Q7. Which of the following will perform an Xmas scan using NMAP?

A. nmap -sA 192.168.1.254

B. nmap -sP 192.168.1.254

C. nmap -sX 192.168.1.254

D. nmap -sV 192.168.1.254

View Answer

Q8. If you want only to scan fewer ports than the default scan using Nmap tool, which option would you use?

A. -sP

B. -P

C. -r

D. -F

View Answer

Q9. Which of the following is considered as one of the most reliable forms of TCP scanning?

A. TCP Connect/Full Open Scan

B. Half-open Scan

C. NULL Scan

D. Xmas Scan

View Answer

Q10. You are working as a Security Analyst in a company XYZ that owns the whole subnet range of 23.0.0.0/8 and 192.168.0.0/8.

While monitoring the data, you find a high number of outbound connections. You see that IPu2021s owned by XYZ (Internal) and private IPu2021s are communicating to a Single Public IP. Therefore, the Internal IPu2021s are sending data to the Public IP.

After further analysis, you find out that this Public IP is a blacklisted IP, and the internal communicating devices are compromised.

What kind of attack does the above scenario depict?

A. Botnet Attack

B. Spear Phishing Attack

C. Advanced Persistent Threats

D. Rootkit Attack

View Answer

Q11. What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?

A. Black-box

B. Announced

C. White-box

D. Grey-box

View Answer

Q12. DNS cache snooping is a process of determining if the specified resource address is present in the DNS cache records. It may be useful during the examination of the network to determine what software update resources are used, thus discovering what software is installed.

What command is used to determine if the entry is present in DNS cache?

A. nslookup -fullrecursive update.antivirus.com

B. dnsnooping u2013rt update.antivirus.com

C. nslookup -norecursive update.antivirus.com

D. dns --snoop update.antivirus.com

View Answer

Q13. Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the systems, he uses a detection method where the anti-virus executes the malicious codes on a virtual machine to simulate CPU and memory activities.

Which type of virus detection method did Chandler use in this context?

A. Heuristic Analysis

B. Code Emulation

C. Integrity checking

D. Scanning

View Answer

Q14. The following is part of a log file taken from the machine on the network with the IP address of 192.168.0.110:

What type of activity has been logged?

A. Teardrop attack targeting 192.168.0.110

B. Denial of service attack targeting 192.168.0.105

C. Port scan targeting 192.168.0.110

D. Port scan targeting 192.168.0.105

View Answer

Q15. Which of the following statements is TRUE?

A. Sniffers operate on Layer 2 of the OSI model

B. Sniffers operate on Layer 3 of the OSI model

C. Sniffers operate on both Layer 2 & Layer 3 of the OSI model.

D. Sniffers operate on the Layer 1 of the OSI model.

View Answer

Q16. What type of vulnerability/attack is it when the malicious person forces the useru2021s browser to send an authenticated request to a server?

A. Cross-site request forgery

B. Cross-site scripting

C. Session hijacking

D. Server side request forgery

View Answer