McAfee Certified Assessment Specialist Network

Similar documents
Exam4Free. Free valid exam questions and answers for certification exam prep

Exam Questions MA0-150

Penetration Testing with Kali Linux

Hackveda Training - Ethical Hacking, Networking & Security

Module 1: Penetration Testing Planning and Scoping. Module 2: Basic Usage of Linux and its services

Cyber Security & Ethical Hacking Training. Introduction to Cyber Security Introduction to Cyber Security. Linux Operating System and Networking: LINUX

Curso: Ethical Hacking and Countermeasures

CHCSS. Certified Hands-on Cyber Security Specialist (510)

Computer Forensics: Investigating Network Intrusions and Cyber Crime, 2nd Edition. Chapter 3 Investigating Web Attacks

Ethical Hacker Foundation and Security Analysts Course Semester 2

Certified Secure Web Application Engineer

CSWAE Certified Secure Web Application Engineer

Question No: 2 Which identifier is used to describe the application or process that submitted a log message?

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Audience. Pre-Requisites

ECCouncil Exam v9 Certified Ethical Hacker Exam V9 Version: 7.0 [ Total Questions: 125 ]

دوره تست نفوذ. Ver.1.2 شما میتوانید آنلاین در این دوره ثبت نام بلافاصله از آن استفاده کنید. Information Gathering. Bash scripting

Solutions Business Manager Web Application Security Assessment

Advanced Diploma on Information Security

Five Nightmares for a Telecom

Understanding Cisco Cybersecurity Fundamentals

ECCouncil Certified Ethical Hacker. Download Full Version :

TexSaw Penetration Te st in g

SINGLE COURSE. NH9000 Certified Ethical Hacker 104 Total Hours. COURSE TITLE: Certified Ethical Hacker

Ethical Hacking and Prevention

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Syllabus: The syllabus is broadly structured as follows:

Foreword by Katie Moussouris... Acknowledgments... xvii. Introduction...xix. Chapter 1: The Basics of Networking... 1

ETHICAL HACKING & COMPUTER FORENSIC SECURITY

Attacks Against Websites 3 The OWASP Top 10. Tom Chothia Computer Security, Lecture 14

CNIT 129S: Securing Web Applications. Ch 4: Mapping the Application

CIS 700/002 : Special Topics : OWASP ZED (ZAP)

FRONT RUNNER DIPLOMA PROGRAM Version 8.0 INFORMATION SECURITY Detailed Course Curriculum Course Duration: 6 months

Hacking Our Way to Better Security: Lessons from a Web Application Penetration Test. Tyler Rasmussen Mercer Engineer Research Center


BraindumpsIT. BraindumpsIT - IT Certification Company provides Braindumps pdf!

CompTIA. PT0-001 EXAM CompTIA PenTest+ Certification Exam Product: Demo. m/

Web Application & Web Server Vulnerabilities Assessment Pankaj Sharma

CompTIA Security+(2008 Edition) Exam

Strategic Infrastructure Security

Cyber Common Technical Core (CCTC) Advance Sheet Windows Operating Systems

0Activity Answers. Table A1-1: Operating system elements and security mechanisms. The Security Accounts Manager (SAM)

CISSP CEH PKI SECURITY + CEHv9: Certified Ethical Hacker. Upcoming Dates. Course Description. Course Outline

Your Turn to Hack the OWASP Top 10!

Lecture Overview. INF5290 Ethical Hacking. Lecture 4: Get in touch with services. Where are we in the process of ethical hacking?

INF5290 Ethical Hacking. Lecture 4: Get in touch with services. Universitetet i Oslo Laszlo Erdödi

Security in Bomgar Remote Support

EXAM - CAS-002. CompTIA Advanced Security Practitioner (CASP) Exam. Buy Full Product.

Authentication System

Certified Vulnerability Assessor

Why bother? Causes of data breaches OWASP. Top ten attacks. Now what? Do it yourself Questions?

Advanced Ethical Hacking & Penetration Testing. Ethical Hacking

Principles of ICT Systems and Data Security

CPTE: Certified Penetration Testing Engineer

CEH Tools. Sniffers. - Wireshark: The most popular packet sniffer with cross platform support.

