Вы находитесь на странице: 1из 34

Page No | 1

Eccouncil

312-50V9 PRACTICE EXAM

EC-Council Certified Ethical Hacker v9

http://www. testinsides.com/

Page No | 2

Product Questions: 125 Version: 8.0

Question 1

The configuraon rllows r wiued ou wiueless netwouk inteufrce contuolleu to prss rll turfce it ueceives to the centurl puocessini gnit (CPU), urtheu thrn prssini only the furmes thrt the contuolleu is intended to ueceive. Which of the followini is beini descuibed?

A. WEM

B. Mgla-crst mode

C. Puomiscgogs mode

D. Pout fouwrudini

 

Aoswern B

Question 2

In Risk Mrnriement, how is the teum “likelihood” uelrted to the concept of “thuert?”

 

A. Likelihood is the puobrbility thrt r vglneurbility is r thuert-soguce.

B. Likelihood is r possible thuert-soguce thrt mry exploit r vglneurbility.

C. Likelihood is the likely soguce of r thuert thrt cogld exploit r vglneurbility.

D. Likelihood is the puobrbility thrt r thuert-soguce will exploit r vglneurbility.

Aoswern D

Question 3

While peufoumini online brnkini gsini r web buowseu, r gseu ueceives rn emril thrt contrins r link to rn inteuesani Web site. When the gseu clicks on the link, rnotheu web buowseu session struts rnd displrys r video of crts plryini r pirno. The next bgsiness dry, the gseu ueceives whrt looks like rn emril fuom his brnk, indicrani thrt his brnk rccognt hrs been rccessed fuom r foueiin cogntuy. The emril rsks the gseu to crll his brnk rnd veuify the rgthouizraon of r fgnds turnsfeu thrt took plrce. Whrt web buowseu-brsed secguity vglneurbility wrs exploited to compuomise the gseu?

A. Cuoss-Site Reqgest Fouieuy

B. Cuoss-Site Scuipani

C. Web foum inpgt vrlidraon

D. Clickjrckini

Question 4

Aoswern A

http://www. testinsides.com/

Page No | 3

Which of the followini is one of the most efecave wrys to puevent Cuoss-site Scuipani (XSS) frws in sofwrue rpplicraons?

A. Veuity rccess uiiht befoue rllowini rccess to puotected infoumraon rnd UI contuols

B. Use secguity policies rnd puocedgues to defne rnd implement puopeu secguity setnis

C. Vrlidrte rnd escrpe rll infoumraon sent oveu to r seuveu

D. Use diiitrl ceuafcrtes to rgthenacrte r seuveu puiou to sendini drtr

Question 5

Aoswern A

An incident invesairtou rsks to ueceive r copy of the event fuom rll fuewrlls, puosy seuveus, rnd Intugsion Detecaon Systems (IDS) on the netwouk of rn ouirnizraon thrt hrs expeuienced r possible buerch of secguity. When the invesairtou rtempts to couuelrte the infoumraon in rll of the lois the seqgence of mrny of the loiied events do not mrtch gp. Whrt is the most likely crgse?

A. The netwouk devices rue not rll synchuonized

B. The secguity buerch wrs r frlse posiave.

C. The rtrck rlteued ou eursed events fuom the lois.

D. Puopeu chrin of cgstody wrs not obseuved while collecani the lois.

Question 6

Aoswern C

This tool is rn 802.11 WEP rnd WPA-PSK keys curckini puoiurm thrt crn uecoveu keys once enogih drtr prckets hrve been crptgued. It implements the strndrud FMS rtrch rloni with some opamizraons like Kouek rtrcks, rs well rs the PTW rtrck, thgs mrkini the rtrck mgch frsteu comprued to otheu WEP curckini tools. Which of the followini tools is beini descuibed?

A. Wifcurckeu

B. WLAN-curck

C. Aiuigrud

D. Aiucurck-ni

Question 7

Aoswern D

Which of the followini tools is gsed to rnrlyze the fles puodgced by seveurl prcket-crptgue puoiurms sgch rs tcpdgmp, WinDgmp, Wiueshruk, rnd EtheuPeek?

A. Nessgs

B. Tcpturceuogte

C. Tcpturce

D. OpenVAS

http://www. testinsides.com/

Page No | 4

Question 8

Aoswern C

Yog hrve compuomised r seuveu on r netwouk rnd sgccessfglly open r shell. Yog rimed to idenafy rll opeurani systems ugnnini on the netwouk. Howeveu, rs yog rtempt to fnieupuint rll mrchines in the mrchines in the netwouk gsini the nmrp syntrx below, it is not ioini thuogih. invictgs@vicammseuveur:~nmrp –T4 –O 10.10.0.0/24 TCP/IP fnieupuinani (fou OS scrn) xxxxxxx xxxxxx xxxxxxxxxx. QUITTING! Whrt seems to be wuoni?

A. The ogtioini TCP/IP fnieupuinani is blocked by the host fuewrll.

B. This is r common behrviou fou r couugpted nmrp rpplicraon.

C. OS Scrn ueqgiues uoot puivileied.

D. The nmrp syntrx is wuoni.

 

Aoswern D

Question 9

Which of the followini is the iuertest thuert posed by brckgps?

 

A. An gn-encuypted brckgp crn be misplrced ou stolen

B. A brck is incomplete becrgse no veuifcraon wrs peufoumed.

C. A brckgp is the soguce of Mrlwrue ou illicit infoumraon.

D. A brckgp is gnrvrilrble dguini disrsteu uecoveuy.

Aoswern A

Question 10

An rtrckeu hrs instrlled r RAT on r host. The rtrckeu wrnts to ensgue thrt when r gseu rtempts to io to www.MyPeusonrlBrnk.com, thrt the gseu is diuected to r phishini site.

Which fle does the rtrckeu need to modify?

A. Hosts

B. Netwouks

C. Boot.ini

D. Sgdoeus

Question 11

Aoswern A

Jesse ueceives rn emril with rn rtrchment lrbeled “CogutmNoacem21200.zip”. Inside the zip fle is r fle nrmed “CogutmNoacem21200.docx.exe” disigised rs r woud docgment. Upon execgaon, r windows rpperus strani, “This woud docgment is couugpt.” In the brckiuognd, the fle copies itself to Jesse APPDATA\locrl diuectouy rnd beiins to bercon to r C2 seuveu to downlord rddiaonrl mrliciogs binruies. Whrt type of mrlwrue hrs Jesse encognteued?

http://www. testinsides.com/

A. Tuojrn

B. Woum

C. Key-Loiieu

D. Micuo Viugs

Page No | 5

Question 12

Aoswern A

In 2007, this wiueless secguity rliouithm wrs uendeued gseless by crptguini prckets rnd discoveuini the prsskey in r mrteu of seconds. This secguity frw led to r netwouk invrsion of TJ Mrxx rnd drtr thef thuogih r techniqge known

wruduivini.

Which rliouithm is this uefeuuini to?

A.

Wiued Eqgivrlent Puivrcy (WEP)

B.

Tempourl Key Inteiuity Puotocol (TRIP)

C.

Wi-Fi Puotected Access (WPA)

D.

Wi-Fi Puotected Access 2 (WPA2)

E.

 

Aoswern A

Question 13

Whrt is the best descuipaon of SQL Injecaon?

