Topic 1: Exam Pool A
What does the –oX flag do in an Nmap scan?
A.
Perform an eXpress scan
B.
Output the results in truncated format to the screen
C.
Output the results in XML format to a file
D.
Perform an Xmas scan
Output the results in XML format to a file
Explanation:
https://nmap.org/book/man-output.html
-oX <filespec> - Requests that XML output be directed to the given filename.
An Intrusion Detection System (IDS) has alerted the network administrator to a possibly
malicious sequence of packets sent to a Web server in the network’s external DMZ. The
packet traffic was captured by the IDS and saved to a PCAP file. What type of network tool
can be used to determine if these packets are genuinely malicious or simply a false
positive?
A.
Protocol analyzer
B.
Network sniffer
C.
Intrusion Prevention System (IPS)
D.
Vulnerability scanner
Protocol analyzer
Eric has discovered a fantastic package of tools named Dsniff on the Internet. He has
learnt to use these tools in his lab and is now ready for real world exploitation. He was able
to effectively intercept communications between the two entities and establish credentials
with both sides of the connections. The two remote ends of the communication never
notice that Eric is relaying the information between the two. What would you call this
attack?
A.
Interceptor
B.
Man-in-the-middle
C.
ARP Proxy
D.
Poisoning Attack
Man-in-the-middle
One of your team members has asked you to analyze the following SOA record. What is
the version?
Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800
2400.) (Choose four.)
A.
200303028
B.
3600
C.
604800
D.
2400
E.
60
F.
4800
200303028
Which of the following tools can be used for passive OS fingerprinting?
A.
nmap
B.
tcpdump
C.
tracert
D.
ping
tcpdump
Why is a penetration test considered to be more thorough than vulnerability scan?
A.
Vulnerability scans only do host discovery and port scanning by default.
B.
A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a
vulnerability scan does not typically involve active exploitation.
C.
It is not – a penetration test is often performed by an automated tool, while a
vulnerability scan requires active engagement.
D.
The tools used by penetration testers tend to have much more comprehensive
vulnerability databases.
A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a
vulnerability scan does not typically involve active exploitation.
Which definition among those given below best describes a covert channel?
A.
A server program using a port that is not well known.
B.
Making use of a protocol in a way it is not intended to be used.
C.
It is the multiplexing taking place on a communication link.
D.
It is one of the weak channels used by WEP which makes it insecure
Making use of a protocol in a way it is not intended to be used.
The configuration allows a wired or wireless network interface controller to pass all traffic it
receives to the Central Processing Unit (CPU), rather than passing only the frames that the
controller is intended to receive. Which of the following is being described?
A.
Multi-cast mode
B.
Promiscuous mode
C.
WEM
D.
Port forwarding
Promiscuous mode
Which of the following tools is used to analyze the files produced by several packet-capture
programs such as tcpdump, WinDump, Wireshark, and EtherPeek?
A.
tcptrace
B.
Nessus
C.
OpenVAS
D.
tcptraceroute
tcptrace
These hackers have limited or no training and know how to use only basic techniques or
tools.
What kind of hackers are we talking about?
A.
Black-Hat Hackers A
B.
Script Kiddies
C.
White-Hat Hackers
D.
Gray-Hat Hacker
Script Kiddies
Explanation: Script Kiddies: These hackers have limited or no training and know how to use only basictechniques or tools. Even then they may not understand any or all of what they are doing.
Nicolas just found a vulnerability on a public-facing system that is considered a zero-day
vulnerability. He sent an email to the owner of the public system describing the problem
and how the owner can protect themselves from that vulnerability. He also sent an email to
Microsoft informing them of the problem that their systems are exposed to. What type of
hacker is Nicolas?
A.
Red hat
B.
white hat
C.
Black hat
D.
Gray hat
white hat
Explanation:
A white hat (or a white hat hacker) is an ethical computer hacker, or a computer security
expert, who focuses on penetration testing and in other testing methodologies that ensures
the safety of an organization’s information systems. Ethical hacking may be a term meant
to imply a broader category than simply penetration testing. Contrasted with black hat, a
malicious hacker, the name comes from Western films, where heroic and antagonistic
cowboys might traditionally wear a white and a black hat respectively. While a white hat
hacker hacks under good intentions with permission, and a black hat hacker, most
frequently unauthorized, has malicious intent, there’s a 3rd kind referred to as a gray hat
hacker who hacks with good intentions but sometimes without permission.White hat
hackers can also add teams called “sneakers and/or hacker clubs”,red teams, or tiger
teams.While penetration testing concentrates on attacking software and computer systems
from the beginning – scanning ports, examining known defects in protocols and
applications running on the system and patch installations, as an example – ethical hacking
may include other things. A full-blown ethical hack might include emailing staff to invite
password details, searching through executive’s dustbins and typically breaking and
entering, without the knowledge and consent of the targets. Only the owners, CEOs and
Board Members (stake holders) who asked for such a censoring of this magnitude are
aware. to undertake to duplicate a number of the destructive techniques a true attack might
employ, ethical hackers may arrange for cloned test systems, or organize a hack late in the
dark while systems are less critical. In most up-to-date cases these hacks perpetuate for
the long-term con (days, if not weeks, of long-term human infiltration into an organization).
Some examples include leaving USB/flash key drives with hidden auto-start software
during a public area as if someone lost the tiny drive and an unsuspecting employee found
it and took it.Some other methods of completing these include:• DoS attacks• Social engineering tactics• Reverse engineering• Network security• Disk and memory forensics•
Vulnerability research• Security scanners such as:– W3af– Nessus– Burp
suite• Frameworks such as:– Metasploit• Training PlatformsThese methods identify and
exploit known security vulnerabilities and plan to evade security to realize entry into
secured areas. they’re ready to do that by hiding software and system ‘back-doors’ which
will be used as a link to information or access that a non-ethical hacker, also referred to as
‘black-hat’ or ‘grey-hat’, might want to succeed in
Security administrator John Smith has noticed abnormal amounts of traffic coming from
local computers at night. Upon reviewing, he finds that user data have been exfilltrated by
an attacker. AV tools are unable to find any malicious software, and the IDS/IPS has not
reported on any non-whitelisted programs, what type of malware did the attacker use to
bypass the company's application whitelisting?
A.
Phishing malware
B.
Zero-day malware
C.
File-less malware
D.
Logic bomb malware
File-less malware
| Page 12 out of 48 Pages |
| Previous |