Secure Programming Techniques

Chapter 5 Live Data Collection Windows Systems

Kishin Fatnani. Founder & Director K-Secure. Workshop : Application Security: Latest Trends by Cert-In, 30 th Jan, 2009

3. Apache Server Vulnerability Identification and Analysis

SonicWALL Addendum. A Supplement to the SonicWALL Internet Security Appliance User's Guide

Certified Ethical Hacker (CEH)

Introduction to Ethical Hacking

CONTENTS IN DETAIL. FOREWORD by HD Moore ACKNOWLEDGMENTS INTRODUCTION 1 THE ABSOLUTE BASICS OF PENETRATION TESTING 1 2 METASPLOIT BASICS 7

BraindumpsVCE. Best vce braindumps-exam vce pdf free download

n Describe the CEH hacking methodology and system hacking steps n Describe methods used to gain access to systems

Exam Questions CEH-001

SSH. Partly a tool, partly an application Features:

Implementing Cisco Cybersecurity Operations

IT Exam Training online / Bootcamp

Sample Exam Ethical Hacking Foundation

Exam : JK Title : CompTIA E2C Security+ (2008 Edition) Exam. Version : Demo

CSE484 Final Study Guide

Scan Report Executive Summary. Part 2. Component Compliance Summary Component (IP Address, domain, etc.):ekk.worldtravelink.com

jk0-022 Exam Questions Demo CompTIA Exam Questions jk0-022

OS Security. Authentication. Radboud University Nijmegen, The Netherlands. Winter 2014/2015

Certified Penetration Testing Consultant

Once all of the features of Intel Active Management Technology (Intel

Mobile Malfeasance. Exploring Dangerous Mobile Code. Jason Haddix, Director of Penetration Testing

Lecture 08: Networking services: there s no place like

SECURITY+ LAB SERIES. Lab 3: Protocols and Default Network Ports Connecting to a Remote System

HP - HP0-P17. HP-UX 11i v3 Security Administration. QUESTION: 1 After running /usr/sbin/pwck, the following output is displayed:

OS Security. Authentication. Radboud University Nijmegen, The Netherlands. Winter 2014/2015

HHC 2017 writeup, by RedTeam611

Security in the Privileged Remote Access Appliance

n Given a scenario, analyze and interpret output from n A SPAN has the ability to copy network traffic passing n Capacity planning for traffic

Hands-On Ethical Hacking and Network Defense Chapter 6 Enumeration

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address :

Web insecurity Security strategies General security Listing of server-side risks Language specific security. Web Security.

Ethical Hacking and Countermeasures: Web Applications, Second Edition. Chapter 3 Web Application Vulnerabilities

Scan Report Executive Summary

1 About Web Security. What is application security? So what can happen? see [?]

Lecture Overview. IN5290 Ethical Hacking

Lecture 6: Web hacking 2, Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), Session related attacks

WFUZZ! for Penetration Testers! Christian Martorella & Xavier Mendez! SOURCE Conference 2011! Barcelona!

PracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam

CEH v8 - Certified Ethical Hacker. Course Outline. CEH v8 - Certified Ethical Hacker. 12 May 2018

Practice Labs Ethical Hacker

Transport Level Security

Web Application Penetration Testing

Passwords CSC 193 WAKE FOREST. U N I V E R S I T Y Department of Computer Science. Spring 2014

Transcription:

McAfee MA0-150 McAfee Certified Assessment Specialist Network Version: 4.0

Topic 1, Volume A QUESTION NO: 1 An attacker has compromised a Linux/Unix host and discovers a suspicious file called "password" that has no file extension. What command can be used to determine the filetype? A. filetype B. file C. filer D. fileext Answer: B QUESTION NO: 2 Below is a packet capture from Wireshark showing 2 equivalent MAC address in the Source field. Box 1 shows "Asustek..." while Box 2 shows "00:1a:92..". -Wireshark can determine these are equivalent because MAC addresses can be mapped to A. Operating systems (and variants) B. Computer names C. RFCs D. Vendors 2

QUESTION NO: 3 What is the correct syntax to query under which service a user account is running? A. sc.exe \\192.168.1.1 qc <service> B. sc.exe \\192.168.1.1 <service> C. net start \\192.168.1.1 qc D. net start W192.168.1.1 Answer: A QUESTION NO: 4 What file indicates and controls where system logs are stored? A. pam.conf B. smb.conf C. authlog.conf D. syslog.conf QUESTION NO: 5 The command "grep password *" searches for A. The word "password" in all files in the current directory. B. The character "*" in the file "password". C. The word "password" in all files in the current directory and all subdirectories. D. All passwords in the file named "*". Answer: A QUESTION NO: 6 3

