You have already completed the Test before. Hence you can not start it again.
Test is loading...
You must sign in or sign up to start the Test.
You have to finish following quiz, to start this Test:
Your results are here!! for" CEH Practice Test 14 "
0 of 64 questions answered correctly
Your time:
Time has elapsed
Your Final Score is : 0
You have attempted : 0
Number of Correct Questions : 0 and scored 0
Number of Incorrect Questions : 0 and Negative marks 0
Average score
Your score
CEH
You have attempted: 0
Number of Correct Questions: 0 and scored 0
Number of Incorrect Questions: 0 and Negative marks 0
You can review your answers by clicking view questions. Important Note : Open Reference Documentation Links in New Tab (Right Click and Open in New Tab).
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
Answered
Review
Question 1 of 64
1. Question
This application allows developers to test vulnerabilities commonly found in Java-based applications.
Correct
WebGoat is a deliberately insecure application that allows interested developers to test vulnerabilities commonly found in Java-based applications that uses common and popular open-source components.
Incorrect
WebGoat is a deliberately insecure application that allows interested developers to test vulnerabilities commonly found in Java-based applications that uses common and popular open-source components.
Unattempted
WebGoat is a deliberately insecure application that allows interested developers to test vulnerabilities commonly found in Java-based applications that uses common and popular open-source components.
Question 2 of 64
2. Question
In user authentication, which of the following is/are considered as “something you are”?
Correct
Iris scan, fingerprint, and facial recognition are all considered as “something you are”, while PIN is “something you know”.
Incorrect
Iris scan, fingerprint, and facial recognition are all considered as “something you are”, while PIN is “something you know”.
Unattempted
Iris scan, fingerprint, and facial recognition are all considered as “something you are”, while PIN is “something you know”.
Question 3 of 64
3. Question
XOR is a common cryptographical tool. What will be the result if you apply XOR in the following binary values: 11001100, 01101010?
Correct
XOR (eXclusive OR) is a boolean logic operation that is widely used in cryptography. It is used in generating parity bits for error checking and fault tolerance. The output is True (or 1) if and only if the two inputs are different. The output is false (or 0) if the two inputs have the same value.
Incorrect
XOR (eXclusive OR) is a boolean logic operation that is widely used in cryptography. It is used in generating parity bits for error checking and fault tolerance. The output is True (or 1) if and only if the two inputs are different. The output is false (or 0) if the two inputs have the same value.
Unattempted
XOR (eXclusive OR) is a boolean logic operation that is widely used in cryptography. It is used in generating parity bits for error checking and fault tolerance. The output is True (or 1) if and only if the two inputs are different. The output is false (or 0) if the two inputs have the same value.
Question 4 of 64
4. Question
This analysis provides the possible consequences when one of company’s critical processes were disrupted.
Correct
A business impact analysis (BIA) predicts the consequences of disruption of a business function and process and gathers information needed to develop recovery strategies. Potential loss scenarios should be identified during a risk assessment.
Incorrect
A business impact analysis (BIA) predicts the consequences of disruption of a business function and process and gathers information needed to develop recovery strategies. Potential loss scenarios should be identified during a risk assessment.
Unattempted
A business impact analysis (BIA) predicts the consequences of disruption of a business function and process and gathers information needed to develop recovery strategies. Potential loss scenarios should be identified during a risk assessment.
Question 5 of 64
5. Question
Which protocol will allow you to guess a sequence number when you are attempting to man-in-the-middle a session?
Correct
To establish a TCP session, the client starts by sending a SYN packet with a sequence number. To hijack the session, it is required to send a packet with the right sequence number, otherwise, they are dropped.
Incorrect
To establish a TCP session, the client starts by sending a SYN packet with a sequence number. To hijack the session, it is required to send a packet with the right sequence number, otherwise, they are dropped.
Unattempted
To establish a TCP session, the client starts by sending a SYN packet with a sequence number. To hijack the session, it is required to send a packet with the right sequence number, otherwise, they are dropped.
Question 6 of 64
6. Question
The goal of this type of malware is not to steal confidential information, but rather, to restrict the user from using the system.
Correct
Ransomware is a form of malware that restricts the user from accessing their infected computer system or files and then asks for a ransom payment to regain user access. The main goal of a ransomware attack is to extort money from its victims.
Incorrect
Ransomware is a form of malware that restricts the user from accessing their infected computer system or files and then asks for a ransom payment to regain user access. The main goal of a ransomware attack is to extort money from its victims.
Unattempted
Ransomware is a form of malware that restricts the user from accessing their infected computer system or files and then asks for a ransom payment to regain user access. The main goal of a ransomware attack is to extort money from its victims.
Question 7 of 64
7. Question
Which of the following architecture is designed to verify and authenticate individuals taking part in a data exchange within an enterprise?
Correct
PKI or Public Key Infrastructure is a security architecture developed to increase the secured transfer of information. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking, and confidential email.
Incorrect
PKI or Public Key Infrastructure is a security architecture developed to increase the secured transfer of information. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking, and confidential email.
Unattempted
PKI or Public Key Infrastructure is a security architecture developed to increase the secured transfer of information. The purpose of a PKI is to facilitate the secure electronic transfer of information for a range of network activities such as e-commerce, internet banking, and confidential email.
Question 8 of 64
8. Question
The NMAP command “nmap -sn 192.32.111.107” performs which of the following?
