- (Topic 4)
Which of the following tools will scan a network to perform vulnerability checks and compliance auditing?

1. A. NMAP
2. B. Metasploit
3. C. Nessus
4. D. BeEF

Correct Answer: C

- (Topic 5)
What results will the following command yielD. 'NMAP -sS -O -p 123-153 192.168.100.3'?

1. A. A stealth scan, opening port 123 and 153
2. B. A stealth scan, checking open ports 123 to 153
3. C. A stealth scan, checking all open ports excluding ports 123 to 153
4. D. A stealth scan, determine operating system, and scanning ports 123 to 153

Correct Answer: D

- (Topic 3)
You want to perform advanced SQL Injection attack against a vulnerable website. You are unable to perform command shell hacks on this server. What must be enabled in SQL Server to launch these attacks?

1. A. System services
2. B. EXEC master access
3. C. xp_cmdshell
4. D. RDC

Correct Answer: C

- (Topic 5)
The network administrator for a company is setting up a website with e-commerce capabilities. Packet sniffing is a concern because credit card information will be sent electronically over the Internet. Customers visiting the site will need to encrypt the data with HTTPS. Which type of certificate is used to encrypt and decrypt the data?

1. A. Asymmetric
2. B. Confidential
3. C. Symmetric
4. D. Non-confidential

Correct Answer: A

- (Topic 1)
TCP/IP Session Hijacking is carried out in which OSI layer?

1. A. Datalink layer
2. B. Transport layer
3. C. Network layer
4. D. Physical layer

Correct Answer: B