NEW QUESTION 1
Which of the following tools is used to download the Web pages of a Website on the local system?

• A. wget
• B. jplag
• C. Nessus
• D. Ettercap

Answer: A

NEW QUESTION 2
You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. An attacker uses software that keeps trying password combinations until the correct password is found. Which type of attack is this?

• A. Denial-of-Service
• B. Man-in-the-middle
• C. Brute Force
• D. Vulnerability

Answer: C

NEW QUESTION 3
Which of the following tools combines two programs, and also encrypts the resulting package in an attempt to foil antivirus programs?

• A. Trojan Man
• B. EliteWrap
• C. Tiny
• D. NetBus

Answer: A

NEW QUESTION 4
Which of the following programming languages are NOT vulnerable to buffer overflow attacks?
Each correct answer represents a complete solution. Choose two.

• A. C
• B. Java
• C. C++
• D. Perl

Answer: BD

NEW QUESTION 5
Which of the following applications automatically calculates cryptographic hashes of all key system files that are to be monitored for modifications?

• A. Tripwire
• B. TCPView
• C. PrcView
• D. Inzider

Answer: A

NEW QUESTION 6
You have forgotten your password of an online shop. The web application of that online shop asks you to enter your email so that they can send you a new password. You enter your email
you@gmail.com
And press the submit button.
The Web application displays the server error. What can be the reason of the error?

• A. You have entered any special character in email.
• B. Email entered is not valid.
• C. The remote server is down.
• D. Your internet connection is slow.

Answer: A

NEW QUESTION 7
Which of the following is the most common vulnerability that can affect desktop applications written in native code?

• A. SpyWare
• B. DDoS attack
• C. Malware
• D. Buffer overflow

Answer: D

NEW QUESTION 8
In which of the following attacks does the attacker gather information to perform an access attack?

• A. Land attack
• B. Reconnaissance attack
• C. Vulnerability attack
• D. DoS attack

Answer: B

NEW QUESTION 9
John visits an online shop that stores the IDs and prices of the items to buy in a cookie. After selecting the items that he wants to buy, the attacker changes the price of the item to 1.
Original cookie values:
ItemID1=2
ItemPrice1=900
ItemID2=1
ItemPrice2=200
Modified cookie values:
ItemID1=2
ItemPrice1=1
ItemID2=1
ItemPrice2=1
Now, he clicks the Buy button, and the prices are sent to the server that calculates the total price.
Which of the following hacking techniques is John performing?

• A. Computer-based social engineering
• B. Man-in-the-middle attack
• C. Cross site scripting
• D. Cookie poisoning

Answer: D

NEW QUESTION 10
910 ms 15 0.so-7-0-0.XL1.MIA4.ALTER.NET (152.63.86.189) 51.165 ms 49.935 ms

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 11
You want to perform passive footprinting against we-are-secure Inc. Web server. Which of the following tools will you use?

• A. Nmap
• B. Ethereal
• C. Ettercap
• D. Netcraft

Answer: D

NEW QUESTION 12
Which of the following services CANNOT be performed by the nmap utility?
Each correct answer represents a complete solution. Choose all that apply.

• A. Passive OS fingerprinting
• B. Sniffing
• C. Active OS fingerprinting
• D. Port scanning

Answer: AB

NEW QUESTION 13
Which of the following are the automated tools that are used to perform penetration testing?
Each correct answer represents a complete solution. Choose two.

• A. Pwdump
• B. Nessus
• C. EtherApe
• D. GFI LANguard

Answer: BD

NEW QUESTION 14
Which of the following is the best method of accurately identifying the services running on a victim host?

• A. Use of the manual method of telnet to each of the open ports.
• B. Use of a port scanner to scan each port to confirm the services running.
• C. Use of hit and trial method to guess the services and ports of the victim host.
• D. Use of a vulnerability scanner to try to probe each port to verify which service is running.

Answer: A

NEW QUESTION 15
Which of the following statements are true about netcat?
Each correct answer represents a complete solution. Choose all that apply.

• A. It provides special tunneling, such as UDP to TCP, with the possibility of specifying all network parameters.
• B. It can be used as a file transfer solution.
• C. It provides outbound and inbound connections for TCP and UDP ports.
• D. The nc -z command can be used to redirect stdin/stdout from a program.

Answer: ABC

NEW QUESTION 16
Choose the correct six -step process of threat modeling from the list of different steps.

• A. Yes
• B. Not Mastered

Answer: A

NEW QUESTION 17
Which of the following tools is described in the statement given below?
"It has a database containing signatures to be able to detect hundreds of vulnerabilities in UNIX, Windows, and commonly used web CGI scripts. Moreover, the database detects DdoS zombies and Trojans as well."

• A. SARA
• B. Nessus
• C. Anti-x
• D. Nmap

Answer: B

NEW QUESTION 18
......