A security consultant decides to use multiple layers of anti-virus defense, such as end user desktop anti-virus and E-mail gateway. This approach can be used to mitigate which kind of attack?
Forensic attack
ARP spoofing attack
Social engineering attack
Scanning attack
SHOW ANSWERCode injection is a form of attack in which a malicious user:
Inserts text into a data field that gets interpreted as code
Gets the server to execute arbitrary code using a buffer overflow
Inserts additional code into the JavaScript running in the browser
Gains access to the codebase on the server and inserts new code
SHOW ANSWERSid is a judge for a programming contest. Before the code reaches him it goes through a restricted OS and is tested there. If it passes, then it moves onto Sid. What is this middle step called?
Fuzzy-testing the code
Third party running the code
Sandboxing the code
String validating the code
SHOW ANSWERThe Payment Card Industry Data Security Standard (PCI DSS) contains six different categories of control objectives. Each objective contains one or more requirements, which must be followed in order to achieve compliance. Which of the following requirements would best fit under the objective, "Implement strong access control measures"?
Regularly test security systems and processes.
Encrypt transmission of cardholder data across open, public networks.
Assign a unique ID to each person with computer access.
Use and regularly update anti-virus software on all systems commonly affected by malware
SHOW ANSWERWhich of the following act requires employer's standard national numbers to identify them on standard transactions?
SOX
HIPAA
DMCA
PCI-DSS
SHOW ANSWERWhich of the following is an NMAP script that could help detect HTTP Methods such as GET, POST, HEAD, PUT, DELETE, TRACE?
http-git
http-headers
http enum
http-methods
SHOW ANSWERFred is the network administrator for his company. Fred is testing an internal switch. From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer. How can Fred accomplish this?
Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.
He can send an IP packet with the SYN bit and the source address of his computer
Fred can send an IP packet with the ACK bit set to zero and the source address of the switch
Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.
SHOW ANSWERWhat is the process of logging, recording, and resolving events that take place in an organization?
Incident Management Process
Security Policy
Internal Procedure
Metrics
SHOW ANSWERA hacker has managed to gain access to a Linux host and stolen the password file from /etc/passwd. How can he use it?
The password file does not contain the passwords themselves
He can open it and read the user ids and corresponding passwords.
The file reveals the passwords to the root user only.
He cannot read it because it is encrypted.
SHOW ANSWERYou are manually conducting Idle Scanning using Hping2. During your scanning you notice that almost every query increments the IPID regardless of the port being queried. One or two of the queries cause the IPID to increment by more than one value. Why do you think this occurs?
The zombie you are using is not truly idle.
A stateful inspection firewall is resetting your queries.
. Hping2 cannot be used for idle scanning.
These ports are actually open on the target system.
SHOW ANSWERDarius is analysing IDS logs. During the investigation, he noticed that there was nothing suspicious found and an alert was triggered on normal web application traffic. He can mark this alert as:
False-Negative
False-Positive
True-Positive
False-Signature
SHOW ANSWERWhat is the proper response for a NULL scan if the port is closed?
ACK
FIN
PSH
RST
No response
SHOW ANSWERThe Open Web Application Security Project (OWASP) is the worldwide not-for-profit charitable organization focused on improving the security of software. What item is the primary concern on OWASP's Top Ten Project Most Critical Web Application Security Risks?
Injection
Cross Site Scripting
Cross Site Request Forgery
Path disclosure
SHOW ANSWER