A penetration tester harvests potential usernames from a social networking site. The penetration tester then uses social engineering to attempt to obtain associated passwords to gain unauthorized access to shares on a network server. Which of the following methods is the penetration tester MOST likely using?

• A.Escalation of privilege
• B.Proxy server
• C.SQL injection
• D.Active reconnaissance

Comment: *

Name: *

Email: *

Verification: *

Drag and drop the correct protocol to its default port.

Correct Answer:

Explanation:
FTP uses TCP port 21. Telnet uses port 23.
SSH uses TCP port 22.
All protocols encrypted by SSH, including SFTP, SHTTP, SCP, SExec, and slogin, also use TCP port 22. Secure Copy Protocol (SCP) is a secure file-transfer facility based on SSH and Remote Copy Protocol (RCP).
Secure FTP (SFTP) is a secured alternative to standard File Transfer Protocol (FTP). SMTP uses TCP port 25.
Port 69 is used by TFTP.
SNMP makes use of UDP ports 161 and 162. http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers

Comment: *

Name: *

Email: *

Verification: *

A security engineer is installing a WAF to protect the company's website from malicious web requests over SSL. Which of the following is needed to meet the objective?

• A.A split-tunnel VPN
• B.A reverse proxy
• C.Load-balanced servers
  By deploying a WAF in front of a web application, a shield is placed between the web application and the Internet. While a proxy server protects a client machine's identity by using an intermediary, a WAF is a type of reverse-proxy, protecting the server from exposure by having clients pass through the WAF before reaching the server.
  A WAF operates through a set of rules often called policies. These policies aim to protect against vulnerabilities in the application by filtering out malicious traffic. The value of a WAF comes in part from the speed and ease with which policy modification can be implemented, allowing for faster response to varying attack vectors; during a DDoS attack, rate limiting can be quickly implemented by modifying WAF policies.
• D.A decryption certificate

Comment: *

Name: *

Email: *

Verification: *

Which of the following characteristics differentiate a rainbow table attack from a brute force attack? (Select
two.)

• A.Rainbow table attacks do not require access to hashed passwords.
• B.Rainbow table attacks bypass maximum failed login restrictions.
• C.Rainbow table attacks must be performed on the network.
• D.Rainbow tables must include precomputed hashes.
• E.Rainbow table attacks greatly reduce compute cycles at attack time.

Comment: *

Name: *

Email: *

Verification: *

A security analyst has received the following alert snippet from the HIDS appliance:
PROTOCOL SIG SRC.PORT DST.PORT
TCP XMAS SCAN 192.168.1.1:1091 192.168.1.2:8891
TCP XMAS SCAN 192.168.1.1:649 192.168.1.2:9001
TCP XMAS SCAN 192.168.1.1:2264 192.168.1.2:6455
TCP XMAS SCAN 192.168.1.1:3464 192.168.1.2:8744
Given the above logs, which of the following is the cause of the attack?

• A.There is improper Layer 2 segmentation.
• B.TCP MSS is configured improperly.
• C.FIN, URG, and PSH flags are set in the packet header.
• D.The TCP ports on destination are all open.

Comment: *

Name: *

Email: *

Verification: *