Which of the following tools is an automated tool that is used to implement SQL injections and to retrieve data from Web server databases?
A. Fragroute
B. Absinthe
C. Stick
D. ADMutate
Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to him to secure access to the network of the company from all possible entry points. He segmented the network into several subnets and installed firewalls all over the network. He has placed very stringent rules on all the firewalls, blocking everything in and out except the ports that must be used. He does need to have port 80 open since his company hosts a website that must be accessed from the Internet. Adam is still worried about the programs like Hping2 that can get into a network through covert channels.
Which of the following is the most effective way to protect the network of the company from an attacker using Hping2 to scan his internal network?
A. Block all outgoing traffic on port 21
B. Block all outgoing traffic on port 53
C. Block ICMP type 13 messages
D. Block ICMP type 3 messages
Which of the following tools can be used to detect the steganography?
A. Dskprobe
B. Blindside
C. ImageHide
D. Snow
John, a part-time hacker, has accessed in unauthorized way to the www.yourbank.com banking Website and stolen the bank account information of its users and their credit card numbers by using the SQL injection attack. Now, John wants to sell this information to malicious person Mark and make a deal to get a good amount of money. Since, he does not want to send the hacked information in the clear text format to Mark; he decides to send information in hidden text. For this, he takes a steganography tool and hides the information in ASCII text by appending whitespace to the end of lines and encrypts the hidden information by using the IDEA encryption algorithm.
Which of the following tools is John using for steganography?
A. Image Hide
B. 2Mosaic
C. Snow.exe
D. Netcat
Which of the following are the primary goals of the incident handling team? Each correct answer represents a complete solution. Choose all that apply.
A. Freeze the scene.
B. Repair any damage caused by an incident.
C. Prevent any further damage.
D. Inform higher authorities.
Adam is a novice Web user. He chooses a 22 letters long word from the dictionary as his password. How long will it take to crack the password by an attacker?
A. 22 hours
B. 23 days
C. 200 years
D. 5 minutes
Which of the following types of attacks is often performed by looking surreptitiously at the keyboard or monitor of an employee's computer?
A. Buffer-overflow attack
B. Shoulder surfing attack
C. Man-in-the-middle attack
D. Denial-of-Service (DoS) attack
Which of the following refers to a condition in which a hacker sends a bunch of packets that leave TCP ports half open?
A. Spoofing
B. Hacking
C. SYN attack
D. PING attack
Which of the following wireless network security solutions refers to an authentication process in which a user can connect wireless access points to a centralized server to ensure that all hosts are properly authenticated?
A. Remote Authentication Dial-In User Service (RADIUS)
B. IEEE 802.1x
C. Wired Equivalent Privacy (WEP)
D. Wi-Fi Protected Access 2 (WPA2)
Fill in the blank with the appropriate term.
______ is a technique used to make sure that incoming packets are actually from the networks that they claim to be from.
A. Ingress filtering