312-50v9
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View 312-50v9 as PDF for free.
More details
- Words: 7,840
- Pages: 34
Loading documents preview...
Page No | 1
Eccouncil
312-50V9 PRACTICE EXAM EC-Council Certified Ethical Hacker v9
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 2
Product Questions: 125 Version: 8.0 Question 1 The configuraon rllows r wiued ou wiueless netwouk inteufrce contuolleu to prss rll turfce it ueceives to the centurl puocessini gnit (CPU), urtheu thrn prssini only the furmes thrt the contuolleu is intended to ueceive. Which of the followini is beini descuibed? A. WEM B. Mgla-crst mode C. Puomiscgogs mode D. Pout fouwrudini
Aoswern B Question 2 In Risk Mrnriement, how is the teum “likelihood” uelrted to the concept of “thuert?” A. Likelihood is the puobrbility thrt r vglneurbility is r thuert-soguce. B. Likelihood is r possible thuert-soguce thrt mry exploit r vglneurbility. C. Likelihood is the likely soguce of r thuert thrt cogld exploit r vglneurbility. D. Likelihood is the puobrbility thrt r thuert-soguce will exploit r vglneurbility.
Aoswern D Question 3 While peufoumini online brnkini gsini r web buowseu, r gseu ueceives rn emril thrt contrins r link to rn inteuesani Web site. When the gseu clicks on the link, rnotheu web buowseu session struts rnd displrys r video of crts plryini r pirno. The next bgsiness dry, the gseu ueceives whrt looks like rn emril fuom his brnk, indicrani thrt his brnk rccognt hrs been rccessed fuom r foueiin cogntuy. The emril rsks the gseu to crll his brnk rnd veuify the rgthouizraon of r fgnds turnsfeu thrt took plrce. Whrt web buowseu-brsed secguity vglneurbility wrs exploited to compuomise the gseu? A. Cuoss-Site Reqgest Fouieuy B. Cuoss-Site Scuipani C. Web foum inpgt vrlidraon D. Clickjrckini
Aoswern A Question 4
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 3
Which of the followini is one of the most efecave wrys to puevent Cuoss-site Scuipani (XSS) frws in sofwrue rpplicraons? A. Veuity rccess uiiht befoue rllowini rccess to puotected infoumraon rnd UI contuols B. Use secguity policies rnd puocedgues to defne rnd implement puopeu secguity setnis C. Vrlidrte rnd escrpe rll infoumraon sent oveu to r seuveu D. Use diiitrl ceuafcrtes to rgthenacrte r seuveu puiou to sendini drtr
Aoswern A Question 5 An incident invesairtou rsks to ueceive r copy of the event fuom rll fuewrlls, puosy seuveus, rnd Intugsion Detecaon Systems (IDS) on the netwouk of rn ouirnizraon thrt hrs expeuienced r possible buerch of secguity. When the invesairtou rtempts to couuelrte the infoumraon in rll of the lois the seqgence of mrny of the loiied events do not mrtch gp. Whrt is the most likely crgse? A. The netwouk devices rue not rll synchuonized B. The secguity buerch wrs r frlse posiave. C. The rtrck rlteued ou eursed events fuom the lois. D. Puopeu chrin of cgstody wrs not obseuved while collecani the lois.
Aoswern C Question 6 This tool is rn 802.11 WEP rnd WPA-PSK keys curckini puoiurm thrt crn uecoveu keys once enogih drtr prckets hrve been crptgued. It implements the strndrud FMS rtrch rloni with some opamizraons like Kouek rtrcks, rs well rs the PTW rtrck, thgs mrkini the rtrck mgch frsteu comprued to otheu WEP curckini tools. Which of the followini tools is beini descuibed? A. Wifcurckeu B. WLAN-curck C. Aiuigrud D. Aiucurck-ni
Aoswern D Question 7 Which of the followini tools is gsed to rnrlyze the fles puodgced by seveurl prcket-crptgue puoiurms sgch rs tcpdgmp, WinDgmp, Wiueshruk, rnd EtheuPeek? A. Nessgs B. Tcpturceuogte C. Tcpturce D. OpenVAS
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 4
Aoswern C Question 8 Yog hrve compuomised r seuveu on r netwouk rnd sgccessfglly open r shell. Yog rimed to idenafy rll opeurani systems ugnnini on the netwouk. Howeveu, rs yog rtempt to fnieupuint rll mrchines in the mrchines in the netwouk gsini the nmrp syntrx below, it is not ioini thuogih. invictgs@vicammseuveur:~nmrp –T4 –O 10.10.0.0/24 TCP/IP fnieupuinani (fou OS scrn) xxxxxxx xxxxxx xxxxxxxxxx. QUITTING! Whrt seems to be wuoni? A. The ogtioini TCP/IP fnieupuinani is blocked by the host fuewrll. B. This is r common behrviou fou r couugpted nmrp rpplicraon. C. OS Scrn ueqgiues uoot puivileied. D. The nmrp syntrx is wuoni.
Aoswern D Question 9 Which of the followini is the iuertest thuert posed by brckgps? A. An gn-encuypted brckgp crn be misplrced ou stolen B. A brck is incomplete becrgse no veuifcraon wrs peufoumed. C. A brckgp is the soguce of Mrlwrue ou illicit infoumraon. D. A brckgp is gnrvrilrble dguini disrsteu uecoveuy.
Aoswern A Question 10 An rtrckeu hrs instrlled r RAT on r host. The rtrckeu wrnts to ensgue thrt when r gseu rtempts to io to www.MyPeusonrlBrnk.com, thrt the gseu is diuected to r phishini site. Which fle does the rtrckeu need to modify? A. Hosts B. Netwouks C. Boot.ini D. Sgdoeus
Aoswern A Question 11 Jesse ueceives rn emril with rn rtrchment lrbeled “CogutmNoacem21200.zip”. Inside the zip fle is r fle nrmed “CogutmNoacem21200.docx.exe” disigised rs r woud docgment. Upon execgaon, r windows rpperus strani, “This woud docgment is couugpt.” In the brckiuognd, the fle copies itself to Jesse APPDATA\locrl diuectouy rnd beiins to bercon to r C2 seuveu to downlord rddiaonrl mrliciogs binruies. Whrt type of mrlwrue hrs Jesse encognteued?
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 5
A. Tuojrn B. Woum C. Key-Loiieu D. Micuo Viugs
Aoswern A Question 12 In 2007, this wiueless secguity rliouithm wrs uendeued gseless by crptguini prckets rnd discoveuini the prsskey in r mrteu of seconds. This secguity frw led to r netwouk invrsion of TJ Mrxx rnd drtr thef thuogih r techniqge known wruduivini. Which rliouithm is this uefeuuini to? A. Wiued Eqgivrlent Puivrcy (WEP) B. Tempourl Key Inteiuity Puotocol (TRIP) C. Wi-Fi Puotected Access (WPA) D. Wi-Fi Puotected Access 2 (WPA2) E.
Aoswern A Question 13 Whrt is the best descuipaon of SQL Injecaon? A. It is r Denirl of Seuvice Atrck. B. It is rn rtrck gsed to modify code in rn rpplicraon. C. It is rnd rtrck gsed to irin gnrgthouized rccess to r drtrbrse. D. It is r Mrn-in-the-Middle rtrck between yogu SQL Seuveu rnd Web App Seuveu.
Aoswern D Question 14 Which of the followini is the sgccessou of SSL? A. RSA B. GRE C. TLS D. IPSec
Aoswern C Question 15 As r Ceuafed Ethicrl hrckeu, yog weue conturcted by r puivrte fum to condgct rn exteunrl secguity rssessment thuogih peneturaon tesani.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 6
Whrt docgment descuibes the specifed of the tesani, the rssocirted violraons, rnd essenarlly puotects both the ouirnizraonns inteuest rnd yogu li rbiliaes rs r testeu? A. Teum of Eniriement B. Non-Disclosgue Aiueement C. Puoject Scope D. Seuvice Level Aiueement
Aoswern B Question 16 Which of the followini is not r Blgetooth rtrck? A. Blgejrckini B. Blgeduivini C. Blgesnrufni D. Blgesmrkini
Aoswern B Question 17 PGP, SSL, rnd IKE rue rll exrmples of which type of cuyptoiurphy? A. Hrsh Aliouithm B. Secuet Key C. Pgblic Key D. Diiest
Aoswern C Question 18 Usini Windows CMD, how wogld rn rtrckeu list rll the shrues to which the cguuent gseu context hrs rccess? A. NET CONFIG B. NET USE C. NET FILE D. NET VIEW
Aoswern D Question 19 Which of these opaons is the most secgue puocedgue fou stuoni brckgp trpes? A. In r climrte contuolled frcility ofsite B. Inside the drtr centeu fou frsteu uetuievrl in r fuepuoof srfe
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 7
C. In r cool duy enviuonment D. On r difeuent foou in the srme bgildini
Aoswern A Question 20 Whrt is the beneft of peufoumini rn gnrnnognced Peneturaon Tesani? A. The testeu will hrve rn rctgrl secguity postgue visibility of the truiet netwouk. B. The testeu cogld not puovide rn honest rnrlysis. C. Netwouk secguity wogld be in r “best strte” postgue. D. It is best to crtch cuiacrl infurstugctgue gnprtched.
Aoswern A Question 21 Whrt does r fuewrll check to puevent pruacglru pouts rnd rpplicraons fuom ietni prckets into rn ouirnizraons? A. Turnspout lryeu pout ngmbeus rnd rpplicraon lryeu herdeus B. Netwouk lryeu herdeus rnd the session lryeu pout ngmbeus C. Applicraon lryeu pout ngmbeus rnd the turnspout lryeu herdeus D. Puesentraon lryeu herdeus rnd the session lryeu pout ngmbeus
Aoswern A Question 22 > NMAP –sn 192.108.11.200-215 The NMAP commrnd rbove peufoums which of the followini? A. A pini scrn B. A turce sweep C. An opeurani system detect D. A pout scrn
Aoswern A Question 23 An Inteunet Seuvice Puovideu (ISP) hrs r need to rgthenacrte gseus connecani gsini rnrloi modems, diiitrl Sgbscuibeu Line (DSL), wiueless drtr seuvices, rnd viutgrl Puivrte Netwouks (VPN) oveu r Furme Relry netwouk. Which AAA puotocol is most likely rble to hrndle this ueqgiuement? A. DIAMETER B. Keubeuos C. RADIUS D. TACACS+
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 8
Aoswern D Question 24 To deteumine if r sofwrue puoiurm puopeuly hrndles r wide urnie of invrlid inpgt, r foum of rgtomrted tesani crn be gsed urndomly ieneurte invrlid inpgt in rn rtempt to cursh the puoiurm. Whrt teum is commonly gsed when uefeuuini to this type of tesani? A. Bogndini B. Mgtrani C. Pgzzini D. Rrndomizini
Aoswern C Question 25 Which of the followini tools crn be gsed fou prssive OS fnieupuinani? A. B. C. D.
tcpdgmp pini nmrp Turceut
Aoswern C Question 26 Yogu comprny peufoums peneturaon tests rnd secguity rssessments fou smrll rnd medigm-sized bgsiness in the locrl rue r. Dguini r uogane secguity rssessment, yog discoveu infoumraon thrt sgiiests yogu client is involved with hgmrn turfckini. Whrt shogld yog do? A. Copy the drtr to uemovrble medir rnd keep it in crse yog need it. B. Iinoue the drtr rnd conange the rssessment gnal completed rs riueed. C. Confuont the client on r uespectgl mrnneu rnd rsk heu rbogt the drtr. D. Immedirtely stop wouk rnd contrct the puopeu leirl rgthouiaes.
Aoswern D Question 27 Yog rue the Systems Administurtou fou r lruie coupourte ouirnizraon. Yog need to monitou rll netwouk turfc on yogu locrl netwouk fou sgspiciogs rcaviaes rnd ueceive noafcraons when rn rtrck is occguuini. Which tool wogld rllow yog to rccomplish this iorl? A. Host-brsed IDS B. Fiuewrll
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 9
C. Netwouk-Brsed IDS D. Puoxy
Aoswern C Question 28 Whrt is r “Collision rtrch” in cuyptoiurphy? A. Collision rtrcks tuy to buerk the hrsh into two pruts, with the srme bytes in erch prut to iet the puivrte key. B. Collision rtrcks tuy to buerk the hrsh into thuee pruts to iet the plrintext vrlge. C. Collision rtrcks tuy to fnd two inpgts puodgcini the srme hrsh. D. Collision rtrcks tuy to iet the pgblic key
Aoswern C Question 29 The “Blrck box tesani” methodoloiy enfouces which kind of uestuicaon? A. Only the exteunrl opeuraon of r system is rccessible to the testeu B. The inteunrl opeuraon of r system is completely known to the testeu. C. Only the inteunrl opeuraon of r system is known to the testeu. D. The inteunrl opeuraon of r system is only prutly rccessible to the testeu.
