You have already completed the Test before. Hence you can not start it again.
Test is loading...
You must sign in or sign up to start the Test.
You have to finish following quiz, to start this Test:
Your results are here!! for" CEH Practice Test 17 "
0 of 65 questions answered correctly
Your time:
Time has elapsed
Your Final Score is : 0
You have attempted : 0
Number of Correct Questions : 0 and scored 0
Number of Incorrect Questions : 0 and Negative marks 0
Average score
Your score
CEH
You have attempted: 0
Number of Correct Questions: 0 and scored 0
Number of Incorrect Questions: 0 and Negative marks 0
You can review your answers by clicking view questions. Important Note : Open Reference Documentation Links in New Tab (Right Click and Open in New Tab).
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
Answered
Review
Question 1 of 65
1. Question
Which of the following is a strong post designed to stop a car?
Correct
A bollard is a sturdy, short, vertical post.
Incorrect
A bollard is a sturdy, short, vertical post.
Unattempted
A bollard is a sturdy, short, vertical post.
Question 2 of 65
2. Question
Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct bit size of the Diffie-Hellman (DH) group 1?
Correct
DH Group 1: 768-bit group
DH Group 2: 1024-bit group
DH Group 5: 1536-bit group
DH Group 14: 2048-bit group
DH Group 15: 3072-bit group
Incorrect
DH Group 1: 768-bit group
DH Group 2: 1024-bit group
DH Group 5: 1536-bit group
DH Group 14: 2048-bit group
DH Group 15: 3072-bit group
Unattempted
DH Group 1: 768-bit group
DH Group 2: 1024-bit group
DH Group 5: 1536-bit group
DH Group 14: 2048-bit group
DH Group 15: 3072-bit group
Question 3 of 65
3. Question
A three-way handshake is a process used in establishing a TCP connection. What type of message is used when terminating the connection?
Correct
TCP traffic begins with a three-way handshake. In this TCP handshake process, a client needs to initiate the conversation by requesting a communication session with the Server.
SYN — Used to initiate and establish a connection. It also helps you to synchronize sequence numbers between devices.
ACK — Helps to confirm to the other side that it has received the SYN.
SYN-ACK — SYN message from local device and ACK of the earlier packet.
FIN — Used to terminate a connection.
Incorrect
TCP traffic begins with a three-way handshake. In this TCP handshake process, a client needs to initiate the conversation by requesting a communication session with the Server.
SYN — Used to initiate and establish a connection. It also helps you to synchronize sequence numbers between devices.
ACK — Helps to confirm to the other side that it has received the SYN.
SYN-ACK — SYN message from local device and ACK of the earlier packet.
FIN — Used to terminate a connection.
Unattempted
TCP traffic begins with a three-way handshake. In this TCP handshake process, a client needs to initiate the conversation by requesting a communication session with the Server.
SYN — Used to initiate and establish a connection. It also helps you to synchronize sequence numbers between devices.
ACK — Helps to confirm to the other side that it has received the SYN.
SYN-ACK — SYN message from local device and ACK of the earlier packet.
FIN — Used to terminate a connection.
Question 4 of 65
4. Question
What hacking attack is challenge/response authentication used to prevent?
Correct
Challenge-response authentication can defend against session replay attacks, in which an attacker listens to previous messages and resends them later to get the same credentials as the original message. Challenge-response systems defend against replay attacks because each challenge and response is unique.
Incorrect
Challenge-response authentication can defend against session replay attacks, in which an attacker listens to previous messages and resends them later to get the same credentials as the original message. Challenge-response systems defend against replay attacks because each challenge and response is unique.
Unattempted
Challenge-response authentication can defend against session replay attacks, in which an attacker listens to previous messages and resends them later to get the same credentials as the original message. Challenge-response systems defend against replay attacks because each challenge and response is unique.
Question 5 of 65
5. Question
A cybercriminal who uses rogue wireless AP performed a MITM attack and injected an HTML code to embed a malicious applet in all HTTP connections. When users accessed any page, the applet ran and exploited many machines. Which of the following tools did the cybercriminal used to inject HTML code?
Correct
Ettercap is a comprehensive suite for man-in-the-middle attacks. It features sniffing of live connections, content filtering on the fly, and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.
Incorrect
Ettercap is a comprehensive suite for man-in-the-middle attacks. It features sniffing of live connections, content filtering on the fly, and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.
Unattempted
Ettercap is a comprehensive suite for man-in-the-middle attacks. It features sniffing of live connections, content filtering on the fly, and many other interesting tricks. It supports active and passive dissection of many protocols and includes many features for network and host analysis.
Question 6 of 65
6. Question
This is a type of network attack which relies on sending an abnormally large packet size that exceeds TCP/IP specifications?
Correct
Ping of Death is a type of Denial of Service (DoS) attack in which an attacker attempts to crash, destabilize, or freeze the targeted computer or service by sending malformed or oversized packets using a simple ping command.
Incorrect
Ping of Death is a type of Denial of Service (DoS) attack in which an attacker attempts to crash, destabilize, or freeze the targeted computer or service by sending malformed or oversized packets using a simple ping command.
Unattempted
Ping of Death is a type of Denial of Service (DoS) attack in which an attacker attempts to crash, destabilize, or freeze the targeted computer or service by sending malformed or oversized packets using a simple ping command.
Question 7 of 65
7. Question
What are the three types of compliance that the Open Source Security Testing Methodology Manual (OSSTMM) recognizes?
Correct
The OSSTMM recognizes three types of compliance:
A. Legislative. Compliance with legislation is in accordance to the region where the legislation can be enforced. The strength and commitment to the legislation comes from previously successful legal arguments and appropriately set and just enforcement measures. Examples are Sarbanes-Oxley, HIPAA, and the various Data Protection and Privacy legislation.
