Which of the following statements are true about netcat? Each correct answer represents a complete solution. Choose all that apply.
A. It provides special tunneling, such as UDP to TCP, with the possibility of specifying all network parameters.
B. It can be used as a file transfer solution.
C. It provides outbound and inbound connections for TCP and UDP ports.
D. The nc -z command can be used to redirect stdin/stdout from a program.
Which of the following malicious software travels across computer networks without the assistance of a user?
A. Worm
B. Virus
C. Hoax
D. Trojan horses
What is the major difference between a worm and a Trojan horse?
A. A worm spreads via e-mail, while a Trojan horse does not.
B. A worm is a form of malicious program, while a Trojan horse is a utility.
C. A worm is self replicating, while a Trojan horse is not.
D. A Trojan horse is a malicious program, while a worm is an anti-virus software.
Which of the following statements are true about session hijacking? Each correct answer represents a complete solution. Choose all that apply.
A. Use of a long random number or string as the session key reduces session hijacking.
B. It is used to slow the working of victim's network resources.
C. TCP session hijacking is when a hacker takes over a TCP session between two machines.
D. It is the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.
Which of the following characters will you use to check whether an application is vulnerable to an SQL injection attack?
A. Dash (-)
B. Double quote (")
C. Single quote (')
D. Semi colon (;)
Which of the following statements are true about tcp wrappers? Each correct answer represents a complete solution. Choose all that apply.
A. tcp wrapper provides access control, host address spoofing, client username lookups, etc.
B. When a user uses a TCP wrapper, the inetd daemon runs the wrapper program tcpd instead of running the server program directly.
C. tcp wrapper allows host or subnetwork IP addresses, names and/or ident query replies, to be used as tokens to filter for access control purposes.
D. tcp wrapper protects a Linux server from IP address spoofing.
You want to scan your network quickly to detect live hosts by using ICMP ECHO Requests. What type of scanning will you perform to accomplish the task?
A. Idle scan
B. TCP SYN scan
C. XMAS scan
D. Ping sweep scan
Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?
A. Piggybacking
B. Hacking
C. Session hijacking
D. Keystroke logging
Network mapping provides a security testing team with a blueprint of the organization. Which of the following steps is NOT a part of manual network mapping?
A. Gathering private and public IP addresses
B. Collecting employees information
C. Banner grabbing
D. Performing Neotracerouting
Which of the following statements about Denial-of-Service (DoS) attack are true? Each correct answer represents a complete solution. Choose three.
A. It disrupts services to a specific computer.
B. It changes the configuration of the TCP/IP protocol.
C. It saturates network resources.
D. It disrupts connections between two computers, preventing communications between services.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only SANS exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SEC504 exam preparations and SANS certification application, do not hesitate to visit our Vcedump.com to find your solutions here.