Correct
“nmap-sn” means no port scan. This means that Nmap will not do a port scan after the host discovery and only prints out the available hosts that responded to the host discovery probes. This is often known as a “ping scan”.
Incorrect
“nmap-sn” means no port scan. This means that Nmap will not do a port scan after the host discovery and only prints out the available hosts that responded to the host discovery probes. This is often known as a “ping scan”.
Unattempted
“nmap-sn” means no port scan. This means that Nmap will not do a port scan after the host discovery and only prints out the available hosts that responded to the host discovery probes. This is often known as a “ping scan”.
Question 9 of 64
9. Question
Which of the following does not belong to the group?
Correct
Iris scan, fingerprint, and facial recognition are all considered as “something you are”, while PIN is “something you know”.
Incorrect
Iris scan, fingerprint, and facial recognition are all considered as “something you are”, while PIN is “something you know”.
Unattempted
Iris scan, fingerprint, and facial recognition are all considered as “something you are”, while PIN is “something you know”.
Question 10 of 64
10. Question
It is a comprehensive tool for man-in-the-middle (MITM) attacks that can be used for computer network protocol analysis and security auditing.
Correct
Ettercap is a comprehensive suite for man-in-the-middle attacks. It features sniffing of live connections, content filtering on the fly, and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.
Incorrect
Ettercap is a comprehensive suite for man-in-the-middle attacks. It features sniffing of live connections, content filtering on the fly, and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.
Unattempted
Ettercap is a comprehensive suite for man-in-the-middle attacks. It features sniffing of live connections, content filtering on the fly, and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.
Question 11 of 64
11. Question
Which of the following restriction does a “white box testing ” methodology enforces?
Correct
A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.
Incorrect
A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.
Unattempted
A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.
Question 12 of 64
12. Question
Wireless intrusion prevention system (WIPS) operates at what layer of the Open Systems Interconnection (OSI) model?
Correct
Wireless intrusion prevention system (WIPS) works at the data link layer (Layer 2) of the Open Systems Interconnection (OSI) model. It has the capability of discovering the presence of misconfigured devices and mitigating them from operating on wireless enterprise networks.
Incorrect
Wireless intrusion prevention system (WIPS) works at the data link layer (Layer 2) of the Open Systems Interconnection (OSI) model. It has the capability of discovering the presence of misconfigured devices and mitigating them from operating on wireless enterprise networks.
Unattempted
Wireless intrusion prevention system (WIPS) works at the data link layer (Layer 2) of the Open Systems Interconnection (OSI) model. It has the capability of discovering the presence of misconfigured devices and mitigating them from operating on wireless enterprise networks.
Question 13 of 64
13. Question
A security audit of network systems must be performed to determine compliance with security policies. Which of the following tools would most likely be used in such an audit?
Correct
Vulnerability scanning is a method used to check whether a system is exploitable by identifying its vulnerabilities. A vulnerability scanner consists of a scanning engine and a catalog. These tools generally target vulnerabilities that secure host configurations can fix easily, updated security patches, and a clean Web document.
Incorrect
Vulnerability scanning is a method used to check whether a system is exploitable by identifying its vulnerabilities. A vulnerability scanner consists of a scanning engine and a catalog. These tools generally target vulnerabilities that secure host configurations can fix easily, updated security patches, and a clean Web document.
Unattempted
Vulnerability scanning is a method used to check whether a system is exploitable by identifying its vulnerabilities. A vulnerability scanner consists of a scanning engine and a catalog. These tools generally target vulnerabilities that secure host configurations can fix easily, updated security patches, and a clean Web document.
Question 14 of 64
14. Question
This is a fast-moving virus that can affect both the boot sector and the program files at the same time, thus causing more damage than any other kind of virus
Correct
A multipartite virus is a fast-moving virus that uses file infectors or boot infectors to attack the boot sector and executable files simultaneously. Most viruses either affect the boot sector, the system or the program files. The multipartite virus can affect both the boot sector and the program files at the same time, thus causing more damage than any other kind of virus
Incorrect
A multipartite virus is a fast-moving virus that uses file infectors or boot infectors to attack the boot sector and executable files simultaneously. Most viruses either affect the boot sector, the system or the program files. The multipartite virus can affect both the boot sector and the program files at the same time, thus causing more damage than any other kind of virus
Unattempted
A multipartite virus is a fast-moving virus that uses file infectors or boot infectors to attack the boot sector and executable files simultaneously. Most viruses either affect the boot sector, the system or the program files. The multipartite virus can affect both the boot sector and the program files at the same time, thus causing more damage than any other kind of virus
Question 15 of 64
15. Question
Which definition among those given below best describes a covert channel?
Correct
An Internet covert channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility. An attacker can use Internet covert channels to transmit sensitive documents unobserved, bypassing network security measures.
Incorrect
An Internet covert channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility. An attacker can use Internet covert channels to transmit sensitive documents unobserved, bypassing network security measures.
Unattempted
An Internet covert channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility. An attacker can use Internet covert channels to transmit sensitive documents unobserved, bypassing network security measures.
Question 16 of 64
16. Question
A cybercriminal uses a communication channel within an operating system that is neither designed nor intended to transfer information. What communications channel is described here?
Correct
An Internet covert channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility. An attacker can use Internet covert channels to transmit sensitive documents unobserved, bypassing network security measures.
Incorrect
An Internet covert channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility. An attacker can use Internet covert channels to transmit sensitive documents unobserved, bypassing network security measures.