B. Contractual. Compliance to contractual requirements are in accordance to the industry or within the group that requires the contract and may take action to enforce compliance. An example is the payment card industry data security standard (PCI DSS) promoted and required by VISA and MasterCard.
C. Standards based. Compliance to standards is in accordance with the business or organization where the compliance to standards is enforced as policy. Examples are the OSSTMM, ISO 27001/5, and ITIL.
Incorrect
The OSSTMM recognizes three types of compliance:
A. Legislative. Compliance with legislation is in accordance to the region where the legislation can be enforced. The strength and commitment to the legislation comes from previously successful legal arguments and appropriately set and just enforcement measures. Examples are Sarbanes-Oxley, HIPAA, and the various Data Protection and Privacy legislation.
B. Contractual. Compliance to contractual requirements are in accordance to the industry or within the group that requires the contract and may take action to enforce compliance. An example is the payment card industry data security standard (PCI DSS) promoted and required by VISA and MasterCard.
C. Standards based. Compliance to standards is in accordance with the business or organization where the compliance to standards is enforced as policy. Examples are the OSSTMM, ISO 27001/5, and ITIL.
Unattempted
The OSSTMM recognizes three types of compliance:
A. Legislative. Compliance with legislation is in accordance to the region where the legislation can be enforced. The strength and commitment to the legislation comes from previously successful legal arguments and appropriately set and just enforcement measures. Examples are Sarbanes-Oxley, HIPAA, and the various Data Protection and Privacy legislation.
B. Contractual. Compliance to contractual requirements are in accordance to the industry or within the group that requires the contract and may take action to enforce compliance. An example is the payment card industry data security standard (PCI DSS) promoted and required by VISA and MasterCard.
C. Standards based. Compliance to standards is in accordance with the business or organization where the compliance to standards is enforced as policy. Examples are the OSSTMM, ISO 27001/5, and ITIL.
Question 8 of 65
8. Question
A website is vulnerable to XSS and SQL injection attack due to:
Correct
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests.
Incorrect
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests.
Unattempted
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests.
Question 9 of 65
9. Question
A security engineer wants to map the company’s internal network. What type of scan is being used if she enters the following nmap command:
Correct
-sS is a command line switch used for finding out the most commonly used TCP port using TCP SYN scan or stealth scan.
Incorrect
-sS is a command line switch used for finding out the most commonly used TCP port using TCP SYN scan or stealth scan.
Unattempted
-sS is a command line switch used for finding out the most commonly used TCP port using TCP SYN scan or stealth scan.
Question 10 of 65
10. Question
This is the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?
Correct
According to ISO 27001, residual risk is “the risk remaining after risk treatment”.
Incorrect
According to ISO 27001, residual risk is “the risk remaining after risk treatment”.
Unattempted
According to ISO 27001, residual risk is “the risk remaining after risk treatment”.
Question 11 of 65
11. Question
This tool is used to collect wireless packet data?
Correct
The NetStumbler application is a Windows-based tool generally used to discover WLAN networks running on 802.11 a/b/g standards. It helps detect other networks that may cause interference to your network, and is generally used for war driving purposes by attackers. It can also find out poor coverage areas in the WLAN network, and helps the administrator set up the network the way it is intended to be.
Incorrect
The NetStumbler application is a Windows-based tool generally used to discover WLAN networks running on 802.11 a/b/g standards. It helps detect other networks that may cause interference to your network, and is generally used for war driving purposes by attackers. It can also find out poor coverage areas in the WLAN network, and helps the administrator set up the network the way it is intended to be.
Unattempted
The NetStumbler application is a Windows-based tool generally used to discover WLAN networks running on 802.11 a/b/g standards. It helps detect other networks that may cause interference to your network, and is generally used for war driving purposes by attackers. It can also find out poor coverage areas in the WLAN network, and helps the administrator set up the network the way it is intended to be.
Question 12 of 65
12. Question
This is a web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.
Correct
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests. Hackers can also bypass authentication mechanisms, gain privileges, and then inject malicious scripts into specific web pages. These malicious scripts can hijack user sessions, deface websites, or redirect the user to malicious sites.
Incorrect
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests. Hackers can also bypass authentication mechanisms, gain privileges, and then inject malicious scripts into specific web pages. These malicious scripts can hijack user sessions, deface websites, or redirect the user to malicious sites.
Unattempted
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests. Hackers can also bypass authentication mechanisms, gain privileges, and then inject malicious scripts into specific web pages. These malicious scripts can hijack user sessions, deface websites, or redirect the user to malicious sites.
Question 13 of 65
13. Question
Which of the following malware allows cybercriminals to remotely access the victim’s computer and lock it once installed. This malware generates a pop-up window, webpage, or email warning telling the victim that they’ve been hacked and then demands a ransom payment before they can access their files and programs again.
Correct
Ransomware is a form of malware that restricts the user from accessing their infected computer system or files and then asks for a ransom payment to regain user access. The main goal of a ransomware attack is to extort money from its victims.
Incorrect
Ransomware is a form of malware that restricts the user from accessing their infected computer system or files and then asks for a ransom payment to regain user access. The main goal of a ransomware attack is to extort money from its victims.
Unattempted
Ransomware is a form of malware that restricts the user from accessing their infected computer system or files and then asks for a ransom payment to regain user access. The main goal of a ransomware attack is to extort money from its victims.
Question 14 of 65
14. Question
Which of the following are well known password-cracking programs?
Correct
L0phtcrack and John the Ripper are two well know password-cracking programs. While netcat is considered the Swiss-army knife of hacking tools, it is not used for password cracking.
Incorrect
L0phtcrack and John the Ripper are two well know password-cracking programs. While netcat is considered the Swiss-army knife of hacking tools, it is not used for password cracking.
Unattempted
L0phtcrack and John the Ripper are two well know password-cracking programs. While netcat is considered the Swiss-army knife of hacking tools, it is not used for password cracking.
