Black Friday / Cyber Monday Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

ECCouncil 312-50v11 Certified Ethical Hacker Exam - C|EH v11 Exam Practice Test

Page: 1 / 53
Total 528 questions

Certified Ethical Hacker Exam - C|EH v11 Questions and Answers

Question 1

Mr. Omkar performed tool-based vulnerability assessment and found two vulnerabilities. During analysis, he found that these issues are not true vulnerabilities.

What will you call these issues?

Options:

A.

False positives

B.

True negatives

C.

True positives

D.

False negatives

Question 2

Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the attacks process, he performed DNS footprinting to gather information about ONS servers and to identify the hosts connected in the target network. He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names. IP addresses. DNS records, and network Who is records. He further exploited this information to launch other sophisticated attacks. What is the tool employed by Gerard in the above scenario?

Options:

A.

Knative

B.

zANTI

C.

Towelroot

D.

Bluto

Question 3

Which of the following web vulnerabilities would an attacker be attempting to exploit if they delivered the following input?

] >

Options:

A.

XXE

B.

SQLi

C.

IDOR

D.

XXS

Question 4

You have the SOA presented below in your Zone.

Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary servers attempt to contact the primary server before it considers that zone is dead and stops responding to queries?

collegae.edu.SOA, cikkye.edu ipad.college.edu. (200302028 3600 3600 604800 3600)

Options:

A.

One day

B.

One hour

C.

One week

D.

One month

Question 5

Which method of password cracking takes the most time and effort?

Options:

A.

Dictionary attack

B.

Shoulder surfing

C.

Rainbow tables

D.

Brute force

Question 6

Which regulation defines security and privacy controls for Federal information systems and organizations?

Options:

A.

HIPAA

B.

EU Safe Harbor

C.

PCI-DSS

D.

NIST-800-53

Question 7

A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted.

Which cryptography attack is the student attempting?

Options:

A.

Man-in-the-middle attack

B.

Brute-force attack

C.

Dictionary attack

D.

Session hijacking

Question 8

The following is an entry captured by a network IDS. You are assigned the task of analyzing this entry. You notice the value 0x90, which is the most common NOOP instruction for the Intel processor. You figure that the attacker is attempting a buffer overflow attack.

You also notice "/bin/sh" in the ASCII part of the output.

As an analyst what would you conclude about the attack?

Options:

A.

The buffer overflow attack has been neutralized by the IDS

B.

The attacker is creating a directory on the compromised machine

C.

The attacker is attempting a buffer overflow attack and has succeeded

D.

The attacker is attempting an exploit that launches a command-line shell

Question 9

Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing?

Options:

A.

Install DNS logger and track vulnerable packets

B.

Disable DNS timeouts

C.

Install DNS Anti-spoofing

D.

Disable DNS Zone Transfer

Question 10

Which of the following types of SQL injection attacks extends the results returned by the original query, enabling attackers to run two or more statements if they have the same structure as the original one?

Options:

A.

Error-based injection

B.

Boolean-based blind SQL injection

C.

Blind SQL injection

D.

Union SQL injection

Question 11

Firewalls are the software or hardware systems that are able to control and monitor the traffic coming in and out the target network based on pre-defined set of rules. Which of the following types of firewalls can protect against SQL injection attacks?

Options:

A.

Data-driven firewall

B.

Packet firewall

C.

Web application firewall

D.

Stateful firewall

Question 12

Robin, an attacker, is attempting to bypass the firewalls of an organization through the DNS tunneling method in order to exfiltrate data. He is using the NSTX tool for bypassing the firewalls. On which of the following ports should Robin run the NSTX tool?

Options:

A.

Port 53

B.

Port 23

C.

Port 50

D.

Port 80

Question 13

Which iOS jailbreaking technique patches the kernel during the device boot so that it becomes jailbroken after each successive reboot?

Options:

A.

Tethered jailbreaking

B.

Semi-tethered jailbreaking

C.

Untethered jailbreaking

D.

Semi-Untethered jailbreaking

Question 14

Which of the following antennas is commonly used in communications for a frequency band of 10 MHz to VHF and UHF?

Options:

A.

Yagi antenna

B.

Dipole antenna

C.

Parabolic grid antenna

D.