Unattempted
An Internet covert channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility. An attacker can use Internet covert channels to transmit sensitive documents unobserved, bypassing network security measures.
Question 17 of 64
17. Question
This type of hacker refers to an individual who works both offensively and defensively at various times. Their intention can either be to simply gain knowledge or to illegally make changes.
Correct
Gray hat hackers are a mixture of white hat hackers and black hat hackers. They exploit a network’s vulnerability without the owner’s permission with no malicious intent. They usually do this for fun and because they can.
Incorrect
Gray hat hackers are a mixture of white hat hackers and black hat hackers. They exploit a network’s vulnerability without the owner’s permission with no malicious intent. They usually do this for fun and because they can.
Unattempted
Gray hat hackers are a mixture of white hat hackers and black hat hackers. They exploit a network’s vulnerability without the owner’s permission with no malicious intent. They usually do this for fun and because they can.
Question 18 of 64
18. Question
This tool is used to analyze the files produced by packet-capture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?
Correct
Tcptrace is a tool for the analysis of TCP dump files. It can take as input the files produced by several popular packet-capture programs, including tcpdump/WinDump/Wireshark, snoop, EtherPeek, and Agilent NetMetrix.
Incorrect
Tcptrace is a tool for the analysis of TCP dump files. It can take as input the files produced by several popular packet-capture programs, including tcpdump/WinDump/Wireshark, snoop, EtherPeek, and Agilent NetMetrix.
Unattempted
Tcptrace is a tool for the analysis of TCP dump files. It can take as input the files produced by several popular packet-capture programs, including tcpdump/WinDump/Wireshark, snoop, EtherPeek, and Agilent NetMetrix.
Question 19 of 64
19. Question
Which of the following describes the Connection Stream Parameter Pollution (CSPP) attack?
Correct
The so-called Connection String Parameter Pollution (CSPP) attack exploits poorly secured dynamic connections between Web apps and databases, namely ones that still use semicolons as separators between data such as the data source, user ID, and password associated with a connection to the database, for instance.
Incorrect
The so-called Connection String Parameter Pollution (CSPP) attack exploits poorly secured dynamic connections between Web apps and databases, namely ones that still use semicolons as separators between data such as the data source, user ID, and password associated with a connection to the database, for instance.
Unattempted
The so-called Connection String Parameter Pollution (CSPP) attack exploits poorly secured dynamic connections between Web apps and databases, namely ones that still use semicolons as separators between data such as the data source, user ID, and password associated with a connection to the database, for instance.
Question 20 of 64
20. Question
This high-level programming language is vulnerable to buffer overflow attacks.
Correct
C/C++ are high-level programming languages that are vulnerable to buffer overflow attacks.
Incorrect
C/C++ are high-level programming languages that are vulnerable to buffer overflow attacks.
Unattempted
C/C++ are high-level programming languages that are vulnerable to buffer overflow attacks.
Question 21 of 64
21. Question
This type of attack targets a groups of users by infecting websites that they commonly visit.
Correct
A watering hole attack is a targeted attack designed to compromise users within a specific industry or group of users by infecting websites they typically visit and luring them to a malicious site. The end goal is to infect the users computer and gain access to the organizations network.
Incorrect
A watering hole attack is a targeted attack designed to compromise users within a specific industry or group of users by infecting websites they typically visit and luring them to a malicious site. The end goal is to infect the users computer and gain access to the organizations network.
Unattempted
A watering hole attack is a targeted attack designed to compromise users within a specific industry or group of users by infecting websites they typically visit and luring them to a malicious site. The end goal is to infect the users computer and gain access to the organizations network.
Question 22 of 64
22. Question
This phase is critical as it will greatly affect the success of a penetration testing. This is also the most important phase of ethical hacking in which you need to spend a considerable amount of time.
Correct
Footprinting or reconnaissance is the first step in ethical hacking. The penetration tester will use this to evaluate the security of any IT infrastructure. Footprinting also means gathering all information about the computer system or a network and all the devices that are attached to this.
Incorrect
Footprinting or reconnaissance is the first step in ethical hacking. The penetration tester will use this to evaluate the security of any IT infrastructure. Footprinting also means gathering all information about the computer system or a network and all the devices that are attached to this.
Unattempted
Footprinting or reconnaissance is the first step in ethical hacking. The penetration tester will use this to evaluate the security of any IT infrastructure. Footprinting also means gathering all information about the computer system or a network and all the devices that are attached to this.
Question 23 of 64
23. Question
XYZ company hired Jane, a security consultant, to do a physical penetration testing. On the first day of her assessment, she goes to the company`s building dressed like housekeeping. She waited in the lobby for any unsuspecting employee to pass through the main access gate, then followed the employee behind to get into the restricted area. What type of attack was performed by Jane?
Correct
Tailgaiting is an act where the unauthorized person was able to enter the premises without the authorized person’s knowledge. To avoid Tailgating, employees should be wary of their surroundings.
Incorrect
Tailgaiting is an act where the unauthorized person was able to enter the premises without the authorized person’s knowledge. To avoid Tailgating, employees should be wary of their surroundings.
Unattempted
Tailgaiting is an act where the unauthorized person was able to enter the premises without the authorized person’s knowledge. To avoid Tailgating, employees should be wary of their surroundings.
