Welcome to Dumpsbase.com

SEC504 Dumps

Only $37.7, Automatic 35% OFF

$ 68
(67 Customer Reviews)
Exam Name

Hacker Tools, Techniques, Exploits and Incident Handling

Updated
2018-06-19
Q&A
328

Dumpsbase collected all the related SEC504 dumps questions, which are the best and latest in the whole market. Read and study all Dumpsbase SANS Certified Incident Handler SEC504 exam dumps, you can pass the test in the first attempt.

1. How many Q&As in Dumpsbase SEC504 dumps?

There are 328 Q&As in Dumpsbase Certified Incident Handler SEC504 dumps, which cover all the exam topics of SEC504 Hacker Tools, Techniques, Exploits and Incident Handling.

2. Can I try free SEC504 demo before I decide to purchase?

Yes, Dumpsbase provides free SEC504 demo for you to check the quality of Hacker Tools, Techniques, Exploits and Incident Handling SEC504 dumps.

3. What format will I get after purchasing SEC504 dumps?

Dumpsbase provides both PDF and Software for Certified Incident Handler SEC504 dumps. 
PDF version is file which you can print out to read and study all the SEC504 dumps questions anywhere, and you can also use mobile phone to study them. It is very convenient.
Software is a simulation version, you can test SEC504 questions in real exam environment. 

4. How long will I get Certified Incident Handler SEC504 dumps after completing the payment?

After you purchase Dumpsbase SANS SEC504 dumps, you will get Hacker Tools, Techniques, Exploits and Incident Handling SEC504 exam dumps in 10 minutes in our working time, and in 12 hours in non-working time. 

5. If I fail SEC504 exam with Dumpsbase dumps, will I get full payment fee refund?

Yes, if you fail Certified Incident Handler SEC504 by using Dumpsbase dumps questions, you only need scan and send the score report to us via [email protected] After we check and confirm it, we will refund full payment fee to you in one working day. 

6. Can I get update after I purchase SEC504 dumps?

Yes, Dumpsbase provide free update for SEC504 exam dumps in one year from the date of purchase. If your product is out of one year, you need to re-purchase SEC504 dumps questions. Contact us by online live support or email, we will send you 50% coupon code. 
 

Question No : 1

Which of the following tools is used for vulnerability scanning and calls Hydra to launch a dictionary attack?
A. Whishker
B. Nessus
C. SARA
D. Nmap
Answer: B

Question No : 2

Which of the following tools can be used to perform brute force attack on a remote database?
Each correct answer represents a complete solution. Choose all that apply.
A. SQLBF
B. SQLDict
C. FindSA
D. nmap
Answer: A,B,C

Question No : 3

You check performance logs and note that there has been a recent dramatic increase in the amount of broadcast traffic. What is this most likely to be an indicator of?
A. Virus
B. Syn flood
C. Misconfigured router
D. DoS attack
Answer: D

Question No : 4

Which of the following commands can be used for port scanning?
A. nc -t
B. nc -z
C. nc -w
D. nc -g
Answer: B

Question No : 5

You run the following command while using Nikto Web scanner:
perl nikto.pl -h 192.168.0.1 -p 443
What action do you want to perform?
A. Using it as a proxy server
B. Updating Nikto
C. Seting Nikto for network sniffing
D. Port scanning
Answer: D

Question No : 6

Adam, a novice computer user, works primarily from home as a medical professional. He just bought a brand new Dual Core Pentium computer with over 3 GB of RAM. After about two months of working on his new computer, he notices that it is not running nearly as fast
as it used to. Adam uses antivirus software, anti-spyware software, and keeps the computer up-to-date with Microsoft patches. After another month of working on the computer, Adam finds that his computer is even more noticeably slow. He also notices a window or two pop-up on his screen, but they quickly disappear. He has seen these windows show up, even when he has not been on the Internet. Adam notices that his computer only has about 10 GB of free space available. Since his hard drive is a 200 GB hard drive, Adam thinks this is very odd.
Which of the following is the mostly likely the cause of the problem?
A. Computer is infected with the stealth kernel level rootkit.
B. Computer is infected with stealth virus.
C. Computer is infected with the Stealth Trojan Virus.
D. Computer is infected with the Self-Replication Worm.
Answer: A

Question No : 7

You work as a Network Administrator for InformSec Inc. You find that the TCP port number 23476 is open on your server. You suspect that there may be a Trojan named Donald Dick installed on your server. Now you want to verify whether Donald Dick is installed on it or not. For this, you want to know the process running on port 23476, as well as the process id, process name, and the path of the process on your server. Which of the following applications will you most likely use to accomplish the task?
A. Tripwire
B. SubSeven
C. Netstat
D. Fport
Answer: D

Question No : 8

Which of the following statements are true about session hijacking?
Each correct answer represents a complete solution. Choose all that apply.
A. Use of a long random number or string as the session key reduces session hijacking.
B. It is used to slow the working of victim's network resources.
C. TCP session hijacking is when a hacker takes over a TCP session between two machines.
D. It is the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system.
Answer: A,C,D

Question No : 9

Which of the following statements about Denial-of-Service (DoS) attack are true?
Each correct answer represents a complete solution. Choose three.
A. It disrupts services to a specific computer.
B. It changes the configuration of the TCP/IP protocol.
C. It saturates network resources.
D. It disrupts connections between two computers, preventing communications between services.
Answer: A,C,D

