A Review Of Printable GPEN Training Materials

NEW QUESTION 1

What is the impact on pre-calculated Rainbow Tables of adding multiple salts to a set of passwords?

• A. Salts increases the time to crack the original password by increasing the number oftables that must be calculate
• B. Salts double the total size of a rainbow table databas
• C. Salts can be reversed or removed from encoding quickly to produce unsaltedhashe
• D. Salts have little effect because they can be calculated on the fly with applicationssuch as Ophcrac

Answer: B

NEW QUESTION 2

One of the sales people in your company complains that sometimes he gets a lot of unsolicited messages on his PDA. After asking a few questions, you determine that the issue only occurs in crowded areas like airports. What is the most likely problem?

• A. Blue snarfing
• B. Blue jacking
• C. A virus
• D. Spam

Answer: B

NEW QUESTION 3

How many bits encryption does SHA-1 use?

• A. 128
• B. 140
• C. 512
• D. 160

Answer: D

NEW QUESTION 4

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure. com Website. The we-are-secure.com Web server is using Linux operating system. When you port scanned the we-are-secure.com Web server, you got that TCP port 23, 25, and 53 are open. When you tried to telnet to port 23, you got a blank screen in response. When you tried to type the dir, copy, date, del, etc. commands you got only blank spaces or underscores symbols on the screen. What may be the reason of such unwanted situation?

• A. The we-are-secure.com server is using honeypo
• B. The telnet session is being affected by the stateful inspection firewal
• C. The telnet service of we-are-secure.com has corrupte
• D. The we-are-secure.com server is using a TCP wrappe

Answer: D

NEW QUESTION 5

Which of the following tools allows you to download World Wide Web sites from the Internet to a local computer?

• A. Netstat
• B. Netcraft
• C. HTTrack
• D. Cheops-ng

Answer: C

NEW QUESTION 6

Raw netcat shells and telnet terminals share which characteristic?

• A. Ability to send commands to a target machin
• B. Ability to adapt output to the size of display window
• C. Shells and terminals are exactly the sam
• D. Ability to process standard output control sequence

Answer: D

Explanation:
Reference:
http://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter3.html

NEW QUESTION 7

You work as an IT Technician for uCertify Inc. You have to take security measures for the wireless network of the company. You want to prevent other computers from accessing the company's wireless network. On the basis of the hardware address, which of the following will you use as the best possible method to accomplish the task?

• A. MAC Filtering
• B. SSID
• C. RAS
• D. WEP

Answer: A

NEW QUESTION 8

Which of the following security protocols can be used to support MS-CHAPv2 for wireless client authentication?
Each correct answer represents a complete solution. Choose two.

• A. PEAP
• B. IPSec
• C. HTTP
• D. PPTP

Answer: AD

NEW QUESTION 9
CORRECT TEXT
Fill in the blank with the appropriate act name.
The ____act gives consumers the right to ask emailers to stop spamming them.

• A.

Answer: CAN-SPAM

NEW QUESTION 10

You work as a Penetration Tester for the Infosec Inc. Your company takes the projects of security auditing. Recently, your company has assigned you a project to test the security of the we-aresecure. com network. Now, when you have finished your penetration testing, you find that the weare- secure.com server is highly vulnerable to SNMP enumeration. You advise the we-are-secure Inc. to turn off SNMP; however, this is not possible as the company is using various SNMP services on its remote nodes. What other step can you suggest to remove SNMP vulnerability?
Each correct answer represents a complete solution. Choose two.

• A. Change the default community string name
• B. Install antiviru
• C. Close port TCP 53.
• D. Upgrade SNMP Version 1 with the latest versio

Answer: AD

NEW QUESTION 11

You've been contracted by the owner of a secure facility to try and break into their office in the middle of the night. Your client requested photographs of any sensitive information found as proof of your accomplishments. The job you've been hired to perform is an example of what practice?

• A. Penetration Testing
• B. Ethical Hacking
• C. Vulnerability Assessing
• D. Security Auditing

Answer: B

NEW QUESTION 12

Why is it important to have a cheat sheet reference of database system tables when performing SQL Injection?

• A. This is where sites typically store sensitive information such as credit card number
• B. These tables contain a list of allowed database applications
• C. The information in these tables will reveal details about the web application's cod
• D. These tables contain metadata that can be queried to gain additional helpful informatio

Answer: D

Explanation:
Reference: http://www.rackspace.com/knowledge_center/article/sql-injection-in-mysql

NEW QUESTION 13

You work as a Network Administrator for Tech Perfect Inc. The company has a TCP/IP-based network. Rick, your assistant, is configuring some laptops for wireless access. For security, WEP needs to be configured for wireless communication. By mistake, Rick configures different WEP keys in a laptop than that is configured on the Wireless Access Point (WAP). Which of the following statements is true in such situation?

• A. The laptop will be able to access the wireless network but the security will be compromised
• B. The WAP will allow the connection with the guest account's privilege
• C. The laptop will be able to access the wireless network but other wireless devices will be unable to communicate with i
• D. The laptop will not be able to access the wireless networ

Answer: D

NEW QUESTION 14

You have obtained the hash below from the /etc/shadow file. What are you able to discern simply by looking at this hash?

• A. A4XD$B4COCqWaEpFjLLD
• B. is a SHAI hash that was created using the salt $1 SuWeOhL6k$ 1
• C. A4XD$B4COCqWaEpFjLLD
• D. is an MD5 hash that was created using the salt $1 SuWeOhL6k$
• E. A4XDsB4COGqWaEpFjLLD
• F. is an MD5 hash that was created using the salt uWeOhL6k
• G. A4XDsB4COCqWaEpFjLLD
• H. is a SHAI hash that was created using the salt uweohL6k

Answer: C

NEW QUESTION 15

You are concerned about rogue wireless access points being connected to your network. What is the best way to detect and prevent these?

• A. Site surveys
• B. Protocol analyzers
• C. Network anti-spyware software
• D. Network anti-virus software

Answer: A

NEW QUESTION 16

In which of the following attacking methods does an attacker distribute incorrect IP address?

• A. IP spoofing
• B. Mac flooding
• C. Man-in-the-middle
• D. DNS poisoning

Answer: D

NEW QUESTION 17
......