Q1. A denial of Service (DoS) attack works on the following principle: 

A. MS-DOS and PC-DOS operating system utilize a weaknesses that can be compromised and permit them to launch an attack easily. 

B. All CLIENT systems have TCP/IP stack implementation weakness that can be compromised and permit them to lunch an attack easily. 

C. Overloaded buffer systems can easily address error conditions and respond appropriately. 

D. Host systems cannot respond to real traffic, if they have an overwhelming number of incomplete connections (SYN/RCVD State). 

E. A server stops accepting connections from certain networks one those network become flooded. 

View Answer

Q2. In an attempt to secure his 802.11b wireless network, Bob decides to use strategic antenna positioning. He places the antenna for the access point near the center of the building. For those access points near the outer edge of the building he uses semi-directional antennas that face towards the buildings center. There is a large parking lot and outlying filed surrounding the building that extends out half a mile around the building. Bob figures that with this and his placement of antennas, his wireless network will be safe from attack. Which of he following statements is true? 

A. Bob’s network will not be safe until he also enables WEP 

B. With the 300-foot limit of a wireless signal, Bob’s network is safe 

C. Bob’s network will be sage but only if he doesn’t switch to 802.11a 

D. Wireless signals can be detected from miles away; Bob’s network is not safe 

View Answer

Q3. A rootkit is a collection of tools (programs) that enable administrator-level access to a computer. This program hides itself deep into an operating system for malicious activity and is extremely difficult to detect. The malicious software operates in a stealth fashion by hiding its files, processes and registry keys and may be used to create a hidden directory or folder designed to keep out of view from a user's operating system and security software. 

What privilege level does a rootkit require to infect successfully on a Victim's machine? 

A. User level privileges 

B. Ring 3 Privileges 

C. System level privileges 

D. Kernel level privileges 

View Answer

Q4. Sara is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain. What do you think Sara is trying to accomplish? Select the best answer. 

A. A zone harvesting 

B. A zone transfer 

C. A zone update 

D. A zone estimate 

View Answer

Q5. You have been called to investigate a sudden increase in network traffic at company. It seems that the traffic generated was too heavy that normal business functions could no longer be rendered to external employees and clients. After a quick investigation, you find that the computer has services running attached to TFN2k and Trinoo software. What do you think was the most likely cause behind this sudden increase in traffic? 

A. A distributed denial of service attack. 

B. A network card that was jabbering. 

C. A bad route on the firewall. 

D. Invalid rules entry at the gateway. 

View Answer

Q6. Trojan horse attacks pose one of the most serious threats to computer security. The image below shows different ways a Trojan can get into a system. Which are the easiest and most convincing ways to infect a computer? 

A. IRC (Internet Relay Chat) 

B. Legitimate "shrink-wrapped" software packaged by a disgruntled employee 

C. NetBIOS (File Sharing) 

D. Downloading files, games and screensavers from Internet sites 

View Answer

Q7. Eric notices repeated probes to port 1080. He learns that the protocol being used is designed to allow a host outside of a firewall to connect transparently and securely through the firewall. He wonders if his firewall has been breached. What would be your inference? 

A. Eric network has been penetrated by a firewall breach 

B. The attacker is using the ICMP protocol to have a covert channel 

C. Eric has a Wingate package providing FTP redirection on his network 

D. Somebody is using SOCKS on the network to communicate through the firewall 

View Answer

Q8. Yancey is a network security administrator for a large electric company. This company provides power for over 100,000 people in Las Vegas. Yancey has worked for his company for over 15 years and has become very successful. One day, Yancey comes in to work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years, he just wants the company to pay for what they are doing to him. What would Yancey be considered? 

A. Yancey would be considered a Suicide Hacker 

B. Since he does not care about going to jail, he would be considered a Black Hat 

C. Because Yancey works for the company currently; he would be a White Hat 

D. Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing 

View Answer

Q9. You have chosen a 22 character word from the dictionary as your password. How long will it take to crack the password by an attacker? 

A. 5 minutes 

B. 23 days 

C. 200 years 

D. 16 million years 

View Answer

Q10. What framework architecture is shown in this exhibit? 

A. Core Impact 

B. Metasploit 

C. Immunity Canvas 

D. Nessus 

View Answer