If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?

If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?A . CrB . CFC . CPD . CsPView AnswerAnswer: B

March 23, 2021 No Comments READ MORE +

Study the following log extract and identify the attack.

Study the following log extract and identify the attack. A . Hexcode AttackB . Cross Site ScriptingC . Multiple Domain Traversal AttackD . Unicode Directory Traversal AttackView AnswerAnswer: D

March 23, 2021 No Comments READ MORE +

What countermeasure is the company using to protect against rainbow tables?

Ethical backer jane Doe is attempting to crack the password of the head of the it department of ABC company. She Is utilizing a rainbow table and notices upon entering a password that extra characters are added to the password after submitting. What countermeasure is the company using to protect...

March 23, 2021 No Comments READ MORE +

What command is used to determine if the entry is present in DNS cache?

DNS cache snooping is a process of determining if the specified resource address is present in the DNS cache records. It may be useful during the examination of the network to determine what software update resources are used, thus discovering what software is installed. What command is used to determine...

March 23, 2021 No Comments READ MORE +

Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.

Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.A . LDAP Injection attackB . Cross-Site Scripting (XSS)C . SQL injection attackD . Cross-Site Request Forgery (CSRF)View AnswerAnswer: B

March 23, 2021 No Comments READ MORE +

What is the online tool employed by Clark in the above scenario?

Clark, a professional hacker, was hired by an organization lo gather sensitive Information about its competitors surreptitiously. Clark gathers the server IP address of the target organization using Whole footprinting. Further, he entered the server IP address as an input to an online tool to retrieve information such as the...

March 23, 2021 No Comments READ MORE +

What is Eve trying to do?

Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command. What is Eve trying to do?A . Eve...

March 22, 2021 No Comments READ MORE +

Which of the following statements about a zone transfer is correct? (Choose three.)

Which of the following statements about a zone transfer is correct? (Choose three.)A . A zone transfer is accomplished with the DNSB . A zone transfer is accomplished with the nslookup serviceC . A zone transfer passes all zone information that a DNS server maintainsD . A zone transfer passes...

March 22, 2021 No Comments READ MORE +

What is the first step for a hacker conducting a DNS cache poisoning (DNS spoofing) attack against an organization?

What is the first step for a hacker conducting a DNS cache poisoning (DNS spoofing) attack against an organization?A . The attacker queries a nameserver using the DNS resolver.B . The attacker makes a request to the DNS resolver.C . The attacker forges a reply from the DNS resolver.D ....

March 22, 2021 No Comments READ MORE +

Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?

Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?A . To determine who is the holder of the root accountB . To perform a DoSC . To create needless SPAMD . To illicit...

March 22, 2021 No Comments READ MORE +