Which of the following statements about buffer overflow are true? Each correct answer represents a complete solution. Choose two.
A. It is a situation that occurs when a storage device runs out of space.
B. It is a situation that occurs when an application receives more data than it is configured to accept.
C. It can improve application performance.
D. It can terminate an application.
Fill in the blank with the appropriate option to complete the statement below.
You want to block all UDP packets coming to the Linux server using the portsentry utility. For this, you have to enable the ______ option in the portsentry configuration file.
A. BLOCK_UDP
Which of the following are the limitations for the cross site request forgery (CSRF) attack? Each correct answer represents a complete solution. Choose all that apply.
A. The attacker must determine the right values for all the form inputs.
B. The attacker must target a site that doesn't check the referrer header.
C. The target site should have limited lifetime authentication cookies.
D. The target site should authenticate in GET and POST parameters, not only cookies.
Which of the following attacks capture the secret value like a hash and reuse it later to gain access to a system without ever decrypting or decoding the hash?
A. Cross Site Scripting attack
B. Replay attack
C. Rainbow attack
D. Hashing attack
You work as an Incident handler in Mariotrixt.Inc. You have followed the Incident handling process to handle the events and incidents. You identify Denial of Service attack (DOS) from a network linked to your internal enterprise network.
Which of the following phases of the Incident handling process should you follow next to handle this incident?
A. Containment
B. Preparation
C. Recovery
D. Identification
Brutus is a password cracking tool that can be used to crack the following authentications:
l HTTP (Basic Authentication)
l HTTP (HTML Form/CGI)
l POP3 (Post Office Protocol v3)
l FTP (File Transfer Protocol)
l SMB (Server Message Block)
l Telnet
Which of the following attacks can be performed by Brutus for password cracking? Each correct answer
represents a complete solution. Choose all that apply.
A. Hybrid attack
B. Replay attack
C. Dictionary attack
D. Brute force attack
E. Man-in-the-middle attack
Which of the following scanning tools is also a network analysis tool that sends packets with nontraditional IP stack parameters and allows the scanner to gather information from the response packets generated?
A. Tcpview
B. Nessus
C. Legion
D. HPing
You have forgotten your password of an online shop. The web application of that online shop asks you to enter your email so that they can send you a new password. You enter your email [email protected] And press the submit button. The Web application displays the server error. What can be the reason of the error?
A. You have entered any special character in email.
B. Email entered is not valid.
C. The remote server is down.
D. Your internet connection is slow.
Which of the following provides packet-level encryption between hosts in a LAN?
A. PPTP
B. IPsec
C. PFS
D. Tunneling protocol
Which of the following tools are used as a network traffic monitoring tool in the Linux operating system? Each correct answer represents a complete solution. Choose all that apply.
A. Netbus
B. IPTraf
C. MRTG
D. Ntop
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only SANS exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SEC504 exam preparations and SANS certification application, do not hesitate to visit our Vcedump.com to find your solutions here.