Month End Sale Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

ECCouncil 312-50v11 Certified Ethical Hacker Exam - C|EH v11 Exam Practice Test

Page: 1 / 53
Total 528 questions

Certified Ethical Hacker Exam - C|EH v11 Questions and Answers

Question 1

The network users are complaining because their system are slowing down. Further, every time they attempt to go a website, they receive a series of pop-ups with advertisements. What types of malware have the system been infected with?

Options:

A.

Virus

B.

Spyware

C.

Trojan

D.

Adware

Question 2

What type of virus is most likely to remain undetected by antivirus software?

Options:

A.

Cavity virus

B.

Stealth virus

C.

File-extension virus

D.

Macro virus

Question 3

John, a professional hacker, decided to use DNS to perform data exfiltration on a target network, in this process, he embedded malicious data into the DNS protocol packets that even DNSSEC cannot detect. Using this technique. John successfully injected malware to bypass a firewall and maintained communication with the victim machine and C&C server. What is the technique employed by John to bypass the firewall?

Options:

A.

DNS cache snooping

B.

DNSSEC zone walking

C.

DNS tunneling method

D.

DNS enumeration

Question 4

Stephen, an attacker, targeted the industrial control systems of an organization. He generated a fraudulent email with a malicious attachment and sent it to employees of the target organization. An employee who manages the sales software of the operational plant opened the fraudulent email and clicked on the malicious attachment. This resulted in the malicious attachment being downloaded and malware being injected into the sales software maintained in the victim's system. Further, the malware propagated itself to other networked systems, finally damaging the industrial automation components. What is the attack technique used by Stephen to damage the industrial systems?

Options:

A.

Spear-phishing attack

B.

SMishing attack

C.

Reconnaissance attack

D.

HMI-based attack

Question 5

You have gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user’s password or activate disabled Windows accounts?

Options:

A.

John the Ripper

B.

SET

C.

CHNTPW

D.

Cain & Abel

Question 6

What is the file that determines the basic configuration (specifically activities, services, broadcast receivers, etc.) in an Android application?

Options:

A.

AndroidManifest.xml

B.

APK.info

C.

resources.asrc

D.

classes.dex

Question 7

Morris, a professional hacker, performed a vulnerability scan on a target organization by sniffing the traffic on the network lo identify the active systems, network services, applications, and vulnerabilities. He also obtained the list of the users who are currently accessing the network. What is the type of vulnerability assessment that Morris performed on the target organization?

Options:

A.

internal assessment

B.

Passive assessment

C.

External assessment

D.

Credentialed assessment

Question 8

Which tier in the N-tier application architecture is responsible for moving and processing data between the tiers?

Options:

A.

Presentation tier

B.

Application Layer

C.

Logic tier

D.

Data tier

Question 9

Attempting an injection attack on a web server based on responses to True/False QUESTION NO:s is called which of the following?

Options:

A.

Compound SQLi

B.

Blind SQLi

C.

Classic SQLi

D.

DMS-specific SQLi

Question 10

While testing a web application in development, you notice that the web server does not properly ignore the “dot dot slash” (../) character string and instead returns the file listing of a folder structure of the server.

What kind of attack is possible in this scenario?

Options:

A.

Cross-site scripting

B.

Denial of service

C.

SQL injection

D.

Directory traversal

Question 11

Jude, a pen tester, examined a network from a hacker's perspective to identify exploits and vulnerabilities accessible to the outside world by using devices such as firewalls, routers, and servers. In this process, he also estimated the threat of network security attacks and determined the level of security of the corporate network.

What is the type of vulnerability assessment that Jude performed on the organization?

Options:

A.

External assessment

B.

Passive assessment

C.

Host-based assessment

D.

Application assessment

Question 12

Bobby, an attacker, targeted a user and decided to hijack and intercept all their wireless communications. He installed a fake communication tower between two authentic endpoints to mislead the victim. Bobby used this virtual tower to interrupt the data transmission between the user and real tower, attempting to hijack an active session, upon receiving the users request. Bobby manipulated the traffic with the virtual tower and redirected the victim to a malicious website. What is the attack performed by Bobby in the above scenario?

Options:

A.

Wardriving

B.

KRACK attack

C.

jamming signal attack

D.

aLTEr attack

Question 13

Peter is surfing the internet looking for information about DX Company. Which hacking process is Peter doing?

