Q351. You establish a new Web browser connection to Google. Since a 3-way handshake is required for any TCP connection, the following actions will take place. 

-DNS query is sent to the DNS server to resolve www.google.com 

-DNS server replies with the IP address for Google? 

-SYN packet is sent to Google. 

-Google sends back a SYN/ACK packet 

-Your computer completes the handshake by sending an ACK 

-The connection is established and the transfer of data commences 

Which of the following packets represent completion of the 3-way handshake? 

A. 4th packet 

B. 3rdpacket 

C. 6th packet 

D. 5th packet 

Answer: D

Q352. You have the SOA presented below in your Zone. Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary servers attempt to contact the primary server before it considers that zone is dead and stops responding to queries? 

collegae.edu.SOA,cikkye.edu ipad.college.edu. (200302028 3600 3600 604800 3600) 

A. One day 

B. One hour 

C. One week 

D. One month 

Answer: C

Explanation: The numbers represents the following values: 200302028; se = serial number 3600; ref = refresh = 1h 3600; ret = update retry = 1h 604800; ex = expiry = 1w 3600; min = minimum TTL = 1h 

Q353. Justine is the systems administrator for her company, an international shipping company with offices all over the world. Recent US regulations have forced the company to implement stronger and more secure means of communication. Justine and other administrators have been put in charge of securing the company's digital communication lines. After implementing email encryption, Justine now needs to implement robust digital signatures to ensure data authenticity and reliability. Justine has decided to implement digital signatures which are a variant of DSA and that operate on elliptical curve groups. These signatures are more efficient than DSA and are not vulnerable to a number field sieve attacks. 

What type of signature has Justine decided to implement? 

A. She has decided to implement ElGamal signatures since they offer more reliability than the typical DSA signatures 

B. Justine has decided to use ECDSA signatures since they are more efficient than DSA signatures 

C. Justine is now utilizing SHA-1 with RSA signatures to help ensure data reliability 

D. These types of signatures that Justine has decided to use are called RSA-PSS signatures 

Answer: B

Explanation: The Elliptic Curve Digital Signature Algorithm (ECDSA) is a variant of the Digital Signature Algorithm (DSA) which uses Elliptic curve cryptography. http://en.wikipedia.org/wiki/Elliptic_Curve_DSA 

Q354. The following script shows a simple SQL injection. The script builds an SQL query by concatenating hard-coded strings together with a string entered by the user: 

The user is prompted to enter the name of a city on a Web form. If she enters Chicago, the query assembled by the script looks similar to the following: 

SELECT * FROM OrdersTable WHERE ShipCity = 'Chicago' 

How will you delete the OrdersTable from the database using SQL Injection? 

A. Chicago' drop table OrdersTable --

B. Delete table'blah' OrdersTable --

C. EXEC; SELECT * OrdersTable > DROP --

D. cmdshell' 'del c:\sql\mydb\OrdersTable' // 

Answer: A

Q355. Identify SQL injection attack from the HTTP requests shown below: 

A. http://www.victim.com/example?accountnumber=67891&creditamount=999999999 

B. http://www.xsecurity.com/cgiin/bad.cgi?foo=..%fc%80%80%80%80%af../bin/ls%20-al 

C. http://www.myserver.com/search.asp?lname=smith%27%3bupdate%20usertable%20set%20pass wd%3d%27hAx0r%27%3b--%00 

D. http://www.myserver.com/script.php?mydata=%3cscript%20src=%22http%3a%2f%2fwww.yourser ver.c0m%2fbadscript.js%22% 3e%3c%2fscript%3e 

Answer: C

Explantion: The correct answer contains the code to alter the usertable in order to change the password for user smith to hAx0r 

Q356. You are the IT Manager of a large legal firm in California. Your firm represents many important clients whose names always must remain anonymous to the public. Your boss, Mr. Smith is always concerned about client information being leaked or revealed to the pres or public. You have just finished a complete security overhaul of your information system including an updated IPS, new firewall, email encryption and employee security awareness training. Unfortunately, many of your firm’s clients do not trust technology to completely secure their information, so couriers routinely have to travel back and forth to and from the office with sensitive information. 

Your boss has charged you with figuring out how to secure the information the couriers must transport. You propose that the data be transferred using burned CD’s or USB flash drives. You initially think of encrypting the files, but decide against that method for fear the encryption keys could eventually be broken. 

What software application could you use to hide the data on the CD’s and USB flash drives? 

A. Snow 

B. File Snuff 

C. File Sneaker 


Answer: A

Explanation: The Snow software developed by Matthew Kwan will insert extra spaces at the end of each line. Three bits are encoded in each line by adding between 0 and 7 spaces that are ignored by most display programs including web browsers. 

Q357. Which of the following represent weak password? (Select 2 answers) 

A. Passwords that contain letters, special characters, and numbers Example: ap1$%##f@52 

B. Passwords that contain only numbers Example: 23698217 

C. Passwords that contain only special characters Example: &*#@!(%) 

D. Passwords that contain letters and numbers Example: meerdfget123 

E. Passwords that contain only letters Example: QWERTYKLRTY 

F. Passwords that contain only special characters and numbers Example: 123@$45 

G. Passwords that contain only letters and special characters Example: bob@&ba 

H. Passwords that contain Uppercase/Lowercase from a dictionary list Example: OrAnGe 

Answer: EH

Q358. Once an intruder has gained access to a remote system with a valid username and password, the attacker will attempt to increase his privileges by escalating the used account to one that has increased privileges. such as that of an administrator. What would be the best countermeasure to protect against escalation of priveges? 

A. Give users tokens 

B. Give user the least amount of privileges 

C. Give users two passwords 

D. Give users a strong policy document 


Explanation: With less privileges it is harder to increase the privileges. 

Q359. Windump is a Windows port of the famous TCPDump packet sniffer available on a variety of platforms. In order to use this tool on the Windows Platform you must install a packet capture library. What is the name of this library? 





Answer: D

Explanation: WinPcap is the industry-standard tool for link-layer network access in Windows environments: it allows applications to capture and transmit network packets bypassing the protocol stack, and has additional useful features, including kernel-level packet filtering, a network statistics engine and support for remote packet capture. 

Q360. Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool “SIDExtractor”. Here is the output of the SIDs: 

s-1-5-21-1125394485-807628933-54978560-100Johns s-1-5-21-1125394485-807628933-54978560-652Rebecca s-1-5-21-1125394485-807628933-54978560-412Sheela s-1-5-21-1125394485-807628933-54978560-999Shawn s-1-5-21-1125394485-807628933-54978560-777Somia s-1-5-21-1125394485-807628933-54978560-500chang s-1-5-21-1125394485-807628933-54978560-555Micah 

From the above list identify the user account with System Administrator privileges. 

A. John 

B. Rebecca 

C. Sheela 

D. Shawn 

E. Somia 

F. Chang 

G. Micah 

Answer: F

Explanation: The SID of the built-in administrator will always follow this example: S-1-5-domain-