- All Exams Instant Download
What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?
What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?A . Copy the system files from a known good systemB . Perform a trap and traceC . Delete the files and try to determine the sourceD . Reload from a previous...
Based on the above credentials, which of the following SQL commands are you expecting to be executed by the server, if there is indeed an SQL injection vulnerability?
Suppose that you test an application for the SQL injection vulnerability. You know that the backend database is based on Microsoft SQL Server. In the login/password form, you enter the following credentials: Username: attack' or 1»1 - Password: 123456 Based on the above credentials, which of the following SQL commands...
What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it’s made on the provider’s environment?
What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it’s made on the provider’s environment?A . Behavioral basedB . Heuristics basedC . Honeypot basedD . Cloud basedView AnswerAnswer: D
What command you would use?
You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?A . wireshark --fetch ''192.168.8*''B . wireshark --capture --local masked 192.168.8.0 ---range 24C . tshark -net...
If you would use both brute force and dictionary methods combined together to have variation of words, what would you call such an attack?
In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment...
It affected many Internet-facing services, which OS did it not directly affect?
Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing services, which OS did it not directly affect?A . LinuxB . UnixC . OS XD . WindowsView AnswerAnswer: D
What is the type of vulnerability assessment solution that James employed in the above scenario?
An organization is performing a vulnerability assessment tor mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols found on the organization's machines to detect which ports are attached to services such as an email server, a web server or a database server. After...
Which of the following is an extremely common IDS evasion technique in the web world?
Which of the following is an extremely common IDS evasion technique in the web world?A . SpywareB . SubnettingC . Unicode CharactersD . Port KnockingView AnswerAnswer: C
Which of the following tools can be used for passive OS fingerprinting?
Which of the following tools can be used for passive OS fingerprinting?A . nmapB . tcpdumpC . tracertD . pingView AnswerAnswer: B
How do you prevent DNS spoofing?
Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable...