Question 15 of 65
15. Question
Medusa can be used to carry:
Correct
Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer.
Incorrect
Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer.
Unattempted
Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer.
Question 16 of 65
16. Question
What could be done next if the final set of security controls did not eliminate all the risk in a system?
Correct
According to ISO 27001, residual risk is “the risk remaining after risk treatment”.
Incorrect
According to ISO 27001, residual risk is “the risk remaining after risk treatment”.
Unattempted
According to ISO 27001, residual risk is “the risk remaining after risk treatment”.
Question 17 of 65
17. Question
Which of the following tools are you going to use in order to remain undetected by an IDS while pivoting and passing traffic over a server you have just compromised and gained root access to?
Correct
Cryptcat is a tool used for moving data off the victim’s system across the normal open ports without any of the security devices detecting it.
Incorrect
Cryptcat is a tool used for moving data off the victim’s system across the normal open ports without any of the security devices detecting it.
Unattempted
Cryptcat is a tool used for moving data off the victim’s system across the normal open ports without any of the security devices detecting it.
Question 18 of 65
18. Question
SIA Global Security’s policy states that all web browsers must automatically delete their HTTP browser cookies upon terminating. Which of the following security breach will be mitigated by this policy?
Correct
Cookies can store passwords and form content a user has previously entered, such as a credit card number or an address. Cookies can be stolen using a technique called cross-site scripting. This occurs when an attacker takes advantage of a website that allows its users to post unfiltered HTML and JavaScript content.
Incorrect
Cookies can store passwords and form content a user has previously entered, such as a credit card number or an address. Cookies can be stolen using a technique called cross-site scripting. This occurs when an attacker takes advantage of a website that allows its users to post unfiltered HTML and JavaScript content.
Unattempted
Cookies can store passwords and form content a user has previously entered, such as a credit card number or an address. Cookies can be stolen using a technique called cross-site scripting. This occurs when an attacker takes advantage of a website that allows its users to post unfiltered HTML and JavaScript content.
Question 19 of 65
19. Question
A network security admin is concerned that Address Resolution Protocol (ARP) spoofing or poisoning might occur on his network. Which of the following will help the network security admin mitigate this attack? Choose all that apply.
Correct
Using port security on switches will only allow the first MAC address that is connected to the switch to use that port, thus preventing ARP spoofing. ARPwatch monitors strange ARP activity that can help identify ARP spoofing. On a very small network, static ARP entries are a possibility. However, on a large network, this is not an realistic option.
Incorrect
Using port security on switches will only allow the first MAC address that is connected to the switch to use that port, thus preventing ARP spoofing. ARPwatch monitors strange ARP activity that can help identify ARP spoofing. On a very small network, static ARP entries are a possibility. However, on a large network, this is not an realistic option.
Unattempted
Using port security on switches will only allow the first MAC address that is connected to the switch to use that port, thus preventing ARP spoofing. ARPwatch monitors strange ARP activity that can help identify ARP spoofing. On a very small network, static ARP entries are a possibility. However, on a large network, this is not an realistic option.
Question 20 of 65
20. Question
This algorithm provides better protection against brute force attacks by using a 160-bit message digest.
Correct
Secure Hash Algorithm 1 or SHA-1 is a cryptographic hash function that produces a 160-bit (20-byte) hash value.
Incorrect
Secure Hash Algorithm 1 or SHA-1 is a cryptographic hash function that produces a 160-bit (20-byte) hash value.
Unattempted
Secure Hash Algorithm 1 or SHA-1 is a cryptographic hash function that produces a 160-bit (20-byte) hash value.
Question 21 of 65
21. Question
Which of the following is a command line packet analyzer similar to GUI-based Wireshark?
Correct
Tcpdump is a command line utility that allows user to capture and analyze network traffic going through the user’s system. It is often used to help troubleshoot network issues, as well as a security tool. It can also be launched in the background or as a scheduled job using tools like cron.
Incorrect
Tcpdump is a command line utility that allows user to capture and analyze network traffic going through the user’s system. It is often used to help troubleshoot network issues, as well as a security tool. It can also be launched in the background or as a scheduled job using tools like cron.
Unattempted
Tcpdump is a command line utility that allows user to capture and analyze network traffic going through the user’s system. It is often used to help troubleshoot network issues, as well as a security tool. It can also be launched in the background or as a scheduled job using tools like cron.
Question 22 of 65
22. Question
Anna is attempting to use nslookup to query the Domain Name Service (DNS). She uses the nslookup interactive mode for the search. Which of the following command should she type into the command shell to request the appropriate records?
Correct
“set type=ns” specifies a DNS name server for the named zone.
Incorrect
“set type=ns” specifies a DNS name server for the named zone.
Unattempted
“set type=ns” specifies a DNS name server for the named zone.
Question 23 of 65
23. Question
Which system consists of a publicly available set of databases that contain domain name registration contact information?
Correct
WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block or an autonomous system, but is also used for a wider range of other information.
Incorrect
WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block or an autonomous system, but is also used for a wider range of other information.
Unattempted
WHOIS is a query and response protocol that is widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name, an IP address block or an autonomous system, but is also used for a wider range of other information.
Question 24 of 65
24. Question
A penetration tester from SIA Global Security was contacted to scan a server. She needs to use a scanning technique wherein the TCP Header is split into many packets so that it becomes difficult to detect what the packets are meant for. Which of the below scanning technique will she use?
Correct
IP fragmentation occurs when packets are broken up into smaller pieces (fragments) so they can pass through a link at a smaller maximum transmission unit than the original or larger packet size. IP fragmentation can cause problems when fragments are affected by packet loss and cause excessive retransmissions. This can cause performance issues. To recover the loss of a fragment, protocols, like TCP, retransmit fragments in order to reassemble them. Fragmented traffic can also be crafted to evade intrusion detection systems and be used maliciously.
