New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

SANS SEC504 - Hacker Tools, Techniques, Exploits and Incident Handling

SANS SEC504 Premium Access     Download Demo    
Page: 2 / 10
Total 328 questions

Which of the following US Acts emphasized a "risk-based policy for cost-effective security" and makes mandatory for agency program officials, chief information officers, and inspectors general (IGs) to conduct annual reviews of the agency's information security program and report the results to Office of Management and Budget?

A.

The Electronic Communications Privacy Act of 1986 (ECPA)

B.

The Fair Credit Reporting Act (FCRA)

C.

The Equal Credit Opportunity Act (ECOA)

D.

Federal Information Security Management Act of 2002 (FISMA)

You want to integrate the Nikto tool with nessus vulnerability scanner. Which of the following steps will you take to accomplish the task?

Each correct answer represents a complete solution. Choose two.

A.

Place nikto.pl file in the /etc/nessus directory.

B.

Place nikto.pl file in the /var/www directory.

C.

Place the directory containing nikto.pl in root's PATH environment variable.

D.

Restart nessusd service.

Which of the following statements about reconnaissance is true?

A.

It describes an attempt to transfer DNS zone data.

B.

It is a computer that is used to attract potential intruders or attackers.

C.

It is any program that allows a hacker to connect to a computer without going through the normal authentication process.

D.

It is also known as half-open scanning.

Which of the following tools will you use to prevent from session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

A.

OpenSSH

B.

Rlogin

C.

Telnet

D.

SSL

Adam, a novice web user, is very conscious about the security. He wants to visit the Web site that is known to have malicious applets and code. Adam always makes use of a basic Web Browser to perform such testing.

Which of the following web browsers can adequately fill this purpose?

A.

Mozilla Firefox

B.

Internet explorer

C.

Lynx

D.

Safari

You are hired as a Database Administrator for Jennifer Shopping Cart Inc. You monitor the server health through the System Monitor and found that there is a sudden increase in the number of logins.

Which of the following types of attack has occurred?

A.

Injection

B.

Virus

C.

Worm

D.

Denial-of-service

You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution?

Each correct answer represents a part of the solution. Choose all that apply.

A.

Eradication

B.

Contamination

C.

Preparation

D.

Recovery

E.

Identification

You send SYN packets with the exact TTL of the target system starting at port 1 and going up to port 1024 using hping2 utility. This attack is known as __________.

A.

Port scanning

B.

Cloaking

C.

Firewalking

D.

Spoofing

Which of the following techniques is used when a system performs the penetration testing with the objective of accessing unauthorized information residing inside a computer?

A.

Van Eck Phreaking

B.

Phreaking

C.

Biometrician

D.

Port scanning

Fill in the blank with the appropriate name of the rootkit.

A _______ rootkit uses device or platform firmware to create a persistent malware image.