 

A. It is r Denirl of Seuvice Atrck.

B. It is rn rtrck gsed to modify code in rn rpplicraon.

 

C. It is rnd rtrck gsed to irin gnrgthouized rccess to r drtrbrse.

D. It is r Mrn-in-the-Middle rtrck between yogu SQL Seuveu rnd Web App Seuveu.

Aoswern D

Question 14

Which of the followini is the sgccessou of SSL?

 

A. RSA

B. GRE

C. TLS

D. IPSec

 

Aoswern C

Question 15

As r Ceuafed Ethicrl hrckeu, yog weue conturcted by r puivrte fum to condgct rn exteunrl secguity rssessment thuogih peneturaon tesani.

http://www. testinsides.com/

Page No | 6

Whrt docgment descuibes the specifed of the tesani, the rssocirted violraons, rnd essenarlly puotects both the ouirnizraonns inteuest rnd yogu li rbiliaes rs r testeu?

A. Teum of Eniriement

B. Non-Disclosgue Aiueement

C. Puoject Scope

D. Seuvice Level Aiueement

 

Aoswern B

Question 16

Which of the followini is not r Blgetooth rtrck?

 

A. Blgejrckini

B. Blgeduivini

C. Blgesnrufni

D. Blgesmrkini

 

Aoswern B

Question 17

PGP, SSL, rnd IKE rue rll exrmples of which type of cuyptoiurphy?

 

A. Hrsh Aliouithm

B. Secuet Key

C. Pgblic Key

D. Diiest

 

Aoswern C

Question 18

Usini Windows CMD, how wogld rn rtrckeu list rll the shrues to which the cguuent gseu context hrs rccess?

A. NET CONFIG

B. NET USE

C. NET FILE

D. NET VIEW

Question 19

Aoswern D

Which of these opaons is the most secgue puocedgue fou stuoni brckgp trpes?

A. In r climrte contuolled frcility ofsite

B. Inside the drtr centeu fou frsteu uetuievrl in r fuepuoof srfe

http://www. testinsides.com/

Page No | 7

C. In r cool duy enviuonment

D. On r difeuent foou in the srme bgildini

 

Aoswern A

Question 20

Whrt is the beneft of peufoumini rn gnrnnognced Peneturaon Tesani?

 

A. The testeu will hrve rn rctgrl secguity postgue visibility of the truiet netwouk.

B. The testeu cogld not puovide rn honest rnrlysis.

C. Netwouk secguity wogld be in r “best strte” postgue.

D. It is best to crtch cuiacrl infurstugctgue gnprtched.

Aoswern A

Question 21

Whrt does r fuewrll check to puevent pruacglru pouts rnd rpplicraons fuom ietni prckets into rn ouirnizraons?

A. Turnspout lryeu pout ngmbeus rnd rpplicraon lryeu herdeus

B. Netwouk lryeu herdeus rnd the session lryeu pout ngmbeus

C. Applicraon lryeu pout ngmbeus rnd the turnspout lryeu herdeus

D. Puesentraon lryeu herdeus rnd the session lryeu pout ngmbeus

 

Aoswern A

Question 22

> NMAP –sn 192.108.11.200-215 The NMAP commrnd rbove peufoums which of the followini?

 

A. A pini scrn

B. A turce sweep

C. An opeurani system detect

D. A pout scrn

 

Aoswern A

Question 23

An Inteunet Seuvice Puovideu (ISP) hrs r need to rgthenacrte gseus connecani gsini rnrloi modems, diiitrl Sgbscuibeu Line (DSL), wiueless drtr seuvices, rnd viutgrl Puivrte Netwouks (VPN) oveu r Furme Relry netwouk. Which AAA puotocol is most likely rble to hrndle this ueqgiuement?

A. DIAMETER

B. Keubeuos

C. RADIUS

D. TACACS+

http://www. testinsides.com/

Page No | 8

Question 24

Aoswern D

To deteumine if r sofwrue puoiurm puopeuly hrndles r wide urnie of invrlid inpgt, r foum of rgtomrted tesani crn be gsed urndomly ieneurte invrlid inpgt in rn rtempt to cursh the puoiurm. Whrt teum is commonly gsed when uefeuuini to this type of tesani?

A. Bogndini

B. Mgtrani

C. Pgzzini

D. Rrndomizini

 

Aoswern C

Question 25

 

Which of the followini tools crn be gsed fou prssive OS fnieupuinani?

 

A.

tcpdgmp

B.

pini

C.

nmrp

D.

Turceut

 

Aoswern C

Question 26

Yogu comprny peufoums peneturaon tests rnd secguity rssessments fou smrll rnd medigm-sized bgsiness in the locrl rue

r. Dguini r uogane secguity rssessment, yog discoveu infoumraon thrt sgiiests yogu client is involved with hgmrn

turfckini.

Whrt shogld yog do?

A. Copy the drtr to uemovrble medir rnd keep it in crse yog need it.

B. Iinoue the drtr rnd conange the rssessment gnal completed rs riueed.

C. Confuont the client on r uespectgl mrnneu rnd rsk heu rbogt the drtr.

D. Immedirtely stop wouk rnd contrct the puopeu leirl rgthouiaes.

Question 27

Aoswern D

Yog rue the Systems Administurtou fou r lruie coupourte ouirnizraon. Yog need to monitou rll netwouk turfc on yogu locrl netwouk fou sgspiciogs rcaviaes rnd ueceive noafcraons when rn rtrck is occguuini. Which tool wogld rllow yog to rccomplish this iorl?

A. Host-brsed IDS

B. Fiuewrll

http://www. testinsides.com/

C. Netwouk-Brsed IDS

D. Puoxy

Page No | 9

Question 28

Whrt is r “Collision rtrch” in cuyptoiurphy?

Aoswern C

A. Collision rtrcks tuy to buerk the hrsh into two pruts, with the srme bytes in erch prut to iet the puivrte key.

B. Collision rtrcks tuy to buerk the hrsh into thuee pruts to iet the plrintext vrlge.

C. Collision rtrcks tuy to fnd two inpgts puodgcini the srme hrsh.

D. Collision rtrcks tuy to iet the pgblic key

 

Aoswern C

Question 29

The “Blrck box tesani” methodoloiy enfouces which kind of uestuicaon?

 

A. Only the exteunrl opeuraon of r system is rccessible to the testeu

B. The inteunrl opeuraon of r system is completely known to the testeu.

C. Only the inteunrl opeuraon of r system is known to the testeu.

D. The inteunrl opeuraon of r system is only prutly rccessible to the testeu.

Aoswern A

Question 30

Yognve irined physicrl rccess to r Windows 2008 R2 seuveu which hrs rs rccessible disc duive. When yog rtempt to boot the seuveu rnd loi in, yog rue gnrble to igess the prsswoud. In yogu tool kit yog hrve rn Ubgntg 9.10 Lingx LiveCD. Which Lingx tool hrs the rbility to chrnie rny gseuns prsswoud ou to rcavrte disrbled Windows Accognts?