Incorrect
IP fragmentation occurs when packets are broken up into smaller pieces (fragments) so they can pass through a link at a smaller maximum transmission unit than the original or larger packet size. IP fragmentation can cause problems when fragments are affected by packet loss and cause excessive retransmissions. This can cause performance issues. To recover the loss of a fragment, protocols, like TCP, retransmit fragments in order to reassemble them. Fragmented traffic can also be crafted to evade intrusion detection systems and be used maliciously.
Unattempted
IP fragmentation occurs when packets are broken up into smaller pieces (fragments) so they can pass through a link at a smaller maximum transmission unit than the original or larger packet size. IP fragmentation can cause problems when fragments are affected by packet loss and cause excessive retransmissions. This can cause performance issues. To recover the loss of a fragment, protocols, like TCP, retransmit fragments in order to reassemble them. Fragmented traffic can also be crafted to evade intrusion detection systems and be used maliciously.
Question 25 of 65
25. Question
Which of the following biometrics scan is most commonly used for liveness detection?
Correct
The iris, or the colored part of the eye, consists of thick, thread-like muscles. By measuring the unique folds of these muscles, biometric authentication tools can confirm identity with incredible accuracy. Iris scan is also used for liveness detection such as requiring the user to blink for the scan.
Incorrect
The iris, or the colored part of the eye, consists of thick, thread-like muscles. By measuring the unique folds of these muscles, biometric authentication tools can confirm identity with incredible accuracy. Iris scan is also used for liveness detection such as requiring the user to blink for the scan.
Unattempted
The iris, or the colored part of the eye, consists of thick, thread-like muscles. By measuring the unique folds of these muscles, biometric authentication tools can confirm identity with incredible accuracy. Iris scan is also used for liveness detection such as requiring the user to blink for the scan.
Question 26 of 65
26. Question
A three-way handshake is a process used in establishing a TCP connection. What type of message is sent by the server to the client to confirm that the message has been received?
Correct
TCP traffic begins with a three-way handshake. In this TCP handshake process, a client needs to initiate the conversation by requesting a communication session with the Server.
SYN — Used to initiate and establish a connection. It also helps you to synchronize sequence numbers between devices.
ACK — Helps to confirm to the other side that it has received the SYN.
SYN-ACK — SYN message from local device and ACK of the earlier packet.
FIN — Used to terminate a connection.
Incorrect
TCP traffic begins with a three-way handshake. In this TCP handshake process, a client needs to initiate the conversation by requesting a communication session with the Server.
SYN — Used to initiate and establish a connection. It also helps you to synchronize sequence numbers between devices.
ACK — Helps to confirm to the other side that it has received the SYN.
SYN-ACK — SYN message from local device and ACK of the earlier packet.
FIN — Used to terminate a connection.
Unattempted
TCP traffic begins with a three-way handshake. In this TCP handshake process, a client needs to initiate the conversation by requesting a communication session with the Server.
SYN — Used to initiate and establish a connection. It also helps you to synchronize sequence numbers between devices.
ACK — Helps to confirm to the other side that it has received the SYN.
SYN-ACK — SYN message from local device and ACK of the earlier packet.
FIN — Used to terminate a connection.
Question 27 of 65
27. Question
This tool is used to attack web applications by starvation of available sessions on the web server. It keeps the sessions at halt using never-ending POST transmissions and sending an arbitrarily large content-length header value.
Correct
‘R U Dead Yet?’ or R.U.D.Y. is a denial-of-service attack tool that aims to keep a web server tied up by submitting form data at an absurdly slow pace. A R.U.D.Y. exploit is categorized as a low-and-slow attack, since it focuses on creating a few drawn-out requests rather than overwhelming a server with a high volume of quick requests. A successful R.U.D.Y. attack will result in the victim’s origin server becoming unavailable to legitimate traffic.
Incorrect
‘R U Dead Yet?’ or R.U.D.Y. is a denial-of-service attack tool that aims to keep a web server tied up by submitting form data at an absurdly slow pace. A R.U.D.Y. exploit is categorized as a low-and-slow attack, since it focuses on creating a few drawn-out requests rather than overwhelming a server with a high volume of quick requests. A successful R.U.D.Y. attack will result in the victim’s origin server becoming unavailable to legitimate traffic.
Unattempted
‘R U Dead Yet?’ or R.U.D.Y. is a denial-of-service attack tool that aims to keep a web server tied up by submitting form data at an absurdly slow pace. A R.U.D.Y. exploit is categorized as a low-and-slow attack, since it focuses on creating a few drawn-out requests rather than overwhelming a server with a high volume of quick requests. A successful R.U.D.Y. attack will result in the victim’s origin server becoming unavailable to legitimate traffic.
Question 28 of 65
28. Question
Which of the following does not describe Simple Object Access Protocol (SOAP)? Choose all that applies.
Correct
A SOAP client formulates a request for a service. This involves creating a conforming XML document, either explicitly or using Oracle SOAP client API. A SOAP client sends the XML document to a SOAP server. This SOAP request is posted using HTTP or HTTPS to a SOAP Request Handler running as a servlet on a Web server.
Incorrect
A SOAP client formulates a request for a service. This involves creating a conforming XML document, either explicitly or using Oracle SOAP client API. A SOAP client sends the XML document to a SOAP server. This SOAP request is posted using HTTP or HTTPS to a SOAP Request Handler running as a servlet on a Web server.
Unattempted
A SOAP client formulates a request for a service. This involves creating a conforming XML document, either explicitly or using Oracle SOAP client API. A SOAP client sends the XML document to a SOAP server. This SOAP request is posted using HTTP or HTTPS to a SOAP Request Handler running as a servlet on a Web server.
Question 29 of 65
29. Question
It is a wireless network detector, packet sniffer, and intrusion detection system (IDS) and is commonly found on Linux-based system.
