412-79V10 Online Practice Questions and Answers

How many bits is Source Port Number in TCP Header packet?

A. 48

B. 32

C. 64

D. 16

Which of the following is developed to address security concerns on time and reduce the misuse or threat of attacks in an organization?

A. Vulnerabilities checklists

B. Configuration checklists

C. Action Plan

D. Testing Plan

You have compromised a lower-level administrator account on an Active Directory network of a small

company in Dallas, Texas. You discover Domain Controllers through enumeration. You connect to one of

the Domain Controllers on port 389 using Idp.exe.

What are you trying to accomplish here?

A. Poison the DNS records with false records

B. Enumerate MX and A records from DNS

C. Establish a remote connection to the Domain Controller

D. Enumerate domain user accounts and built-in groups

Identify the correct formula for Return on Investment (ROI).

A. ROI = ((Expected Returns ?Cost of Investment) / Cost of Investment) * 100

B. ROI = (Expected Returns + Cost of Investment) / Cost of Investment

C. ROI = (Expected Returns Cost of Investment) / Cost of Investment

D. ROI = ((Expected Returns + Cost of Investment) / Cost of Investment) * 100

War Driving is the act of moving around a specific area, mapping the population of wireless access points for statistical purposes. These statistics are then used to raise awareness of the security problems associated with these types of networks. Which one of the following is a Linux based program that exploits the weak IV (Initialization Vector) problem documented with static WEP?

A. Airsnort

B. Aircrack

C. WEPCrack

D. Airpwn

ARP spoofing is a technique whereby an attacker sends fake ("spoofed") Address Resolution Protocol (ARP) messages onto a Local Area Network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host (such as the default gateway), causing any traffic meant for that IP address to be sent to the attacker instead.

ARP spoofing attack is used as an opening for other attacks.

What type of attack would you launch after successfully deploying ARP spoofing?

A. Parameter Filtering

B. Social Engineering

C. Input Validation

D. Session Hijacking

What are placeholders (or markers) in an HTML document that the web server will dynamically replace with data just before sending the requested documents to a browser?

A. Server Side Includes

B. Sort Server Includes

C. Server Sort Includes

D. Slide Server Includes

In which of the following IDS evasion techniques does IDS reject the packets that an end system accepts?

A. IPS evasion technique

B. IDS evasion technique

C. UDP evasion technique

D. TTL evasion technique

Identify the person who will lead the penetration-testing project and be the client point of contact.

A. Database Penetration Tester

B. Policy Penetration Tester

C. Chief Penetration Tester

D. Application Penetration Tester

This is a group of people hired to give details of the vulnerabilities present in the system found after a penetration test. They are elite and extremely competent penetration testers and intrusion analysts. This team prepares a report on the vulnerabilities in the system, attack methods, and how to defend against them.

What is this team called?

A. Blue team

B. Tiger team

C. Gorilla team

D. Lion team