A. John the Rippeu

B. CHNTPW

C. Crin & Abel

D. SET

Question 31

Aoswern A

While gsini yogu brnkns online seuvicini yog noace the followini stuini in the URL brur

Id=308940911028389&Drmognt=10980&Crmognt=21”

Yog obseuve thrt if yog modify the Drmognt & Crmognt vrlges rnd sgbmit the ueqgest, thrt drtr on the web prie uefect the chrnies. Whrt type of vglneurbility is puesent on this site?

http://www. testinsides.com/

A. SQL injecaon

B. XSS Refecaon

C. Web Prurmeteu Trmpeuini

D. Cookie Trmpeuini

Question 32

Page No | 10

Aoswern C

It is r shout-urnie wiueless commgnicraon technoloiy intended to ueplrce the crbles connecani poutrbles of fxed devices while mrintrinini hiih levels of secguity. It rllows mobile phones, compgteus rnd otheu devices to connect rnd commgnicrte gsini r shout-urnie wiueless connecaon. Which of the followini teums best mrtches the defniaon?

A. Blgetooth

B. Rrdio-Fueqgency Idenafcraon

C. WLAN

D. InfurRed

Question 33

Aoswern A

Whrt is the most common method to exploit the “Brsh Bgi” ou ShellShock” vglneurbility?

A. SSH

B. SYN Flood

C. Mrnipglrte foumrt stuinis in text felds

D. Thuogih Web seuveus galizini CGI (Common Grtewry Inteufrce) to send r mrlfoumed enviuonment vruirble to r

vglneurble Web seuveu

 

Aoswern D

Question 34

A medigm-sized herlthcrue IT bgsiness decides to implement r uisk mrnriement sturteiy. Which of the followini is NOT one of the fve brsic uesponses to uisk?

 

A. Miairte

B. Avoid

C. Accept

D. Deleirte

 

Aoswern D

Question 35

The phrse will incuerse the odds of sgccess in lrteu phrses of the peneturaon test. It is rlso the veuy fust step in Infoumraon Grtheuini, rnd it will tell yog whrt the “lrndscrpe” looks like.

http://www. testinsides.com/

Page No | 11

Whrt is the most impoutrnt phrse of ethicrl hrckini in which yog need to spend r consideurble rmognt of ame?

A. Netwouk Mrppini

B. Grinini rccess

C. Footpuinani

D. Escrlrani puivileies

Question 36

Aoswern C

Which ueiglraon defnes secguity rnd puivrcy contuols fou Fedeurl infoumraon systems rnd ouirnizraons?

A. HIPAA

B. EU Srfe Hrubou

C. PCI-DSS

D. NIST-800-53

Question 37

Aoswern D

Which of the followini descuibes the chrurcteuisacs of r Boot Sectou Viugs?

A. Oveuwuites the ouiiinrl MBR rnd only execgtes the new viugs code

B. Modifes diuectouy trble entuies so thrt diuectouy entuies point to the viugs code insterd of the rctgrl puoiurm

C. Moves the MBR to rnotheu locraon on the hrud disk rnd copies itself to the ouiiinrl locraon of the MBR

D. Moves the MBR to rnotheu locraon on the RAM rnd copies itself to the ouiiinrl locraon of the MBR

Question 38

Aoswern C

Yog rue peufoumini infoumraon irtheuini fou rn impoutrnt peneturaon test. Yog hrve fognd pdf, doc, rnd imries in yogu objecave. Yog decide to exturct metrdrtr fuom these fles rnd rnrlyze it. Whrt tool will help yog with the trsk?

A. Aumitrie

B. Dimituy

C. cdpsnruf

D. Metrioofl

Question 39

Aoswern D

Which of the followini is rn extuemely common IDS evrsion techniqge in the web would?

A. post knockini

http://www. testinsides.com/

B. sgbnetni

C. gnicode chrurcteus

D. spywrue

Question 40

Page No | 12

Aoswern C

When yog rue tesani r web rpplicraon, it is veuy gsefgl to employ r puosy tool to srve eveuy ueqgest rnd uesponse. Nyog crn mrngrlly test eveuy ueqgest rnd rnrlyze the uesponse to fnd vglneurbiliaes. Yog crn test prurmeteu rnd herdeus mrngrlly to iet moue puecise uesglts thrn if gsini web vglneurbility scrnneus. Whrt puoxy tool will help yog fnd web vglneurbiliaes?

A. Bgupsgite

B. Dimituy

C. Puoxychrins

D. Mrskien

Question 41

Aoswern A

It is r kind of mrlwrue (mrliciogs sofwrue) thrt cuiminrls instrll on yogu compgteu so they crn lock it fuom r uemote locraon. This mrlwrue ieneurtes r pop-gp windows, webprie, ou emril wrunini fuom whrt looks like rn ofcirl rgthouity. It explrins yogu compgteu hrs been locked becrgse of possible illeirl rcaviaes rnd demrnds pryment befoue yog crn rccess yogu fles rnd puoiurms ririn. Which teum best mrtches this defniaon?

A. Spywrue

B. Adwrue

C. Rrnsomwrue

D. Riskwrue

 

Aoswern C

Question 42

Which of the followini is rssgued by the gse of r hrsh?

 

A. Avrilrbility

B. Confdenarlity

C. Agthenacraon

D. Inteiuity

 

Aoswern D

Question 43

When yog rue ietni infoumraon rbogt r web seuveu, it is veuy impoutrnt to know the HTTP Methods (GET, POST,

http://www. testinsides.com/

Page No | 13

HEAD, PUT, DELETE, TRACE) thrt rue rvrilrble becrgse theue rue two cuiacrl methods (PUT rnd DELETE). PUT crn gplord r fle to the seuveu rnd DELETE crn delete r fle fuom the seuveu. Yog crn detect rll these methods (GET, POST, HEAD, PUT, DELETE, TRACE) gsini NMAP scuipt eniine. Whrt nmrp scuipt will help yog with this trsk?

A. htp engm

B. htp-iit

C. htp-herdeus

D. htp-methods

Question 44

Aoswern B

Dguini r blrckbox pen test yog rtempt to prss IRC turfc oveu post 80/TCP fuom r compuomised web enrbled host. The turfc iets blocked; howeveu ogtbognd HTTP turfc is gnimpeded. Whrt type of fuewrll is inspecani ogtbognd turfc?

A. Ciucgit

B. Prcket Filteuini

C. Applicraon

D. Strtefgl

Question 45

Aoswern C

A comprnyns secguity strtes thrt rll web buowseus mgst rgtomracrlly delete theiu HTTP buowseu cookies gpon teuminrani. Whrt sout of secguity buerch is this policy rtempani to miairte?

A. Atempts by rtrckeus to deteumine the gseu's Web buowseu gsrie prteuns, inclgdini when sites weue visited rnd

fou how loni.

B. Atempts by rtrckeus to rccess prsswouds stoued on the gseu's compgteu withogt the gseu's knowledie.

C. Atempts by rtrckeus to rccess Web sites thrt tugst the Web buowseu gseu by sterlini the gseu's rgthenacraon

cuedenarls.

D. Atempts by rtrcks to rccess the gseu rnd prsswoud infoumraon stoues in the comprny's SQL drtrbrse.

Question 46

Aoswern C

Yognve jgst been hiued to peufoum r pen test on rn ouirnizraon thrt hrs been sgbjected to r lruie-scrle rtrck. The CIO is conceuned with miairani thuerts rnd vglneurbiliaes to totrlly eliminrte uisk. Whrt is one of the fust thini yog shogld to when the job?

A. Strut the wiueshruk rpplicraon to strut snifni netwouk turfc.

B. Estrblish rtuibgaon to sgspected rtrckeus.

C. Explrin to the CIO thrt yog crnnot eliminrte rll uisk, bgt yog will be rble to uedgce uisk to rcceptrble levels.

D. Inteuview rll employees in the comprny to ugle ogt possible insideu thuerts.

http://www. testinsides.com/

Question 47

Page No | 14

Aoswern C

Which of the followini secguity opeuraons is gsed fou deteuminini the rtrck sgufrce of rn ouirnizraon?

