Firewalk has just completed the second phase (the scanning phase) and a technician receives the
output shown below. What conclusions can be drawn based on these scan results? TCP port 21 –
no response TCP port 22 – no response TCP port 23 – Time-to-live exceeded

A security engineer has been asked to deploy a secure remote access solution that will allow
employees to connect to the company’s internal network. Which of the following can be
implemented to minimize the opportunity for the man-in-the-middle attack to occur?

What results will the following command yielD. ‘NMAP -sS -O -p 123-153 192.168.100.3’?

Which of the following network attacks takes advantage of weaknesses in the fragment
reassembly functionality of the TCP/IP protocol stack?

Which of the following are advantages of adopting a Single Sign On (SSO) system? (Choose two.)

An ethical hacker for a large security research firm performs penetration tests, vulnerability tests,
and risk assessments. A friend recently started a company and asks the hacker to perform a
penetration test and vulnerability assessment of the new company as a favor. What should the
hacker’s next step be before starting work on this job?

A large company intends to use Blackberry for corporate mobile phones and a security analyst is
assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to
demonstrate how an attacker could circumvent perimeter defenses and gain access to
the corporate network. What tool should the analyst use to perform a Blackjacking attack?

ICMP ping and ping sweeps are used to check for active systems and to check

A hacker searches in Google for filetype:pcf to find Cisco VPN config files. Those files may contain
connectivity passwords that can be decoded with which of the following?

Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?