Hacker Tools, Techniques, Exploits and Incident Handling v7.1 (SEC504)

Page:    1 / 22   
Total 333 questions

You run the following bash script in Linux:
for i in 'cat hostlist.txt' ;do
nc -q 2 -v $i 80 < request.txt done
Where, hostlist.txt file contains the list of IP addresses and request.txt is the output file.
Which of the following tasks do you want to perform by running this script?

  • A. You want to put nmap in the listen mode to the hosts given in the IP address list.
  • B. You want to perform banner grabbing to the hosts given in the IP address list.
  • C. You want to perform port scanning to the hosts given in the IP address list.
  • D. You want to transfer file hostlist.txt to the hosts given in the IP address list.

Answer : B

Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of
Internet forum for online discussion. When a user visits the infected Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc. Which of the following types of Cross-Site Scripting attack Ryan intends to do?

  • A. Non persistent
  • B. Document Object Model (DOM)
  • C. SAX
  • D. Persistent

Answer : D

Which of the following DoS attacks affects mostly Windows computers by sending corrupt
UDP packets?

  • A. Fraggle
  • B. Ping flood
  • C. Bonk
  • D. Smurf

Answer : C

In which of the following attacking methods does an attacker distribute incorrect IP address?

  • A. IP spoofing
  • B. Mac flooding
  • C. DNS poisoning
  • D. Man-in-the-middle

Answer : C

In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?

  • A. TCP FIN
  • B. FTP bounce
  • C. XMAS
  • D. TCP SYN

Answer : A

Which of the following functions can you use to mitigate a command injection attack?
Each correct answer represents a part of the solution. Choose all that apply.

  • A. escapeshellarg()
  • B. escapeshellcmd()
  • C. htmlentities()
  • D. strip_tags()

Answer : A,B

Adam works as an Incident Handler for Umbrella Inc. He has been sent to the California unit to train the members of the incident response team. As a demo project he asked members of the incident response team to perform the following actions:
Remove the network cable wires.
Isolate the system on a separate VLAN
Use a firewall or access lists to prevent communication into or out of the system.
Change DNS entries to direct traffic away from compromised system
Which of the following steps of the incident handling process includes the above actions?

  • A. Identification
  • B. Containment
  • C. Eradication
  • D. Recovery

Answer : B

Which of the following attacks is specially used for cracking a password?

  • A. PING attack
  • B. Dictionary attack
  • C. Vulnerability attack
  • D. DoS attack

Answer : B

Fill in the blank with the appropriate term.
_______is the practice of monitoring and potentially restricting the flow of information outbound from one network to another

Answer : Egress filtering

Which of the following tools can be used for steganography?
Each correct answer represents a complete solution. Choose all that apply.

  • A. Image hide
  • B. Stegbreak
  • C. Snow.exe
  • D. Anti-x

Answer : A,C

Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?

  • A. Trojan Man
  • B. EliteWrap
  • C. Tiny
  • D. NetBus

Answer : A

You have inserted a Trojan on your friend's computer and you want to put it in the startup so that whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry entries will you edit to accomplish the task?

  • A. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Startup
  • B. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Auto C. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
  • D. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Start

Answer : C

Which of the following tools can be used to perform brute force attack on a remote database?
Each correct answer represents a complete solution. Choose all that apply.

  • A. SQLBF
  • B. SQLDict
  • C. FindSA
  • D. nmap

Answer : A,B,C

Adam, a novice computer user, works primarily from home as a medical professional. He just bought a brand new Dual Core Pentium computer with over 3 GB of RAM. After about two months of working on his new computer, he notices that it is not running nearly as fast as it used to. Adam uses antivirus software, anti-spyware software, and keeps the computer up-to-date with Microsoft patches. After another month of working on the computer, Adam finds that his computer is even more noticeably slow. He also notices a window or two pop-up on his screen, but they quickly disappear. He has seen these windows show up, even when he has not been on the Internet. Adam notices that his computer only has about 10 GB of free space available. Since his hard drive is a 200 GB hard drive, Adam thinks this is very odd.
Which of the following is the mostly likely the cause of the problem?

  • A. Computer is infected with the stealth kernel level rootkit.
  • B. Computer is infected with stealth virus.
  • C. Computer is infected with the Stealth Trojan Virus.
  • D. Computer is infected with the Self-Replication Worm.

Answer : A

Your company has been hired to provide consultancy, development, and integration services for a company named Brainbridge International. You have prepared a case study to plan the upgrade for the company. Based on the case study, which of the following steps will you suggest for configuring WebStore1?
Each correct answer represents a part of the solution. Choose two.

  • A. Customize IIS 6.0 to display a legal warning page on the generation of the 404.2 and 404.3 errors.
  • B. Move the WebStore1 server to the internal network.
  • C. Configure IIS 6.0 on WebStore1 to scan the URL for known buffer overflow attacks.
  • D. Move the computer account of WebStore1 to the Remote organizational unit (OU).

Answer : A,C

Page:    1 / 22   
Total 333 questions