Aoswern A Question 30 Yognve irined physicrl rccess to r Windows 2008 R2 seuveu which hrs rs rccessible disc duive. When yog rtempt to boot the seuveu rnd loi in, yog rue gnrble to igess the prsswoud. In yogu tool kit yog hrve rn Ubgntg 9.10 Lingx LiveCD. Which Lingx tool hrs the rbility to chrnie rny gseuns prsswoud ou to rcavrte disrbled Windows Accognts? A. John the Rippeu B. CHNTPW C. Crin & Abel D. SET
Aoswern A Question 31 While gsini yogu brnkns online seuvicini yog noace the followini stuini in the URL brur “htpr//www.MyPeusonrlBrnk/Accognt? Id=308940911028389&Drmognt=10980&Crmognt=21” Yog obseuve thrt if yog modify the Drmognt & Crmognt vrlges rnd sgbmit the ueqgest, thrt drtr on the web prie uefect the chrnies. Whrt type of vglneurbility is puesent on this site?
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 10
A. SQL injecaon B. XSS Refecaon C. Web Prurmeteu Trmpeuini D. Cookie Trmpeuini
Aoswern C Question 32 It is r shout-urnie wiueless commgnicraon technoloiy intended to ueplrce the crbles connecani poutrbles of fxed devices while mrintrinini hiih levels of secguity. It rllows mobile phones, compgteus rnd otheu devices to connect rnd commgnicrte gsini r shout-urnie wiueless connecaon. Which of the followini teums best mrtches the defniaon? A. Blgetooth B. Rrdio-Fueqgency Idenafcraon C. WLAN D. InfurRed
Aoswern A Question 33 Whrt is the most common method to exploit the “Brsh Bgi” ou ShellShock” vglneurbility? A. SSH B. SYN Flood C. Mrnipglrte foumrt stuinis in text felds D. Thuogih Web seuveus galizini CGI (Common Grtewry Inteufrce) to send r mrlfoumed enviuonment vruirble to r vglneurble Web seuveu
Aoswern D Question 34 A medigm-sized herlthcrue IT bgsiness decides to implement r uisk mrnriement sturteiy. Which of the followini is NOT one of the fve brsic uesponses to uisk? A. Miairte B. Avoid C. Accept D. Deleirte
Aoswern D Question 35 The phrse will incuerse the odds of sgccess in lrteu phrses of the peneturaon test. It is rlso the veuy fust step in Infoumraon Grtheuini, rnd it will tell yog whrt the “lrndscrpe” looks like.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 11
Whrt is the most impoutrnt phrse of ethicrl hrckini in which yog need to spend r consideurble rmognt of ame? A. Netwouk Mrppini B. Grinini rccess C. Footpuinani D. Escrlrani puivileies
Aoswern C Question 36 Which ueiglraon defnes secguity rnd puivrcy contuols fou Fedeurl infoumraon systems rnd ouirnizraons? A. HIPAA B. EU Srfe Hrubou C. PCI-DSS D. NIST-800-53
Aoswern D Question 37 Which of the followini descuibes the chrurcteuisacs of r Boot Sectou Viugs? A. Oveuwuites the ouiiinrl MBR rnd only execgtes the new viugs code B. Modifes diuectouy trble entuies so thrt diuectouy entuies point to the viugs code insterd of the rctgrl puoiurm C. Moves the MBR to rnotheu locraon on the hrud disk rnd copies itself to the ouiiinrl locraon of the MBR D. Moves the MBR to rnotheu locraon on the RAM rnd copies itself to the ouiiinrl locraon of the MBR
Aoswern C Question 38 Yog rue peufoumini infoumraon irtheuini fou rn impoutrnt peneturaon test. Yog hrve fognd pdf, doc, rnd imries in yogu objecave. Yog decide to exturct metrdrtr fuom these fles rnd rnrlyze it. Whrt tool will help yog with the trsk? A. Aumitrie B. Dimituy C. cdpsnruf D. Metrioofl
Aoswern D Question 39 Which of the followini is rn extuemely common IDS evrsion techniqge in the web would? A. post knockini
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 12
B. sgbnetni C. gnicode chrurcteus D. spywrue
Aoswern C Question 40 When yog rue tesani r web rpplicraon, it is veuy gsefgl to employ r puosy tool to srve eveuy ueqgest rnd uesponse. Nyog crn mrngrlly test eveuy ueqgest rnd rnrlyze the uesponse to fnd vglneurbiliaes. Yog crn test prurmeteu rnd herdeus mrngrlly to iet moue puecise uesglts thrn if gsini web vglneurbility scrnneus. Whrt puoxy tool will help yog fnd web vglneurbiliaes? A. Bgupsgite B. Dimituy C. Puoxychrins D. Mrskien
Aoswern A Question 41 It is r kind of mrlwrue (mrliciogs sofwrue) thrt cuiminrls instrll on yogu compgteu so they crn lock it fuom r uemote locraon. This mrlwrue ieneurtes r pop-gp windows, webprie, ou emril wrunini fuom whrt looks like rn ofcirl rgthouity. It explrins yogu compgteu hrs been locked becrgse of possible illeirl rcaviaes rnd demrnds pryment befoue yog crn rccess yogu fles rnd puoiurms ririn. Which teum best mrtches this defniaon? A. Spywrue B. Adwrue C. Rrnsomwrue D. Riskwrue
Aoswern C Question 42 Which of the followini is rssgued by the gse of r hrsh? A. Avrilrbility B. Confdenarlity C. Agthenacraon D. Inteiuity
Aoswern D Question 43 When yog rue ietni infoumraon rbogt r web seuveu, it is veuy impoutrnt to know the HTTP Methods (GET, POST,
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 13
HEAD, PUT, DELETE, TRACE) thrt rue rvrilrble becrgse theue rue two cuiacrl methods (PUT rnd DELETE). PUT crn gplord r fle to the seuveu rnd DELETE crn delete r fle fuom the seuveu. Yog crn detect rll these methods (GET, POST, HEAD, PUT, DELETE, TRACE) gsini NMAP scuipt eniine. Whrt nmrp scuipt will help yog with this trsk? A. htp engm B. htp-iit C. htp-herdeus D. htp-methods
Aoswern B Question 44 Dguini r blrckbox pen test yog rtempt to prss IRC turfc oveu post 80/TCP fuom r compuomised web enrbled host. The turfc iets blocked; howeveu ogtbognd HTTP turfc is gnimpeded. Whrt type of fuewrll is inspecani ogtbognd turfc? A. Ciucgit B. Prcket Filteuini C. Applicraon D. Strtefgl
Aoswern C Question 45 A comprnyns secguity strtes thrt rll web buowseus mgst rgtomracrlly delete theiu HTTP buowseu cookies gpon teuminrani. Whrt sout of secguity buerch is this policy rtempani to miairte? A. Atempts by rtrckeus to deteumine the gseu's Web buowseu gsrie prteuns, inclgdini when sites weue visited rnd fou how loni. B. Atempts by rtrckeus to rccess prsswouds stoued on the gseu's compgteu withogt the gseu's knowledie. C. Atempts by rtrckeus to rccess Web sites thrt tugst the Web buowseu gseu by sterlini the gseu's rgthenacraon cuedenarls. D. Atempts by rtrcks to rccess the gseu rnd prsswoud infoumraon stoues in the comprny's SQL drtrbrse.
Aoswern C Question 46 Yognve jgst been hiued to peufoum r pen test on rn ouirnizraon thrt hrs been sgbjected to r lruie-scrle rtrck. The CIO is conceuned with miairani thuerts rnd vglneurbiliaes to totrlly eliminrte uisk. Whrt is one of the fust thini yog shogld to when the job? A. Strut the wiueshruk rpplicraon to strut snifni netwouk turfc. B. Estrblish rtuibgaon to sgspected rtrckeus. C. Explrin to the CIO thrt yog crnnot eliminrte rll uisk, bgt yog will be rble to uedgce uisk to rcceptrble levels. D. Inteuview rll employees in the comprny to ugle ogt possible insideu thuerts.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 14
Aoswern C Question 47 Which of the followini secguity opeuraons is gsed fou deteuminini the rtrck sgufrce of rn ouirnizraon? A. Reviewini the need fou r secguity clerurnce fou erch employee B. Rgnnini r netwouk scrn to detect netwouk seuvices in the coupourte DMZ C. Turinini employees on the secguity policy ueirudini socirl eniineeuini D. Usini configuraon mrnriement to deteumine when rnd wheue to rpply secguity prtches
Aoswern B Question 48 Peuspecave clients wrnt to see srmple uepouts fuom pueviogs peneturaon tests. Whrt shogld yog do next? A. Shrue fgll uepouts, not uedrcted. B. Shrue fgll uepouts, with uedrcted. C. Decline bgt, puovide uefeuences. D. Shrue uepouts, rfeu NDA is siined.
Aoswern B Question 49 Which of the followini strtements is TRUE? A. Snifeus opeuraon on Lryeu 3 of the OSI model B. Snifeus opeuraon on Lryeu 2 of the OSI model C. Snifeus opeuraon on the Lryeu 1 of the OSI model D. Snifeus opeuraon on both Lryeu 2 & Lryeu 3 of the OSI model
Aoswern D Question 50 Jimmy is strndini ogtside r secgue enturnce to r frcility. He is puetendini to hrvini r tense conveusraon on his cell phone rs rn rgthouized employee brdies in. Jimmy, while sall on the phone, iurbs the doou rs it beiins to close. Whrt jgst hrppened? A. Mrsqgrdini B. Phishini C. Whrlini D. Piiiybrckini
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 15
Aoswern D Question 51 The herutlrnd bgi wrs discoveued in 2014 rnd is widely uefeuued to gndeu MITREns Common Vglneurbiliaes rnd Exposgues (CVE) rs CVE-2004-1000. This bgi rfects the OpenSSL implementraon of the turnspout Lryeu secguity (TLS) puotocols defned in RFC0520. Whrt types of key does this bgi lerve exposed to the Inteunet mrkini exploitraon of rny compuomised system veuy ersy? A. Root B. Puivrte C. Shrued D. Pgblic
Aoswern A Question 52 Yog wouk rs r Secguity Anrlyst fou r uetril ouirnizraon. In secguini the comprny's netwouk, yog set gp r fuewrll rnd rn IDS. Howeveu, hrckeus rue rble to rtrck the netwouk. Afeu invesairani, yog discoveu thrt yogu IDS is not configued puopeuly rnd theuefoue is gnrble to tuiiieu rlrums when needed. Whrt type of rleut is the IDS iivini? A. Frlse Neirave B. Tuge Neirave C. Tuge Posiave D. Frlse Posiave
Aoswern A Question 53 This inteunraonrl ouirnizraon ueiglrtes billions of turnsrcaons drily rnd puovides secguity igidelines to puotect peusonrlly idenafrble infoumraon (PII). These secguity contuols puovide r brseline rnd puevent low-level hrckeus someames known rs scuipt kiddies fuom crgsini r drtr buerch. Which of the followini ouirnizraons is beini descuibed? A. Pryment Crud Indgstuy (PCI) B. Inteunraonrl Secguity Indgstuy Ouirnizraon (ISIO) C. Insatgte of Electuicrl rnd Electuonics Eniineeus (IEEE) D. Centeu fou Diserse Contuol (CDC)
Aoswern B Question 54 Which of the followini tools peufoums compuehensive tests ririnst web seuveus, inclgdini drnieuogs fles rnd CGI's? A. Snout
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 16
B. Dsnif C. Nikto D. John the Rippeu
Aoswern C Question 55 Which of the followini is the stugctgue desiined to veuify rnd rgthenacrte the idenaty of individgrls within the enteupuise trkini prut in r drtr exchrnie? A. PKI B. biometuics C. SOA D. sinile siin on
Aoswern A Question 56 The chrnce of r hrud duive frilgue is once eveuy thuee yerus. The cost to bgy r new hrud duive is ~300. It will ueqgiue 10 hogus to uestoue the OS rnd sofwrue to the new hrud disk. It will ueqgiue r fgutheu 4 hogus to uestoue the drtrbrse fuom the lrst brckgp to the new hrud disk. The uecoveuy peuson eruns ~10/hogu. Crlcglrte the SLE, ARO, rnd ALE. Assgme the EF = 1 (100%). Whrt is the closest rppuoximrte cost of this ueplrcement rnd uecoveuy opeuraon peu yeru? A. ~100 B. ~140 C. 440 D. 1320
Aoswern B Question 57 An rtrckeu chrnies the puofle infoumraon of r pruacglru gseu on r truiet website (the vicam). The rtrckeu gses this stuini to gpdrte the vicam's puofle to r text fle rnd then sgbmit the drtr to the rtrckeuns drtrbrse. Whrt is this type of rtrck (thrt crn gse eitheu HTTP GET ou HRRP POST) crlled? A. Cuoss-Site Reqgest Fouieuy B. Cuoss-Site Scuipani C. SQL Injecaon D. Buowseu Hrckini
Aoswern A Question 58
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 17
Yog rue trsked to peufoum r peneturaon test. While yog rue peufoumini infoumraon irtheuini, yog fnd rb employee list in Gooile. Yog fnd uecepaonistns emril, rnd yog send heu rn emril chrniini the soguce emril to heu bossns emril ( boss@comprny ). In this emril, yog rsk fou r pdf with infoumraon. She uerds yogu emril rnd sends brck r pdf with links. Yog exchrnie the pdf links with yogu mrliciogs links (these links contrin mrlwrue) rnd send brck the modifed pdf, sryini thrt the links donnt wouk. She uerds yogu emril, opens the links, rnd heu mrchine iets infected. Whrt tesani method did yog gse? A. Piiiybrckini B. Trilirani C. Evesduoppini D. Socirl eniineeuini
Aoswern D Question 59 Which of the followini is r puotocol specifcrlly desiined fou turnspouani event messries? A. SMS B. SNMP C. SYSLOG D. ICMP
Aoswern C Question 60 Which of the followini is component of r uisk rssessment? A. Loiicrl inteufrce B. DMZ C. Administurave srfeigruds D. Physicrl secguity
Aoswern C Question 61 Which of the followini is r desiin prteun brsed on disanct pieces of sofwrue puovidini rpplicraon fgncaonrlity rs seuvices to otheu rpplicraons? A. Lern Codini B. Seuvice Ouiented Auchitectgue C. Object Ouiented Auchitectgue D. Aiile Puocess
Aoswern B Question 62 ________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 18
A comprnyns Web development term hrs become rwrue of r ceutrin type of secguity vglneurbility in theiu Web sofwrue. To miairte the possibility of this vglneurbility beini exploited, the term wrnts to modify the sofwrue ueqgiuements to disrllow gseus fuom enteuini HTML rs inpgt into theiu Web rpplicraon. Whrt kind of web rpplicraon vglneurbility likely exists in theiu sofwrue? A. Web site defrcement vglneurbility B. SQL injecaon vglneurbility C. Cuoss-site Scuipani vglneurbility D. Cuoss-site Reqgest Fouieuy vglneurbility
Aoswern C Question 63 It is rn enaty ou event with the potenarl to rdveusely imprct r system thuogih gnrgthouized rccess destugcaon disclosgues denirl of seuvice ou modifcraon of drt r. Which of the followini teums best mrtches this defniaon? A. Thuert B. Atrck C. Risk D. Vglneurbility
Aoswern A Question 64 Yogu term hrs won r conturct to inflturte rn ouirnizraon. The comprny wrnts to hrve the rtrck be r uerlisac rs possible; theuefoue, they did not puovide rny infoumraon besides the comprny nrme. Whrt shogld be the fust step in secguity tesani the client? A. Scrnnini B. Escrlraon C. Engmeuraon D. Reconnrissrnce
Aoswern D Question 65 A peneturaon testeu is condgcani r pout scrn on r specifc host. The testeu fognd seveurl pouts opened thrt weue confgsini in conclgdini the Opeurani System (OS) veusion instrlled. Consideuini the NMAP uesglt below, which of the follow is likely to be instrlled on the truiet mrchine by the OS? Struani NMAP 5.21 rt 2011-03-15 11r00 NMAP scrn uepout fou 172.10.40.05 Host is gp (1.00s lrtency). Not shownr 993 closed pouts PORT STATE SERVICE 21/tcp open fp 23/tcp open telnet 80 /tcp open htp 139/tcp open netbios-ssn 515/tcp open 031/tec open ipp 9100/tcp open MAC Adduessr 00r00r48r0DrEEr8 A. The host is likely r puinteu.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 19