Options:

A.

Scanning

B.

Footprinting

C.

Enumeration

D.

System Hacking

Question 14

Henry Is a cyber security specialist hired by BlackEye - Cyber security solutions. He was tasked with discovering the operating system (OS) of a host. He used the Unkornscan tool to discover the OS of the target system. As a result, he obtained a TTL value, which Indicates that the target system is running a Windows OS. Identify the TTL value Henry obtained, which indicates that the target OS is Windows.

Options:

A.

64

B.

128

C.

255

D.

138

Question 15

Samuel a security administrator, is assessing the configuration of a web server. He noticed that the server permits SSlv2 connections, and the same private key certificate is used on a different server that allows SSLv2 connections. This vulnerability makes the web server vulnerable to attacks as the SSLv2 server can leak key information.

Which of the following attacks can be performed by exploiting the above vulnerability?

Options:

A.

DROWN attack

B.

Padding oracle attack

C.

Side-channel attack

D.

DUHK attack

Question 16

An LDAP directory can be used to store information similar to a SQL database. LDAP uses a _____ database structure instead of SQL’s _____ structure. Because of this, LDAP has difficulty representing many-to-one relationships.

Options:

A.

Relational, Hierarchical

B.

Strict, Abstract

C.

Hierarchical, Relational

D.

Simple, Complex

Question 17

Which of the following provides a security professional with most information about the system’s security posture?

Options:

A.

Phishing, spamming, sending trojans

B.

Social engineering, company site browsing tailgating

C.

Wardriving, warchalking, social engineering

D.

Port scanning, banner grabbing service identification

Question 18

An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of the logged events do not match up.

What is the most likely cause?

Options:

A.

The network devices are not all synchronized.

B.

Proper chain of custody was not observed while collecting the logs.

C.

The attacker altered or erased events from the logs.

D.

The security breach was a false positive.

Question 19

jane invites her friends Alice and John over for a LAN party. Alice and John access Jane's wireless network without a password. However. Jane has a long, complex password on her router. What attack has likely occurred?

Options:

A.

Wireless sniffing

B.

Piggybacking

C.

Evil twin

D.

Wardriving

Question 20

Tess King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain.

What do you think Tess King is trying to accomplish? Select the best answer.

Options:

A.

A zone harvesting

B.

A zone transfer

C.

A zone update

D.

A zone estimate

Question 21

What does the following command in netcat do?

nc -l -u -p55555 < /etc/passwd

Options:

A.

logs the incoming connections to /etc/passwd file

B.

loads the /etc/passwd file to the UDP port 55555

C.

grabs the /etc/passwd file when connected to UDP port 55555

D.

deletes the /etc/passwd file when connected to the UDP port 55555

Question 22

When purchasing a biometric system, one of the considerations that should be reviewed is the processing speed. Which of the following best describes what it is meant by processing?

Options:

A.

The amount of time and resources that are necessary to maintain a biometric system

B.

How long it takes to setup individual user accounts

C.

The amount of time it takes to be either accepted or rejected from when an individual provides identification and authentication information

D.

The amount of time it takes to convert biometric data into a template on a smart card

Question 23

Which file is a rich target to discover the structure of a website during web-server footprinting?

Options:

A.

Document root

B.

Robots.txt

C.

domain.txt

D.

index.html

Question 24

Your organization has signed an agreement with a web hosting provider that requires you to take full responsibility of the maintenance of the cloud-based resources. Which of the following models covers this?

Options:

A.

Platform as a service

B.

Software as a service

C.

Functions as a

D.

service Infrastructure as a service

Question 25

Which rootkit is characterized by its function of adding code and/or replacing some of the operating-system kernel code to obscure a backdoor on a system?

Options:

A.

User-mode rootkit

B.

Library-level rootkit

C.

Kernel-level rootkit

D.

Hypervisor-level rootkit

Question 26

What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it’s made on the provider’s environment?

Options:

A.

Behavioral based

B.

Heuristics based

C.

Honeypot based

D.

Cloud based

Question 27

How can rainbow tables be defeated?

Options:

A.

Use of non-dictionary words

B.

All uppercase character passwords

C.

Password salting

D.

