New Year Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: xmas50

SANS SEC504 - Hacker Tools, Techniques, Exploits and Incident Handling

SANS SEC504 Premium Access     Download Demo    
Page: 8 / 10
Total 328 questions

Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to test the network security of the company. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a company's icon to mark the progress of the test. Adam successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access.

How was security compromised and how did the firewall respond?

A.

The attack was social engineering and the firewall did not detect it.

B.

Security was not compromised as the webpage was hosted internally.

C.

The attack was Cross Site Scripting and the firewall blocked it.

D.

Security was compromised as keylogger is invisible for firewall.

Which of the following types of attacks is mounted with the objective of causing a negative impact on the performance of a computer or network?

A.

Vulnerability attack

B.

Man-in-the-middle attack

C.

Denial-of-Service (DoS) attack

D.

Impersonation attack

Which of the following tools can be used to detect the steganography?

A.

Dskprobe

B.

Blindside

C.

ImageHide

D.

Snow

Which of the following statements are true about firewalking?

Each correct answer represents a complete solution. Choose all that apply.

A.

To use firewalking, the attacker needs the IP address of the last known gateway before the firewall and the IP address of a host located behind the firewall.

B.

In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall.

C.

A malicious attacker can use firewalking to determine the types of ports/protocols that can bypass the firewall.

D.

Firewalking works on the UDP packets.

Which of the following applications is an example of a data-sending Trojan?

A.

SubSeven

B.

Senna Spy Generator

C.

Firekiller 2000

D.

eBlaster

John works as a Professional Penetration Tester. He has been assigned a project to test the Website security of www.we-are-secure Inc. On the We-are-secure Website login page, he enters ='or''=' as a username and successfully logs on to the user page of the Web site. Now, John asks the we-aresecure Inc. to improve the login page PHP script. Which of the following suggestions can John give to improve the security of the we-are-secure Website login page from the SQL injection attack?

A.

Use the escapeshellarg() function

B.

Use the session_regenerate_id() function

C.

Use the mysql_real_escape_string() function for escaping input

D.

Use the escapeshellcmd() function

Which of the following Incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an enterprise?

A.

Preparation phase

B.

Eradication phase

C.

Identification phase

D.

Recovery phase

E.

Containment phase

Which of the following is a computer worm that caused a denial of service on some Internet hosts and dramatically slowed down general Internet traffic?

A.

Klez

B.

Code red

C.

SQL Slammer

D.

Beast

You run the following bash script in Linux:

for i in 'cat hostlist.txt' ;do

nc -q 2 -v $i 80 < request.txt done

Where, hostlist.txt file contains the list of IP addresses and request.txt is the output file. Which of the following tasks do you want to perform by running this script?

A.

You want to put nmap in the listen mode to the hosts given in the IP address list.

B.

You want to perform banner grabbing to the hosts given in the IP address list.

C.

You want to perform port scanning to the hosts given in the IP address list.

D.

You want to transfer file hostlist.txt to the hosts given in the IP address list.

You work as a Network Administrator for Infonet Inc. The company has a Windows Server 2008 Active Directory-based single domain single forest network. The company has three Windows 2008 file servers, 150 Windows XP Professional, thirty UNIX-based client computers. The network users have identical user accounts for both Active Directory and the UNIX realm. You want to ensure that the UNIX clients on the network can access the file servers. You also want to ensure that the users are able to access all resources by logging on only once, and that no additional software is installed on the UNIX clients. What will you do to accomplish this task?

Each correct answer represents a part of the solution. Choose two.

A.

Configure a distributed file system (Dfs) on the file server in the network.

B.

Enable the Network File System (NFS) component on the file servers in the network.

C.

Configure ADRMS on the file servers in the network.

D.

Enable User Name Mapping on the file servers in the network.