Question 24 of 64
24. Question
Cross-site request forgery involves which of the following:
Correct
Cross-site request forgery, also known as CSRF is a type of malicious exploit that allows an attacker to trick users to perform actions that they do not intend to. Some examples are changing the email address and/or password, or making a funds transfer. Depending on the nature of the action, the attacker might be able to gain full control over the user’s account.
Incorrect
Cross-site request forgery, also known as CSRF is a type of malicious exploit that allows an attacker to trick users to perform actions that they do not intend to. Some examples are changing the email address and/or password, or making a funds transfer. Depending on the nature of the action, the attacker might be able to gain full control over the user’s account.
Unattempted
Cross-site request forgery, also known as CSRF is a type of malicious exploit that allows an attacker to trick users to perform actions that they do not intend to. Some examples are changing the email address and/or password, or making a funds transfer. Depending on the nature of the action, the attacker might be able to gain full control over the user’s account.
Question 25 of 64
25. Question
What do you call an attack which uses a combination of brute force and dictionary methods to have a variation of words?
Correct
Hybrid Attacks are a kind of cyberattack where the perpetrator blends two or more kinds of tools to carry out the assault. A typical hybrid attack is one that merges a dictionary attack and a brute-force attack.
Incorrect
Hybrid Attacks are a kind of cyberattack where the perpetrator blends two or more kinds of tools to carry out the assault. A typical hybrid attack is one that merges a dictionary attack and a brute-force attack.
Unattempted
Hybrid Attacks are a kind of cyberattack where the perpetrator blends two or more kinds of tools to carry out the assault. A typical hybrid attack is one that merges a dictionary attack and a brute-force attack.
Question 26 of 64
26. Question
This is defined as a short-range wireless communication technology replacing the cables connecting portable devices while maintaining high levels of security. It allows mobile phones, computers, and other devices to connect and communicate using a short-range wireless connection.
Correct
Bluetooth is a standard for the short-range wireless interconnection of mobile phones, computers, and other electronic devices.
Incorrect
Bluetooth is a standard for the short-range wireless interconnection of mobile phones, computers, and other electronic devices.
Unattempted
Bluetooth is a standard for the short-range wireless interconnection of mobile phones, computers, and other electronic devices.
Question 27 of 64
27. Question
Theon logged in as an admin account. He wants to know what to type on the windows command line to launch the Group Policy Editor.
Correct
To open the Group Policy Editor from the command line just type gpedit.msc in your run box or at the command line.
Incorrect
To open the Group Policy Editor from the command line just type gpedit.msc in your run box or at the command line.
Unattempted
To open the Group Policy Editor from the command line just type gpedit.msc in your run box or at the command line.
Question 28 of 64
28. Question
Which of the following restriction does a “black box testing” methodology enforces?
Correct
A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.
Incorrect
A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.
Unattempted
A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.
Question 29 of 64
29. Question
SIA Global Security decides to implement a risk management strategy. Which of the following belongs to the five basic responses to risk?
Correct
There are five main ways to manage risks. These are acceptance, avoidance, transference, mitigation, or exploitation.
Incorrect
There are five main ways to manage risks. These are acceptance, avoidance, transference, mitigation, or exploitation.
Unattempted
There are five main ways to manage risks. These are acceptance, avoidance, transference, mitigation, or exploitation.
Question 30 of 64
30. Question
Which of the following is a widely used standard for message logging. It also permits the separation of the software that generates messages, the system that stores them, and the software that reports and analyzes them. Which of the following is being described?
Correct
Syslog or System Logging Protocol is a standard for message logging. It is a standard for sending and receiving notification messages from various network devices. The messages include time stamps, event messages, severity, host IP addresses, diagnostics, and more. Syslog was designed to monitor network devices and systems to send out notification messages if there are any issues with functioning. It also sends out alerts for pre-notified events and monitors suspicious activity via the change log/event log of participating network devices.
Incorrect
Syslog or System Logging Protocol is a standard for message logging. It is a standard for sending and receiving notification messages from various network devices. The messages include time stamps, event messages, severity, host IP addresses, diagnostics, and more. Syslog was designed to monitor network devices and systems to send out notification messages if there are any issues with functioning. It also sends out alerts for pre-notified events and monitors suspicious activity via the change log/event log of participating network devices.
Unattempted
Syslog or System Logging Protocol is a standard for message logging. It is a standard for sending and receiving notification messages from various network devices. The messages include time stamps, event messages, severity, host IP addresses, diagnostics, and more. Syslog was designed to monitor network devices and systems to send out notification messages if there are any issues with functioning. It also sends out alerts for pre-notified events and monitors suspicious activity via the change log/event log of participating network devices.
Question 31 of 64
31. Question
Principle of Least Privilege (PoLP) is a security concept that requires a user/employee to:
Correct
The principle of least privilege (PoLP) refers to an information security concept in which a user is given the minimum levels of access – or permissions – needed to perform his/her job functions.
Incorrect
The principle of least privilege (PoLP) refers to an information security concept in which a user is given the minimum levels of access – or permissions – needed to perform his/her job functions.
Unattempted
The principle of least privilege (PoLP) refers to an information security concept in which a user is given the minimum levels of access – or permissions – needed to perform his/her job functions.
Question 32 of 64
32. Question
You received an email with an attachment labeled “Holiday_Sale_2021” which you thought came from your favorite shop. Inside the zip file is a file named “Holiday_Sale_2021.docx.exe” disguised as a word document. Upon execution, a window appears stating, “This word document is corrupt.” In the background, the file copies itself to your APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries. You encountered which type of malware?