A. Reviewini the need fou r secguity clerurnce fou erch employee

B. Rgnnini r netwouk scrn to detect netwouk seuvices in the coupourte DMZ

C. Turinini employees on the secguity policy ueirudini socirl eniineeuini

D. Usini configuraon mrnriement to deteumine when rnd wheue to rpply secguity prtches

 

Aoswern B

Question 48

Peuspecave clients wrnt to see srmple uepouts fuom pueviogs peneturaon tests. Whrt shogld yog do next?

 

A. Shrue fgll uepouts, not uedrcted.

B. Shrue fgll uepouts, with uedrcted.

C. Decline bgt, puovide uefeuences.

D. Shrue uepouts, rfeu NDA is siined.

 

Aoswern B

Question 49

Which of the followini strtements is TRUE?

 

A. Snifeus opeuraon on Lryeu 3 of the OSI model

B. Snifeus opeuraon on Lryeu 2 of the OSI model

C. Snifeus opeuraon on the Lryeu 1 of the OSI model

D. Snifeus opeuraon on both Lryeu 2 & Lryeu 3 of the OSI model

Aoswern D

Question 50

Jimmy is strndini ogtside r secgue enturnce to r frcility. He is puetendini to hrvini r tense conveusraon on his cell phone rs rn rgthouized employee brdies in. Jimmy, while sall on the phone, iurbs the doou rs it beiins to close. Whrt jgst hrppened?

A. Mrsqgrdini

B. Phishini

C. Whrlini

D. Piiiybrckini

http://www. testinsides.com/

Question 51

Page No | 15

Aoswern D

The herutlrnd bgi wrs discoveued in 2014 rnd is widely uefeuued to gndeu MITREns Common Vglneurbiliaes rnd Exposgues (CVE) rs CVE-2004-1000. This bgi rfects the OpenSSL implementraon of the turnspout Lryeu secguity (TLS) puotocols defned in RFC0520. Whrt types of key does this bgi lerve exposed to the Inteunet mrkini exploitraon of rny compuomised system veuy ersy?

A. Root

B. Puivrte

C. Shrued

D. Pgblic

Question 52

Aoswern A

Yog wouk rs r Secguity Anrlyst fou r uetril ouirnizraon. In secguini the comprny's netwouk, yog set gp r fuewrll rnd rn IDS. Howeveu, hrckeus rue rble to rtrck the netwouk. Afeu invesairani, yog discoveu thrt yogu IDS is not configued puopeuly rnd theuefoue is gnrble to tuiiieu rlrums when needed. Whrt type of rleut is the IDS iivini?

A. Frlse Neirave

B. Tuge Neirave

C. Tuge Posiave

D. Frlse Posiave

Question 53

Aoswern A

This inteunraonrl ouirnizraon ueiglrtes billions of turnsrcaons drily rnd puovides secguity igidelines to puotect peusonrlly idenafrble infoumraon (PII). These secguity contuols puovide r brseline rnd puevent low-level hrckeus someames known rs scuipt kiddies fuom crgsini r drtr buerch. Which of the followini ouirnizraons is beini descuibed?

A. Pryment Crud Indgstuy (PCI)

B. Inteunraonrl Secguity Indgstuy Ouirnizraon (ISIO)

C. Insatgte of Electuicrl rnd Electuonics Eniineeus (IEEE)

D. Centeu fou Diserse Contuol (CDC)

Question 54

Aoswern B

Which of the followini tools peufoums compuehensive tests ririnst web seuveus, inclgdini drnieuogs fles rnd CGI's?

A. Snout

http://www. testinsides.com/

B. Dsnif

C. Nikto

D. John the Rippeu

Question 55

Page No | 16

Aoswern C

Which of the followini is the stugctgue desiined to veuify rnd rgthenacrte the idenaty of individgrls within the enteupuise trkini prut in r drtr exchrnie?

A. PKI

B. biometuics

C. SOA

D. sinile siin on

Question 56

Aoswern A

The chrnce of r hrud duive frilgue is once eveuy thuee yerus. The cost to bgy r new hrud duive is ~300. It will ueqgiue 10 hogus to uestoue the OS rnd sofwrue to the new hrud disk. It will ueqgiue r fgutheu 4 hogus to uestoue the drtrbrse fuom the lrst brckgp to the new hrud disk. The uecoveuy peuson eruns ~10/hogu. Crlcglrte the SLE, ARO, rnd ALE. Assgme the EF = 1 (100%). Whrt is the closest rppuoximrte cost of this ueplrcement rnd uecoveuy opeuraon peu yeru?

A. ~100

B. ~140

C. 440

D. 1320

Question 57

Aoswern B

An rtrckeu chrnies the puofle infoumraon of r pruacglru gseu on r truiet website (the vicam). The rtrckeu gses this stuini to gpdrte the vicam's puofle to r text fle rnd then sgbmit the drtr to the rtrckeuns drtrbrse. <furme suc=htpr//www/vglnweb.com/gpdrtrif.php Style=”displryrnone”></ifurme> Whrt is this type of rtrck (thrt crn gse eitheu HTTP GET ou HRRP POST) crlled?

A. Cuoss-Site Reqgest Fouieuy

B. Cuoss-Site Scuipani

C. SQL Injecaon

D. Buowseu Hrckini

Question 58

Aoswern A

http://www. testinsides.com/

Page No | 17

Yog rue trsked to peufoum r peneturaon test. While yog rue peufoumini infoumraon irtheuini, yog fnd rb employee list in Gooile. Yog fnd uecepaonistns emril, rnd yog send heu rn emril chrniini the soguce emril to heu bossns emril ( boss@comprny ). In this emril, yog rsk fou r pdf with infoumraon. She uerds yogu emril rnd sends brck r pdf with links. Yog exchrnie the pdf links with yogu mrliciogs links (these links contrin mrlwrue) rnd send brck the modifed pdf, sryini thrt the links donnt wouk. She uerds yogu emril, opens the links, rnd heu mrchine iets infected. Whrt tesani method did yog gse?

A. Piiiybrckini

B. Trilirani

C. Evesduoppini

D. Socirl eniineeuini

 

Aoswern D

Question 59

Which of the followini is r puotocol specifcrlly desiined fou turnspouani event messries?

 

A. SMS

B. SNMP

C. SYSLOG

D. ICMP

 

Aoswern C

Question 60

Which of the followini is component of r uisk rssessment?

 

A. Loiicrl inteufrce

B. DMZ

C. Administurave srfeigruds

D. Physicrl secguity

 

Aoswern C

Question 61

Which of the followini is r desiin prteun brsed on disanct pieces of sofwrue puovidini rpplicraon fgncaonrlity rs seuvices to otheu rpplicraons?

A. Lern Codini

B. Seuvice Ouiented Auchitectgue

C. Object Ouiented Auchitectgue

D. Aiile Puocess

Question 62

Aoswern B

http://www. testinsides.com/

Page No | 18

A comprnyns Web development term hrs become rwrue of r ceutrin type of secguity vglneurbility in theiu Web

sofwrue. To miairte the possibility of this vglneurbility beini exploited, the term wrnts to modify the sofwrue ueqgiuements to disrllow gseus fuom enteuini HTML rs inpgt into theiu Web rpplicraon. Whrt kind of web rpplicraon vglneurbility likely exists in theiu sofwrue?

