- (Exam Topic 2)
Which of the following does proper basic configuration of snort as a network intrusion detection system
require?
Correct Answer:
A
- (Exam Topic 4)
When you are collecting information to perform a data analysis, Google commands are very useful to find sensitive information and files. These files may contain information about passwords, system functions, or documentation.
What command will help you to search files using Google as a search engine?
Correct Answer:
A
If you include site: in your query, Google will restrict your search results to the site or domain you specify. If you include filetype:suffix in your query, Google will restrict the results to pages whose names end in
suffix. For example, [ web page evaluation checklist filetype:pdf ] will return Adobe Acrobat pdf files that match the terms “web,” “page,” “evaluation,” and “checklist.”
References:
http://www.googleguide.com/advanced_operators_reference.html
- (Exam Topic 6)
Which type of cryptography does SSL, IKE and PGP belongs to?
Correct Answer:
D
- (Exam Topic 2)
A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database.
In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?
Correct Answer:
B
- (Exam Topic 7)
While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server. From the following options choose how best you can achieve this objective?
Correct Answer:
E