You suspect that your Windows machine has been compromised with a Trojan virus. When you run anti-virus software it does not pick of the Trojan. Next you run netstat command to look for open ports and you notice a strange port 6666 open.

What is the next step you would do?

A. Re-install the operating system.

B. Re-run anti-virus software.

C. Install and run Trojan removal software.

D. Run utility fport and look for the application executable that listens on port 6666.

A denial of Service (DoS) attack works on the following principle:

A. MS-DOS and PC-DOS operating system utilize a weaknesses that can be compromised and permit them to launch an attack easily.

B. All CLIENT systems have TCP/IP stack implementation weakness that can be compromised and permit them to lunch an attack easily.

C. Overloaded buffer systems can easily address error conditions and respond appropriately.

D. Host systems cannot respond to real traffic,if they have an overwhelming number of incomplete connections (SYN/RCVD State).

E. A server stops accepting connections from certain networks one those network become flooded.

Bob has been hired to perform a penetration test on XYZ.com. He begins by looking at IP address ranges owned by the company and details of domain name registration. He then goes to News Groups and financial web sites to see if they are leaking any sensitive information of have any technical details online.

Within the context of penetration testing methodology, what phase is Bob involved with?

A. Passive information gathering

B. Active information gathering

C. Attack phase

D. Vulnerability Mapping

A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?

A. -sO

B. -sP

C. -sS

D. -sU

Blane is a security analyst for a law firm. One of the lawyers needs to send out an email to a client but he wants to know if the email is forwarded on to any other recipients. The client is explicitly asked not to resend the email since that would be a violation of the lawyer's and client's agreement for this particular case.

What can Blane use to accomplish this?

A. He can use a split-DNS service to ensure the email is not forwarded on.

B. A service such as HTTrack would accomplish this.

C. Blane could use MetaGoofil tracking tool.

D. Blane can use a service such as ReadNotify tracking tool.

Which of the following identifies the three modes in which Snort can be configured to run?

A. Sniffer,Packet Logger,and Network Intrusion Detection System

B. Sniffer,Network Intrusion Detection System,and Host Intrusion Detection System

C. Sniffer,Host Intrusion Prevention System,and Network Intrusion Prevention System

D. Sniffer,Packet Logger,and Host Intrusion Prevention System

Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?

A. The victim user must open the malicious link with an Internet Explorer prior to version 8.

B. The session cookies generated by the application do not have the HttpOnly flag set.

C. The victim user must open the malicious link with a Firefox prior to version 3.

D. The web application should not use random tokens.

File extensions provide information regarding the underlying server technology. Attackers can use this information to search vulnerabilities and launch attacks.

How would you disable file extensions in Apache servers?

A. Use disable-eXchange

B. Use mod_negotiation

C. Use Stop_Files

D. Use Lib_exchanges

Frederickson Security Consultants is currently conducting a security audit on the networks of Hawthorn Enterprises, a contractor for the Department of Defense. Since Hawthorn Enterprises conducts business daily with the federal government, they must abide by very stringent security policies. Frederickson is testing all of Hawthorn's physical and logical security measures including biometrics, passwords, and permissions. The federal government requires that all users must utilize random, non-dictionary passwords that must take at least 30 days to crack. Frederickson has confirmed that all Hawthorn employees use a random password generator for their network passwords. The Frederickson consultants have saved off numerous SAM files from Hawthorn's servers using Pwdump6 and are going to try and crack the network passwords.

What method of attack is best suited to crack these passwords in the shortest amount of time?

A. Brute force attack

B. Birthday attack

C. Dictionary attack

D. Brute service attack

In an attempt to secure his wireless network, Bob turns off broadcasting of the SSID. He concludes that since his access points require the client computer to have the proper SSID, it would prevent others from connecting to the wireless network. Unfortunately unauthorized users are still able to connect to the wireless network.

Why do you think this is possible?

A. Bob forgot to turn off DHCP.

B. All access points are shipped with a default SSID.

C. The SSID is still sent inside both client and AP packets.

D. Bob's solution only works in ad-hoc mode.