The following output is generated from cat /etc/shadow: What hashing algorithm is used to protect the root password? A. Crypt (DES) B. MD5 C. Blowfish D. SHA QUESTION NO: 7 In computer security, a small piece of code that acts as a payload in which an attacker can control a remote machine is called A. A buffer overflow. B. A NOP sled. C. Shell code. D. Stack overflow. QUESTION NO: 8 A person connects to a web application via a mobile device. What request header name can this application use determine which device the person is using? A. Referer B. User agent 4

C. Connection D. Host Answer: B QUESTION NO: 9 What is the proper syntax for enumerating non-hidden shares on a host? A. net view /domain B. net view /domain:{domain} C. net view \\{target} D. net use \\{target}\ipc$ "" /u:"" QUESTION NO: 10 What is the term used for a technique that runs code within the address space of another process by forcing it to bad a library? A. Address space layout randomization B. Overwriting HP C. DLL injection D. SQL injection QUESTION NO: 11 What Microsoft utility encrypts the hashed passwords in a SAM database using 128-bit encryption? A. ASLR B. DEP 5

C. Syskey D. Kerberos QUESTION NO: 12 An attacker has just compromised a Linux host. What command can be used to determine the distribution of Linux? A. cat /etc/crontab B. cat /etc/passwd C. cat/etc/issue D. cat /etc/shadow QUESTION NO: 13 What is NOT a possible cross-site request forgery attack vector? A. Captchas B. Cross-site scripting C. Email D. Chat Answer: A QUESTION NO: 14 The Xscan tool is a A. X Windows Brute Forcer B. Keylogger for X Windows C. Keylogger for Mac OS X 6

D. Multi OS port scanner Answer: B QUESTION NO: 15 Under UNIX, Pluggable Authentication Modules (PAN) can be used to A. Implement strong password management. B. Crack password hashes from /etc/shadow. C. Crack password hashes from /etc/passwd. D. Create a certificate authority (CA). Answer: A QUESTION NO: 16 What is the quickest protocol to brute force when attacking Windows? A. SFTP B. HTTPS C. SMB D. SSH QUESTION NO: 17 The datapipe and fpipe tools can be used for A. Port scanning. B. Port redirection. C. Passing the hash. D. Directory traversal. 7

Answer: B QUESTION NO: 18 What is the basis for Cisco Type 7 passwords? A. Asymmetric key cryptography B. Symmetric key cryptography C. One-way hashing D. Encoding QUESTION NO: 19 What is the magic number for a Linux binary? A. MZ B. JFIF C. EXIF D. ELF QUESTION NO: 20 Horizontal privilege escalation is a vulnerability of authorization where users act at a privilege level A. Above one they are entitled to act. B. Below one they are entitled to act. C. That they are entitled to but only as a different user. D. That transfers across another application. 8

QUESTION NO: 21 A corporate user has just been hacked and shell code is installed. The user logs off, but the hacker remains on the system with NT AUTHORTTY\SYSTEM credentials. What can the attacker use to escalate to the corporate user's permissions? A. AT scheduler B. Cached credentials C. Local windows privilege escalation D. psexec Answer: B QUESTION NO: 22 Which of the following are advantages of maintaining a separate syslog server? (Choose two) A. Harder for attackers to cover their tracks B. Easier to implement hard drive backups C. Easier to implement network time protocol (NTP) D. Harder to control VPN traffic E. Harder for rogue network administrator collusion Answer: A,E QUESTION NO: 23 NetBIOS enumeration requires access to which TCP ports? A. 389 or 3268 B. 1433 or 1434 C. 135 or 137 D. 139 or 445 9

QUESTION NO: 24 The nmap command nmap -O would result in A. Output to a file. B. Operating System detection. C. Organizing by port (low to high). D. Organizing by port (high to low). Answer: B QUESTION NO: 25 Which of the following are common vulnerabilities in web applications? (Choose three) A. SQL Injection B. CSRF cookies C. Cross Site Scripting D. Cross Site Request Forgery E. Captchas Answer: A,C,D QUESTION NO: 26 The Nmap command nmap sv would result in A. Version scanning. B. Verbose output. C. Very verbose output. D. Vector initialization. Answer: A 10

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback