Pages

Thursday, June 21, 2012

AFCEH EXAM KIT (dump)




ANSWERS


1. How can you protect your IP Address while Surfing?
  1. Google Language Translator
  2. Web Based Proxy
  3. Proxy Chains
  4. Any two of the above
  5. All of the above
Ans -5. All of the above

2.You receive a phone call on your cell phone from another Indian cell phone number. How can you trace the number?
  1. There are tools available on the internet that will tell you the state in India where the cell phone is registered.
  2. You can use Trace Route Tool.
  3. You can install a firewall on your cell phone, which will record the IP address of teh other cell phone.
  4. It depends upon whether you have a post paid or pre paid connection.
  5. It depends on how faar you are from a cell phone tower.
Ans -1. There are tools available on the internet that will tell you the state in indiawhere the cell phone is registered.

3.What is the countermeasure to Brute Force Password Cracking?
  1. Ensure that password is long.
  2. Ensure that password has symbols.
  3. Ensure that SSL encryption us used for Web application accessing the password.
  4. Ensure that CAPTCHA is implemented.
  5. Ensure that digital signature are using.
Ans -4. Ensure that CAPTCHA is implemented.

4.How can you steal files from a local machine when you don't know the Windows login password of that machine? Suggest a technique that will attract the least attention from the victim.
  1. Password cracking tool.
  2. Keylogger.
  3. Data Sniffer.
  4. Linux LIVE CD.
  5. Serial Numbers.
Ans -4. Linux LIVE CD.

5.Let us assume you are communicating with two different people A and B.Both A and B on the same remote network. When you try to find out their IP address on your system,can they have the same IP address?
  1. Yes
  2. No.
  3. Maybe
  4. Only if they are using a proxy server.
Ans -1. Yes

6. How can an email server detect spoofed emails?
  1. Reverse DNS lookup of the Sender's IP address.
  2. Map Sender's IP address to domain.
  3. Blacklist certain sender IP addresses.
  4. Email header analysis.
  5. Keyword based filtering.
Ans -2. Map Sender's IP address to domain.

7.What makes the Stacheldraht attack tool so difficult to counter?
  1. It uses single key encryption.
  2. It communicates using ICMP.
  3. Its default port numbers can be changed.
  4. It uses a very large number of simultaneous attackers.
  5. All of the above.
Ans -5. All of the above.

8.What is HTTP tunneling?
  1. A secure way of communication.
  2. Working with any protocol transmitting it through http.
  3. VPN
  4. None of the above.
Ans -2. Working with any protocol transmitting it through http.

9.How to prevent infection by virus through Facebook?
  1. When an unknown person adds you,do not accept request.
  2. When an unknown person sends you a private message,do not open it.
  3. When you are prompted to downlod something,do not accept it.
  4. When you are to join a group,do not accept it.
  5. When you are prompted to enter your personal details.
Ans -3. When you are prompted to download something,do not accept it.

10.Are switching networks vulnerable to sniffers?
  1. No since only those data packets meant for a host reach the NIC.
  2. Yes.
  3. Don't know.
  4. Depends upon the operating system.
  5. I searched on Google but could not find the answer.
Ans -2. Yes

11.Whenever you create a new email account or social networking website account or any other online account,why are you asked to re-type some characters that are shown as an image on the website?
  1. To fight piracy.
  2. to fight viruses,worms and trojans.
  3. To prevent users from creating multiple accounts.
  4. To fight spammers and automatic scripts.
  5. To ensure that the user can type properly.
Ans -4. To fight spammers and automatic scripts.

12.Decode DOCT to its plaintext format:
  1. COAT
  2. BOAT
  3. DAFT
  4. MEAT
  5. SEAT
Ans -2. BOAT

13.While trying to change the signature of a Trojan you ended increasing few bytes in the hex file. What will be the result?
  1. The Trojan file will crash altogether.
  2. The Trojan will work and get undetected by the antivirus.
  3. Addition of few bytes won't make much difference
  4. Nothing will happen.It will ignore those bytes.
Ans -1. The Trojan file will crash altogether.

14.When you use the ipconfig command then your IP address is shown to be X,while when you visit www.whatismyip.com then your Ip address is shown to be Y.Which is your internal IP address and which is your external IP address?
  1. X is Internal,Y is External.
  2. Y is Internal,X is External.
  3. Both are External.
  4. Depends on whether proxy server is being used or not.
  5. Depends on whether there is a firewall or not.
Ans -1. X is Internal,Y is External.

15.Convert ZEBDG into plaintext
  1. Big Guy Dog Fun India
  2. AFCEH
  3. ANKIT
  4. FADIA
  5. YOURS
Ans -2. AFCEH

16.If you are the system administrator of a college and want to block use of peer to peer file sharing software,then what do you need to do?
  1. Prevent use of cookies.
  2. Block certain ports.
  3. Block certain IP addresses.
  4. Block certain protocols.
  5. Block certain keywords.
Ans -2. Block certain ports.