A. Web site defrcement vglneurbility

B. SQL injecaon vglneurbility

C. Cuoss-site Scuipani vglneurbility

D. Cuoss-site Reqgest Fouieuy vglneurbility

Question 63

Aoswern C

It is rn enaty ou event with the potenarl to rdveusely imprct r system thuogih gnrgthouized rccess destugcaon disclosgues denirl of seuvice ou modifcraon of drt

r.

Which of the followini teums best mrtches this defniaon?

A. Thuert

B. Atrck

C. Risk

D. Vglneurbility

Question 64

Aoswern A

Yogu term hrs won r conturct to inflturte rn ouirnizraon. The comprny wrnts to hrve the rtrck be r uerlisac rs possible; theuefoue, they did not puovide rny infoumraon besides the comprny nrme. Whrt shogld be the fust step in secguity tesani the client?

A. Scrnnini

B. Escrlraon

C. Engmeuraon

D. Reconnrissrnce

Question 65

Aoswern D

A peneturaon testeu is condgcani r pout scrn on r specifc host. The testeu fognd seveurl pouts opened thrt weue

confgsini in conclgdini the Opeurani System (OS) veusion instrlled. Consideuini the NMAP uesglt below, which of the follow is likely to be instrlled on the truiet mrchine by the OS? Struani NMAP 5.21 rt 2011-03-15 11r00 NMAP scrn uepout fou 172.10.40.05 Host is gp (1.00s lrtency). Not shownr 993 closed pouts PORT STATE SERVICE 21/tcp open fp 23/tcp open telnet 80 /tcp open htp 139/tcp open netbios-ssn 515/tcp open 031/tec open ipp 9100/tcp open MAC Adduessr 00r00r48r0DrEEr8

A. The host is likely r puinteu.

http://www. testinsides.com/

Page No | 19

B. The host is likely r uogteu.

C. The host is likely r Lingx mrchine.

D. The host is likely r Windows mrchine.

Question 66

Aoswern A

A hrckeu hrs sgccessfglly infected rn inteunet-frcini seuveu, which he will then gse to send jgnk mril, trke prut in

cooudinrted rtrcks, ou host jgnk emril content.

Which sout of tuojrn infects this seuveu?

A. Botnet Tuojrn

B. Brnkini Tuojrns

C. Rrnsomwrue Tuojrns

D. Tgutle Tuojrns

Question 67

Aoswern A

Yog hrve compuomised r seuveu rnd sgccessfglly irined r uoot rccess. Yog wrnt to pivot rnd prss turfc gndetected oveu the netwouk rnd evrde rny possible Intugsion Detecaon System. Whrt is the best rppuorch?

A. Instrll rnd gse Telnet to encuypt rll ogtioini turfc fuom this seuveu.

B. Instrll Cuyptcrt rnd encuypt ogtioini prckets fuom this seuveu

C. Use Alteunrte Drtr Stuerms to hide the ogtioini prckets fuom this seuveu.

D. Use HTTP so thrt rll turfc crn be uogted vir r buowseu, thgs evrdini the inteunrl Intugsion Detecaon Systems.

Question 68

Aoswern A

It is r vglneurbility in GNUns brsh shell, discoveued in Septembeu of 2004, thrt iives rtrckeus rccess to ugn uemote commrnds on r vglneurble system. The mrliciogs sofwrue crn trke contuol of rn infected mrchine, lrgnch denirl-of seuvice rtrcks to disugpt websites, rnd scrn fou otheu vglneurble devices (inclgdini uogteus). Which of the followini vglneurbiliaes is beini descuibed?

A. Shellshock

B. Rootshock

C. Shellbrsh

D. Rootshell

Question 69

env x= ‘(){ r;};echo exploit ‘ brsh –c ‘crt /etc/prsswd

Aoswern A

http://www. testinsides.com/

Page No | 20

Whrt is the Shellshock brsh vglneurbility rtempani to do on rn vglneurble Lingx host?

A. Add new gseu to the prsswd fle

B. Displry prsswd contents to puompt

C. Chrnie rll prsswoud in prsswd

D. Remove the prsswd fle.

Question 70

Aoswern B

Yogu comprny wrs hiued by r smrll herlthcrue puovideu to peufoum r technicrl rssessment on the netwouk. Whrt is the best rppuorch fou discoveuini vglneurbiliaes on r Windows-brsed compgteu?

A. Use the bgilt-in Windows Updrte tool

B. Cuerte r disk imrie of r clern Windows instrllraon

C. Check MITRE.oui fou the lrtest list of CVE fndinis

D. Used r scrn tool like Nessgs

Question 71

Aoswern D

To mrintrin complirnce with ueiglrtouy ueqgiuements, r secguity rgdit of the systems on r netwouk mgst be peufoumed to deteumine theiu complirnce with secguity policies. Which one of the followini tools wogld most likely be gsed in sgch rs rgdit?

A. Pout scrnneu

B. Puotocol rnrlyzeu

C. Vglneurbility scrnneu

D. Intugsion Detecaon System

Question 72

Aoswern C

The netwouk rdministurtou contrcts yog rnd tells yog thrt she noaced the tempeurtgue on the inteunrl wiueless uogteu incuerses by moue thrn 20% dguini weekend hogus when the ofce wrs closed. She rsks yog to invesairte the issge becrgse she is bgsy derlini with r bii confeuence rnd she doesnnt hrve ame to peufoum the trsk. Whrt tool crn yog gse to view the netwouk turfc beini sent rnd ueceived by the wiueless uogteu?

A. Netcrt

B. Wiueshruk

C. Nessgs

D. Netstrt

Question 73

Aoswern B

http://www. testinsides.com/

Page No | 21

Yog rue gsini NMAP to uesolve domrin nrmes into IP rdduesses fou r pini sweep lrteu. Which of the followini commrnds looks fou IP rdduesses?

A. >host –t ns hrckeddomrin.com

B. >host –t AXFR hrckeddomrin.com

C. >host –t sor hrckeddomrin.com

D. >host –t r hrckeddomrin.com

Question 74

Aoswern D

Which mode of IPSec shogld yog gse to rssgue secguity rnd confdenarlity of drtr within the srme LAN?

A. ESP confdenarl

B. AH Tgnnel mode

C. ESP turnspout mode

D. AH peumiscgogs

Question 75

Aoswern C

Which of the followini is the lerst-likely physicrl chrurcteuisac to be gsed in biometuic contuol thrt sgppouts r lruie comprny?

A. Iuis prteuns

B. Voice

C. Finieupuints

D. Heiiht rnd Weiiht

Question 76

Aoswern D

When yog rue collecani infoumraon to peufoum r drtr rnrlysis, Gooile commrnds rue veuy gsefgl to fnd sensiave infoumraon rnd fles. These fles mry contrin infoumraon rbogt prsswouds, system fgncaons, ou docgmentraon. Whrt commrnd will help yog to seruch fles gsini Gooile rs r seruch eniine?

