New Questions 1

Which method of password cracking takes the most time and effort?

A. Shoulder surfing

B. Brute force

C. Dictionary attack

D. Rainbow tables

View Answer

New Questions 2

The "white box testing" methodology enforces what kind of restriction?

A. Only the internal operation of a system is known to the tester.

B. The internal operation of a system is completely known to the tester.

C. The internal operation of a system is only partly accessible to the tester.

D. Only the external operation of a system is accessible to the tester.

View Answer

New Questions 3

Due to a slowdown of normal network operations, the IT department decided to monitor internet traffic for all of the employees. From a legal stand point, what would be troublesome to take this kind of measure?

A. All of the employees would stop normal work activities

B. IT department would be telling employees who the boss is

C. Not informing the employees that they are going to be monitored could be an invasion of privacy.

D. The network could still experience traffic slow down.

View Answer

New Questions 4

Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing services, which OS did it not directly affect?

A. Linux

B. Unix

C. OS X

D. Windows

View Answer

New Questions 5

Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?

A. Produces less false positives

B. Can identify unknown attacks

C. Requires vendor updates for a new threat

D. Cannot deal with encrypted network traffic

View Answer

New Questions 6

You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.

What is the best nmap command you will use?

A. nmap -T4 -q 10.10.0.0/24

B. nmap -T4 -F 10.10.0.0/24

C. nmap -T4 -r 10.10.1.0/24

D. nmap -T4 -O 10.10.0.0/24

View Answer

New Questions 7

You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line.

Which command would you use?

A. c:gpedit

B. c:compmgmt.msc

C. c:ncpa.cp

D. c:services.msc

View Answer

New Questions 8

On performing a risk assessment, you need to determine the potential impacts when some of the critical business process of the company interrupt its service. What is the name of the process by which you can determine those critical business?

A. Risk Mitigation

B. Emergency Plan Response (EPR)

C. Disaster Recovery Planning (DRP)

D. Business Impact Analysis (BIA)

View Answer

New Questions 9

An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", that the user is directed to a phishing site.

Which file does the attacker need to modify?

A. Boot.ini

B. Sudoers

C. Networks

D. Hosts

View Answer

New Questions 10

During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network.

What is this type of DNS configuration commonly called?

A. DynDNS

B. DNS Scheme

C. DNSSEC

D. Split DNS

View Answer