software and a host of other applications. You want to connect Ethernet wire to your cable modem and start using the computer immediately. Windows is dangerously insecure when unpacked from the box, and there are a few things that you must do before you use it.

A.

New installation of Windows should be patched by installing the latest service packs and hotfixes

B.

Key applications such as Adobe Acrobat, Macromedia Flash, Java, Winzip etc., must have the latest security patches installed

C.

Install a personal firewall and lock down unused ports from connecting to your computer

D.

Install the latest signatures for Antivirus software

E.

Configure "Windows Update" to automatic

F.

Create a non-admin user with a complex password and logon to this account

G.

You can start using your computer as vendors such as DELL, HP and IBM would have already installed the latest service packs.

This attack technique is used when a Web application is vulnerable to an SQL Injection but the results of the Injection are not visible to the attacker.

A.

Unique SQL Injection

B.

Blind SQL Injection

C.

Generic SQL Injection

D.

Double SQL Injection

How many bits encryption does SHA-1 use?

A.

64 bits

B.

128 bits

C.

256 bits

D.

160 bits

Ursula is a college student at a University in Amsterdam. Ursula originally went to college to study engineering but later changed to marine biology after spending a month at sea with her friends. These friends frequently go out to sea to follow and harass fishing fleets that illegally fish in foreign waters. Ursula eventually wants to put companies practicing illegal fishing out of business. Ursula decides to hack into the parent company's computers and destroy critical data knowing fully well that, if caught, she probably would be sent to jail for a very long time. What would Ursula be considered?

A.

Ursula would be considered a gray hat since she is performing an act against illegal activities.

B.

She would be considered a suicide hacker.

C.

She would be called a cracker.

D.

Ursula would be considered a black hat.