NEW QUESTION 1
John, the penetration testing manager in a pen testing firm, needs to prepare a pen testing pricing report for a client. Which of the following factors does he need to consider while preparing the pen testing pricing report?

• A. Number of employees in the client organization
• B. Complete structure of the organization
• C. Number of client computers to be tested and resources required to perform a pen test
• D. Number of servers available in the client organization

Answer: C

NEW QUESTION 2
Logs are the record of the system and network activities. Syslog protocol is used for delivering log information across an IP network. Syslog messages can be sent via which one of the following?

• A. UDP and TCP
• B. TCP and SMTP
• C. SMTP
• D. UDP and SMTP

Answer: A

NEW QUESTION 3
By default, the TFTP server listens on UDP port 69. Which of the following utility reports the port status of target TCP and UDP ports on a local or a remote computer and is used to troubleshoot TCP/IP connectivity issues?

• A. PortQry
• B. Netstat
• C. Telnet
• D. Tracert

Answer: A

NEW QUESTION 4
You are running through a series of tests on your network to check for any security vulnerabilities. After normal working hours, you initiate a DoS attack against your external firewall. The firewall quickly freezes up and becomes unusable.
You then initiate an FTP connection from an external IP into your internal network. The connection is successful even though you have FTP blocked at the external firewall. What has happened?

• A. The firewall failed-open
• B. The firewall failed-bypass
• C. The firewall failed-closed
• D. The firewall ACL has been purged

Answer: A

NEW QUESTION 5
Larry is an IT consultant who works for corporations and government agencies. Larry plans on shutting down the city's network using BGP devices and Zombies? What type of Penetration Testing is Larry planning to carry out?

• A. Internal Penetration Testing
• B. Firewall Penetration Testing
• C. DoS Penetration Testing
• D. Router Penetration Testing

Answer: C

NEW QUESTION 6
Which of the following are the default ports used by NetBIOS service?

• A. 135, 136, 139, 445
• B. 134, 135, 136, 137
• C. 137, 138, 139, 140
• D. 133, 134, 139, 142

Answer: A

NEW QUESTION 7
In Linux, what is the smallest possible shellcode?

• A. 800 bytes
• B. 8 bytes
• C. 80 bytes
• D. 24 bytes

Answer: D

NEW QUESTION 8
An automated electronic mail message from a mail system which indicates that the user does not exist on that server is called as?

• A. SMTP Queue Bouncing
• B. SMTP Message Bouncing
• C. SMTP Server Bouncing
• D. SMTP Mail Bouncing

Answer: D

NEW QUESTION 9
A firewall’s decision to forward or reject traffic in network filtering is dependent upon which of the following?

• A. Destination address
• B. Port numbers
• C. Source address
• D. Protocol used

Answer: D

NEW QUESTION 10
Which one of the following acts makes reputational risk of poor security a reality because it requires public disclosure of any security breach that involves personal information if it is unencrypted or if it is reasonably believed that the information has been acquired by an unauthorized person?

• A. California SB 1386
• B. Sarbanes-Oxley 2002
• C. Gramm-Leach-Bliley Act (GLBA)
• D. USA Patriot Act 2001

Answer: A

NEW QUESTION 11
John, a penetration tester from a pen test firm, was asked to collect information about the host file in a Windows system directory. Which of the following is the location of the host file in Window system directory?

• A. C:WindowsSystem32Boot
• B. C:WINNTsystem32driversetc
• C. C:WINDOWSsystem32cmd.exe
• D. C:WindowsSystem32restore

Answer: B

NEW QUESTION 12
The objective of this act was to protect consumers personal financial information held by financial institutions and their service providers.

• A. HIPAA
• B. Sarbanes-Oxley 2002
• C. Gramm-Leach-Bliley Act
• D. California SB 1386a

Answer: C

NEW QUESTION 13
In which of the following firewalls are the incoming or outgoing packets blocked from accessing services for which there is no proxy?

• A. Circuit level firewalls
• B. Packet filters firewalls
• C. Stateful multilayer inspection firewalls
• D. Application level firewalls

Answer: D

NEW QUESTION 14
War Driving is the act of moving around a specific area, mapping the population of wireless access points for statistical purposes. These statistics are then used to raise awareness of the security problems associated with these types of networks.
Which one of the following is a Linux based program that exploits the weak IV (Initialization Vector) problem
documented with static WEP?

• A. Airsnort
• B. Aircrack
• C. WEPCrack
• D. Airpwn

Answer: A

NEW QUESTION 15
Which of the following policies states that the relevant application owner must authorize requests for additional access to specific business applications in writing to the IT Department/resource?

• A. Special-Access Policy
• B. User Identification and Password Policy
• C. Personal Computer Acceptable Use Policy
• D. User-Account Policy

Answer: B

NEW QUESTION 16
Variables are used to define parameters for detection, specifically those of your local network and/or specific servers or ports for inclusion or exclusion in rules. These are simple substitution variables set with the var keyword.
Which one of the following operator is used to define meta-variables?

• A. “$”
• B. “#”
• C. “*”
• D. “?”

Answer: A

NEW QUESTION 17
Which of the following external pen testing tests reveals information on price, usernames and passwords, sessions, URL characters, special instructors, encryption used, and web page behaviors?

• A. Check for Directory Consistency and Page Naming Syntax of the Web Pages
• B. Examine Server Side Includes (SSI)
• C. Examine Hidden Fields
• D. Examine E-commerce and Payment Gateways Handled by the Web Server

Answer: C

NEW QUESTION 18
What does ICMP Type 3/Code 13 mean?

• A. Host Unreachable
• B. Port Unreachable
• C. Protocol Unreachable
• D. Administratively Blocked

Answer: D

NEW QUESTION 19
Jim performed a vulnerability analysis on his network and found no potential problems. He runs another utility that executes exploits against his system to verify the results of the vulnerability test. The second utility executes five known exploits against his network in which the vulnerability analysis said were not exploitable.
What kind of results did Jim receive from his vulnerability analysis?

• A. True negatives
• B. False negatives
• C. False positives
• D. True positives

Answer: B

NEW QUESTION 20
George is the network administrator of a large Internet company on the west coast. Per corporate policy, none of the employees in the company are allowed to use FTP or SFTP programs without obtaining approval from the IT department. Few managers are using SFTP program on their computers.
Before talking to his boss, George wants to have some proof of their activity. George wants to use Ethereal t monitor network traffic, but only SFTP traffic to and from his network. What filter should George use in Ethereal?

• A. net port 22
• B. udp port 22 and host 172.16.28.1/24
• C. src port 22 and dst port 22
• D. src port 23 and dst port 23

Answer: C