Password cracking programs reverse the hashing process to recover passwords.(True/False.
Under what conditions does a secondary name server request a zone transfer from a primary name server?
What are the three types of compliance that the Open Source Security Testing Methodology Manual (OSSTMM) recognizes?
A newly discovered flaw in a software application would be considered which kind of security vulnerability?
What results will the following command yielD. 'NMAP -sS -O -p 123-153 192.168.100.3'?
During a penetration test, a tester finds that the web application being analyzed is vulnerable to Cross Site Scripting (XSS). Which of the following conditions must be met to exploit this vulnerability?
Pentest results indicate that voice over IP traffic is traversing a network. Which of the following tools will decode a packet capture and extract the voice conversations?
A penetration tester is hired to do a risk assessment of a company's DMZ. The rules of engagement states that the penetration test be done from an external IP address with no prior knowledge of the internal IT systems. What kind of test is being performed?
What is the main advantage that a network-based IDS/IPS system has over a host-based solution?
Which of the following does proper basic configuration of snort as a network intrusion detection system require?
An organization hires a tester to do a wireless penetration test. Previous reports indicate that the last test did not contain management or control packets in the submitted traces. Which of the following is the most likely reason for lack of management or control packets?
Which statement is TRUE regarding network firewalls preventing Web Application attacks?
Which of the following levels of algorithms does Public Key Infrastructure (PKI) use?
Which property ensures that a hash function will not produce the same hashed value for two different messages?
In the OSI model, where does PPTP encryption take place?
Which set of access control solutions implements two-factor authentication?
What are the three types of authentication?
A recently hired network security associate at a local bank was given the responsibility to perform daily scans of the internal network to look for unauthorized devices. The employee decides to write a script that will scan the network for unauthorized devices every morning at 5:00 am.
Which of the following programming languages would most likely be used?
Which of the following is a primary service of the U.S. Computer Security Incident Response Team (CSIRT)?
Company A and Company B have just merged and each has its own Public Key Infrastructure (PKI). What must the Certificate Authorities (CAs) establish so that the private PKIs for Company A and Company B trust one another and each private PKI can validate digital certificates from the other company?
PDF + Testing Engine
|
---|
$57.75 |
Testing Engine
|
---|
$43.75 |
PDF (Q&A)
|
---|
$36.75 |
ECCouncil Free Exams |
---|
|