MK0-201 Exam Questions

By spoofing an IP address and inserting the attackers MAC address into an unsolicited ARP Reply packet, an attacker is performing what kind of attack? Choose the best answer.

Why wouldn't it be surprising to find netcat on a trojaned-computer? Choose three.

Why would an administrator block ICMP TTL Exceeded error messages at the external gateways of the network? Choose the best answer.

Which tools and or techniques can be used to remove an Alternative Data Stream on an NTFS file? Choose two.

If an attacker gets Administrative-level access, why cant the entries in the Event log be trusted with certainty? Choose two.

Most search engine support Advanced Search Operators; as a Penetration Tester you must be familiar with some of the larger search engines such as Google. There is a wealth of infor...

Which of the following items is the least likely to be found while doing Scanning? Choose the best answer.

You are concerned about other people sniffing your data while it is traveling over your local network and the internet. Which of the following would be the most effective counterme...

When you create a hash value of the message you wish to send, then you encrypt the hash value using your private key before sending it to the receiver in order to prove the authent...

Looking at the window presented below, what type of mail server is running on the remote host?

Bob has just produced a very detailed penetration testing report for his client. Bob wishes to ensure that the report will not be changed in storage or in transit. What would be th...

A malicious hacker has been trying to penetrate company XYZ from an external network location. He has tried every trick in his bag but still did not succeed. From the choice presen...

When a piece of malware executes on a computer, what privilege level or account will it execute under? Choose the best answer.

Software Restriction Policies, if implemented correctly, can help protect against what kinds of threats? Choose two.

What software can alert an administrator to modified files (system or otherwise) by comparing new the hash to the hash on the original trusted file? Choose all that apply. NOTE: Th...

Why is it so challenging to block packets from Remote Access Trojans that use port 80 for network communications? Choose three.

To block tunneling remote access trojans like 007Shell, what should you do on your firewall? Choose the best answer.

What sniffer program is capable of reconstructing associated TCP packets into a session showing application layer data from the client to the server and vice-versa? Choose the best...

What program can locate computers running sniffers by sending out special ARP packets that only network cards in promiscuous mode will reply to? Choose the best answer.

The process of flooding a local segment with thousands of random MAC addresses can result in some switches behaving like a hub. The goal of the hacker is to accomplish what? Choose...

Which programs might an attacker use to facilitate sniffing in a switched network? Choose all that apply.

Cisco Catalyst Switches have which feature intended to prevent ARP cache poisoning? Choose the best answer.

Which of the following protocols send data in clear text and thus are readily sniffable? Choose three.

What technology can be deployed at the network layer to protect against sniffing? Choose the best answer.

System administrators need to be aware of what tool that adds white-bytes of executable code to an existing malicious binary with the goal of evading anti-trojan software using MD5...

What protocol contains encrypted versions of telnet, ftp, and file copy for both Linux and Windows computers? Choose the best answer.

If IPSec cannot be implemented to secure network communications from sniffing, what program would be an alternative choice for secure terminal logins and file transfers on Windows...

BASIC authentication for HTTP authentication is universally understood but has the disadvantage of passing username and password in BASE64 encoding. What technology could be used t...

What technologies could a company deploy to protect all data passing from an employees home computer to the corporate intranet? Choose two.

Why is passive sniffing much harder to detect, if not impossible, compared to active sniffing? Choose the best answer.

What Windows technology should prevent SMB Relay from sniffing user credentials in a man in the middle attack? Choose the best answer.

What is one possible method that hackers can use to sniff SSL connections? Choose the best answer.

What hashed authentication credentials can be sniffed and possibly cracked offline (assuming time is not an issue)? Choose all that apply.

DNS Spoofing can allow an attacker to sniff traffic that is meant to go to particular web sites. Which of the following tools can perform DNS Spoofing? Choose two.

Which registry key setting will disable the automatic playing of executables on a CD-rom when the CD-rom is inserted into the computer? Choose the best answer.

Why is it important to the security of a network to create a complex password for the SA account on a MSSQL server installation?

A direct attack on a database system is one that attacks what?

Which of the following is a MS Access database SQL injection script?

What is one way an attacker can use to determine if a database front-end application is vulnerable to SQL injection?

Select the best method of securing the underlying data tables on a database system.

SQL injection is defined as?

Which of the following SQL scripts will discover the usernames and hashed passwords from a MSSQL server?

Given the following diagram, what ports should be blocked on the perimeter and internal firewall to best protect the Microsoft SQL database server from unauthorized inbound connect...

Which of the following SQL scripts will cause the SQL server to cease operations?

When conducting a TCP scan for SQL servers on a given network address range, what port is being interrogated?

Which of the following SQL injection scripts would attempt to discover all usernames on the table users beginning with Ad?

Types of potential vulnerabilities that are commonly scanned for include: (Choose All that Apply)

Which scripting language do most open source vulnerability scanners use?

An administrator has just completed the installation of Nessus on a Linux System that will only have physical space for the server and no monitor. The administrator was told that N...

Which Vulnerability Assessment tools perform dangerous/destructive scans. Choose two.