Q1. Which type of sniffing technique is generally referred as MiTM attack? 

A. Password Sniffing 

B. ARP Poisoning 

C. Mac Flooding 

D. DHCP Sniffing 

View Answer

Q2. Destination unreachable administratively prohibited messages can inform the hacker to what? 

A. That a circuit level proxy has been installed and is filtering traffic 

B. That his/her scans are being blocked by a honeypot or jail 

C. That the packets are being malformed by the scanning software 

D. That a router or other packet-filtering device is blocking traffic 

E. That the network is functioning normally 

View Answer

Q3. Reflective DDoS attacks do not send traffic directly at the targeted host. Instead, they usually spoof the originating IP addresses and send the requests at the reflectors. These reflectors (usually routers or high-powered servers with a large amount of network resources at their disposal) then reply to the spoofed targeted traffic by sending loads and loads of data to the final target. 

How would you detect these reflectors on your network? 

A. Run floodnet tool to detect these reflectors 

B. Look for the banner text by running Zobbie Zappers tools 

C. Run Vulnerability scanner on your network to detect these reflectors 

D. Scan the network using Nmap for the services used by these reflectors 

View Answer

Q4. June, a security analyst, understands that a polymorphic virus has the ability to mutate and can change its known viral signature and hide from signature-based antivirus programs. Can June use an antivirus program in this case and would it be effective against a polymorphic virus? 

A. No. June can't use an antivirus program since it compares the size of executable files to the database of known viral signatures and it is effective on a polymorphic virus 

B. Yes. June can use an antivirus program since it compares the parity bit of executable files to the database of known check sum counts and it is effective on a polymorphic virus 

C. Yes. June can use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and it is very effective against a polymorphic virus 

D. No. June can't use an antivirus program since it compares the signatures of executable files to the database of known viral signatures and in the case the polymorphic viruses cannot be detected by a signature-based anti-virus program 

View Answer

Q5. You are the security administrator of Jaco Banking Systems located in Boston. You are setting up e-banking website (http://www.ejacobank.com) authentication system. Instead of issuing banking customer with a single password, you give them a printed list of 100 unique passwords. Each time the customer needs to log into the e-banking system website, the customer enters the next password on the list. If someone sees them type the password using shoulder surfing, MiTM or keyloggers, then no damage is done because the password will not be accepted a second time. Once the list of 100 passwords is almost finished, the system automatically sends out a new password list by encrypted e-mail to the customer. 

You are confident that this security implementation will protect the customer from password abuse. 

Two months later, a group of hackers called "HackJihad" found a way to access the one-time password list issued to customers of Jaco Banking Systems. The hackers set up a fake website (http://www.e-jacobank.com) and used phishing attacks to direct ignorant customers to it. The fake website asked users for their e-banking username and password, and the next unused entry from their one-time password sheet. The hackers collected 200 customer's username/passwords this way. They transferred money from the customer's bank account to various offshore accounts. 

Your decision of password policy implementation has cost the bank with USD 925,000 to hackers. You immediately shut down the e-banking website while figuring out the next best security solution 

What effective security solution will you recommend in this case? 

A. Implement Biometrics based password authentication system. Record the customers face image to the authentication database 

B. Configure your firewall to block logon attempts of more than three wrong tries 

C. Enable a complex password policy of 20 characters and ask the user to change the password immediately after they logon and do not store password histories 

D. Implement RSA SecureID based authentication system 

View Answer

Q6. ________ is an automated vulnerability assessment tool. 

A. Whack a Mole 

B. Nmap 

C. Nessus 

D. Kismet 

E. Jill32 

View Answer

Q7. Which of the following is the best way an attacker can passively learn about technologies used in an organization? 

A. By sending web bugs to key personnel 

B. By webcrawling the organization web site 

C. By searching regional newspapers and job databases for skill sets technology hires need to possess in the organization 

D. By performing a port scan on the organization's web site 

View Answer

Q8. You are attempting to map out the firewall policy for an organization. You discover your target system is one hop beyond the firewall. Using hping2, you send SYN packets with the exact TTL of the target system starting at port 1 and going up to port 1024. What is this process known as? 

A. Footprinting 

B. Firewalking 

C. Enumeration 

D. Idle scanning 

View Answer

Q9. Peter has been monitoring his IDS and sees that there are a huge number of ICMP Echo Reply packets that are being received on the External Gateway interface. Further inspection reveals they are not responses from internal hosts request but simply responses coming from the Internet. What could be the likely cause of this? 

A. Someone Spoofed Peter’s IP Address while doing a land attack 

B. Someone Spoofed Peter’s IP Address while doing a DoS attack 

C. Someone Spoofed Peter’s IP Address while doing a smurf Attack 

D. Someone Spoofed Peter’s IP address while doing a fraggle attack 

View Answer

Q10. When a malicious hacker identifies a target and wants to eventually compromise this target, what would be the first step the attacker would perform? 

A. Cover his tracks by eradicating the log files 

B. Gain access to the remote computer for identification of venue of attacks 

C. Perform a reconnaissance of the remote target for identification of venue of attacks 

D. Always starts with a scan in order to quickly identify venue of attacks 

View Answer