Real questions and answers

Real questions and answers

MK0-201 Free Demo Download

Certinside offers free demo for MK0-201 247 Q&As with Expert Real). You can check out the interface, question quality and usability of our practice exams before you decide to get it.



Download MK0-201 dumps Pdf Demo

Download MK0-201 dumps iEngine Demo

Real questions and answers
　
　
Exam : MILE2 Security MK0-201
Title : CPTS – Certified Pen Testing Specialist

1. By spoofing an IP address and inserting the attackers MAC address into an unsolicited ARP Reply packet, an attacker is performing what kind of attack? Choose the best answer.
A. Denial of Service
B. Sniffing in a switched network via ARP Poisoning
C. ARP Flood
D. Birthday
Answer: B

2. If an attacker gets Administrative-level access, why cant the entries in the Event log be trusted with certainty? Choose two.
A. Entries in the event log are not digitally signed
B. The attacker may have been able to simply clear the event log, thus erasing evidence of the method of break-in
C. Tools like Winzapper allow the attacker to selectively delete log entries associated with the initial break-in and subsequent malicious activity
D. Event logs have NTFS permissions of Everyone Full Control and thus can be easily edited
Answer: BC

3. Why wouldn’t it be surprising to find netcat on a trojaned-computer? Choose three.
A. Netcat can listen on any port and send data to any port
B. Netcat can be used to send or receive files over any port
C. Netcat can be used to perform port scanning
D. Netcat encrypts all communications
Answer: ABC

4. Most search engine support Advanced Search Operators; as a Penetration Tester you must be familiar with some of the larger search engines such as Google. There is a wealth of information to be gathered from these public databases. Which of the following operators would you use if you attempt to find an older copy of a website that might have information which is no longer available on the target website?
A. Link:
B. InCache:
C. Cache:
D. Related:
Answer: C

5. You are concerned about other people sniffing your data while it is traveling over your local network and the internet.
Which of the following would be the most effective countermeasure to protect your data against sniffing while it is in transit? Choose the best answer.
A. Encryption
B. AntiSniff
C. PromiScan
D. Usage of a switch
Answer: A

6. Which tools and or techniques can be used to remove an Alternative Data Stream on an NTFS file? Choose two.
A. Ads_cat
B. ADSChecker
C. ADS_Del
D. Copy the NTFS file containing the stream to a FAT partition, delete the original NTFS file, copy the FAT file back to NTFS
Answer: AD

7. Why would an administrator block ICMP TTL Exceeded error messages at the external gateways of the network? Choose the best answer.
A. To reduce the workload on the routers
B. To prevent Smurf attacks
C. To prevent trace-route software from revealing the IP addresses of these external gateways
D. To prevent fragment-based Denial of Service attacks
Answer: C

8. Which of the following items is the least likely to be found while doing Scanning? Choose the best answer.
A. IP addresses
B. Operating System
C. System Owner
D. Services
Answer: C