good luck on the exam
play

------------ GOOD LUCK ON THE EXAM ----------------- 1) In Buffer - PDF document

Dec 10, 2023 •236 likes •431 views

------------ GOOD LUCK ON THE EXAM ----------------- 1) In Buffer Overflow exploit, which of the following registers gets overwritten with return address of the exploit code? A. EIP B. ESP C. EAP D. EEP Ans: A 2)Which type of scan does not

  1. ------------ GOOD LUCK ON THE EXAM ----------------- 1) In Buffer Overflow exploit, which of the following registers gets overwritten with return address of the exploit code? A. EIP B. ESP C. EAP D. EEP Ans: A 2)Which type of scan does not open a full TCP connection? A. Stealth Scan B. XMAS Scan C. Null Scan D. FIN Scan Ans: A 3)How do you prevent a hacker from launching FIN, NULL, and X- MAS scans on your network? A. Modify the kernel to never send reset packets B. Block TCP/IP packets with FIN flag enabled at the firewall C. Enable IDS signatures to block these scans D. You cannot block a hacker from launching these scans on your network Ans: A 4) Which of the following encryption is not based on block cipher? A. DES B. Blowfish C. AES (Rijndael) D. RC4 Ans: D 5)TCP/IP Session Hijacking is carried out in which OSI layer? A. Transport layer

  2. B. Datalink layer C. Network Layer D. Physical Layer Ans: A 6)What defensive measures will you take to protect your network from password brute forcing attacks? (Select all that apply) A. Never leave a default password. B. Never use a password that can be found in a dictionary. C. Never use a password related to the hostname, domain name, or anything else that can be found with whois. D. Never use a password related to your hobbies, pets, relatives, or date of birth. E. Use a word that has more than 21 characters from a dictionary as the password Ans: A,B,C,D 8)What attacks can you successfully launch against a server using the SYN/ACK technique? A. Session Hijacking attacks B. Denial of Service attacks C. Web page defacement attacks D. IP spoofing attacks Ans: A 9)How do you penetrate high security systems such as banks? A. Try to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or disgruntled employee, and offer them money if they’ll abuse their access privileges by providing you with sensitive information. B. Look for “zero-day” exploits at various underground hacker websites in Russia and China and buy the necessary exploits from these hackers and target the bank’s network.

  3. C. Launch DDOS attacks against Merclyn Barley Bank’s routers and firewall systems using 100,000 or more “zombies” and “bots”. D. Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn Barley Bank’s Webserver to that of your machine using DNS Cache Poisoning techniques Ans: A 11)You can always defend yourself by "ignorance of the law" clause. (True or False) Ans: False 12)You are configuring the security options of your mail server and you would like to block certain file attachments to prevent viruses and malware from entering the users inbox. Which of the following file formats will you block? (Select all that apply) A. .pif B. .scr C. .txt D. .com E. .exe F. .rar G. .vbs H. .hta I. .jpg Ans: A ,B,D,E,G,H 13)This tool floods the switch with bogus MAC addresses A. ./macof B ./sniffof C. ./dsniff D. ./switchsnarf

  4. Ans: A 14)Two types of BO A. Stack based buffer overflow B. Active buffer overflow C. Dynamic buffer overflow D. Heap based buffer overflow Ans: A ,D 16)Fingerprinting an Operating System helps a cracker because: (Select the Best Answer) A. It defines exactly what software you have installed B. It opens a security delayed C. window based on the port being scanned D. It informs the cracker of which vulnerabilities he may be able to exploit on your system E. It doesn't depend on the patches that have been applied to fix existing security holes Ans: D 17)What does the term ''Ethical Hacking'' mean? (Select the Best Answer) A. Someone who is hacking for ethics reasons B. Someone who is using their skills for ethics reasons C. Someone who is using their skills for defensive purposes D. Someone who is using their skills for offensive purposes Ans: C 18)Which of the following best describes Vulnerability? (Select the Best Answer) A. A weakness or error that can lead to a compromise B. An agent that could take advantage of a weakness C. An action or event that might prejudice security D. The loss potential of a threat Ans: A

