A hacker, who posed as a heating and air conditioning specialist, was able to install a sniffer
program in a switched environment network. Which attack could the hacker use to sniff all of the
packets in the network?

Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request

Forgery (CSRF) vulnerable web application?

During a wireless penetration test, a tester detects an access point using WPA2 encryption. Which
of the following attacks should be used to obtain the key?

Which tool is used to automate SQL injections and exploit a database by forcing a given web
application to connect to another database controlled by a hacker?

A security analyst is performing an audit on the network to determine if there are any deviations
from the security policies in place. The analyst discovers that a user from the IT department had a
dial-out modem installed. Which security policy must the security analyst check to see if dial-out
modems are allowed?

A company is using Windows Server 2003 for its Active Directory (AD). What is the most efficient
way to crack the passwords for the AD users?

When an alert rule is matched in a network-based IDS like snort, the IDS does which of the
following?

Passive reconnaissance involves collecting information through which of the following?

During a penetration test, the tester conducts an ACK scan using NMAP against the external
interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this response,
which type of packet inspection is the firewall conducting?

What is the main reason the use of a stored biometric is vulnerable to an attack?