Q1. You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c 

What is the hexadecimal value of NOP instruction? 

A. 0x60 

B. 0x80 

C. 0x70 

D. 0x90 

View Answer

Q2. Bob has been hired to do a web application security test. Bob notices that the site is dynamic and infers that they mist be making use of a database at the application back end. Bob wants to validate whether SQL Injection would be possible. 

What is the first character that Bob should use to attempt breaking valid SQL requests? 

A. Semi Column 

B. Double Quote 

C. Single Quote 

D. Exclamation Mark 

View Answer

Q3. You are the security administrator for a large online auction company based out of Los Angeles. After getting your ENSA CERTIFICATION last year, you have steadily been fortifying your network’s security including training OS hardening and network security. One of the last things you just changed for security reasons was to modify all the built-in administrator accounts on the local computers of PCs and in Active Directory. After through testing you found and no services or programs were affected by the name changes. 

Your company undergoes an outside security audit by a consulting company and they said that even through all the administrator account names were changed, the accounts could still be used by a clever hacker to gain unauthorized access. You argue with the auditors and say that is not possible, so they use a tool and show you how easy it is to utilize the administrator account even though its name was changed. 

What tool did the auditors use? 

A. sid2user 

B. User2sid 

C. GetAcct 

D. Fingerprint 

View Answer

Q4. What type of session hijacking attack is shown in the exhibit? 

A. Cross-site scripting Attack 

B. SQL Injection Attack 

C. Token sniffing Attack 

D. Session Fixation Attack 

View Answer

Q5. Annie has just succeeded is stealing a secure cookie via a XSS attack. She is able to replay the cookie even while the session is valid on the server. Why do you think this is possible? 

A. Any Cookie can be replayed irrespective of the session status 

B. The scenario is invalid as a secure cookie can’t be replayed 

C. It works because encryption is performed at the network layer (layer 1 encryption) 

D. It works because encryption is performed at the application layer (Single Encryption Key) 

View Answer

Q6. SSL has been seen as the solution to several common security problems. Administrators will often make use of SSL to encrypt communication from point A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B? 

A. SSL is redundant if you already have IDS in place. 

B. SSL will trigger rules at regular interval and force the administrator to turn them off. 

C. SSL will slow down the IDS while it is breaking the encryption to see the packet content. 

D. SSL will mask the content of the packet and Intrusion Detection System will be blinded. 

View Answer

Q7. WWW wanderers or spiders are programs that traverse many pages in the World Wide Web by recursively retrieving linked pages. Search engines like Google, frequently spider web pages for indexing. 

How will you stop web spiders from crawling certain directories on your website? 

A. Place robots.txt file in the root of your website with listing of directories that you don't want to be crawled 

B. Place authentication on root directories that will prevent crawling from these spiders 

C. Place "HTTP:NO CRAWL" on the html pages that you don't want the crawlers to index 

D. Enable SSL on the restricted directories which will block these spiders from crawling 

View Answer

Q8. This tool is widely used for ARP Poisoning attack. Name the tool. 

A. Cain and Able 

B. Beat Infector 

C. Poison Ivy 

D. Webarp Infector 

View Answer

Q9. In which location, SAM hash passwords are stored in Windows 7? 

A. c:\windows\system32\config\SAM 

B. c:\winnt\system32\machine\SAM 

C. c:\windows\etc\drivers\SAM 

D. c:\windows\config\etc\SAM 

View Answer

Q10. Jonathan being a keen administrator has followed all of the best practices he could find on securing his Windows Server. He renamed the Administrator account to a new name that can’t be easily guessed but there remain people who attempt to compromise his newly renamed administrator account. How can a remote attacker decipher the name of the administrator account if it has been renamed? 

A. The attacker guessed the new name 

B. The attacker used the user2sid program 

C. The attacker used to sid2user program 

D. The attacker used NMAP with the V option 

View Answer