ML0-320 Exam Questions

Duane is a clever attacker, he has penertrated a system and wishes to hide some files within other files on the file system. Which of the following could be used by Duane to attemp...

Which of the following penetration framework is Open Source and offers features that are similar to some of its rival commercial tools?

Software Restriction Policies, if implemented correctly, can help protect against what kinds of threats? Choose two.

If the DS Client software has been installed on Windows 95, Windows 98, and NT 4 comptuers, what setting of the LanMan Authentication level should be applied to counteract LanMan h...

Ping utilities can be used for basic network connectivity test; the ping command sends out an ICMP Echo Request packets and the destination host will reply with an ICMP Echo Reply...

When doing a Half-Open Scan what packet type would be expected as a response if the port being probed is closed?

Mae i a keen system administration; she constantly monitors the mailing list for best practices that are being used out in the field.On the servers that she maintains, Mae has rena...

What built-in Windows command can be used to help find remote access trojans? Choose the best Answer:.

Under the Windows platform, there is something refered to as Null Session. Which of the following statements would best describe what a null session consists of?

Why is tunneling-based trojan software so useful for hackers if it is installed inside a corporate network? Choose the best Answer:.

On a Linux system, which of the following files would contain the list of user accounts, their shell, and their home directories?

Looking at the Window presented below, what type of mail server is running on the remote host?

Which of the following capabilities do rootkits have? Choose all that apply.

This document, which is a part of good practices within an organization, describes step by step how to accomplish a specific task.What is the name of this document?

Billsleigh has been learning about sniffer programs and found out that they can be used to collect information on networks.Billsleigh would definitively like to gather a series of...

Clement is someone who greatly enjoys fishing. Clement recently visited a web site that is very proactive in its attempt to save marine life. While on the site he downloaded a diso...

Johnny has just installed a small utility to calculate subnet masks. After installing this utility he was pormpted by his firewall to accept a connection outbound to a server he wa...

Henry and Paul are debating the purchase of a $1500-00 automated vulnerability software package.What is the main disadavantage regarding the automated compared to manual assessment...

Bob has just produced a very detailed penetration testing report for his client.Bob wishes to ensure that the report will not be chnaged in storage or in transit. What would be the...

What Windows techonology should prevent SMB Relay from sniffing user credentials in a man in the middle attack? Choose the best Answer:.

Bob is using a new sniffer called Ethereal. However, it seems that Bob can only see packets that are sent from and to his own network interface card (NIC).He cannot see any traffic...

Name Servers are the Penetration Testers best friend.The Domain Name Registration database contains information about who registered a particular domain. What common command line a...

Keystroke loggers can be found in which of the following forms? Choose all that apply.

Nmap is the leading port scanner for security testing and penetration testing. As a tester it is a must have within your toolbox and you MUST be familiar with its basic syntax. Whi...

How does a system administrator prevent Idp.exe and user2sid.exe tools from retrieving domain usernames, SIDs, and other information from a Windows 2000 Domain Controller if no use...

Session Hijacking is possible due to which weakness within the TCPIP stack implementation?

Why are SYN port scans not as stealthy as what they originally were several years ago? Choose two.

Which tools are capable of capturing Kerberos domain authentication credentials and then running either dictionary or brute force offline password cracking? Choose two.

Which of the following items is the least likely to be found while doing Scanning? Choose the best Answer:.

Nathalie, an employee of Corporation XYZ, has notice that Bob, one of her coworkers, has been abusing company assets and resources for his own personal gain. According to good ethi...

MS SQL server makes use of Stored Procedures. There is an extended stored procedure called sp_makewebtask that can be used with data being returned from executed queries. What woul...

You are concerned about other people sniffing your data while it is travelling over your local network and the internet. Which of the following would be the most effective counterm...

Which Vulnerability Assessment tools perform dangerous/destructive scans.Choose two.

Which of the following would represent a technique to embed data within another file where by it would be near impossible for anyone using or looking at the file to claim that ther...

You have collected a series of messages that are all encrypted. You do not have access to the matching plaintext nor do you have any idea of the key and algorithm that were used to...

Which programs might an attacker use to facililate sniffing in a switched network? Choose all that apply.

the company network from an internal location. assistance. Which of the following would best describe the type of test that Noah is about to perform?

The SNMP protocol makes use of community sring to control access. There are two community strings being used; each of these strings allow you to perform only specific functions wit...

Why is it often recommended to rename the built-in Administrator account on a Windows 2000 domain? Choose the best Answer:.

What technology can be deployed at the network layer to protect against snififng? Choose the best Answer:.

When referring to the prevalence of online computer crimes, which of the following would NOT be a factor that contributes to the proliferation or computer crimes?

This technique consists of using social to trick someone into revealing information they should not usually release to unathorized users. What do we call this technique or type of...

A null session allows users to connect remotely to other Windows computers on the network.According to the implementation of NULL sessions of Windows platforms, how long would the...

A Windows computer that has not been hardened properly might allow NULL connection from a remote host. Which of the following commands would be used by a remote attacker to attempt...

What sniffer program is capable of reconstructing associated TCP packets into a sessions showing application layer data from the client to the server and vice-versa? Choose the bes...

Which of the following commands would capture all packets going to and from IP address 192.168.1.2 using tcpdump?

Why is passive sniffing much harder to detect, if not impossible, compared to active sniffing? Choose the best Answer:.

What is one way an attacker can use to determine if a database front-end application is vulnerable to SQL injection?

An attacker is sending packets with no flag set.This is also known as doing a NULL scan. Usually, operating system networking stacks will respond with a RST packe, however, some op...

Which of the following protocols usually make use of the UDP protocol while querying querying information and the TCP protocol for some other functions?