How do you defend against DHCP Starvation attack?

A. Enable ARP-Block on the switch

B. Enable DHCP snooping on the switch

C. Configure DHCP-BLOCK to 1 on the switch

D. Install DHCP filters on the switch to block this attack

A corporation hired an ethical hacker to test if it is possible to obtain users' login credentials using methods other than social engineering. Access to offices and to a network node is granted. Results from server scanning indicate all are adequately patched and physical access is denied, thus, administrators have access only through Remote Desktop. Which technique could be used to obtain login credentials?

A. Capture every users' traffic with Ettercap.

B. Capture LANMAN Hashes and crack them with LC6.

C. Guess passwords using Medusa or Hydra against a network service.

D. Capture administrators RDP traffic and decode it with Cain and Abel.

_________ ensures that the enforcement of organizational security policy does not rely on voluntary web application user compliance. It secures information by assigning sensitivity labels on information and comparing this to the level of security a user is operating at.

A. Mandatory Access Control

B. Authorized Access Control

C. Role-based Access Control

D. Discretionary Access Control

Which one of the following attacks will pass through a network layer intrusion detection system undetected?

A. A teardrop attack

B. A SYN flood attack

C. A DNS spoofing attack

D. A test.cgi attack

There are two types of honeypots- high and low interaction. Which of these describes a low interaction honeypot? Select the best answers.

A. Emulators of vulnerable programs

B. More likely to be penetrated

C. Easier to deploy and maintain

D. Tend to be used for production

E. More detectable

F. Tend to be used for research