  5. 20)What sequence of packets is sent during the initial TCP three way handshake? (Select the Best Answer) A. FIN, FINACK, B. ACK C. SYN, URG, ACK D. SYN, ACK, SYNACK E. SYN, SYNACK, Ans: E 21)An attacker has successfully compromised a remote computer. Which of the following comes as one of the last steps that should be taken to ensure that the compromise cannot be traced back to the source of the problem? (Select the Best Answer) A. Install patches B. Setup a backdoor C. Cover your tracks D. Install a zombie for DDOS Ans: C 23)Within the context of Computer Security, which of the following statements describe Social Engineering best? (Select the Best Answer) A. Social Engineering is the act of publicly disclosing information B. Social Engineering is the act of getting needed information from a person rather than breaking into a system C. Social Engineering is the means put in place by human resource to perform time accounting

  6. D. Social Engineering is a training program within sociology studies Ans: B 24)Joel and her team have been going through tons of garbage, recycled paper, and other rubbish in order to find some information about the target they are attempting to penetrate. How would you call this type of activity? (Select the Best Answer) A. CI Gathering B. Scanning C. Dumpster Diving D. Garbage Scooping Ans: C Ans: B 26) What is the essential difference between an 'Ethical Hacker' and a 'Cracker'? A. The ethical hacker does not use the same techniques or skills as a cracker. B. The ethical hacker does it strictly for financial motives unlike a cracker. C. The ethical hacker has authorization from the owner of the target. D. The ethical hacker is just a cracker who is getting paid. Ans: C Section: (none) 27) What does the term "Ethical Hacking" mean? A. Someone who is hacking for ethical reasons. B. Someone who is using his/her skills for ethical reasons. C. Someone who is using his/her skills for defensive purposes. D. Someone who is using his/her skills for offensive purposes. Ans: C

  7. 29) You are foot printing an organization to gather competitive intelligence. You visit the company's website for contact information and telephone numbers but do not find it listed there. You know that they had the entire staff directory listed on their website 12 months ago but not it is not there. How would it be possible for you to retrieve information from the website that is outdated? A. Visit Google’s search engine and view the cached copy. B. Visit Archive.org web site to retrieve the Internet archive of the company's website. C. Crawl the entire website and store them into your computer. D. Visit the company's partners and customers website for this information. Ans: B Section: (none) 31) Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products? A. Covert keylogger B. Stealth keylogger C. Software keylogger D. Hardware keylogger Ans: D 32) A Buffer Overflow attack involves: A. Using a trojan program to direct data traffic to the target host's memory stack B. Flooding the target network buffers with data traffic to reduce the bandwidth available to legitimate users C. Using a dictionary to crack password buffers by guessing user names and passwords

  8. D. Poorly written software that allows an attacker to execute arbitrary code on a target system Ans: D 34) A majority of attacks come from insiders, people who have direct access to a company's computer system as part of their job function or a business relationship. Who is considered an insider? A. The CEO of the company because he has access to all of the computer systems B. A government agency since they know the company computer system strengths and weaknesses C. Disgruntled employee, customers, suppliers, vendors, business partners, contractors, temps, and consultants D. A competitor to the company because they can directly benefit from the publicity generated by making such an atta Ans: C 38) Currently we are using which IP PROTCOL A. IP4 B. IP6 C. IP3 D. IP5 Ans: A 39) For Asia which is the regional Internet registry A. ARIN B) RIPE C) LACNIC D) APNIC Ans D 40 Steganography works on- A. Audio files B. Video files C. Images D. All of the above Ans: D

  9. 41) Software tools that employ steganography to- A. Hides data inside of other files B. Replaces data inside files C. Hides data outside files D. None of the above Ans: A 42) The steganography process generally involves placing a hidden message in some transport medium, called- A. Medium B. Carrier C. Codes D. Semagrams Ans: A 43) What is malicious, surreptitious software that monitors your keystrokes, logging them to a file and keeps sending them off to remote attackers? A. Trojan B. Encoders C. Keylogger D. Virus Ans: C 44) Smtp address for gmail is A. smpt.gmail.com B. smtp.gmail.com C. smtp.google.com D. smtp.gmailcom Ans: B 45) Default port for smtp is A. 525 B. 587

