Adam works as a Security Analyst for Umbrella Inc. CEO of the company ordered him to implement twofactor authentication for the employees to access their networks. He has told him that he would like to use some type of hardware device in tandem with a security or identifying pin number. Adam decides to implement smart cards but they are not cost effective.
Which of the following types of hardware devices will Adam use to implement two-factor authentication?
A. Biometric device
B. Security token
C. Proximity cards
D. One Time Password
You discover that all available network bandwidth is being used by some unknown service. You discover that UDP packets are being used to connect the echo service on one machine to the chargen service on another machine.
What kind of attack is this?
A. Smurf
B. Denial of Service
C. Evil Twin
D. Virus
Which of the following penetration testing phases involves gathering data from whois, DNS, and network scanning, which helps in mapping a target network and provides valuable information regarding the operating system and applications running on the systems?
A. Post-attack phase
B. On-attack phase
C. Attack phase
D. Pre-attack phase
Which of the following applications is NOT used for passive OS fingerprinting?
A. Networkminer
B. Satori
C. p0f
D. Nmap
You work as a professional Ethical Hacker. You are assigned a project to test the security of www.wearesecure.com. You somehow enter in we-are-secure Inc. main server, which is Windows based.
While you are installing the NetCat tool as a backdoor in the we-are-secure server, you see the file credit.dat having the list of credit card numbers of the company's employees. You want to transfer the credit.dat file in your local computer so that you can sell that information on the internet in the good price. However, you do not want to send the contents of this file in the clear text format since you do not want that the Network Administrator of the we-are-secure Inc. can get any clue of the hacking attempt. Hence, you decide to send the content of the credit.dat file in the encrypted format.
What steps should you take to accomplish the task?
A. You will use the ftp service.
B. You will use Wireshark.
C. You will use CryptCat instead of NetCat.
D. You will use brutus.
John works as an Ethical Hacker for PassGuide Inc. He wants to find out the ports that are open in PassGuide's server using a port scanner. However, he does not want to establish a full TCP connection.
Which of the following scanning techniques will he use to accomplish this task?
A. TCP FIN
B. TCP SYN/ACK
C. TCP SYN
D. Xmas tree
Fill in the blank with the appropriate name of the tool.
______ scans for rootkits by comparing SHA-1 hashes of important files with known good ones in online database.
A. rkhunter
Which of the following techniques can be used to map 'open' or 'pass through' ports on a gateway?
A. Traceport
B. Tracefire
C. Tracegate
D. Traceroute
Fill in the blank with the appropriate term.
______ is a technique used to make sure that incoming packets are actually from the networks that they claim to be from.
A. Ingress filtering
You want to use PGP files for steganography. Which of the following tools will you use to accomplish the task?
A. Blindside
B. Snow
C. ImageHide
D. Stealth
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only SANS exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SEC504 exam preparations and SANS certification application, do not hesitate to visit our Vcedump.com to find your solutions here.