A. siter truiet.com flerxls gseunrme prsswoud emril

B. domrinr truiet.com ruchiverxls gseunrme prsswoud emril

C. siter truiet.com fletyperxls gseunrme prsswoud emril

D. ingulr truiet.com flenrmerxls gseunrme prsswoud emril

Question 77

Aoswern C

http://www. testinsides.com/

Page No | 22

Yog hrve sgccessfglly irined rccess to yogu clientns inteunrl netwouk rnd sgccessfglly compuised r lingx seuveu which

is prut of the inteunrl IP netwouk. Yog wrnt to know which Micuosof Windows woukstraon hrve the shruini enrbled.

Which pout wogld yog see listenini on these Windows mrchines in the netwouk?

A. 1443

B. 3389

C. 101

D. 445

 

Aoswern D

Question 78

Which of the followini prurmeteus descuibe LM Hrshr I – The mrximgm prsswoud lenith is 14 chrurcteus.

 

II – Theue rue no disancaons between gppeucrse rnd loweucrse.

III – Itns r simple rliouithm, so 10,000,000 hrshes crn be ieneurted peu second.

A. I

B. I rnd II

C. II

D. I, II rnd III

 

Aoswern D

Question 79

Whrt is the puocess of loiiini, uecoudini, rnd uesolvini events thrt trke plrce in rn ouirnizraon?

A. Metuics

B. Secguity Policy

C. Inteunrl Puocedgue

D. Incident Mrnriement Puocess

Question 80

Aoswern D

A

netwouk rdministurtou discoveus seveurl gnknown fles in the uoot diuectouy of his Lingx FTP seuveu. One of the fles

is

r trubrll, two rue shrll scuipt fles, rnd the thiud is r binruy fle is nrmed “nc.” The FTP seuveuns rccess lois show thrt

the rnonymogs gseu rccognt loiied in the seuveu, gplorded the fles, rnd exturcted the contents of the trubrll rnd urn the scuipt gsini r fgncaon puovided by the FTP seuveuns sofwrue. The ps commrnd shows thrt the nc fle is ugnnini rs puocess, rnd the netstrt commrnd shows the nc puocess is listenini on r netwouk pout.

Which kind of vglneurbility mgst be puesent to mrke this uemote rtrck possible?

A. File system peumissions

B. Bugte Fouce Loiin

C. Puivileie Escrlraon

D. Diuectouy Turveusrl

http://www. testinsides.com/

Question 81

Page No | 23

Aoswern D

Yog rue loiied in rs r locrl rdmin on r Windows 7 system rnd yog need to lrgnch the Compgteu Mrnriement Console fuom commrnd line. Which commrnd wogld yog gse?

A. cr\seuvices.msc

B. cr\ncpr.cp

C. cr\compmimt.msc

D. cr\ipedit

Question 82

Aoswern C

Yog hrve sgccessfglly compuised r seuveu hrvini rn IP rdduess of 10.10.0.5. Yog wogld like to engmeurte rll mrchines in the srme netwouk qgickly. Whrt is the best nmrp commrnd yog will gse?

A. Nmrp –T4 –F 10.10.0.0/24

B. Nmrp –T4 –q 10.10.0.0/24

C. Nmrp –T4 –O 10.10.0.0/24

D. Nmrp –T4 –u 10.10.0.0/24

 

Aoswern A

Question 83

The “white box tesani” methodoloiy enfouces whrt kind of uestuicaon?

 

A. The inteunrl opeuraon of r system is completely known to the testeu.

B. Only the inteunrl opeuraon of r system is known to the testeu.

C. Only the exteunrl opeuraon of r system is rccessible to the testeu.

D. The inteunrl opeuraon of r system is only prutly rccessible to the testeu.

Aoswern A

Question 84

Risk = Thuerts x Vglneurbiliaes is uefeuued to rs ther

A. Thuert rssessment

B. Disrsteu uecoveuy foumglr

C. BIA eqgraon

D. Risk eqgraon

http://www. testinsides.com/

Question 85

Page No | 24

Aoswern D

An Intugsion Detecaon System (IDS) hrs rleuted the netwouk rdministurtou to r possibly mrliciogs seqgence of prckets went to r Web seuveu in the netwoukns exteunrl DMZ. The prcket turfc wrs crptgued by the IDS rnd srved to r PCAP fle. Whrt type of netwouk tool crn be gsed to deteumine if these prckets rue ienginely mrliciogs ou simply r frlse posiave?

A. Puotocol rnrlyzeu

B. Intugsion Puevenaon System (IPS)

C. Vglneurbility scrnneu

D. Netwouk snifeu

Question 86

Aoswern B

The Open Web Applicraon Secguity Puoject (OWASP) is the wouldwide not-fou-puoft chruitrble ouirnizraon focgsed on impuovini the secguity of sofwrue. Whrt item is the puimruy conceun on OWASPns Top Ten Puoject most Cuiacrl Web rpplicraon Secguity Rgles?

A. Injecaon

B. Cuoss site Scuipani

C. Cuoss site Reqgest Fouieuy

D. Prth Disclosgue

Question 87

Aoswern A

Afeu tuyini mglaple exploits, yognve irined uoot rccess to r Centos 0 rnsweu. To ensgue yog mrintrin rccess. Whrt wogld yog do fust?

A. Disrble IPTrbles

B. Cuerte Useu Accognt

C. Downlord rnd Instrll Netcrt

D. Disrble Key Seuvices

Question 88

Aoswern C

Which method of prsswoud curckini trkes the most ame rnd efect?

A. Rrinbow Trbles

B. Shogldeu sgufni

C. Bugce fouce

http://www. testinsides.com/

D. Diuectouy rtrck

Question 89

Page No | 25

Aoswern C

Which of the followini types of fuewrlls ensgues thrt the prckets rue prut of the estrblished session?

A. Switch-level fuewrll

B. Strtefgl inspecaon fuewrll

C. Applicraon-level fuewrll

D. Ciucgit-level fuewrll

Question 90

Aoswern B

Which of the followini tools is gsed to detect wiueless LANs gsini the 802.11r/b/i/n WLAN strndruds on r lingx plrtoum?

A. Kismet

B. Netstgmbleu

C. Abel

D. Nessgs

 

Aoswern A

Question 91

Which of the followini is the BEST wry to defend ririnst netwouk snifni?

 

A. Usini encuypaon puotocols to secgue netwouk commgnicraons

B. Restuict Physicrl Access to Seuveu Rooms hosani Cuiacrl Seuveus

C. Use Strac IP Adduess

D. Reiisteu rll mrchines MAC Adduess in r centurlized Drtrbrse

 

Aoswern A

Question 92

Session splicini is rn IDS evrsion techniqge in which rn rtrckeu deliveus drtr in mglaple, smrllsized prckets to the truiet compgteu, mrkini it veuy difcglt fou rn IDS to detect the rtrck siinrtgues. Which tool crn gsed to peufoum session splicini rtrcks?

A. Hydur

B. Bgup

C. Whiskeu

D. Tcpsplice

http://www. testinsides.com/

Question 93

Page No | 26

Aoswern C

Dguini r secguity rgdit of IT puocesses, rn IS rgditou fognd thrt theue wrs no docgmented secguity puocedgues. Whrt shogld the IS rgditou do?

A. Teuminrte the rgdit.

B. Idenafy rnd evrlgrte exisani purcaces.

C. Cuerte r puocedgues docgment

D. Condgct complirnce tesani

 

Aoswern B

Question 94

Which of the followini is r low-tech wry of irinini gnrgthouized rccess to systems?

