EMT Practice Test

1. Question Content...


Question List

Question1: Which of the following characters will you use to check whether an application is vulnerable to an SQL injection
attack?

Question2: Which of the following Nmap commands is used to perform a UDP port scan?

Question3: Which of the following is the process of comparing cryptographic hash functions of system executables and configuration files?

Question4: In which of the following methods does an hacker use packet sniffing to read network traffic between two parties to steal the session cookies?

Question5: Which of the following are the automated tools that are used to perform penetration testing?
Each correct answer represents a complete solution. Choose two.

Question6: SIMULATION
Fill in the blank with the appropriate word.
StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use
______ defense against buffer overflow attacks.

Question7: Which of the following refers to applications or files that are not classified as viruses or Trojan horse programs, but can still negatively affect the performance of the computers on your network and introduce significant security risks to your organization?

Question8: Which of the following functions can be used as a countermeasure to a Shell Injection attack?
Each correct answer represents a complete solution. Choose all that apply.

Question9: Which of the following is used to determine the operating system on the remote computer in a network environment?

Question10: Victor works as a professional Ethical Hacker for SecureNet Inc. He wants to use Steganographic file system method to
encrypt and hide some secret information. Which of the following disk spaces will he use to store this secret
information?
Each correct answer represents a complete solution. Choose all that apply.

Question11: You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company
wants to fix potential vulnerabilities existing on the tested systems. You use Nessus as a vulnerability scanning
program to fix the vulnerabilities. Which of the following vulnerabilities can be fixed using Nessus?
Each correct answer represents a complete solution. Choose all that apply.

Question12: You run the following command while using Nikto Web scanner:
perl nikto.pl -h 192.168.0.1 -p 443
What action do you want to perform?

Question13: Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement two-factor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective.
Which of the following types of hardware devices will Adam use to implement two-factor authentication?

Question14: You are hired as a Database Administrator for Jennifer Shopping Cart Inc. You monitor the server health through the System Monitor and found that there is a sudden increase in the number of logins.
Which of the following types of attack has occurred?

Question15: Against which of the following does SSH provide protection?
Each correct answer represents a complete solution. Choose two.

Question16: Which of the following types of rootkits replaces regular application binaries with Trojan fakes and modifies the
behavior of existing applications using hooks, patches, or injected code?

Question17: You are the Security Consultant and have been hired to check security for a client's network. Your client has stated
that he has many concerns but the most critical is the security of Web applications on their Web server. What should
be your highest priority then in checking his network?

Question18: Which of the following statements are correct about spoofing and session hijacking?
Each correct answer represents a complete solution. Choose all that apply.

Question19: You work as a professional Ethical Hacker. You are assigned a project to test the security of www.weare-secure.com.
You somehow enter in we-are-secure Inc. main server, which is Windows based.
While you are installing the NetCat tool as a backdoor in the we-are-secure server, you see the file credit.dat having
the list of credit card numbers of the company's employees. You want to transfer the credit.dat file in your local
computer so that you can sell that information on the internet in the good price. However, you do not want to send
the contents of this file in the clear text format since you do not want that the Network Administrator of the we-are-
secure Inc. can get any clue of the hacking attempt. Hence, you decide to send the content of the credit.dat file in the
encrypted format. What steps should you take to accomplish the task?

Question20: Which of the following is used to determine the operating system on the remote computer in a network
environment?

Question21: Victor works as a professional Ethical Hacker for SecureEnet Inc. He wants to scan the wireless network of the
company. He uses a tool that is a free open-source utility for network exploration. The tool uses raw IP packets to
determine the following:
What ports are open on our network systems.
What hosts are available on the network.
Identify unauthorized wireless access points.
What services (application name and version) those hosts are offering.
What operating systems (and OS versions) they are running.
What type of packet filters/firewalls are in use.
Which of the following tools is Victor using?

Question22: Which of the following functions in c/c++ can be the cause of buffer overflow?
Each correct answer represents a complete solution. Choose two.

Question23: Which of the following controls is described in the statement given below?
"It ensures that the enforcement of organizational security policy does not rely on voluntary web application user compliance. It secures information by assigning sensitivity labels on information and comparing this to the level of security a user is operating at."

Question24: Which of the following attacks capture the secret value like a hash and reuse it later to gain access to a system without ever decrypting or decoding the hash?

Question25: Which of the following applications automatically calculates cryptographic hashes of all key system files that are to be monitored for modifications?

