Weekend Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Your company was hired by a small healthcare provider to perform a technical assessment on the network.

What is the best approach for discovering vulnerabilities on a Windows-based computer?

A.

Use a scan tool like Nessus

B.

Use the built-in Windows Update tool

C.

Check MITRE.org for the latest list of CVE findings

D.

Create a disk image of a clean Windows installation

The purpose of a __________ is to deny network access to local area networks and other information assets by unauthorized wireless devices.

A.

Wireless Intrusion Prevention System

B.

Wireless Access Point

C.

Wireless Access Control List

D.

Wireless Analyzer

When you return to your desk after a lunch break, you notice a strange email in your inbox. The sender is someone you did business with recently, but the subject line has strange characters in it.

What should you do?

A.

Forward the message to your company’s security response team and permanently delete the message from your computer.

B.

Reply to the sender and ask them for more information about the message contents.

C.

Delete the email and pretend nothing happened

D.

Forward the message to your supervisor and ask for her opinion on how to handle the situation

You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.

What is the best nmap command you will use?

A.

nmap -T4 -F 10.10.0.0/24

B.

nmap -T4 -r 10.10.1.0/24

C.

nmap -T4 -O 10.10.0.0/24

D.

nmap -T4 -q 10.10.0.0/24

A medium-sized healthcare IT business decides to implement a risk management strategy.

Which of the following is NOT one of the five basic responses to risk?

A.

Delegate

B.

Avoid

C.

Mitigate

D.

Accept

After trying multiple exploits, you've gained root access to a Centos 6 server. To ensure you maintain access, what would you do first?

A.

Create User Account

B.

Disable Key Services

C.

Disable IPTables

D.

Download and Install Netcat

Which of the following describes the characteristics of a Boot Sector Virus?

A.

Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR

B.

Moves the MBR to another location on the RAM and copies itself to the original location of the MBR

C.

Modifies directory table entries so that directory entries point to the virus code instead of the actual program

D.

Overwrites the original MBR and only executes the new virus code

Which of the following parameters describe LM Hash (see exhibit):

Exhibit:

A.

I, II, and III

B.

I

C.

II

D.

I and II

What is a "Collision attack" in cryptography?

A.

Collision attacks try to find two inputs producing the same hash.

B.

Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key.

C.

Collision attacks try to get the public key.

D.

Collision attacks try to break the hash into three parts to get the plaintext value.

When you are testing a web application, it is very useful to employ a proxy tool to save every request and response. You can manually test every request and analyze the response to find vulnerabilities. You can test parameter and headers manually to get more precise results than if using web vulnerability scanners.

What proxy tool will help you find web vulnerabilities?

A.

Burpsuite

B.

Maskgen

C.

Dimitry

D.

Proxychains

Under the "Post-attack Phase and Activities", it is the responsibility of the tester to restore the systems to a pre-test state.

Which of the following activities should not be included in this phase? (see exhibit)

Exhibit:

A.

III

B.

IV

C.

III and IV

D.

All should be included.

You have several plain-text firewall logs that you must review to evaluate network traffic. You know that in order to do fast, efficient searches of the logs you must use regular expressions.

Which command-line utility are you most likely to use?

A.

Grep

B.

Notepad

C.

MS Excel

D.

Relational Database

Your company performs penetration tests and security assessments for small and medium-sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved with human trafficking.

What should you do?

A.

Immediately stop work and contact the proper legal authorities.

B.

Copy the data to removable media and keep it in case you need it.

C.

Confront the client in a respectful manner and ask her about the data.

D.

Ignore the data and continue the assessment until completed as agreed.

env x=`(){ :;};echo exploit` bash -c 'cat /etc/passwd'

What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host?

A.

Display passwd content to prompt

B.

Removes the passwd file

C.

Changes all passwords in passwd

D.

Add new user to the passwd file

What is the best description of SQL Injection?

A.

It is an attack used to gain unauthorized access to a database.

B.

It is an attack used to modify code in an application.

C.

It is a Man-in-the-Middle attack between your SQL Server and Web App Server.

D.

It is a Denial of Service Attack.