MA0-150 Exam Questions

Under UNIX, Pluggable Authentication Modules (PAN) can be used to

What is the quickest protocol to brute force when attacking Windows?

The datapipe and fpipe tools can be used for

What is the basis for Cisco Type 7 passwords?

What is the magic number for a Linux binary?

Horizontal privilege escalation is a vulnerability of authorization where users act at a privilege level

A corporate user has just been hacked and shell code is installed. The user logs off, but the hacker remains on the system with NT AUTHORTTY\SYSTEM credentials. What can the attack...

Which of the following are advantages of maintaining a separate syslog server? (Choose two)

NetBIOS enumeration requires access to which TCP ports?

The nmap command nmap -O would result in

Which of the following are common vulnerabilities in web applications? (Choose three)

The Nmap command nmap sV would result in

Which of the following are necessary for RFID? (Choose two)

Brute force attack tools include which of the following? (Choose three)

Which of the following commands will tell you what version of Microsoft Windows is running? (Choose three)

During an external penetration test, the consultant identifies a Windows-based server that is running Apache Tomcat Manager with a default username and password combination. After...

What protocol does the Nmap default scan nmap 192.16S.1.1 use?

Reverse Telnet is an example of a

What database does the tool SQLPing target?

User Access Control (UAC) is an example of what security principle?

What protocol backs the core routing decisions on the Internet?

Base64 is an algorithm that uses

Once a hostname on a Windows network has been identified, which of the following tools can help identify the IP address of the host? (Choose three)

The tracert command in Windows uses which protocol?

What command can be used to search a Windows host for a filename containing "term"?

A consecutive string of 0x90's is called a

The Hydra tool is used for

What are the default permissions set on an /etc/shadow file?

The following commands, run in sequence from top to bottom, is an example of

What is a feature-rich file type that can be used for client-side attacks?

What command generated the following output? Linux DVORAK 2.6.34 =1 SMP Wed Jul 21 09:51:09 EDT 2010 686GNU/Unux

What service is commonly found on network devices on UDP port 161?

While connected to a Local Area Network in a hacker class at a security conference, a student also connected to his company's SSL VPN. Now other students can connect to the corpora...

An attacker has just compiled a exploit binary but cannot seem to run the executable. Which of the following can be used to help execute the binary? (Choose two)

The root cause of WEP's security weakness is weak

A hacker who is connected to the wireless network on a flat corporate network attempts to run a "net use" command against a corporate workstation running a default installation of...

What are LSA Secrete?

What tool is used to enumerate portmap services on a UNIX system?

By default, UNIX system logs are most often stored in

An Administrator of the CORP domain makes modifications to the Domain Security Policy so that the storage of LAN Man hashes is no longer permitted. These changes are pushed out to...

Zone Transfers are used to

What syntax is used to perform an Nmap full connect scan?

When cracking LM hashes, what is the approximate keyspace, given that there are 95 permitted alphanumeric and symbolic characters?

The Nmap command "nmap -g 53192.168.1.1" will perform a port scan and use a value of 53 as the

ARP poisoning involves

What TCP port does the DNS protocol use?

How many ports does the Nmap default scan target?

What command turns off access control for X windows?

What tool can be used to crack Cisco Type 7 passwords?

A corporate user has just been tricked into installing malicious software. The software attempts to phone home over port 80 but does not conform to the HTTP RFC. What device protec...