What might be good countermeasures to protect the built-in administrator account from automated Terminal Server password guessing programs like tsgrinder?Choose tw.
A. Enable account lockout.
B. Set a complex password that is at least 8 characters or more in length.
C. Using TSVER Resource Kit tool to customize which 4-digit version numbers of the Remote Desktop Client 5.1 software are allowed to connect.
D. Run Terminal Server on a computer located in the DMZ
From the items listed below,which would be expected from a cracker or hacker but NOT from an Ethical Hacker or Certified Penetration tester?
A. Code of ethics
B. Signed Authorization
C. Disregard for potential losses
D. Presentation of a detailed report
A TCP connect Scan which is also called a Vanilla TCP port scan will send a SYN packet to ports sequentially to see which are open.
Using the Vanilla TCP Port Scan, what would be expected as a response from a port that is open?
A. FIN
B. SYN/ACK
C. RST/ACT
D. ACK
Dozens of methodologies exist on the market today.Most of them follow the very high level steps.
Which of the following would represent the most common and logical approach to penetration testing from the first step being accomplished on the left to the last step being done on the right side of the statement below?
A. Scanning,Footprinting,Enumeration,Penetration
B. Footprinting,Enumeration,Scanning,Penetration
C. Footprinting,Scanning,Enumeration,Penetration
D. Penetration,Enumeration,Scanning,Footprinting
Which of the following exploits/abuse would all be located at the network layer of the OSI model? (Choose all that applies)
A. Route Spoofing
B. IP Source routing
C. IP Source Address Spoofing
D. ARP Spoofing
Which of the following is NOT a tool that could be perform a zone transfer?
A. DIG
B. Host
C. Nslookup
D. WHOIS
Which of the following might be used to give false positives when a UDP scan is being performed against a DMZ server running DNS?Choose the best answer.
A. On the firewall,block ICMP TTL Exceeded
B. On the firewall,block all incoming UDP
C. On the firewall,block all TCP SYN packets
D. On the firewall,block all ICMP Port Unreachable messages
Which of the following SQL injection scripts would attempt to discover all usernames on the table users beginning with Ad?
A. SELECT *FROM* WHERE username =AD*
B. OR 1=1; SELECT username FROM users WHERE username LIKE ad%:
C. SELECT name FROM Master..sysxlogins
D. OR 1=2 WHERE name is like AD%
Todays security infrastructures are composed of firewall,instrusion detection systems,content
screening,certificates,tokens,and a lot more.
Howeve,there is still one aspect that is considered to be weak link in all infrastructures.
Which of the following would represent this weak link?
A. Bad hardware
B. Bad software
C. People
D. Process
You have successfully exploited a remote computer.You now have limited privilege on the remote computer.
You tests have revealed that it is possible to download files from the internet but the size of the limited to less than 60K.
You would like to escalate your privilege by scanning the internal network and also setup a permanent backdoor that would allow you to return to the compromised host at will.
Which of the following tools could be used for such purpose?
A. Hijack This
B. Netcat
C. ButtSniff
D. BackOrifice