Correct
A Trojan is a type of malware in which it disguises itself as something that it isn’t. Trojans often masquerades as a legitimate application, file, or seemingly harmless program to trick its victims into installing it.
Incorrect
A Trojan is a type of malware in which it disguises itself as something that it isn’t. Trojans often masquerades as a legitimate application, file, or seemingly harmless program to trick its victims into installing it.
Unattempted
A Trojan is a type of malware in which it disguises itself as something that it isn’t. Trojans often masquerades as a legitimate application, file, or seemingly harmless program to trick its victims into installing it.
Question 33 of 64
33. Question
Iya received an email attachment named “YouWonGrandPrize.zip.” The zip file contains a file named “ClaimYourPrize.docx.exe.” Out of excitement and curiosity, Iya immediately opened the said file. Without her knowledge, the file copies itself to Iya’s APPDATA\IocaI directory and begins to beacon to a Command-and-control server to download additional malicious binaries. Iya encountered which type of malware?
Correct
A Trojan is a type of malware in which it disguises itself as something that it isn’t. Trojans often masquerades as a legitimate application, file, or seemingly harmless program to trick its victims into installing it.
Incorrect
A Trojan is a type of malware in which it disguises itself as something that it isn’t. Trojans often masquerades as a legitimate application, file, or seemingly harmless program to trick its victims into installing it.
Unattempted
A Trojan is a type of malware in which it disguises itself as something that it isn’t. Trojans often masquerades as a legitimate application, file, or seemingly harmless program to trick its victims into installing it.
Question 34 of 64
34. Question
Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct Diffie-Hellman (DH) group for the 2048-bit key?
Correct
DH Group 1: 768-bit group
DH Group 2: 1024-bit group
DH Group 5: 1536-bit group
DH Group 14: 2048-bit group
DH Group 15: 3072-bit group
Incorrect
DH Group 1: 768-bit group
DH Group 2: 1024-bit group
DH Group 5: 1536-bit group
DH Group 14: 2048-bit group
DH Group 15: 3072-bit group
Unattempted
DH Group 1: 768-bit group
DH Group 2: 1024-bit group
DH Group 5: 1536-bit group
DH Group 14: 2048-bit group
DH Group 15: 3072-bit group
Question 35 of 64
35. Question
This protocol is specifically designed for transporting event messages?
Correct
Syslog or System Logging Protocol is a standard for message logging. It is a standard for sending and receiving notification messages from various network devices. The messages include time stamps, event messages, severity, host IP addresses, diagnostics, and more. Syslog was designed to monitor network devices and systems to send out notification messages if there are any issues with functioning. It also sends out alerts for pre-notified events and monitors suspicious activity via the change log/event log of participating network devices.
Incorrect
Syslog or System Logging Protocol is a standard for message logging. It is a standard for sending and receiving notification messages from various network devices. The messages include time stamps, event messages, severity, host IP addresses, diagnostics, and more. Syslog was designed to monitor network devices and systems to send out notification messages if there are any issues with functioning. It also sends out alerts for pre-notified events and monitors suspicious activity via the change log/event log of participating network devices.
Unattempted
Syslog or System Logging Protocol is a standard for message logging. It is a standard for sending and receiving notification messages from various network devices. The messages include time stamps, event messages, severity, host IP addresses, diagnostics, and more. Syslog was designed to monitor network devices and systems to send out notification messages if there are any issues with functioning. It also sends out alerts for pre-notified events and monitors suspicious activity via the change log/event log of participating network devices.
Question 36 of 64
36. Question
This property guarantees that no hash function will generate similar hashed value for two different messages?
Correct
Collision resistance ensures that no hash function will produce the same value for two different inputs.
Incorrect
Collision resistance ensures that no hash function will produce the same value for two different inputs.
Unattempted
Collision resistance ensures that no hash function will produce the same value for two different inputs.
Question 37 of 64
37. Question
Which of the following is/are an example of passive reconnaissance?
Correct
Passive reconnaissance is the process of gaining valuable information without alerting the potential victim. An example of passive reconnaissance is reviewing or checking the targeted company’s website. Some good examples of passive reconnaissance are Shodan, Spyse, theHarvester, and Wireshark.
Incorrect
Passive reconnaissance is the process of gaining valuable information without alerting the potential victim. An example of passive reconnaissance is reviewing or checking the targeted company’s website. Some good examples of passive reconnaissance are Shodan, Spyse, theHarvester, and Wireshark.
Unattempted
Passive reconnaissance is the process of gaining valuable information without alerting the potential victim. An example of passive reconnaissance is reviewing or checking the targeted company’s website. Some good examples of passive reconnaissance are Shodan, Spyse, theHarvester, and Wireshark.
Question 38 of 64
38. Question
A hacker wants to leak classified information. For him to defeat a multi-level security solution, he can use:
Correct
An Internet covert channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility. An attacker can use Internet covert channels to transmit sensitive documents unobserved – in this case, bypassing network security measures rather than bypassing security guards.
Incorrect
An Internet covert channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility. An attacker can use Internet covert channels to transmit sensitive documents unobserved – in this case, bypassing network security measures rather than bypassing security guards.
Unattempted
An Internet covert channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility. An attacker can use Internet covert channels to transmit sensitive documents unobserved – in this case, bypassing network security measures rather than bypassing security guards.