Lockout accounts under brute force password cracking attempts

Question 28

CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. The employee of CompanyXYZ is aware of your test. Your email message looks like this:

From: jim_miller@companyxyz.com

To: michelle_saunders@companyxyz.com Subject: Test message

Date: 4/3/2017 14:37

The employee of CompanyXYZ receives your email message.

This proves that CompanyXYZ’s email gateway doesn’t prevent what?

Options:

A.

Email Masquerading

B.

Email Harvesting

C.

Email Phishing

D.

Email Spoofing

Question 29

Take a look at the following attack on a Web Server using obstructed URL:

Question # 29

How would you protect from these attacks?

Options:

A.

Configure the Web Server to deny requests involving "hex encoded" characters

B.

Create rules in IDS to alert on strange Unicode requests

C.

Use SSL authentication on Web Servers

D.

Enable Active Scripts Detection at the firewall and routers

Question 30

By using a smart card and pin, you are using a two-factor authentication that satisfies

Options:

A.

Something you are and something you remember

B.

Something you have and something you know

C.

Something you know and something you are

D.

Something you have and something you are

Question 31

Daniel Is a professional hacker who Is attempting to perform an SQL injection attack on a target website. www.movlescope.com. During this process, he encountered an IDS that detects SQL Injection attempts based on predefined signatures. To evade any comparison statement, he attempted placing characters such as ‘ 'or '1'='1" In any bask injection statement such as "or 1=1." Identify the evasion technique used by Daniel in the above scenario.

Options:

A.

Null byte

B.

IP fragmentation

C.

Char encoding

D.

Variation

Question 32

Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

Options:

A.

Nikto

B.

John the Ripper

C.

Dsniff

D.

Snort

Question 33

When discussing passwords, what is considered a brute force attack?

Options:

A.

You attempt every single possibility until you exhaust all possible combinations or discover the password

B.

You threaten to use the rubber hose on someone unless they reveal their password

C.

You load a dictionary of words into your cracking program

D.

You create hashes of a large number of words and compare it with the encrypted passwords

E.

You wait until the password expires

Question 34

what is the port to block first in case you are suspicious that an loT device has been compromised?

Options:

A.

22

B.

443

C.

48101

D.

80

Question 35

_________ is a type of phishing that targets high-profile executives such as CEOs, CFOs, politicians, and celebrities who have access to confidential and highly valuable information.

Options:

A.

Spear phishing

B.

Whaling

C.

Vishing

D.

Phishing

Question 36

User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?

Options:

A.

Application

B.

Transport

C.

Session

D.

Presentation

Question 37

Lewis, a professional hacker, targeted the loT cameras and devices used by a target venture-capital firm. He used an information-gathering tool to collect information about the loT devices connected to a network, open ports and services, and the attack surface area. Using this tool, he also generated statistical reports on broad usage patterns and trends. This tool helped Lewis continually monitor every reachable server and device on the Internet, further allowing him to exploit these devices in the network. Which of the following tools was employed by Lewis in the above scenario?

Options:

A.

Censys

B.

Wapiti

C.

NeuVector

D.

Lacework

Question 38

From the following table, identify the wrong answer in terms of Range (ft).

Standard Range (ft)

802.11a 150-150

802.11b 150-150

802.11g 150-150

802.16 (WiMax) 30 miles

Options:

A.

802.16 (WiMax)

B.

802.11g

C.

802.11b

D.

802.11a

Question 39

An attacker changes the profile information of a particular user (victim) on the target website. The attacker uses this string to update the victim’s profile to a text file and then submit the data to the attacker’s database.

< iframe src=““http://www.vulnweb.com/updateif.php”” style=““display:none”” > < /iframe >

What is this type of attack (that can use either HTTP GET or HTTP POST) called?

Options:

A.

Browser Hacking

B.

Cross-Site Scripting

C.

SQL Injection

D.

Cross-Site Request Forgery

Question 40

John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker Installed a scanner on a machine belonging to one of the vktims and scanned several machines on the same network to Identify vulnerabilities to perform further exploitation. What is the type of vulnerability assessment tool employed by John in the above scenario?

Options:

A.

Proxy scanner

B.

Agent-based scanner

C.

Network-based scanner

D.

Cluster scanner

Question 41

if you send a TCP ACK segment to a known closed port on a firewall but it does not respond with an RST. what do you know about the firewall you are scanning?

Options:

A.

There is no firewall in place.

B.