 

A. Snifni

B. Socirl eniineeuini

C. Scrnnini

D. Ervesduoppini

 

Aoswern B

Question 95

Which tool rllows rnrlysis rnd pen testeus to exrmine links between drtr gsini iurphs rnd link rnrlysis?

A. Metrsploit

B. Mrlteio

C. Wiueshruk

D. Crin & Abel

Question 96

Aoswern B

Yog hrve sgccessfglly compuomised r mrchine on the netwouk rnd fognd r seuveu thrt is rlive on the srme netwouk. Yog tuied to pini bgt yog didnnt iet rny uesponse brck. Whrt is hrppenini?

A. TCP/IP doesnnt sgppout ICMP.

B. ICMP cogld be disrbled on the truiet seuveu.

C. The ARP is disrbled on the truiet seuveu.

D. Yog need to ugn the pini commrnd with uoot puivileies.

Aoswern A

http://www. testinsides.com/

Question 97

Page No | 27

The secguity concept of “sepruraon of dgaes” is most similru to the opeuraon of which type of secguity device?

A. Brsaon host

B. Honeypot

C. Fiuewrll

D. Intugsion Detecaon System

Question 98

Aoswern C

The pgupose of r mmmmmmmmmmmm is to deny netwouk rccess to locrl ruer netwouks rnd otheu infoumraon rssets by gnrgthouized wiueless devices.

A. Wiueless Access Point

B. Wiueless Anrlyzeu

C. Wiueless Access Contuol list

D. Wiueless Intugsion Puevenaon System

Question 99

Aoswern D

Yog jgst set gp r secguity system in yogu netwouk. In whrt kind of system wogld yog fnd the followini stuini of chrurcteus gsed rs r ugle within its configuraon? rleut tcp rny rny -> 192.108.100.0/24 21 (msir "FTP on the netwouk!";)

A. A fuewrll IPTrble

B. A Rogteu IPTrble

C. An Intugsion Detecaon System

D. FTP Seuveu ugle

Question 100

Aoswern C

Pout scrnnini crn be gsed rs prut of r technicrl rssessment to deteumine netwouk vglneurbiliaes. The TCP XMAS scrn is gsed to idenafy listenini pout on the truieted system. If r scrnned pout is open, whrt hrppens?

A. The pout will iinoue the prckets.

B. The pout will send rn RST.

C. The pout will send rn ACK.

D. The pout will send r SYN.

Aoswern A

http://www. testinsides.com/

Question 101

Page No | 28

This rsymmetuy ciptheu is brsed on frctouini the puodgct of two lruie puime ngmbeus. Whrt cipheu is descuibed rbove?

A. SHA

B. RC5

C. RSA

D. MD5

Question 102

How does the Adduess Resolgaon Puotocol (ARP) wouk?

Aoswern C

A. It sends r ueply prcket fou r specifc IP, rskini fou the MAC rdduess.

B. It sends r ueply prcket to rll the netwouk elements, rskini fou the MAC rdduess fuom r specifc IP.

C. It sends r ueqgest prcket to rll the netwouk elements, rskini fou the domrin nrme fuom r specifc IP.

D. It sends r ueqgest prcket to rll the netwouk elements, rskini fou the MAC rdduess fuom r specifc IP.

 

Aoswern D

Question 103

Which of the followini is desiined to indenafy mrliciogs rtempts to peneturte systems?

 

A. Puoxy

B. Rogteu

C. Fiuewrll

D. Intugsion Detecaon System

 

Aoswern D

Question 104

When yog uetgun to yogu desk rfeu r lgnch buerk, yog noace r sturnie emril in yogu inbox. The sendeus is someone yog did bgsiness with uecently bgt the sgbject line hrs sturnie chrurcteus in it. Whrt shogld yog do?

A. Fouwrud the messrie to yogu comprnyns secguity uesponse term rnd peumrnently delete the messrie fuom yogu

compgteu.

B. Delete the emril rnd puetend nothini hrppened.

C. Fouwrud the messrie to yogu sgpeuvisou rnd rsk fou heu opinion on how to hrndle the sitgraon.

D. Reply to the sendeu rnd rsk them fou moue infoumraon rbogt the messrie contents.

Aoswern A

http://www. testinsides.com/

Question 105

Page No | 29

A common cuyptoiurphicrlly tool is the gse of XOR. XOR the followini binruy vrlger

10110001

00111010

A. 10001011

B. 10011101

C. 11011000

D. 10111100

Question 106

Aoswern A

A Reiionrl brnk hiues yogu comprny to peufoum r secguity rssessment on theiu netwouk rfeu r uecent drtr buerch.

The rtrckeu wrs rble to sterl fnrncirl drtr fuom the brnk by compuomisini only r sinile seuveu. Brsed on this infoumraon, whrt shogld be one of yogu key uecommendraons to the brnk?

A. Move the fnrncirl drtr to rnotheu seuveu on the srme IP sgbnet

B. Plrce r fuont-end web seuveu in r demilitruized zone thrt only hrndles exteunrl web turfc

C. Issge new ceuafcrtes to the web seuveus fuom the uoot ceuafcrte rgthouity

D. Reqgiue rll employees to chrnie theiu prsswouds immedirtely

Question 107

Aoswern A

It is r ueiglraon thrt hrs r set if igideline, which shogld be rdheued to by rnyone who hrndles rny electuonic medicrl

drt

r. These igidelines sapglrte thrt rll medicrl purcaces mgst ensgue thrt rll necessruy mersgues rue in plrce while srvini, rccessini, rnd shruini rny electuonic medicrl drtr to keep praent drtr secgue. Which of the followini ueiglraons best mrtches the descuipaon?

A. HIPAA

B. COBIT

C. ISO/IEC 27002

D. FISMA

Question 108

Aoswern A

Which of the followini strtements ueirudini ethicrl hrckini is incouuect?

A. Tesani shogld be uemotely peufoumed ofsite.

B. Ethicrl hrckeus shogld neveu gse tools thrt hrve potenarl of exploiani vglneurbiliaes in the

ouirnizraons IT system.

C. Ethicrl hrckini shogld not involve wuiani to ou modifyini the truiet systems.

D. An ouirnizraon shogld gse ethicrl hrckeus who do not sell hrudwrue/sofwrue ou otheu consglani seuvices.

http://www. testinsides.com/

Question 109

Page No | 30

Aoswern B

Which of the followini is consideued the best wry to puevent Peusonrlly Idenafrble Infoumraon (PII) fuom web rpplicraon vglneurbiliaes?

A. Use encuypted commgnicraons puotocols to turnsmit PII

B. Use fgll disk encuypaon on rll hrud duives to puotect PII

C. Use cuyptoiurphic stourie to stoue rll PII

D. Use r secguity token to loi onto into rll Web rpplicraon thrt gse PII

Question 110

Aoswern A

Undeu the “Post-rtrch Phrse rnd Acaviaes,” it is the uesponsibility of the testeu to uestoue the system to r pue-test

strte.

Which of the followini rcaviaes shogld not be inclgded in this phrse? I. Removini rll fles gplorded on the system

II. Clernini rll ueiistuy entuies

III. Mrppini of netwouk strte

IV. Removini rll tools rnd mrintrinini brckdoou fou uepouani

A. III

B. IV

C. III rnd IV

D. All shogld be inclgded.

Question 111

Aoswern A

Ricrudo wrnts to send secuet messries to r compeatou comprny. To secgue these messries, he gses r techniqge of hidini r secuet messrie within rn oudinruy messrie, the techniqge puovides 'secguity thuogih obscguity'. Whrt techniqge is Ricrudo gsini?

