NEW QUESTION 1
You see the career section of a company's Web site and analyze the job profile requirements. You conclude that the company wants professionals who have a sharp knowledge of Windows server 2003 and Windows active directory installation and placement. Which of the following steps are you using to perform hacking?

• A. Scanning
• B. Covering tracks
• C. Reconnaissance
• D. Gaining access

Answer: C

NEW QUESTION 2
Adam works as a Security Administrator for Umbrella Technology Inc. He reported a breach in security to his senior members, stating that "security defenses has been breached and exploited for 2 weeks by hackers." The hackers had accessed and downloaded 50,000 addresses containing customer credit cards and passwords. Umbrella Technology was looking to law enforcement officials to protect their intellectual property.
The intruder entered through an employee's home machine, which was connected to Umbrella Technology's corporate VPN network. The application called BEAST Trojan was used in the attack to open a "back door" allowing the hackers undetected access. The security breach was discovered when customers complained about the usage of their credit cards without their knowledge.
The hackers were traced back to Shanghai, China through e-mail address evidence. The credit card information was sent to that same e-mail address. The passwords allowed the hackers to access Umbrella Technology's network from a remote location, posing as employees.
Which of the following actions can Adam perform to prevent such attacks from occurring in future?

• A. Allow VPN access but replace the standard authentication with biometric authentication
• B. Replace the VPN access with dial-up modem access to the company's network
• C. Disable VPN access to all employees of the company from home machines
• D. Apply different security policy to make passwords of employees more complex

Answer: C

NEW QUESTION 3
You are monitoring your network's behavior. You find a sudden increase in traffic on the network. It seems to come in bursts and emanate from one specific machine. You have been able to determine that a user of that machine is unaware of the activity and lacks the computer knowledge required to be responsible for a computer attack. What attack might this indicate?

• A. Spyware
• B. Ping Flood
• C. Denial of Service
• D. Session Hijacking

Answer: A

NEW QUESTION 4
Adam works as a Security Analyst for Umbrella Inc. Company has a Windows-based network. All computers run on Windows XP. Manager of the Sales department complains Adam about the unusual behavior of his computer. He told Adam that some pornographic contents are suddenly appeared on his computer overnight. Adam suspects that some malicious software or Trojans have been installed on the computer. He runs some diagnostics programs and Port scanners and found that the Port 12345, 12346, and 20034 are open. Adam also noticed some tampering with the Windows registry, which causes one application to run every time when Windows start.
Which of the following is the most likely reason behind this issue?

• A. Cheops-ng is installed on the computer.
• B. Elsave is installed on the computer.
• C. NetBus is installed on the computer.
• D. NetStumbler is installed on the computer.

Answer: C

NEW QUESTION 5
You are hired as a Database Administrator for Jennifer Shopping Cart Inc. You monitor the server health through the System Monitor and found that there is a sudden increase in the number of logins.
A case study is provided in the exhibit. Which of the following types of attack has occurred? (Click the Exhibit button on the toolbar to see the case study.)

• A. Injection
• B. Virus
• C. Worm
• D. Denial-of-service

Answer: D

NEW QUESTION 6
Adam, a malicious hacker, wants to perform a reliable scan against a remote target. He is not concerned about being stealth at this point.
Which of the following type of scans would be most accurate and reliable?

• A. UDP sacn
• B. TCP Connect scan
• C. ACK scan
• D. Fin scan

Answer: B

NEW QUESTION 7
John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?

• A. RPC
• B. IDLE
• C. UDP
• D. TCP SYN/ACK

Answer: B

NEW QUESTION 8
You work as a System Administrator in SunSoft Inc. You are running a virtual machine on Windows Server 2003. The virtual machine is protected by DPM. Now, you want to move the virtual machine to another host. Which of the following steps can you use to accomplish the task?
Each correct answer represents a part of the solution. Choose all that apply.

• A. Remove the original virtual machine from the old server and stop the protection for the original virtual machine.
• B. Run consistency check.
• C. Add the copied virtual machine to a protection group.
• D. Copy the virtual machine to the new server.

Answer: ACD

NEW QUESTION 9
Which of the following attacks capture the secret value like a hash and reuse it later to gain access to a system without ever decrypting or decoding the hash?

• A. Cross Site Scripting attack
• B. Replay attack
• C. Rainbow attack
• D. Hashing attack

Answer: B

NEW QUESTION 10
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server. The output of the scanning test is as follows:
C:\whisker.pl -h target_IP_address
-- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = - =
= Host: target_IP_address
= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1
mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22
+ 200 OK: HEAD /cgi-bin/printenv
John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server. Which of the following statements about 'Printenv' vulnerability are true?
Each correct answer represents a complete solution. Choose all that apply.

• A. This vulnerability helps in a cross site scripting attack.
• B. 'Printenv' vulnerability maintains a log file of user activities on the Website, which may be useful for the attacker.
• C. The countermeasure to 'printenv' vulnerability is to remove the CGI script.
• D. With the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other malicious scripts.

Answer: ACD

NEW QUESTION 11
Which of the following is the method of hiding data within another media type such as graphic or document?

• A. Spoofing
• B. Steganography
• C. Packet sniffing
• D. Cryptanalysis

Answer: B

NEW QUESTION 12
Which of the following characters will you use to check whether an application is vulnerable to an SQL injection attack?

• A. Dash (-)
• B. Double quote (")
• C. Single quote (')
• D. Semi colon (;)

Answer: C

NEW QUESTION 13
Which of the following systems is used in the United States to coordinate emergency preparedness and incident management among various federal, state, and local agencies?

• A. US Incident Management System (USIMS)
• B. National Disaster Management System (NDMS)
• C. National Emergency Management System (NEMS)
• D. National Incident Management System (NIMS)

Answer: D

NEW QUESTION 14
Against which of the following does SSH provide protection?
Each correct answer represents a complete solution. Choose two.

• A. DoS attack
• B. IP spoofing
• C. Password sniffing
• D. Broadcast storm

Answer: BC

NEW QUESTION 15
Which of the following can be used as a Trojan vector to infect an information system?
Each correct answer represents a complete solution. Choose all that apply.

• A. NetBIOS remote installation
• B. Any fake executable
• C. Spywares and adware
• D. ActiveX controls, VBScript, and Java scripts

Answer: ABCD

NEW QUESTION 16
Which of the following is designed to protect the Internet resolvers (clients) from forged DNS data created by DNS cache poisoning?

• A. Stub resolver
• B. BINDER
• C. Split-horizon DNS
• D. Domain Name System Extension (DNSSEC)

Answer: D

NEW QUESTION 17
You are the Administrator for a corporate network. You are concerned about denial of service attacks.
Which of the following measures would be most helpful in defending against a Denial-of-Service (DoS) attack?

• A. Implement network based antivirus.
• B. Place a honey pot in the DMZ.
• C. Shorten the timeout for connection attempts.
• D. Implement a strong password policy.

Answer: C

NEW QUESTION 18
......