Question26: John works as a Network Administrator for We-are-secure Inc. He finds that TCP port 7597 of the Weare- secure
server is open. He suspects that it may be open due to a Trojan installed on the server. He presents a report to the
company describing the symptoms of the Trojan. A summary of the report is given below:
Once this Trojan has been installed on the computer, it searches Notpad.exe, renames it Note.com, and then copies
itself to the computer as Notepad.exe. Each time Notepad.exe is executed, the Trojan executes and calls the original
Notepad to avoid being noticed.
Which of the following Trojans has the symptoms as the one described above?

Question27: You are the Administrator for a corporate network. You are concerned about denial of service attacks. Which of the
following measures would be most helpful in defending against a Denial-of-Service (DoS) attack?

Question28: Which of the following US Acts emphasized a "risk-based policy for cost-effective security" and makes mandatory for agency program officials, chief information officers, and inspectors general (IGs) to conduct annual reviews of the agency's information security program and report the results to Office of Management and Budget?

Question29: What is the purpose of configuring a password protected screen saver on a computer?

Question30: Which of the following statements is true about the difference between worms and Trojan horses?

Question31: Which of the following applications is an example of a data-sending Trojan?

Question32: In which of the following malicious hacking steps does email tracking come under?

Question33: Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. Choose all that apply.

Question34: You are concerned about rootkits on your network communicating with attackers outside your network. Without
using an IDS how can you detect this sort of activity?

Question35: Which of the following systems is used in the United States to coordinate emergency preparedness and incident management among various federal, state, and local agencies?

Question36: You are monitoring your network's behavior. You find a sudden increase in traffic on the network. It seems to come in
bursts and emanate from one specific machine. You have been able to determine
that a user of that machine is unaware of the activity and lacks the computer knowledge required to be responsible
for a computer attack. What attack might this indicate?

Question37: Which of the following functions can you use to mitigate a command injection attack?
Each correct answer represents a part of the solution. Choose all that apply.

Question38: Which of the following attacks allows an attacker to sniff data frames on a local area network (LAN) or stop the traffic altogether?

Question39: Which of the following tools is used for vulnerability scanning and calls Hydra to launch a dictionary attack?

Question40: Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to test the network security of the company. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a company's icon to mark the progress of the test. Adam successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access.
How was security compromised and how did the firewall respond?

Question41: Adam works as a Security Analyst for Umbrella Inc. Company has a Windows-based network. All computers run on Windows XP. Manager of the Sales department complains Adam about the unusual behavior of his computer. He told Adam that some pornographic contents are suddenly appeared on his computer overnight. Adam suspects that some malicious software or Trojans have been installed on the computer. He runs some diagnostics programs and Port scanners and found that the Port 12345, 12346, and 20034 are open. Adam also noticed some tampering with the Windows registry, which causes one application to run every time when Windows start.
Which of the following is the most likely reason behind this issue?

Question42: You work as a System Administrator in SunSoft Inc. You are running a virtual machine on Windows Server
2003. The virtual machine is protected by DPM. Now, you want to move the virtual machine to another host.
Which of the following steps can you use to accomplish the task?
Each correct answer represents a part of the solution. Choose all that apply.

Question43: You are responsible for security at a company that uses a lot of Web applications. You are most concerned about flaws in those applications allowing some attacker to get into your network. What method would be best for finding such flaws?

Question44: Which of the following is a version of netcat with integrated transport encryption capabilities?

Question45: You discover that all available network bandwidth is being used by some unknown service. You discover that UDP packets are being used to connect the echo service on one machine to the chargen service on another machine. What kind of attack is this?

Question46: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-
secure.com. He has successfully completed the following steps of the pre-attack phase:
* Information gathering
* Determining network range
* Identifying active machines
* Finding open ports and applications
* OS fingerprinting
* Fingerprinting services
Now John wants to perform network mapping of the We-are-secure network. Which of the following tools can he use
to accomplish his task?
Each correct answer represents a complete solution. Choose all that apply.

Question47: Adam works as an Incident Handler for Umbrella Inc. His recent actions towards the incident are not up to the standard norms of the company. He always forgets some steps and procedures while handling responses as they are very hectic to perform.
Which of the following steps should Adam take to overcome this problem with the least administrative effort?

Question48: US Garments wants all encrypted data communication between corporate office and remote location.
They want to achieve following results:
l Authentication of users
l Anti-replay
l Anti-spoofing
l IP packet encryption
They implemented IPSec using Authentication Headers (AHs). Which results does this solution provide?
Each correct answer represents a complete solution. Choose all that apply.

