SEC504 Online Practice Questions and Answers

Which of the following is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems, and fax machines?

A. Demon dialing

B. Warkitting

C. War driving

D. Wardialing

You want to scan your network quickly to detect live hosts by using ICMP ECHO Requests. What type of scanning will you perform to accomplish the task?

A. Idle scan

B. TCP SYN scan

C. XMAS scan

D. Ping sweep scan

Which of the following tools can be used for steganography? Each correct answer represents a complete solution. Choose all that apply.

A. Image hide

B. Stegbreak

C. Snow.exe

D. Anti-x

Which of the following applications is an example of a data-sending Trojan?

A. SubSeven

B. Senna Spy Generator

C. Firekiller 2000

D. eBlaster

Which of the following is a reason to implement security logging on a DNS server?

A. For preventing malware attacks on a DNS server

B. For measuring a DNS server's performance

C. For monitoring unauthorized zone transfer

D. For recording the number of queries resolved

Which of the following functions can be used as a countermeasure to a Shell Injection attack? Each correct answer represents a complete solution. Choose all that apply.

A. escapeshellarg()

B. mysql_real_escape_string()

C. regenerateid()

D. escapeshellcmd()

Which of the following DoS attacks affects mostly Windows computers by sending corrupt UDP packets?

A. Fraggle

B. Ping flood

C. Bonk

D. Smurf

In which of the following attacking methods does an attacker distribute incorrect IP address?

A. IP spoofing

B. Mac flooding

C. DNS poisoning

D. Man-in-the-middle

You are hired as a Database Administrator for Jennifer Shopping Cart Inc. You monitor the server health through the System Monitor and found that there is a sudden increase in the number of logins.

Which of the following types of attack has occurred?

A. Injection

B. Virus

C. Worm

D. Denial-of-service

Adam, a malicious hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct Man-in-The-Middle attack.

Which of the following is the destination MAC address of a broadcast frame?

A. 0xDDDDDDDDD

B. 0x00000000000

C. 0xFFFFFFFFFFFF

D. 0xAAAAAAAAAA

Which of the following terms describes an attempt to transfer DNS zone data?

A. Reconnaissance

B. Encapsulation

C. Dumpster diving

D. Spam

Which of the following types of malware does not replicate itself but can spread only when the circumstances are beneficial?

A. Mass mailer

B. Worm

C. Blended threat

D. Trojan horse

In which of the following steps of the incident handling processes does the Incident Handler make sure that all business processes and functions are back to normal and then also wants to monitor the system or processes to ensure that the system is not compromised again?

A. Eradication

B. Lesson Learned

C. Recovery

D. Containment

Which of the following is used to determine the range of IP addresses that are mapped to a live hosts?

A. Port sweep

B. Ping sweep

C. IP sweep

D. Telnet sweep

Which of the following are based on malicious code? Each correct answer represents a complete solution. Choose two.

A. Denial-of-Service (DoS)

B. Biometrics

C. Trojan horse

D. Worm