SEC504 試験問題を無料オンラインアクセス

You want to perform passive footprinting against we-are-secure Inc. Web server. Which of the following tools will you use?

• A.Nmap
• B.Netcraft
• C.Ettercap
• D.Ethereal

The IT administrator wants to implement a stronger security policy. What are the four most important security priorities for PassGuide Software Systems Pvt. Ltd.?

• A.Ensuring secure authentication.
• B.Providing secure communications between Washington and the headquarters office.
• C.Providing secure communications between the overseas office and the headquarters.
• D.Providing two-factor authentication.
• E.Preventing denial-of-service attacks.
• F.Implementing Certificate services on Texas office.
• G.Preventing unauthorized network access.
• H.Protecting employee data on portable computers.

What is the major difference between a worm and a Trojan horse?

• A.A worm is self replicating, while a Trojan horse is not.
• B.A worm is a form of malicious program, while a Trojan horse is a utility.
• C.A worm spreads via e-mail, while a Trojan horse does not.
• D.A Trojan horse is a malicious program, while a worm is an anti-virus software.

Which of the following are the limitations for the cross site request forgery (CSRF) attack?
Each correct answer represents a complete solution. Choose all that apply.

• A.The attacker must determine the right values for all the form inputs.
• B.The attacker must target a site that doesn't check the referrer header.
• C.The target site should have limited lifetime authentication cookies.
• D.The target site should authenticate in GET and POST parameters, not only cookies.

You enter the following URL on your Web browser:
http://www.we-are-secure.com/scripts/..%co%af../..%co% af../windows/system32/cmd.exe?/c+dir+c:\
What kind of attack are you performing?

• A.Session hijacking
• B.Directory traversal
• C.Replay
• D.URL obfuscating