- (Topic 3)
Which of the following would be the best reason for sending a single SMTP message to an address that does not exist within the target company?

1. A. To create a denial of service attack.
2. B. To verify information about the mail administrator and his address.
3. C. To gather information about internal hosts used in email treatment.
4. D. To gather information about procedures that are in place to deal with such messages.

Correct Answer: C
The replay from the email server that states that there is no such recipient will also give you some information about the name of the email server, versions used and so on.

- (Topic 9)
Why is Social Engineering considered attractive by hackers and also adopted by experts in the field?

1. A. It is done by well known hackers and in movies as well.
2. B. It does not require a computer in order to commit a crime.
3. C. It is easy and extremely effective to gain information.
4. D. It is not considered illegal.

Correct Answer: C
Social engineering is a collection of techniques used to manipulate people into performing actions or divulging confidential information. While similar to a confidence trick or simple fraud, the term typically applies to trickery for information gathering or computer system access and in most (but not all) cases the attacker never comes face-to- face with the victim. The term has been popularized in recent years by well known (reformed) computer criminal and security consultant Kevin Mitnick who points out that it's much easier to trick someone into giving you his or her password for a system than to spend the effort to hack in. He claims it to be the single most effective method in his arsenal.

- (Topic 4)
As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security?
Select the best answers.

1. A. Use the same machines for DNS and other applications
2. B. Harden DNS servers
3. C. Use split-horizon operation for DNS servers
4. D. Restrict Zone transfers
5. E. Have subnet diversity between DNS servers

Correct Answer: BCDE
Explanations:
A is not a correct answer as it is never recommended to use a DNS server for any other application. Hardening of the DNS servers makes them less vulnerable to attack. It is recommended to split internal and external DNS servers (called split-horizon operation). Zone transfers should only be accepted from authorized DNS servers.
By having DNS servers on different subnets, you may prevent both from going down, even if one of your networks goes down.

- (Topic 19)
What makes web application vulnerabilities so aggravating? (Choose two)

1. A. They can be launched through an authorized port.
2. B. A firewall will not stop them.
3. C. They exist only on the Linux platform.
4. D. They are detectable by most leading antivirus software.

Correct Answer: AB
As the vulnerabilities exists on a web server, incoming traffic on port 80 will probably be allowed and no firewall rules will stop the attack.

- (Topic 3)
What flags are set in a X-MAS scan?(Choose all that apply.

1. A. SYN
2. B. ACK
3. C. FIN
4. D. PSH
5. E. RST
6. F. URG

Correct Answer: CDF
FIN, URG, and PSH are set high in the TCP packet for a X-MAS scan