NEW QUESTION 1
Which of the following methods can be used to detect session hijacking attack?

• A. nmap
• B. Brutus
• C. ntop
• D. sniffer

Answer: D

NEW QUESTION 2
Which of the following Incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an enterprise?

• A. Preparation phase
• B. Eradication phase
• C. Identification phase
• D. Recovery phase
• E. Containment phase

Answer: A

NEW QUESTION 3
Which of the following attacks saturates network resources and disrupts services to a specific computer?

• A. Replay attack
• B. Teardrop attack
• C. Denial-of-Service (DoS) attack
• D. Polymorphic shell code attack

Answer: C

NEW QUESTION 4
Which of the following attacks allows an attacker to sniff data frames on a local area network (LAN) or stop the traffic altogether?

• A. Port scanning
• B. ARP spoofing
• C. Man-in-the-middle
• D. Session hijacking

Answer: B

NEW QUESTION 5
John works as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company uses Check Point SmartDefense to provide security to the network of the company. On the HTTP servers of the company, John defines a rule for dropping any kind of userdefined URLs. Which of the following types of attacks can be prevented by dropping the user- defined URLs?

• A. Morris worm
• B. Code red worm
• C. Hybrid attacks
• D. PTC worms and mutations

Answer: D

NEW QUESTION 6
203 ms 22.670 ms 20.111 ms 13 0.so-2-0-0.TL1.NYC8.ALTER.NET (152.63.0.153) 30.929 ms 24.858 ms

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 7
Which of the following types of rootkits replaces regular application binaries with Trojan fakes and modifies the behavior of existing applications using hooks, patches, or injected code?

• A. Application level rootkit
• B. Hypervisor rootkit
• C. Kernel level rootkit
• D. Boot loader rootkit

Answer: A

NEW QUESTION 8
Which of the following statements about Ping of Death attack is true?

• A. In this type of attack, a hacker sends more traffic to a network address than the buffer can handle.
• B. This type of attack uses common words in either upper or lower case to find a password.
• C. In this type of attack, a hacker maliciously cuts a network cable.
• D. In this type of attack, a hacker sends ICMP packets greater than 65,536 bytes to crash a system.

Answer: D

NEW QUESTION 9
In which of the following attacking methods does an attacker distribute incorrect IP address?

• A. IP spoofing
• B. Mac flooding
• C. DNS poisoning
• D. Man-in-the-middle

Answer: C

NEW QUESTION 10
Your company has been hired to provide consultancy, development, and integration services for a company named Brainbridge International. You have prepared a case study to plan the upgrade for the company. Based on the case study, which of the following steps will you suggest for configuring WebStore1?
Each correct answer represents a part of the solution. Choose two.

• A. Customize IIS 6.0 to display a legal warning page on the generation of the 404.2 and 404.3 errors.
• B. Move the WebStore1 server to the internal network.
• C. Configure IIS 6.0 on WebStore1 to scan the URL for known buffer overflow attacks.
• D. Move the computer account of WebStore1 to the Remote organizational unit (OU).

Answer: AC

NEW QUESTION 11
Which of the following tools is used for vulnerability scanning and calls Hydra to launch a dictionary attack?

• A. Whishker
• B. Nessus
• C. SARA
• D. Nmap

Answer: B

NEW QUESTION 12
Which of the following ensures that the investigation process of incident response team does not break any laws during the response to an incident?

• A. Information Security representative
• B. Lead Investigator
• C. Legal representative
• D. Human Resource

Answer: C

NEW QUESTION 13
A Denial-of-Service (DoS) attack is mounted with the objective of causing a negative impact on the performance of a computer or network. It is also known as network saturation attack or bandwidth consumption attack. Attackers perform DoS attacks by sending a large number of protocol packets to a network. The problems caused by a DoS attack are as follows:
l Saturation of network resources
l Disruption of connections between two computers, thereby preventing communications between services
l Disruption of services to a specific computer
l Failure to access a Web site
l Increase in the amount of spam
Which of the following can be used as countermeasures against DoS attacks?
Each correct answer represents a complete solution. Choose all that apply.

• A. Blocking undesired IP addresses
• B. Applying router filtering
• C. Disabling unneeded network services
• D. Permitting network access only to desired traffic

Answer: ABCD

NEW QUESTION 14
Which of the following attacks are examples of Denial-of-service attacks (DoS)?
Each correct answer represents a complete solution. Choose all that apply.

• A. Fraggle attack
• B. Smurf attack
• C. Birthday attack
• D. Ping flood attack

Answer: ABD

NEW QUESTION 15
Which of the following tools can be used for steganography?
Each correct answer represents a complete solution. Choose all that apply.

• A. Image hide
• B. Stegbreak
• C. Snow.exe
• D. Anti-x

Answer: AC

NEW QUESTION 16
Which of the following are the limitations for the cross site request forgery (CSRF) attack?
Each correct answer represents a complete solution. Choose all that apply.

• A. The attacker must determine the right values for all the form inputs.
• B. The attacker must target a site that doesn't check the referrer header.
• C. The target site should have limited lifetime authentication cookies.
• D. The target site should authenticate in GET and POST parameters, not only cookies.

Answer: AB

NEW QUESTION 17
You run the following PHP script:
<?php $name = mysql_real_escape_string($_POST["name"]);
$password = mysql_real_escape_string($_POST["password"]); ?>
What is the use of the mysql_real_escape_string() function in the above script.
Each correct answer represents a complete solution. Choose all that apply.

• A. It can be used to mitigate a cross site scripting attack.
• B. It can be used as a countermeasure against a SQL injection attack.
• C. It escapes all special characters from strings $_POST["name"] and $_POST["password"] except ' and ".
• D. It escapes all special characters from strings $_POST["name"] and $_POST["password"].

Answer: BD

NEW QUESTION 18
......