MK0-201 Online Practice Questions and Answers

Which of the following tools can detect hidden Alternative Data Streams on an NTFS file or folder? Choose all that apply.

A. Lns.exe

B. Lads.exe

C. FileAlyzer

D. ADSCheker

Name Servers are the Penetration Testers best friend.The Domain Name Registration database contains information about who registered a particular domain.What common command line as well as web based tool could be used to extract this information from the public database of Domain Name registration.

A. Whois

B. traceroute

C. SOA Query tool

D. Resolv

What sniffer program is capable of reconstructing associated TCP packets into a sessions showing application layer data from the client to the server and vice-versa?Choose the best 2 answers.

A. Packetyzer

B. Etherape

C. Ethereal

D. ARPwatch

Wireless Local Area Networks (WLAN) are becoming increasingly popular.

In order to link a wireless network to a wired network what type of device would be used?

A. SSID

B. Access Point

C. Switch

D. Hub

Which of the following ports could be associated with a trojan on a Windows computer? Choose two.

A. 135

B. 3268

C. 12345

D. 27374

Which tool speeds up offline password cracking by precomputing tables of password hashes?Choose the best answer.

A. John the Ripper

B. Xcrack

C. Rainbow Crack

D. Cisilia

Bob is working as an Instrusion Detection System administrator for a company called CCCure.

Being a keen analyst he has noted a very large amount of SYN packet being sent to some of his external IP addresses.

At first it looked like normal daily traffic but somehow it seems that after his internet facing hosts sends a SYN/ACK reply back to the connection request,the final ACK packet is never received from the remote host.

What type of scan does this pattern indicate?

A. A FIN Scan

B. A Vanilla port scan

C. A Half-Open Scan

D. A NULL scan

There are multiples ways that passwords could be cracked. Which of the following is not a password cracking method?

A. Salami

B. Brute Force

C. Dictionary

D. Hybrid

E. Pre-Computed Hashes

Which of the following SQL injection scripts would attempt to discover all usernames on the table users beginning with Ad?

A. SELECT *FROM* WHERE username =AD*

B. OR 1=1; SELECT username FROM users WHERE username LIKE ad%:

C. SELECT name FROM Master..sysxlogins

D. OR 1=2 WHERE name is like AD%

If the DS Client software has been installed on Windows 95,Windows 98, and NT 4 computers,what setting of the LanMan Authentication level should be applied to counteract LanMAn hash sniffing and offline cracking?Choose the best answer.

A. Send NTLM v2/Refuse LM and NTLM

B. Send NTLM only

C. Send LM and NTLM responses

D. Send NTLM v2/Refuse LM