Black Friday Sale Special - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which of the following statements are true regarding SYN flood attack?

A.

The attacker sends a succession of SYN requests to a target system.

B.

SYN flood is a form of Denial-of-Service (DoS) attack.

C.

The attacker sends thousands and thousands of ACK packets to the victim.

D.

SYN cookies provide protection against the SYN flood by eliminating the resources allocated on the target host.

Which of the following describes network traffic that originates from the inside of a network perimeter and progresses towards the outside?

A.

Ingress network

B.

Inwards network

C.

Egress network

D.

Outwards network

You work as a professional Ethical Hacker. You are assigned a project to test the security of www.weare- secure.com. You somehow enter in we-are-secure Inc. main server, which is Windows based.

While you are installing the NetCat tool as a backdoor in the we-are-secure server, you see the file credit.dat having the list of credit card numbers of the company's employees. You want to transfer the credit.dat file in your local computer so that you can sell that information on the internet in the good price. However, you do not want to send the contents of this file in the clear text format since you do not want that the Network Administrator of the we-are-secure Inc. can get any clue of the hacking attempt. Hence, you decide to send the content of the credit.dat file in the encrypted format.

What steps should you take to accomplish the task?

A.

You will use the ftp service.

B.

You will use Wireshark.

C.

You will use CryptCat instead of NetCat.

D.

You will use brutus.

Fill in the blank with the appropriate option to complete the statement below.

You want to block all UDP packets coming to the Linux server using the portsentry utility. For this, you have to enable the ______ option in the portsentry configuration file.

Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?

A.

Scanning

B.

Preparation

C.

gaining access

D.

Reconnaissance

Which of the following types of attacks is targeting a Web server with multiple compromised computers that are simultaneously sending hundreds of FIN packets with spoofed IP source IP addresses?

A.

Evasion attack

B.

Insertion attack

C.

DDoS attack

D.

Dictionary attack

Which of the following statements about buffer overflow are true?

Each correct answer represents a complete solution. Choose two.

A.

It is a situation that occurs when a storage device runs out of space.

B.

It is a situation that occurs when an application receives more data than it is configured to accept.

C.

It can improve application performance.

D.

It can terminate an application.

John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit. John's password is vulnerable to which of the following password cracking attacks?

Each correct answer represents a complete solution. Choose all that apply.

A.

Hybrid attack

B.

Rule based attack

C.

Dictionary attack

D.

Brute Force attack

In which of the following attacks does an attacker use packet sniffing to read network traffic between two parties to steal the session cookie?

A.

Session fixation

B.

Cross-site scripting

C.

Session sidejacking

D.

ARP spoofing

Which of the following statements about threats are true?

Each correct answer represents a complete solution. Choose all that apply.

A.

A threat is a weakness or lack of safeguard that can be exploited by vulnerability, thus causing harm to the information systems or networks.

B.

A threat is a potential for violation of security which exists when there is a circumstance, capability, action, or event that could breach security and cause harm.

C.

A threat is a sequence of circumstances and events that allows a human or other agent to cause an information-related misfortune by exploiting vulnerability in an IT product.

D.

A threat is any circumstance or event with the potential of causing harm to a system in the form of destruction, disclosure, modification of data, or denial of service.