What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?

What is the BEST alternative if you discover that a rootkit has been installed on one of your computers?A . Copy the system files from a known good systemB . Perform a trap and traceC . Delete the files and try to determine the sourceD . Reload from a previous...

March 21, 2021 No Comments READ MORE +

Based on the above credentials, which of the following SQL commands are you expecting to be executed by the server, if there is indeed an SQL injection vulnerability?

Suppose that you test an application for the SQL injection vulnerability. You know that the backend database is based on Microsoft SQL Server. In the login/password form, you enter the following credentials: Username: attack' or 1»1 - Password: 123456 Based on the above credentials, which of the following SQL commands...

March 21, 2021 No Comments READ MORE +

What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it’s made on the provider’s environment?

What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it’s made on the provider’s environment?A . Behavioral basedB . Heuristics basedC . Honeypot basedD . Cloud basedView AnswerAnswer: D

March 20, 2021 No Comments READ MORE +

What command you would use?

You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?A . wireshark --fetch ''192.168.8*''B . wireshark --capture --local masked 192.168.8.0 ---range 24C . tshark -net...

March 20, 2021 No Comments READ MORE +

If you would use both brute force and dictionary methods combined together to have variation of words, what would you call such an attack?

In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment...

March 20, 2021 No Comments READ MORE +

It affected many Internet-facing services, which OS did it not directly affect?

Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing services, which OS did it not directly affect?A . LinuxB . UnixC . OS XD . WindowsView AnswerAnswer: D

March 20, 2021 No Comments READ MORE +

What is the type of vulnerability assessment solution that James employed in the above scenario?

An organization is performing a vulnerability assessment tor mitigating threats. James, a pen tester, scanned the organization by building an inventory of the protocols found on the organization's machines to detect which ports are attached to services such as an email server, a web server or a database server. After...

March 20, 2021 1 Comment READ MORE +

Which of the following is an extremely common IDS evasion technique in the web world?

Which of the following is an extremely common IDS evasion technique in the web world?A . SpywareB . SubnettingC . Unicode CharactersD . Port KnockingView AnswerAnswer: C

March 19, 2021 No Comments READ MORE +

Which of the following tools can be used for passive OS fingerprinting?

Which of the following tools can be used for passive OS fingerprinting?A . nmapB . tcpdumpC . tracertD . pingView AnswerAnswer: B

March 19, 2021 No Comments READ MORE +

How do you prevent DNS spoofing?

Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable...

March 19, 2021 No Comments READ MORE +