Your team has won a contract to infiltrate an organization. The company wants to have the attack be as realistic as possible; therefore, they did not provide any information besides the company name. What should be the first step in security testing the client?
Reconnaissance
Enumeration
Scanning
Escalation
SHOW ANSWERYou are the Systems Administrator for a large corporate organization. You need to monitor all network traffic on your local network for suspicious activities and receive notifications when an attack is occurring. Which tool would allow you to accomplish this goal?
Network-based IDS
Firewall
Proxy
Host-based IDS
SHOW ANSWERAn attacker uses a communication channel within an operating system that is neither designed nor intended to transfer information. What is the name of the communications channel?
Classified
Overt
Encrypted
Covert
SHOW ANSWERWhat does the -oX flag do in an Nmap scan?
Perform an express scan
Output the results in truncated format to the screen
Perform an Xmas scan
Output the results in XML format to a file
SHOW ANSWERIn many states sending spam is illegal. Thus, the spammers have techniques to try and ensure that no one knows they sent the spam out to thousands of users at a time. Which of the following best describes what spammers use to hide the origin of these types of e-mails?
A blacklist of companies that have their mail server relays configured to allow traffic only to their specific domain name.
Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers continuously.
A blacklist of companies that have their mail server relays configured to be wide open.
Tools that will reconfigure a mail server's relay component to send the e-mail back to the spammers occasionally.
SHOW ANSWERWhat is correct about digital signatures?
A digital signature cannot be moved from one signed document to another because it is the hash of the original document encrypted with the private key of the signing party.
Digital signatures may be used in different documents of the same type.
A digital signature cannot be moved from one signed document to another because it is a plain hash of the document content.
Digital signatures are issued once for each user and can be used everywhere until they expire
SHOW ANSWERNull sessions are un-authenticated connections (not using a username or password.) to an NT or 2000 system. Which TCP and UDP ports must you filter to check null sessions on your network?
137 and 139
137 and 443
139 and 443
139 and 445
SHOW ANSWERBacking up data is a security must. However, it also has certain level of risks when mishandled. Which of the following is the greatest threat posed by backups?
A backup is the source of Malware or illicit information
A backup is incomplete because no verification was performed
A backup is unavailable during disaster recovery
An unencrypted backup can be misplaced or stolen
SHOW ANSWERWhat is the best description of SQL Injection?
It is an attack used to gain unauthorized access to a database.
It is an attack used to modify code in an application.
t is a Man-in-the-Middle attack between your SQL Server and Web App Server.
It is a Denial of Service Attack
SHOW ANSWERA company has five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and 192.168.5.0. How can NMAP be used to scan these adjacent Class C networks?
NMAP -P 192.168.1-5.
NMAP -P 192.168.0.0/16
NMAP -P 192.168.1.0,2.0,3.0,4.0,5.0
NMAP -P 192.168.1/17
SHOW ANSWERWhich of the following will perform an Xmas scan using NMAP?
nmap -sA 192.168.1.254
nmap -sP 192.168.1.254
nmap -sX 192.168.1.254
nmap -sV 192.168.1.254
SHOW ANSWER_________ is a set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attacks types
DNSSEC
Zone transfer
Resource transfer
Resource records
SHOW ANSWERWhich definition among those given below best describes a covert channel?
A server program using a port that is not well known.
It is the multiplexing taking place on a communication link.
It is one of the weak channels used by WEP which makes it insecure
SHOW ANSWERWhich of the following is a restriction being enforced in "white box testing?"
Only the internal operation of a system is known to the tester
The internal operation of a system is completely known to the tester
Only the external operation of a system is accessible to the tester
SHOW ANSWER