Omnidirectional antenna

Question 15

In the field of cryptanalysis, what is meant by a “rubber-hose” attack?

Options:

A.

Forcing the targeted keystream through a hardware-accelerated device such as an ASIC.

B.

A backdoor placed into a cryptographic algorithm by its creator.

C.

Extraction of cryptographic secrets through coercion or torture.

D.

Attempting to decrypt ciphertext by making logical assumptions about the contents of the original plaintext.

Question 16

An attacker changes the profile information of a particular user (victim) on the target website. The attacker uses this string to update the victim’s profile to a text file and then submit the data to the attacker’s database.

< iframe src=““http://www.vulnweb.com/updateif.php”” style=““display:none”” > < /iframe >

What is this type of attack (that can use either HTTP GET or HTTP POST) called?

Options:

A.

Browser Hacking

B.

Cross-Site Scripting

C.

SQL Injection

D.

Cross-Site Request Forgery

Question 17

If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?

Options:

A.

–r

B.

–F

C.

–P

D.

–sP

Question 18

This type of injection attack does not show any error message. It is difficult to exploit as it returns information when the application is given SQL payloads that elicit a true or false response from the server. By observing the response, an attacker can extract sensitive information. What type of attack is this?

Options:

A.

Time-based SQL injection

B.

Union SQL injection

C.

Error-based SQL injection

D.

Blind SQL injection

Question 19

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple, small sized packets to the target computer, making it very difficult for an IDS to detect the attack signatures. Which tool can be used to perform session splicing attacks?

Options:

A.

tcpsplice

B.

Burp

C.

Hydra

D.

Whisker

Question 20

Which tier in the N-tier application architecture is responsible for moving and processing data between the tiers?

Options:

A.

Presentation tier

B.

Application Layer

C.

Logic tier

D.

Data tier

Question 21

Which of the following statements about a zone transfer is correct? (Choose three.)

Options:

A.

A zone transfer is accomplished with the DNS

B.

A zone transfer is accomplished with the nslookup service

C.

A zone transfer passes all zone information that a DNS server maintains

D.

A zone transfer passes all zone information that a nslookup server maintains

E.

A zone transfer can be prevented by blocking all inbound TCP port 53 connections

F.

Zone transfers cannot occur on the Internet

Question 22

what firewall evasion scanning technique make use of a zombie system that has low network activity as well as its fragment identification numbers?

Options:

A.

Decoy scanning

B.

Packet fragmentation scanning

C.

Spoof source address scanning

D.

Idle scanning

Question 23

Tess King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain.

What do you think Tess King is trying to accomplish? Select the best answer.

Options:

A.

A zone harvesting

B.

A zone transfer

C.

A zone update

D.

A zone estimate

Question 24

which type of virus can change its own code and then cipher itself multiple times as it replicates?

Options:

A.

Stealth virus

B.

Tunneling virus

C.

Cavity virus

D.

Encryption virus

Question 25

Which file is a rich target to discover the structure of a website during web-server footprinting?

Options:

A.

Document root

B.

Robots.txt

C.

domain.txt

D.

index.html

Question 26

As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing.

What document describes the specifics of the testing, the associated violations, and essentially protects both the organization’s interest and your liabilities as a tester?

Options:

A.

Service Level Agreement

B.

Project Scope

C.

Rules of Engagement

D.

Non-Disclosure Agreement

Question 27

Mirai malware targets loT devices. After infiltration, it uses them to propagate and create botnets that then used to launch which types of attack?

Options:

A.

MITM attack

B.

Birthday attack

C.

DDoS attack

D.

Password attack

Question 28

Heather’s company has decided to use a new customer relationship management tool. After performing the appropriate research, they decided to purchase a subscription to a cloud-hosted solution. The only administrative task that Heather will need to perform is the management of user accounts. The provider will take care of the hardware, operating system, and software administration including patching and monitoring. Which of the following is this type of solution?

Options:

A.

SaaS

B.

IaaS

C.

CaaS

D.

PasS

Question 29

_________ is a type of phishing that targets high-profile executives such as CEOs, CFOs, politicians, and celebrities who have access to confidential and highly valuable information.

Options:

A.

Spear phishing

B.

Whaling

C.