B. The host is likely r uogteu. C. The host is likely r Lingx mrchine. D. The host is likely r Windows mrchine.
Aoswern A Question 66 A hrckeu hrs sgccessfglly infected rn inteunet-frcini seuveu, which he will then gse to send jgnk mril, trke prut in cooudinrted rtrcks, ou host jgnk emril content. Which sout of tuojrn infects this seuveu? A. Botnet Tuojrn B. Brnkini Tuojrns C. Rrnsomwrue Tuojrns D. Tgutle Tuojrns
Aoswern A Question 67 Yog hrve compuomised r seuveu rnd sgccessfglly irined r uoot rccess. Yog wrnt to pivot rnd prss turfc gndetected oveu the netwouk rnd evrde rny possible Intugsion Detecaon System. Whrt is the best rppuorch? A. Instrll rnd gse Telnet to encuypt rll ogtioini turfc fuom this seuveu. B. Instrll Cuyptcrt rnd encuypt ogtioini prckets fuom this seuveu C. Use Alteunrte Drtr Stuerms to hide the ogtioini prckets fuom this seuveu. D. Use HTTP so thrt rll turfc crn be uogted vir r buowseu, thgs evrdini the inteunrl Intugsion Detecaon Systems.
Aoswern A Question 68 It is r vglneurbility in GNUns brsh shell, discoveued in Septembeu of 2004, thrt iives rtrckeus rccess to ugn uemote commrnds on r vglneurble system. The mrliciogs sofwrue crn trke contuol of rn infected mrchine, lrgnch denirl-of seuvice rtrcks to disugpt websites, rnd scrn fou otheu vglneurble devices (inclgdini uogteus). Which of the followini vglneurbiliaes is beini descuibed? A. Shellshock B. Rootshock C. Shellbrsh D. Rootshell
Aoswern A Question 69 env x= ‘(){ r;};echo exploit ‘ brsh –c ‘crt /etc/prsswd
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 20
Whrt is the Shellshock brsh vglneurbility rtempani to do on rn vglneurble Lingx host? A. Add new gseu to the prsswd fle B. Displry prsswd contents to puompt C. Chrnie rll prsswoud in prsswd D. Remove the prsswd fle.
Aoswern B Question 70 Yogu comprny wrs hiued by r smrll herlthcrue puovideu to peufoum r technicrl rssessment on the netwouk. Whrt is the best rppuorch fou discoveuini vglneurbiliaes on r Windows-brsed compgteu? A. Use the bgilt-in Windows Updrte tool B. Cuerte r disk imrie of r clern Windows instrllraon C. Check MITRE.oui fou the lrtest list of CVE fndinis D. Used r scrn tool like Nessgs
Aoswern D Question 71 To mrintrin complirnce with ueiglrtouy ueqgiuements, r secguity rgdit of the systems on r netwouk mgst be peufoumed to deteumine theiu complirnce with secguity policies. Which one of the followini tools wogld most likely be gsed in sgch rs rgdit? A. Pout scrnneu B. Puotocol rnrlyzeu C. Vglneurbility scrnneu D. Intugsion Detecaon System
Aoswern C Question 72 The netwouk rdministurtou contrcts yog rnd tells yog thrt she noaced the tempeurtgue on the inteunrl wiueless uogteu incuerses by moue thrn 20% dguini weekend hogus when the ofce wrs closed. She rsks yog to invesairte the issge becrgse she is bgsy derlini with r bii confeuence rnd she doesnnt hrve ame to peufoum the trsk. Whrt tool crn yog gse to view the netwouk turfc beini sent rnd ueceived by the wiueless uogteu? A. Netcrt B. Wiueshruk C. Nessgs D. Netstrt
Aoswern B Question 73 ________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 21
Yog rue gsini NMAP to uesolve domrin nrmes into IP rdduesses fou r pini sweep lrteu. Which of the followini commrnds looks fou IP rdduesses? A. >host –t ns hrckeddomrin.com B. >host –t AXFR hrckeddomrin.com C. >host –t sor hrckeddomrin.com D. >host –t r hrckeddomrin.com
Aoswern D Question 74 Which mode of IPSec shogld yog gse to rssgue secguity rnd confdenarlity of drtr within the srme LAN? A. ESP confdenarl B. AH Tgnnel mode C. ESP turnspout mode D. AH peumiscgogs
Aoswern C Question 75 Which of the followini is the lerst-likely physicrl chrurcteuisac to be gsed in biometuic contuol thrt sgppouts r lruie comprny? A. Iuis prteuns B. Voice C. Finieupuints D. Heiiht rnd Weiiht
Aoswern D Question 76 When yog rue collecani infoumraon to peufoum r drtr rnrlysis, Gooile commrnds rue veuy gsefgl to fnd sensiave infoumraon rnd fles. These fles mry contrin infoumraon rbogt prsswouds, system fgncaons, ou docgmentraon. Whrt commrnd will help yog to seruch fles gsini Gooile rs r seruch eniine? A. siter truiet.com flerxls gseunrme prsswoud emril B. domrinr truiet.com ruchiverxls gseunrme prsswoud emril C. siter truiet.com fletyperxls gseunrme prsswoud emril D. ingulr truiet.com flenrmerxls gseunrme prsswoud emril
Aoswern C Question 77
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 22
Yog hrve sgccessfglly irined rccess to yogu clientns inteunrl netwouk rnd sgccessfglly compuised r lingx seuveu which is prut of the inteunrl IP netwouk. Yog wrnt to know which Micuosof Windows woukstraon hrve the shruini enrbled. Which pout wogld yog see listenini on these Windows mrchines in the netwouk? A. 1443 B. 3389 C. 101 D. 445
Aoswern D Question 78 Which of the followini prurmeteus descuibe LM Hrshr I – The mrximgm prsswoud lenith is 14 chrurcteus. II – Theue rue no disancaons between gppeucrse rnd loweucrse. III – Itns r simple rliouithm, so 10,000,000 hrshes crn be ieneurted peu second. A. I B. I rnd II C. II D. I, II rnd III
Aoswern D Question 79 Whrt is the puocess of loiiini, uecoudini, rnd uesolvini events thrt trke plrce in rn ouirnizraon? A. Metuics B. Secguity Policy C. Inteunrl Puocedgue D. Incident Mrnriement Puocess
Aoswern D Question 80 A netwouk rdministurtou discoveus seveurl gnknown fles in the uoot diuectouy of his Lingx FTP seuveu. One of the fles is r trubrll, two rue shrll scuipt fles, rnd the thiud is r binruy fle is nrmed “nc.” The FTP seuveuns rccess lois show thrt the rnonymogs gseu rccognt loiied in the seuveu, gplorded the fles, rnd exturcted the contents of the trubrll rnd urn the scuipt gsini r fgncaon puovided by the FTP seuveuns sofwrue. The ps commrnd shows thrt the nc fle is ugnnini rs puocess, rnd the netstrt commrnd shows the nc puocess is listenini on r netwouk pout. Which kind of vglneurbility mgst be puesent to mrke this uemote rtrck possible? A. File system peumissions B. Bugte Fouce Loiin C. Puivileie Escrlraon D. Diuectouy Turveusrl
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 23
Aoswern D Question 81 Yog rue loiied in rs r locrl rdmin on r Windows 7 system rnd yog need to lrgnch the Compgteu Mrnriement Console fuom commrnd line. Which commrnd wogld yog gse? A. cr\seuvices.msc B. cr\ncpr.cp C. cr\compmimt.msc D. cr\ipedit
Aoswern C Question 82 Yog hrve sgccessfglly compuised r seuveu hrvini rn IP rdduess of 10.10.0.5. Yog wogld like to engmeurte rll mrchines in the srme netwouk qgickly. Whrt is the best nmrp commrnd yog will gse? A. Nmrp –T4 –F 10.10.0.0/24 B. Nmrp –T4 –q 10.10.0.0/24 C. Nmrp –T4 –O 10.10.0.0/24 D. Nmrp –T4 –u 10.10.0.0/24
Aoswern A Question 83 The “white box tesani” methodoloiy enfouces whrt kind of uestuicaon? A. The inteunrl opeuraon of r system is completely known to the testeu. B. Only the inteunrl opeuraon of r system is known to the testeu. C. Only the exteunrl opeuraon of r system is rccessible to the testeu. D. The inteunrl opeuraon of r system is only prutly rccessible to the testeu.
