- (Topic 23)
John is using a special tool on his Linux platform that has a database containing signatures to be able to detect hundreds of vulnerabilities in UNIX, Windows, and commonly used web CGI/ASPX scripts. Moreover, the database detects DDoS zombies and Trojans as well. What would be the name of this tool?

1. A. hping2
2. B. nessus
3. C. nmap
4. D. make

Correct Answer: B

- (Topic 1)
The United Kingdom (UK) he passed a law that makes hacking into an unauthorized network a felony.
The law states:
Section1 of the Act refers to unauthorized access to computer material. This states that a person commits an offence if he causes a computer to perform any function with intent to secure unauthorized access to any program or data held in any computer. For a successful conviction under this part of the Act, the prosecution must prove that the access secured is unauthorized and that the suspect knew that this was the case. This section is designed to deal with common-or-graden hacking.
Section 2 of the deals with unauthorized access with intent to commit or facilitate the commission of further offences. An offence is committed under Section 2 if a Section 1 offence has been committed and there is the intention of committing or facilitating a further offense (any offence which attacks a custodial sentence of more than five years, not necessarily one covered but the Act). Even if it is not possible to prove the intent to commit the further offence, the Section 1 offence is still committed.
Section 3 Offences cover unauthorized modification of computer material, which generally means the creation and distribution of viruses. For conviction to succeed there must have been the intent to cause the modifications and knowledge that the modification had not been authorized
What is the law called?

1. A. Computer Misuse Act 1990
2. B. Computer incident Act 2000
3. C. Cyber Crime Law Act 2003
4. D. Cyber Space Crime Act 1995

Correct Answer: A
Computer Misuse Act (1990) creates three criminal offences:
✑ Unauthorised access to computer material
✑ Unauthorised access to a computer system with intent to commit or facilitate the commission of a further offence
✑ Unauthorised modification of computer material

- (Topic 23)
You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place. Your peer, Peter Smith who works at the same department disagrees with you. He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of "weakest link" in the security chain. What is Peter Smith talking about?

1. A. Untrained staff or ignorant computer users who inadvertently become the weakest link in your security chain
2. B. "zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks
3. C. "Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks
4. D. Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway

Correct Answer: A

- (Topic 4)
What is a NULL scan?

1. A. A scan in which all flags are turned off
2. B. A scan in which certain flags are off
3. C. A scan in which all flags are on
4. D. A scan in which the packet size is set to zero
5. E. A scan with a illegal packet size

Correct Answer: A
A null scan has all flags turned off.

- (Topic 6)
A file integrity program such as Tripwire protects against Trojan horse attacks by:

1. A. Automatically deleting Trojan horse programs
2. B. Rejecting packets generated by Trojan horse programs
3. C. Using programming hooks to inform the kernel of Trojan horse behavior
4. D. Helping you catch unexpected changes to a system utility file that might indicate it had been replaced by a Trojan horse

Correct Answer: D
Tripwire generates a database of the most common files and directories on your system. Once it is generated, you can then check the current state of your system against the original database and get a report of all the files that have been modified, deleted or added. This comes in handy if you allow other people access to your machine and even if you don't, if someone else does get access, you'll know if they tried to modify files such as /bin/login etc.