  10. C. 465 D. 25 Ans: D 46) In 2 step verification of gmail the code is send on A. Mobile B. Recovery email id C. Alternate email id D. None of the above Ans: A 47) Facebook uses which method/medium to collect the user data A. Browser B. Cookie injection C. Adsense D. all of the above Ans: C 48) A static ip: A. remains constant throughout B. changes everytime a user logs in again C. both a & b D. can’t say Ans: A 50) 172.33.16.2 is a: A. Private ip B. Public ip C. Can’t say D. It is an invalid address Ans: B

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Lecture 8: Luck. David Aldous February 29, 2016 In the context of everyday minor events just

Lecture 8: Luck. David Aldous February 29, 2016 In the context of everyday minor events just

Lecture 8: Luck. David Aldous February 29, 2016 In the context of everyday minor events just catching or just missing an elevator we talk about good luck or bad luck and everyone understands what we mean. Luck is probability taken

568 views • 28 slides
Exam 1 Review Phys 222 Supplemental Instruction Do you know all the following? Electric

Exam 1 Review Phys 222 Supplemental Instruction Do you know all the following? Electric

Good Luck! Exam 1 Review Phys 222 Supplemental Instruction Do you know all the following? Electric Charge Coulombs law Charged objects behavior Conductors, Insulators, Polarization Electric Charge Interaction

508 views • 33 slides
Recruitment & Executive Search Who is Benedicite? Benedicite is Latin for Good luck,

Recruitment & Executive Search Who is Benedicite? Benedicite is Latin for Good luck,

Recruitment & Executive Search Who is Benedicite? Benedicite is Latin for Good luck, Wish you well, Bless you! Our vision is to find the best and most suitable talent Our team has in-depth Our mission is to be

546 views • 10 slides
This presentation is licensed under the Creative Commons Attribution-ShareAlike (BY-SA) 3.0

This presentation is licensed under the Creative Commons Attribution-ShareAlike (BY-SA) 3.0

This presentation is licensed under the Creative Commons Attribution-ShareAlike (BY-SA) 3.0 license Jared Smith Director of Open Source Outreach Preparation Incubation Illumination Implementation Good luck! Good luck! @jsmith @jsmith

549 views • 33 slides
General Psychology Spring 2013 MIDTERM 2 Exam version: 2013d Instructions: Choose the best

General Psychology Spring 2013 MIDTERM 2 Exam version: 2013d Instructions: Choose the best

General Psychology Spring 2013 MIDTERM 2 Exam version: 2013d Instructions: Choose the best answer to the question and mark it on your Scantron form. Good luck! 1. Your psychology assignment is to observe and list any behaviors of your relatives

259 views • 6 slides
Fall Vegetable Garden A Successful Garden Good Siting Sunlight at least 6 hrs. Good

Fall Vegetable Garden A Successful Garden Good Siting Sunlight at least 6 hrs. Good

Welcome Fall Vegetable Garden A Successful Garden Good Siting Sunlight at least 6 hrs. Good water source Good Soil Good Tools Good, Strong Back Good bit of Patience & Luck Good Soil Good soils are typically soils

938 views • 64 slides
Luck versus Skill. How do we measure them? How should we use them? There is too much luck in this

Luck versus Skill. How do we measure them? How should we use them? There is too much luck in this

Luck versus Skill. How do we measure them? How should we use them? There is too much luck in this game, not enough skill. There is no luck at all in this game, it is entirely skill. Virtually every definition of game will state that indeterminacy

575 views • 44 slides
Quicksort Sorting Lower Bound Exam Exam Exam Exam 2 2 tomorrow evening 2 2 tomorrow

Quicksort Sorting Lower Bound Exam Exam Exam Exam 2 2 tomorrow evening 2 2 tomorrow