Question No : 10

Adam works as a Senior Programmer for Umbrella Inc. A project has been assigned to him to write a short program to gather user input for a Web application. He wants to keep his program neat and simple. His chooses to use printf(str) where he should have ideally used printf("%s", str).
What attack will his program expose the Web application to?
A. Format string attack
B. Cross Site Scripting attack
C. SQL injection attack
D. Sequence++ attack
Answer: A

Question No : 11

Which of the following attacks come under the category of layer 2 Denial-of-Service attacks?
Each correct answer represents a complete solution. Choose all that apply.
A. Spoofing attack
B. SYN flood attack
C. Password cracking
D. RF jamming attack
Answer: A,B

Question No : 12

Which of the following is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, Bulletin board systems, and fax machines?
A. Demon dialing
B. Warkitting
C. War driving
D. Wardialing
Answer: D

Question No : 13

Jason, a Malicious Hacker, is a student of Baker university. He wants to perform remote hacking on the server of DataSoft Inc. to hone his hacking skills. The company has a Windows-based network. Jason successfully enters the target system remotely by using the advantage of vulnerability. He places a Trojan to maintain future access and then disconnects the remote session. The employees of the company complain to Mark, who works as a Professional Ethical Hacker for DataSoft Inc., that some computers are very slow. Mark diagnoses the network and finds that some irrelevant log files and signs of Trojans are present on the computers. He suspects that a malicious hacker has accessed the network. Mark takes the help from Forensic Investigators and catches Jason.
Which of the following mistakes made by Jason helped the Forensic Investigators catch him?
A. Jason did not perform a vulnerability assessment.
B. Jason did not perform OS fingerprinting.
C. Jason did not perform foot printing.
D. Jason did not perform covering tracks.
E. Jason did not perform port scanning.
Answer: D

Question No : 14

Which of the following statements are true about netcat?
Each correct answer represents a complete solution. Choose all that apply.
A. It provides special tunneling, such as UDP to TCP, with the possibility of specifying all network parameters.
B. It can be used as a file transfer solution.
C. It provides outbound and inbound connections for TCP and UDP ports.
D. The nc -z command can be used to redirect stdin/stdout from a program.
Answer: A,B,C

Question No : 15

Adam, a malicious hacker is running a scan. Statistics of the scan is as follows:
Scan directed at open port: ClientServer
192.5.2.92:4079 ---------FIN--------->192.5.2.110:23192.5.2.92:4079 <----NO RESPONSE--­
---192.5.2.110:23
Scan directed at closed port:
ClientServer 192.5.2.92:4079 ---------FIN--------->192.5.2.110:23
192.5.2.92:4079<-----RST/ACK----------192.5.2.110:23
Which of the following types of port scan is Adam running?
A. ACK scan
B. FIN scan
C. XMAS scan
D. Idle scan
Answer: B

Question No : 16

Adam works as an Incident Handler for Umbrella Inc. His recent actions towards the incident are not up to the standard norms of the company. He always forgets some steps and procedures while handling responses as they are very hectic to perform.
Which of the following steps should Adam take to overcome this problem with the least administrative effort?
A. Create incident manual read it every time incident occurs.
B. Appoint someone else to check the procedures.
C. Create incident checklists.
D. Create new sub-team to keep check.
Answer: C

Question No : 17

Which of the following refers to the exploitation of a valid computer session to gain unauthorized access to information or services in a computer system?
A. Piggybacking
B. Hacking
C. Session hijacking
D. Keystroke logging
Answer: C

Question No : 18

Which of the following tools can be used for steganography?
Each correct answer represents a complete solution. Choose all that apply.
A. Image hide
B. Stegbreak
C. Snow.exe
D. Anti-x
Answer: A,C

Question No : 19

Adam works as a Security Administrator for Umbrella Inc. A project has been assigned to
him to test the network security of the company. He created a webpage to discuss the progress of the tests with employees who were interested in following the test. Visitors were allowed to click on a company's icon to mark the progress of the test. Adam successfully embeds a keylogger. He also added some statistics on the webpage. The firewall protects the network well and allows strict Internet access.
How was security compromised and how did the firewall respond?
A. The attack was social engineering and the firewall did not detect it.
B. Security was not compromised as the webpage was hosted internally.
C. The attack was Cross Site Scripting and the firewall blocked it.
D. Security was compromised as keylogger is invisible for firewall.
Answer: A

Question No : 20

You work as a Network Administrator for Net Perfect Inc. The company has a Windows-based network. The company wants to fix potential vulnerabilities existing on the tested systems. You use Nessus as a vulnerability scanning program to fix the vulnerabilities. Which of the following vulnerabilities can be fixed using Nessus?
Each correct answer represents a complete solution. Choose all that apply.
A. Misconfiguration (e.g. open mail relay, missing patches, etc.)
B. Vulnerabilities that allow a remote cracker to control sensitive data on a system
C. Vulnerabilities that allow a remote cracker to access sensitive data on a system
D. Vulnerabilities that help in Code injection attacks
Answer: A,B,C
Some similar or invalid comments have been hidden.

Leave your Review

Your Rating