SEC504 Questions And Answers
$68
Exam Name: Hacker Tools, Techniques, Exploits and Incident Handling
Updated: 2020-09-30
Q & A: 328
- Reviews
-
Eliseo CicconeFeb 22,2020I have passed my SEC504 exam in France, your study guide is still valid.
Customers who bought this item also bought
Why Choose PassQuestion SANS SEC504 Exam Questions
Passquestion team uses professional knowledge and experience to provide Certified Incident Handler SEC504 Questions and Answers for people ready to participate in Hacker Tools, Techniques, Exploits and Incident Handling exam. The accuracy rate of SEC504 exam questions provided by Passquestion are very high and they can 100% guarantee you pass the SANS SEC504 exam successfully in the first attempt. Everyone can get SEC504 pdf with free test engine to study. PassQuestion can promise you always have the latest version for your SANS SEC504 test preparation and get your Certified Incident Handler certification easily.
SEC504 Frequently Asked Questions
Q1: Can I use SEC504 exam Q&As in my phone?
Yes, PassQuestion provides Certified Incident Handler SEC504 pdf Q&As which you can download to study on your computer or mobile device, we also provide SEC504 pdf free demo which from the full version to check its quality before purchasing.
Q2: What are the formats of your SANS SEC504 exam questions?
PassQuestion provides SANS SEC504 exam questions with pdf format and software format, pdf file will be sent in attachment and software file in a download link, you need to download the link in a week, it will be automatically invalid after a week.
Q3: How can I download my SEC504 test questions after purchasing?
We will send Certified Incident Handler SEC504 test questions to your email once we receive your order, pls make sure your email address valid or leave an alternate email.
Q4: How long can I get my Certified Incident Handler SEC504 questions and answers after purchasing?
We will send Certified Incident Handler SEC504 questions and answers to your email in 10 minutes in our working time and no less than 12 hours in our off time.
Working Time:
GMT+8: Monday- Saturday 8:00 AM-18:00 PM
GMT: Monday- Saturday 0:00 AM-10:00 AM
Q5: Can I pass my test with your Certified Incident Handler SEC504 practice questions only?
Sure! All of PassQuestion Certified Incident Handler SEC504 practice questions come from real test. If you can practice well and get a good score in our practice Q&As, we ensure you can pass your Hacker Tools, Techniques, Exploits and Incident Handling exam easily.
Q6: How can I know my SEC504 updated?
You can check the number of questions, if it is changed,that means we have updated this exam ,you can contact us anytime to ask for an free update. our sales email : [email protected]
Q7: What is your refund process if I fail SANS SEC504 test?
If you fail your SEC504 test in 60 days by studying our study material, just scan your score report and send to us in attchment,when we check, we will give you full refund.
Q8. What other payment menthod can I use except Paypal?
If your country don't support Paypal, we offer another Payment method Western Union,it is also safe and fast. Pls contact us for the details, we will send it to your email.
Question No : 1
Which of the following commands can be used for port scanning?
A. nc -t
B. nc -z
C. nc -w
D. nc -g
A. nc -t
B. nc -z
C. nc -w
D. nc -g
Answer: B
Question No : 2
Ryan, a malicious hacker submits Cross-Site Scripting (XSS) exploit code to the Website of Internet forum for online discussion. When a user visits the infected Web page, code gets automatically executed and Ryan can easily perform acts like account hijacking, history theft etc. Which of the following types of Cross-Site Scripting attack Ryan intends to do?
A. Non persistent
B. Document Object Model (DOM)
C. SAX
D. Persistent
A. Non persistent
B. Document Object Model (DOM)
C. SAX
D. Persistent
Answer: D
Question No : 3
Which of the following attacks is specially used for cracking a password?
A. PING attack
B. Dictionary attack
C. Vulnerability attack
D. DoS attack
A. PING attack
B. Dictionary attack
C. Vulnerability attack
D. DoS attack
Answer: B
Question No : 4
In which of the following attacking methods does an attacker distribute incorrect IP address?
A. IP spoofing
B. Mac flooding
C. DNS poisoning
D. Man-in-the-middle
A. IP spoofing
B. Mac flooding
C. DNS poisoning
D. Man-in-the-middle
Answer: C
Question No : 5
Maria works as a professional Ethical Hacker. She is assigned a project to test the security of www.we-are-secure.com. She wants to test a DoS attack on the We-are-secure server. She finds that the firewall of the server is blocking the ICMP messages, but it is not checking the UDP packets. Therefore, she sends a large amount of UDP echo request traffic to the IP broadcast addresses. These UDP requests have a spoofed source address of the We-are-secure server. Which of the following DoS attacks is Maria using to accomplish her task?
A. Ping flood attack
B. Fraggle DoS attack
C. Teardrop attack
D. Smurf DoS attack
A. Ping flood attack
B. Fraggle DoS attack
C. Teardrop attack
D. Smurf DoS attack
Answer: B
Question No : 6
Which of the following tools can be used to detect the steganography?
A. Dskprobe
B. Blindside
C. ImageHide
D. Snow
A. Dskprobe
B. Blindside
C. ImageHide
D. Snow
Answer: A
Question No : 7
The Klez worm is a mass-mailing worm that exploits a vulnerability to open an executable attachment even in Microsoft Outlook's preview pane. The Klez worm gathers email addresses from the entries of the default Windows Address Book (WAB). Which of the following registry values can be used to identify this worm?
A. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
B. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
C. HKEY_CURRENT_USER\Software\Microsoft\WAB\WAB4\Wab File Name = "file and pathname of the WAB file"
D. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
A. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
B. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
C. HKEY_CURRENT_USER\Software\Microsoft\WAB\WAB4\Wab File Name = "file and pathname of the WAB file"
D. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
Answer: C
Question No : 8
Which of the following types of attacks is the result of vulnerabilities in a program due to poor programming techniques?
A. Evasion attack
B. Denial-of-Service (DoS) attack
C. Ping of death attack
D. Buffer overflow attack
A. Evasion attack
B. Denial-of-Service (DoS) attack
C. Ping of death attack
D. Buffer overflow attack
Answer: D
Question No : 9
Which of the following statements about buffer overflow is true?
A. It manages security credentials and public keys for message encryption.
B. It is a collection of files used by Microsoft for software updates released between major service pack releases.
C. It is a condition in which an application receives more data than it is configured to accept.
D. It is a false warning about a virus.
A. It manages security credentials and public keys for message encryption.
B. It is a collection of files used by Microsoft for software updates released between major service pack releases.
C. It is a condition in which an application receives more data than it is configured to accept.
D. It is a false warning about a virus.
Answer: C
Question No : 10
CORRECT TEXT
Fill in the blank with the appropriate word.
StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use ______ defense against buffer overflow attacks.
Fill in the blank with the appropriate word.
StackGuard (as used by Immunix), ssp/ProPolice (as used by OpenBSD), and Microsoft's /GS option use ______ defense against buffer overflow attacks.
Answer: canary
Question No : 11
John, a part-time hacker, has accessed in unauthorized way to the www.yourbank.com banking Website and stolen the bank account information of its users and their credit card numbers by using the SQL injection attack. Now, John wants to sell this information to malicious person Mark and make a deal to get a good amount of money. Since, he does not want to send the hacked information in the clear text format to Mark; he decides to send information in hidden text. For this, he takes a steganography tool and hides the information in ASCII text by appending whitespace to the end of lines and encrypts the hidden information by using the IDEA encryption algorithm. Which of the following tools is John using for steganography?
A. Image Hide
B. 2Mosaic
C. Snow.exe
D. Netcat
A. Image Hide
B. 2Mosaic
C. Snow.exe
D. Netcat
Answer: C
Question No : 12
Adam, a novice computer user, works primarily from home as a medical professional. He just bought a brand new Dual Core Pentium computer with over 3 GB of RAM. After about two months of working on his new computer, he notices that it is not running nearly as fast
as it used to. Adam uses antivirus software, anti-spyware software, and keeps the computer up-to-date with Microsoft patches. After another month of working on the computer, Adam finds that his computer is even more noticeably slow. He also notices a window or two pop-up on his screen, but they quickly disappear. He has seen these windows show up, even when he has not been on the Internet. Adam notices that his computer only has about 10 GB of free space available. Since his hard drive is a 200 GB hard drive, Adam thinks this is very odd.
Which of the following is the mostly likely the cause of the problem?
A. Computer is infected with the stealth kernel level rootkit.
B. Computer is infected with stealth virus.
C. Computer is infected with the Stealth Trojan Virus.
D. Computer is infected with the Self-Replication Worm.
as it used to. Adam uses antivirus software, anti-spyware software, and keeps the computer up-to-date with Microsoft patches. After another month of working on the computer, Adam finds that his computer is even more noticeably slow. He also notices a window or two pop-up on his screen, but they quickly disappear. He has seen these windows show up, even when he has not been on the Internet. Adam notices that his computer only has about 10 GB of free space available. Since his hard drive is a 200 GB hard drive, Adam thinks this is very odd.
Which of the following is the mostly likely the cause of the problem?
A. Computer is infected with the stealth kernel level rootkit.
B. Computer is infected with stealth virus.
C. Computer is infected with the Stealth Trojan Virus.
D. Computer is infected with the Self-Replication Worm.
Answer: A
Question No : 13
Which of the following statements are true about netcat?
Each correct answer represents a complete solution. Choose all that apply.
A. It provides special tunneling, such as UDP to TCP, with the possibility of specifying all network parameters.
B. It can be used as a file transfer solution.
C. It provides outbound and inbound connections for TCP and UDP ports.
D. The nc -z command can be used to redirect stdin/stdout from a program.
Each correct answer represents a complete solution. Choose all that apply.
A. It provides special tunneling, such as UDP to TCP, with the possibility of specifying all network parameters.
B. It can be used as a file transfer solution.
C. It provides outbound and inbound connections for TCP and UDP ports.
D. The nc -z command can be used to redirect stdin/stdout from a program.
Answer: A,B,C
Question No : 14
Buffer overflows are one of the major errors used for exploitation on the Internet today. A buffer overflow occurs when a particular operation/function writes more data into a variable than the variable was designed to hold.
Which of the following are the two popular types of buffer overflows?
Each correct answer represents a complete solution. Choose two.
A. Dynamic buffer overflows
B. Stack based buffer overflow
C. Heap based buffer overflow
D. Static buffer overflows
Which of the following are the two popular types of buffer overflows?
Each correct answer represents a complete solution. Choose two.
A. Dynamic buffer overflows
B. Stack based buffer overflow
C. Heap based buffer overflow
D. Static buffer overflows
Answer: B,C
Question No : 15
Which of the following DoS attacks affects mostly Windows computers by sending corrupt UDP packets?
A. Fraggle
B. Ping flood
C. Bonk
D. Smurf
A. Fraggle
B. Ping flood
C. Bonk
D. Smurf
Answer: C
Eliseo Ciccone