5/7/2012 Quicksort Sorting Lower Bound Exam Exam Exam Exam 2 2 tomorrow evening 2 2 tomorrow evening tomorrow evening tomorrow evening Topics were listed in Day 24 slides Some WA9 problems are good reinforcement of exam

362 views • 9 slides
CS 46 S 4633 33 / / CS 5 CS 5623 23 Sim Simulatio ulation Te n Tech chni niques ues

CS 46 S 4633 33 / / CS 5 CS 5623 23 Sim Simulatio ulation Te n Tech chni niques ues

CS 46 S 4633 33 / / CS 5 CS 5623 23 Sim Simulatio ulation Te n Tech chni niques ues Sample Final Name: Score: ./30 This 6-page exam has 6 questions. You have 120 minutes to complete it. Good luck.

101 views • 6 slides
Announcement New exam dates: Graphs Exam 1 Monday, Oct 6 th Exam 2 Monday,

Announcement New exam dates: Graphs Exam 1 Monday, Oct 6 th Exam 2 Monday,

Announcement New exam dates: Graphs Exam 1 Monday, Oct 6 th Exam 2 Monday, Nov 3 rd Terminology & Implementation Announcement Announcement The ACM is looking for a few good Actuallyso is Google programmers

329 views • 6 slides
HINT: Reflowing T EX output T EX and the rest is a mixture of good and bad luck. HINT:

HINT: Reflowing T EX output T EX and the rest is a mixture of good and bad luck. HINT:

Fig. 1: The structure of T EX Fig. 2: The structure of HiT EX Fig. 3: The structure of HINT HINT: Reflowing T EX output T EX and the rest is a mixture of good and bad luck. HINT: Reflowing T EX output So let me start explaining the

475 views • 8 slides
Interaction among agents that plan Felipe Meneguzzi felipe.meneguzzi@kcl.ac.uk Michael Luck

Interaction among agents that plan Felipe Meneguzzi felipe.meneguzzi@kcl.ac.uk Michael Luck

Interaction among agents that plan Felipe Meneguzzi felipe.meneguzzi@kcl.ac.uk Michael Luck michael.luck@kcl.ac.uk 1 Department of Computer Science Kings College London From Agent Theory to Agent Implementation AAMAS 2008 Estoril,

320 views • 11 slides
Announcement Final exam C++: Memory Problems Tuesday, May 20 th 2:45 4:45pm

Announcement Final exam C++: Memory Problems Tuesday, May 20 th 2:45 4:45pm

Announcement Final exam C++: Memory Problems Tuesday, May 20 th 2:45 4:45pm Rm 70-1620 or When Good Memory Goes Bad Announcement Announcement Speaking of exams First exam First exam Types of questions

412 views • 7 slides
Exam Review 2 Exam Overview Final Exam Friday,

Exam Review 2 Exam Overview Final Exam Friday,

Computer Systems and Networks ECPE 170 Jeff Shafer University of the Pacific Exam Review 2 Exam Overview Final Exam Friday,

963 views • 64 slides
AP EXAM E V E R Y T H I N G Y O U N E E D T O K N O W A B O U T T H E WH A T WE ' LL COVER TOD A Y

AP EXAM E V E R Y T H I N G Y O U N E E D T O K N O W A B O U T T H E WH A T WE ' LL COVER TOD A Y

AP EXAM E V E R Y T H I N G Y O U N E E D T O K N O W A B O U T T H E WH A T WE ' LL COVER TOD A Y AP Exam Basics AP Bulletin Accommodations Requests Changes to 2019-20 AP Exam Registration A P EX A M B A SICS Exams determine level of

372 views • 26 slides
Milenko Fadic June 9th, 2018 Letting Luck Decide: Government Procurement and the Growth Milenko

Milenko Fadic June 9th, 2018 Letting Luck Decide: Government Procurement and the Growth Milenko

Introduction Literature Background Identification Data Empirical strategy Results Letting Luck Decide: Government Procurement and the Growth of Small Firms Milenko Fadic June 9th, 2018 Letting Luck Decide: Government Procurement and the

