- Email support@dumps4free.com
Topic 1: Exam Pool A
Which of the following viruses tries to hide from anti-virus programs by actively altering and
corrupting the chosen service call interruptions when they are being run?
A.
Macro virus
B.
Stealth/Tunneling virus
C.
Cavity virus
D.
Polymorphic virus
Stealth/Tunneling virus
What is the known plaintext attack used against DES which gives the result that encrypting
plaintext with one DES key followed by encrypting it with a second DES key is no more
secure than using a single key?
A.
Man-in-the-middle attack
B.
Meet-in-the-middle attack
C.
Replay attack
D.
Traffic analysis attack
Meet-in-the-middle attack
Explanation:
https://en.wikipedia.org/wiki/Meet-in-the-middle_attack
The meet-in-the-middle attack (MITM), a known plaintext attack, is a generic space–time
tradeoff cryptographic attack against encryption schemes that rely on performing multiple
encryption operations in sequence. The MITM attack is the primary reason why Double
DES is not used and why a Triple DES key (168-bit) can be bruteforced by an attacker with
256 space and 2112 operations.
The intruder has to know some parts of plaintext and their ciphertexts. Using meet-in-the-middle attacks it is possible to break ciphers, which have two or more secret keys for
multiple encryption using the same algorithm. For example, the 3DES cipher works in this
way. Meet-in-the-middle attack was first presented by Diffie and Hellman for cryptanalysis
of DES algorithm.
Which of the following incident handling process phases is responsible for defining rules,
collaborating human workforce, creating a back-up plan, and testing the plans for an
organization?
A.
Preparation phase
B.
Containment phase
C.
Identification phase
D.
Recovery phase
Preparation phase
While using your bank’s online servicing you notice the following string in the URL bar:
“http: // www. MyPersonalBank. com/
account?id=368940911028389&Damount=10980&Camount=21”
You observe that if you modify the Damount & Camount values and submit the request,
that data on the web page reflects the changes.
Which type of vulnerability is present on this site?
A.
Cookie Tampering
B.
SQL Injection
C.
Web Parameter Tampering
D.
XSS Reflection
Web Parameter Tampering
Based on the following extract from the log of a compromised machine, what is the hacker
really trying to steal?
A.
har.txt
B.
SAM file
C.
wwwroot
D.
Repair file
SAM file
| Page 6 out of 114 Pages |
| Previous |