Vishing

D.

Phishing

Question 30

During a black-box pen test you attempt to pass IRC traffic over port 80/TCP from a compromised web enabled host. The traffic gets blocked; however, outbound HTTP traffic is unimpeded. What type of firewall is inspecting outbound traffic?

Options:

A.

Circuit

B.

Stateful

C.

Application

D.

Packet Filtering

Question 31

Stephen, an attacker, targeted the industrial control systems of an organization. He generated a fraudulent email with a malicious attachment and sent it to employees of the target organization. An employee who manages the sales software of the operational plant opened the fraudulent email and clicked on the malicious attachment. This resulted in the malicious attachment being downloaded and malware being injected into the sales software maintained in the victim's system. Further, the malware propagated itself to other networked systems, finally damaging the industrial automation components. What is the attack technique used by Stephen to damage the industrial systems?

Options:

A.

Spear-phishing attack

B.

SMishing attack

C.

Reconnaissance attack

D.

HMI-based attack

Question 32

Don, a student, came across a gaming app in a third-party app store and Installed it. Subsequently, all the legitimate apps in his smartphone were replaced by deceptive applications that appeared legitimate. He also received many advertisements on his smartphone after Installing the app. What is the attack performed on Don in the above scenario?

Options:

A.

SMS phishing attack

B.

SIM card attack

C.

Agent Smith attack

D.

Clickjacking

Question 33

Study the snort rule given below and interpret the rule. alert tcp any any --> 192.168.1.0/24 111

(content:"|00 01 86 a5|"; msG. "mountd access";)

Options:

A.

An alert is generated when a TCP packet is generated from any IP on the 192.168.1.0 subnet and destined to any IP on port 111

B.

An alert is generated when any packet other than a TCP packet is seen on the network and destined for the 192.168.1.0 subnet

C.

An alert is generated when a TCP packet is originated from port 111 of any IP address to the 192.168.1.0 subnet

D.

An alert is generated when a TCP packet originating from any IP address is seen on the network and destined for any IP address on the 192.168.1.0 subnet on port 111

Question 34

You are tasked to configure the DHCP server to lease the last 100 usable IP addresses in subnet to. 1.4.0/23. Which of the following IP addresses could be teased as a result of the new configuration?

Options:

A.

210.1.55.200

B.

10.1.4.254

C.

10..1.5.200

D.

10.1.4.156

Question 35

Jude, a pen tester working in Keiltech Ltd., performs sophisticated security testing on his company's network infrastructure to identify security loopholes. In this process, he started to circumvent the network protection tools and firewalls used in the company. He employed a technique that can create forged TCP sessions by carrying out multiple SYN, ACK, and RST or FIN packets. Further, this process allowed Jude to execute DDoS attacks that can exhaust the network resources. What is the attack technique used by Jude for finding loopholes in the above scenario?

Options:

A.

UDP flood attack

B.

Ping-of-death attack

C.

Spoofed session flood attack

D.

Peer-to-peer attack

Question 36

What is GINA?

Options:

A.

Gateway Interface Network Application

B.

GUI Installed Network Application CLASS

C.

Global Internet National Authority (G-USA)

D.

Graphical Identification and Authentication DLL

Question 37

Richard, an attacker, targets an MNC In this process, he uses a footprinting technique to gather as much information as possible. Using this technique, he gathers domain information such as the target domain name, contact details of its owner, expiry date, and creation date. With this information, he creates a map of the organization's network and misleads domain owners with social engineering to obtain internal details of its network. What type of footprinting technique is employed by Richard?

Options:

A.

VPN footprinting

B.

Email footprinting

C.

VoIP footprinting

D.

Whois footprinting

Question 38

What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

Options:

A.

Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

B.

Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.

C.

Symmetric encryption allows the server to security transmit the session keys out-of-band.

D.

Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.

Question 39

Which Nmap option would you use if you were not concerned about being detected and wanted to perform a very fast scan?

Options:

A.

-T5

B.

-O

C.

-T0

D.

-A

Question 40

Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?

Options:

A.

A biometric system that bases authentication decisions on behavioral attributes.

B.

A biometric system that bases authentication decisions on physical attributes.

C.

An authentication system that creates one-time passwords that are encrypted with secret keys.

