Question 1

Robin, a professional hacker, targeted an organization's network to sniff all the traffic. During this process.

Robin plugged in a rogue switch to an unused port in the LAN with a priority lower than any other switch in

the network so that he could make it a root bridge that will later allow him to sniff all the traffic in the

network.

What is the attack performed by Robin in the above scenario?

Options :

A : ARP spoofing attack

B : VLAN hopping attack

C : DNS poisoning attack

D : STP attack

Answer: D

Question 2

Peter, a Network Administrator, has come to you looking for advice on a tool that would help him perform

SNMP enquires over the network.

Which of these tools would do the SNMP enumeration he is looking for? Select the best answers.

Options :

A : SNMPUtil

B : SNScan

C : SNMPScan

D : Solarwinds IP Network Browser

E : NMap

Answer: A,B,D

Question 3

You are an ethical hacker contracted to conduct a security audit for a company. During the audit, you discover that the company's wireless network is using WEP encryption. You understand the vulnerabilities associated with WEP and plan to recommend a more secure encryption method. Which of the following would you recommend as a Suitable replacement to enhance the security of the company's wireless network?

Options :

A : MAC address filtering

B : WPA2-PSK with AES encryption

C : Open System authentication

D : SSID broadcast disabling

Answer: B

Question 4

Based on the below log, which of the following sentences are true?

Mar 1, 2016, 7:33:28 AM 10.240.250.23 - 54373 10.249.253.15 - 22 tcp_ip

Options :

A : Application is FTP and 10.240.250.23 is the client and 10.249.253.15 is the server.

B : Application is SSH and 10.240.250.23 is the server and 10.249.253.15 is the client.

C : SSH communications are encrypted; it’s impossible to know who is the client or the server.

D : Application is SSH and 10.240.250.23 is the client and 10.249.253.15 is the server.

Answer: D

Question 5

In Trojan terminology, what is a covert channel?

Options :

A : A channel that transfers information within a computer system or network in a way that violates the security policy

B : A legitimate communication path within a computer system or network for transfer of data

C : It is a kernel operation that hides boot processes and services to mask detection

D : It is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish connections

Answer: A