Smart cards use which protocol to transfer the certificate in a secure manner?


A. Extensible Authentication Protocol (EAP)
B. Point to Point Protocol (PPP)
C. Point to Point Tunneling Protocol (PPTP)
D. Layer 2 Tunneling Protocol (L2TP)

Which of the following programming languages is most vulnerable to buffer overflow attacks?


A. Perl
B. C++
C. Python
D. Java

When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?


A. Network tap
B. Layer 3 switch
C. Network bridge
D. Application firewall

Which of the following identifies the three modes in which Snort can be configured to run?


A. Sniffer, Packet Logger, and Network Intrusion Detection System
B. Sniffer, Network Intrusion Detection System, and Host Intrusion Detection System
C. Sniffer, Host Intrusion Prevention System, and Network Intrusion Prevention System
D. Sniffer, Packet Logger, and Host Intrusion Prevention System

A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database.
In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?


A. Semicolon
B. Single quote
C. Exclamation mark
D. Double quote

Which tool is used to automate SQL injections and exploit a database by forcing a given web application to connect to another database controlled by a hacker?


A. DataThief
B. NetCat
C. Cain and Abel
D. SQLInjector

Which of the following is a client-server tool utilized to evade firewall inspection?


A. tcp-over-dns
B. kismet
C. nikto
D. hping

What is the outcome of the commnc -l -p 2222 | nc 10.1.0.43 1234"?


A. Netcat will listen on the 10.1.0.43 interface for 1234 seconds on port 2222.
B. Netcat will listen on port 2222 and output anything received to a remote connection on 10.1.0.43 port 1234.
C. Netcat will listen for a connection from 10.1.0.43 on port 1234 and output anything received to port 2222.
D. Netcat will listen on port 2222 and then output anything received to local interface 10.1.0.43.

A pentester is using Metasploit to exploit an FTP server and pivot to a LAN. How will the pentester pivot using Metasploit?


A. Issue the pivot exploit and set the meterpreter.
B. Reconfigure the network settings in the meterpreter.
C. Set the payload to propagate through the meterpreter.
D. Create a route statement in the meterpreter.

Which protocol and port number might be needed in order to send log messages to a log analysis tool that resides behind a firewall?


A. UDP 123
B. UDP 541
C. UDP 514
D. UDP 415