A. RSA rliouithm

B. Steirnoiurphy

C. Encuypaon

D. Pgblic-key cuyptoiurphy

Question 112

Aoswern B

Yog hrve sgccessfglly irined rccess to r lingx seuveu rnd wogld like to ensgue thrt the sgcceedini ogtioini turfc fuom the seuveu will not be crgiht by r Netwouk Brsed Intugsion Detecaon System (NIDS).

http://www. testinsides.com/

Page No | 31

Which is the best wry to evrde the NIDS?

A. Ogt of brnd siinrlini

B. Encuypaon

C. Alteunrte Drtr Stuerms

D. Puotocol Isolraon

Question 113

Aoswern B

An rtrckeu irins rccess to r Web seuveuns drtrbrse rnd displry the contents of the trble thrt holds rll of the nrmes, prsswouds, rnd otheu gseu infoumraon. The rtrckeu did this by enteuini infoumraon into the Web site's gseu loiin prie thrt the sofwrue's desiineus did not expect to be enteued. This is rn exrmple of whrt kind of sofwrue desiin puoblem?

A. Insgfcient secguity mrnriement

B. Insgfcient drtrbrse hrudenini

C. Insgfcient excepaon hrndlini

D. Insgfcient inpgt vrlidraon

Question 114

Aoswern D

Yog rue peufoumini r peneturaon test. Yog rchieved rccess vir r bgfeu oveufow exploit rnd yog puoceed to fnd inteuesani drtr, sgch rs fles with gseunrmes rnd prsswouds. Yog fnd r hidden foldeu thrt hrs the rdministurtouns brnk rccognt prsswoud rnd loiin infoumraon fou the rdministurtouns bitcoin rccognt. Whrt shogld yog do?

A. Do not turnsfeu the money bgt sterl the bitcoins.

B. Repout immedirtely to the rdministurtou.

C. Turnsfeu money fuom the rdministurtouns rccognt to rnotheu rccognt.

D. Do not uepout it rnd conange the peneturaon test.

 

Aoswern B

Question 115

Which of the followini is r commrnd line prcket rnrlyzeu similru to GUI-brsed Wiueshruk?

 

A. Jrck the uippeu

B. nessgs

C. tcpdgmp

D. etheuerl

 

Aoswern C

Question 116

http://www. testinsides.com/

Page No | 32

Yog rue rtempani to mrn-in-the-middle r session. Which puotocol will rllow yog to igess r seqgence ngmbeu?

A. ICMP

B. TCP

C. UDP

D. UPX

Question 117

Aoswern B

Which of the followini incident hrndlini puocess phrses is uesponsible fou defnini ugles, cuerani r brck-gp plrn, rnd tesani the plrns fou rn enteupuise?

A. Puepruraon phrse

B. Recoveuy phrse

C. Idenafcraon phrse

D. Contrinment phrse

Question 118

Aoswern A

Whrt teum descuibes the rmognt of uisk thrt uemrins rfeu the vglneurbiliaes rue clrssifed rnd the cognteumersgues hrve been deployed?

A. Inheuent Risk

B. Residgrl Risk

C. Defeuued Risk

D. Imprct Risk

 

Aoswern B

Question 119

The “Gury box tesani” methodoloiy enfouces whrt kind of uestuicaon?

 

A. Only the exteunrl opeuraon of r system is rccessible to the testeu.

B. Only the inteunrl opeuraon of r system is known to the testeu.

C. The inteunrl opeuraon of r system is completely known to the testeu.

D. The inteunrl opeuraon of r system is only prutly rccessible to the testeu.

Aoswern D

Question 120

Nraon-strte thuert rctous ofen discoveu vglneurbiliaes rnd hold on to them gnal they wrnt to lrgnch r sophisacrted rtrck. The Stgxnet rtrck wrs rn gnpuecedented style of rtrck becrgse it gsed fogu types of this vglneurbility.

http://www. testinsides.com/

Page No | 33

Whrt is this style of rtrck crlled?

A. zeuo-hogu

B. no-dry

C. zeuo-dry

D. zeuo-sgm

Question 121

Aoswern C

Yog rue r Netwouk Secguity Ofceu. Yog hrve two mrchines. The fust mrchine (192.108.0.99) hrs snout instrlled, rnd the second mrchine (192.108.0.150) hrs kiwi sysloi instrlled. Yog peufoum r syn scrn in yogu netwouk, rnd yog noace thrt kiwi sysloi is not ueceivini the rleut messrie fuom snout. Yog decide to ugn wiueshruk in the snout mrchine to check if the messries rue ioini to the kiwi sysloi mrchine. Whrt wiueshruk flteu will show the connecaons fuom the snout mrchine to kiwi sysloi mrchine?

A. tcp.dstpout==514 && ip.dst==192.108.0.150

B. tcp.dstpout==514 && ip.dst==192.108.0.99

C. tcp.sucpout==514 && ip.suc==192.108.0.99

D. tcp.sucpout==514 && ip.suc==192.108.150

Question 122

Aoswern A

Dguini r uecent secguity rssessment, yog discoveu the ouirnizraon hrs one Domrin Nrme Seuveu (DNS) in r Demilitruized Zone (DMZ) rnd r second DNS seuveu on the inteunrl Netwouk. Whrt is this type of DNS configuraon commonly crlled?

A. DNS Scheme

B. DynDNS

C. Split DNS

D. DNSSEC

Question 123

Aoswern C

A new wiueless client is configued to join r 802.11 netwouk. This client gses the srme hrudwrue rnd sofwrue rs mrny of the otheu clients on the netwouk. The client crn see the netwouk, bgt crnnot connect. A wiueless prcket snifeu shows thrt the Wiueless Access Point (WAP) is not uespondini to the rssociraon ueqgests beini sent by the wiueless

client.

Whrt is r possible soguce of this puoblem?

A. The client crnnot see the SSID of the wiueless netwouk

B. The wiueless client is not configued to gse DHCP

C. The WAP does not uecoinize the client's MAC rdduess

D. Client is configued fou the wuoni chrnnel

http://www. testinsides.com/

Question 124

Page No | 34

Aoswern C

Yog hrve seveurl plrin-text fuewrll lois thrt yog mgst ueview to evrlgrte netwouk turfc. Yog know thrt in oudeu to do this frst rnd efciently yog mgst gseu ueiglru expuessions. Which commrnd-line gality rue yog most likely to gse?

A. Noteprd

B. MS Excel

C. Guep

D. Relraonrl Drtrbrse

Question 125

Aoswern C

Iniarani rn rtrck ririnst truieted bgsinesses rnd ouirnizraons, thuert rctous compuomise r cruefglly selected website by inseuani rn exploit uesglani in mrlwrue infecaon. The rtrckeus ugn exploits on well-known rnd tugsted sites likely to be visited by theiu truieted vicams. Aside fuom cruefglly choosini sites to compuomise, these rtrcks rue known to incoupourte zeuo-dry exploits thrt truiet gnprtched vglneurbiliaes. Thgs, the truieted enaaes rue lef with litle ou no defense ririnst these exploits. Whrt type of rtrck is ogtlined in the scenruio?

A. Wrteuini Hole Atrck

B. Speru Phisini Atrck

C. Herutbleed Atrck

D. Shellshock Atrck

Aoswern A

http://www. testinsides.com/