MK0-201 Exam Questions

Henry and Paul are debating the purchase of a $15000-00 automated vulnerability assessment software package. What is the main disadvantage regarding the automated compared to manua...

Which of these methods would be considered examples of passive reconnaissance? Choose three.

Which of these methods would be considered examples of active reconnaissance? (Choose three.)

Which of these methods would help protect DNS records from unauthorized users? (Choose two.)

Why is it important to ensure that SRV records are not publicly accessible? Choose the best answer.

Why is tunneling-based trojan software so useful for hackers if it is installed inside a corporate network? Choose the best answer.

How does a system administrator prevent ldp.exe and user2sid.exe tools from retrieving domain usernames, SIDs, and other information from a Windows 2000 Domain Controller if no use...

Which of the following will prevent both null session information leakage and password guessing attacks against a publicly-accessible web server in the DMZ? Choose the best answer.

Which of the following could be countermeasures to scanning? Choose all that apply.

Which of the following advanced search keywords do attackers take advantage of in order to see web page content without actually connecting to the target web server? Choose the bes...

Which of the following pieces of information can be obtained from a Whois query? Choose all that apply.

Which of the following countermeasures could be taken to implement security through obscurity and thus limit reconnaissance if an attacker issues this command against a web server?...

Which of the following is the most effective way to reduce the threat of social engineering? Choose the best answer.

Which computers, even with the latest service packs, allow NetBIOS null sessions? Choose all that apply.

Which of the following might be used to give false positives when a UDP scan is being performed against a DMZ server running DNS? Choose the best answer.

What is the most secure method of implementing Software Restriction Policies to prevent users from running both unauthorized and undesirable software? Choose the best answer.

What techniques are often used to perform an active-stack fingerprint of an operating system? Choose all that apply.

What technology is often used by employees to get access to web sites that are blocked by their corporate proxy server? Choose the best answer.

Why is it more difficult to sanitize information about a company that has publicly-traded stock? Choose the best answer.

Which of the following enumeration techniques can reveal the true built-in Administrator account even if it has been renamed? Choose two.

Which of the following actions can often be used as countermeasures to port scans? Choose all that apply.

Which nmap scan type provides a truly stealthy port scan? Choose the best answer.

Assuming SNMP Agent devices are IPSec-capable, why would implementing IPSec help protect SNMP Agents? Choose three.

Which of the following are reasons why fragment-based port scans are often used by attackers? Choose two.

Why are SYN port scans not as stealthy as what they originally were several years ago? Choose two.

Which of the following tools can detect hidden Alternative Data Streams on an NTFS file or folder? Choose all that apply.

What technology has made trojans easy to distribute? Choose the best answer.

Which tool speeds up offline password cracking by precomputing tables of password hashes? Choose the best answer.

Which of the following is the best method to counteract offline password cracking ? Choose the best answer.

Which are methods that attackers use to find buffer overflows? Choose all that apply.

What might be good countermeasures to protect the built-in administrator account from automated Terminal Server password guessing programs like tsgrinder? Choose two.

Which tools are capable of capturing Kerberos domain authentication credentials and then running either dictionary or brute force offline password cracking? Choose two.

Which of the following are recommended practices to help counteract password guessing attacks? Choose three.

Why is it often recommended to rename the built-in Administrator account on a Windows 2000 domain? Choose the best answer.

A system administrator deploys a Windows-based server in a publicly-accessible DMZ. The sole purpose of this machine is to run IIS and allow anonymous access. After a few days the...

Billybastard.c and pipeupadmin are examples of what type of attack? Choose the best answer.

What built-in Windows command can be used to help find remote access trojans? Choose the best answer.

Which of the following capabilities do rootkits have? Choose all that apply.

Which of the following countermeasures can make it more difficult for an attacker to gain access to the local SAM file if the attacker has physical access to that computer? Choose...

What are the possible countermeasures to buffer overflow exploits? Choose all that apply.

Keystroke loggers can be found in which of the following forms? Choose all that apply.

To prevent the storage of hashes in LanMan format in either the local SAM file or in Active Directory for computers running Windows 2000 SP2 or later, which of the following regist...

Which of the following statements explain why hardware-based keystroke loggers are so dangerous? Choose three.

Which of the following methods would allow an attacker to get access to the local SAM file if the attacker had physical access? Choose three.

Which of the following are reasons why Lan Manager hashes stored in the SAM file are considered relatively easy to crack? Choose two.

Which of the following ports could be associated with a trojan on a Windows computer? Choose two.

Which of the following would best represent the definition of a Penetration Test?

You have been hired by company WXY to perform a Penetration Test; in this first phase of your test you have been challenged to remain totally stealthy. Which of the following recon...

In order to identify a unique record within a database what would you use?

When referring to databases, what would you call the number of rows within a table?