ML0-320 Exam Questions

What are some of the weaknesses that make LAN Manager Hashes much easier to crak by an attacker? (Select all that apply.)

What might be good countermeasures to protect the built-in administrator account from automated Terminal Server password guessing programs like tsgrinder? Choose two.

Looking at the graphic presented below, what version of Internet Protocol was used on the network where this packet was sent? Extract the information from the Hex dump below.

Automated tools are not always adept at identifying remote applications. By inspecting banners presented when connecting to a specific port, it is possible to gather more informati...

A direct attack on a database system is one that attacks what?

To uniquely identify an active session, TCPIP protocol will make use of the client IP address and port as well as the destination IP address and port. How are these four elements m...

What technology can be deployed at the network layer to protect against sniffing? Choose the best Answer:.

When conducting a TCP scan for SQL servers on a given network address range, what port is being interrogated?

You have been hired by company WXY to perform a Penetration Test, in this first phase of your test you have been challenged to remain totally stealthy. Which of the following recon...

A normal TCP connection is always established by using what is called a TCP Three Way Handshake. Which of the packet sequences below would represent a normal TCP connection establi...

Footprinting is one of the first steps performed by a Penetration Tester. Many security testers neglect to perform this phase whereby you have the opportunity to easily information...

What is traceroute used for?

When would a secondary name server perform a zone transfer to update its entries and synchronize its database with the primary name server?

Bob is doing a penetration test. He was able to get system level access on one of the servers exploiting one of the known weaknesses of the web server. Bob attempted to copy the SA...

Wireless Local Area Networks (WLAN) are becoming increasingly popular. In order to link a wireless network to a wired network what type of device would be used?

Which of the following resource records would you inspect to find out how long a cache poisoning attack might be effective against a remote DNS server?

Nathalie has just received a message from her boyfriend, Clement, who is telling her about this severe Popoute virus that none of the virus companies have been able to stop. In the...

When dealing with Wireless Local Area Networks a client will associate with the closest access point.What does the closest access point mean in such a case?

On Wireless networks, what is the Service Set Identify used for?

Which are methods that attackers use to find buffer overflows? Choose all that apply.

Traditional firewalls have serious limitations where the data payload is not being inspected. These firewalls usually tend to work within the lower layer of the OSI model. What lay...

While exploiting remote targets using exploits, there are a few stages that have to take place. Which of the following stages is the payload which is executed after exploitation?

The nbstat tool is used to query the NetBIOS name table from a remote Windows system. The table below shows a sample output of the tool. The second column is a two digit hexadecima...

SSL can be used to protect information sent over a public network while surfing the web. During the establishment of a secure SSL session, on which side of the communication link i...

One of the last steps taken by an attacker will be to configure permanent access to a compromised system. However, the installation of a backdoor, installation of new processes, an...

To prevent the storage of hashes in LANMAN format in either the local SAM file or in Active Dierctory for computers running Windows 2000 SP2 or later, which of the following regist...

There is a method which allows you to find information on hosts located behind a firewall by using packets similar to the packets used by Traceroute. This method attempts to find o...

Which of the following ports could be associated with a trojan on a Windows computer? Choose two.

Looking at the SOA records presented below, how long will the secondary server wait before it reattempts to synchronize with the primary server if it was not able to do so when it...

From the items listed below, which would be expected from a cracker or hacker but NOT from an Ethical Hacker or Certified Penetration tester?

Which of the following scanning methods would be the most stealthy and best at hiding the source of a scan?

actively probing remote DNS servers and attempting to extact information from them. After investigation it was detected that jack had used the nslookup command entensively and he a...

Looking at the graphic below, determine what web site was visited by the user located at IP address 192.168.1.104?

SQL injection is defined as?

Select the best method of securing the underlying data tables on a database system.

When a network switch receives a very large quantity of random MAC addresses which would overfill the Content Addressable Memory (CAM) table, how will the switch react?

Having just downloaded a new version of Cain & Abel, you wish to monitor your network for clear text passwords being sent. Knowing you are currently connected to a switch you will...

Types of potential vulnerabilities that are commonly scanned for include(Choose All that Apply)

If IPSec cannot be implemented to secure network communication from sniffing, what program would be an alternative choice for secure terminal logins and file transfers on Windows c...

Given the following diagram, what ports shouldbe blocked on the perimeter and internal firewall to best protect the Microsoft SQL databae server from unauthorized inbound connectio...

Which of the following wouldbest match the following description.A program that looks useful at first sight but attempt to break your security policy by installling unwatned softwa...

Which of the following password and encyption cracking methods is guaranteed to successfully crack any password or encryption algorithm?

After completing your reconnaissance and scanning, which of the following would be the next logical step performed bye the Pen Tester?

Clement is someone who greatly enjoys fishing. Clement recently visited a web site that is very proactive in its attempt to save marine life. While on the site he downloaded a diso...

Which of the following are reasons why fragment-based port scans are often used by attackers? Choose two.

What technologies could a company deploy to protect all data passing from an employees home computer to the corporate intranet? Choose two.

While doing your testing you discover an MS SQL server within the target range. You attempt to connect to the SA account using the default password which is usually blank. You quic...

Which of the following is the most effective way to reduce the threat of social engineering? Choose the best Answer:.

Looking at the results of hping2 below, what does the flag=RA portion of the response most likely indicate in this case?

A TCP connect Scan which is also called a Vanilla TCP port scan will send a SYN packet to ports sequentially to see which are open. Using the Vanilla TCP Port Scan, what would be e...