Nathalie,an employee of Corporation XYZ, has notice that Bob,one of her coworkers,has been abusing company assets and resources for his own personal gain.
According to good ethics values,what should Nathalie do in this case?
A. Immediately install a network sniffer and keystroke recorder to monitor Bobs activities.
B. Retaliate by abusing Bobs resources; he does it to the company,hence why not do it against Bob himself.
C. Report Bob to upper management where a decision about a course of action can be made along with the HR and Legal department.
D. Nathalie should not get involved;this is none of her business. she should simply continue her work day and wait unit he gets caught.
Which of the following items is the least likely to be found while doing Scanning?Choose the best answer.
A. IP addresses
B. Operating System
C. System Owner
D. Services
Which tools are capable of capturing Kerberos domain authentication credentials and then running either dictionary or brute force offline password cracking?Choose two.
A. LC5
B. Cain and Abel
C. Ettercap
D. Kerbsniff and kerbcrack
Why are SYN port scans not as stealthy as what they originally were several years ago?Choose two.
A. Many firewall rulesets detect and block SYN scans
B. IDS systems look for SYN flag packets due to the proliferation of SYN flood-based denial of service attacks
C. RFC 3502 has redefined the TCP three-way handshake thus changing how SYN flags are used
D. The Internet-backbone routers all block SYN flag packets according to new RFC 3705
Session Hijacking is possible due to which weakness within the TCPIP stack implementation?
A. Initial Sequence Number prediction
B. Flags are not validated properly,it is possible to set all flags to 1 or 0.
C. Validation of the size of a packet after reassembly is not implemented properly.
D. Initial Sequence Number are too low
Nmap is the leading port scanner for security testing and penetration testing.
As a tester it is a must have within your toolbox and you MUST be familiar with its basic syntax.
Which of the following command lines would represent a Ping Sweep being performed using Nmap.
A. nmap sP 10.1.1.0/24
B. nmap sT 10.1.1.0/24
C. nmap sS 10.1.1.0/24
D. nmap sU 10.1.1.0/24
How does a system administrator prevent Idp.exe and user2sid.exe tools from retrieving domain usernames,SIDs,and other information from a Windows 2000 Domain Controller if no username and password are supplied?Choose two.
A. Add the Everyone group to the Pre-Windows 2000 Compatible Access group
B. Remove the Everyone group from the Pre-Windows 2000 Compatible Access group
C. set RestrictAnonymous registry key to two
D. Set RestrictAnonymous registry key to zero
Keystroke loggers can be found in which of the following forms?Choose all that apply.
A. Trojans
B. Spyware
C. Text files
D. A dynamic link library file which replaces the standard GINA.dII
Bob is using a new sniffer called Ethereal.
However,it seems that Bob can only see packets that are sent from and to his own network interface card
(NIC).He cannot see any traffic from the other station.
What could be the cause of Bobs problem?(Select two)
A. The NIC is not in promiscuous mode
B. The network is using UDP traffic
C. Bob is connected to a switched network
D. The sniffer does not support Bobs TCP/IP network stack
Name Servers are the Penetration Testers best friend.The Domain Name Registration database contains information about who registered a particular domain.What common command line as well as web based tool could be used to extract this information from the public database of Domain Name registration.
A. Whois
B. traceroute
C. SOA Query tool
D. Resolv
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Mile2 exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your MK0-201 exam preparations and Mile2 certification application, do not hesitate to visit our Vcedump.com to find your solutions here.