D.

An authentication system that uses passphrases that are converted into virtual passwords.

Question 41

You want to analyze packets on your wireless network. Which program would you use?

Options:

A.

Wireshark with Airpcap

B.

Airsnort with Airpcap

C.

Wireshark with Winpcap

D.

Ethereal with Winpcap

Question 42

Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

Options:

A.

Overloading Port Address Translation

B.

Dynamic Port Address Translation

C.

Dynamic Network Address Translation

D.

Static Network Address Translation

Question 43

In the context of Windows Security, what is a 'null' user?

Options:

A.

A user that has no skills

B.

An account that has been suspended by the admin

C.

A pseudo account that has no username and password

D.

A pseudo account that was created for security administration purpose

Question 44

jane, an ethical hacker. Is testing a target organization's web server and website to identity security loopholes. In this process, she copied the entire website and its content on a local drive to view the complete profile of the site's directory structure, file structure, external links, images, web pages, and so on. This information helps jane map the website's directories and gain valuable information. What is the attack technique employed by Jane in the above scenario?

Options:

A.

website mirroring

B.

Session hijacking

C.

Web cache poisoning

D.

Website defacement

Question 45

You are a Network Security Officer. You have two machines. The first machine (192.168.0.99) has snort installed, and the second machine (192.168.0.150) has kiwi syslog installed. You perform a syn scan in your network, and you notice that kiwi syslog is not receiving the alert message from snort. You decide to run wireshark in the snort machine to check if the messages are going to the kiwi syslog machine. What Wireshark filter will show the connections from the snort machine to kiwi syslog machine?

Options:

A.

tcp.srcport= = 514 && ip.src= = 192.168.0.99

B.

tcp.srcport= = 514 && ip.src= = 192.168.150

C.

tcp.dstport= = 514 && ip.dst= = 192.168.0.99

D.

tcp.dstport= = 514 && ip.dst= = 192.168.0.150

Question 46

You have been authorized to perform a penetration test against a website. You want to use Google dorks to footprint the site but only want results that show file extensions. What Google dork operator would you use?

Options:

A.

filetype

B.

ext

C.

inurl

D.

site

Question 47

Kevin, a professional hacker, wants to penetrate CyberTech Inc.’s network. He employed a technique, using which he encoded packets with Unicode characters. The company’s IDS cannot recognize the packet, but the target web server can decode them.

What is the technique used by Kevin to evade the IDS system?

Options:

A.

Desynchronization

B.

Obfuscating

C.

Session splicing

D.

Urgency flag

Question 48

This wireless security protocol allows 192-bit minimum-strength security protocols and cryptographic tools to protect sensitive data, such as GCMP-2S6. MMAC-SHA384, and ECDSA using a 384-bit elliptic curve. Which is this wireless security protocol?

Options:

A.

WPA2 Personal

B.

WPA3-Personal

C.

WPA2-Enterprise

D.

WPA3-Enterprise

Question 49

Chandler works as a pen-tester in an IT-firm in New York. As a part of detecting viruses in the systems, he uses a detection method where the anti-virus executes the malicious codes on a virtual machine to simulate CPU and memory activities. Which type of virus detection method did Chandler use in this context?

Options:

A.

Heuristic Analysis

B.

Code Emulation

C.

Scanning

D.

Integrity checking

Question 50

Which of the following Bluetooth hacking techniques does an attacker use to send messages to users without the recipient’s consent, similar to email spamming?

Options:

A.

Bluesmacking

B.

BlueSniffing

C.

Bluejacking

D.

Bluesnarfing

Question 51

Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?

Options:

A.

SFTP

B.

Ipsec

C.

SSL

D.

FTPS

Question 52

Which among the following is the best example of the hacking concept called "clearing tracks"?

Options:

A.

After a system is breached, a hacker creates a backdoor to allow re-entry into a system.

B.

During a cyberattack, a hacker injects a rootkit into a server.

C.

An attacker gains access to a server through an exploitable vulnerability.

D.

During a cyberattack, a hacker corrupts the event logs on all machines.