Question 39 of 64
39. Question
Van, a security analyst in an insurance company, is assigned to test a new web application that will be used by clients in choosing and applying for an insurance plan. He discovered that the application was developed in ASP scripting language and it uses MSSQL as a database backend. He locates the application’s search form and sends the following code in the search input field:
Correct
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious script on a victim’s system by hiding it within legitimate requests. Hackers can also bypass authentication mechanisms, gain privileges, and then inject malicious scripts into specific web pages. These malicious scripts can hijack user sessions, deface web sites, or redirect the user to malicious sites
Incorrect
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious script on a victim’s system by hiding it within legitimate requests. Hackers can also bypass authentication mechanisms, gain privileges, and then inject malicious scripts into specific web pages. These malicious scripts can hijack user sessions, deface web sites, or redirect the user to malicious sites
Unattempted
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious script on a victim’s system by hiding it within legitimate requests. Hackers can also bypass authentication mechanisms, gain privileges, and then inject malicious scripts into specific web pages. These malicious scripts can hijack user sessions, deface web sites, or redirect the user to malicious sites
Question 40 of 64
40. Question
Which of the following protocol is used for setting up secure channels between two devices, typically in VPNs?
Correct
IPsec is a group of networking protocols used for setting up secure encrypted connections, such as VPNs, across publicly shared networks.
Incorrect
IPsec is a group of networking protocols used for setting up secure encrypted connections, such as VPNs, across publicly shared networks.
Unattempted
IPsec is a group of networking protocols used for setting up secure encrypted connections, such as VPNs, across publicly shared networks.
Question 41 of 64
41. Question
This method provides a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation.
Correct
Penetration testing is a methodological approach to security assessment that encompasses the security audit and vulnerability assessment and demonstrates if the vulnerabilities in the system can be successfully exploited by attackers.
Incorrect
Penetration testing is a methodological approach to security assessment that encompasses the security audit and vulnerability assessment and demonstrates if the vulnerabilities in the system can be successfully exploited by attackers.
Unattempted
Penetration testing is a methodological approach to security assessment that encompasses the security audit and vulnerability assessment and demonstrates if the vulnerabilities in the system can be successfully exploited by attackers.
Question 42 of 64
42. Question
A hacker was able to install a sniffer program in a switched environment network. Which attack could he use to sniff all of the packets in the network?
Correct
MAC flooding is a technique used to compromise the security of network switches that connect network segments or network devices. Attackers use the MAC flooding technique to force a switch to act as a hub so that they can easily sniff the traffic.
Incorrect
MAC flooding is a technique used to compromise the security of network switches that connect network segments or network devices. Attackers use the MAC flooding technique to force a switch to act as a hub so that they can easily sniff the traffic.
Unattempted
MAC flooding is a technique used to compromise the security of network switches that connect network segments or network devices. Attackers use the MAC flooding technique to force a switch to act as a hub so that they can easily sniff the traffic.
Question 43 of 64
43. Question
This outlines the procedures that help protect the organizational resources and the rules that control access to them.
Correct
Access Control Policy (ACP) outlines the procedures that help in protecting organizational resources and the rules that control access to them. It enables organizations to track their assets.
Incorrect
Access Control Policy (ACP) outlines the procedures that help in protecting organizational resources and the rules that control access to them. It enables organizations to track their assets.
Unattempted
Access Control Policy (ACP) outlines the procedures that help in protecting organizational resources and the rules that control access to them. It enables organizations to track their assets.
Question 44 of 64
44. Question
This software is used to detect weak passwords that could put network security at risk.
Correct
John the Ripper is often used in the enterprise to detect weak passwords that could put network security at risk, as well as other administrative purposes. The software can run a wide variety of password-cracking techniques against the various user accounts on each operating system and can be scripted to run locally or remotely.
Incorrect
John the Ripper is often used in the enterprise to detect weak passwords that could put network security at risk, as well as other administrative purposes. The software can run a wide variety of password-cracking techniques against the various user accounts on each operating system and can be scripted to run locally or remotely.
Unattempted
John the Ripper is often used in the enterprise to detect weak passwords that could put network security at risk, as well as other administrative purposes. The software can run a wide variety of password-cracking techniques against the various user accounts on each operating system and can be scripted to run locally or remotely.
Question 45 of 64
45. Question
This security operation is used to determine the attack surface of an organization
Correct
For a network scan, the goal is to document the exposed attack surface along with any easily detected vulnerabilities.
Incorrect
For a network scan, the goal is to document the exposed attack surface along with any easily detected vulnerabilities.
Unattempted
For a network scan, the goal is to document the exposed attack surface along with any easily detected vulnerabilities.
Question 46 of 64
46. Question
This type of malware restricts the user from accessing their computer system and demands that the user pay a certain amount of money to the cybercriminal to remove the restriction.
Correct
Ransomware is a form of malware that restricts the user from accessing their infected computer system or files and then asks for a ransom payment to regain user access. The main goal of a ransomware attack is to extort money from its victims.
Incorrect
Ransomware is a form of malware that restricts the user from accessing their infected computer system or files and then asks for a ransom payment to regain user access. The main goal of a ransomware attack is to extort money from its victims.
Unattempted
Ransomware is a form of malware that restricts the user from accessing their infected computer system or files and then asks for a ransom payment to regain user access. The main goal of a ransomware attack is to extort money from its victims.
Question 47 of 64
47. Question
Which of the following is considered a brute force attack?
