Jason is working on a pen testing assignment. He is sending customized ICMP packets to a host in the

target network. However, the ping requests to the target failed with "ICMP Time Exceeded Type = 11" error

messages.

What can Jason do to overcome this error?

A. Set a Fragment Offset

B. Increase the Window size in the packets

C. Increase the TTL value in the packets

D. Increase the ICMP header length

Arnold is trying to gain access to a database by inserting exploited query statements with a WHERE

clause. He wants to retrieve all the entries from a particular table (e. g. StudName) using the WHERE

clause.

What query does Arnold need to write to retrieve the information?

A. EXTRACT * FROM StudName WHERE roll_number = 1 order by 1000

B. DUMP * FROM StudName WHERE roll_number = 1 AND 1=1-

C. SELECT * FROM StudName WHERE roll_number = " or '1' = '1'

D. RETRIVE * FROM StudName WHERE roll_number = 1'#

An organization hosted a website to provide services to its customers. A visitor of this website has reported a complaint to the organization that they are getting an error message with code 502 when they are trying to access the website. This issue was forwarded to the IT department in the organization. The IT department identified the reason behind the error and started resolving the issue by checking whether the server is overloaded, whether the name resolution is working properly, whether the firewall is configured properly, etc. Identify the error message corresponding to code 502 that the visitors obtained when they tried to access the organization's website?

A. Bad request

B. Forbidden

C. Internal error

D. Bad gateway

Which vulnerability assessment phase describes the scope of the assessment, identifies and ranks the critical assets, and creates proper information protection procedures such as effective planning, scheduling, coordination, and logistics?

A. Threat-Assessment Phase

B. Pre-Assessment Phase

C. Assessment Phase

D. Post-Assessment Phase

What are the security risks of running a "repair" installation for Windows XP?

A. There are no security risks when running the "repair" installation for Windows XP

B. Pressing Shift+F1 gives the user administrative rights

C. Pressing Ctrl+F10 gives the user administrative rights

D. Pressing Shift+F10 gives the user administrative rights

Which of the following acts related to information security in the US establish that the management of an organization is responsible for establishing and maintaining an adequate internal control structure and procedures for financial reporting?

A. USA Patriot Act 2001

B. Sarbanes-Oxley 2002

C. Gramm-Leach-Bliley Act (GLBA)

D. California SB 1386

Which of the following protocols cannot be used to filter VoIP traffic?

A. Media Gateway Control Protocol (MGCP)

B. Real-time Transport Control Protocol (RTCP)

C. Session Description Protocol (SDP)

D. Real-Time Publish Subscribe (RTPS)

One of the steps in information gathering is to run searches on a company using complex keywords in Google.

Which search keywords would you use in the Google search engine to find all the PowerPoint presentations containing information about a target company, ROCHESTON?

A. ROCHESTON fileformat:+ppt

B. ROCHESTON ppt:filestring

C. ROCHESTON filetype:ppt

D. ROCHESTON +ppt:filesearch

In the context of penetration testing, what does blue teaming mean?

A. A penetration test performed with the knowledge and consent of the organization's IT staff

B. It is the most expensive and most widely used

C. It may be conducted with or without warning

D. A penetration test performed without the knowledge of the organization's IT staff but with permission from upper management

How many bits is Source Port Number in TCP Header packet?

A. 48

B. 32

C. 64

D. 16