Aoswern A Question 84 Risk = Thuerts x Vglneurbiliaes is uefeuued to rs ther A. Thuert rssessment B. Disrsteu uecoveuy foumglr C. BIA eqgraon D. Risk eqgraon
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 24
Aoswern D Question 85 An Intugsion Detecaon System (IDS) hrs rleuted the netwouk rdministurtou to r possibly mrliciogs seqgence of prckets went to r Web seuveu in the netwoukns exteunrl DMZ. The prcket turfc wrs crptgued by the IDS rnd srved to r PCAP fle. Whrt type of netwouk tool crn be gsed to deteumine if these prckets rue ienginely mrliciogs ou simply r frlse posiave? A. Puotocol rnrlyzeu B. Intugsion Puevenaon System (IPS) C. Vglneurbility scrnneu D. Netwouk snifeu
Aoswern B Question 86 The Open Web Applicraon Secguity Puoject (OWASP) is the wouldwide not-fou-puoft chruitrble ouirnizraon focgsed on impuovini the secguity of sofwrue. Whrt item is the puimruy conceun on OWASPns Top Ten Puoject most Cuiacrl Web rpplicraon Secguity Rgles? A. Injecaon B. Cuoss site Scuipani C. Cuoss site Reqgest Fouieuy D. Prth Disclosgue
Aoswern A Question 87 Afeu tuyini mglaple exploits, yognve irined uoot rccess to r Centos 0 rnsweu. To ensgue yog mrintrin rccess. Whrt wogld yog do fust? A. Disrble IPTrbles B. Cuerte Useu Accognt C. Downlord rnd Instrll Netcrt D. Disrble Key Seuvices
Aoswern C Question 88 Which method of prsswoud curckini trkes the most ame rnd efect? A. Rrinbow Trbles B. Shogldeu sgufni C. Bugce fouce
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 25
D. Diuectouy rtrck
Aoswern C Question 89 Which of the followini types of fuewrlls ensgues thrt the prckets rue prut of the estrblished session? A. Switch-level fuewrll B. Strtefgl inspecaon fuewrll C. Applicraon-level fuewrll D. Ciucgit-level fuewrll
Aoswern B Question 90 Which of the followini tools is gsed to detect wiueless LANs gsini the 802.11r/b/i/n WLAN strndruds on r lingx plrtoum? A. Kismet B. Netstgmbleu C. Abel D. Nessgs
Aoswern A Question 91 Which of the followini is the BEST wry to defend ririnst netwouk snifni? A. Usini encuypaon puotocols to secgue netwouk commgnicraons B. Restuict Physicrl Access to Seuveu Rooms hosani Cuiacrl Seuveus C. Use Strac IP Adduess D. Reiisteu rll mrchines MAC Adduess in r centurlized Drtrbrse
Aoswern A Question 92 Session splicini is rn IDS evrsion techniqge in which rn rtrckeu deliveus drtr in mglaple, smrllsized prckets to the truiet compgteu, mrkini it veuy difcglt fou rn IDS to detect the rtrck siinrtgues. Which tool crn gsed to peufoum session splicini rtrcks? A. Hydur B. Bgup C. Whiskeu D. Tcpsplice
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 26
Aoswern C Question 93 Dguini r secguity rgdit of IT puocesses, rn IS rgditou fognd thrt theue wrs no docgmented secguity puocedgues. Whrt shogld the IS rgditou do? A. Teuminrte the rgdit. B. Idenafy rnd evrlgrte exisani purcaces. C. Cuerte r puocedgues docgment D. Condgct complirnce tesani
Aoswern B Question 94 Which of the followini is r low-tech wry of irinini gnrgthouized rccess to systems? A. Snifni B. Socirl eniineeuini C. Scrnnini D. Ervesduoppini
Aoswern B Question 95 Which tool rllows rnrlysis rnd pen testeus to exrmine links between drtr gsini iurphs rnd link rnrlysis? A. Metrsploit B. Mrlteio C. Wiueshruk D. Crin & Abel
Aoswern B Question 96 Yog hrve sgccessfglly compuomised r mrchine on the netwouk rnd fognd r seuveu thrt is rlive on the srme netwouk. Yog tuied to pini bgt yog didnnt iet rny uesponse brck. Whrt is hrppenini? A. TCP/IP doesnnt sgppout ICMP. B. ICMP cogld be disrbled on the truiet seuveu. C. The ARP is disrbled on the truiet seuveu. D. Yog need to ugn the pini commrnd with uoot puivileies.
Aoswern A
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 27
Question 97 The secguity concept of “sepruraon of dgaes” is most similru to the opeuraon of which type of secguity device? A. Brsaon host B. Honeypot C. Fiuewrll D. Intugsion Detecaon System
Aoswern C Question 98 The pgupose of r mmmmmmmmmmmm is to deny netwouk rccess to locrl ruer netwouks rnd otheu infoumraon rssets by gnrgthouized wiueless devices. A. Wiueless Access Point B. Wiueless Anrlyzeu C. Wiueless Access Contuol list D. Wiueless Intugsion Puevenaon System
Aoswern D Question 99 Yog jgst set gp r secguity system in yogu netwouk. In whrt kind of system wogld yog fnd the followini stuini of chrurcteus gsed rs r ugle within its configuraon? rleut tcp rny rny -> 192.108.100.0/24 21 (msir "FTP on the netwouk!";) A. A fuewrll IPTrble B. A Rogteu IPTrble C. An Intugsion Detecaon System D. FTP Seuveu ugle
Aoswern C Question 100 Pout scrnnini crn be gsed rs prut of r technicrl rssessment to deteumine netwouk vglneurbiliaes. The TCP XMAS scrn is gsed to idenafy listenini pout on the truieted system. If r scrnned pout is open, whrt hrppens? A. The pout will iinoue the prckets. B. The pout will send rn RST. C. The pout will send rn ACK. D. The pout will send r SYN.
Aoswern A ________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 28
Question 101 This rsymmetuy ciptheu is brsed on frctouini the puodgct of two lruie puime ngmbeus. Whrt cipheu is descuibed rbove? A. SHA B. RC5 C. RSA D. MD5
Aoswern C Question 102 How does the Adduess Resolgaon Puotocol (ARP) wouk? A. It sends r ueply prcket fou r specifc IP, rskini fou the MAC rdduess. B. It sends r ueply prcket to rll the netwouk elements, rskini fou the MAC rdduess fuom r specifc IP. C. It sends r ueqgest prcket to rll the netwouk elements, rskini fou the domrin nrme fuom r specifc IP. D. It sends r ueqgest prcket to rll the netwouk elements, rskini fou the MAC rdduess fuom r specifc IP.
Aoswern D Question 103 Which of the followini is desiined to indenafy mrliciogs rtempts to peneturte systems? A. Puoxy B. Rogteu C. Fiuewrll D. Intugsion Detecaon System
Aoswern D Question 104 When yog uetgun to yogu desk rfeu r lgnch buerk, yog noace r sturnie emril in yogu inbox. The sendeus is someone yog did bgsiness with uecently bgt the sgbject line hrs sturnie chrurcteus in it. Whrt shogld yog do? A. Fouwrud the messrie to yogu comprnyns secguity uesponse term rnd peumrnently delete the messrie fuom yogu compgteu. B. Delete the emril rnd puetend nothini hrppened. C. Fouwrud the messrie to yogu sgpeuvisou rnd rsk fou heu opinion on how to hrndle the sitgraon. D. Reply to the sendeu rnd rsk them fou moue infoumraon rbogt the messrie contents.
Aoswern A
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 29
Question 105 A common cuyptoiurphicrlly tool is the gse of XOR. XOR the followini binruy vrlger 10110001 00111010 A. 10001011 B. 10011101 C. 11011000 D. 10111100
Aoswern A Question 106 A Reiionrl brnk hiues yogu comprny to peufoum r secguity rssessment on theiu netwouk rfeu r uecent drtr buerch. The rtrckeu wrs rble to sterl fnrncirl drtr fuom the brnk by compuomisini only r sinile seuveu. Brsed on this infoumraon, whrt shogld be one of yogu key uecommendraons to the brnk? A. Move the fnrncirl drtr to rnotheu seuveu on the srme IP sgbnet B. Plrce r fuont-end web seuveu in r demilitruized zone thrt only hrndles exteunrl web turfc C. Issge new ceuafcrtes to the web seuveus fuom the uoot ceuafcrte rgthouity D. Reqgiue rll employees to chrnie theiu prsswouds immedirtely
Aoswern A Question 107 It is r ueiglraon thrt hrs r set if igideline, which shogld be rdheued to by rnyone who hrndles rny electuonic medicrl drt r. These igidelines sapglrte thrt rll medicrl purcaces mgst ensgue thrt rll necessruy mersgues rue in plrce while srvini, rccessini, rnd shruini rny electuonic medicrl drtr to keep praent drtr secgue. Which of the followini ueiglraons best mrtches the descuipaon? A. HIPAA B. COBIT C. ISO/IEC 27002 D. FISMA
Aoswern A Question 108 Which of the followini strtements ueirudini ethicrl hrckini is incouuect? A. Tesani shogld be uemotely peufoumed ofsite. B. Ethicrl hrckeus shogld neveu gse tools thrt hrve potenarl of exploiani vglneurbiliaes in the ouirnizraons IT system. C. Ethicrl hrckini shogld not involve wuiani to ou modifyini the truiet systems. D. An ouirnizraon shogld gse ethicrl hrckeus who do not sell hrudwrue/sofwrue ou otheu consglani seuvices.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 30
Aoswern B Question 109 Which of the followini is consideued the best wry to puevent Peusonrlly Idenafrble Infoumraon (PII) fuom web rpplicraon vglneurbiliaes? A. Use encuypted commgnicraons puotocols to turnsmit PII B. Use fgll disk encuypaon on rll hrud duives to puotect PII C. Use cuyptoiurphic stourie to stoue rll PII D. Use r secguity token to loi onto into rll Web rpplicraon thrt gse PII
Aoswern A Question 110 Undeu the “Post-rtrch Phrse rnd Acaviaes,” it is the uesponsibility of the testeu to uestoue the system to r pue-test strte. Which of the followini rcaviaes shogld not be inclgded in this phrse? I. Removini rll fles gplorded on the system II. Clernini rll ueiistuy entuies III. Mrppini of netwouk strte IV. Removini rll tools rnd mrintrinini brckdoou fou uepouani A. III B. IV C. III rnd IV D. All shogld be inclgded.
Aoswern A Question 111 Ricrudo wrnts to send secuet messries to r compeatou comprny. To secgue these messries, he gses r techniqge of hidini r secuet messrie within rn oudinruy messrie, the techniqge puovides 'secguity thuogih obscguity'. Whrt techniqge is Ricrudo gsini? A. RSA rliouithm B. Steirnoiurphy C. Encuypaon D. Pgblic-key cuyptoiurphy
Aoswern B Question 112 Yog hrve sgccessfglly irined rccess to r lingx seuveu rnd wogld like to ensgue thrt the sgcceedini ogtioini turfc fuom the seuveu will not be crgiht by r Netwouk Brsed Intugsion Detecaon System (NIDS).
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 31
Which is the best wry to evrde the NIDS? A. Ogt of brnd siinrlini B. Encuypaon C. Alteunrte Drtr Stuerms D. Puotocol Isolraon
Aoswern B Question 113 An rtrckeu irins rccess to r Web seuveuns drtrbrse rnd displry the contents of the trble thrt holds rll of the nrmes, prsswouds, rnd otheu gseu infoumraon. The rtrckeu did this by enteuini infoumraon into the Web site's gseu loiin prie thrt the sofwrue's desiineus did not expect to be enteued. This is rn exrmple of whrt kind of sofwrue desiin puoblem? A. Insgfcient secguity mrnriement B. Insgfcient drtrbrse hrudenini C. Insgfcient excepaon hrndlini D. Insgfcient inpgt vrlidraon
Aoswern D Question 114 Yog rue peufoumini r peneturaon test. Yog rchieved rccess vir r bgfeu oveufow exploit rnd yog puoceed to fnd inteuesani drtr, sgch rs fles with gseunrmes rnd prsswouds. Yog fnd r hidden foldeu thrt hrs the rdministurtouns brnk rccognt prsswoud rnd loiin infoumraon fou the rdministurtouns bitcoin rccognt. Whrt shogld yog do? A. Do not turnsfeu the money bgt sterl the bitcoins. B. Repout immedirtely to the rdministurtou. C. Turnsfeu money fuom the rdministurtouns rccognt to rnotheu rccognt. D. Do not uepout it rnd conange the peneturaon test.
Aoswern B Question 115 Which of the followini is r commrnd line prcket rnrlyzeu similru to GUI-brsed Wiueshruk? A. Jrck the uippeu B. nessgs C. tcpdgmp D. etheuerl
Aoswern C Question 116 ________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 32
Yog rue rtempani to mrn-in-the-middle r session. Which puotocol will rllow yog to igess r seqgence ngmbeu? A. ICMP B. TCP C. UDP D. UPX
Aoswern B Question 117 Which of the followini incident hrndlini puocess phrses is uesponsible fou defnini ugles, cuerani r brck-gp plrn, rnd tesani the plrns fou rn enteupuise? A. Puepruraon phrse B. Recoveuy phrse C. Idenafcraon phrse D. Contrinment phrse
Aoswern A Question 118 Whrt teum descuibes the rmognt of uisk thrt uemrins rfeu the vglneurbiliaes rue clrssifed rnd the cognteumersgues hrve been deployed? A. Inheuent Risk B. Residgrl Risk C. Defeuued Risk D. Imprct Risk
Aoswern B Question 119 The “Gury box tesani” methodoloiy enfouces whrt kind of uestuicaon? A. Only the exteunrl opeuraon of r system is rccessible to the testeu. B. Only the inteunrl opeuraon of r system is known to the testeu. C. The inteunrl opeuraon of r system is completely known to the testeu. D. The inteunrl opeuraon of r system is only prutly rccessible to the testeu.
