1. Home
  2. SANS
  3. SEC504

Hacker Tools, Techniques, Exploits and Incident Handling

Exam Details

  • Exam Code
    :SEC504
  • Exam Name
    :Hacker Tools, Techniques, Exploits and Incident Handling
  • Certification
    :Certified Incident Handler
  • Vendor
    :SANS
  • Total Questions
    :328 Q&As
  • Last Updated
    :May 14, 2024

SANS Certified Incident Handler SEC504 Questions & Answers

  • Question 41:

    Which of the following attacks saturates network resources and disrupts services to a specific computer?

    A. Replay attack

    B. Teardrop attack

    C. Denial-of-Service (DoS) attack

    D. Polymorphic shell code attack

  • Question 42:

    Which of the following is a method of gaining access to a system that bypasses normal authentication?

    A. Teardrop

    B. Trojan horse

    C. Back door

    D. Smurf

  • Question 43:

    Which of the following are based on malicious code? Each correct answer represents a complete solution. Choose two.

    A. Denial-of-Service (DoS)

    B. Biometrics

    C. Trojan horse

    D. Worm

  • Question 44:

    Adam works as a Security Administrator for Umbrella Technology Inc. He reported a breach in security to his senior members, stating that "security defenses has been breached and exploited for 2 weeks by hackers." The hackers had accessed and downloaded 50,000 addresses containing customer credit cards and passwords. Umbrella Technology was looking to law enforcement officials to protect their intellectual property.

    The intruder entered through an employee's home machine, which was connected to Umbrella Technology's corporate VPN network. The application called BEAST Trojan was used in the attack to open a "back door" allowing the hackers undetected access. The security breach was discovered when customers complained about the usage of their credit cards without their knowledge.

    The hackers were traced back to Shanghai, China through e-mail address evidence. The credit card information was sent to that same e-mail address. The passwords allowed the hackers to access Umbrella Technology's network from a remote location, posing as employees.

    Which of the following actions can Adam perform to prevent such attacks from occurring in future?

    A. Allow VPN access but replace the standard authentication with biometric authentication

    B. Replace the VPN access with dial-up modem access to the company's network

    C. Disable VPN access to all employees of the company from home machines

    D. Apply different security policy to make passwords of employees more complex

  • Question 45:

    You are the Security Consultant and have been hired to check security for a client's network. Your client has stated that he has many concerns but the most critical is the security of Web applications on their Web server.

    What should be your highest priority then in checking his network?

    A. Setting up IDS

    B. Port scanning

    C. Vulnerability scanning

    D. Setting up a honey pot

  • Question 46:

    In which of the following attacks does an attacker use packet sniffing to read network traffic between two parties to steal the session cookie?

    A. Session fixation

    B. Cross-site scripting

    C. Session sidejacking

    D. ARP spoofing

  • Question 47:

    Maria works as a professional Ethical Hacker. She has been assigned the project of testing the security of www.gentech.com. She is using dumpster diving to gather information about Gentech Inc.

    In which of the following steps of malicious hacking does dumpster diving come under?

    A. Multi-factor authentication

    B. Role-based access control

    C. Mutual authentication

    D. Reconnaissance

  • Question 48:

    Which of the following statements are true regarding SYN flood attack?

    A. The attacker sends a succession of SYN requests to a target system.

    B. SYN flood is a form of Denial-of-Service (DoS) attack.

    C. The attacker sends thousands and thousands of ACK packets to the victim.

    D. SYN cookies provide protection against the SYN flood by eliminating the resources allocated on the target host.

  • Question 49:

    US Garments wants all encrypted data communication between corporate office and remote location. They want to achieve following results: l Authentication of users l Anti-replay l Anti-spoofing l IP packet encryption They implemented IPSec using Authentication Headers (AHs). Which results does this solution provide? Each correct answer represents a complete solution. Choose all

    that apply.

    A. Anti-replay

    B. IP packet encryption

    C. Authentication of users

    D. Anti-spoofing

  • Question 50:

    You want to measure the number of heaps used and overflows occurred at a point in time. Which of the following commands will you run to activate the appropriate monitor?

    A. UPDATE DBM CONFIGURATION USING DFT_MON_TABLE

    B. UPDATE DBM CONFIGURATION DFT_MON_TIMESTAMP

    C. UPDATE DBM CONFIGURATION USING DFT_MON_BUFPOOL

    D. UPDATE DBM CONFIGURATION USING DFT_MON_SORT

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only SANS exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your SEC504 exam preparations and SANS certification application, do not hesitate to visit our Vcedump.com to find your solutions here.