Q1. Which of the following display filters will you enable in Ethereal to view the three-way handshake for a connection from host 192.168.0.1?
A. ip == 192.168.0.1 and tcp.syn
B. ip.addr = 192.168.0.1 and syn = 1
C. ip.addr==192.168.0.1 and tcp.flags.syn
D. ip.equals 192.168.0.1 and syn.equals on
Answer: C
Q2. Which of the following activities would not be considered passive footprinting?
A. Search on financial site such as Yahoo Financial
B. Perform multiple queries through a search engine
C. Scan the range of IP address found in their DNS database
D. Go through the rubbish to find out any information that might have been discarded
Answer: C
Explanation: Passive footprinting is a method in which the attacker never makes contact with the target. Scanning the targets IP addresses can be logged at the target and therefore contact has been made.
Q3. After an attacker has successfully compromised a remote computer, what would be one of the last steps that would be taken to ensure that the compromise is not traced back to the source of the problem?
A. Install pactehs
B. Setup a backdoor
C. Cover your tracks
D. Install a zombie for DDOS
Answer: C
Explanation: As a hacker you don’t want to leave any traces that could lead back to you.
Q4. What type of session hijacking attack is shown in the exhibit?
A. Session Sniffing Attack
B. Cross-site scripting Attack
C. SQL Injection Attack
D. Token sniffing Attack
Answer: A
Q5. What file system vulnerability does the following command take advantage of?
type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe
A. HFS
B. ADS
C. NTFS
D. Backdoor access
Answer: B
Explanation: ADS (or Alternate Data Streams) is a “feature” in the NTFS file system that makes it possible to hide information in alternate data streams in existing files. The file can have multiple data streams and the data streams are accessed by filename:stream.
Q6. While reviewing the result of scanning run against a target network you come across the following:
Which among the following can be used to get this output?
A. A Bo2k system query.
B. nmap protocol scan
C. A sniffer
D. An SNMP walk
Answer: D
Explanation: SNMP lets you "read" information from a device. You make a query of the server (generally known as the "agent"). The agent gathers the information from the host system and returns the answer to your SNMP client. It's like having a single interface for all your informative Unix commands. Output like system.sysContact.0 is called a MIB.
Q7. Samuel is high school teenager who lives in Modesto California. Samuel is a straight ‘A’ student who really likes tinkering around with computers and other types of electronic devices. Samuel just received a new laptop for his birthday and has been configuring it ever since. While tweaking the registry, Samuel notices a pop up at the bottom of his screen stating that his computer was now connected to a wireless network. All of a sudden, he was able to get online and surf the Internet.
Samuel did some quick research and was able to gain access to the wireless router he was connecting to and see al of its settings? Being able to hop onto someone else’s wireless network so easily fascinated Samuel so he began doing more and more research on wireless technologies and how to exploit them. The next day Samuel’s fried said that he could drive around all over town and pick up hundred of wireless networks. This really excited Samuel so they got into his friend’s car and drove around the city seeing which networks they could connect to and which ones they could not.
What has Samuel and his friend just performed?
A. Wardriving
B. Warwalking
C. Warchalking
D. Webdriving
Answer: A
Explanation: Wardriving is the act of searching for Wi-Fi wireless networks by a person in a moving vehicle using a Wi-Fi-equipped computer, such as a laptop or a PDA, to detect the networks. It was also known (as of 2002) as "WiLDing" (Wireless Lan Driving, although this term never gained any popularity and is no longer used), originating in the San Francisco Bay Area with the Bay Area Wireless Users Group (BAWUG). It is similar to using a scanner for radio.
Topic 18, Linux Hacking
437. Windump is the windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows platform you must install a packet capture library.
What is the name of this library?
A. NTPCAP
B. LibPCAP
C. WinPCAP
D. PCAP
Q8. MX record priority increases as the number increases.(True/False.
A. True
B. False
Answer: B
Explanation: The highest priority MX record has the lowest number.
Q9. What would best be defined as a security test on services against a known vulnerability database using an automated tool?
A. A penetration test
B. A privacy review
C. A server audit
D. A vulnerability assessment
Answer: D
Explanation: Vulnerability assessment is the process of identifying and quantifying vulnerabilities in a system. The system being studied could be a physical facility like a nuclear power plant, a computer system, or a larger system (for example the communications infrastructure or water infrastructure of a region).
Q10. Exhibit:
Please study the exhibit carefully.
Which Protocol maintains the communication on that way?
A. UDP
B. IP
C. TCP
D. ARP
E. RARP
Answer: C
Explanation: A TCP connection is always initiated with the 3-way handshake, which establishes and negotiates the actual connection over which data will be sent.