Correct
Kismet is a wireless network detector, packet sniffer, and intrusion detection system (IDS) that works with any wireless card supporting raw monitoring (rfmon) mode. It can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic and works on Linux, Mac OSX, and Windows 10 under the WSL framework.
Incorrect
Kismet is a wireless network detector, packet sniffer, and intrusion detection system (IDS) that works with any wireless card supporting raw monitoring (rfmon) mode. It can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic and works on Linux, Mac OSX, and Windows 10 under the WSL framework.
Unattempted
Kismet is a wireless network detector, packet sniffer, and intrusion detection system (IDS) that works with any wireless card supporting raw monitoring (rfmon) mode. It can sniff 802.11a, 802.11b, 802.11g, and 802.11n traffic and works on Linux, Mac OSX, and Windows 10 under the WSL framework.
Question 30 of 65
30. Question
Iya received an email with an attachment labeled “Updated_Scholarship_0321” which she thought came from her school. Inside the zip file is a file named “Updated_Scholarship_0321.docx.exe” disguised as a word document. Upon execution, a window appears stating, “This word document is corrupt.” In the background, the file copies itself to Iya’s APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries. Iya encountered which type of malware?
Correct
A Trojan is a type of malware in which it disguises itself as something that it isn’t. Trojans often masquerades as a legitimate application, file, or seemingly harmless program to trick its victims into installing it.
Incorrect
A Trojan is a type of malware in which it disguises itself as something that it isn’t. Trojans often masquerades as a legitimate application, file, or seemingly harmless program to trick its victims into installing it.
Unattempted
A Trojan is a type of malware in which it disguises itself as something that it isn’t. Trojans often masquerades as a legitimate application, file, or seemingly harmless program to trick its victims into installing it.
Question 31 of 65
31. Question
In Windows Operating System, where can you see the event logs?
Correct
Event Viewer is a component of Microsoft’s Windows NT operating system that lets administrators and users view the event logs on a local or remote machine.
Incorrect
Event Viewer is a component of Microsoft’s Windows NT operating system that lets administrators and users view the event logs on a local or remote machine.
Unattempted
Event Viewer is a component of Microsoft’s Windows NT operating system that lets administrators and users view the event logs on a local or remote machine.
Question 32 of 65
32. Question
Which of the following vulnerability has been detected in the web application if the tester attempts to insert the below test script into the search area on the company’s web site:
The result of this test script is a pop-up box that appears on the screen with the text: “This is a test”.
Correct
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests. Hackers can also bypass authentication mechanisms, gain privileges, and then inject malicious scripts into specific web pages. These malicious scripts can hijack user sessions, deface websites, or redirect the user to malicious sites.
Incorrect
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests. Hackers can also bypass authentication mechanisms, gain privileges, and then inject malicious scripts into specific web pages. These malicious scripts can hijack user sessions, deface websites, or redirect the user to malicious sites.
Unattempted
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests. Hackers can also bypass authentication mechanisms, gain privileges, and then inject malicious scripts into specific web pages. These malicious scripts can hijack user sessions, deface websites, or redirect the user to malicious sites.
Question 33 of 65
33. Question
How can a rootkit bypass Windows 7 operating system’s kernel mode, code signing policy?
Correct
By attaching itself to the master boot record in a hard drive and changing the machines boot sequence/options Windows 7 boot record never has the opportunity to determine something is wrong.
Incorrect
By attaching itself to the master boot record in a hard drive and changing the machines boot sequence/options Windows 7 boot record never has the opportunity to determine something is wrong.
Unattempted
By attaching itself to the master boot record in a hard drive and changing the machines boot sequence/options Windows 7 boot record never has the opportunity to determine something is wrong.
Question 34 of 65
34. Question
This is an effective way to prevent Cross-site Scripting (XSS) flaws in software applications?
Correct
Minimizing cross-site scripting flaws includes escaping suspicious HTTP requests, validating or sanitizing user-generated content, and enabling content security policy (CSP) as an added layer of in-depth defense in mitigating XSS.
Incorrect
Minimizing cross-site scripting flaws includes escaping suspicious HTTP requests, validating or sanitizing user-generated content, and enabling content security policy (CSP) as an added layer of in-depth defense in mitigating XSS.
Unattempted
Minimizing cross-site scripting flaws includes escaping suspicious HTTP requests, validating or sanitizing user-generated content, and enabling content security policy (CSP) as an added layer of in-depth defense in mitigating XSS.
Question 35 of 65
35. Question
Which of the following toolkit contains different modules that have prepackaged exploits for a variety of vulnerabilities. This provides a higher chance of breaking into a wide range of vulnerable devices.
Correct
Metasploit framework is a very powerful tool which can be used by cybercriminals as well as ethical hackers to probe systematic vulnerabilities on networks and servers. Because it’s an open-source framework, it can be easily customized and used with most operating systems.
Incorrect
Metasploit framework is a very powerful tool which can be used by cybercriminals as well as ethical hackers to probe systematic vulnerabilities on networks and servers. Because it’s an open-source framework, it can be easily customized and used with most operating systems.
Unattempted
Metasploit framework is a very powerful tool which can be used by cybercriminals as well as ethical hackers to probe systematic vulnerabilities on networks and servers. Because it’s an open-source framework, it can be easily customized and used with most operating systems.
Question 36 of 65
36. Question
Which of the following biometrics scan measures a person’s external features through a digital video camera?
Correct
A facial recognition scan measures the geometry of the face, including the distance between the eyes, the distance from the chin to the forehead, and multiple other points on a person’s face.
Incorrect
A facial recognition scan measures the geometry of the face, including the distance between the eyes, the distance from the chin to the forehead, and multiple other points on a person’s face.
Unattempted
A facial recognition scan measures the geometry of the face, including the distance between the eyes, the distance from the chin to the forehead, and multiple other points on a person’s face.
