NO.105 In many states sending spam is illegal. Thus, the spammers have techniques to try and ensure that no one knows they sent the spam out to thousands of users at a time. Which of the following best describes what spammers use to hide the origin of these types of e-mails?

NO.106 A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.
Based on this information, what should be one of your key recommendations to the bank?

NO.107 Which of the following is a serious vulnerability in the popular OpenSSL cryptographic software library?
This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS
encryption used to secure the Internet.

NO.108 Which of these is capable of searching for and locating rogue access points?

NO.109 A large mobile telephony and data network operator has a data center that houses network elements.
These are essentially large computers running on Linux. The perimeter of the data center is secured with
firewalls and IPS systems.
What is the best security policy concerning this setup?

NO.110 First thing you do every office day is to check your email inbox. One morning, you received an email from your best friend and the subject line is quite strange. What should you do?

NO.111 While doing a Black box pen test via the TCP port (80), you noticed that the traffic gets blocked when you tried to pass IRC traffic from a web enabled host. However, you also noticed that outbound HTTP traffic is being allowed. What type of firewall is being utilized for the outbound traffic?

NO.112 DNS cache snooping is a process of determining if the specified resource address is present in the DNS cache records. It may be useful during the examination of the network to determine what software update resources are used, thus discovering what software is installed.
What command is used to determine if the entry is present in DNS cache?

NO.113 You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles.
You know that conventional hacking doesn’t work in this case, because organizations such as banks are generally tight and secure when it comes to protecting their systems.
In other words, you are trying to penetrate an otherwise impenetrable system.
How would you proceed?

NO.114 Shellshock had the potential for an unauthorized user to gain access to a server. It affected many internet-facing services, which OS did it not directly affect?

NO.115 Which of the following is a hashing algorithm?

NO.116 This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data.

What is this attack?

NO.117 Windows file servers commonly hold sensitive files, databases, passwords and more.
Which of the following choices would be a common vulnerability that usually exposes them?

NO.118 Which of the following types of firewalls ensures that the packets are part of the established session?

NO.119 A regional bank hires your company to perform a security assessment on their network after a recent data
breach. The attacker was able to steal financial data from the bank by compromising only a single server.
Based on this information, what should be one of your key recommendations to the bank?

NO.120 This international organization regulates billions of transactions daily and provides security guidelines to protect personally identifiable information (PII). These security controls provide a baseline and prevent low-level hackers sometimes known as script kiddies from causing a data breach.
Which of the following organizations is being described?

NO.121 A company firewall engineer has configured a new DMZ to allow public systems to be located away from the internal network. The engineer has three security zones set:

The engineer wants to configure remote desktop access from a fixed IP on the remote network to a remote desktop server in the DMZ. Which rule would best fit this requirement?

NO.122 You are performing information gathering for an important penetration test. You have found pdf, doc, and
images in your objective. You decide to extract metadata from these files and analyze it. What tool will help
you with the task?

NO.123 An attacker changes the profile information of a particular user (victim) on the target website. The attacker
uses this string to update the victim’s profile to a text file and then submit the data to the attacker’s
database.
<iframe src=””http://www.vulnweb.com/updateif.php”” style=””display:none””></iframe>
What is this type of attack (that can use either HTTP GET or HTTP POST) called?

NO.124 What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

NO.125 What is the correct PCAP filter to capture all TCP traffic going to or from host 192.168.0.125 on port 25?

NO.126 A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing in concluding the Operating System (OS) version installed. Considering the NMAP result below, which of the following is likely to be installed on the target machine by the OS?

NO.127 A medium-sized healthcare IT business decides to implement a risk management strategy. Which of the following is NOT one of the five basic responses to risk?

NO.128 An LDAP directory can be used to store information similar to a SQL database. LDAP uses a ____ database structure instead of SQL’s ______ structure. Because of this, LDAP has difficulty representing many-to-one relationships.

NO.129 (Note: the student is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP connection concepts and the ability to read packet signatures from a sniff dump.). Snort has been used to capture packets on the network. On studying the packets, the penetration tester finds it to be abnormal. If you were the penetration tester, why would you find this abnormal?
What is odd about this attack? Choose the best answer.