Question 86
You work as a Network Administrator for InformSec Inc. You find that the TCP port number 23476 is open on your
server. You suspect that there may be a Trojan named Donald Dick installed on your server. Now you want to verify
whether Donald Dick is installed on it or not. For this, you want to know the process running on port 23476, as well as
the process id, process name, and the path of the process on your server. Which of the following applications will you
most likely use to accomplish the task?
Question 87
Which of the following statements are true about a keylogger?
Each correct answer represents a complete solution. Choose all that apply.
Question 88
You work as a Network Administrator for Perfect Solutions Inc. The company has a Linux-based network.
You are working as a root user on the Linux operating system. Your company is facing an IP spoofing attack.
Which of the following tools will you use to get an alert saying that an upcoming IP packet is being spoofed?
Question 89
Which of the following statements are true about worms?
Each correct answer represents a complete solution. Choose all that apply.
Question 90
Adam works as a Security Administrator for Umbrella Technology Inc. He reported a breach in security to his senior
members, stating that "security defenses has been breached and exploited for 2 weeks by hackers." The hackers had
accessed and downloaded 50,000 addresses containing customer credit cards and passwords. Umbrella Technology
was looking to law enforcement officials to protect their intellectual property.
The intruder entered through an employee's home machine, which was connected to Umbrella
Technology's corporate VPN network. The application called BEAST Trojan was used in the attack to open a "back
door" allowing the hackers undetected access. The security breach was discovered when customers complained about
the usage of their credit cards without their knowledge.
The hackers were traced back to Shanghai, China through e-mail address evidence. The credit card information was
sent to that same e-mail address. The passwords allowed the hackers to access Umbrella Technology's network from a
remote location, posing as employees.
Which of the following actions can Adam perform to prevent such attacks from occurring in future?
