MK0-201 Exam Questions

When dealing with Wireless Local Area Networks a client will associate with the closest access point. What does the closest access point mean in such a case?

Nathalie has just received a message from her boyfriend, Clement, who is telling her about this severe Popoute virus that none of the virus companies have been able to stop. In the...

How would you call a malware that is set to trigger at a specific date, or sometime in the future?

There are different types of access control that can be used within a company. Logical security will be directly affected depending on the type that you select. Which of the follow...

John is attempting to reduce the likelihood that his Linux server could be compromised through exploitation of ports and services that are not necessary or through the use of packe...

There is a method which allows you to find information on hosts located behind a firewall by using packets similar to the packets used by Traceroute. This method attempts to find o...

You have collected a series of messages that are all encrypted. You do not have access to the matching plaintext nor do you have any idea of the key and algorithm that were used to...

You are currently capturing packets to perform passive OS fingerprinting. Within the packets that you have captured, you notice that the IP Header length is 20 bytes which is the n...

A normal TCP connection is always established by using what is called a TCP Three Way Handshake. Which of the packet sequences below would represent a normal TCP connection establi...

A TCP Connect Scan which is also called a Vanilla TCP port scan will send a SYN packet to ports sequentially to see which are open. Using the Vanilla TCP Port Scan, what would be e...

Bob is working as an Intrusion Detection System administrator for a company called CCCure. Being a keen analyst he has noted a very large amount of SYN packet being sent to some of...

When doing a Half-Open Scan what packet type would be expected as a response if the port being probed is closed?

When referring to the prevalence of online computer crimes, which of the following would NOT be a factor that contributes to the proliferation of computer crimes?

Which of the following scan types would be the least accurate scan considering that many other network conditions could indicate that the port is open even though it might not be o...

Nmap is the leading port scanner for security testing and penetration testing. As a tester it is a must have within your toolbox and you MUST be familiar with its basic syntax. Whi...

At times a tester will be challenged to craft a packet that needs a special quantity of payload data, a specific starting TTL value, a specific speed at which the packet can be sen...

Looking at the results of hping2 below, what does the flag=RA portion of the response most likely indicate in this case?

Doing Operating System identification remotely is an art that requires analysis of responses from packets being sent. In order to do so efficiently, a methodology called fuzzy logi...

When doing an ACK flag scanning the target host is sent TCP packets with the ACK flag set and the reply is then analyzed. Which of the following items within the response packets w...

Automated tools are not always adept at identifying remote applications. By inspecting banners presented when connecting to a specific port, it is possible to gather more informati...

After completing your reconnaissance and scanning, which of the following would be the next logical step performed by the Pen Tester?

Examining all web pages from a site might be a tedious task. In order to facilitate such a task you can make use of a web crawler. Which of the choices presented below would best d...

From the items listed below, which would be expected from a cracker or hacker but NOT from an Ethical Hacker or Certified Penetration tester?

You have been tasked with setting up the required Domain Name Service for your company domain names. How many primary DNS servers are you going to need for each of your domains?

Amongst the resource record types listed below, which one must you have for each of your domain names?

Which of the following resource records would you inspect to find out how long a cache poisoning attack might be effective against a remote DNS server?

When would a secondary name server perform a zone transfer to update its entries and synchronize its database with the primary name server?

Looking at the SOA records presented below, for how long will the secondary DNS servers attempt to contact the primary DNS server before a zone be considered dead.

Looking at the SOA records presented below, how long will the secondary server wait before it reattempts to synchronize with the primary server if it was not able to do so when it...

Which of the following is NOT a tool that could be used to perform a zone transfer?

Which of the following ports are used by the Simple Network Management Protocol? (Choose two)

The SNMP protocol makes use of community string to control access. There are two community strings being used; each of these strings allow you to perform only specific functions wi...

Under the SNMP protocol, what does a trap consist of? Choose the best answer.

Noah, a penetration tester, has been asked by Company XYZ to perform a security test against the company network from an internal location. The owner of company XYZ has provided No...

Under the Windows platform, there is something refered to as Null Session. Which of the following statements would best describe what a null session consists of?

In symmetric cryptosystem, how many keys are needed to communicate securely between 10 different people who all wish to have a key pair to talk to each other?

Which of the following statements would be TRUE when referring to Stream ciphers?

The Advanced Encryption Standard (AES) was released to protect sensitive data used by U.S. Government organizations. Up to what classification level was AES built for?

Nathalie is exclusively making use of a public key crypto system to communicate with her peers. She would like to send information to Bob while protecting the confidentiality of th...

Which of the following statements would best describe the act of signing a message with a Digital Signature?

When a digital certificate has been revoked before its expiry date, how will the Certification Authority (CA) that issued the certificate inform other CAs that the specific certifi...

Johnny is using IPSEC to protect his data while in transit. Due to recent developments in his company, there is a need for more stringent security whereby he would like to mask and...

The network support staff at company XYZ have recently attended a security training class and learned about some of the inherent dangers of using insecure protocols such as Telnet,...

Dozens of methodologies exist on the market today. Most of them follow the very same high level steps. Which of the following would represent the most common and logical approach t...

SSL can be used to protect information sent over a public network while surfing the web. During the establishment of a secure SSL session, on which side of the communication link i...

Which of the following encryption cracking techniques would eventually succeed given enough time and processing power?

Johnny has been trying to defeat a crypto system for some time. He has in his possession a whole collection of ciphertext documents that were captured from the network. However, he...

Cracking encryption is often impossible due to time constraints whereby it would take hundreds of years in some cases. Great advancement has taken place lately regarding the cracki...

Vulnerabilities Scanners have large databases of known vulnerabilities and exposures that exist within a very large number of operating systems and applications. Most scanners are...

Password attacks fall within two main categories: Social Attacks and Digital Attacks. Which of the following would not be considered a Social Attack on passwords?