Which of the following is considered an exploit framework and has the ability to perform automated attacks on services, ports, applications and unpatched security flaws in a computer system?
Wireshark
Maltego
Metasploit
Nessus
SHOW ANSWERWhich of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?
Cavity virus
Polymorphic virus
Tunneling virus
Stealth virus
SHOW ANSWERThere are several ways to gain insight on how a cryptosystem works with the goal of reverse engineering the process. A term describes when two pieces of data result in the same value is?
Collision
Collusion
Polymorphism
Escrow
SHOW ANSWERThe network in ABC company is using the network address 192.168.1.64 with mask 255.255.255.192. In the network the servers are in the addresses 192.168.1.122, 192.168.1.123 and 192.168.1.124. An attacker is trying to find those servers but he cannot see them in his scanning. The command he is using is: nmap 192.168.1.64/28. Why he cannot see the servers?
The network must be down and the nmap command and IP address are ok.
He needs to add the command ''''ip address'''' just before the IP address.
He is scanning from 192.168.1.64 to 192.168.1.78 because of the mask /28 and the servers are not in that range.
He needs to change the address to 192.168.1.0 with the same mask.
SHOW ANSWERWhen using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?
Network tap
Layer 3 switch
Network bridge
Application firewall
SHOW ANSWERAn attacker gains access to a Web server's database and displays the contents of the table that holds all of the names, passwords, and other user information. The attacker did this by entering information into the Web site's user login page that the software's designers did not expect to be entered. This is an example of what kind of software design problem?
Insufficient input validation
Insufficient exception handling
Insufficient database hardening
Insufficient security management
SHOW ANSWERWhat type of malware is it that restricts access to a computer system that it infects and demands that the user pay a certain amount of money, cryptocurrency, etc. to the operators of the malware to remove the restriction?
Ransomware
Riskware
Adware
Spyware
SHOW ANSWERWhat is the name of the attack which is mentioned in the scenario?
HTTP Parameter Pollution
HTML Injection
Session Fixation
ClickJacking Attack
SHOW ANSWERYou are a Penetration Tester and are assigned to scan a server. You need to use a scanning technique wherein the TCP Header is split into many packets so that it becomes difficult to detect what the packets are meant for. Which of the below scanning technique will you use?
ACK flag scanning
TCP Scanning
IP Fragment Scanning
Inverse TCP flag scanning
SHOW ANSWERYou've just discovered a server that is currently active within the same network with the machine you recently compromised. You ping it but it did not respond. What could be the case?
TCP/IP doesn't support ICMP
ARP is disabled on the target server
ICMP could be disabled on the target server
You need to run the ping command with root privileges
SHOW ANSWERHow can a rootkit bypass Windows 7 operating system's kernel mode, code signing policy?
Defeating the scanner from detecting any code change at the kernel
Replacing patch system calls with its own version that hides the rootkit (attacker's) actions
Performing common services for the application process and replacing real applications with fake ones
Attaching itself to the master boot record in a hard drive and changing the machine's boot sequence/options
SHOW ANSWERAn incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of the logged events do not match up. What is the most likely cause?
The network devices are not all synchronized.
Proper chain of custody was not observed while collecting the logs.
The attacker altered or erased events from the logs.
The security breach was a false positive.
SHOW ANSWERJohn the Ripper is a technical assessment tool used to test the weakness of which of the following?
Usernames
File permissions
Firewall rulesets
Passwords
SHOW ANSWERYou are using NMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands looks for IP addresses?
>host -t a hackeddomain.com
>host -t soa hackeddomain.com
>host -t ns hackeddomain.com
>host -t AXFR hackeddomain.com
SHOW ANSWER