Correct
In a brute force attack, cybercriminals try every combination of characters until the password is broken. Even though all passwords will be found, this attack is very time consuming.
Incorrect
In a brute force attack, cybercriminals try every combination of characters until the password is broken. Even though all passwords will be found, this attack is very time consuming.
Unattempted
In a brute force attack, cybercriminals try every combination of characters until the password is broken. Even though all passwords will be found, this attack is very time consuming.
Question 48 of 64
48. Question
Which of the following cipher encrypts a block of plain text rather than one by one?
Correct
Block cipher converts the plain text into cipher text by taking plain text’s block at a time.
Incorrect
Block cipher converts the plain text into cipher text by taking plain text’s block at a time.
Unattempted
Block cipher converts the plain text into cipher text by taking plain text’s block at a time.
Question 49 of 64
49. Question
Andrea is the security administrator of a large financial company. One day she notices that the company’s Oracle database server has been compromised, and customer information along with financial data has been stolen. She wants to report the crime immediately. Which organization coordinates computer crime investigations throughout the United States?
Correct
The National Infrastructure Protection Center (NIPC) was a unit of the United States federal government charged with protecting computer systems and information systems critical to the United States’ infrastructure.
Incorrect
The National Infrastructure Protection Center (NIPC) was a unit of the United States federal government charged with protecting computer systems and information systems critical to the United States’ infrastructure.
Unattempted
The National Infrastructure Protection Center (NIPC) was a unit of the United States federal government charged with protecting computer systems and information systems critical to the United States’ infrastructure.
Question 50 of 64
50. Question
Which of the following SHA or Secure Hashing Algorithm can produce a 160-bit digest from a message with a maximum length of (264-1) bits and resembles the MD5 algorithm?
Correct
Secure Hash Algorithm 1 or SHA-1 is a cryptographic hash function that produces a 160-bit (20-byte) hash value.
Incorrect
Secure Hash Algorithm 1 or SHA-1 is a cryptographic hash function that produces a 160-bit (20-byte) hash value.
Unattempted
Secure Hash Algorithm 1 or SHA-1 is a cryptographic hash function that produces a 160-bit (20-byte) hash value.
Question 51 of 64
51. Question
Which of the following physical characteristics is/are ideal to be used in a biometric control for a start-up and stable company?
Correct
Height and weight are NOT ideal choices for biometric controls. Even though these provide some information about the user, they lack distinctiveness and permanence to sufficiently differentiate the user from each other.
Incorrect
Height and weight are NOT ideal choices for biometric controls. Even though these provide some information about the user, they lack distinctiveness and permanence to sufficiently differentiate the user from each other.
Unattempted
Height and weight are NOT ideal choices for biometric controls. Even though these provide some information about the user, they lack distinctiveness and permanence to sufficiently differentiate the user from each other.
Question 52 of 64
52. Question
Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct Diffie-Hellman (DH) group for 1024 bit key?
Correct
DH Group 1: 768-bit group
DH Group 2: 1024-bit group
DH Group 5: 1536-bit group
DH Group 14: 2048-bit group
DH Group 15: 3072-bit group
Incorrect
DH Group 1: 768-bit group
DH Group 2: 1024-bit group
DH Group 5: 1536-bit group
DH Group 14: 2048-bit group
DH Group 15: 3072-bit group
Unattempted
DH Group 1: 768-bit group
DH Group 2: 1024-bit group
DH Group 5: 1536-bit group
DH Group 14: 2048-bit group
DH Group 15: 3072-bit group
Question 53 of 64
53. Question
It is critical to know the HTTP Methods that are available when getting information about a web server. The two important methods are PUT and DEL. PUT can upload a file to the server and DELETE can delete a file from the server. These methods (GET, POST, HEAD, PUT, DELETE, TRACE) can be detected by using which of the following Nmap script?
Correct
HTTP method vulnerability can be checked using NMAP. Example: #nmap -script=http-methods.nse 192.168.0.50
Incorrect
HTTP method vulnerability can be checked using NMAP. Example: #nmap -script=http-methods.nse 192.168.0.50
Unattempted
HTTP method vulnerability can be checked using NMAP. Example: #nmap -script=http-methods.nse 192.168.0.50
Question 54 of 64
54. Question
Which of the following is the BEST approach in mitigating Cross-site Scripting (XSS) flaws?
Correct
Minimizing cross-site scripting flaws includes escaping suspicious HTTP requests, validating or sanitizing user-generated content, and enabling content security policy (CSP) as an added layer of in-depth defense in mitigating XSS.
Incorrect
Minimizing cross-site scripting flaws includes escaping suspicious HTTP requests, validating or sanitizing user-generated content, and enabling content security policy (CSP) as an added layer of in-depth defense in mitigating XSS.
Unattempted
Minimizing cross-site scripting flaws includes escaping suspicious HTTP requests, validating or sanitizing user-generated content, and enabling content security policy (CSP) as an added layer of in-depth defense in mitigating XSS.
Question 55 of 64
55. Question
This channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility.
Correct
An Internet covert channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility. An attacker can use Internet covert channels to transmit sensitive documents unobserved, bypassing network security measures.
Incorrect
An Internet covert channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility. An attacker can use Internet covert channels to transmit sensitive documents unobserved, bypassing network security measures.
