NEW QUESTION 1

A hacker, who posed as a heating and air conditioning specialist, was able to install a
sniffer program in a switched environment network. Which attack could the hacker use to sniff all of the packets in the network?

• A. Fraggle
• B. MAC Flood
• C. Smurf
• D. Tear Drop

Answer: B

NEW QUESTION 2

What port scanning method involves sending spoofed packets to a target system and then looking for adjustments to the IPID on a zombie system?

• A. Blind Port Scanning
• B. Idle Scanning
• C. Bounce Scanning
• D. Stealth Scanning
• E. UDP Scanning

Answer: B

Explanation:
From NMAP:
-sI <zombie host[:probeport]> Idlescan: This advanced scan method allows for a truly blind
TCP port scan of the target (meaning no packets are sent to the tar- get from your real IP address). Instead, a unique side-channel attack exploits predictable "IP fragmentation ID" sequence generation on the zombie host to glean information about the open ports on the target.

NEW QUESTION 3

What does an ICMP (Code 13) message normally indicates?

• A. It indicates that the destination host is unreachable
• B. It indicates to the host that the datagram which triggered the source quench message will need to be re-sent
• C. It indicates that the packet has been administratively dropped in transit
• D. It is a request to the host to cut back the rate at which it is sending traffic to the Internet destination

Answer: C

Explanation:
CODE 13 and type 3 is destination unreachable due to communication administratively prohibited by filtering hence maybe they meant "code 13", therefore would be C).
Note:
A - Type 3 B - Type 4
C - Type 3 Code 13 D - Typ4 4

NEW QUESTION 4

Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target company. Just as the employee opens the door, Bob walks up to the employee (still holding the box) and asks the employee to hold the door open so that he can enter. What is the best way to undermine the social engineering activity of tailgating?

• A. Issue special cards to access secure doors at the company and provide a one-time only brief description of use of the special card
• B. Educate and enforce physical security policies of the company to all the employees on a regular basis
• C. Setup a mock video camera next to the special card reader adjacent to the secure door
• D. Post a sign that states, "no tailgating" next to the special card reader adjacent to the secure door

Answer: B

NEW QUESTION 5

What is the name of the software tool used to crack a single account on Netware Servers using a dictionary attack?

• A. NPWCrack
• B. NWPCrack
• C. NovCrack
• D. CrackNov
• E. GetCrack

Answer: B

Explanation:
NWPCrack is the software tool used to crack single accounts on Netware servers.

NEW QUESTION 6

Which of the following is true of the wireless Service Set ID (SSID)? (Select all that apply.)

• A. Identifies the wireless network
• B. Acts as a password for network access
• C. Should be left at the factory default setting
• D. Not broadcasting the SSID defeats NetStumbler and other wireless discovery tools

Answer: AB

NEW QUESTION 7

Susan has attached to her company’s network. She has managed to synchronize her boss’s sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory. What kind of attack is Susan carrying on?

• A. A sniffing attack
• B. A spoofing attack
• C. A man in the middle attack
• D. A denial of service attack

Answer: C

Explanation:
A man-in-the-middle attack (MITM) is an attack in which an attacker is able to read, insert and modify at will, messages between two parties without either party knowing that the link between them has been compromised.

NEW QUESTION 8

This kind of attack will let you assume a users identity at a dynamically generated web page or site:

• A. SQL Injection
• B. Cross Site Scripting
• C. Session Hijacking
• D. Zone Transfer

Answer: B

Explanation:
Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications which allow code injection by malicious web users into the web pages viewed by other users. Examples of such code include HTML code and client-side scripts. An exploited cross-site scripting vulnerability can be used by attackers to bypass access controls such as the same origin policy.

NEW QUESTION 9

An nmap command that includes the host specification of 202.176.56-57.* will scan
_____ number of hosts.

• A. 2
• B. 256
• C. 512
• D. Over 10, 000

Answer: C

Explanation:
The hosts with IP address 202.176.56.0-255 & 202.176.56.0-255 will be scanned (256+256=512)

NEW QUESTION 10

Which of the following is a protocol that is prone to a man-in-the-middle (MITM) attack and maps a 32-bit address to a 48-bit address?

• A. ICPM
• B. ARP
• C. RARP
• D. ICMP

Answer: B

Explanation:
Address Resolution Protocol (ARP) a stateless protocol was designed to map Internet Protocol addresses (IP) to their associated Media Access Control (MAC) addresses.
This being said, by mapping a 32 bit IP address to an associated 48 bit MAC address via attached Ethernet devices, a communication between local nodes can be made. Source: (http://www.exploit-db.com/papers/13190/)

NEW QUESTION 11

If an attacker's computer sends an IPID of 24333 to a zombie (Idle Scanning) computer on
a closed port, what will be the response?

• A. The zombie computer will respond with an IPID of 24334.
• B. The zombie computer will respond with an IPID of 24333.
• C. The zombie computer will not send a response.
• D. The zombie computer will respond with an IPID of 24335.

Answer: A

NEW QUESTION 12

Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?

• A. The victim user must open the malicious link with an Internet Explorer prior to version 8.
• B. The session cookies generated by the application do not have the HttpOnly flag set.
• C. The victim user must open the malicious link with a Firefox prior to version 3.
• D. The web application should not use random tokens.

Answer: D

NEW QUESTION 13

Which security control role does encryption meet?

• A. Preventative
• B. Detective
• C. Offensive
• D. Defensive

Answer: A

NEW QUESTION 14

This attack uses social engineering techniques to trick users into accessing a fake Web site and divulging personal information. Attackers send a legitimate-looking e-mail asking users to update their information on the company's Web site, but the URLs in the e-mail actually point to a false Web site.

• A. Wiresharp attack
• B. Switch and bait attack
• C. Phishing attack
• D. Man-in-the-Middle attack

Answer: C

NEW QUESTION 15

Jane wishes to forward X-Windows traffic to a remote host as well as POP3 traffic. She is worried that adversaries might be monitoring the communication link and could inspect captured traffic. She would like to tunnel the information to the remote end but does not have VPN capabilities to do so. Which of the following tools can she use to protect the link?

• A. MD5
• B. PGP
• C. RSA
• D. SSH

Answer: D

NEW QUESTION 16

Which tool/utility can help you extract the application layer data from each TCP connection from a log file into separate files?

• A. Snort
• B. argus
• C. TCPflow
• D. Tcpdump

Answer: C

Explanation:
Tcpflow is a program that captures data transmitted as part of TCP connections (flows), and stores the data in a way that is convenient for protocol analysis or debugging. A program like 'tcpdump' shows a summary of packets seen on the wire, but usually doesn't store the data that's actually being transmitted. In contrast, tcpflow reconstructs the actual data streams and stores each flow in a separate file for later analysis.

NEW QUESTION 17
......