Q121. After an attacker has successfully compromised a remote computer, what would be one of the last steps that would be taken to ensure that the compromise is not traced back to the source of the problem? 

A. Install pactehs 

B. Setup a backdoor 

C. Cover your tracks 

D. Install a zombie for DDOS 

Answer:

Explanation: As a hacker you don’t want to leave any traces that could lead back to you. 


Q122. Ethernet switches can be adversely affected by rapidly bombarding them with spoofed ARP responses. He port to MAC Address table (CAM Table) overflows on the switch and rather than failing completely, moves into broadcast mode, then the hacker can sniff all of the packets on the network. 

Which of the following tool achieves this? 

A. ./macof 

B. ./sniffof 

C. ./dnsiff 

D. ./switchsnarf 

Answer: A

Explanation: macof floods the local network with random MAC addresses (causing some switches to fail open in repeating mode, facilitating sniffing). 


Q123. Oregon Corp is fighting a litigation suit with Scamster Inc. Oregon has assigned a private investigative agency to go through garbage, recycled paper, and other rubbish at Scamster's office site in order to find relevant information. What would you call this kind of activity? 

A. Garbage Scooping 

B. Dumpster Diving 

C. Scanning 

D. CI Gathering 

Answer: B

Explanation: Dumpster diving is the colloquial name for going through somebody's garbage --which will usually be in dumpsters for large organizations. This is a powerful tactic because it is protected by social taboos. Trash is bad, and once it goes into the trash, something is best forgotten. The reality is that most company trash is fairly clean, and provides a gold mine of information. 


Q124. DRAG DROP 

Drag the term to match with it’s description 

Exhibit: 

Answer: 


Q125. This IDS defeating technique works by splitting a datagram (or packet) into multiple fragments and the IDS will not spot the true nature of the fully assembled datagram. The datagram is not reassembled until it reaches its final destination. It would be a processor-intensive tasks for an IDS to reassemble all fragments itself and on a busy system the packet will slip through the IDS onto the network. 

What is this technique called? 

A. IP Fragmentation or Session Splicing 

B. IP Routing or Packet Dropping 

C. IDS Spoofing or Session Assembly 

D. IP Splicing or Packet Reassembly 

Answer: A

Explanation: The basic premise behind session splicing, or IP Fragmentation, is to deliver the payload over multiple packets thus defeating simple pattern matching without session reconstruction. This payload can be delivered in many different manners and even spread out over a long period of time. Currently, Whisker and Nessus have session splicing capabilities, and other tools exist in the wild. 


Q126. If you send a SYN to an open port, what is the correct response?(Choose all correct answers. 

A. SYN 

B. ACK 

C. FIN 

D. PSH 

Answer: AB

Explanation: The proper response is a SYN / ACK. This technique is also known as half-open scanning. 


Q127. This method is used to determine the Operating system and version running on a remote target system. What is it called? 

A. Service Degradation 

B. OS Fingerprinting 

C. Manual Target System 

D. Identification Scanning 

Answer: B


Q128. Data is sent over the network as clear text (unencrypted) when Basic Authentication is configured on Web Servers. 

A. True 

B. False 

Answer: A

Explanation: Using HTTP basic authentication will result in your password being sent over the internet as clear text. Don't use this technique unless you understand what the ramifications of this are. 


Q129. How would you describe a simple yet very effective mechanism for sending and receiving unauthorized information or data between machines without alerting any firewalls and IDS's on a network? 

A. Covert Channel 

B. Crafted Channel 

C. Bounce Channel 

D. Deceptive Channel 

Answer:

Explanation: A covert channel is described as: "any communication channel that can be exploited by a process to transfer information in a manner that violates the systems security policy." 

Essentially, it is a method of communication that is not part of an actual computer system design, but can be used to transfer information to users or system processes that normally would not be allowed access to the information. 


Q130. What is Cygwin? 

A. Cygwin is a free C++ compiler that runs on Windows 

B. Cygwin is a free Unix subsystem that runs on top of Windows 

C. Cygwin is a free Windows subsystem that runs on top of Linux 

D. Cygwin is a X Windows GUI subsytem that runs on top of Linux GNOME environment 

Answer:

Explanation: Cygwin is a Linux-like environment for Windows. It consists of two parts: 

A DLL (cygwin1.dll) which acts as a Linux API emulation layer providing substantial Linux API functionality. 

A collection of tools which provide Linux look and feel. 

The Cygwin DLL works with all non-beta, non "release candidate", ix86 32 bit versions of Windows since Windows 95, with the exception of Windows CE.