Jain works as a professional Ethical Hacker. He has been assigned the project of testing the security of www.abc.com. In order to do so, he performs the following steps of the preattack phase successfully:

•

Information gathering

•

Determination of network range

•

Identification of active systems

•

Location of open ports and applications

Now, which of the following tasks should he perform next?

A.

Install a backdoor to log in remotely on the We-are-secure server.

B.

Map the network of We-are-secure Inc.

C.

Fingerprint the services running on the we-are-secure network.

D.

Perform OS fingerprinting on the We-are-secure network.

You work as a technician for ABC Inc. You are troubleshooting a connectivity issue on a network. You are using the ping command to verify the connectivity between two hosts. You want ping to send larger sized packets than the usual 32- byte ones.

Which of the following commands will you use?

A. ping -a

B. ping -4

C. ping -t

D. ping -l

Which of the following proxy servers is also referred to as transparent proxies or forced proxies?

A. Intercepting proxy server

B. Anonymous proxy server

C. Reverse proxy server

D. Tunneling proxy server

TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. The combination of parameters may then be used to infer the remote operating system (OS fingerprinting), or incorporated into a device fingerprint.

Which of the following Nmap switches can be used to perform TCP/IP stack fingerprinting?

A. nmap -O -p

B. nmap -sS

C. nmap -sU -p

D. nmap -sT

Which of the following types of firewall functions at the Session layer of Open System Interconnection (OSI) model?

A. Circuit-level firewall

B. Switch-level firewall

C. Application-level firewall

D. Packet filtering firewall

Which of the following statements about a host-based intrusion prevention system (HIPS) are true? Each correct answer represents a complete solution. (Choose two.)

A. It cannot detect events scattered over the network.

B. It can handle encrypted and unencrypted traffic equally.

C. It can detect events scattered over the network.

D. It is a technique that allows multiple computers to share one or more IP addresses.

Which of the following can provide security against man-in-the-middle attack?

A. Anti-virus programs

B. Strong data encryption during travel

C. Strong authentication method

D. Firewall

Which of the following TShark options is used to set capture buffer size in MB?

A. -F

B. -B

C. -G

D. -C

Andrew works as a Forensic Investigator for PassGuide Inc. The company has a Windows-based environment. The company's employees use Microsoft Outlook Express as their e-mail client program. Emails of some employees have been deleted due to a virus attack on the network. Andrew is therefore

assigned the task to recover the deleted mails.

Which of the following tools can Andrew use to accomplish the task?

Each correct answer represents a complete solution. (Choose two.)

A. FINALeMAIL

B. EventCombMT

C. R-mail

D. eMailTrackerPro

Adam has installed and configured his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless router. Adam notices that when he uses his wireless connection, the speed is sometimes 16 Mbps and sometimes it is only 8 Mbps or less. Adam connects to the management utility wireless router and finds out that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router's logs and notices that the unfamiliar machine has the same MAC address as his laptop.

Which of the following attacks has been occurred on the wireless network of Adam?

A. ARP spoofing

B. NAT spoofing

C. MAC spoofing

D. DNS cache poisoning