Question49: Which of the following statements is true about a Trojan engine?

Question50: You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the
events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise
network. Which of the following phases of the Incident handling process should you follow next to handle this
incident?

Question51: You work as a System Administrator in SunSoft Inc. You are running a virtual machine on Windows Server 2003. The
virtual machine is protected by DPM. Now, you want to move the virtual machine to another host. Which of the
following steps can you use to accomplish the task?
Each correct answer represents a part of the solution. Choose all that apply.

Question52: You see the career section of a company's Web site and analyze the job profile requirements. You conclude that the company wants professionals who have a sharp knowledge of Windows server 2003 and Windows active directory installation and placement. Which of the following steps are you using to perform hacking?

Question53: Which of the following attacks capture the secret value like a hash and reuse it later to gain access to a system without ever decrypting or decoding the hash?

Question54: You are concerned about rootkits on your network communicating with attackers outside your network. Without using an IDS how can you detect this sort of activity?

Question55: Maria works as a professional Ethical Hacker. She has been assigned the project of testing the
security of www.gentech.com. She is using dumpster diving to gather information about Gentech Inc.
In which of the following steps of malicious hacking does dumpster diving come under?

Question56: Which of the following Denial-of-Service (DoS) attacks employ IP fragmentation mechanism?
Each correct answer represents a complete solution. Choose two.

Question57: You want to perform passive footprinting against we-are-secure Inc. Web server. Which of the following tools will you use?

Question58: Fill in the blank with the appropriate term.
______ is a technique used to make sure that incoming packets are actually from the networks that they claim to be from.

Question59: Adam works as a Security administrator for Umbrella Inc. He runs the following traceroute and notices that hops 19 and 20 both show the same IP address.
1 172.16.1.254 (172.16.1.254) 0.724 ms 3.285 ms 0.613 ms 2 ip68-98-176-1.nv.nv.cox.net (68.98.176.1) 12.169 ms 14.958 ms 13.416 ms 3 ip68-98-176-1.nv.nv.cox.net (68.98.176.1) 13.948 ms ip68-100-0-1.nv.nv. cox.net (68.100.0.1) 16.743 ms 16.207 ms 4 ip68-100-0-
137.nv.nv.cox.net (68.100.0.137) 17.324 ms 13.933 ms 20.938 ms 5 68.1.1.4 (68.1.1.4) 12.439 ms 220.166 ms 204.170 ms
6 so-6-0-0.gar2.wdc1.Level3.net (67.29.170.1) 16.177 ms 25.943 ms 14.104 ms 7 unknown.Level3.net (209.247.9.173) 14.227 ms 17.553 ms 15.415 ms "PassGuide" - 8 so-0-1-
0.bbr1.NewYork1.level3.net (64.159.1.41) 17.063 ms 20.960 ms 19.512 ms 9 so-7-0-0.gar1.
NewYork1.Level3.net (64.159.1.182) 20.334 ms 19.440 ms 17.938 ms 10 so-4-0-
0.edge1.NewYork1.Level3.
net (209.244.17.74) 27.526 ms 18.317 ms 21.202 ms 11 uunet-level3- oc48.NewYork1.Level3.net (209.244.160.12) 21.411 ms 19.133 ms 18.830 ms 12 0.so-6-0-0.XL1.NYC4.ALTER.NET (152.63.21.78)
21.203 ms 22.670 ms 20.111 ms 13 0.so-2-0-0.TL1.NYC8.ALTER.NET (152.63.0.153) 30.929 ms 24.858 ms
23.108 ms 14 0.so-4-1-0.TL1.ATL5.ALTER.NET (152.63.10.129) 37.894 ms 33.244 ms
33.910 ms 15 0.so-7-0-0.XL1.MIA4.ALTER.NET (152.63.86.189) 51.165 ms 49.935 ms
49.466 ms 16 0.so-3-0-0.XR1.MIA4.ALTER.
NET (152.63.101.41) 50.937 ms 49.005 ms 51.055 ms 17 117.ATM6- 0.GW5.MIA1.ALTER.NET (152.63.82.73) 51.897 ms 50.280 ms 53.647 ms 18 PassGuidegw1. customer.alter.net (65.195.239.14)
51.921 ms 51.571 ms 56.855 ms 19 www.PassGuide.com (65.195.239.22) 52.191 ms 52.571 ms 56.855 ms 20 www.PassGuide.com (65.195.239.22) 53.561 ms 54.121 ms 58.333 ms Which of the following is the most like cause of this issue?

