Question No : 1
A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different
sites. 77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the
ICMP_ECHO packets had an ICMP ID:0 and Seq:0. What can you infer from this
information?
A. The packets were sent by a worm spoofing the IP addresses of 47 infected sites
B. ICMP ID and Seq numbers were most likely set by a tool and not by the operating
system
C. All 77 packets came from the same LAN segment and hence had the same ICMP ID
and Seq number
D. 13 packets were from an external network and probably behind a NAT, as they had an
ICMP ID 0 and Seq 0
Answer: B
Topic 4, Enumeration
Question No : 2
Bob is acknowledged as a hacker of repute and is popular among visitors of
“underground” sites. Bob is willing to share his knowledge with those who are
willing to learn, and many have expressed their interest in learning from him.
However, this knowledge has a risk associated with it, as it can be used for
malevolent attacks as well.
In this context, what would be the most affective method to bridge the knowledge
gap between the “black” hats or crackers and the “white” hats or computer security
professionals? (Choose the test answer)
A. Educate everyone with books, articles and training on risk analysis, vulnerabilities and
safeguards.
B. Hire more computer security monitoring personnel to monitor computer systems and
networks.
C. Make obtaining either a computer security certification or accreditation easier to achievecso more individuals feel that they are a part of something larger than life.
D. Train more National Guard and reservist in the art of computer security to help out in
times of emergency or crises.
Answer: A
Explanation:
Bridging the gap would consist of educating the white hats and the black hats equally so
that their knowledge is relatively the same. Using books, articles, the internet, and
professional training seminars is a way of completing this goal.
Topic 6, Trojans and Backdoors
Question No : 3
You have hidden a Trojan file virus.exe inside another file readme.txt using NTFS
streaming.
Which command would you execute to extract the Trojan to a standalone file?
A. c:\> type readme.txt:virus.exe > virus.exe
B. c:\> more readme.txt | virus.exe > virus.exe
C. c:\> cat readme.txt:virus.exe > virus.exe
D. c:\> list redme.txt$virus.exe > virus.exe
Answer: C
Explanation:
cat will concatenate, or write, the alternate data stream to its own file named
virus.exe
Question No : 4
What would best be defined as a security test on services against a known
vulnerability database using an automated tool?
A. A penetration test
B. A privacy review
C. A server audit
D. A vulnerability assessment
Answer: D
Explanation:
Vulnerability assessment is the process of identifying and quantifying
vulnerabilities in a system. The system being studied could be a physical facility like a
nuclear power plant, a computer system, or a larger system (for example the
communications infrastructure or water infrastructure of a region).
Question No : 5
____________ will let you assume a users identity at a dynamically generated web
page or site.
A. SQL attack
B. Injection attack
C. Cross site scripting
D. The shell attack
E. Winzapper
Answer: C
Explanation:
Cross site scripting is also referred to as XSS or CSS. You must know the
user is online and you must scam that user into clicking on a link that you have sent in
order for this hack attack to work.
No comments:
Post a Comment