- Email support@dumps4free.com
Topic 1: Exam Pool A
Which of the following programs is usually targeted at Microsoft Office products?
A.
Polymorphic virus
B.
Multipart virus
C.
Macro virus
D.
Stealth virus
Macro virus
Explanation:
A macro virus is a virus that is written in a macro language: a programming language which
is embedded inside a software application (e.g., word processors and spreadsheet
applications). Some applications, such as Microsoft Office, allow macro programs to be
embedded in documents such that the macros are run automatically when the document is
opened, and this provides a distinct mechanism by which malicious computer instructions
can spread. (Wikipedia)
NB: The virus Melissa is a well-known macro virus we could find attached to word
documents.
DHCP snooping is a great solution to prevent rogue DHCP servers on your network. Which
security feature on switchers leverages the DHCP snooping database to help prevent manin-
the-middle attacks?
A.
Spanning tree
B.
Dynamic ARP Inspection (DAI)
C.
Port security
D.
Layer 2 Attack Prevention Protocol (LAPP)
Dynamic ARP Inspection (DAI)
Explanation:
Dynamic ARP inspection (DAI) protects switching devices against Address Resolution
Protocol (ARP) packet spoofing (also known as ARP poisoning or ARP cache poisoning).
DAI inspects ARPs on the LAN and uses the information in the DHCP snooping database
on the switch to validate ARP packets and to protect against ARP spoofing. ARP requests
and replies are compared against entries in the DHCP snooping database, and filtering
decisions are made based on the results of those comparisons. When an attacker tries to
use a forged ARP packet to spoof an address, the switch compares the address with
entries in the database. If the media access control (MAC) address or IP address in the
ARP packet does not match a valid entry in the DHCP snooping database, the packet is
dropped.
Scenario1:
1.Victim opens the attacker's web site.
2.Attacker sets up a web site which contains interesting and attractive content like 'Do you
want to make
$1000 in a day?'.
3.Victim clicks to the interesting and attractive content URL.
4.Attacker creates a transparent 'iframe' in front of the URL which victim attempts to click,
so victim thinks that he/she clicks to the 'Do you want to make $1000 in a day?' URL but
actually he/she clicks to the content or URL that exists in the transparent 'iframe' which is
setup by the attacker.
What is the name of the attack which is mentioned in the scenario?
A.
Session Fixation
B.
HTML Injection
C.
HTTP Parameter Pollution
D.
Clickjacking Attack
Clickjacking Attack
Explanation: https://en.wikipedia.org/wiki/Clickjacking
Clickjacking is an attack that tricks a user into clicking a webpage element which is invisible
or disguised as another element. This can cause users to unwittingly download malware,
visit malicious web pages, provide credentials or sensitive information, transfer money, or
purchase products online.
Typically, clickjacking is performed by displaying an invisible page or HTML element, inside
an iframe, on top of the page the user sees. The user believes they are clicking the visible
page but in fact they are clicking an invisible element in the additional page transposed on
top of it.
The collection of potentially actionable, overt, and publicly available information is known
as
A.
Open-source intelligence
B.
Real intelligence
C.
Social intelligence
D.
Human intelligence
Open-source intelligence
What is the proper response for a NULL scan if the port is open?
A.
SYN
B.
ACK
C.
FIN
D.
PSH
E.
RST
F.
No response
No response
| Page 15 out of 114 Pages |
| Previous |