Question 53

Alex, a cloud security engineer working in Eyecloud Inc. is tasked with isolating applications from the underlying infrastructure and stimulating communication via well-defined channels. For this purpose, he used an open-source technology that helped him in developing, packaging, and running applications; further, the technology provides PaaS through OS-level visualization, delivers containerized software packages, and promotes fast software delivery. What is the cloud technology employed by Alex in the above scenario?

Options:

A.

Virtual machine

B.

Serverless computing

C.

Docker

D.

Zero trust network

Question 54

joe works as an it administrator in an organization and has recently set up a cloud computing service for the organization. To implement this service, he reached out to a telecom company for providing Internet connectivity and transport services between the organization and the cloud service provider, in the NIST cloud deployment reference architecture, under which category does the telecom company fall in the above scenario?

Options:

A.

Cloud booker

B.

Cloud consumer

C.

Cloud carrier

D.

Cloud auditor

Question 55

Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information about official government or federal databases. After gathering the Information, he successfully performed an attack on the target government organization without being traced. Which of the following techniques is described in the above scenario?

Options:

A.

Dark web footprinting

B.

VoIP footpnnting

C.

VPN footprinting

D.

website footprinting

Question 56

Which of the following programming languages is most susceptible to buffer overflow attacks, due to its lack of a built-in bounds checking mechanism?

Code:

#include int main(){char buffer[8];

strcpy(buffer, ““11111111111111111111111111111””);} Output: Segmentation fault

Options:

A.

C#

B.

Python

C.

Java

D.

C++

Question 57

OpenSSL on Linux servers includes a command line tool for testing TLS. What is the name of the tool and the correct syntax to connect to a web server?

Options:

A.

openssl s_client -site www.website.com:443

B.

openssl_client -site www.website.com:443

C.

openssl s_client -connect www.website.com:443

D.

openssl_client -connect www.website.com:443

Question 58

Which of the following provides a security professional with most information about the system’s security posture?

Options:

A.

Phishing, spamming, sending trojans

B.

Social engineering, company site browsing tailgating

C.

Wardriving, warchalking, social engineering

D.

Port scanning, banner grabbing service identification

Question 59

What is the minimum number of network connections in a multihomed firewall?

Options:

A.

3

B.

5

C.

4

D.

2

Question 60

Roma is a member of a security team. She was tasked with protecting the internal network of an organization from imminent threats. To accomplish this task, Roma fed threat intelligence into the security devices in a digital format to block and identify inbound and outbound malicious traffic entering the organization's network.

Which type of threat intelligence is used by Roma to secure the internal network?

Options:

A.

Technical threat intelligence

B.

Operational threat intelligence

C.

Tactical threat intelligence

D.

Strategic threat intelligence

Question 61

Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?

Options:

A.

Macro virus

B.

Stealth/Tunneling virus

C.

Cavity virus

D.

Polymorphic virus

Question 62

Eve is spending her day scanning the library computers. She notices that Alice is using a computer whose port 445 is active and listening. Eve uses the ENUM tool to enumerate Alice machine. From the command prompt, she types the following command.

What is Eve trying to do?

Options:

A.

Eve is trying to connect as a user with Administrator privileges

B.

Eve is trying to enumerate all users with Administrative privileges

C.

Eve is trying to carry out a password crack for user Administrator

D.

Eve is trying to escalate privilege of the null user to that of Administrator

Question 63

What two conditions must a digital signature meet?

Options:

A.

Has to be the same number of characters as a physical signature and must be unique.

B.

Has to be unforgeable, and has to be authentic.

C.

Must be unique and have special characters.

D.

Has to be legible and neat.

Question 64

Given below are different steps involved in the vulnerability-management life cycle.

1) Remediation

2) Identify assets and create a baseline

3) Verification

4) Monitor

5) Vulnerability scan

6) Risk assessment

Identify the correct sequence of steps involved in vulnerability management.

Options:

A.

2-->5-->6-->1-->3-->4

B.

2-->1-->5-->6-->4-->3

C.

2-->4-->5-->3-->6--> 1

D.

1-->2-->3-->4-->5-->6

Question 65

During the process of encryption and decryption, what keys are shared?

Options:

A.

Private keys

B.

User passwords

C.

Public keys

D.

Public and private keys

Question 66

The tools which receive event logs from servers, network equipment, and applications, and perform analysis and correlation on those logs, and can generate alarms for security relevant issues, are known as what?

