- All Exams Instant Download
Which of the following techniques is used by Joel in the above scenario?
Joel, a professional hacker, targeted a company and identified the types of websites frequently visited by its employees. Using this information, he searched for possible loopholes in these websites and injected a malicious script that can redirect users from the web page and download malware onto a victim's machine. Joel...
What protocol used on Linux servers to synchronize the time has stopped working?
Log monitoring tools performing behavioral analysis have alerted several suspicious logins on a Linux server occurring during non-business hours. After further examination of all login activities, it is noticed that none of the logins have occurred during typical work hours. A Linux administrator who is investigating this problem realizes the...
What is the hexadecimal value of NOP instruction?
You are programming a buffer overflow exploit and you want to create a NOP sled of 200 bytes in the program exploit.c What is the hexadecimal value of NOP instruction?A . 0x60B . 0x80C . 0x70D . 0x90View AnswerAnswer: D
If these switches' ARP cache is successfully flooded, what will be the result?
Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches. If these switches' ARP cache is successfully flooded, what will be the result?A . The switches will drop into hub mode if the ARP cache is successfully flooded.B...
Which of the following statements is TRUE?
Which of the following statements is TRUE?A . Packet Sniffers operate on the Layer 1 of the OSI model.B . Packet Sniffers operate on Layer 2 of the OSI model.C . Packet Sniffers operate on both Layer 2 & Layer 3 of the OSI model.D . Packet Sniffers operate on...
How would an attacker exploit this design by launching TCP SYN attack?
When a normal TCP connection starts, a destination host receives a SYN (synchronize/start) packet from a source host and sends back a SYN/ACK (synchronize acknowledge). The destination host must then hear an ACK (acknowledge) of the SYN/ACK before the connection is established. This is referred to as the "TCP three-way...
What is the name of the attack which is mentioned in the scenario?
Attacker creates a transparent 'iframe' in front of the URL which victim attempts to click, so victim thinks that he/she clicks to the 'Do you want to make $1000 in a day?' URL but actually he/she clicks to the content or URL that exists in the transparent 'iframe' which is...
Based on this information, what should be one of your key recommendations to the bank?
A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the...
What type of attack is this?
John is investigating web-application firewall logs and observers that someone is attempting to inject the following: char buff[10]; buff[>o] - 'a': What type of attack is this?A . CSRFB . XSSC . Buffer overflowD . SQL injectionView AnswerAnswer: C Explanation: Buffer overflow this attack is an anomaly that happens when...
What Wireshark filter will show the connections from the snort machine to kiwi syslog machine?
You are a Network Security Officer. You have two machines. The first machine (192.168.0.99) has snort installed, and the second machine (192.168.0.150) has kiwi syslog installed. You perform a syn scan in your network, and you notice that kiwi syslog is not receiving the alert message from snort. You decide...
