Question 19

- (Topic 3)
You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure. com Website. The we-are-secure.com Web server is using Linux operating system. When you port scanned the we-are-secure.com Web server, you got that TCP port 23, 25, and 53 are open. When you tried to telnet to port 23, you got a blank screen in response. When you tried to type the dir, copy, date, del, etc. commands you got only blank spaces or underscores symbols on the screen. What may be the reason of such unwanted situation?

Correct Answer:C

Question 20

- (Topic 1)
What is the impact on pre-calculated Rainbow Tables of adding multiple salts to a set of passwords?

Correct Answer:B

Question 21

- (Topic 1)
Why is OSSTMM beneficial to the pen tester?

Correct Answer:C
Reference:
http://www.pen-tests.com/open-source-security-testing-methodology-manual-osstmm.html

Question 22

- (Topic 1)
While reviewing traffic from a tcpdump capture, you notice the following commands being sent from a remote system to one of your web servers:
C:>sc winternet.host.com create ncservicebinpath- "c:toolsncexe -I -p 2222 -e cmd.exe"
C:>sc vJnternet.host.com query ncservice.
What is the intent of the commands?

Correct Answer:C

Question 23

- (Topic 3)
Adam, a malicious hacker, hides a hacking tool from a system administrator of his company by using Alternate Data Streams (ADS) feature. Which of the following statements is true in context with the above scenario?

Correct Answer:D

Question 24

- (Topic 1)
Which of the following is the JavaScript variable used to store a cookie?

Correct Answer:C
Reference: http://www.w3schools.com/js/js_cookies.asp

START GPEN EXAM