This event does not tell you encrypting about the firewall.

C.

It is a stateful firewall

D.

It Is a non-stateful firewall.

Question 42

Suppose your company has just passed a security risk assessment exercise. The results display that the risk of the breach in the main company application is 50%. Security staff has taken some measures and

implemented the necessary controls. After that, another security risk assessment was performed showing that risk has decreased to 10%. The risk threshold for the application is 20%. Which of the following risk decisions will be the best for the project in terms of its successful continuation with the most business profit?

Options:

A.

Accept the risk

B.

Introduce more controls to bring risk to 0%

C.

Mitigate the risk

D.

Avoid the risk

Question 43

To invisibly maintain access to a machine, an attacker utilizes a toolkit that sits undetected In the core components of the operating system. What is this type of rootkit an example of?

Options:

A.

Mypervisor rootkit

B.

Kernel toolkit

C.

Hardware rootkit

D.

Firmware rootkit

Question 44

Which of the following is the primary objective of a rootkit?

Options:

A.

It opens a port to provide an unauthorized service

B.

It creates a buffer overflow

C.

It replaces legitimate programs

D.

It provides an undocumented opening in a program

Question 45

Fred is the network administrator for his company. Fred is testing an internal switch.

From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer. How can Fred accomplish this?

Options:

A.

Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.

B.

He can send an IP packet with the SYN bit and the source address of his computer.

C.

Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.

D.

Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.

Question 46

Which of the following is the least-likely physical characteristic to be used in biometric control that supports a large company?

Options:

A.

Iris patterns

B.

Voice

C.

Height and Weight

D.

Fingerprints

Question 47

You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity, what tool would you most likely select?

Options:

A.

Nmap

B.

Cain & Abel

C.

Nessus

D.

Snort

Question 48

Suppose that you test an application for the SQL injection vulnerability. You know that the backend database

is based on Microsoft SQL Server. In the login/password form, you enter the following credentials:

Username: attack' or 1=1 -

Password: 123456

Based on the above credentials, which of the following SQL commands are you expecting to be executed by the server, if there is indeed an SQL injection vulnerability?

Options:

A.

select * from Users where UserName = ‘attack’ ’ or 1=1 -- and UserPassword = ‘123456’

B.

select * from Users where UserName = ‘attack’ or 1=1 -- and UserPassword = ‘123456’

C.

select * from Users where UserName = ‘attack or 1=1 -- and UserPassword = ‘123456’

D.

select * from Users where UserName = ‘attack’ or 1=1 --’ and UserPassword = ‘123456’

Question 49

Mary found a high vulnerability during a vulnerability scan and notified her server team. After analysis, they sent her proof that a fix to that issue had already been applied. The vulnerability that Marry found is called what?

Options:

A.

False-negative

B.

False-positive

C.

Brute force attack

D.

Backdoor

Question 50

When a security analyst prepares for the formal security assessment - what of the following should be done in order to determine inconsistencies in the secure assets database and verify that system is compliant to the minimum security baseline?

Options:

A.

Data items and vulnerability scanning

B.

Interviewing employees and network engineers

C.

Reviewing the firewalls configuration

D.

Source code review

Question 51

Bella, a security professional working at an it firm, finds that a security breach has occurred while transferring important files. Sensitive data, employee usernames. and passwords are shared In plaintext, paving the way for hackers 10 perform successful session hijacking. To address this situation. Bella Implemented a protocol that sends data using encryption and digital certificates. Which of the following protocols Is used by Bella?

Options:

A.

FTP

B.

HTTPS

C.

FTPS

D.

IP

Question 52

The Payment Card Industry Data Security Standard (PCI DSS) contains six different categories of control objectives. Each objective contains one or more requirements, which must be followed in order to achieve compliance. Which of the following requirements would best fit under the objective, "Implement strong access control measures"?

Options:

A.

Regularly test security systems and processes.

B.

Encrypt transmission of cardholder data across open, public networks.

C.

Assign a unique ID to each person with computer access.

D.

Use and regularly update anti-virus software on all systems commonly affected by malware.

Question 53

Attacker Simon targeted the communication network of an organization and disabled the security controls of NetNTLMvl by modifying the values of LMCompatibilityLevel, NTLMMinClientSec, and RestrictSendingNTLMTraffic. He then extracted all the non-network logon tokens from all the active processes to masquerade as a legitimate user to launch further attacks. What is the type of attack performed by Simon?

