Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. Which FTP transfer mode is required for FTP bounce attack?
A. Active Mode
B. Passive Mode
C. User Mode
D. Anonymous Mode
Answer: B
Explanation: FTP bounce attack needs the server the support passive connections and the client program needs to use PORT command instead of the PASV command.
Q2. What is the IV key size used in WPA2?
A. 32
B. 24
C. 16
D. 48
E. 128
Answer: D
Q3. Which of the following represent weak password? (Select 2 answers)
A. Passwords that contain letters, special characters, and numbers Example: ap1$%##f@52
B. Passwords that contain only numbers Example: 23698217
C. Passwords that contain only special characters Example: &*#@!(%)
D. Passwords that contain letters and numbers Example: meerdfget123
E. Passwords that contain only letters Example: QWERTYKLRTY
F. Passwords that contain only special characters and numbers Example: 123@$45
G. Passwords that contain only letters and special characters Example: bob@&ba
H. Passwords that contain Uppercase/Lowercase from a dictionary list Example: OrAnGe
Answer: EH
Q4. What is the purpose of firewalking?
A. It's a technique used to discover Wireless network on foot
B. It's a technique used to map routers on a network link
C. It's a technique used to discover interface in promiscuous mode
D. It's a technique used to discover what rules are configured on a gateway
Answer: D
Explanation: Firewalking uses a traceroute-like IP packet analysis to determine whether or not a particular packet can pass from the attacker’s host to a destination host through a packet-filtering device. This technique can be used to map ‘open’ or ‘pass through’ ports on a gateway. More over, it can determine whether packets with various control information can pass through a given gateway.
Q5. Sara is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain. What do you think Sara is trying to accomplish? Select the best answer.
A. A zone harvesting
B. A zone transfer
C. A zone update
D. A zone estimate
Answer: B
Explanation: The zone transfer is the method a secondary DNS server uses to update its information from the primary DNS server. DNS servers within a domain are organized using a master-slave method where the slaves get updated DNS information from the master DNS. One should configure the master DNS server to allow zone transfers only from secondary (slave) DNS servers but this is often not implemented. By connecting to a specific DNS server and successfully issuing the ls –d domain-name > file-name you have initiated a zone transfer.
Q6. John the hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct MiTM attack. What is the destination MAC address of a broadcast frame?
A. 0xFFFFFFFFFFFF
B. 0xAAAAAAAAAAAA
C. 0xBBBBBBBBBBBB
D. 0xDDDDDDDDDDDD
Answer: A
Explanation: 0xFFFFFFFFFFFF is the destination MAC address of the broadcast frame.
Q7. What do you call a pre-computed hash?
A. Sun tables
B. Apple tables
C. Rainbow tables
D. Moon tables
Answer: C
Q8. What type of session hijacking attack is shown in the exhibit?
A. Cross-site scripting Attack
B. SQL Injection Attack
C. Token sniffing Attack
D. Session Fixation Attack
Answer: D
Q9. In an attempt to secure his wireless network, Bob turns off broadcasting of the SSID. He concludes that since his access points require the client computer to have the proper SSID, it would prevent others from connecting to the wireless network. Unfortunately unauthorized users are still able to connect to the wireless network.
Why do you think this is possible?
A. Bob forgot to turn off DHCP.
B. All access points are shipped with a default SSID.
C. The SSID is still sent inside both client and AP packets.
D. Bob’s solution only works in ad-hoc mode.
Answer: B
Explanation: All access points are shipped with a default SSID unique to that manufacturer, for example 3com uses the default ssid comcomcom.
Q10. A zone file consists of which of the following Resource Records (RRs)?
A. DNS, NS, AXFR, and MX records
B. DNS, NS, PTR, and MX records
C. SOA, NS, AXFR, and MX records
D. SOA, NS, A, and MX records
Answer: D
Explanation: The zone file typically contains the following records:
SOA – Start Of Authority NS – Name Server record MX – Mail eXchange record A – Address record
Q11. What does the this symbol mean?
A. Open Access Point
B. WPA Encrypted Access Point
C. WEP Encrypted Access Point
D. Closed Access Point
Answer: A
Explanation: This symbol is a “warchalking” symbol for a open node (open circle) with the SSID tsunami and the bandwidth 2.0 Mb/s
Q12. An attacker finds a web page for a target organization that supplies contact information for the company. Using available details to make the message seem authentic, the attacker drafts e-mail to an employee on the contact page that appears to come from an individual who might reasonably request confidential information, such as a network administrator.
The email asks the employee to log into a bogus page that requests the employee's user name and password or click on a link that will download spyware or other malicious programming.
Google's Gmail was hacked using this technique and attackers stole source code and sensitive data from Google servers. This is highly sophisticated attack using zero-day exploit vectors, social engineering and malware websites that focused on targeted individuals working for the company.
What is this deadly attack called?
A. Spear phishing attack
B. Trojan server attack
C. Javelin attack
D. Social networking attack
Answer: A
Q13. Theresa is an IT security analyst working for the United Kingdom Internet Crimes Bureau in London. Theresa has been assigned to the software piracy division which focuses on taking down individual and organized groups that distribute copyrighted software illegally. Theresa and her division have been responsible for taking down over 2,000 FTP sites hosting copyrighted software. Theresa's supervisor now wants her to focus on finding and taking down websites that host illegal pirated software. What are these sights called that Theresa has been tasked with taking down?
A. These sites that host illegal copyrighted software are called Warez sites
B. These sites that Theresa has been tasked to take down are called uTorrent sites
C. These websites are referred to as Dark Web sites
D. Websites that host illegal pirated versions of software are called Back Door sites
Answer: A
Explanation: The Warez scene, often referred to as The Scene (often capitalized) is a term of self-reference used by a community that specializes in the underground distribution of pirated content, typically software but increasingly including movies and music.
Q14. Sara is making use of Digest Authentication for her Web site. Why is this considered to be more secure than Basic authentication?
A. Basic authentication is broken
B. The password is never sent in clear text over the network
C. The password sent in clear text over the network is never reused.
D. It is based on Kerberos authentication protocol
Answer: B
Explanation: Digest access authentication is one of the agreed methods a web page can use to negotiate credentials with a web user (using the HTTP protocol). This method builds upon (and obsoletes) the basic authentication scheme, allowing user identity to be established without having to send a password in plaintext over the network.
Q15. A common technique for luring e-mail users into opening virus-launching attachments is to send messages that would appear to be relevant or important to many of their potential recipients. One way of accomplishing this feat is to make the virus-carrying messages appear to come from some type of business entity retailing sites, UPS, FEDEX, CITIBANK or a major provider of a common service.
Here is a fraudulent e-mail claiming to be from FedEx regarding a package that could not be delivered. This mail asks the receiver to open an attachment in order to obtain the FEDEX tracking number for picking up the package. The attachment contained in this type of e-mail activates a virus.
Vendors send e-mails like this to their customers advising them not to open any files attached with the mail, as they do not include attachments.
Fraudulent e-mail and legit e-mail that arrives in your inbox contain the fedex.com as the sender of the mail.
How do you ensure if the e-mail is authentic and sent from fedex.com?
A. Verify the digital signature attached with the mail, the fake mail will not have Digital ID at all
B. Check the Sender ID against the National Spam Database (NSD)
C. Fake mail will have spelling/grammatical errors
D. Fake mail uses extensive images, animation and flash content
Answer: A