What type of Virus is shown here?

A.

Macro Virus

B.

Cavity Virus

C.

Boot Sector Virus

D.

Metamorphic Virus

E.

 Sparse Infector Virus

What file system vulnerability does the following command take advantage of?
type c:\anyfile.exe > c:\winnt\system32\calc.exe:anyfile.exe

A.

HFS

B.

 ADS

C.

 NTFS

D.

 Backdoor access

When discussing passwords, what is considered a brute force attack?

A.

You attempt every single possibility until you exhaust all possible combinations or
discover the password

B.

 You threaten to use the rubber hose on someone unless they reveal their password

C.

 You load a dictionary of words into your cracking program

D.

You create hashes of a large number of words and compare it with the encrypted
passwords

E.

You wait until the password expires

Here is the ASCII Sheet.

You want to guess the DBO username juggyboy (8 characters) using Blind SQL Injection
technique.
What is the correct syntax?

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Bob is doing a password assessment for one of his clients. Bob suspects that
security policies are not in place. He also suspects that weak passwords are
probably the norm throughout the company he is evaluating. Bob is familiar with
password weaknesses and key loggers.
Which of the following options best represents the means that Bob can adopt to
retrieve passwords from his clients hosts and servers.

A.

Hardware, Software, and Sniffing.

B.

  Hardware and Software Keyloggers.

C.

  Passwords are always best obtained using Hardware key loggers.

D.

  Software only, they are the most effective.

In Trojan terminology, what is a covert channel?

A.

A channel that transfers information within a computer system or network in a way that
violates the security policy

B.

A legitimate communication path within a computer system or network for transfer of
data

C.

It is a kernel operation that hides boot processes and services to mask detection

D.

It is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to
establish connections

You are gathering competitive intelligence on an organization. You notice that they have
jobs listed on a few Internet job-hunting sites. There are two jobs for network and system
administrators. How can this help you in foot printing the organization?

A.

To learn about the IP range used by the target network

B.

To identify the number of employees working for the company

C.

To test the limits of the corporate security policy enforced in the company

D.

To learn about the operating systems, services and applications used on the network

This attack technique is used when a Web application is vulnerable to an SQL Injection but
the results of the Injection are not visible to the attacker.

A.

Unique SQL Injection

B.

Blind SQL Injection

C.

Generic SQL Injection

D.

Double SQL Injection

A rootkit is a collection of tools (programs) that enable administrator-level access to a
computer. This program hides itself deep into an operating system for malicious activity
and is extremely difficult to detect. The malicious software operates in a stealth fashion by
hiding its files, processes and registry keys and may be used to create a hidden directory
or folder designed to keep out of view from a user's operating system and security
software.

What privilege level does a rootkit require to infect successfully on a Victims machine?

A.

User level privileges

B.

Ring 3 Privileges

C.

System level privileges

D.

 Kernel level privileges

You establish a new Web browser connection to Google. Since a 3-way handshake is
required for any TCP connection, the following actions will take place.

DNS query is sent to the DNS server to resolve www.google.com
DNS server replies with the IP address for Google?
SYN packet is sent to Google.
Google sends back a SYN/ACK packet
Your computer completes the handshake by sending an ACK
The connection is established and the transfer of data commences
Which of the following packets represent completion of the 3-way handshake?

A.

4th packet

B.

3rdpacket

C.

6th packet

D.

 5th packet

What type of session hijacking attack is shown in the exhibit?

A.

Session Sniffing Attack

B.

Cross-site scripting Attack

C.

SQL Injection Attack

D.

 Token sniffing Attack

In this attack, a victim receives an e-mail claiming from PayPal stating that their account
has been disabled and confirmation is required before activation. The attackers then scam
to collect not one but two credit card numbers, ATM PIN number and other personal
details.

Ignorant users usually fall prey to this scam. Which of the following statement is incorrect
related to this attack?

A.

Do not reply to email messages or popup ads asking for personal or financial
information

B.

Do not trust telephone numbers in e-mails or popup ads

C.

Review credit card and bank account statements regularly

D.

Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks

E.

Do not send credit card numbers, and personal or financial information via e-mail