Jim, a professional hacker, targeted an organization that is operating critical Industrial Infrastructure. Jim used Nmap to scan open pons and running services on systems connected to the organization's OT network. He used an Nmap command to identify Ethernet/IP devices connected to the Internet and further gathered Information such as the vendor name, product code and name, device name, and IP address. Which of the following Nmap commands helped Jim retrieve the required information?

1. A. nmap -Pn -sT --scan-delay 1s --max-parallelism 1 -p < Port List > < Target IP >
2. B. nmap -Pn -sU -p 44818 --script enip-info < Target IP >
3. C. nmap -Pn -sT -p 46824 < Target IP >
4. D. nmap -Pn -sT -p 102 --script s7-info < Target IP >

Correct Answer: B

You are working as a Security Analyst in a company XYZ that owns the whole subnet range of 23.0.0.0/8 and 192.168.0.0/8.
While monitoring the data, you find a high number of outbound connections. You see that IP’s owned by XYZ (Internal) and private IP’s are communicating to a Single Public IP. Therefore, the Internal IP’s are sending data to the Public IP.
After further analysis, you find out that this Public IP is a blacklisted IP, and the internal communicating devices are compromised.
What kind of attack does the above scenario depict?

1. A. Botnet Attack
2. B. Spear Phishing Attack
3. C. Advanced Persistent Threats
4. D. Rootkit Attack

Correct Answer: A

DNS cache snooping is a process of determining if the specified resource address is present in the DNS cache records. It may be useful during the examination of the network to determine what software update resources are used, thus discovering what software is installed.
What command is used to determine if the entry is present in DNS cache?

1. A. nslookup -fullrecursive update.antivirus.com
2. B. dnsnooping –rt update.antivirus.com
3. C. nslookup -norecursive update.antivirus.com
4. D. dns --snoop update.antivirus.com

Correct Answer: C

You are a Network Security Officer. You have two machines. The first machine (192.168.0.99) has snort installed, and the second machine (192.168.0.150) has kiwi syslog installed. You perform a syn scan in your network, and you notice that kiwi syslog is not receiving the alert message from snort. You decide to run wireshark in the snort machine to check if the messages are going to the kiwi syslog machine. What Wireshark filter will show the connections from the snort machine to kiwi syslog machine?

1. A. tcp.srcport= = 514 && ip.src= = 192.168.0.99
2. B. tcp.srcport= = 514 && ip.src= = 192.168.150
3. C. tcp.dstport= = 514 && ip.dst= = 192.168.0.99
4. D. tcp.dstport= = 514 && ip.dst= = 192.168.0.150

Correct Answer: D

what are common files on a web server that can be misconfigured and provide useful Information for a hacker such as verbose error messages?

1. A. httpd.conf
2. B. administration.config
3. C. idq.dll
4. D. php.ini

Correct Answer: D
The php.ini file may be a special file for PHP. it’s where you declare changes to your PHP settings. The server is already configured with standard settings for PHP, which your site will use by default. Unless you would like to vary one or more settings, there’s no got to create or modify a php.ini file. If you’d wish to make any changes to settings, please do so through the MultiPHP INI Editor.