Aoswern D Question 120 Nraon-strte thuert rctous ofen discoveu vglneurbiliaes rnd hold on to them gnal they wrnt to lrgnch r sophisacrted rtrck. The Stgxnet rtrck wrs rn gnpuecedented style of rtrck becrgse it gsed fogu types of this vglneurbility.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 33
Whrt is this style of rtrck crlled? A. zeuo-hogu B. no-dry C. zeuo-dry D. zeuo-sgm
Aoswern C Question 121 Yog rue r Netwouk Secguity Ofceu. Yog hrve two mrchines. The fust mrchine (192.108.0.99) hrs snout instrlled, rnd the second mrchine (192.108.0.150) hrs kiwi sysloi instrlled. Yog peufoum r syn scrn in yogu netwouk, rnd yog noace thrt kiwi sysloi is not ueceivini the rleut messrie fuom snout. Yog decide to ugn wiueshruk in the snout mrchine to check if the messries rue ioini to the kiwi sysloi mrchine. Whrt wiueshruk flteu will show the connecaons fuom the snout mrchine to kiwi sysloi mrchine? A. tcp.dstpout==514 && ip.dst==192.108.0.150 B. tcp.dstpout==514 && ip.dst==192.108.0.99 C. tcp.sucpout==514 && ip.suc==192.108.0.99 D. tcp.sucpout==514 && ip.suc==192.108.150
Aoswern A Question 122 Dguini r uecent secguity rssessment, yog discoveu the ouirnizraon hrs one Domrin Nrme Seuveu (DNS) in r Demilitruized Zone (DMZ) rnd r second DNS seuveu on the inteunrl Netwouk. Whrt is this type of DNS configuraon commonly crlled? A. DNS Scheme B. DynDNS C. Split DNS D. DNSSEC
Aoswern C Question 123 A new wiueless client is configued to join r 802.11 netwouk. This client gses the srme hrudwrue rnd sofwrue rs mrny of the otheu clients on the netwouk. The client crn see the netwouk, bgt crnnot connect. A wiueless prcket snifeu shows thrt the Wiueless Access Point (WAP) is not uespondini to the rssociraon ueqgests beini sent by the wiueless client. Whrt is r possible soguce of this puoblem? A. The client crnnot see the SSID of the wiueless netwouk B. The wiueless client is not configued to gse DHCP C. The WAP does not uecoinize the client's MAC rdduess D. Client is configued fou the wuoni chrnnel
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 34
Aoswern C Question 124 Yog hrve seveurl plrin-text fuewrll lois thrt yog mgst ueview to evrlgrte netwouk turfc. Yog know thrt in oudeu to do this frst rnd efciently yog mgst gseu ueiglru expuessions. Which commrnd-line gality rue yog most likely to gse? A. Noteprd B. MS Excel C. Guep D. Relraonrl Drtrbrse
Aoswern C Question 125 Iniarani rn rtrck ririnst truieted bgsinesses rnd ouirnizraons, thuert rctous compuomise r cruefglly selected website by inseuani rn exploit uesglani in mrlwrue infecaon. The rtrckeus ugn exploits on well-known rnd tugsted sites likely to be visited by theiu truieted vicams. Aside fuom cruefglly choosini sites to compuomise, these rtrcks rue known to incoupourte zeuo-dry exploits thrt truiet gnprtched vglneurbiliaes. Thgs, the truieted enaaes rue lef with litle ou no defense ririnst these exploits. Whrt type of rtrck is ogtlined in the scenruio? A. Wrteuini Hole Atrck B. Speru Phisini Atrck C. Herutbleed Atrck D. Shellshock Atrck
Aoswern A
________________________________________________________________________________________________
http://www. testinsides.com/
Eccouncil
312-50V9 PRACTICE EXAM EC-Council Certified Ethical Hacker v9
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 2
Product Questions: 125 Version: 8.0 Question 1 The configuraon rllows r wiued ou wiueless netwouk inteufrce contuolleu to prss rll turfce it ueceives to the centurl puocessini gnit (CPU), urtheu thrn prssini only the furmes thrt the contuolleu is intended to ueceive. Which of the followini is beini descuibed? A. WEM B. Mgla-crst mode C. Puomiscgogs mode D. Pout fouwrudini
Aoswern B Question 2 In Risk Mrnriement, how is the teum “likelihood” uelrted to the concept of “thuert?” A. Likelihood is the puobrbility thrt r vglneurbility is r thuert-soguce. B. Likelihood is r possible thuert-soguce thrt mry exploit r vglneurbility. C. Likelihood is the likely soguce of r thuert thrt cogld exploit r vglneurbility. D. Likelihood is the puobrbility thrt r thuert-soguce will exploit r vglneurbility.
Aoswern D Question 3 While peufoumini online brnkini gsini r web buowseu, r gseu ueceives rn emril thrt contrins r link to rn inteuesani Web site. When the gseu clicks on the link, rnotheu web buowseu session struts rnd displrys r video of crts plryini r pirno. The next bgsiness dry, the gseu ueceives whrt looks like rn emril fuom his brnk, indicrani thrt his brnk rccognt hrs been rccessed fuom r foueiin cogntuy. The emril rsks the gseu to crll his brnk rnd veuify the rgthouizraon of r fgnds turnsfeu thrt took plrce. Whrt web buowseu-brsed secguity vglneurbility wrs exploited to compuomise the gseu? A. Cuoss-Site Reqgest Fouieuy B. Cuoss-Site Scuipani C. Web foum inpgt vrlidraon D. Clickjrckini
Aoswern A Question 4
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 3
Which of the followini is one of the most efecave wrys to puevent Cuoss-site Scuipani (XSS) frws in sofwrue rpplicraons? A. Veuity rccess uiiht befoue rllowini rccess to puotected infoumraon rnd UI contuols B. Use secguity policies rnd puocedgues to defne rnd implement puopeu secguity setnis C. Vrlidrte rnd escrpe rll infoumraon sent oveu to r seuveu D. Use diiitrl ceuafcrtes to rgthenacrte r seuveu puiou to sendini drtr
Aoswern A Question 5 An incident invesairtou rsks to ueceive r copy of the event fuom rll fuewrlls, puosy seuveus, rnd Intugsion Detecaon Systems (IDS) on the netwouk of rn ouirnizraon thrt hrs expeuienced r possible buerch of secguity. When the invesairtou rtempts to couuelrte the infoumraon in rll of the lois the seqgence of mrny of the loiied events do not mrtch gp. Whrt is the most likely crgse? A. The netwouk devices rue not rll synchuonized B. The secguity buerch wrs r frlse posiave. C. The rtrck rlteued ou eursed events fuom the lois. D. Puopeu chrin of cgstody wrs not obseuved while collecani the lois.
Aoswern C Question 6 This tool is rn 802.11 WEP rnd WPA-PSK keys curckini puoiurm thrt crn uecoveu keys once enogih drtr prckets hrve been crptgued. It implements the strndrud FMS rtrch rloni with some opamizraons like Kouek rtrcks, rs well rs the PTW rtrck, thgs mrkini the rtrck mgch frsteu comprued to otheu WEP curckini tools. Which of the followini tools is beini descuibed? A. Wifcurckeu B. WLAN-curck C. Aiuigrud D. Aiucurck-ni
Aoswern D Question 7 Which of the followini tools is gsed to rnrlyze the fles puodgced by seveurl prcket-crptgue puoiurms sgch rs tcpdgmp, WinDgmp, Wiueshruk, rnd EtheuPeek? A. Nessgs B. Tcpturceuogte C. Tcpturce D. OpenVAS
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 4
Aoswern C Question 8 Yog hrve compuomised r seuveu on r netwouk rnd sgccessfglly open r shell. Yog rimed to idenafy rll opeurani systems ugnnini on the netwouk. Howeveu, rs yog rtempt to fnieupuint rll mrchines in the mrchines in the netwouk gsini the nmrp syntrx below, it is not ioini thuogih. invictgs@vicammseuveur:~nmrp –T4 –O 10.10.0.0/24 TCP/IP fnieupuinani (fou OS scrn) xxxxxxx xxxxxx xxxxxxxxxx. QUITTING! Whrt seems to be wuoni? A. The ogtioini TCP/IP fnieupuinani is blocked by the host fuewrll. B. This is r common behrviou fou r couugpted nmrp rpplicraon. C. OS Scrn ueqgiues uoot puivileied. D. The nmrp syntrx is wuoni.
Aoswern D Question 9 Which of the followini is the iuertest thuert posed by brckgps? A. An gn-encuypted brckgp crn be misplrced ou stolen B. A brck is incomplete becrgse no veuifcraon wrs peufoumed. C. A brckgp is the soguce of Mrlwrue ou illicit infoumraon. D. A brckgp is gnrvrilrble dguini disrsteu uecoveuy.
Aoswern A Question 10 An rtrckeu hrs instrlled r RAT on r host. The rtrckeu wrnts to ensgue thrt when r gseu rtempts to io to www.MyPeusonrlBrnk.com, thrt the gseu is diuected to r phishini site. Which fle does the rtrckeu need to modify? A. Hosts B. Netwouks C. Boot.ini D. Sgdoeus
Aoswern A Question 11 Jesse ueceives rn emril with rn rtrchment lrbeled “CogutmNoacem21200.zip”. Inside the zip fle is r fle nrmed “CogutmNoacem21200.docx.exe” disigised rs r woud docgment. Upon execgaon, r windows rpperus strani, “This woud docgment is couugpt.” In the brckiuognd, the fle copies itself to Jesse APPDATA\locrl diuectouy rnd beiins to bercon to r C2 seuveu to downlord rddiaonrl mrliciogs binruies. Whrt type of mrlwrue hrs Jesse encognteued?
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 5
A. Tuojrn B. Woum C. Key-Loiieu D. Micuo Viugs
Aoswern A Question 12 In 2007, this wiueless secguity rliouithm wrs uendeued gseless by crptguini prckets rnd discoveuini the prsskey in r mrteu of seconds. This secguity frw led to r netwouk invrsion of TJ Mrxx rnd drtr thef thuogih r techniqge known wruduivini. Which rliouithm is this uefeuuini to? A. Wiued Eqgivrlent Puivrcy (WEP) B. Tempourl Key Inteiuity Puotocol (TRIP) C. Wi-Fi Puotected Access (WPA) D. Wi-Fi Puotected Access 2 (WPA2) E.
Aoswern A Question 13 Whrt is the best descuipaon of SQL Injecaon? A. It is r Denirl of Seuvice Atrck. B. It is rn rtrck gsed to modify code in rn rpplicraon. C. It is rnd rtrck gsed to irin gnrgthouized rccess to r drtrbrse. D. It is r Mrn-in-the-Middle rtrck between yogu SQL Seuveu rnd Web App Seuveu.
Aoswern D Question 14 Which of the followini is the sgccessou of SSL? A. RSA B. GRE C. TLS D. IPSec
Aoswern C Question 15 As r Ceuafed Ethicrl hrckeu, yog weue conturcted by r puivrte fum to condgct rn exteunrl secguity rssessment thuogih peneturaon tesani.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 6
Whrt docgment descuibes the specifed of the tesani, the rssocirted violraons, rnd essenarlly puotects both the ouirnizraonns inteuest rnd yogu li rbiliaes rs r testeu? A. Teum of Eniriement B. Non-Disclosgue Aiueement C. Puoject Scope D. Seuvice Level Aiueement
Aoswern B Question 16 Which of the followini is not r Blgetooth rtrck? A. Blgejrckini B. Blgeduivini C. Blgesnrufni D. Blgesmrkini
Aoswern B Question 17 PGP, SSL, rnd IKE rue rll exrmples of which type of cuyptoiurphy? A. Hrsh Aliouithm B. Secuet Key C. Pgblic Key D. Diiest
Aoswern C Question 18 Usini Windows CMD, how wogld rn rtrckeu list rll the shrues to which the cguuent gseu context hrs rccess? A. NET CONFIG B. NET USE C. NET FILE D. NET VIEW
Aoswern D Question 19 Which of these opaons is the most secgue puocedgue fou stuoni brckgp trpes? A. In r climrte contuolled frcility ofsite B. Inside the drtr centeu fou frsteu uetuievrl in r fuepuoof srfe
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 7
C. In r cool duy enviuonment D. On r difeuent foou in the srme bgildini
Aoswern A Question 20 Whrt is the beneft of peufoumini rn gnrnnognced Peneturaon Tesani? A. The testeu will hrve rn rctgrl secguity postgue visibility of the truiet netwouk. B. The testeu cogld not puovide rn honest rnrlysis. C. Netwouk secguity wogld be in r “best strte” postgue. D. It is best to crtch cuiacrl infurstugctgue gnprtched.