Question 37 of 65
37. Question
A security policy will be more accepted by employees if it is consistent and has the support of
Correct
Everyone including the CEO down to the new hires must comply with security policies. If the executive management does not comply with the security policies and the consequences of non-compliance with the policy are not enforced, then mistrust and apathy toward compliance with the policy can affect your organization.
Incorrect
Everyone including the CEO down to the new hires must comply with security policies. If the executive management does not comply with the security policies and the consequences of non-compliance with the policy are not enforced, then mistrust and apathy toward compliance with the policy can affect your organization.
Unattempted
Everyone including the CEO down to the new hires must comply with security policies. If the executive management does not comply with the security policies and the consequences of non-compliance with the policy are not enforced, then mistrust and apathy toward compliance with the policy can affect your organization.
Question 38 of 65
38. Question
It is an organization’s established protocol for retaining information for operational or regulatory compliance needs.
Correct
Data Retention Policy is an organization’s established protocol for retaining information for operational or regulatory compliance needs.
Incorrect
Data Retention Policy is an organization’s established protocol for retaining information for operational or regulatory compliance needs.
Unattempted
Data Retention Policy is an organization’s established protocol for retaining information for operational or regulatory compliance needs.
Question 39 of 65
39. Question
Angel is an expert when it comes to password weaknesses and key loggers. She was then assigned to conduct a password assessment to XYZ company. She suspects that password policies are not in place and weak passwords are the norm throughout the company. Which of the following will she use to get the password from the company’s hosts and servers?
Correct
All loggers will work as long as he has physical access to the computers.
Incorrect
All loggers will work as long as he has physical access to the computers.
Unattempted
All loggers will work as long as he has physical access to the computers.
Question 40 of 65
40. Question
Which of the following tools can be used for passive OS fingerprinting?
Correct
The passive operating system fingerprinting is a feature built into both the pf and tcpdump tools.
Incorrect
The passive operating system fingerprinting is a feature built into both the pf and tcpdump tools.
Unattempted
The passive operating system fingerprinting is a feature built into both the pf and tcpdump tools.
Question 41 of 65
41. Question
Which of the following represents the initial two commands that an IRC client sends to join an IRC network?
Correct
A “PASS” command is not required for either client or server connection to be registered, but it must precede the server message or the latter of the NICK/USER combination.
Incorrect
A “PASS” command is not required for either client or server connection to be registered, but it must precede the server message or the latter of the NICK/USER combination.
Unattempted
A “PASS” command is not required for either client or server connection to be registered, but it must precede the server message or the latter of the NICK/USER combination.
Question 42 of 65
42. Question
A three-way handshake is a process used in establishing a TCP connection. What type of message is sent by the client to the server to begin this negotiation?
Correct
TCP traffic begins with a three-way handshake. In this TCP handshake process, a client needs to initiate the conversation by requesting a communication session with the Server.
SYN — Used to initiate and establish a connection. It also helps you to synchronize sequence numbers between devices.
ACK — Helps to confirm to the other side that it has received the SYN.
SYN-ACK — SYN message from local device and ACK of the earlier packet.
FIN — Used to terminate a connection.
Incorrect
TCP traffic begins with a three-way handshake. In this TCP handshake process, a client needs to initiate the conversation by requesting a communication session with the Server.
SYN — Used to initiate and establish a connection. It also helps you to synchronize sequence numbers between devices.
ACK — Helps to confirm to the other side that it has received the SYN.
SYN-ACK — SYN message from local device and ACK of the earlier packet.
FIN — Used to terminate a connection.
Unattempted
TCP traffic begins with a three-way handshake. In this TCP handshake process, a client needs to initiate the conversation by requesting a communication session with the Server.
SYN — Used to initiate and establish a connection. It also helps you to synchronize sequence numbers between devices.
ACK — Helps to confirm to the other side that it has received the SYN.
SYN-ACK — SYN message from local device and ACK of the earlier packet.
FIN — Used to terminate a connection.
Question 43 of 65
43. Question
This tool is best used to achieve compliance with PCI Requirement 11?
Correct
Nessus performs vulnerability, configuration, and compliance assessments. It supports various technologies such as operating systems, network devices, hypervisors, databases, tablets/phones, web servers, and critical infrastructure.
Incorrect
Nessus performs vulnerability, configuration, and compliance assessments. It supports various technologies such as operating systems, network devices, hypervisors, databases, tablets/phones, web servers, and critical infrastructure.
Unattempted
Nessus performs vulnerability, configuration, and compliance assessments. It supports various technologies such as operating systems, network devices, hypervisors, databases, tablets/phones, web servers, and critical infrastructure.
Question 44 of 65
44. Question
Which of the following is an incorrect definition or characteristics of Simple Object Access Protocol (SOAP)?
Correct
A SOAP client formulates a request for a service. This involves creating a conforming XML document, either explicitly or using Oracle SOAP client API. A SOAP client sends the XML document to a SOAP server. This SOAP request is posted using HTTP or HTTPS to a SOAP Request Handler running as a servlet on a Web server.
Incorrect
A SOAP client formulates a request for a service. This involves creating a conforming XML document, either explicitly or using Oracle SOAP client API. A SOAP client sends the XML document to a SOAP server. This SOAP request is posted using HTTP or HTTPS to a SOAP Request Handler running as a servlet on a Web server.
Unattempted
A SOAP client formulates a request for a service. This involves creating a conforming XML document, either explicitly or using Oracle SOAP client API. A SOAP client sends the XML document to a SOAP server. This SOAP request is posted using HTTP or HTTPS to a SOAP Request Handler running as a servlet on a Web server.
Question 45 of 65
45. Question
Which of the following requires a host application for replication?
Correct
Computer viruses can spread across the network only with the help of human intervention while worms do it independently.
Incorrect
Computer viruses can spread across the network only with the help of human intervention while worms do it independently.
Unattempted
Computer viruses can spread across the network only with the help of human intervention while worms do it independently.
