- All Exams Instant Download
What is not a PCI compliance recommendation?
What is not a PCI compliance recommendation?A . Use a firewall between the public network and the payment card data.B . Use encryption to protect all transmission of card holder data over any public network.C . Rotate employees handling credit card transactions on a yearly basis to different departments.D ....
What type of firewall is inspecting outbound traffic?
During a black-box pen test you attempt to pass IRC traffic over port 80/TCP from a compromised web enabled host. The traffic gets blocked; however, outbound HTTP traffic is unimpeded. What type of firewall is inspecting outbound traffic? A. Circuit B. Stateful C. Application D. Packet FilteringView AnswerAnswer: C Explanation:...
Using Wireshark to examine the captured traffic, which command can be used as display filter to find unencrypted file transfers?
A company’s policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the...
Which of the following has occurred?
A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are...
What sort of security breach is this policy attempting to mitigate?
A company’s security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?A . Attempts by attackers to access the user and password information stored in the company’s SQL database.B . Attempts by attackers...
Which of the following is a command line packet analyzer similar to GUI-based Wireshark?
Which of the following is a command line packet analyzer similar to GUI-based Wireshark?A . nessusB . tcpdumpC . etherealD . jack the ripperView AnswerAnswer: B Explanation: Tcpdump is a data-network packet analyzer computer program that runs under a command-line interface. It allows the user to display TCP/IP and other...
The collection of potentially actionable, overt, and publicly available information is known as
The collection of potentially actionable, overt, and publicly available information is known asA . Open-source intelligenceB . Real intelligenceC . Social intelligenceD . Human intelligenceView AnswerAnswer: A
What type of an alert is this?
When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator’s Computer to update the router configuration. What type of an alert is this?A . False negativeB . True negativeC . True positiveD . False positiveView AnswerAnswer: D Explanation:...
Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?
Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?A . KismetB . AbelC . NetstumblerD . NessusView AnswerAnswer: A Explanation: https://en.wikipedia.org/wiki/Kismet_(software) Kismet is a network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. Kismet will work...
Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?
Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?A . KismetB . AbelC . NetstumblerD . NessusView AnswerAnswer: A Explanation: https://en.wikipedia.org/wiki/Kismet_(software) Kismet is a network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. Kismet will work...