Options:

A.

Internal monologue attack

B.

Combinator attack

C.

Rainbow table attack

D.

Dictionary attack

Question 54

Based on the below log, which of the following sentences are true?

Mar 1, 2016, 7:33:28 AM 10.240.250.23 - 54373 10.249.253.15 - 22 tcp_ip

Options:

A.

Application is FTP and 10.240.250.23 is the client and 10.249.253.15 is the server.

B.

Application is SSH and 10.240.250.23 is the server and 10.249.253.15 is the client.

C.

SSH communications are encrypted; it’s impossible to know who is the client or the server.

D.

Application is SSH and 10.240.250.23 is the client and 10.249.253.15 is the server.

Question 55

CyberTech Inc. recently experienced SQL injection attacks on its official website. The company appointed Bob, a security professional, to build and incorporate defensive strategies against such attacks. Bob adopted a practice whereby only a list of entities such as the data type, range, size, and value, which have been approved for secured access, is accepted. What is the defensive technique employed by Bob in the above scenario?

Options:

A.

Output encoding

B.

Enforce least privileges

C.

Whitelist validation

D.

Blacklist validation

Question 56

What port number is used by LDAP protocol?

Options:

A.

110

B.

389

C.

464

D.

445

Question 57

What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?

Options:

A.

Residual risk

B.

Impact risk

C.

Deferred risk

D.

Inherent risk

Question 58

An attacker identified that a user and an access point are both compatible with WPA2 and WPA3 encryption. The attacker installed a rogue access point with only WPA2 compatibility in the vicinity and forced the victim to go through the WPA2 four-way handshake to get connected. After the connection was established, the attacker used automated tools to crack WPA2-encrypted messages. What is the attack performed in the above scenario?

Options:

A.

Timing-based attack

B.

Side-channel attack

C.

Downgrade security attack

D.

Cache-based attack

Question 59

In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details. Ignorant users usually fall prey to this scam.

Which of the following statement is incorrect related to this attack?

Options:

A.

Do not reply to email messages or popup ads asking for personal or financial information

B.

Do not trust telephone numbers in e-mails or popup ads

C.

Review credit card and bank account statements regularly

D.

Antivirus, anti-spyware, and firewall software can very easily detect these type of attacks

E.

Do not send credit card numbers, and personal or financial information via e-mail

Question 60

Which of the following programs is usually targeted at Microsoft Office products?

Options:

A.

Polymorphic virus

B.

Multipart virus

C.

Macro virus

D.

Stealth virus

Question 61

Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming himself to represent a technical support team from a vendor. He warned that a specific server is about to be compromised and requested sibertech.org to follow the provided instructions. Consequently, he prompted the victim to execute unusual commands and install malicious files, which were then used to collect and pass critical Information to Johnson's machine. What is the social engineering technique Steve employed in the above scenario?

Options:

A.

Quid pro quo

B.

Diversion theft

C.

Elicitation

D.

Phishing

Question 62

John is investigating web-application firewall logs and observers that someone is attempting to inject the following:

char buff[10];

buff[>o] - 'a':

What type of attack is this?

Options:

A.

CSRF

B.

XSS

C.

Buffer overflow

D.

SQL injection

Question 63

A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other systems.

However, he is unable to capture any logons though he knows that other users are logging in.

What do you think is the most likely reason behind this?

Options:

A.

There is a NIDS present on that segment.

B.

Kerberos is preventing it.

C.

Windows logons cannot be sniffed.

D.

L0phtcrack only sniffs logons to web servers.

Question 64

In both pharming and phishing attacks, an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims.

What is the difference between pharming and phishing attacks?

Options:

A.

In a pharming attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack, an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name

B.

In a phishing attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack, an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name

C.

Both pharming and phishing attacks are purely technical and are not considered forms of social engineering

D.

Both pharming and phishing attacks are identical

Question 65

Password cracking programs reverse the hashing process to recover passwords. (True/False.)

Options:

A.

True

B.

False

Question 66

Robin, an attacker, is attempting to bypass the firewalls of an organization through the DNS tunneling method in order to exfiltrate data. He is using the NSTX tool for bypassing the firewalls. On which of the following ports should Robin run the NSTX tool?

