Fake Anti-Virus, is one of the most frequently encountered and persistent threats on the web. This malware uses social engineering to lure users into infected websites with a technique called Search Engine Optimization.

Once the Fake AV is downloaded into the user's computer, the software will scare them into believing their system is infected with threats that do not really exist, and then push users to purchase services to clean up the non-existent threats.

The Fake AntiVirus will continue to send these annoying and intrusive alerts until a payment is made.

What is the risk of installing Fake AntiVirus?

A. Victim's Operating System versions, services running and applications installed will be published on Blogs and Forums

B. Victim's personally identifiable information such as billing address and credit card details, may be extracted and exploited by the attacker

C. Once infected, the computer will be unable to boot and the Trojan will attempt to format the hard disk

D. Denial of Service attack will be launched against the infected computer crashing other machines on the connected network

Which port, when configured on a switch receives a copy of every packet that passes through it?

A. R-DUPE Port

B. MIRROR port

C. SPAN port

D. PORTMON

You have been using the msadc.pl attack script to execute arbitrary commands on an NT4 web server. While it is effective, you find it tedious to perform extended functions. On further research you come across a perl script that runs the following msadc functions: What kind of exploit is indicated by this script?

A. A buffer overflow exploit.

B. A SUID exploit.

C. A SQL injection exploit.

D. A chained exploit.

E. A buffer under run exploit.

Network Intrusion Detection systems can monitor traffic in real time on networks. Which one of the following techniques can be very effective at avoiding proper detection?

A. Fragmentation of packets.

B. Use of only TCP based protocols.

C. Use of only UDP based protocols.

D. Use of fragmented ICMP traffic only.

What is the expected result of the following exploit?

A. Opens up a telnet listener that requires no username or password.

B. Create a FTP server with write permissions enabled.

C. Creates a share called "sasfile" on the target system.

D. Creates an account with a user name of Anonymous and a password of [email protected].

Which of the following is NOT a reason 802.11 WEP encryption is vulnerable?

A. There is no mutual authentication between wireless clients and access points

B. Automated tools like AirSnort are available to discover WEP keys

C. The standard does not provide for centralized key management

D. The 24 bit Initialization Vector (IV) field is too small

On wireless networks, a SSID is used to identify the network. Why are SSID not considered to be a good security mechanism to protect a wireless network?

A. The SSID is only 32 bits in length

B. The SSID is transmitted in clear text

C. The SSID is to identify a station not a network

D. The SSID is the same as the MAC address for all vendors

If you send a SYN to an open port, what is the correct response?(Choose all correct answers.

A. SYN

B. ACK

C. FIN

D. PSH

You have been called to investigate a sudden increase in network traffic at company. It seems that the traffic generated was too heavy that normal business functions could no longer be rendered to external employees and clients. After a quick investigation, you find that the computer has services running attached to TFN2k and Trinoo software. What do you think was the most likely cause behind this sudden increase in traffic?

A. A distributed denial of service attack.

B. A network card that was jabbering.

C. A bad route on the firewall.

D. Invalid rules entry at the gateway.

SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hosts.

Which of the following features makes this possible? (Choose two)

A. It used TCP as the underlying protocol.

B. It uses community string that is transmitted in clear text.

C. It is susceptible to sniffing.

D. It is used by all network devices on the market.