A security engineer is attempting to map a companyos internal network. The engineer enters in the following NMAP commanD.
NMAP Ƀn ɃsS ɃP0 Ƀp 80 ***.***.**.**
What type of scan is this?
A. Quick scan
B. Intense scan
C. Stealth scan
D. Comprehensive scan
Which of the following is a hashing algorithm?
Which of the following identifies the three modes in which.Snort can be configured to run?
A. Sniffer,Packet Logger,and Network Intrusion Detection System
B. Sniffer,Network Intrusion Detection System,and Host Intrusion Detection System
C. Sniffer,Host Intrusion Prevention System,and Network Intrusion Prevention System
D. Sniffer,Packet Logger,and Host Intrusion Prevention System
Which of the following is a common Service Oriented Architecture (SOA) vulnerability?
A. Cross-site scripting
B. SQL injection
C. VPath injection
D. XML denial of service issues
A company has.five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and
192.168.5.0. How can.NMAP be used.to scan these adjacent Class C networks?
A. NMAP.-P 192.168.1-5.
B. NMAP.-P 192.168.0.0/16
C. NMAP.-P 192.168.1.0,2.0,3.0,4.0,5.0
D. NMAP.-P 192.168.1/17
Which vital role does the U.S. Computer Security Incident Response Team (CSIRT) provide?
A. Incident response services to any user,company,government agency,or organization in partnership with the Department of Homeland Security
B. Maintenance of the nationos Internet infrastructure,builds out new Internet infrastructure,and decommissions old Internet infrastructure
C. Registration of critical penetration testing for the Department of Homeland Security and public and private sectors
D. Measurement of key vulnerability assessments on behalf of the Department of Defense (DOD) and State Department,as well as private sectors
When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user security training would be beneficial?
A. Vulnerability scanning
B. Social engineering
C. Application security testing
D. Network sniffing
What is the broadcast address for the subnet 18.104.22.168/22?
Which of the following are valid types of rootkits? (Choose three.)
A. Hypervisor level
B. Network level
C. Kernel level
D. Application level
E. Physical level
F. Data access level
John the Ripper is a technical assessment tool used to test the weakness of which of the following?
B. File permissions
C. Firewall rulesets