New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

SANS SEC504 - Hacker Tools, Techniques, Exploits and Incident Handling

SANS SEC504 Premium Access     Download Demo    
Page: 10 / 10
Total 328 questions

Which of the following are the primary goals of the incident handling team?

Each correct answer represents a complete solution. Choose all that apply.

A.

Freeze the scene.

B.

Repair any damage caused by an incident.

C.

Prevent any further damage.

D.

Inform higher authorities.

Which of the following is spy software that records activity on Macintosh systems via snapshots, keystrokes, and Web site logging?

A.

Spector

B.

Magic Lantern

C.

eblaster

D.

NetBus

Which of the following tools is used for vulnerability scanning and calls Hydra to launch a dictionary attack?

A.

Whishker

B.

Nessus

C.

SARA

D.

Nmap

Which of the following types of attacks is only intended to make a computer resource unavailable to its users?

A.

Denial of Service attack

B.

Replay attack

C.

Teardrop attack

D.

Land attack

In which of the following attacking methods does an attacker distribute incorrect IP address?

A.

IP spoofing

B.

Mac flooding

C.

DNS poisoning

D.

Man-in-the-middle

Which of the following statements about a Trojan horse are true?

Each correct answer represents a complete solution. Choose two.

A.

It is a macro or script that attaches itself to a file or template.

B.

The writers of a Trojan horse can use it later to gain unauthorized access to a computer.

C.

It is a malicious software program code that resembles another normal program.

D.

It infects the boot record on hard disks and floppy disks.

Which of the following statements about buffer overflow is true?

A.

It manages security credentials and public keys for message encryption.

B.

It is a collection of files used by Microsoft for software updates released between major service pack releases.

C.

It is a condition in which an application receives more data than it is configured to accept.

D.

It is a false warning about a virus.

You run the following command while using Nikto Web scanner:

perl nikto.pl -h 192.168.0.1 -p 443

What action do you want to perform?

A.

Using it as a proxy server

B.

Updating Nikto

C.

Seting Nikto for network sniffing

D.

Port scanning