Nest 0 Cart
Nest Account
Popular Exams
All Categories...
Nest
Nest 0
Contact
Log In / Sign Up
Copyright 2024 © store. All rights reserved.
Home SANS SEC504

SANS SEC504 Exam Practice Questions (P. 5)

  • Full Access (328 questions)
  • Six months of Premium Access
  • Access to one million comments
  • Seamless ChatGPT Integration
  • Ability to download PDF files
  • Anki Flashcard files for revision
  • No Captcha & No AdSense
  • Advanced Exam Configuration
Get Contributor Access
Question #41
Which of the following statements about a Trojan horse are true?
Each correct answer represents a complete solution. Choose two.
  1. A
    It is a macro or script that attaches itself to a file or template.
  2. B
    The writers of a Trojan horse can use it later to gain unauthorized access to a computer.
  3. C
    It is a malicious software program code that resembles another normal program.
  4. D
    It infects the boot record on hard disks and floppy disks.

Correct Answer:
BC

Question #42
In which of the following attacking methods does an attacker distribute incorrect IP address?
  1. A
    IP spoofing
  2. B
    Mac flooding
  3. C
    DNS poisoning
  4. D
    Man-in-the-middle

Correct Answer:
C

Question #43
Which of the following types of attacks is mounted with the objective of causing a negative impact on the performance of a computer or network?
  1. A
    Vulnerability attack
  2. B
    Man-in-the-middle attack
  3. C
    Denial-of-Service (DoS) attack
  4. D
    Impersonation attack

Correct Answer:
C

Question #44
John works as a professional Ethical Hacker. He has been assigned a project to test the security of www.we-are-secure.com. He performs Web vulnerability scanning on the We-are-secure server. The output of the scanning test is as follows:
C:\whisker.pl -h target_IP_address
--whisker / v1.4.0 / rain forest puppy / www.wiretrip.net -- = - = - = - = - = = Host: target_IP_address
= Server: Apache/1.3.12 (Win32) ApacheJServ/1.1 mod_ssl/2.6.4 OpenSSL/0.9.5a mod_perl/1.22 + 200

OK: HEAD /cgi-bin/printenv -
John recognizes /cgi-bin/printenv vulnerability ('Printenv' vulnerability) in the We_are_secure server. Which of the following statements about 'Printenv' vulnerability are true?
Each correct answer represents a complete solution. Choose all that apply.
  1. A
    This vulnerability helps in a cross site scripting attack.
  2. B
    'Printenv' vulnerability maintains a log file of user activities on the Website, which may be useful for the attacker.
  3. C
    The countermeasure to 'printenv' vulnerability is to remove the CGI script.
  4. D
    With the help of 'printenv' vulnerability, an attacker can input specially crafted links and/or other malicious scripts.

Correct Answer:
ACD

Question #45
Which of the following tools can be used for steganography? Each correct answer represents a complete solution. Choose all that apply.
  1. A
    Image hide
  2. B
    Stegbreak
  3. C
    Snow.exe
  4. D
    Anti-x

Correct Answer:
AC

Question #46
Which of the following tools is an automated tool that is used to implement SQL injections and to retrieve data from Web server databases?
  1. A
    Fragroute
  2. B
    Absinthe
  3. C
    Stick
  4. D
    ADMutate

Correct Answer:
B

Question #47
Which of the following attacks come under the category of layer 2 Denial-of-Service attacks? Each correct answer represents a complete solution. Choose all that apply.
  1. A
    Spoofing attack
  2. B
    SYN flood attack
  3. C
    Password cracking
  4. D
    RF jamming attack

Correct Answer:
AB

Question #48
Which of the following tools can be used to perform brute force attack on a remote database? Each correct answer represents a complete solution. Choose all that apply.
  1. A
    SQLBF
  2. B
    SQLDict
  3. C
    FindSA
  4. D
    nmap

Correct Answer:
ABC

Question #49
Which of the following are the primary goals of the incident handling team?
Each correct answer represents a complete solution. Choose all that apply.
  1. A
    Freeze the scene.
  2. B
    Repair any damage caused by an incident.
  3. C
    Prevent any further damage.
  4. D
    Inform higher authorities.

Correct Answer:
ABC

Question #50
You see the career section of a company's Web site and analyze the job profile requirements. You conclude that the company wants professionals who have a sharp knowledge of Windows server 2003 and Windows active directory installation and placement. Which of the following steps are you using to perform hacking?
  1. A
    Scanning
  2. B
    Covering tracks
  3. C
    Reconnaissance
  4. D
    Gaining access

Correct Answer:
C

Previous Questions Next Questions

All Pages