ML0-320 Exam Questions

location. He has tried every trick in his bag but still did not succeed. From the choice presented below, what type of logical attempt is he most likely to attempt next?

As you have learned in your Penetration Testing training or field experience, WEP is the encryption that was used with early WLAN implementation.it uses a stream cipher called RC4...

Which of these methods would be considered examples of active reconnaissance? (Choose three.)

Which tool speeds up offline password cracking by precomputing tables of password hashes? Choose the best Answer:.

Dozens of methodologies exist on the market today. Most of them follow the very high level steps. Which of the following would represent the most common and logical approach to pen...

What are the possible countermeasures to buffer overflow exploits? Choose all that apply.

When a company wishes to have some asurance that a product is working as per the vendor claim they usually seek certification.One of the most commonly used certification schemes to...

Which of the following password implementation is found only in Windows 2000 and newer Windows versions?

Which of the following enumeration techniques can reveal the true built-in Administrator account even if has been renamed? Choose two.

Looking at the graphic presented below, what destination port is highlighted in the Hex dump presented? Extract the information from the Hex dump packet captured below.

There are different types of access control that can be used within a company. Logical security will be directly affected depending on the type that you select. Which of the follow...

Which of the following statements would be TRUE when referring to Stream cliphers?

At times a tester will be challenged to craft a packet that needs a special quantity of payload data, a specific starting TTL value, a specific speed at which the packet can be sen...

Which of the following is the best security risk that has been experienced within applications over the past few years?

Under the SNMP protocol, what does a trap consist of? Choose the best Answer:.

What does the union operation perform when attempting to execute an SQL Injection through a web form?

How does a system administrator prevent Idp.exe and user2sid.exe tools from retrieving domain usernames, SIDs, and other information from a Windows 2000 Domain Controller if no use...

Under the Windows platform, there is something refered to as Null Session. Which of the following statements would best describe what a null session consists of?

Nathalie is exclusively making use of a public key crypto system to communicate with her peers. She would like to send information to Bob while protecting the confidentiality of th...

Why is it more difficult to santilize information about a company that has publicly-traded stock? Choose the best Answer:.

What program can locate computers running sniffers by sending out special ARP packets that only network cards in promiscuous mode will reply to? Choose the best Answer:.

When you create a hash value of the message you wish to send, then you encrypt the hash value using your private key before sending it to the receiver in order to prove the authent...

To block tunneling remote access trojans like 007Shell, what should you do on your firewall? Choose the best Answer:.

Intrusion Detection Systems have multiple ways to decode the information. Which of the following definitions would best describe Protocol Anomaly Detection within an Intrusion Dete...

Mary has learned about the different ways authentication can be implemented on a web site. Which of the following forms of authentication would consist of the most basic form and a...

Which of the following exploits/abuse would all be located at the network layer of the OSI model? (Choose all that applies)

How would you call a malware that is set to trigger at a specific date, or sometime in the future?

Looking at the SOA records presented below, for how long will the secondary DNS servers attempt to contact the primary DNS server before a zone be considered dead.

When a piece of malware executes on a computer, what privilege level or account will it execute under? Choose the best Answer:.

Why are SYN port scans not as stealthy as what they originally were several years ago? Choose two.

Which of the following actions can often be used as countermeasures to port scans? Choose all that apply.

Spyware is either hardware or software installed on a computer which gather information about the user for later retrieval by whoever controls the Spyware. It is installed without...

Which of the following statements explain why hardware-based keystroke loggers are so dangerous? Choose three.

Wayne, who has a twisted mind, has been watching security mailing lists very closely. Today he has seen a new vulnerability announcement that affects multiple mail servers. Jack wi...

Which of the following is a MS Access database SQL injection script?

Pieces of malware code are getting smarter all the time. It seems it always finds a way of reinstalling itself on a system after it has been removed. If you wish to look for malici...

What technologies could a company deploy to protect all data passing from an employees home computer to the corporate intranet? Choose two.

Bob has heard about weaknesses related to phone systems from one of his phreaker friends. His friend warns him about the potential danger of listening devices that are sometimes ba...

System administrators need to be aware of what tool that adds white-bytes of executable code to an existing malicious binary with the goal of evading anti-trojan software using MD5...

What software can alert an administrator to modified files (system or otherwise) by comparing new the hash to the hash on the original trusted file? Choose all that apply.

Which of the following ports are used by the Simple Network Management Protocol? (Choose two)

When referring to databases, what would you call the number of rows within a table?

Why is it more difficult to sanitize information about a company that has publicly-traded stock? Choose the best Answer:.

Which of the following is NOT a tool that could be perform a zone transfer?

Yannick who is a very smart security tester has mentioned to one of his friends that he has found a way of appending data to an existing file using the built in Windows tools and n...

Doing Operating System identification remotely is an art that requires analysis of responses from packets being sent.In order to do so efficiently, a methodology called fuzzy logic...

This document is a high level document that describes management intentions towards security. What is the name of the document?

DNS Spoofing can allow an attacker to sniff traffic that is meant to go to particular web sites. Which of the following tools can perform DNS Spoofing? Choose two.

On 802.11x Wireless Local Area Network, what is the effective length of the keys being used?

Spyware is either hardware or software installed on a computer which gather information about the user for later retrieval by whoever controls the Spyware. It is installed without...