Options:

A.

Port 53

B.

Port 23

C.

Port 50

D.

Port 80

Question 67

Robin, a professional hacker, targeted an organization's network to sniff all the traffic. During this process.

Robin plugged in a rogue switch to an unused port in the LAN with a priority lower than any other switch in the network so that he could make it a root bridge that will later allow him to sniff all the traffic in the network.

What is the attack performed by Robin in the above scenario?

Options:

A.

ARP spoofing attack

B.

VLAN hopping attack

C.

DNS poisoning attack

D.

STP attack

Question 68

You want to analyze packets on your wireless network. Which program would you use?

Options:

A.

Wireshark with Airpcap

B.

Airsnort with Airpcap

C.

Wireshark with Winpcap

D.

Ethereal with Winpcap

Question 69

Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing services, which OS did it not directly affect?

Options:

A.

Linux

B.

Unix

C.

OS X

D.

Windows

Question 70

Based on the following extract from the log of a compromised machine, what is the hacker really trying to steal?

Options:

A.

har.txt

B.

SAM file

C.

wwwroot

D.

Repair file

Question 71

Bill has been hired as a penetration tester and cyber security auditor for a major credit card company. Which information security standard is most applicable to his role?

Options:

A.

FISMA

B.

HITECH

C.

PCI-DSS

D.

Sarbanes-OxleyAct

Question 72

Which of the following allows attackers to draw a map or outline the target organization's network infrastructure to know about the actual environment that they are going to hack.

Options:

A.

Enumeration

B.

Vulnerability analysis

C.

Malware analysis

D.

Scanning networks

Question 73

Susan, a software developer, wants her web API to update other applications with the latest information. For this purpose, she uses a user-defined HTTP tailback or push APIs that are raised based on trigger events: when invoked, this feature supplies data to other applications so that users can instantly receive real-time Information.

Which of the following techniques is employed by Susan?

Options:

A.

web shells

B.

Webhooks

C.

REST API

D.

SOAP API

Question 74

Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not encrypt email, leaving the information in the message vulnerable to being read by an unauthorized person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by SMTP over TLS is encrypted. What is the name of the command used by SMTP to transmit email over TLS?

Options:

A.

OPPORTUNISTICTLS

B.

UPGRADETLS

C.

FORCETLS

D.

STARTTLS

Question 75

Leverox Solutions hired Arnold, a security professional, for the threat intelligence process. Arnold collected information about specific threats against the organization. From this information, he retrieved contextual information about security events and incidents that helped him disclose potential risks and gain insight into attacker methodologies. He collected the information from sources such as humans, social media, and chat rooms as well as from events that resulted in cyberattacks. In this process, he also prepared a report that includes identified malicious activities, recommended courses of action, and warnings for emerging attacks. What is the type of threat intelligence collected by Arnold in the above scenario?

Options:

A.

Strategic threat intelligence

B.

Tactical threat intelligence

C.

Operational threat intelligence

D.

Technical threat intelligence

Question 76

Richard, an attacker, targets an MNC In this process, he uses a footprinting technique to gather as much information as possible. Using this technique, he gathers domain information such as the target domain name, contact details of its owner, expiry date, and creation date. With this information, he creates a map of the organization's network and misleads domain owners with social engineering to obtain internal details of its network. What type of footprinting technique is employed by Richard?

Options:

A.

VPN footprinting

B.

Email footprinting

C.

VoIP footprinting

D.

Whois footprinting

Question 77

A company’s security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?

Options:

A.

Attempts by attackers to access the user and password information stored in the company’s SQL database.

B.

Attempts by attackers to access Web sites that trust the Web browser user by stealing the user’s authentication credentials.

C.

Attempts by attackers to access password stored on the user’s computer without the user’s knowledge.

D.

Attempts by attackers to determine the user’s Web browser usage patterns, including when sites were visited and for how long.

Question 78

What is a NULL scan?

Options:

A.

A scan in which all flags are turned off

B.

A scan in which certain flags are off

C.

A scan in which all flags are on

D.

A scan in which the packet size is set to zero

E.

A scan with an illegal packet size

Question 79

If executives are found liable for not properly protecting their company’s assets and information systems, what type of law would apply in this situation?

Options:

A.

Criminal

B.

International

C.

Common

D.

Civil

Page: 1 / 53
Total 528 questions