17.What is most important from below for a sucessful Man in Middle attack?
  1. Hijack one of the computers.
  2. Data must pass through your computer.
  3. Sniffed Session ID.
  4. Sequence Number Prediction.
  5. Time out should take place.
Ans -3. Sniffed Session ID.

18.What is a good countermeasure against Land attacks?
  1. Patch your Operating System.
  2. Disable all fake data packets.
  3. Disable all ports.
  4. Disable trust relationship based connections.
  5. All of the above.
Ans -1. Patch your Operating System.

19.Which of the below is the most foolproof technique for regulating access to a file on a local system?
  1. Password protected file.
  2. Encrypted file.
  3. Mounted Virtual Encrypted Drive.
  4. USB Dongle.
  5. Virtual Keyboard.
Ans -4. USB Dongle.

20.What is the main difference between Ophcrack and Offline NTPassword and Registry Editor?
  1. Ophcrack is slow,Offline is fast
  2. Ophcrack changes the password,Offline resets the password.
  3. Ophcrack cracks the password,Offline resets the password.
  4. Ophcrack resets the password,Offline cracks the password.
  5. Ophcrack changes the password,Offline cracks the password
Ans -3. Ophcrack cracks the password,Offline resets the password.

21.Decode CNRJG to its plaintext format:
  1. AFCEH
  2. ANKIT
  3. FADIA
  4. APPLE
  5. ALONE
Ans -4. APPLE

22.How is connection terminated in TCP/IP?
  1. A sends FIN/ACK to B.B sends a FIN/ACK to A.A sends an ACK to B.
  2. A sends FIN to B.B sends a FIN/ACK to A.A sends an ACK to B.
  3. A sends FIN to B.B sends a FIN to A.A sends an ACK to B.
  4. A sends FIN to B.B sends an ACK to A.A sends an ACK to B.
  5. A sends FIN/ACK to B.B sends an ACK to A.A sends an ACK to B.
Ans -2. A sends FIN to B.B sends a FIN/ACK to A.A sends an ACK to B.

23.Convert the following text Base64 into its equivalent Base64 Encoded text:
  1. QmFzZTY0
  2. QmFzZTY1
  3. QmFzZTY2
  4. QmFzZTY3
  5. QmFzZTY5
Ans -1. QmFzZTY0

24.Why is it important to password protect the BIOS?
  1. To prevent data theft.
  2. To prevent passwords getting cracked.
  3. To prevent systems settings from being changed
  4. To prevent virus infection.
  5. All of the above.
Ans -5. All of the above.

25.If you want to steal the data from a password protected computer,what is the best technique?
  1. Brute Force.
  2. InstallData Sniffer on another computer on same network.
  3. War Driving.
  4. Live CD.
  5. Trojans.
Ans -4. Live CD.

26.How can you find whether the target computer is a Honeypot or not?
  1. Nmap
  2. ICMP Scanning
  3. Ping Sweeping
  4. Manual Hit & Trial
  5. Honeypotscan.pl
Ans -4. Manual Hit & Trial

27.Usually when you port scan your home computer,you will find that some ports are open?Why?
  1. There are daemons running on these open ports.
  2. There are Trojans,spyware and keyloggers installed on these open ports.
  3. The applications running o your system are using these open ports.
  4. An attacker might be connecting to your system.
  5. I don't know.
Ans -3. The applications running o your system are using these open ports.

28.How can you find out a remote computer's MAC address?
  1. Windows Registry.
  2. Netstat.
  3. Data Sniffer.
  4. Etherchange tool.
  5. Ping.
Ans -3. Data Sniffer.

29.If your company or college is using software to monitor all your activities on your desktop computer,then what can you do to stop the monitoring?
  1. Disable the Firewall
  2. Disable the Sniffer.
  3. Disable the Trojan.
  4. Use Encryption.
  5. HTTP Tunnelling
Ans -5. HTTP Tunnelling

30.In the CAPTCHA system,why are backgrounds of different colors?
  1. To prevent Brute Force cracking.
  2. To prevent spam.
  3. To prevent spoofing.
  4. To prevent sniffing tools.
  5. To prevent OCR tools from working.
Ans -5. To prevent OCR tools from working.

31.You have Norton antivirus installed on your system. You scanned a trojan file and after altering the signature found that it is not being detected by Norton Now you send it to the victim where where it was caught by the antivirus what could be the possible explaination?
  1. Your antivirus is not workng properly.
  2. Your antivirus is not properly updated.
  3. The victim is using some other antivirus.
  4. There has been a binary editor in teh transit making teh fiel detectable again.
Ans -3. The victim is using some other antivirus.

