Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?
Produces less false positives
Can identify unknown attacks
Requires vendor updates for a new threat
Cannot deal with encrypted network traffic
SHOW ANSWERTCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. Which of the following tools can be used for passive OS fingerprinting?
nmap
ping
tracert
tcpdump
SHOW ANSWERWhich of the following is considered the best way to protect Personally Identifiable Information (PII) from Web application vulnerabilities?
Use cryptographic storage to store all PII
Use encrypted communications protocols to transmit PII
Use full disk encryption on all hard drives to protect PII
Use a security token to log into all Web applications that use PII
SHOW ANSWERWhat network security concept requires multiple layers of security controls to be placed throughout an IT infrastructure, which improves the security posture of an organization to defend against malicious attacks or potential vulnerabilities? What kind of Web application vulnerability likely exists in their software?
Host-Based Intrusion Detection System
Security through obscurity
Defense in depth
Network-Based Intrusion Detection System
SHOW ANSWERWhich of the following levels of algorithms does Public Key Infrastructure (PKI) use?
RSA 1024 bit strength
AES 1024 bit strength
RSA 512 bit strength
AES 512 bit strength
SHOW ANSWERA hacker is an intelligent individual with excellent computer skills and the ability to explore a computer's software and hardware without the owner's permission. Their intention can either be to simply gain knowledge or to illegally make changes. Which of the following class of hacker refers to an individual who works both offensively and defensively at various times?
Suicide Hacker
Black Hat
White Hat
Gray Hat
SHOW ANSWERFingerprinting VPN firewalls is possible with which of the following tools?
Angry IP
Nikto
Ike-scan
Arp-scan
SHOW ANSWERWhat is a "Collision attack" in cryptography?
Collision attacks try to find two inputs producing the same hash.
Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key.
Collision attacks try to get the public key.
Collision attacks try to break the hash into three parts to get the plaintext value.
SHOW ANSWERIt is a short-range wireless communication technology intended to replace the cables connecting portable of fixed devices while maintaining high levels of security. It allows mobile phones, computers and other devices to connect and communicate using a short-range wireless connection. Which of the following terms best matches the definition?
Bluetooth
Radio-Frequency Identification
WLAN
InfraRed
SHOW ANSWERWhat is a NULL scan?
A scan in which all flags are turned off
A scan in which certain flags are off
A scan in which all flags are on
A scan in which the packet size is set to zero
A scan with an illegal packet size
SHOW ANSWERThis phase will increase the odds of success in later phases of the penetration test. It is also the very first step in Information Gathering, and it will tell you what the "landscape" looks like. What is the most important phase of ethical hacking in which you need to spend a considerable amount of time?
footprinting
network mapping
gaining access
escalating privileges
SHOW ANSWERIn IPv6 what is the major difference concerning application layer vulnerabilities compared to IPv4?
Implementing IPv4 security in a dual-stack network offers protection from IPv6 attacks too.
Vulnerabilities in the application layer are independent of the network layer. Attacks and mitigation techniques are almost identical.
Due to the extensive security measures built in IPv6, application layer vulnerabilities need not be addresses.
Vulnerabilities in the application layer are greatly different from IPv4.
SHOW ANSWERPentest results indicate that voice over IP traffic is traversing a network. Which of the following tools will decode a packet capture and extract the voice conversations?
Cain
John the Ripper
Nikto
Hping
SHOW ANSWERWhich initial procedure should an ethical hacker perform after being brought into an organization?
Begin security testing.
Turn over deliverables.
Sign a formal contract with non-disclosure.
Assess what the organization is trying to protect.
SHOW ANSWER