Question60: John works as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network.
The company is aware of various types of security attacks and wants to impede them. Hence, management has assigned John a project to port scan the company's Web Server. For this, he uses the nmap port scanner and issues the following command to perform idle port scanning:
nmap -PN -p- -sI IP_Address_of_Company_Server
He analyzes that the server's TCP ports 21, 25, 80, and 111 are open.
Which of the following security policies is the company using during this entire process to mitigate the risk of hacking attacks?

Question61: Which of the following are the limitations for the cross site request forgery (CSRF) attack?
Each correct answer represents a complete solution. Choose all that apply.

Question62: You work as a System Administrator for Happy World Inc. Your company has a server named uC1 that runs Windows
Server 2008. The Windows Server virtualization role service is installed on the uC1 server which hosts one virtual
machine that also runs Windows Server 2008. You are required to install a new application on the virtual machine.
You need to ensure that in case of a failure of the application installation, you are able to quickly restore the virtual
machine to its original state.
Which of the following actions will you perform to accomplish the task?

Question63: Which of the following penetration testing phases involves reconnaissance or data gathering?

Question64: Which of the following applications automatically calculates cryptographic hashes of all key system files that are to be
monitored for modifications?

Question65: Which of the following is executed when a predetermined event occurs?

Question66: You work as a Network Administrator for InformSec Inc. You find that the TCP port number 23476 is open on your server. You suspect that there may be a Trojan named Donald Dick installed on your server. Now you want to verify whether Donald Dick is installed on it or not. For this, you want to know the process running on port 23476, as well as the process id, process name, and the path of the process on your server. Which of the following applications will you most likely use to accomplish the task?

Question67: Which of the following viruses/worms uses the buffer overflow attack?

Question68: Which of the following ensures that a party to a dispute cannot deny the authenticity of their signature on a
document or the sending of a message that they originated?

Question69: Which of the following attacks involves multiple compromised systems to attack a single target?

Question70: Which of the following programs is used for bypassing normal authentication for securing remote access to a computer?

Question71: Which of the following takes control of a session between a server and a client using TELNET, FTP, or any other non-encrypted TCP/IP utility?

Question72: Which of the following are types of access control attacks?
Each correct answer represents a complete solution. Choose all that apply.

Question73: Which of the following are based on malicious code?
Each correct answer represents a complete solution. Choose two.

Question74: You run the following bash script in Linux:
for i in 'cat hostlist.txt' ;do
nc -q 2 -v $i 80 < request.txt done
Where, hostlist.txt file contains the list of IP addresses and request.txt is the output file. Which of the following tasks do you want to perform by running this script?

Question75: Adam works as a Network administrator for Umbrella Inc. He noticed that an ICMP ECHO requests is coming from
some suspected outside sources. Adam suspects that some malicious hacker is trying to perform ping sweep attack on
the network of the company. To stop this malicious activity, Adam blocks the ICMP ECHO request from any outside
sources.
What will be the effect of the action taken by Adam?

Question76: Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?

Question77: You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?

Question78: Which of the following penetration testing phases involves reconnaissance or data gathering?

Question79: Which of the following techniques is used when a system performs the penetration testing with the objective of accessing unauthorized information residing inside a computer?

Question80: Which of the following penetration testing phases involves reconnaissance or data gathering?

Question81: Which of the following types of channels is used by Trojans for communication?

Question82: Against which of the following does SSH provide protection?
Each correct answer represents a complete solution. Choose two.

Question83: John works as a Professional Penetration Tester. He has been assigned a project to test the Website security of
www.we-are-secure Inc. On the We-are-secure Website login page, he enters ='or''=' as a username and successfully
logs on to the user page of the Web site. Now, John asks the we-aresecure Inc. to improve the login page PGIAC script.
Which of the following suggestions can John give to improve the security of the we-are-secure Website login page
from the SQL injection attack?

Question84: Which of the following is a network worm that exploits the RPC sub-system vulnerability present in the Microsoft Windows operating system?

Question85: Which of the following rootkits adds additional code or replaces portions of an operating system, including both the kernel and associated device drivers?

Question86: Which of the following malicious code can have more than one type of trigger, multiple task capabilities, and can replicate itself in more than one manner?

Question87: SIMULATION
Fill in the blank with the appropriate term.
_______is the practice of monitoring and potentially restricting the flow of information outbound from one network to another

Question88: Which of the following takes control of a session between a server and a client using TELNET, FTP, or any other non-encrypted TCP/IP utility?