Aoswern A Question 21 Whrt does r fuewrll check to puevent pruacglru pouts rnd rpplicraons fuom ietni prckets into rn ouirnizraons? A. Turnspout lryeu pout ngmbeus rnd rpplicraon lryeu herdeus B. Netwouk lryeu herdeus rnd the session lryeu pout ngmbeus C. Applicraon lryeu pout ngmbeus rnd the turnspout lryeu herdeus D. Puesentraon lryeu herdeus rnd the session lryeu pout ngmbeus
Aoswern A Question 22 > NMAP –sn 192.108.11.200-215 The NMAP commrnd rbove peufoums which of the followini? A. A pini scrn B. A turce sweep C. An opeurani system detect D. A pout scrn
Aoswern A Question 23 An Inteunet Seuvice Puovideu (ISP) hrs r need to rgthenacrte gseus connecani gsini rnrloi modems, diiitrl Sgbscuibeu Line (DSL), wiueless drtr seuvices, rnd viutgrl Puivrte Netwouks (VPN) oveu r Furme Relry netwouk. Which AAA puotocol is most likely rble to hrndle this ueqgiuement? A. DIAMETER B. Keubeuos C. RADIUS D. TACACS+
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 8
Aoswern D Question 24 To deteumine if r sofwrue puoiurm puopeuly hrndles r wide urnie of invrlid inpgt, r foum of rgtomrted tesani crn be gsed urndomly ieneurte invrlid inpgt in rn rtempt to cursh the puoiurm. Whrt teum is commonly gsed when uefeuuini to this type of tesani? A. Bogndini B. Mgtrani C. Pgzzini D. Rrndomizini
Aoswern C Question 25 Which of the followini tools crn be gsed fou prssive OS fnieupuinani? A. B. C. D.
tcpdgmp pini nmrp Turceut
Aoswern C Question 26 Yogu comprny peufoums peneturaon tests rnd secguity rssessments fou smrll rnd medigm-sized bgsiness in the locrl rue r. Dguini r uogane secguity rssessment, yog discoveu infoumraon thrt sgiiests yogu client is involved with hgmrn turfckini. Whrt shogld yog do? A. Copy the drtr to uemovrble medir rnd keep it in crse yog need it. B. Iinoue the drtr rnd conange the rssessment gnal completed rs riueed. C. Confuont the client on r uespectgl mrnneu rnd rsk heu rbogt the drtr. D. Immedirtely stop wouk rnd contrct the puopeu leirl rgthouiaes.
Aoswern D Question 27 Yog rue the Systems Administurtou fou r lruie coupourte ouirnizraon. Yog need to monitou rll netwouk turfc on yogu locrl netwouk fou sgspiciogs rcaviaes rnd ueceive noafcraons when rn rtrck is occguuini. Which tool wogld rllow yog to rccomplish this iorl? A. Host-brsed IDS B. Fiuewrll
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 9
C. Netwouk-Brsed IDS D. Puoxy
Aoswern C Question 28 Whrt is r “Collision rtrch” in cuyptoiurphy? A. Collision rtrcks tuy to buerk the hrsh into two pruts, with the srme bytes in erch prut to iet the puivrte key. B. Collision rtrcks tuy to buerk the hrsh into thuee pruts to iet the plrintext vrlge. C. Collision rtrcks tuy to fnd two inpgts puodgcini the srme hrsh. D. Collision rtrcks tuy to iet the pgblic key
Aoswern C Question 29 The “Blrck box tesani” methodoloiy enfouces which kind of uestuicaon? A. Only the exteunrl opeuraon of r system is rccessible to the testeu B. The inteunrl opeuraon of r system is completely known to the testeu. C. Only the inteunrl opeuraon of r system is known to the testeu. D. The inteunrl opeuraon of r system is only prutly rccessible to the testeu.
Aoswern A Question 30 Yognve irined physicrl rccess to r Windows 2008 R2 seuveu which hrs rs rccessible disc duive. When yog rtempt to boot the seuveu rnd loi in, yog rue gnrble to igess the prsswoud. In yogu tool kit yog hrve rn Ubgntg 9.10 Lingx LiveCD. Which Lingx tool hrs the rbility to chrnie rny gseuns prsswoud ou to rcavrte disrbled Windows Accognts? A. John the Rippeu B. CHNTPW C. Crin & Abel D. SET
Aoswern A Question 31 While gsini yogu brnkns online seuvicini yog noace the followini stuini in the URL brur “htpr//www.MyPeusonrlBrnk/Accognt? Id=308940911028389&Drmognt=10980&Crmognt=21” Yog obseuve thrt if yog modify the Drmognt & Crmognt vrlges rnd sgbmit the ueqgest, thrt drtr on the web prie uefect the chrnies. Whrt type of vglneurbility is puesent on this site?
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 10
A. SQL injecaon B. XSS Refecaon C. Web Prurmeteu Trmpeuini D. Cookie Trmpeuini
Aoswern C Question 32 It is r shout-urnie wiueless commgnicraon technoloiy intended to ueplrce the crbles connecani poutrbles of fxed devices while mrintrinini hiih levels of secguity. It rllows mobile phones, compgteus rnd otheu devices to connect rnd commgnicrte gsini r shout-urnie wiueless connecaon. Which of the followini teums best mrtches the defniaon? A. Blgetooth B. Rrdio-Fueqgency Idenafcraon C. WLAN D. InfurRed
Aoswern A Question 33 Whrt is the most common method to exploit the “Brsh Bgi” ou ShellShock” vglneurbility? A. SSH B. SYN Flood C. Mrnipglrte foumrt stuinis in text felds D. Thuogih Web seuveus galizini CGI (Common Grtewry Inteufrce) to send r mrlfoumed enviuonment vruirble to r vglneurble Web seuveu
Aoswern D Question 34 A medigm-sized herlthcrue IT bgsiness decides to implement r uisk mrnriement sturteiy. Which of the followini is NOT one of the fve brsic uesponses to uisk? A. Miairte B. Avoid C. Accept D. Deleirte
Aoswern D Question 35 The phrse will incuerse the odds of sgccess in lrteu phrses of the peneturaon test. It is rlso the veuy fust step in Infoumraon Grtheuini, rnd it will tell yog whrt the “lrndscrpe” looks like.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 11
Whrt is the most impoutrnt phrse of ethicrl hrckini in which yog need to spend r consideurble rmognt of ame? A. Netwouk Mrppini B. Grinini rccess C. Footpuinani D. Escrlrani puivileies
Aoswern C Question 36 Which ueiglraon defnes secguity rnd puivrcy contuols fou Fedeurl infoumraon systems rnd ouirnizraons? A. HIPAA B. EU Srfe Hrubou C. PCI-DSS D. NIST-800-53
Aoswern D Question 37 Which of the followini descuibes the chrurcteuisacs of r Boot Sectou Viugs? A. Oveuwuites the ouiiinrl MBR rnd only execgtes the new viugs code B. Modifes diuectouy trble entuies so thrt diuectouy entuies point to the viugs code insterd of the rctgrl puoiurm C. Moves the MBR to rnotheu locraon on the hrud disk rnd copies itself to the ouiiinrl locraon of the MBR D. Moves the MBR to rnotheu locraon on the RAM rnd copies itself to the ouiiinrl locraon of the MBR
Aoswern C Question 38 Yog rue peufoumini infoumraon irtheuini fou rn impoutrnt peneturaon test. Yog hrve fognd pdf, doc, rnd imries in yogu objecave. Yog decide to exturct metrdrtr fuom these fles rnd rnrlyze it. Whrt tool will help yog with the trsk? A. Aumitrie B. Dimituy C. cdpsnruf D. Metrioofl
Aoswern D Question 39 Which of the followini is rn extuemely common IDS evrsion techniqge in the web would? A. post knockini
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 12
B. sgbnetni C. gnicode chrurcteus D. spywrue
Aoswern C Question 40 When yog rue tesani r web rpplicraon, it is veuy gsefgl to employ r puosy tool to srve eveuy ueqgest rnd uesponse. Nyog crn mrngrlly test eveuy ueqgest rnd rnrlyze the uesponse to fnd vglneurbiliaes. Yog crn test prurmeteu rnd herdeus mrngrlly to iet moue puecise uesglts thrn if gsini web vglneurbility scrnneus. Whrt puoxy tool will help yog fnd web vglneurbiliaes? A. Bgupsgite B. Dimituy C. Puoxychrins D. Mrskien
Aoswern A Question 41 It is r kind of mrlwrue (mrliciogs sofwrue) thrt cuiminrls instrll on yogu compgteu so they crn lock it fuom r uemote locraon. This mrlwrue ieneurtes r pop-gp windows, webprie, ou emril wrunini fuom whrt looks like rn ofcirl rgthouity. It explrins yogu compgteu hrs been locked becrgse of possible illeirl rcaviaes rnd demrnds pryment befoue yog crn rccess yogu fles rnd puoiurms ririn. Which teum best mrtches this defniaon? A. Spywrue B. Adwrue C. Rrnsomwrue D. Riskwrue
Aoswern C Question 42 Which of the followini is rssgued by the gse of r hrsh? A. Avrilrbility B. Confdenarlity C. Agthenacraon D. Inteiuity
Aoswern D Question 43 When yog rue ietni infoumraon rbogt r web seuveu, it is veuy impoutrnt to know the HTTP Methods (GET, POST,
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 13
HEAD, PUT, DELETE, TRACE) thrt rue rvrilrble becrgse theue rue two cuiacrl methods (PUT rnd DELETE). PUT crn gplord r fle to the seuveu rnd DELETE crn delete r fle fuom the seuveu. Yog crn detect rll these methods (GET, POST, HEAD, PUT, DELETE, TRACE) gsini NMAP scuipt eniine. Whrt nmrp scuipt will help yog with this trsk? A. htp engm B. htp-iit C. htp-herdeus D. htp-methods
Aoswern B Question 44 Dguini r blrckbox pen test yog rtempt to prss IRC turfc oveu post 80/TCP fuom r compuomised web enrbled host. The turfc iets blocked; howeveu ogtbognd HTTP turfc is gnimpeded. Whrt type of fuewrll is inspecani ogtbognd turfc? A. Ciucgit B. Prcket Filteuini C. Applicraon D. Strtefgl
Aoswern C Question 45 A comprnyns secguity strtes thrt rll web buowseus mgst rgtomracrlly delete theiu HTTP buowseu cookies gpon teuminrani. Whrt sout of secguity buerch is this policy rtempani to miairte? A. Atempts by rtrckeus to deteumine the gseu's Web buowseu gsrie prteuns, inclgdini when sites weue visited rnd fou how loni. B. Atempts by rtrckeus to rccess prsswouds stoued on the gseu's compgteu withogt the gseu's knowledie. C. Atempts by rtrckeus to rccess Web sites thrt tugst the Web buowseu gseu by sterlini the gseu's rgthenacraon cuedenarls. D. Atempts by rtrcks to rccess the gseu rnd prsswoud infoumraon stoues in the comprny's SQL drtrbrse.
Aoswern C Question 46 Yognve jgst been hiued to peufoum r pen test on rn ouirnizraon thrt hrs been sgbjected to r lruie-scrle rtrck. The CIO is conceuned with miairani thuerts rnd vglneurbiliaes to totrlly eliminrte uisk. Whrt is one of the fust thini yog shogld to when the job? A. Strut the wiueshruk rpplicraon to strut snifni netwouk turfc. B. Estrblish rtuibgaon to sgspected rtrckeus. C. Explrin to the CIO thrt yog crnnot eliminrte rll uisk, bgt yog will be rble to uedgce uisk to rcceptrble levels. D. Inteuview rll employees in the comprny to ugle ogt possible insideu thuerts.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 14
Aoswern C Question 47 Which of the followini secguity opeuraons is gsed fou deteuminini the rtrck sgufrce of rn ouirnizraon? A. Reviewini the need fou r secguity clerurnce fou erch employee B. Rgnnini r netwouk scrn to detect netwouk seuvices in the coupourte DMZ C. Turinini employees on the secguity policy ueirudini socirl eniineeuini D. Usini configuraon mrnriement to deteumine when rnd wheue to rpply secguity prtches
Aoswern B Question 48 Peuspecave clients wrnt to see srmple uepouts fuom pueviogs peneturaon tests. Whrt shogld yog do next? A. Shrue fgll uepouts, not uedrcted. B. Shrue fgll uepouts, with uedrcted. C. Decline bgt, puovide uefeuences. D. Shrue uepouts, rfeu NDA is siined.
