You're doing an internal security audit and you want to find out what ports are open on all the servers. What is the best way to find out?
When security and confidentiality of data within the same LAN is of utmost priority, which IPSec mode should you implement?
Which type of sniffing technique is generally referred as MiTM attack?
SOAP services use which technology to format information?
A software tester is randomly generating invalid inputs in an attempt to crash the program.
Which of the following is a software testing technique used to determine if a software program properly handles a wide range of invalid input?
Which of the following LM hashes represent a password of less than 8 characters? (Choose two.)
Company ABC has asked you to assess the security of their perimeter email gateway. From your office in London, you craft a specially formatted email message and send it across the Internet to an employee of Company ABC. The employee of Company ABC is aware of your test.
Your email message looks like this:
Subject: Test message
Date: 4/3/2017 14:37
The employee of Company ABC receives your email message. This proves that Company ABC's email gateway doesn't prevent what?
A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?
Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?
What does a type 3 code 13 represent? (Choose two.)
What results will the following command yield: 'NMAP -sS -O -p 123-153 192.168.100.3'?
A server has been infected by a certain type of Trojan. The hacker intended to utilise it to send and host junk mails. What type of Trojan did the hacker use?
An Intrusion Detection System (IDS) has alerted the network administrator to a possibly malicious sequence of packets sent to a Web server in the network's external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file.
What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?
An engineer is learning to write exploits in C++ and is using the exploit tool Backtrack. The engineer wants to compile the newest C++ exploit and name it calc.exe. Which command would the engineer use to accomplish this?
Which of the following programs is usually targeted at Microsoft Office products?
Which type of security feature stops vehicles from crashing through the doors of a building?
Port scanning can be used as part of a technical assessment to determine network vulnerabilities. The TCP XMAS scan is used to identify listening ports on the targeted system.
If a scanned port is open, what happens?
Which NMAP command combination would let a tester scan every TCP port from a class C network that is blocking ICMP with fingerprinting and service detection?
A virus that attempts to install itself inside the file it is infecting is called?
While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server.
From the following options choose how best you can achieve this objective?
WPA2 uses AES for wireless data encryption at which of the following encryption levels?
Tim has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?