A computer technician.is using a new version of a word processing software package when.it is.discovered that a special sequence of characters causes the entire computer to crash..The technician.researches the bug and discovers that no one else experienced the problem..What is the appropriate next step?
A. Ignore the problem completely and let someone else deal with it.
B. Create a document that will crash the computer when opened and send it to friends.
C. Find an underground bulletin board and attempt to sell the bug to the highest bidder.
D. Notify the vendor of the bug and.do not.disclose it until the vendor.gets a chance to issue a fix.
What.is the most secure way to mitigate the theft of corporate information from a laptop.that was left in a hotel room?
A. Set a BIOS password.
B. Encrypt the data on the hard drive.
C. Use a strong logon password to the operating system.
D. Back up everything on the laptop and store the backup in a safe place.
The intrusion detection system at.a software development company.suddenly generates multiple alerts regarding attacks against the company’s external webserver, VPN concentrator, and DNS servers..What should the security team do to determine which alerts to check first?
A. Investigate based on the maintenance schedule of the affected systems.
B. Investigate based on the service level agreements of the systems.
C. Investigate based on the potential effect of the incident.
D. Investigate based on the order that the alerts arrived in.
A corporation hired an ethical hacker to test if it is possible to obtain users’ login credentials using methods other than social engineering. Access to offices and to a network node is granted..Results from server scanning.indicate.all are adequately patched and.physical access is denied, thus, administrators have access only through Remote Desktop. Which technique.could be used to obtain login credentials?
A. Capture every users’ traffic with Ettercap.
B. Capture LANMAN Hashes and crack them with LC6.
C. Guess passwords using Medusa or Hydra against a network service.
D. Capture administrators RDP traffic and decode it with Cain.and Abel.
Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products?
A. Microsoft Security Baseline Analyzer
C. Core Impact
D. Microsoft Baseline Security Analyzer
Which of the statements concerning proxy firewalls is correct?
A. Proxy firewalls increase the speed and functionality of a network.
B. Firewall proxy servers decentralize all activity for an application.
C. Proxy firewalls block network packets from passing to and from a protected network.
D. Computers establish a connection with a proxy firewall which initiates a new network connection for the client.
Which of the following is an example of two factor authentication?
A. PIN Number and Birth Date
B. Username and Password
C. Digital Certificate and Hardware Token
D. Fingerprint and Smartcard ID
A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints out several audits that have been performed. Which of the following is likely to occur as a result?
A. The consultant will ask for money on the bid because of great work.
B. The consultant.may expose vulnerabilities of other companies.
C. The company accepting bids will want the same type of format of testing.
D. The company accepting bids will hire the consultant because of the great work performed.
A penetration tester is conducting a port scan on a specific host. The tester.found several ports opened that were confusing in concluding the Operating System (OS) version installed.
Considering the NMAP result below, which of the following.is likely to be installed on the target machine by the OS?
A. The host is likely a Windows machine.
B. The host is likely a Linux machine.
C. The host is likely a router.
D. The host is likely a printer.
What is the outcome of the commqnc -l -p 2222 | nc 10.1.0.43 1234″?
A. Netcat will listen on the 10.1.0.43 interface for 1234 seconds.on port 2222.
B. Netcat will listen on port 2222 and output anything received to a remote connection on
C. Netcat will listen for a connection from 10.1.0.43 on port 1234 and output anything received to port 2222.
D. Netcat will listen on port 2222 and then output anything received to local interface 10.1.0.43.