EMT Practice Test
1. Question Content...
Question2: Fingerprinting an Operating System helps a cracker because:
Question10: What tool can crack Windows SMB passwords simply by listening to network traffic?
Question11: Which of the following statements is FALSE with respect to Intrusion Detection Systems?
Question19: Which of the following tools can be used for passive OS fingerprinting?
Question30: Which of the following are well known password-cracking programs?
Question56: What is the purpose of DNS AAAA record?
Question60: Study the following log extract and identify the attack.
Question61: Which DNS resource record can indicate how long any "DNS poisoning" could last?
Question74: Which tool can be used to silently copy files from USB devices?
Question79: What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?
Question80: What is a "Collision attack" in cryptography?
Question85: In Trojan terminology, what is a covert channel?
Question87: How does a denial-of-service attack work?
Question88: Cross-site request forgery involves:
Question89: What is not a PCI compliance recommendation?
Question91: Which of the following describes the characteristics of a Boot Sector Virus?
Question95: Why should the security analyst disable/remove unnecessary ISAPI filters?
Question97: Which of the following Linux commands will resolve a domain name into IP address?
Question109: Which of these is capable of searching for and locating rogue access points?
Question125: You want to analyze packets on your wireless network. Which program would you use?
Question129: During an Xmas scan what indicates a port is closed?
Question139: Which of the following tactics uses malicious code to redirect users' web traffic?
Question156: What is correct about digital signatures?
Question164: What two conditions must a digital signature meet?
Question168: E-mail scams and mail fraud are regulated by which of the following?
Question169: Which of the following is the primary objective of a rootkit?
Question177: Why is a penetration test considered to be more thorough than vulnerability scan?





