Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

examout.co

While doing a technical assessment to determine network vulnerabilities, you used the TCP XMAS scan. What would be the response of all open ports?

A.

The port will send an ACK

B.

The port will send a SYN

C.

The port will ignore the packets

D.

The port will send an RST

While performing ping scans into a target network you get a frantic call from the organization's security team. They report that they are under a denial of service attack. When you stop your scan, the smurf attack event stops showing up on the organization's IDS monitor.

How can you modify your scan to prevent triggering this event in the IDS?

A.

Scan more slowly.

B.

Do not scan the broadcast IP.

C.

Spoof the source IP address.

D.

Only scan the Windows systems.

SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hosts. Which of the following features makes this possible? (Choose two.)

A.

It used TCP as the underlying protocol.

B.

It uses community string that is transmitted in clear text.

C.

It is susceptible to sniffing.

D.

It is used by all network devices on the market.

The following are types of Bluetooth attack EXCEPT_____?

A.

Bluejacking

B.

Bluesmaking

C.

Bluesnarfing

D.

Bluedriving

The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host 10.0.0.3. Also he needs to permit all FTP traffic to the rest of the network and deny all other traffic. After he applied his ACL configuration in the router nobody can access to the ftp and the permitted hosts cannot access to the Internet. According to the next configuration what is happening in the network?

A.

The ACL 110 needs to be changed to port 80

B.

The ACL for FTP must be before the ACL 110

C.

The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router

D.

The ACL 104 needs to be first because is UDP

Defining rules, collaborating human workforce, creating a backup plan, and testing the plans are within what phase of the Incident Handling Process?

A.

Preparation phase

B.

Containment phase

C.

Recovery phase

D.

Identification phase

TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. Which of the following tools can be used for passive OS fingerprinting?

A.

nmap

B.

ping

C.

tracert

D.

tcpdump

What would you type on the Windows command line in order to launch the Computer Management Console provided that you are logged in as an admin?

A.

c:\compmgmt.msc

B.

c:\gpedit

C.

c:\ncpa.cpl

D.

c:\services.msc

A big company, who wanted to test their security infrastructure, wants to hire elite pen testers like you. During the interview, they asked you to show sample reports from previous penetration tests. What should you do?

A.

Share reports, after NDA is signed

B.

Share full reports, not redacted

C.

Decline but, provide references

D.

Share full reports with redactions

A hacker was able to easily gain access to a website. He was able to log in via the frontend user login form of the website using default or commonly used credentials. This exploitation is an example of what Software design flaw?

A.

Insufficient security management

B.

Insufficient database hardening

C.

Insufficient input validation

D.

Insufficient exception handling

What are two things that are possible when scanning UDP ports? (Choose two.)

A.

A reset will be returned

B.

An ICMP message will be returned

C.

The four-way handshake will not be completed

D.

An RFC 1294 message will be returned

E.

Nothing

Neil notices that a single address is generating traffic from its port 500 to port 500 of several other machines on the network. This scan is eating up most of the network bandwidth and Neil is concerned. As a security professional, what would you infer from this scan?

A.

It is a network fault and the originating machine is in a network loop

B.

It is a worm that is malfunctioning or hardcoded to scan on port 500

C.

The attacker is trying to detect machines on the network which have SSL enabled

D.

The attacker is trying to determine the type of VPN implementation and checking for IPSec

What type of malware is it that restricts access to a computer system that it infects and demands that the user pay a certain amount of money, cryptocurrency, etc. to the operators of the malware to remove the restriction?

A.

Ransomware

B.

Riskware

C.

Adware

D.

Spyware

Which of the following is the BEST way to protect Personally Identifiable Information (PII) from being exploited due to vulnerabilities of varying web applications?

A.

Use cryptographic storage to store all PII

B.

Use full disk encryption on all hard drives to protect PII

C.

Use encrypted communications protocols to transmit PII

D.

Use a security token to log into all Web applications that use PII

One of the Forbes 500 companies has been subjected to a large scale attack. You are one of the shortlisted pen testers that they may hire. During the interview with the CIO, he emphasized that he wants to totally eliminate all risks. What is one of the first things you should do when hired?

A.

Interview all employees in the company to rule out possible insider threats.

B.

Establish attribution to suspected attackers.

C.

Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.

D.

Start the Wireshark application to start sniffing network traffic.