32.Analyze the below email headers and determine the source IP address of the system that was used to send the email :
  1. 69.147.64.132
  2. 66.218.66.82
  3. 216.252.122.217
  4. 61.1.127.224
  5. 66.218.66.82
Ans -1. 69.147.64.132

33.Convert BGDFI into correct plaintext:
  1. Big Guy Dog Fun India
  2. AFCEH
  3. ANKIT
  4. FADIA
  5. YOURS
Ans -2. AFCEH

34.What are persistent XSS attacks?
  1. When the XSS attack continues for a long period of time.
  2. When the XSS attack continues on multiple servers.
  3. When the data entered by the attacker gets stored on the target and can be accessed later as well.
  4. When the data by the attacker infects other computers on the same network.
Ans -4. When the data by the attacker infects other computers on the same network.

35.If you want to prevent malicious attacks (that originate inside your network) from leaving your network,then what would you recommend?
  1. Software based Firewall.
  2. Hardware based Firewall.
  3. Data Sniffer.
  4. Reverse DNS Trace.
  5. Proxy Server
Ans -1. Software based Firewall.

36.Imagine that you are working in an organization.You use Endora Pro to acess your email.If you are quitting you job nad want a copy of all your emails,then what is teh best thing to do?
  1. Forward all emails to your personal account.
  2. Copy and paste the tect from your email sto a word file.
  3. Connect your personal computer to the mail server and download all emails to it.
  4. Copy the Eudora Pro folder.
  5. Copy the Systems folder.
Ans -4. Copy the Eudora Pro folder.

37.What is a good countermeasure to phishing?
  1. Firewall
  2. URL ANalysis
  3. Hardware Device.
  4. Awarness.
  5. Digital Certificate of the page.
Ans -3. Hardware Device.

38.Whats is the correct way to use p0f when target system is www.abc.com?
  1. Run p0f and the visit www.hotmail.com.
  2. Run p0f and then trace route to www.abc.com.
  3. Run p0f and then ping www.abc.com.
  4. Visit www.abc.com and then run p0f.
  5. Ping www.abc.xom and then run p0f.
Ans -3. Run p0f and then ping www.abc.com.

39.If you wish to commit a perfect a cyber crime,then which of the following would do?
  1. Spoof your MAC address.
  2. Connect to a proxy server.
  3. Use an Internet Cafe.
  4. All of the above.
  5. Any two of the first three options.
Ans -4. All of the above.

40.A criminal sends you an email.You use email header analysis and traceroute to trace the IP address of the criminal.Which of the following statements is true?
  1. The IP address is registered to the criminal.
  2. The IP address is registered to the ISP of the criminal.
  3. The IP address is registered to the company where the criminal works.
  4. All of the above could be true.
  5. Any two from the first three options could be true.
Ans -4. All of the above could be true.

41.How can you detect that a SYN Flood attack is taking place?
  1. netstat
  2. ipconfig
  3. firewall
  4. fport
  5. Honeypot
Ans -1. netstat

42.Convert 101001101100100001 into plaintext form:
  1. 170785
  2. 240585
  3. 160685
  4. 121285
  5. 010185
Ans -1. 170785

43.If you have physical access to a Windows system which has a login password,then what is the fastest & most efficient way to steal data from the local hard drive?
  1. Crack the Windows login password.
  2. Do a security audit&hack into system from internal network.
  3. Boot into Unix Live CD.
  4. Use Biometric Cracks.
  5. Steal HDD physically.
Ans -3. Boot into Unix Live CD.

44.How can you protect yourself against Clipboard theft while visiting websites?
  1. Zone Alarm Firewall.
  2. Update your browser.
  3. Disable Scripting Languages.
  4. Update Microsoft Windows.
  5. Use a good Antivirus.
Ans -3. Disable Scripting Languages.

45.Why do you think array bound checking on input is an important aspect of secure programming?
  1. Protects against Integer Overflows.
  2. Protects against Format String Overflow.
  3. Protects against Cross Site Scripting Attack.
  4. Protects against SQL Injection.
  5. Protects against piracy.
Ans -1. Protects against Integer Overflows.

46.For a website,what is the best way to protect their visitors from key loggers?
  1. Antivirus Software.
  2. Highest Browser Security Settings.
  3. Antispyware software.
  4. Secure Auditing.
  5. Virtual Keylogger.
Ans -5. Virtual Keylogger. 47.When you telnet to the POP port on the target computer,which port you could be connecting to?
  1. Port 110 or Port 25
  2. Port 80 or Prot 1110
  3. Port 8080 or Port 1234
  4. One of the above.
  5. All of the above.
Ans -5. All of the above.

48.How can you find the most visited websites on the network?
  1. Untangle
  2. Zone Alarm
  3. www.anonymizer.com
  4. Snort
  5. Tripwire
Ans -1. Untangle

49.Which of the below is the most foolproof technique of detecting a cookie tracker?
  1. Antivirus
  2. PrevX
  3. Tripwire
  4. Mozilla
  5. Firewall
Ans -3. Tripwire

50.When you port scan a target system,the port scanner shows that the ports:15,79,110,443 are open.What does that mean?
  1. Port 15,79,110 and 443 are open.
  2. Port 15,79,110 and 443 are closed.
  3. Other ports could be open too.
  4. Target system is running a Windows based platform.
Ans -3. Other ports could be open too.
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)