Limited Time Discount Offer 30% Off - Ends in 02:00:00

×

McAfee MA0-150 Exam - Certified McAfee Security Professional - Ethical Security Testing

Questions & Answers for McAfee MA0-150

Showing 1-15 of 177 Questions

Question #1 - Topic 1

Reverse Telnet is an example of a

A. Callback from the compromised host.

B. Technique used to secure UNIX servers from portscans.

C. Honeypot protection mechanism.

D. Port redirection technique.

Question #2 - Topic 1

What is the difference between web server attacks and web application attacks?

A. There is no difference, they are the same thing.

B. Web server attacks target the backend servers, while web application attacks target the front end server.

C. Web server attacks target the underlying server, while web application attacks target the application running on the web server.

D. Web server attacks require local access, while web application attacks can be local or remote.

Question #3 - Topic 1

A corporate user has just been hacked and shell code is installed. The user logs off, but the
hacker remains on the system with NT AUTHORTTY\SYSTEM credentials. What can the
attacker use to escalate to the corporate user's permissions?

A. AT scheduler

B. Cached credentials

C. Local windows privilege escalation

D. psexec

Question #4 - Topic 1

After compromising a Linux/Unix host, an attacker cannot seem to ping hosts by name but
can ping them by IP address. What command can be used to find the DNS server that the
compromised host is using?

A. ifconfig

B. ifconfig -a

C. cat /etc/resolv.conf

D. cat/etc/dns.conf

Question #5 - Topic 1

An attacker has compromised a Linux/Unix host. What command can the attacker run to
determine if anyone else is on the system?

A. w

B. whoami

C. whosthere

D. which

Question #6 - Topic 1

An Administrator of the CORP domain makes modifications to the Domain Security Policy
so that the storage of LAN Man hashes is no longer permitted. These changes are pushed
out to all servers using Group Policy. Six months later during a security audit, the
Administrator is shocked to find out that LAN Man hashes are still stored for some critical
domain accounts but not for user accounts. Which of the following is the cause?

A. LAN Man hashes cannot be removed from critical domain accounts.

B. Group Policy needs to be refreshed.

C. All Domain Controllers need to be restarted.

D. Passwords need to be changed for critical domain accounts.

Question #7 - Topic 1

A corporate laptop that implements Bitlocker was recently stolen from a user at Starbucks.
The data on the laptop is protected because Bitlocker implements

A. BIOS protection.

B. Keylogging protection.

C. Keyboard hooking.

D. Full disk encryption.

Question #8 - Topic 1

What are the default permissions set on an /etc/shadow file?

A. -rw-r-r- 1 root shadow

B. -r-xr-xr-x 1 root shadow

C. -rw-r.....1 root shadow

D. -rw—w—w-1 root shadow

Question #9 - Topic 1

A corporate user has just been tricked into installing malicious software. The software
attempts to phone home over port 80 but does not conform to the HTTP RFC. What device
protects a user in this situation?

A. Firewall with layer 7 inspection

B. Firewall with ACLs

C. Firewall with stateful packet inspection

D. Firewall with tight egress filtering allowing web ports

Question #10 - Topic 1

What website can help identify the type of server a company is using for their website?

A. www.nikto .org

B. www.netcraft.com

C. www.whatismyip.com

D. www.whatismyserver.com

Question #11 - Topic 1

Horizontal privilege escalation is a vulnerability of authorization where users act at a
privilege level

A. Above one they are entitled to act.

B. Below one they are entitled to act.

C. That they are entitled to but only as a different user.

D. That transfers across another application.

Question #12 - Topic 1

ARP poisoning involves

A. Flooding a switch with ARP requests so it fails open - acting as a hub.

B. Configuring all network interfaces to operate in promiscuous mode.

C. Installing a Trojan on a victim system that overwrites the ARP cache on the Target.

D. Sending out fake ARP responses to divert traffic on a switched network to flow through the malicious machine.

Question #13 - Topic 1

After compromising a Linux/Unix host, an attacker wants to replace a binary with a
malicious binary. What command can be used to find the location of the binary in their
path?

A. where

B. whereis

C. which

D. what

Question #14 - Topic 1

An attacker has just compromised a Linux host. What command can be used to determine
the distribution of Linux?

A. cat /etc/crontab

B. cat /etc/passwd

C. cat/etc/issue

D. cat /etc/shadow

Question #15 - Topic 1

What file indicates and controls where system logs are stored?

A. pam.conf

B. smb.conf

C. authlog.conf

D. syslog.conf

You Need Avanset VCE Player in Order to Open VCE Files

AUTUMN SALE: 30% DISCOUNT
This is ONE TIME OFFER

You save
30%

Enter Your Email Address to Receive Your 30% Discount Code

AUTUMN SALE: 30% DISCOUNT

You save
30%

Use Discount Code:

A confirmation link was sent to your e-mail.

Please check your mailbox for a message from support@exam-labs.com and follow the directions.