- (Topic 2)
Your company has blocked all the ports via external firewall and only allows port 80/443 to connect to the Internet. You want to use FTP to connect to some remote server on the Internet. How would you accomplish this?

1. A. Use HTTP Tunneling
2. B. Use Proxy Chaining
3. C. Use TOR Network
4. D. Use Reverse Chaining

Correct Answer: A

- (Topic 8)
Which of the following is most effective against passwords? Select the Answer:

1. A. Dictionary Attack
2. B. BruteForce attack
3. C. Targeted Attack
4. D. Manual password Attack

Correct Answer: B
The most effective means of password attack is brute force, in a brute force attack the program will attempt to use every possible combination of characters. While this takes longer then a dictionary attack, which uses a text file of real words, it is always capable of
breaking the password.

- (Topic 6)
Ann would like to perform a reliable scan against a remote target. She is not concerned about being stealth at this point.
Which of the following type of scans would be the most accurate and reliable option?

1. A. A half-scan
2. B. A UDP scan
3. C. A TCP Connect scan
4. D. A FIN scan

Correct Answer: C
A TCP Connect scan, named after the Unix connect() system call is the most accurate scanning method. If a port is open the operating system completes the TCP three- way handshake, and the port scanner immediately closes the connection. Otherwise an error code is returned.
Example of a three-way handshake followed by a reset:
SourceDestinationSummary
[192.168.0.8][192.168.0.10]TCP: D=80 S=49389 SYN SEQ=3362197786 LEN=0 WIN=5840
[192.168.0.10] [192.168.0.8] TCP: D=49389 S=80 SYN ACK=3362197787 SEQ=58695210 LEN=0 WIN=65535
[192.168.0.8][192.168.0.10]TCP: D=80 S=49389 ACK=58695211 WIN<<2=5840 [192.168.0.8][192.168.0.10]TCP: D=80 S=49389 RST ACK=58695211 WIN<<2=5840

- (Topic 7)
Which of the following are well know password-cracking programs?(Choose all that apply.

1. A. L0phtcrack
2. B. NetCat
3. C. Jack the Ripper
4. D. Netbus
5. E. John the Ripper

Correct Answer: AE
L0phtcrack and John the Ripper are two well know password-cracking programs. Netcat is considered the Swiss-army knife of hacking tools, but is not used for password cracking

- (Topic 2)
Leesa is the senior security analyst for a publicly traded company. The IT department recently rolled out an intranet for company use only with information ranging from training, to holiday schedules, to human resources data. Leesa wants to make sure the site is not accessible from outside and she also wants to ensure the site is Sarbanes-Oxley (SOX) compliant. Leesa goes to a public library as she wants to do some Google searching to verify whether the company's intranet is accessible from outside and has been indexed by Google. Leesa wants to search for a website title of "intranet" with part of the URL containing the word "intranet" and the words "human resources" somewhere in the webpage.
What Google search will accomplish this?

1. A. related:intranet allinurl:intranet:"human resources"
2. B. cache:"human resources" inurl:intranet(SharePoint)
3. C. intitle:intranet inurl:intranet+intext:"human resources"
4. D. site:"human resources"+intext:intranet intitle:intranet

Correct Answer: C