Which command line switch would be used in NMAP to perform operating system detection?
-OS
-sO
-sP
-O
SHOW ANSWERWhich Intrusion Detection System is best applicable for large environments where critical assets on the network need extra security and is ideal for observing sensitive network segments?
Network-based intrusion detection system (NIDS)
Host-based intrusion detection system (HIDS)
Firewalls
Honeypots
SHOW ANSWERWhich tool can be used to silently copy files from USB devices?
USB Grabber
USB Dumper
USB Sniffer
USB Snoopy
SHOW ANSWERHow does a denial-of-service attack work?
A hacker prevents a legitimate user (or group of users) from accessing a service
A hacker uses every character, word, or letter he or she can think of to defeat authentication
A hacker tries to decipher a password by using a system, which subsequently crashes the network
A hacker attempts to imitate a legitimate user by confusing a computer or even another person
SHOW ANSWERWhich type of security document is written with specific step-by-step details?
Process
Procedure
Policy
Paradigm
SHOW ANSWEROn performing a risk assessment, you need to determine the potential impacts when some of the critical business process of the company interrupt its service. What is the name of the process by which you can determine those critical business?
Risk Mitigation
Emergency Plan Response (EPR)
Disaster Recovery Planning (DRP)
Business Impact Analysis (BIA)
SHOW ANSWERWhy would an attacker want to perform a scan on port 137?
To discover proxy servers on a network
To disrupt the NetBIOS SMB service on the target host
To check for file and print sharing on Windows systems
To discover information about a target host using NBTSTAT
SHOW ANSWERWhich of the following is an example of two factor authentication?
PIN Number and Birth Date
Username and Password
Digital Certificate and Hardware Token
Which of the following is the BEST way to defend against network sniffing?
Using encryption protocols to secure network communications
Register all machines MAC Address in a Centralized Database
Restrict Physical Access to Server Rooms hosting Critical Servers
Use Static IP Address
SHOW ANSWERBob finished a C programming course and created a small C application to monitor the network traffic and produce alerts when any origin sends "many" IP packets, based on the average number of packets sent by all origins and using some thresholds. In concept, the solution developed by Bob is actually:
Just a network monitoring tool
A signature-based IDS
A hybrid IDS
A behavior-based IDS
SHOW ANSWERAn NMAP scan of a server shows port 25 is open. What risk could this pose?
Open printer sharing
Web portal data leak
Clear text authentication
Active mail relay
SHOW ANSWERWhich of the following problems can be solved by using Wireshark?
Tracking version changes of source code
Checking creation dates on all webpages on a server
Resetting the administrator password on multiple systems
Troubleshooting communication resets between two systems
SHOW ANSWERWhat kind of risk will remain even if all theoretically possible safety measures would be applied?
Residual risk
Inherent risk
Impact risk
Deferred risk
SHOW ANSWERWhen a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way handshake." While waiting for the ACK to the SYN ACK, a connection queue of finite size on the destination host keeps track of connections waiting to be completed. This queue typically empties quickly since the ACK is expected to arrive a few milliseconds after the SYN ACK. How would an attacker exploit this design by launching TCP SYN attack?
Attacker generates TCP SYN packets with random destination addresses towards a victim host
Attacker floods TCP SYN packets with random source addresses towards a victim host
Attacker generates TCP ACK packets with random source addresses towards a victim host
Attacker generates TCP RST packets with random source addresses towards a victim host
SHOW ANSWER