Q1. What does a firewall check to prevent particularports and applications from getting packets into an organizations?
A. Transport layer port numbers and application layer headers
B. Network layer headers and the session layer port numbers
C. Application layer port numbers and the transport layer headers
D. Presentation layer headers and the session layer port numbers
Answer: A
Q2. env x= ‘(){ :;};echo exploit ‘ bash –c ‘cat/etc/passwd
What is the Shellshock bash vulnerability attempting to do on an vulnerable Linux host?
A. Add new user to the passwd file
B. Display passwd contents to prompt
C. Change all password in passwd
D. Remove the passwd file.
Answer: B
Q3. You are usingNMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands looks for IP addresses?
A. >host –t ns hackeddomain.com
B. >host –t AXFR hackeddomain.com
C. >host –t soa hackeddomain.com
D. >host –t a hackeddomain.com
Answer: D
Q4. It is a short-range wireless communication technology intended to replace the cables connecting portables of fixed deviceswhile maintaining high levels of security. It allows mobile phones, computers and other devices to connect and communicate using a short- range wireless connection.
Which of the following terms best matches the definition?
A. Bluetooth
B. Radio-Frequency Identification
C. WLAN
D. InfraRed
Answer: A
Q5. Perspective clients wantto see sample reports from previous penetration tests. What should you do next?
A. Share full reports, not redacted.
B. Share full reports, with redacted.
C. Decline but, provide references.
D. Share reports, after NDA is signed.
Answer: B
Q6. An incident investigator asks to receive a copy of the event from all firewalls, prosy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs the sequence of many of the logged events do not match up.
What is the most likely cause?
A. The network devices are not all synchronized
B. The securitybreach was a false positive.
C. The attack altered or erased events from the logs.
D. Proper chain of custody was not observed while collecting the logs.
Answer: C
Q7. Which regulationdefines security and privacy controls for Federal information systems and organizations?
A. HIPAA
B. EU Safe Harbor
C. PCI-DSS
D. NIST-800-53
Answer: D
Q8. How does the Address Resolution Protocol (ARP) work?
A. It sends a reply packet for a specific IP, asking for the MAC address.
B. It sends a reply packet to all the network elements, asking for the MAC address from a specific IP.
C. It sends a request packet to all the network elements, asking for the domainname from a specific IP.
D. It sends a request packet to all the network elements, asking for the MAC address from a specific IP.
Answer: D
Q9. An attacker gains access to a Web server’s database and display the contents of the table that holds all of the names, passwords, and other user information. The attacker did this by entering information into the Web site's user login page that the software's designers did not expect to be entered. This is an example of what kind of software design problem?
A. Insufficient security management
B. Insufficient database hardening
C. Insufficient exception handling
D. Insufficient input validation
Answer: D
Q10. You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line.
Which command would you use?
A. c:\services.msc
B. c:\ncpa.cp
C. c:\compmgmt.msc
D. c:\gpedit
Answer: C