Question 46 of 65
46. Question
Which of the following programming languages have a built-in-bounds checking mechanism?
Correct
Programming languages such as C#, Java, Python have built-in inbound checking.
Incorrect
Programming languages such as C#, Java, Python have built-in inbound checking.
Unattempted
Programming languages such as C#, Java, Python have built-in inbound checking.
Question 47 of 65
47. Question
Which of the following have the capability to check if the computer files have been changed or not?
Correct
Integrity checking is the process of comparing the current state of stored data and/or programs to a previously recorded state in order to detect any changes.
Incorrect
Integrity checking is the process of comparing the current state of stored data and/or programs to a previously recorded state in order to detect any changes.
Unattempted
Integrity checking is the process of comparing the current state of stored data and/or programs to a previously recorded state in order to detect any changes.
Question 48 of 65
48. Question
Which of the following has the purpose of denying network access to local area networks and other information assets by unauthorized wireless devices.
Correct
A wireless intrusion prevention system (WIPS) operates at the Layer 2 (data link layer) level of the Open Systems Interconnection model. WIPS can detect the presence of rogue or misconfigured devices and can prevent them from operating on wireless enterprise networks by scanning the network’s RFs for denial of service and other forms of attack.
Incorrect
A wireless intrusion prevention system (WIPS) operates at the Layer 2 (data link layer) level of the Open Systems Interconnection model. WIPS can detect the presence of rogue or misconfigured devices and can prevent them from operating on wireless enterprise networks by scanning the network’s RFs for denial of service and other forms of attack.
Unattempted
A wireless intrusion prevention system (WIPS) operates at the Layer 2 (data link layer) level of the Open Systems Interconnection model. WIPS can detect the presence of rogue or misconfigured devices and can prevent them from operating on wireless enterprise networks by scanning the network’s RFs for denial of service and other forms of attack.
Question 49 of 65
49. Question
Which of the following virus infects the system boot sector and the executable files at the same time?
Correct
A multipartite virus is a fast-moving virus that uses file infectors or boot infectors to attack the boot sector and executable files simultaneously. Most viruses either affect the boot sector, the system or the program files. The multipartite virus can affect both the boot sector and the program files at the same time, thus causing more damage than any other kind of virus.
Incorrect
A multipartite virus is a fast-moving virus that uses file infectors or boot infectors to attack the boot sector and executable files simultaneously. Most viruses either affect the boot sector, the system or the program files. The multipartite virus can affect both the boot sector and the program files at the same time, thus causing more damage than any other kind of virus.
Unattempted
A multipartite virus is a fast-moving virus that uses file infectors or boot infectors to attack the boot sector and executable files simultaneously. Most viruses either affect the boot sector, the system or the program files. The multipartite virus can affect both the boot sector and the program files at the same time, thus causing more damage than any other kind of virus.
Question 50 of 65
50. Question
Which of the following policy contains guidelines for employees regarding what is allowed to use, what is prohibited, and what will happen to them if they break the rules. Two printed copies of the policy should be given to the employee as soon as they join the organization. The employee should be asked to sign one copy, which should be safely filed by the company. No one should be allowed to use the company’s computer systems until they have signed the policy in acceptance of its terms.
Correct
An information security policy (ISP) is a set of rules, policies , and procedures designed to ensure all users and networks within an organization meet minimum IT security and data protection security requirements.
Incorrect
An information security policy (ISP) is a set of rules, policies , and procedures designed to ensure all users and networks within an organization meet minimum IT security and data protection security requirements.
Unattempted
An information security policy (ISP) is a set of rules, policies , and procedures designed to ensure all users and networks within an organization meet minimum IT security and data protection security requirements.
Question 51 of 65
51. Question
Which of the following is the reason why a cybercriminal wants to perform a scan on port 137?
Correct
Microsoft encapsulates NetBIOS information within TCP/IP using port 135 to port 139.
Incorrect
Microsoft encapsulates NetBIOS information within TCP/IP using port 135 to port 139.
Unattempted
Microsoft encapsulates NetBIOS information within TCP/IP using port 135 to port 139.
Question 52 of 65
52. Question
Which of the following is not a Bluetooth attack?
Correct
Bluedriving is a bluetooth wardriving utility. It can capture bluetooth devices, lookup their services, get GPS information and present everything in a nice web page.
Incorrect
Bluedriving is a bluetooth wardriving utility. It can capture bluetooth devices, lookup their services, get GPS information and present everything in a nice web page.
Unattempted
Bluedriving is a bluetooth wardriving utility. It can capture bluetooth devices, lookup their services, get GPS information and present everything in a nice web page.
Question 53 of 65
53. Question
What type of breach has the cybercriminal just performed in this scenario:
Correct
Tailgating is a social engineering attack by cybercriminals in which they trick employees into helping them gain unauthorized access to the company premises.
Incorrect
Tailgating is a social engineering attack by cybercriminals in which they trick employees into helping them gain unauthorized access to the company premises.
Unattempted
Tailgating is a social engineering attack by cybercriminals in which they trick employees into helping them gain unauthorized access to the company premises.
Question 54 of 65
54. Question
The security engineers and web development team of XYZ company have become aware of a certain type of security vulnerability in their web software. To prevent the possibility of being exploited, they want to modify the software requirements by disallowing users from entering HTML as input into their web application. Which of the following application vulnerability is being described in the scenario?
Correct
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests.
Incorrect
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests.
Unattempted
Cross-site scripting or XSS flaws occur whenever an application allows users to add custom code that includes data from untrusted sources without proper validation. Hackers inject malicious scripts into a victim’s system by hiding them within legitimate requests.
Question 55 of 65
55. Question
Which of the following is the correct process for the TCP three-way handshake connection termination?
Which of the following tools can be used in Fingerprinting VPN firewalls?
Correct
ike-scan is a command-line tool that uses the IKE protocol to discover, fingerprint, and test IPsec VPN servers. It scans IP addresses for VPN servers by sending a specially crafted IKE packet to each host within a network.
