MK0-201 Online Practice Questions and Answers

Name Servers are the Penetration Testers best friend.The Domain Name Registration database contains information about who registered a particular domain.What common command line as well as web based tool could be used to extract this information from the public database of Domain Name registration.

A. Whois

B. traceroute

C. SOA Query tool

D. Resolv

When dealing with Wireless Local Area Networks a client will associate with the closest access point.What does the closest access point mean in such a case?

A. The access point that is geographically located the closest to the client

B. The access point that has the strongest signal received by the client

C. The access point that has a frequency that is the closest to the frequency used by the client

D. The access point that has the least number of client connected at the specific time.

What technologies could a company deploy to protect all data passing from an employees home computer to the corporate intranet?Choose two.

A. L2TP/IPsec

B. PPTP/MPPE

C. WEP

D. IKE

At times a tester will be challenged to craft a packet that needs a special quantity of payload data, a specific starting TTL value,a specific speed at which the packet can be sent,and specific number of outgoing packets,and/or very specific IP protocol. Which of the following tools would be best for use for that specific purpose?

A. Hping

B. Hydra

C. Nmap

D. Queso

When doing an ACK flag scanning the target host is sent TCP packets with the ACK flag set and the reply is then analyzed.

Which of the following items within the response packets would be used to determine if the port was open on the remote host?(Choose two)

A. The Time To Live field

B. The source port

C. The destination port

D. The Window field

Julius has been hired to perform a test on TestKing.com networks.

Julius knows that TestKing.com has a large team of security administrators who are very proactive in their security approach. Most likely there are some Intrusion Detection Systems (IDS) in place that would quickly identify Julius IP

address and he would then be blocked from accessing the network he is supposed to test.

How can Julius avoid having his IP address identified and then blocked?

Which of the following would be the most practical solution and the easiest to implement?

A. By using public key encryption;it is well known that IDS cannot make any sense of encrypted traffic and they would not be able to determine the source of the probes

B. By using Secure Socket Layer (SSL) Which will shield the intruder from the IDS and they wont be able to determine the source of the probes

C. By using only computers within the local internet caf.All traffic will be traced to the internet caf instead of being traced to the security tester

D. By using an internet anonymizer instead of connecting directly to the target.The anonymizer will shield the real source of the probes.

Which of the following SQL script will cause the SQL server to cease operations?

A. NET STOP SQLSERVER

B. OR 1=1; CLOSE WITHNOWAIT;

C. NET STOP SQLSERVERAGENT

D. SHUTDOWN WITH NOWAIT;

You have been asked to assist an investigation team in collecting data and evidence related to an internal hacking case.

The investigator in charge of the case would like to capture all keystrokes from the suspect but is afraid the employee under investigation who possesses great technical skills might have installed integrity tools on his system that would detect any new software installed.

What solution would be best to use to reach the investigator requirement?

A. Disable the integrity tools in place

B. Install a software key logger that does not show in the process list

C. Install a hardware based key logger

D. Sniff all traffic and keystrokes from the network

When talking about databases search query languages,commands such as Select,Update,Insert,Grant,and Revoke would all the part of what language?

A. C++

B. SQL

C. Python

D. Perl

If the DS Client software has been installed on Windows 95,Windows 98, and NT 4 computers,what setting of the LanMan Authentication level should be applied to counteract LanMAn hash sniffing and offline cracking?Choose the best answer.

A. Send NTLM v2/Refuse LM and NTLM

B. Send NTLM only

C. Send LM and NTLM responses

D. Send NTLM v2/Refuse LM