NEW QUESTION 1
You work as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network. You are working as a root user on the Linux operating system. Your company is facing an IP spoofing attack.
Which of the following tools will you use to get an alert saying that an upcoming IP packet is being spoofed?

• A. Despoof
• B. Dsniff
• C. ethereal
• D. Neotrace

Answer: A

NEW QUESTION 2
John works as a professional Ethical Hacker. He is assigned a project to test the security of www.weare-secure.com. He installs a rootkit on the Linux server of the We-are-secure network. Which of the following statements are true about rootkits?
Each correct answer represents a complete solution. Choose all that apply.

• A. They allow an attacker to conduct a buffer overflow.
• B. They allow an attacker to set a Trojan in the operating system and thus open a backdoor for anytime access.
• C. They allow an attacker to replace utility programs that can be used to detect the attacker's activity.
• D. They allow an attacker to run packet sniffers secretly to capture passwords.

Answer: BCD

NEW QUESTION 3
John, a part-time hacker, has accessed in unauthorized way to the www.yourbank.com banking Website and stolen the bank account information of its users and their credit card numbers by using the SQL injection attack. Now, John wants to sell this information to malicious person Mark and make a deal to get a good amount of money. Since, he does not want to send the hacked information in the clear text format to Mark; he decides to send information in hidden text. For this, he takes a steganography tool and hides the information in ASCII text by appending whitespace to the end of lines and encrypts the hidden information by using the IDEA encryption algorithm. Which of the following tools is John using for steganography?

• A. Image Hide
• B. 2Mosaic
• C. Snow.exe
• D. Netcat

Answer: C

NEW QUESTION 4
Which of the following types of skills are required in the members of an incident handling team?
Each correct answer represents a complete solution. Choose all that apply.

• A. Organizational skills
• B. Diplomatic skills
• C. Methodical skills
• D. Technical skills

Answer: ABD

NEW QUESTION 5
You work as a Security Administrator for Net Perfect Inc. The company has a Windows-based network. You want to use a scanning technique which works as a reconnaissance attack. The technique should direct to a specific host or network to determine the services that the host offers.
Which of the following scanning techniques can you use to accomplish the task?

• A. IDLE scan
• B. Nmap
• C. SYN scan
• D. Host port scan

Answer: D

NEW QUESTION 6
Which of the following statements about reconnaissance is true?

• A. It describes an attempt to transfer DNS zone data.
• B. It is a computer that is used to attract potential intruders or attackers.
• C. It is any program that allows a hacker to connect to a computer without going through the normal authentication process.
• D. It is also known as half-open scanning.

Answer: A

NEW QUESTION 7
You work as a System Administrator in SunSoft Inc. You are running a virtual machine on Windows Server 2003. The virtual machine is protected by DPM. Now, you want to move the virtual machine to another host. Which of the following steps can you use to accomplish the task?
Each correct answer represents a part of the solution. Choose all that apply.

• A. Remove the original virtual machine from the old server and stop the protection for the original virtual machine.
• B. Run consistency check.
• C. Add the copied virtual machine to a protection group.
• D. Copy the virtual machine to the new server.

Answer: ACD

NEW QUESTION 8
You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?

• A. Brute force attack
• B. Mail bombing
• C. Distributed denial of service (DDOS) attack
• D. Malware installation from unknown Web sites

Answer: D

NEW QUESTION 9
Which of the following Denial-of-Service (DoS) attacks employ IP fragmentation mechanism?
Each correct answer represents a complete solution. Choose two.

• A. Land attack
• B. SYN flood attack
• C. Teardrop attack
• D. Ping of Death attack

Answer: CD

NEW QUESTION 10
Which of the following tools is used to attack the Digital Watermarking?

• A. Active Attacks
• B. 2Mosaic
• C. Steg-Only Attack
• D. Gifshuffle

Answer: B

NEW QUESTION 11
In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?

• A. Ping of death
• B. Jolt
• C. Fraggle
• D. Teardrop

Answer: A

NEW QUESTION 12
Which of the following DoS attacks affects mostly Windows computers by sending corrupt UDP packets?

• A. Fraggle
• B. Ping flood
• C. Bonk
• D. Smurf

Answer: C

NEW QUESTION 13
Which of the following strategies allows a user to limit access according to unique hardware information supplied by a potential client?

• A. Extensible Authentication Protocol (EAP)
• B. WEP
• C. MAC address filtering
• D. Wireless Transport Layer Security (WTLS)

Answer: C

NEW QUESTION 14
You work as a Network Administrator for InformSec Inc. You find that the TCP port number 23476 is open on your server. You suspect that there may be a Trojan named Donald Dick installed on your server. Now you want to verify whether Donald Dick is installed on it or not. For this, you want to know the process running on port 23476, as well as the process id, process name, and the path of the process on your server. Which of the following applications will you most likely use to accomplish the task?

• A. Tripwire
• B. SubSeven
• C. Netstat
• D. Fport

Answer: D

NEW QUESTION 15
Andrew, a bachelor student of Faulkner University, creates a gmail account. He uses 'Faulkner' as the password for the gmail account. After a few days, he starts receiving a lot of e-mails stating that his gmail account has been hacked. He also finds that some of his important mails have been deleted by someone. Which of the following methods has the attacker used to crack Andrew's password?
Each correct answer represents a complete solution. Choose all that apply.

• A. Denial-of-service (DoS) attack
• B. Zero-day attack
• C. Brute force attack
• D. Social engineering
• E. Buffer-overflow attack
• F. Rainbow attack
• G. Password guessing
• H. Dictionary-based attack

Answer: CDFGH

NEW QUESTION 16
As a professional hacker, you want to crack the security of secureserver.com. For this, in the information gathering step, you performed scanning with the help of nmap utility to retrieve as many different protocols as possible being used by the secureserver.com so that you could get the accurate knowledge about what services were being used by the secure server.com. Which of the following nmap switches have you used to accomplish the task?

• A. nmap -vO
• B. nmap -sS
• C. nmap -sT
• D. nmap -sO

Answer: D

NEW QUESTION 17
Adam works as an Incident Handler for Umbrella Inc. He has been sent to the California unit to train the members of the incident response team. As a demo project he asked members of the incident response team to perform the following actions:
Remove the network cable wires.
Isolate the system on a separate VLAN
Use a firewall or access lists to prevent communication into or out of the system.
Change DNS entries to direct traffic away from compromised system
Which of the following steps of the incident handling process includes the above actions?

• A. Identification
• B. Containment
• C. Eradication
• D. Recovery

Answer: B

NEW QUESTION 18
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. On the We-are-secure login page, he enters ='or''=' as a username and successfully logs in to the user page of the Web site.
The we-are-secure login page is vulnerable to a __________.

• A. Dictionary attack
• B. SQL injection attack
• C. Replay attack
• D. Land attack

Answer: B

NEW QUESTION 19
CORRECT TEXT
Fill in the blank with the correct numeric value.
ARP poisoning is achieved in ______ steps.

• A.

Answer: 2

NEW QUESTION 20
......