Smart cards use which protocol to transfer the certificate in a secure manner?
In keeping with the best practices of layered security, where are the best places to place intrusion detection/intrusion prevention systems? (Choose two.)
To send a PGP encrypted message, which piece of information from the recipient must the sender have before encrypting the message?
A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the NMAP result below, which of the following is likely to be installed on the target machine by the OS?
Starting NMAP 5.21 at 2011-03-15 11:06
NMAP scan report for 172.16.40.65
Host is up (1.00s latency).
Not shown: 993 closed ports
PORT STATE SERVICE
21/tcp open ftp
23/tcp open telnet
80/tcp open http
139/tcp open netbios-ssn
515/tcp open
631/tcp open ipp
9100/tcp open
MAC Address: 00:00:48:0D:EE:89
When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy?
Which of the following is a protocol that is prone to a man-in-the-middle (MITM) attack and maps a 32-bit address to a 48-bit address?
Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct bit size of the Diffie-Hellman (DH) group 5?
The use of technologies like IPSec can help guarantee the followinG. authenticity, integrity, confidentiality and
Which results will be returned with the following Google search query?
site:target.com -site:Marketing.target.com accounting
A circuit level gateway works at which of the following layers of the OSI Model?
Which of the following programs is usually targeted at Microsoft Office products?
When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?
What is the main difference between a “Normal” SQL Injection and a “Blind” SQL Injection vulnerability?
An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?
A corporation hired an ethical hacker to test if it is possible to obtain users' login credentials using methods other than social engineering. Access to offices and to a network node is granted. Results from server scanning indicate all are adequately patched and physical access is denied, thus, administrators have access only through Remote Desktop. Which technique could be used to obtain login credentials?
Which type of security document is written with specific step-by-step details?
Which of the following processes of PKI (Public Key Infrastructure) ensures that a trust relationship exists and that a certificate is still valid for specific operations?
When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is
PDF + Testing Engine |
---|
$66 |
Testing Engine |
---|
$50 |
PDF (Q&A) |
---|
$42 |
ECCouncil Free Exams |
---|
|