Question89: Which of the following types of attacks come under the category of hacker attacks?
Each correct answer represents a complete solution. Choose all that apply.

Question90: Which of the following tools can be used for network sniffing as well as for intercepting conversations through session hijacking?

Question91: Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?

Question92: Which of the following procedures is designed to enable security personnel to identify, mitigate, and recover from
malicious computer incidents, such as unauthorized access to a system or data, denialof-service, or unauthorized
changes to system hardware, software, or data?

Question93: Which of the following are the automated tools that are used to perform penetration testing?
Each correct answer represents a complete solution. Choose two.

Question94: Which of the following applications is NOT used for passive OS fingerprinting?

Question95: You are the Administrator for a corporate network. You are concerned about denial of service attacks.
Which of the following would be the most help against Denial of Service (DOS) attacks?

Question96: You work as a Network Administrator for InformSec Inc. You find that the TCP port number 23476 is open on your server. You suspect that there may be a Trojan named Donald Dick installed on your server. Now you want to verify whether Donald Dick is installed on it or not. For this, you want to know the process running on port 23476, as well as the process id, process name, and the path of the process on your server. Which of the following applications will you most likely use to accomplish the task?

Question97: Which of the following is used to gather information about a remote network protected by a firewall?

Question98: You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 Active Directory-based single domain single forest network. The company has three Windows 2008 file servers,
150 Windows XP Professional, thirty UNIX-based client computers. The network users have identical user accounts for both Active Directory and the UNIX realm. You want to ensure that the UNIX clients on the network can access the file servers. You also want to ensure that the users are able to access all resources by logging on only once, and that no additional software is installed on the UNIX clients. What will you do to accomplish this task?
Each correct answer represents a part of the solution. Choose two.

Question99: John works as a Professional Penetration Tester. He has been assigned a project to test the Website security of www.we-are-secure Inc. On the We-are-secure Website login page, he enters ='or''=' as a username and successfully logs on to the user page of the Web site. Now, John asks the we-aresecure Inc. to improve the login page PHP script. Which of the following suggestions can John give to improve the security of the we-are-secure Website login page from the SQL injection attack?

Question100: Adam, a malicious hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct Man-in-The-Middle attack.
Which of the following is the destination MAC address of a broadcast frame?

Question101: Adam works as an Incident Handler for Umbrella Inc. He is informed by the senior authorities that the server of the
marketing department has been affected by a malicious hacking attack. Supervisors are also claiming that some
sensitive data are also stolen.
Adam immediately arrived to the server room of the marketing department and identified the event as an incident.
He isolated the infected network from the remaining part of the network and started preparing to image the entire
system. He captures volatile data, such as running process, ram, and network connections.
Which of the following steps of the incident handling process is being performed by Adam?

Question102: You work as a professional Ethical Hacker. You are assigned a project to test the security of www.weare- secure.com. You somehow enter in we-are-secure Inc. main server, which is Windows based.
While you are installing the NetCat tool as a backdoor in the we-are-secure server, you see the file credit.dat having the list of credit card numbers of the company's employees. You want to transfer the credit.dat file in your local computer so that you can sell that information on the internet in the good price.
However, you do not want to send the contents of this file in the clear text format since you do not want that the Network Administrator of the we-are-secure Inc. can get any clue of the hacking attempt. Hence, you decide to send the content of the credit.dat file in the encrypted format.
What steps should you take to accomplish the task?

Question103: Maria works as the Chief Security Officer for PassGuide Inc. She wants to send secret messages to the CEO of the company. To secure these messages, she uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'. What technique is Maria using?

Question104: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He finds that the We-are-secure server is vulnerable to attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against __________.

Question105: Which of the following is an Internet mapping technique that relies on various BGP collectors that collect information
such as routing updates and tables and provide this information publicly?

Question106: Which of the following Trojans is used by attackers to modify the Web browser settings?

Question107: Maria works as a professional Ethical Hacker. She is assigned a project to test the security of www.we-are- secure.com. She wants to test a DoS attack on the We-are-secure server. She finds that the firewall of the server is blocking the ICMP messages, but it is not checking the UDP packets. Therefore, she sends a large amount of UDP echo request traffic to the IP broadcast addresses. These UDP requests have a spoofed source address of the We-are-secure server. Which of the following DoS attacks is Maria using to accomplish her task?

