Dumpster diving Study guides, Class notes & Summaries

GIAC EXAM WITH COMPLETE QUESTIONS AND ANSWERS LATEST 2024/2025 || GRADED A+. Ack Piggybacking - ANSWER The Practice of sending an ACK inside another packet going to the same destination Address resolution protocol - ANSWER Protocol for mapping an IP address to a physical machine address that is recognized on the local network. A table, usually called the ARP cache, is used to maintain a correlation between each MAC and its corresponding IP address What are the five threat vectors? - ANSWE...

When a penetration tester starts gathering details about employees, vendors, business processes, and physical security, which phase of testing are they in? Scanning Reconnaissance Covering tracks Gaining access Reconnaissance Which of the following elements of penetration testing includes the use of web surfing, social engineering, dumpster diving, and social networking? Information types Maintaining access Information gathering techniques Permission and documentation Information gathering te...

Ethical hacking Perpetrating exploits against a system with the intent to find vulnerabilities so that security weaknesses can be addressed and the system can be made more secure. Penetration testing The practice of finding vulnerabilities and risks with the purpose of securing the computer or network system. Red team An offensive security team that attempts to discover vulnerabilities in a network or computer system. Blue team A defensive security team that attempts to close vulnerabilities ...

Pen Test Exam 2 Questions & Answers 2023/2024 competitive intelligence - ANSWER-Gathered through observation and Web tools (A means of gathering information about a business or an industry by using observation, accessing public information, speaking with employees, and so on.) cookie - ANSWER-A text file containing a message sent from a Web server to a user's Web browser to be used later when the user revisits the Web site. dumpster diving - ANSWER-Gathering information by examining ...

White-hat testing, which involves testing with the knowledge and consent of the organizations IT staff, is also known as: - Answer D. Overt testing Social engineering can be used to accomplish: - Answer D. All of the above Which nmap command option performs a scan using the initial TCP handshake but sends an RST instead of ACK? - Answer A. sS SYN Stealth Scan Which of the following is a Mac OS-X tool used for network discovery and cracking? - Answer A. KisMAC The White Box ap...

Security+ Cert Exam Objectives SYO-601 Already Graded A Phishing fraudulent attempt to obtain sensitive information or data, by disguising oneself as a trustworthy entity in an electronic communication. Smishing When someone tries to trick you into giving them your private information via a text or SMS message. Vishing Using social engineering over the telephone system to gain access to private personal and financial information for the purpose of financial reward Spam irrelevant or unsolicit...

SANS GISCP and GIAC Exam Questions With 100% Correct Answers Ack Piggybacking - answerThe Practice of sending an ACK inside another packet going to the same destination Address resolution protocol - answerProtocol for mapping an IP address to a physical machine address that is recognized on the local network. A table, usually called the ARP cache, is used to maintain a correlation between each MAC and its corresponding IP address What are the five threat vectors? - answerOutside attack f...

SANS GISCP and GIAC Exam Questions With 100% Correct Answers Ack Piggybacking - answerThe Practice of sending an ACK inside another packet going to the same destination Address resolution protocol - answerProtocol for mapping an IP address to a physical machine address that is recognized on the local network. A table, usually called the ARP cache, is used to maintain a correlation between each MAC and its corresponding IP address What are the five threat vectors? - answerOutside attack f...

Hacker Vocabulary Exam Questions with Answers Trap Doors - Answer-Security holes; employees might destroy data or even trade company secrets to competitors using these security holes. Pumping and Dumping - Answer-Crooks use internet stock trading sites or chat rooms to praise useless companies in which they hold stock. Once the share prices go up they take their profits and dump the stocks. Phishing - Answer-A web page that is designed to fool you into thinking it's something else, such...

Signature Detection Signature detection mechanisms use known descriptions of viruses to identify malicious code resident on a system. Domain 3: Security Architecture and Engineering 3.5 Assess and mitigate the vulnerabilities of security architectures, designs, and solution elements Malicious Code - What is the most commonly used technique to protect against virus attacks? A Signature detection B Automated reconstruction C Data integrity assurance D Heuristic detection Backdoor Back d...