McAfee Certified Assessment Specialist Network

Transcription

1 McAfee Certified Assessment Specialist Network Exam preparation guide

2 Table of Contents Introduction 3 Becoming McAfee Certified 3 Exam Details 4 Recommended Exam Preparation 4 Exam Objectives 4 Sample Test Questions 5 Answer Key 7

3 Introduction This guide has been developed as a resource for your preparation to challenge the McAfee Certified Assessment Specialist Network Exam (MA0-150). The following information is provided in this guide: Learn more about the McAfee Security Certification Program Identify how to register for the exam Locate resources to help you prepare for the exam Review the objectives that the exam may cover Review examples of questions that may appear on the exam Becoming McAfee Certified To be successful in today s competitive IT landscape, you must be able to demonstrate your technology expertise and skills using the latest tools and methodologies. The McAfee Security Certification Program provides product and assessment certifications, validating your knowledge and ability in a variety of security-related categories. McAfee Assessment Certification is designed for security practitioners (penetration testers, auditors, consultants, administrators) with one to three years of experience. This certification level allows candidates to demonstrate knowledge in the following high-level assessment areas: Profiling and inventorying Vulnerability identification Vulnerability exploitation Expanding influence To become McAfee Certified, you must pass one or more McAfee Security Certification Program exams. McAfee has partnered with Prometric, a leading global provider of comprehensive testing and assessment services, to administer our certification program. Prometric makes the certification process easy from start to finish. With more than 5,000 global locations, you can conveniently test your knowledge and become McAfee Certified. Earning a McAfee Certified Assessment Specialist Certification will not guarantee you a job, but it can help you stand out from other job candidates by helping to validate that you have the skills required to perform the job function covered by those certifications. Certification also helps show potential employers your commitment to continued learning and career growth. Some of the benefits of becoming McAfee Certified include: Access to the McAfee Certification Candidate Portal A PDF copy of your certificate ed to you or your employers Provide access to your employers to verify your certifications Exam Details The McAfee Certified Assessment Specialist Network Exam is a computer-based exam offered through Prometric Testing Centers. To locate the most convenient Prometric Testing Center, please visit McAfee Certified Assessment Specialist Network Exam details: Exam number: MA0-150 Number of test questions: 100 technical McAfee uses a rounded cut score to determine the passing mark for each exam Test duration: two hours Certification granted: McAfee Certified Assessment Specialist Network The exam timer does not begin until the first technical question (post demographic) You will not be allowed to access any resources or references during the exam period 3

4 Recommended Exam Preparation The McAfee Security Certification Program recommends the following exam preparation strategies: Security practitioners with one to three years experience in penetration testing, auditing, or consulting Attend an authorized training course (Ultimate Hacking): Review the objectives and sample questions provided in this guide Exam Objectives You can prepare yourself for the exam by reviewing all of the sections outlined. Please note that although all of these sections are represented in each exam form, all questions are presented randomly for every challenge attempt. Section one: Casing the establishment Footprinting Identify and understand whois lookups Identify and understand Google hacking Identify and understand DNS interrogation Identify how to properly perform network reconnaissance Scanning Identify and understand how to launch Syn scan and TCP connect scan Using basic display filters Identify how idle scans work Identify passive scan fingerprinting Identify and understand how to perform ping sweeps Enumeration Identify and understand how to conduct banner grabbing Identify ports and how they relate to specific services Identify and understand how to perform tools-based vulnerability assessment Identify and understand SMB enumeration Section two: System hacking Hacking Microsoft Windows Identify and understand how to use Microsoft Windows administration tools Identify and understand how to utilize metasploit Identify and understand user accounts and permissions Identify and understand how to use lanman Identify what is meant by brute forcing accounts Identify exploit development Hacking UNIX Identify and understand UNIX file structure Identify and understand user accounts and permissions Identify and understand UNIX administration commands Identify what is meant by brute forcing accounts 4

5 Section three: Infrastructure hacking Network devices Identify SNMP querying Identify and understand basic administration ports Identify and understand routing and switching Identify and understand routing protocols Address resolution protocol (ARP) poisoning Wireless hacking Identify and understand basic security mechanisms Identify and understand how to crack wired equivalent privacy (WEP) Identify and understand how a WiFi protected access (WPA) enterprise is attacked Section four: Application and data hacking Hacking code Identify and understand the concept of buffer overflow Identify the concepts of reverse engineering Web hacking Identify and understand SQL injection Identify and understand cross-site scripting Identify and understand the concept of cipher suites Understand the use of vulnerability scanners Identify and understand authentication mechanisms Identify and understand HTTP session management Hacking the Internet user Identify and understand the concept of social engineering Identify and understand phishing Identify the method of URL shortening Sample Test Questions The following questions are provided for review. These questions are similar in style and content to the questions referenced in the McAfee Certified Assessment Specialist Network Exam. The answers are provided after the questions. 1. An attack in which a snippet of code is left on a website and persists in its database with the intention of being executed by a victim s browser is called: d. Cross-domain policy revocation 5

6 2. An attack in which a snippet of code is played back to the victim with the assistance of a catalyst, such as an RSS feed is called: d. Cross-domain policy revocation 3. The following is an example of what type of attack? joe OR asdfzxcv = asdfzxcv -- d. SQL injection 4. The following is an example of what type of attack? <img src= > d. SQL injection 5. Which of the following type of SQL injection is an attack that is carried out against a web application that does not display an error message? a. Secret b. Quiet c. Covert d. Blind 6. Checking the referrer header is not considered a good countermeasure against cross-site scripting (XSS) because the header is: a. Optional b. Required c. Not defined d. Tightly coupled 6

7 Answer Key 1. B 2. C 3. D 4. A 5. D 6. A McAfee, Inc Mission College Boulevard Santa Clara, CA McAfee and the McAfee logo are registered trademarks or trademarks of McAfee, Inc. or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others. The product plans, specifications and descriptions herein are provided for information only and subject to change without notice, and are provided without warranty of any kind, express or implied. Copyright 2011 McAfee, Inc gde_cert-assessment-exam_0311_fnl_ASD