Incorrect
ike-scan is a command-line tool that uses the IKE protocol to discover, fingerprint, and test IPsec VPN servers. It scans IP addresses for VPN servers by sending a specially crafted IKE packet to each host within a network.
Unattempted
ike-scan is a command-line tool that uses the IKE protocol to discover, fingerprint, and test IPsec VPN servers. It scans IP addresses for VPN servers by sending a specially crafted IKE packet to each host within a network.
Question 57 of 65
57. Question
Which of the following best describes the Address Resolution Protocol (ARP)?
Correct
Address Resolution Protocol (ARP) is one protocol of the TCP/IP protocol suite that is used to resolve an IP address to its matching MAC address.
Incorrect
Address Resolution Protocol (ARP) is one protocol of the TCP/IP protocol suite that is used to resolve an IP address to its matching MAC address.
Unattempted
Address Resolution Protocol (ARP) is one protocol of the TCP/IP protocol suite that is used to resolve an IP address to its matching MAC address.
Question 58 of 65
58. Question
Which solution can be used to emulate computer services, such as mail and FTP, and to capture information related to logins or actions?
Correct
Honeypots are a type of deception technology that allows you to understand cybercriminals’ behavior patterns. Security teams can use honeypots to investigate cybersecurity breaches to collect intel on how cybercriminals operate. They also reduce the risk of false positives, when compared to traditional cybersecurity measures, because they are unlikely to attract legitimate activity.
Incorrect
Honeypots are a type of deception technology that allows you to understand cybercriminals’ behavior patterns. Security teams can use honeypots to investigate cybersecurity breaches to collect intel on how cybercriminals operate. They also reduce the risk of false positives, when compared to traditional cybersecurity measures, because they are unlikely to attract legitimate activity.
Unattempted
Honeypots are a type of deception technology that allows you to understand cybercriminals’ behavior patterns. Security teams can use honeypots to investigate cybersecurity breaches to collect intel on how cybercriminals operate. They also reduce the risk of false positives, when compared to traditional cybersecurity measures, because they are unlikely to attract legitimate activity.
Question 59 of 65
59. Question
Which of the following vulnerability in GNU’s bash shell gives the cybercriminals access to run remote commands on a vulnerable system. The malicious software takes control of an infected machine, launches a denial-of-service attack to disrupt websites, and scans for other vulnerable devices?
Correct
Shellshock, also known as Bashdoor, is a family of security bugs in the widely used Unix Bash shell.
Incorrect
Shellshock, also known as Bashdoor, is a family of security bugs in the widely used Unix Bash shell.
Unattempted
Shellshock, also known as Bashdoor, is a family of security bugs in the widely used Unix Bash shell.
Question 60 of 65
60. Question
Which of the following password cracking method uses word lists in combination with numbers and special characters?
Correct
A hybrid attack is a type of password attack that uses a combination of brute force and dictionary attacks such that it adds simple numbers or symbols to the passwords from a world list as it attempts to crack a password.
Incorrect
A hybrid attack is a type of password attack that uses a combination of brute force and dictionary attacks such that it adds simple numbers or symbols to the passwords from a world list as it attempts to crack a password.
Unattempted
A hybrid attack is a type of password attack that uses a combination of brute force and dictionary attacks such that it adds simple numbers or symbols to the passwords from a world list as it attempts to crack a password.
Question 61 of 65
61. Question
Which mode of IPSec should be used to assure the security and confidentiality of data within the same LAN?
Correct
Encapsulating Security Payload (ESP) provides confidentiality (in addition to authentication, integrity, and anti-replay protection) for the IP payload.
Incorrect
Encapsulating Security Payload (ESP) provides confidentiality (in addition to authentication, integrity, and anti-replay protection) for the IP payload.
Unattempted
Encapsulating Security Payload (ESP) provides confidentiality (in addition to authentication, integrity, and anti-replay protection) for the IP payload.
Question 62 of 65
62. Question
Which of the following is the best countermeasure to a ransomware attack?
Correct
The best defense against any malware attack is having backup files.
Incorrect
The best defense against any malware attack is having backup files.
Unattempted
The best defense against any malware attack is having backup files.
Question 63 of 65
63. Question
This refers to logging, recording, and resolving events promptly.
Correct
Incident management is the process of managing IT service disruptions and restoring services within agreed service level agreements (SLAs).
Incorrect
Incident management is the process of managing IT service disruptions and restoring services within agreed service level agreements (SLAs).
Unattempted
Incident management is the process of managing IT service disruptions and restoring services within agreed service level agreements (SLAs).
Question 64 of 65
64. Question
During a vulnerability testing, the penetration tester conducts an ACK scan using Nmap against the external interface of the DMZ firewall. The reports said that port 80 is unfiltered. Based on the response, which type of packet inspection is the firewall conducting?
Correct
Stateless firewalls watch network traffic and restrict or block packets based on source and destination addresses or other static values. They’re not ‘aware’ of traffic patterns or data flows.
Incorrect
Stateless firewalls watch network traffic and restrict or block packets based on source and destination addresses or other static values. They’re not ‘aware’ of traffic patterns or data flows.
Unattempted
Stateless firewalls watch network traffic and restrict or block packets based on source and destination addresses or other static values. They’re not ‘aware’ of traffic patterns or data flows.
Question 65 of 65
65. Question
Which of the following processes evaluates the adherence of an organization to its stated security policy?
Correct
A security audit is a systematic evaluation of the security of a company’s information system by measuring how well it conforms to a set of established criteria.
Incorrect
A security audit is a systematic evaluation of the security of a company’s information system by measuring how well it conforms to a set of established criteria.
Unattempted
A security audit is a systematic evaluation of the security of a company’s information system by measuring how well it conforms to a set of established criteria.
X
Use Page numbers below to navigate to other practice tests