Options:

A.

network Sniffer

B.

Vulnerability Scanner

C.

Intrusion prevention Server

D.

Security incident and event Monitoring

Question 67

Password cracking programs reverse the hashing process to recover passwords. (True/False.)

Options:

A.

True

B.

False

Question 68

An attacker identified that a user and an access point are both compatible with WPA2 and WPA3 encryption. The attacker installed a rogue access point with only WPA2 compatibility in the vicinity and forced the victim to go through the WPA2 four-way handshake to get connected. After the connection was established, the attacker used automated tools to crack WPA2-encrypted messages. What is the attack performed in the above scenario?

Options:

A.

Timing-based attack

B.

Side-channel attack

C.

Downgrade security attack

D.

Cache-based attack

Question 69

Identify the correct terminology that defines the above statement.

Options:

A.

Vulnerability Scanning

B.

Penetration Testing

C.

Security Policy Implementation

D.

Designing Network Security

Question 70

A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems.

What is the best security policy concerning this setup?

Options:

A.

Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.

B.

As long as the physical access to the network elements is restricted, there is no need for additional measures.

C.

There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.

D.

The operator knows that attacks and down time are inevitable and should have a backup site.

Question 71

An attacker scans a host with the below command. Which three flags are set?

# nmap -sX host.domain.com

Options:

A.

This is SYN scan. SYN flag is set.

B.

This is Xmas scan. URG, PUSH and FIN are set.

C.

This is ACK scan. ACK flag is set.

D.

This is Xmas scan. SYN and ACK flags are set.

Question 72

One of your team members has asked you to analyze the following SOA record. What is the version?

Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.) (Choose four.)

Options:

A.

200303028

B.

3600

C.

604800

D.

2400

E.

60

F.

4800

Question 73

By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally entered your login and password in plaintext.

Which file do you have to clean to clear the password?

Options:

A.

.X session-log

B.

.bashrc

C.

.profile

D.

.bash_history

Question 74

Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

Options:

A.

SOA

B.

biometrics

C.

single sign on

D.

PKI

Question 75

While browsing his Facebook teed, Matt sees a picture one of his friends posted with the caption. "Learn more about your friends!", as well as a number of personal questions. Matt is suspicious and texts his friend, who confirms that he did indeed post it. With assurance that the post is legitimate. Matt responds to the questions on the post, a few days later. Mates bank account has been accessed, and the password has been changed. What most likely happened?

Options:

A.

Matt inadvertently provided the answers to his security questions when responding to the post.

B.

Matt's bank-account login information was brute forced.

C.

Matt Inadvertently provided his password when responding to the post.

D.

Matt's computer was infected with a keylogger.

Question 76

Which is the first step followed by Vulnerability Scanners for scanning a network?

Options:

A.

OS Detection

B.

Firewall detection

C.

TCP/UDP Port scanning

D.

Checking if the remote host is alive

Question 77

Take a look at the following attack on a Web Server using obstructed URL:

How would you protect from these attacks?

Options:

A.

Configure the Web Server to deny requests involving "hex encoded" characters

B.

Create rules in IDS to alert on strange Unicode requests

C.

Use SSL authentication on Web Servers

D.

Enable Active Scripts Detection at the firewall and routers

Question 78

Dayn, an attacker, wanted to detect if any honeypots are installed in a target network. For this purpose, he used a time-based TCP fingerprinting method to validate the response to a normal computer and the response of a honeypot to a manual SYN request. Which of the following techniques is employed by Dayn to detect honeypots?

Options:

A.

Detecting honeypots running on VMware

B.

Detecting the presence of Honeyd honeypots

C.

Detecting the presence of Snort_inline honeypots

D.

Detecting the presence of Sebek-based honeypots

Question 79

Why is a penetration test considered to be more thorough than vulnerability scan?

Options:

A.

Vulnerability scans only do host discovery and port scanning by default.

B.

A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a vulnerability scan does not typically involve active exploitation.

C.

It is not – a penetration test is often performed by an automated tool, while a vulnerability scan requires active engagement.

D.

The tools used by penetration testers tend to have much more comprehensive vulnerability databases.

Page: 1 / 53
Total 528 questions