When a malicious hacker identifies a target and wants to eventually compromise this target, what would be the first step the attacker would perform?

A. Cover his tracks by eradicating the log files

B. Gain access to the remote computer for identification of venue of attacks

C. Perform a reconnaissance of the remote target for identification of venue of attacks

D. Always starts with a scan in order to quickly identify venue of attacks

Jane wishes to forward X-Windows traffic to a remote host as well as POP3 traffic. She is worried that adversaries might be monitoring the communication link and could inspect captured traffic. She would line to tunnel the information to the remote end but does not have VPN capabilities to do so.

Which of the following tools can she use to protect the link?

A. MD5

B. SSH

C. RSA

D. PGP

ETHER: Destination address : 0000BA5EBA11 ETHER: Source address :

00A0C9B05EBD ETHER: Frame Length : 1514 (0x05EA) ETHER: Ethernet Type :

0x0800 (IP) IP: Version = 4 (0x4) IP: Header Length = 20 (0x14) IP:

Service Type = 0 (0x0) IP: Precedence = Routine IP: ...0.... = Normal Delay IP: ....0... = Normal Throughput IP: .....0.. = Normal Reliability IP: Total Length = 1500 (0x5DC) IP: Identification = 7652 (0x1DE4) IP: Flags Summary = 2 (0x2)

IP: .......0 = Last fragment in datagram IP: ......1. = Cannot fragment datagram IP:

Fragment Offset = (0x0) bytes IP: Time to Live = 127 (0x7F) IP: Protocol = TCP - Transmission Control IP: Checksum = 0xC26D IP: Source Address = 10.0.0.2 IP:

Destination Address = 10.0.1.201 TCP: Source Port = Hypertext Transfer Protocol TCP: Destination Port = 0x1A0B TCP: Sequence Number = 97517760 (0x5D000C0) TCP: Acknowledgement Number = 78544373 (0x4AE7DF5) TCP:

Data Offset = 20 (0x14) TCP: Reserved = 0 (0x0000) TCP: Flags = 0x10 : .A.... TCP: ..0..... = No urgent data TCP: ...1.... = Acknowledgement field significant TCP: ....0... = No Push function TCP:

.....0.. = No Reset TCP: ......0. = No Synchronize TCP: .......0 = No Fin TCP: Window = 28793 (0x7079) TCP: Checksum = 0x8F27 TCP: Urgent Pointer = 0 (0x0) An employee wants to defeat detection by a network-based IDS application. He

does not want to attack the system containing the IDS application. Which of the following strategies can be used to defeat detection by a network-based IDS application?

A. Create a SYN flood

B. Create a network tunnel

C. Create multiple false positives

D. Create a ping flood

Which of the following statements would not be a proper definition for a Trojan Horse?

A. An unauthorized program contained within a legitimate program.This unauthorized program performs functions unknown (and probably unwanted) by the user.

B. A legitimate program that has been altered by the placement of unauthorized code within it; this code perform functions unknown (and probably unwanted) by the user.

C. An authorized program that has been designed to capture keyboard keystrokes while the user remains unaware of such an activity being performed.

D. Any program that appears to perform a desirable and necessary function but that (because of unauthorized code within it that is unknown to the user) performs functions unknown (and definitely unwanted) by the user.

System Administrators sometimes post questions to newsgroups when they run into technical challenges. As an ethical hacker, you could use the information in newsgroup posting to glean insight into the makeup of a target network. How would you search for these posting using Google search?

A. Search in Google using the key strings "the target company" and "newsgroups"

B. Search for the target company name at http://groups.google.com

C. Use NNTP websites to search for these postings

D. Search in Google using the key search strings "the target company" and "forums"