SANS SEC504 Exam Practice Questions (P. 2)

Adam, a malicious hacker is running a scan. Statistics of the scan is as follows:
Scan directed at open port: ClientServer
192.5.2.92:4079 ---------FIN--------->192.5.2.110:23192.5.2.92:4079
<----NO RESPONSE------192.5.2.110:23
Scan directed at closed port:

Client Server -
192.5.2.92:4079 ---------FIN--------->192.5.2.110:23
192.5.2.92:4079<-----RST/ACK----------192.5.2.110:23
Which of the following types of port scan is Adam running?

Who are the primary victims of smurf attacks on the contemporary Internet system?

You have inserted a Trojan on your friend's computer and you want to put it in the startup so that whenever the computer reboots the Trojan will start to run on the startup. Which of the following registry entries will you edit to accomplish the task?

John, a part-time hacker, has accessed in unauthorized way to the www.yourbank.com banking Website and stolen the bank account information of its users and their credit card numbers by using the SQL injection attack. Now, John wants to sell this information to malicious person Mark and make a deal to get a good amount of money. Since, he does not want to send the hacked information in the clear text format to Mark; he decides to send information in hidden text. For this, he takes a steganography tool and hides the information in ASCII text by appending whitespace to the end of lines and encrypts the hidden information by using the IDEA encryption algorithm. Which of the following tools is John using for steganography?

Adam works as a Senior Programmer for Umbrella Inc. A project has been assigned to him to write a short program to gather user input for a Web application. He wants to keep his program neat and simple. His chooses to use printf(str) where he should have ideally used printf("%s", str). What attack will his program expose the Web application to?

You run the following bash script in Linux:
for i in 'cat hostlist.txt' ;do
nc -q 2 -v $i 80 < request.txt done
Where, hostlist.txt file contains the list of IP addresses and request.txt is the output file. Which of the following tasks do you want to perform by running this script?

Which of the following characters will you use to check whether an application is vulnerable to an SQL injection attack?

Adam has installed and configured his wireless network. He has enabled numerous security features such as changing the default SSID, enabling WPA encryption, and enabling MAC filtering on his wireless router. Adam notices that when he uses his wireless connection, the speed is sometimes 16 Mbps and sometimes it is only 8 Mbps or less. Adam connects to the management utility wireless router and finds out that a machine with an unfamiliar name is connected through his wireless connection. Paul checks the router's logs and notices that the unfamiliar machine has the same MAC address as his laptop. Which of the following attacks has been occurred on the wireless network of Adam?

Which of the following tools can be used to detect the steganography?

Which of the following statements are true about session hijacking?
Each correct answer represents a complete solution. Choose all that apply.