- All Exams Instant Download
system very easy?
The Heart bleed bug was discovered in 2014 and is widely referred to under MITRE's Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160.This bug affects the OpenSSL implementation of the Transport Layer Security (TLS) protocols defined in RFC6520. What type of key does this bug leave exposed to the Internet making...
…..is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been setup to eavesdrop on wireless communications. It is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or mobile phone to a tainted hotspot by posing as a legitimate provider. This type of attack maybe used to steal the passwords of unsuspecting users by either snooping the communication link or by phishing, which involves setting up a fraudulent website and luring people there.
…..is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been setup to eavesdrop on wireless communications. It is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or...
The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?
Jim's company regularly performs backups of their critical servers. But the company cannot afford to send backup tapes to an off-site vendor for long-term storage and archiving. Instead, Jim's company keeps the backup tapes in a safe in the office. Jim’s company is audited each year, and the results from...
How can he use it?
A hacker has managed to gain access to a Linux host and stolen the password file from/etc/passwd. How can he use it?A . The file reveals the passwords to the root user only.B . The password file does not contain the passwords themselves.C . He cannot read it because it...
Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?
Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?A . Produces less false positivesB . Can identify unknown attacksC . Requires vendor updates for a new threatD . Cannot deal with encrypted network trafficView AnswerAnswer: B
PGP, SSL, and IKE are all examples of which type of cryptography?
PGP, SSL, and IKE are all examples of which type of cryptography?A . Hash AlgorithmB . DigestC . Secret KeyD . Public KeyView AnswerAnswer: D
What is the purpose of a demilitarized zone on a network?
What is the purpose of a demilitarized zone on a network?A . To scan all traffic coming through the DMZ to the internal networkB . To only provide direct access to the nodes within the DMZ and protect the network behind itC . To provide a place to put the...
What is the best Nmap command you will use?
You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly. What is the best Nmap command you will use?A . nmap -T4 -q 10.10.0.0/ 24B . nmap -T4 -F 10.10.0.0/ 24C . nmap -T4 -r 10.10.1.0/...
What sort of security breach is this policy attempting to mitigate?
A company's security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?A . Attempts by attackers to access the user and password information stored in the company'sB . Attempts by attackers to access...
Which file does the attacker need to modify?
An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to"www.MyPersonalBank.com", that the user is directed to a phishing site. Which file does the attacker need to modify?A . Boot.iniB . SudoersC . NetworksD . HostsView AnswerAnswer: D
