SEC504 試験問題を無料オンラインアクセス

Which of the following are countermeasures to prevent unauthorized database access attacks?
Each correct answer represents a complete solution. Choose all that apply.

• A.Input sanitization
• B.Removing all stored procedures
• C.Session encryption
• D.Applying strong firewall rules

Which of the following attacks involves multiple compromised systems to attack a single target?

• A.DDoS attack
• B.Brute force attack
• C.Dictionary attack
• D.Replay attack

Brutus is a password cracking tool that can be used to crack the following authentications:
l HTTP (Basic Authentication) l HTTP (HTML Form/CGI) l POP3 (Post Office Protocol v3) l FTP (File Transfer Protocol) l SMB (Server Message Block) l Telnet
Which of the following attacks can be performed by Brutus for password cracking? Each correct answer represents a complete solution. Choose all that apply.

• A.Hybrid attack
• B.Man-in-the-middle attack
• C.Brute force attack
• D.Dictionary attack
• E.Replay attack

Which of the following netcat parameters makes netcat a listener that automatically restarts itself when a connection is dropped?

• A.-L
• B.-l
• C.-p
• D.-u

Firewalking is a technique that can be used to gather information about a remote network protected by a firewall. This technique can be used effectively to perform information gathering attacks. In this technique, an attacker sends a crafted packet with a TTL value that is set to expire one hop past the firewall. Which of the following are pre-requisites for an attacker to conduct firewalking?
Each correct answer represents a complete solution. Choose all that apply.

• A.An attacker should know the IP address of the last known gateway before the firewall.
• B.An attacker should know the IP address of a host located behind the firewall.
• C.ICMP packets leaving the network should be allowed.
• D.There should be a backdoor installed on the network.