ML0-320 Exam Questions

System administrators need to be aware of what tool that adds while-bytes of executable code to an existing malicious binary with the goal of evading anti-trojan software using MD5...

Which of the following would best describe the meaning of steganography?

In symmetric cryptosystem, how many keys are needed to communicate securely between 10 different people who all wish to have a key pair to talk to each other?

What technology has made trojans easy to distribute? Choose the best Answer:.

It is common knowledge that a Penetration Test relies on a testers ability to collect information from different sources. Only about 35% to 40% of the information collected will be...

One of your clients has been the victim of a brute force attack against their SSH server. They ask you what could be done to protect their Linux servers. You propose the use of IP...

Which of the following best describes a Script Kiddie?

Assuming SNMP Agent devices are IPSec-capable, why would implementing IPSec help protect SNMP Agents? Choose three.

Which tools and or techniques can be used to remove an Alternative Data Stream on an NTFS file? Choose two.

Bob is working as an Instrusion Detection System administrator for a company called CCCure. Being a keen analyst he has noted a very large amount of SYN packet being sent to some o...

An administrator has just completed the installation of Nessus on a Linux System that will only have physical space for the server and no monitor.The administrator was told that Ne...

When doing an ACK flag scanning the target host is sent TCP packets with the ACK flag set and the reply is then analyzed. Which of the following items within the response packets w...

There are multiples ways that passwords could be cracked. Which of the following is not a password cracking method?

When referring to database, what would you call the number of rows within a table?

If an attacker gets Adminsitrative-level access, why cant the entries in the Event log be trusted with certainty? Choose two.

Jhezza has just arrived at her office and she is checking her stock portfolio as she does every day. She connects to her broker web site and decides to buy some stocks that are hig...

Which of the following SQL injection scripts would attempt to discover all usernames on the table users beginning with Ad?

Why wouldn't it be surprising to find netcat on a trojaned-computer? Choose three.

Which of the following techniques would be effective to get around some of the blocking rules on certain firewalls? The same technique could be used to avoid detection by intrusion...

When a digital certificate has been revoked before its expiry date, how will the Certification Authority (CA) that issued the certificate inform other CAs that the specific certifi...

Examining all web pages from a site might be a tedious task. In order to facilitate such as task you can make use of a web crawler. Which of the choices presented below would best...

While performing a penetration test you discover that the system being tested is already compromised by an intruder. Further examination shows the intruder being currently on the s...

Why is it often recommended to rename the built-in Administrator account on a Windows 2000 domain? Choose the best Answer:.

Which of the following pieces of information can be obtained from a Whois query? Choose all that apply.

A Denial of Service (DoS) attack can have severe effect on a company network or systems.What is the main purpose of a DoS attack? Choose the best response.

John is attempting to reduce the likelihood that his Linux server could be compromised through exploitation of ports and services that are not necessary or through the use of packe...

Password attack fall within two main categoriesSocial Attacks and Digital Attacks. Which of the following would not be considered a Social Attack on passwords?

proactive in their security approach. Most likely there are some Intrusion Detection Systems (IDS) in place that would quickly identify Julius IP address and he would then be block...

Bob has accessed a nice site that sells high end wireless network equipment. However, after looking around for a while it was obvious that most items were too expensive for his low...

BASIC authentication for HTTP authentication is universally understood but has the disadvantage of passing username and password in BASE64 encoding. What technology could be used t...

security test on some of their servers. Over the past few days Joshua has been collecting tons of information about his target. He did so by accessing public database and never sen...

The process of flooding a local segment with thousands of random MAC addresses can result in some switches behaving like a hub. The goal of the hacker is to accomplish what? Choose...

What is one possible method that hackers can use to sniff SSL connections? Choose the best Answer:.

You have noticed that one of your users has installed a tool named KerbCrack as well as another tool named KerbSniff on his machine withou your authroization. The company is making...

The Advanced Encryption Standard (AES) was released to protect sensitive data used by US.Government organizations. Up to what classification level was AES built for?

Vulnerabilities Scanners have large databases of known vulnerabilities and exposures that exist within a very large number of operating systems and applications. Most scanners are...

What technology is often used by employees to get access to web sites that are blocked by their corporate proxy server? Choose the best Answer:.

Cracking encryption is often impossible due to time constraints whereby it would take hundreds of years in some cases. Great advancement has taken place lately regarding the cracki...

Which of these methods would be considered examples of active reconnaissance? (Choose three.)

Bob has just produced a very detailed penetration testing report for his client.Bob wishes to ensure that the report will not be changed in storage or in transit. What would be the...

Which of the following is the best method to counteract offline password cracking? Choose the best Answer:.

Which of the following could be countermeasures to scanning? Choose all that apply.

Which of the following are reasons why LAN Manager hashes stored in the SAM file are considered relatively easy to crack? Choose two.

A null session allows users to connect remotely to other Windows computers on the network.According to the implementation of NULL Session on Windows platforms, how long would the p...

Todays security infrastructures are composed of firewall, instrusion detection systems, content screening, certificates, tokens, and a lot more. Howeve, there is still one aspect t...

You have successfully exploited a remote computer. You now have limited privilege on the remote computer. You tests have revealed that it is possible to download files from the int...

Keen administrators (the enemy of penetration testers)will take great steps in order to collect logs on different servers.By having a detailed log of activities they may be able to...

What is the most secure method of implementing Software Restriction Policies to prevent users from running both unauthorized and undesirable software? Choose the best Answer:.

One of the challenges when doing large scale security tests is the time required. If you have to scan a class B network it might take you a very long time. Scanrand is a tool that...

When talking about databases search query languages, commands such as Select, Update, Insert, Grant, and Revoke would all the part of what language?