356 views • 23 slides
Computational Homology in Topological Dynamics ACAT School, Bologna, Italy MAY 26, 2012 Marian

Computational Homology in Topological Dynamics ACAT School, Bologna, Italy MAY 26, 2012 Marian

1 Computational Homology in Topological Dynamics ACAT School, Bologna, Italy MAY 26, 2012 Marian Mrozek Jagiellonian University, Krak ow Outline 2 Dynamical systems Rigorous numerics of dynamical systems Homological invariants of

1.54k views • 122 slides
Brownian Motion and Thermal Capacity Yimin Xiao Michigan State University (Based on joint paper

Brownian Motion and Thermal Capacity Yimin Xiao Michigan State University (Based on joint paper

Brownian Motion and Thermal Capacity Yimin Xiao Michigan State University (Based on joint paper with Davar Khoshnevisan) December 14, 2012 Yimin Xiao (Michigan State University) Brownian Motion and Thermal Capacity December 14, 2012 1 / 22

598 views • 28 slides
Validated Explicit and Implicit Runge-Kutta Methods Alexandre Chapoutot joint work with Julien

Validated Explicit and Implicit Runge-Kutta Methods Alexandre Chapoutot joint work with Julien

Validated Explicit and Implicit Runge-Kutta Methods Alexandre Chapoutot joint work with Julien Alexandre dit Sandretto and Olivier Mullier U2IS, ENSTA ParisTech 8th Small Workshop on Interval Methods, Praha June 11, 2015 I nitial V alue P

884 views • 30 slides
Rigorous Function Calculi Pieter Collins Department of Data Science and Knowledge Engineering

Rigorous Function Calculi Pieter Collins Department of Data Science and Knowledge Engineering

Rigorous Function Calculi Pieter Collins Department of Data Science and Knowledge Engineering Maastricht University pieter.collins@maastrichtuniversity.nl Continuity, Computability, Constructivity Nancy, 26-30 June 2017 CCC 2017, Nancy

605 views • 34 slides
Developing 3- -D Imaging D Imaging Developing 3 Sensors Sensors Problems and Technologies

Developing 3- -D Imaging D Imaging Developing 3 Sensors Sensors Problems and Technologies

Developing 3- -D Imaging D Imaging Developing 3 Sensors Sensors Problems and Technologies Problems and Technologies Silvano Donati Donati Silvano Department of Electronics, University of Pavia, Italy web: http://www-3.unipv.it/donati

628 views • 34 slides
5/25/2017 The Double-Edged Sword of Immunostains The Double-Edged Sword of Immunostains in

5/25/2017 The Double-Edged Sword of Immunostains The Double-Edged Sword of Immunostains in

5/25/2017 The Double-Edged Sword of Immunostains The Double-Edged Sword of Immunostains in Diagnosis of Breast Pathology in Diagnostic Breast Pathology Diagnostic Help Yunn-Yi Chen, MD, PhD Professor Director of Immunohistochemistry

631 views • 24 slides
Fight against Occupational Cancer Conference - Workshop 1 - Risk-based approaches as a basis for

Fight against Occupational Cancer Conference - Workshop 1 - Risk-based approaches as a basis for

Fight against Occupational Cancer Conference - Workshop 1 - Risk-based approaches as a basis for transparency and socially accepted measures for activities with carcinogenic substances Rdiger Pipke Federal Institute for Occupational Safety

234 views • 5 slides
Ian Paterson, Mazankowski Alberta Heart Institute Division of Cardiology, University of Alberta

Ian Paterson, Mazankowski Alberta Heart Institute Division of Cardiology, University of Alberta

Ian Paterson, Mazankowski Alberta Heart Institute Division of Cardiology, University of Alberta Peer Reviewed Funding: CIHR, ACF , AI-HS Industry: Servier Canada Inc, RocheCanada Inc. What is your approach to the cardio-oncology patient? a)

823 views • 37 slides

More recommend