Aoswern B Question 49 Which of the followini strtements is TRUE? A. Snifeus opeuraon on Lryeu 3 of the OSI model B. Snifeus opeuraon on Lryeu 2 of the OSI model C. Snifeus opeuraon on the Lryeu 1 of the OSI model D. Snifeus opeuraon on both Lryeu 2 & Lryeu 3 of the OSI model
Aoswern D Question 50 Jimmy is strndini ogtside r secgue enturnce to r frcility. He is puetendini to hrvini r tense conveusraon on his cell phone rs rn rgthouized employee brdies in. Jimmy, while sall on the phone, iurbs the doou rs it beiins to close. Whrt jgst hrppened? A. Mrsqgrdini B. Phishini C. Whrlini D. Piiiybrckini
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 15
Aoswern D Question 51 The herutlrnd bgi wrs discoveued in 2014 rnd is widely uefeuued to gndeu MITREns Common Vglneurbiliaes rnd Exposgues (CVE) rs CVE-2004-1000. This bgi rfects the OpenSSL implementraon of the turnspout Lryeu secguity (TLS) puotocols defned in RFC0520. Whrt types of key does this bgi lerve exposed to the Inteunet mrkini exploitraon of rny compuomised system veuy ersy? A. Root B. Puivrte C. Shrued D. Pgblic
Aoswern A Question 52 Yog wouk rs r Secguity Anrlyst fou r uetril ouirnizraon. In secguini the comprny's netwouk, yog set gp r fuewrll rnd rn IDS. Howeveu, hrckeus rue rble to rtrck the netwouk. Afeu invesairani, yog discoveu thrt yogu IDS is not configued puopeuly rnd theuefoue is gnrble to tuiiieu rlrums when needed. Whrt type of rleut is the IDS iivini? A. Frlse Neirave B. Tuge Neirave C. Tuge Posiave D. Frlse Posiave
Aoswern A Question 53 This inteunraonrl ouirnizraon ueiglrtes billions of turnsrcaons drily rnd puovides secguity igidelines to puotect peusonrlly idenafrble infoumraon (PII). These secguity contuols puovide r brseline rnd puevent low-level hrckeus someames known rs scuipt kiddies fuom crgsini r drtr buerch. Which of the followini ouirnizraons is beini descuibed? A. Pryment Crud Indgstuy (PCI) B. Inteunraonrl Secguity Indgstuy Ouirnizraon (ISIO) C. Insatgte of Electuicrl rnd Electuonics Eniineeus (IEEE) D. Centeu fou Diserse Contuol (CDC)
Aoswern B Question 54 Which of the followini tools peufoums compuehensive tests ririnst web seuveus, inclgdini drnieuogs fles rnd CGI's? A. Snout
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 16
B. Dsnif C. Nikto D. John the Rippeu
Aoswern C Question 55 Which of the followini is the stugctgue desiined to veuify rnd rgthenacrte the idenaty of individgrls within the enteupuise trkini prut in r drtr exchrnie? A. PKI B. biometuics C. SOA D. sinile siin on
Aoswern A Question 56 The chrnce of r hrud duive frilgue is once eveuy thuee yerus. The cost to bgy r new hrud duive is ~300. It will ueqgiue 10 hogus to uestoue the OS rnd sofwrue to the new hrud disk. It will ueqgiue r fgutheu 4 hogus to uestoue the drtrbrse fuom the lrst brckgp to the new hrud disk. The uecoveuy peuson eruns ~10/hogu. Crlcglrte the SLE, ARO, rnd ALE. Assgme the EF = 1 (100%). Whrt is the closest rppuoximrte cost of this ueplrcement rnd uecoveuy opeuraon peu yeru? A. ~100 B. ~140 C. 440 D. 1320
Aoswern B Question 57 An rtrckeu chrnies the puofle infoumraon of r pruacglru gseu on r truiet website (the vicam). The rtrckeu gses this stuini to gpdrte the vicam's puofle to r text fle rnd then sgbmit the drtr to the rtrckeuns drtrbrse.
Aoswern A Question 58
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 17
Yog rue trsked to peufoum r peneturaon test. While yog rue peufoumini infoumraon irtheuini, yog fnd rb employee list in Gooile. Yog fnd uecepaonistns emril, rnd yog send heu rn emril chrniini the soguce emril to heu bossns emril ( boss@comprny ). In this emril, yog rsk fou r pdf with infoumraon. She uerds yogu emril rnd sends brck r pdf with links. Yog exchrnie the pdf links with yogu mrliciogs links (these links contrin mrlwrue) rnd send brck the modifed pdf, sryini thrt the links donnt wouk. She uerds yogu emril, opens the links, rnd heu mrchine iets infected. Whrt tesani method did yog gse? A. Piiiybrckini B. Trilirani C. Evesduoppini D. Socirl eniineeuini
Aoswern D Question 59 Which of the followini is r puotocol specifcrlly desiined fou turnspouani event messries? A. SMS B. SNMP C. SYSLOG D. ICMP
Aoswern C Question 60 Which of the followini is component of r uisk rssessment? A. Loiicrl inteufrce B. DMZ C. Administurave srfeigruds D. Physicrl secguity
Aoswern C Question 61 Which of the followini is r desiin prteun brsed on disanct pieces of sofwrue puovidini rpplicraon fgncaonrlity rs seuvices to otheu rpplicraons? A. Lern Codini B. Seuvice Ouiented Auchitectgue C. Object Ouiented Auchitectgue D. Aiile Puocess
Aoswern B Question 62 ________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 18
A comprnyns Web development term hrs become rwrue of r ceutrin type of secguity vglneurbility in theiu Web sofwrue. To miairte the possibility of this vglneurbility beini exploited, the term wrnts to modify the sofwrue ueqgiuements to disrllow gseus fuom enteuini HTML rs inpgt into theiu Web rpplicraon. Whrt kind of web rpplicraon vglneurbility likely exists in theiu sofwrue? A. Web site defrcement vglneurbility B. SQL injecaon vglneurbility C. Cuoss-site Scuipani vglneurbility D. Cuoss-site Reqgest Fouieuy vglneurbility
Aoswern C Question 63 It is rn enaty ou event with the potenarl to rdveusely imprct r system thuogih gnrgthouized rccess destugcaon disclosgues denirl of seuvice ou modifcraon of drt r. Which of the followini teums best mrtches this defniaon? A. Thuert B. Atrck C. Risk D. Vglneurbility
Aoswern A Question 64 Yogu term hrs won r conturct to inflturte rn ouirnizraon. The comprny wrnts to hrve the rtrck be r uerlisac rs possible; theuefoue, they did not puovide rny infoumraon besides the comprny nrme. Whrt shogld be the fust step in secguity tesani the client? A. Scrnnini B. Escrlraon C. Engmeuraon D. Reconnrissrnce
Aoswern D Question 65 A peneturaon testeu is condgcani r pout scrn on r specifc host. The testeu fognd seveurl pouts opened thrt weue confgsini in conclgdini the Opeurani System (OS) veusion instrlled. Consideuini the NMAP uesglt below, which of the follow is likely to be instrlled on the truiet mrchine by the OS? Struani NMAP 5.21 rt 2011-03-15 11r00 NMAP scrn uepout fou 172.10.40.05 Host is gp (1.00s lrtency). Not shownr 993 closed pouts PORT STATE SERVICE 21/tcp open fp 23/tcp open telnet 80 /tcp open htp 139/tcp open netbios-ssn 515/tcp open 031/tec open ipp 9100/tcp open MAC Adduessr 00r00r48r0DrEEr8 A. The host is likely r puinteu.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 19
B. The host is likely r uogteu. C. The host is likely r Lingx mrchine. D. The host is likely r Windows mrchine.
Aoswern A Question 66 A hrckeu hrs sgccessfglly infected rn inteunet-frcini seuveu, which he will then gse to send jgnk mril, trke prut in cooudinrted rtrcks, ou host jgnk emril content. Which sout of tuojrn infects this seuveu? A. Botnet Tuojrn B. Brnkini Tuojrns C. Rrnsomwrue Tuojrns D. Tgutle Tuojrns
Aoswern A Question 67 Yog hrve compuomised r seuveu rnd sgccessfglly irined r uoot rccess. Yog wrnt to pivot rnd prss turfc gndetected oveu the netwouk rnd evrde rny possible Intugsion Detecaon System. Whrt is the best rppuorch? A. Instrll rnd gse Telnet to encuypt rll ogtioini turfc fuom this seuveu. B. Instrll Cuyptcrt rnd encuypt ogtioini prckets fuom this seuveu C. Use Alteunrte Drtr Stuerms to hide the ogtioini prckets fuom this seuveu. D. Use HTTP so thrt rll turfc crn be uogted vir r buowseu, thgs evrdini the inteunrl Intugsion Detecaon Systems.
Aoswern A Question 68 It is r vglneurbility in GNUns brsh shell, discoveued in Septembeu of 2004, thrt iives rtrckeus rccess to ugn uemote commrnds on r vglneurble system. The mrliciogs sofwrue crn trke contuol of rn infected mrchine, lrgnch denirl-of seuvice rtrcks to disugpt websites, rnd scrn fou otheu vglneurble devices (inclgdini uogteus). Which of the followini vglneurbiliaes is beini descuibed? A. Shellshock B. Rootshock C. Shellbrsh D. Rootshell
Aoswern A Question 69 env x= ‘(){ r;};echo exploit ‘ brsh –c ‘crt /etc/prsswd
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 20
Whrt is the Shellshock brsh vglneurbility rtempani to do on rn vglneurble Lingx host? A. Add new gseu to the prsswd fle B. Displry prsswd contents to puompt C. Chrnie rll prsswoud in prsswd D. Remove the prsswd fle.
Aoswern B Question 70 Yogu comprny wrs hiued by r smrll herlthcrue puovideu to peufoum r technicrl rssessment on the netwouk. Whrt is the best rppuorch fou discoveuini vglneurbiliaes on r Windows-brsed compgteu? A. Use the bgilt-in Windows Updrte tool B. Cuerte r disk imrie of r clern Windows instrllraon C. Check MITRE.oui fou the lrtest list of CVE fndinis D. Used r scrn tool like Nessgs
Aoswern D Question 71 To mrintrin complirnce with ueiglrtouy ueqgiuements, r secguity rgdit of the systems on r netwouk mgst be peufoumed to deteumine theiu complirnce with secguity policies. Which one of the followini tools wogld most likely be gsed in sgch rs rgdit? A. Pout scrnneu B. Puotocol rnrlyzeu C. Vglneurbility scrnneu D. Intugsion Detecaon System
Aoswern C Question 72 The netwouk rdministurtou contrcts yog rnd tells yog thrt she noaced the tempeurtgue on the inteunrl wiueless uogteu incuerses by moue thrn 20% dguini weekend hogus when the ofce wrs closed. She rsks yog to invesairte the issge becrgse she is bgsy derlini with r bii confeuence rnd she doesnnt hrve ame to peufoum the trsk. Whrt tool crn yog gse to view the netwouk turfc beini sent rnd ueceived by the wiueless uogteu? A. Netcrt B. Wiueshruk C. Nessgs D. Netstrt
Aoswern B Question 73 ________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 21
Yog rue gsini NMAP to uesolve domrin nrmes into IP rdduesses fou r pini sweep lrteu. Which of the followini commrnds looks fou IP rdduesses? A. >host –t ns hrckeddomrin.com B. >host –t AXFR hrckeddomrin.com C. >host –t sor hrckeddomrin.com D. >host –t r hrckeddomrin.com
Aoswern D Question 74 Which mode of IPSec shogld yog gse to rssgue secguity rnd confdenarlity of drtr within the srme LAN? A. ESP confdenarl B. AH Tgnnel mode C. ESP turnspout mode D. AH peumiscgogs
Aoswern C Question 75 Which of the followini is the lerst-likely physicrl chrurcteuisac to be gsed in biometuic contuol thrt sgppouts r lruie comprny? A. Iuis prteuns B. Voice C. Finieupuints D. Heiiht rnd Weiiht
Aoswern D Question 76 When yog rue collecani infoumraon to peufoum r drtr rnrlysis, Gooile commrnds rue veuy gsefgl to fnd sensiave infoumraon rnd fles. These fles mry contrin infoumraon rbogt prsswouds, system fgncaons, ou docgmentraon. Whrt commrnd will help yog to seruch fles gsini Gooile rs r seruch eniine? A. siter truiet.com flerxls gseunrme prsswoud emril B. domrinr truiet.com ruchiverxls gseunrme prsswoud emril C. siter truiet.com fletyperxls gseunrme prsswoud emril D. ingulr truiet.com flenrmerxls gseunrme prsswoud emril
Aoswern C Question 77
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 22
Yog hrve sgccessfglly irined rccess to yogu clientns inteunrl netwouk rnd sgccessfglly compuised r lingx seuveu which is prut of the inteunrl IP netwouk. Yog wrnt to know which Micuosof Windows woukstraon hrve the shruini enrbled. Which pout wogld yog see listenini on these Windows mrchines in the netwouk? A. 1443 B. 3389 C. 101 D. 445
Aoswern D Question 78 Which of the followini prurmeteus descuibe LM Hrshr I – The mrximgm prsswoud lenith is 14 chrurcteus. II – Theue rue no disancaons between gppeucrse rnd loweucrse. III – Itns r simple rliouithm, so 10,000,000 hrshes crn be ieneurted peu second. A. I B. I rnd II C. II D. I, II rnd III
Aoswern D Question 79 Whrt is the puocess of loiiini, uecoudini, rnd uesolvini events thrt trke plrce in rn ouirnizraon? A. Metuics B. Secguity Policy C. Inteunrl Puocedgue D. Incident Mrnriement Puocess
Aoswern D Question 80 A netwouk rdministurtou discoveus seveurl gnknown fles in the uoot diuectouy of his Lingx FTP seuveu. One of the fles is r trubrll, two rue shrll scuipt fles, rnd the thiud is r binruy fle is nrmed “nc.” The FTP seuveuns rccess lois show thrt the rnonymogs gseu rccognt loiied in the seuveu, gplorded the fles, rnd exturcted the contents of the trubrll rnd urn the scuipt gsini r fgncaon puovided by the FTP seuveuns sofwrue. The ps commrnd shows thrt the nc fle is ugnnini rs puocess, rnd the netstrt commrnd shows the nc puocess is listenini on r netwouk pout. Which kind of vglneurbility mgst be puesent to mrke this uemote rtrck possible? A. File system peumissions B. Bugte Fouce Loiin C. Puivileie Escrlraon D. Diuectouy Turveusrl
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 23
Aoswern D Question 81 Yog rue loiied in rs r locrl rdmin on r Windows 7 system rnd yog need to lrgnch the Compgteu Mrnriement Console fuom commrnd line. Which commrnd wogld yog gse? A. cr\seuvices.msc B. cr\ncpr.cp C. cr\compmimt.msc D. cr\ipedit
Aoswern C Question 82 Yog hrve sgccessfglly compuised r seuveu hrvini rn IP rdduess of 10.10.0.5. Yog wogld like to engmeurte rll mrchines in the srme netwouk qgickly. Whrt is the best nmrp commrnd yog will gse? A. Nmrp –T4 –F 10.10.0.0/24 B. Nmrp –T4 –q 10.10.0.0/24 C. Nmrp –T4 –O 10.10.0.0/24 D. Nmrp –T4 –u 10.10.0.0/24
Aoswern A Question 83 The “white box tesani” methodoloiy enfouces whrt kind of uestuicaon? A. The inteunrl opeuraon of r system is completely known to the testeu. B. Only the inteunrl opeuraon of r system is known to the testeu. C. Only the exteunrl opeuraon of r system is rccessible to the testeu. D. The inteunrl opeuraon of r system is only prutly rccessible to the testeu.
