Free Preparation Discussions
MENU
SANS SEC504 Exam Questions
- Topic 1: Understanding Windows hashing function through Windows Server 2019/ Taking notes and writing reports
- Topic 2: Understanding what digital evidence is and how to collect it/ Asking and answering the right questions
- Topic 3: Analyzing packet captures using tcpdump/ Common incident response mistakes
- Topic 4: Monitoring the environment using snapshot and continuous recording tools/ Best practices for working with malware
- Topic 5: Choosing a target protocol for password guessing attacks/ Basic approaches for investigating malware
- Topic 6: Configuring Filebeat for simple log ingestion/ Using the MITRE ATT&CK Framework for smarter adversary assessment
- Topic 7: Using Kibana to identify password attack events/ Recommendations for password cracking in your organization
- Topic 8: Pivoting during an investigation/ Incident goals and milestones/ Artifact and event-based timelines
- Topic 9: Attacker evolution and the network for tool, technique, and practice (TTP) mapping/ How to collect digital evidence
- Topic 10: Getting password hashes from Windows 10 systems/ Identifying abnormal activity
Free SANS SEC504 Exam Actual Questions
Note: Premium Questions for SEC504 were last updated On 24-05-2024 (see below)
Adam, a malicious hacker is running a scan. Statistics of the scan is as follows:
Scan directed at open port: ClientServer
192.5.2.92:4079 ---------FIN--------->192.5.2.110:23192.5.2.92:4079 <----NO RESPONSE---
---192.5.2.110:23
Scan directed at closed port:
ClientServer
192.5.2.92:4079 ---------FIN--------->192.5.2.110:23
192.5.2.92:4079<-----RST/ACK----------192.5.2.110:23
Which of the following types of port scan is Adam running?
Adam works as a Network administrator for Umbrella Inc. He noticed that an ICMP ECHO requests is coming from some suspected outside sources. Adam suspects that some malicious hacker is trying to perform ping sweep attack on the network of the company. To stop this malicious activity, Adam blocks the ICMP ECHO request from any outside sources.
What will be the effect of the action taken by Adam?
Adam works as a Security Analyst for Umbrella Inc. Company has a Windows-based network. All computers run on Windows XP. Manager of the Sales department complains Adam about the unusual behavior of his computer. He told Adam that some pornographic contents are suddenly appeared on his computer overnight. Adam suspects that some malicious software or Trojans have been installed on the computer. He runs some diagnostics programs and Port scanners and found that the Port 12345, 12346, and 20034 are open. Adam also noticed some tampering with the Windows registry, which causes one application to run every time when Windows start.
Which of the following is the most likely reason behind this issue?
Which of the following techniques is used when a system performs the penetration testing with the objective of accessing unauthorized information residing inside a computer?
Which of the following is used to determine the range of IP addresses that are mapped to a live hosts?
- Select Question Types you want
- Set your Desired Pass Percentage
- Allocate Time (Hours : Minutes)
- Create Multiple Practice tests with Limited Questions
- Customer Support
Currently there are no comments in this discussion, be the first to comment!