Unattempted
An Internet covert channel is the digital equivalent of a briefcase with a secret compartment that a spy might use to slip sensitive documents past security guards into or out of a secure facility. An attacker can use Internet covert channels to transmit sensitive documents unobserved, bypassing network security measures.
Question 56 of 64
56. Question
Which of the following biometrics scan measures the unique fold of thread-like muscles in the iris?
Correct
The iris, or the colored part of the eye, consists of thick, thread-like muscles. By measuring the unique folds of these muscles, biometric authentication tools can confirm identity with incredible accuracy. Iris scan is also used for liveness detection such as requiring the user to blink for the scan.
Incorrect
The iris, or the colored part of the eye, consists of thick, thread-like muscles. By measuring the unique folds of these muscles, biometric authentication tools can confirm identity with incredible accuracy. Iris scan is also used for liveness detection such as requiring the user to blink for the scan.
Unattempted
The iris, or the colored part of the eye, consists of thick, thread-like muscles. By measuring the unique folds of these muscles, biometric authentication tools can confirm identity with incredible accuracy. Iris scan is also used for liveness detection such as requiring the user to blink for the scan.
Question 57 of 64
57. Question
What is the correct PCAP filter to capture all TCP traffic going to or from host 192.168.0.125 on port 25?
Correct
The destination host and IP host must be configured.
Incorrect
The destination host and IP host must be configured.
Unattempted
The destination host and IP host must be configured.
Question 58 of 64
58. Question
Just before you logged out, you received a suspicious email in your inbox. You are not familiar with the sender but the subject line is appealing. What is the best approach to this situation?
Correct
Forward the email to your IT/Security team so they can further investigate the email. Permanently delete the email to avoid possible damages.
Incorrect
Forward the email to your IT/Security team so they can further investigate the email. Permanently delete the email to avoid possible damages.
Unattempted
Forward the email to your IT/Security team so they can further investigate the email. Permanently delete the email to avoid possible damages.
Question 59 of 64
59. Question
These are valid data-gathering activities that are associated with a risk assessment? Choose all that applies.
Correct
The most common way to describe risk is through the Risk equation. This equation is fundamental to all information security. Risk = Threat x Vulnerability x Control
Incorrect
The most common way to describe risk is through the Risk equation. This equation is fundamental to all information security. Risk = Threat x Vulnerability x Control
Unattempted
The most common way to describe risk is through the Risk equation. This equation is fundamental to all information security. Risk = Threat x Vulnerability x Control
Question 60 of 64
60. Question
Which of the following cipher encrypts the plain text digit (bit or byte) one by one?
Correct
Stream ciphers are a type of encryption algorithm that processes an individual bit, byte, or character of plaintext at a time. Stream ciphers are often faster than block ciphers in hardware and require less complex circuitry.
Incorrect
Stream ciphers are a type of encryption algorithm that processes an individual bit, byte, or character of plaintext at a time. Stream ciphers are often faster than block ciphers in hardware and require less complex circuitry.
Unattempted
Stream ciphers are a type of encryption algorithm that processes an individual bit, byte, or character of plaintext at a time. Stream ciphers are often faster than block ciphers in hardware and require less complex circuitry.
Question 61 of 64
61. Question
An ISP or Internet Service Provider needs to authenticate users connecting using analog modems, Digital Subscriber Lines (DSL), wireless data services, and Virtual Private Networks (VPN) over a Frame Relay network. Which of the following AAA protocol is most likely able to handle this requirement?
Correct
RADIUS is an AAA protocol that manages network access. RADIUS uses two packet types to manage the full AAA process: Access-Request, which manages authentication and authorization; and Accounting-Request, which manage accounting.
Incorrect
RADIUS is an AAA protocol that manages network access. RADIUS uses two packet types to manage the full AAA process: Access-Request, which manages authentication and authorization; and Accounting-Request, which manage accounting.
Unattempted
RADIUS is an AAA protocol that manages network access. RADIUS uses two packet types to manage the full AAA process: Access-Request, which manages authentication and authorization; and Accounting-Request, which manage accounting.
Question 62 of 64
62. Question
Which of the following restriction does a “gray box testing ” methodology enforces?
Correct
A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.
Incorrect
A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.
Unattempted
A black-box tester is unaware of the internal structure of the application to be tested, while a white-box tester has access to the internal structure of the application. A gray-box tester partially knows the internal structure, which includes access to the documentation of internal data structures as well as the algorithms used.
Question 63 of 64
63. Question
Which of the following tier in the N-tier application architecture is responsible for moving and processing data between the tiers?
Correct
Logic tier coordinates the application, processes command, makes logical decisions and evaluations, and performs calculations. It also moves and processes data between the two surrounding layers.
Incorrect
Logic tier coordinates the application, processes command, makes logical decisions and evaluations, and performs calculations. It also moves and processes data between the two surrounding layers.
Unattempted
Logic tier coordinates the application, processes command, makes logical decisions and evaluations, and performs calculations. It also moves and processes data between the two surrounding layers.
Question 64 of 64
64. Question
It is implemented to ensure the safety of organizational computer systems and physical resources on company premises.
Correct
Physical Security Policy is implemented to ensure the safety of the organizational computer systems and physical resources on company premises.
Incorrect
Physical Security Policy is implemented to ensure the safety of the organizational computer systems and physical resources on company premises.
Unattempted
Physical Security Policy is implemented to ensure the safety of the organizational computer systems and physical resources on company premises.
X
Use Page numbers below to navigate to other practice tests