John used to work as a Network Administrator for We-are-secure Inc. Now he has resigned from the company for personal reasons. He wants to send out some secret information of the company. To do so, he takes an image file and simply uses a tool image hide and embeds the secret file within an image file of the famous actress, Jennifer Lopez, and sends it to his Yahoo mail id. Since he is using the image file to send the data, the mail server of his company is unable to filter this mail. Which of the following techniques is he performing to accomplish his task?
Alice wants to prove her identity to Bob. Bob requests her password as proof of identity, which Alice dutifully provides (possibly after some transformation like a hash function); meanwhile, Eve is eavesdropping the conversation and keeps the password. After the interchange is over, Eve connects to Bob posing as Alice; when asked for a proof of identity, Eve sends Alice's password read from the last session, which Bob accepts. Which of the following attacks is being used by Eve?
Which of the following is the most common vulnerability that can affect desktop applications written in native code?
John works as a C programmer. He develops the following C program:
#include
#include
#include
int buffer(char *str) {
char buffer1[10];
strcpy(buffer1, str);
return 1;
}
int main(int argc, char *argv[]) {
buffer (argv[1]);
printf("Executed\n");
return 1;
}
His program is vulnerable to a __________ attack.
You discover that all available network bandwidth is being used by some unknown service. You discover that UDP packets are being used to connect the echo service on one machine to the chargen service on another machine. What kind of attack is this?
Which of the following IP packet elements is responsible for authentication while using IPSec?
Which of the following are the limitations for the cross site request forgery (CSRF) attack?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following tools can be used for network sniffing as well as for intercepting conversations through session hijacking?
Which of the following statements about smurf is true?
You want to use PGP files for steganography. Which of the following tools will you use to accomplish the task?
Which of the following steps of incident response is steady in nature?
Which of the following types of scan does not open a full TCP connection?
Which of the following scanning tools is also a network analysis tool that sends packets with nontraditional IP stack parameters and allows the scanner to gather information from the response packets generated?
Brutus is a password cracking tool that can be used to crack the following authentications:
l HTTP (Basic Authentication)
l HTTP (HTML Form/CGI)
l POP3 (Post Office Protocol v3)
l FTP (File Transfer Protocol)
l SMB (Server Message Block)
l Telnet
Which of the following attacks can be performed by Brutus for password cracking?
Each correct answer represents a complete solution. Choose all that apply.
Maria works as a professional Ethical Hacker. She has been assigned the project of testing the security of She is using dumpster diving to gather information about Gentech Inc.
In which of the following steps of malicious hacking does dumpster diving come under?
You are concerned about rootkits on your network communicating with attackers outside your network. Without using an IDS how can you detect this sort of activity?
Which of the following are based on malicious code?
Each correct answer represents a complete solution. Choose two.
Which of the following keyloggers cannot be detected by anti-virus or anti-spyware products?
Which of the following statements is true about the difference between worms and Trojan horses?
Adam, a malicious hacker purposely sends fragmented ICMP packets to a remote target. The total size of this ICMP packet once reconstructed is over 65,536 bytes. On the basis of above information, which of the following types of attack is Adam attempting to perform?
Which of the following systems is used in the United States to coordinate emergency preparedness and incident management among various federal, state, and local agencies?
You send SYN packets with the exact TTL of the target system starting at port 1 and going up to port 1024 using hping2 utility. This attack is known as __________.
Which of the following rootkits patches, hooks, or replaces system calls with versions that hide information about the attacker?
Which of the following statements are true about Dsniff?
Each correct answer represents a complete solution. Choose two.
Victor works as a professional Ethical Hacker for SecureEnet Inc. He wants to scan the wireless network of the company. He uses a tool that is a free open-source utility for network exploration. The tool uses raw IP packets to determine the following:
What ports are open on our network systems.
What hosts are available on the network.
Identify unauthorized wireless access points.
What services (application name and version) those hosts are offering.
What operating systems (and OS versions) they are running.
What type of packet filters/firewalls are in use.
Which of the following tools is Victor using?
Adam is a novice Web user. He chooses a 22 letters long word from the dictionary as his password.
How long will it take to crack the password by an attacker?
Which of the following tools is used to attack the Digital Watermarking?
Mark works as a Network Administrator for NetTech Inc. The network has 150 Windows 2000 Professional client computers and four Windows 2000 servers. All the client computers are able to connect to the Internet. Mark is concerned about malware infecting the client computers through the Internet. What will Mark do to protect the client computers from malware?
Each correct answer represents a complete solution. Choose two.
Which of the following types of malware does not replicate itself but can spread only when the circumstances are beneficial?
Which of the following tools will you use to prevent from session hijacking?
Each correct answer represents a complete solution. Choose all that apply.
You work as an Incident handling manager for a company. The public relations process of the company includes an event that responds to the e-mails queries. But since few days, it is identified that this process is providing a way to spammers to perform different types of e-mail attacks. Which of the following phases of the Incident handling process will now be involved in resolving this process and find a solution?
Each correct answer represents a part of the solution. Choose all that apply.
Firekiller 2000 is an example of a __________.
Which of the following is a version of netcat with integrated transport encryption capabilities?
Rick works as a Computer Forensic Investigator for BlueWells Inc. He has been informed that some confidential information is being leaked out by an employee of the company. Rick suspects that someone is sending the information through email. He checks the emails sent by some employees to other networks. Rick finds out that Sam, an employee of the Sales department, is continuously sending text files that contain special symbols, graphics, and signs. Rick suspects that Sam is using the Steganography technique to send data in a disguised form. Which of the following techniques is Sam using?
Each correct answer represents a part of the solution. Choose all that apply.
Which of the following malicious software travels across computer networks without the assistance of a user?
Which of the following tools can be used to detect the steganography?
In which of the following scanning methods do Windows operating systems send only RST packets irrespective of whether the port is open or closed?
Which of the following statements are true about tcp wrappers?
Each correct answer represents a complete solution. Choose all that apply.
Adam, a malicious hacker is running a scan. Statistics of the scan is as follows:
Scan directed at open port: ClientServer
192.5.2.92:4079 ---------FIN--------->192.5.2.110:23192.5.2.92:4079 <----NO RESPONSE---
---192.5.2.110:23
Scan directed at closed port:
ClientServer
192.5.2.92:4079 ---------FIN--------->192.5.2.110:23
192.5.2.92:4079<-----RST/ACK----------192.5.2.110:23
Which of the following types of port scan is Adam running?
Adam works as an Incident Handler for Umbrella Inc. His recent actions towards the incident are not up to the standard norms of the company. He always forgets some steps and procedures while handling responses as they are very hectic to perform.
Which of the following steps should Adam take to overcome this problem with the least administrative effort?
Fill in the blank with the appropriate word.
StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use ______ defense against buffer overflow attacks.
Which of the following attacks is specially used for cracking a password?
Which of the following statements are true about netcat?
Each correct answer represents a complete solution. Choose all that apply.
Which of the following types of attack can guess a hashed password?
Which of the following is a network worm that exploits the RPC sub-system vulnerability present in the Microsoft Windows operating system?
Who are the primary victims of smurf attacks on the contemporary Internet system?
Which of the following tools is an automated tool that is used to implement SQL injections and to retrieve data from Web server databases?
In which of the following DoS attacks does an attacker send an ICMP packet larger than 65,536 bytes to the target system?
Which of the following statements are true about firewalking?
Each correct answer represents a complete solution. Choose all that apply.