Which of the following items of a computer system will an anti-virus program scan for viruses?


A. Boot Sector
B. Deleted Files
C. Windows Process List
D. Password Protected Files

How can a rootkit bypass Windows 7 operating systems kernel mode, code signing policy?


A. Defeating the scanner from detecting any code change at the kernel
B. Replacing patch system calls with its own version that hides the rootkit (attacker's) actions
C. Performing common services for the application process and replacing real applications with fake ones
D. Attaching itself to the master boot record in a hard drive and changing the machine's boot sequence/options

What is the best defense against privilege escalation vulnerability?


A. Patch systems regularly and upgrade interactive login privileges at the system administrator level.
B. Run administrator and applications on least privileges and use a content registry for tracking.
C. Run services with least privileged accounts and implement multi-factor authentication and authorization.
D. Review user roles and administrator privileges for maximum utilization of automation services.

Which of the following tools will scan a network to perform vulnerability checks and compliance auditing?


A. NMAP
B. Metasploit
C. Nessus
D. BeEF

On a Linux device, which of the following commands will start the Nessus client in the background so that the Nessus server can be configured?


A. nessus +
B. nessus *s
C. nessus &
D. nessus -d

A hacker searches in Google for filetype:pcf to find Cisco VPN config files. Those files may contain connectivity passwords that can be decoded with which of the following?


A. Cupp
B. Nessus
C. Cain and Abel
D. John The Ripper Pro

A hacker is attempting to use nslookup to query Domain Name Service (DNS). The hacker uses the nslookup interactive mode for the search. Which command should the hacker type into the command shell to request the appropriate records?


A. Locate type=ns
B. Request type=ns
C. Set type=ns
D. Transfer type=ns

Which command line switch would be used in NMAP to perform operating system detection?


A. -OS
B. -sO
C. -sP
D. -O

ICMP ping and ping sweeps are used to check for active systems and to check

A. if ICMP ping traverses a firewall.
B. the route that the ICMP ping took.
C. the location of the switchport in relation to the ICMP ping.
D. the number of hops an ICMP ping takes to reach a destination.

A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?


A. -sO
B. -sP
C. -sS
D. -sU