Month End Sale - Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: sntaclus

examout.co

Which of the following statements about Denial-of-Service (DoS) attack are true?

Each correct answer represents a complete solution. Choose three.

A.

It disrupts services to a specific computer.

B.

It changes the configuration of the TCP/IP protocol.

C.

It saturates network resources.

D.

It disrupts connections between two computers, preventing communications between services.

Which of the following is a network worm that exploits the RPC sub-system vulnerability present in the Microsoft Windows operating system?

A.

Win32/Agent

B.

WMA/TrojanDownloader.GetCodec

C.

Win32/Conflicker

D.

Win32/PSW.OnLineGames

Which of the following tools can be used to detect the steganography?

A.

Dskprobe

B.

Blindside

C.

ImageHide

D.

Snow

You run the following command while using Nikto Web scanner:

perl nikto.pl -h 192.168.0.1 -p 443

What action do you want to perform?

A.

Using it as a proxy server

B.

Updating Nikto

C.

Seting Nikto for network sniffing

D.

Port scanning

Which of the following statements are true about netcat?

Each correct answer represents a complete solution. Choose all that apply.

A.

It provides special tunneling, such as UDP to TCP, with the possibility of specifying all network parameters.

B.

It can be used as a file transfer solution.

C.

It provides outbound and inbound connections for TCP and UDP ports.

D.

The nc -z command can be used to redirect stdin/stdout from a program.

Buffer overflows are one of the major errors used for exploitation on the Internet today. A buffer overflow occurs when a particular operation/function writes more data into a variable than the variable was designed to hold.

Which of the following are the two popular types of buffer overflows?

Each correct answer represents a complete solution. Choose two.

A.

Dynamic buffer overflows

B.

Stack based buffer overflow

C.

Heap based buffer overflow

D.

Static buffer overflows

You have inserted a Trojan on your friend's computer and you want to put it in the startup so that whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry entries will you edit to accomplish the task?

A.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Startup

B.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Auto

C.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices

D.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Start

Adam has installed and configured his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless router. Adam notices that when he uses his wireless connection, the speed is sometimes 16 Mbps and sometimes it is only 8 Mbps or less. Adam connects to the management utility wireless router and finds out that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router's logs and notices that the unfamiliar machine has the same MAC address as his laptop.

Which of the following attacks has been occurred on the wireless network of Adam?

A.

NAT spoofing

B.

DNS cache poisoning

C.

MAC spoofing

D.

ARP spoofing

John, a part-time hacker, has accessed in unauthorized way to the www.yourbank.com banking Website and stolen the bank account information of its users and their credit card numbers by using the SQL injection attack. Now, John wants to sell this information to malicious person Mark and make a deal to get a good amount of money. Since, he does not want to send the hacked information in the clear text format to Mark; he decides to send information in hidden text. For this, he takes a steganography tool and hides the information in ASCII text by appending whitespace to the end of lines and encrypts the hidden information by using the IDEA encryption algorithm. Which of the following tools is John using for steganography?

A.

Image Hide

B.

2Mosaic

C.

Snow.exe

D.

Netcat

Which of the following statements are true about session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

A.

Use of a long random number or string as the session key reduces session hijacking.

B.

It is used to slow the working of victim's network resources.

C.

TCP session hijacking is when a hacker takes over a TCP session between two machines.

D.

It is the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.