Question108: Adam works as a Network Administrator for PassGuide Inc. He wants to prevent the network from DOS attacks. Which of the following is most useful against DOS attacks?

Question109: An attacker sends a large number of packets to a target computer that causes denial of service.
Which of the following type of attacks is this?

Question110: John works as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company uses Check Point SmartDefense to provide security to the network of the company. On the HTTP servers of the company, John defines a rule for dropping any kind of userdefined URLs. Which of the following types of attacks can be prevented by dropping the user-defined URLs?

Question111: You want to create an SSH tunnel for POP and SMTP protocols. Which of the following commands will you run?

Question112: Which of the following attacks can be overcome by applying cryptography?

Question113: You want to connect to your friend's computer and run a Trojan on it. Which of the following tools will you use to accomplish the task?

Question114: Which of the following malicious software travels across computer networks without the assistance of a user?

Question115: US Garments wants all encrypted data communication between corporate office and remote location.
They want to achieve following results:
* l Authentication of users
* l Anti-replay
* l Anti-spoofing
* l IP packet encryption
They implemented IPSec using Authentication Headers (AHs). Which results does this solution provide?
Each correct answer represents a complete solution. Choose all that apply.

Question116: John, a novice web user, makes a new E-mail account and keeps his password as "apple", his favorite fruit.
John's password is vulnerable to which of the following password cracking attacks?
Each correct answer represents a complete solution. Choose all that apply.

Question117: In which of the following attacks does an attacker use packet sniffing to read network traffic between two parties to steal the session cookie?

Question118: Which of the following are countermeasures to prevent unauthorized database access attacks?
Each correct answer represents a complete solution. Choose all that apply.

Question119: Which of the following commands is used to access Windows resources from Linux workstation?

Question120: Which of the following takes control of a session between a server and a client using TELNET, FTP, or any other non-encrypted TCP/IP utility?

Question121: Which of the following is a technique for creating Internet maps?
Each correct answer represents a complete solution. Choose two.

Question122: You discover that all available network bandwidth is being used by some unknown service. You discover that UDP packets are being used to connect the echo service on one machine to the chargen service on another machine. What kind of attack is this?

Question123: Fill in the blank with the appropriate name of the rootkit.
A _______ rootkit uses device or platform firmware to create a persistent malware image.

Question124: You work as a Security Administrator for Net Perfect Inc. The company has a Windows-based network. You want to use a scanning technique which works as a reconnaissance attack. The technique should direct to a specific host or network to determine the services that the host offers.
Which of the following scanning techniques can you use to accomplish the task?

Question125: Which of the following commands can be used for port scanning?

Question126: Which of the following tools can be used to detect the steganography?

Question127: When you conduct the XMAS scanning using Nmap, you find that most of the ports scanned do not give a response. What can be the state of these ports?

Question128: You want to measure the number of heaps used and overflows occurred at a point in time. Which of the following commands will you run to activate the appropriate monitor?

Question129: Which of the following statements are true about netcat?
Each correct answer represents a complete solution. Choose all that apply.

Question130: Which of the following types of skills are required in the members of an incident handling team?
Each correct answer represents a complete solution. Choose all that apply.

Question131: What is the purpose of configuring a password protected screen saver on a computer?

Question132: Adam, a malicious hacker is running a scan. Statistics of the scan is as follows:
Scan directed at open port: ClientServer
192.5.2.92:4079 ---------FIN--------->192.5.2.110:23192.5.2.92:4079 <----NO RESPONSE--
---192.5.2.110:23
Scan directed at closed port:
ClientServer
192.5.2.92:4079 ---------FIN--------->192.5.2.110:23
192.5.2.92:4079<-----RST/ACK----------192.5.2.110:23
Which of the following types of port scan is Adam running?

Question133: John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He has successfully completed the following steps of the pre-attack phase:
l Information gathering
l Determining network range
l Identifying active machines
l Finding open ports and applications
l OS fingerprinting
l Fingerprinting services
Now John wants to perform network mapping of the We-are-secure network. Which of the following tools can he use to accomplish his task?
Each correct answer represents a complete solution. Choose all that apply.

Question134: You work as a Network Administrator in the SecureTech Inc. The SecureTech Inc. is using Linux-based server.
Recently, you have updated the password policy of the company in which the server will disable passwords after four trials. What type of attack do you want to stop by enabling this policy?

Question135: Which of the following tools uses common UNIX/Linux tools like the strings and grep commands to search core system programs for signatures of the rootkits?