Aoswern A Question 84 Risk = Thuerts x Vglneurbiliaes is uefeuued to rs ther A. Thuert rssessment B. Disrsteu uecoveuy foumglr C. BIA eqgraon D. Risk eqgraon
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 24
Aoswern D Question 85 An Intugsion Detecaon System (IDS) hrs rleuted the netwouk rdministurtou to r possibly mrliciogs seqgence of prckets went to r Web seuveu in the netwoukns exteunrl DMZ. The prcket turfc wrs crptgued by the IDS rnd srved to r PCAP fle. Whrt type of netwouk tool crn be gsed to deteumine if these prckets rue ienginely mrliciogs ou simply r frlse posiave? A. Puotocol rnrlyzeu B. Intugsion Puevenaon System (IPS) C. Vglneurbility scrnneu D. Netwouk snifeu
Aoswern B Question 86 The Open Web Applicraon Secguity Puoject (OWASP) is the wouldwide not-fou-puoft chruitrble ouirnizraon focgsed on impuovini the secguity of sofwrue. Whrt item is the puimruy conceun on OWASPns Top Ten Puoject most Cuiacrl Web rpplicraon Secguity Rgles? A. Injecaon B. Cuoss site Scuipani C. Cuoss site Reqgest Fouieuy D. Prth Disclosgue
Aoswern A Question 87 Afeu tuyini mglaple exploits, yognve irined uoot rccess to r Centos 0 rnsweu. To ensgue yog mrintrin rccess. Whrt wogld yog do fust? A. Disrble IPTrbles B. Cuerte Useu Accognt C. Downlord rnd Instrll Netcrt D. Disrble Key Seuvices
Aoswern C Question 88 Which method of prsswoud curckini trkes the most ame rnd efect? A. Rrinbow Trbles B. Shogldeu sgufni C. Bugce fouce
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 25
D. Diuectouy rtrck
Aoswern C Question 89 Which of the followini types of fuewrlls ensgues thrt the prckets rue prut of the estrblished session? A. Switch-level fuewrll B. Strtefgl inspecaon fuewrll C. Applicraon-level fuewrll D. Ciucgit-level fuewrll
Aoswern B Question 90 Which of the followini tools is gsed to detect wiueless LANs gsini the 802.11r/b/i/n WLAN strndruds on r lingx plrtoum? A. Kismet B. Netstgmbleu C. Abel D. Nessgs
Aoswern A Question 91 Which of the followini is the BEST wry to defend ririnst netwouk snifni? A. Usini encuypaon puotocols to secgue netwouk commgnicraons B. Restuict Physicrl Access to Seuveu Rooms hosani Cuiacrl Seuveus C. Use Strac IP Adduess D. Reiisteu rll mrchines MAC Adduess in r centurlized Drtrbrse
Aoswern A Question 92 Session splicini is rn IDS evrsion techniqge in which rn rtrckeu deliveus drtr in mglaple, smrllsized prckets to the truiet compgteu, mrkini it veuy difcglt fou rn IDS to detect the rtrck siinrtgues. Which tool crn gsed to peufoum session splicini rtrcks? A. Hydur B. Bgup C. Whiskeu D. Tcpsplice
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 26
Aoswern C Question 93 Dguini r secguity rgdit of IT puocesses, rn IS rgditou fognd thrt theue wrs no docgmented secguity puocedgues. Whrt shogld the IS rgditou do? A. Teuminrte the rgdit. B. Idenafy rnd evrlgrte exisani purcaces. C. Cuerte r puocedgues docgment D. Condgct complirnce tesani
Aoswern B Question 94 Which of the followini is r low-tech wry of irinini gnrgthouized rccess to systems? A. Snifni B. Socirl eniineeuini C. Scrnnini D. Ervesduoppini
Aoswern B Question 95 Which tool rllows rnrlysis rnd pen testeus to exrmine links between drtr gsini iurphs rnd link rnrlysis? A. Metrsploit B. Mrlteio C. Wiueshruk D. Crin & Abel
Aoswern B Question 96 Yog hrve sgccessfglly compuomised r mrchine on the netwouk rnd fognd r seuveu thrt is rlive on the srme netwouk. Yog tuied to pini bgt yog didnnt iet rny uesponse brck. Whrt is hrppenini? A. TCP/IP doesnnt sgppout ICMP. B. ICMP cogld be disrbled on the truiet seuveu. C. The ARP is disrbled on the truiet seuveu. D. Yog need to ugn the pini commrnd with uoot puivileies.
Aoswern A
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 27
Question 97 The secguity concept of “sepruraon of dgaes” is most similru to the opeuraon of which type of secguity device? A. Brsaon host B. Honeypot C. Fiuewrll D. Intugsion Detecaon System
Aoswern C Question 98 The pgupose of r mmmmmmmmmmmm is to deny netwouk rccess to locrl ruer netwouks rnd otheu infoumraon rssets by gnrgthouized wiueless devices. A. Wiueless Access Point B. Wiueless Anrlyzeu C. Wiueless Access Contuol list D. Wiueless Intugsion Puevenaon System
Aoswern D Question 99 Yog jgst set gp r secguity system in yogu netwouk. In whrt kind of system wogld yog fnd the followini stuini of chrurcteus gsed rs r ugle within its configuraon? rleut tcp rny rny -> 192.108.100.0/24 21 (msir "FTP on the netwouk!";) A. A fuewrll IPTrble B. A Rogteu IPTrble C. An Intugsion Detecaon System D. FTP Seuveu ugle
Aoswern C Question 100 Pout scrnnini crn be gsed rs prut of r technicrl rssessment to deteumine netwouk vglneurbiliaes. The TCP XMAS scrn is gsed to idenafy listenini pout on the truieted system. If r scrnned pout is open, whrt hrppens? A. The pout will iinoue the prckets. B. The pout will send rn RST. C. The pout will send rn ACK. D. The pout will send r SYN.
Aoswern A ________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 28
Question 101 This rsymmetuy ciptheu is brsed on frctouini the puodgct of two lruie puime ngmbeus. Whrt cipheu is descuibed rbove? A. SHA B. RC5 C. RSA D. MD5
Aoswern C Question 102 How does the Adduess Resolgaon Puotocol (ARP) wouk? A. It sends r ueply prcket fou r specifc IP, rskini fou the MAC rdduess. B. It sends r ueply prcket to rll the netwouk elements, rskini fou the MAC rdduess fuom r specifc IP. C. It sends r ueqgest prcket to rll the netwouk elements, rskini fou the domrin nrme fuom r specifc IP. D. It sends r ueqgest prcket to rll the netwouk elements, rskini fou the MAC rdduess fuom r specifc IP.
Aoswern D Question 103 Which of the followini is desiined to indenafy mrliciogs rtempts to peneturte systems? A. Puoxy B. Rogteu C. Fiuewrll D. Intugsion Detecaon System
Aoswern D Question 104 When yog uetgun to yogu desk rfeu r lgnch buerk, yog noace r sturnie emril in yogu inbox. The sendeus is someone yog did bgsiness with uecently bgt the sgbject line hrs sturnie chrurcteus in it. Whrt shogld yog do? A. Fouwrud the messrie to yogu comprnyns secguity uesponse term rnd peumrnently delete the messrie fuom yogu compgteu. B. Delete the emril rnd puetend nothini hrppened. C. Fouwrud the messrie to yogu sgpeuvisou rnd rsk fou heu opinion on how to hrndle the sitgraon. D. Reply to the sendeu rnd rsk them fou moue infoumraon rbogt the messrie contents.
Aoswern A
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 29
Question 105 A common cuyptoiurphicrlly tool is the gse of XOR. XOR the followini binruy vrlger 10110001 00111010 A. 10001011 B. 10011101 C. 11011000 D. 10111100
Aoswern A Question 106 A Reiionrl brnk hiues yogu comprny to peufoum r secguity rssessment on theiu netwouk rfeu r uecent drtr buerch. The rtrckeu wrs rble to sterl fnrncirl drtr fuom the brnk by compuomisini only r sinile seuveu. Brsed on this infoumraon, whrt shogld be one of yogu key uecommendraons to the brnk? A. Move the fnrncirl drtr to rnotheu seuveu on the srme IP sgbnet B. Plrce r fuont-end web seuveu in r demilitruized zone thrt only hrndles exteunrl web turfc C. Issge new ceuafcrtes to the web seuveus fuom the uoot ceuafcrte rgthouity D. Reqgiue rll employees to chrnie theiu prsswouds immedirtely
Aoswern A Question 107 It is r ueiglraon thrt hrs r set if igideline, which shogld be rdheued to by rnyone who hrndles rny electuonic medicrl drt r. These igidelines sapglrte thrt rll medicrl purcaces mgst ensgue thrt rll necessruy mersgues rue in plrce while srvini, rccessini, rnd shruini rny electuonic medicrl drtr to keep praent drtr secgue. Which of the followini ueiglraons best mrtches the descuipaon? A. HIPAA B. COBIT C. ISO/IEC 27002 D. FISMA
Aoswern A Question 108 Which of the followini strtements ueirudini ethicrl hrckini is incouuect? A. Tesani shogld be uemotely peufoumed ofsite. B. Ethicrl hrckeus shogld neveu gse tools thrt hrve potenarl of exploiani vglneurbiliaes in the ouirnizraons IT system. C. Ethicrl hrckini shogld not involve wuiani to ou modifyini the truiet systems. D. An ouirnizraon shogld gse ethicrl hrckeus who do not sell hrudwrue/sofwrue ou otheu consglani seuvices.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 30
Aoswern B Question 109 Which of the followini is consideued the best wry to puevent Peusonrlly Idenafrble Infoumraon (PII) fuom web rpplicraon vglneurbiliaes? A. Use encuypted commgnicraons puotocols to turnsmit PII B. Use fgll disk encuypaon on rll hrud duives to puotect PII C. Use cuyptoiurphic stourie to stoue rll PII D. Use r secguity token to loi onto into rll Web rpplicraon thrt gse PII
Aoswern A Question 110 Undeu the “Post-rtrch Phrse rnd Acaviaes,” it is the uesponsibility of the testeu to uestoue the system to r pue-test strte. Which of the followini rcaviaes shogld not be inclgded in this phrse? I. Removini rll fles gplorded on the system II. Clernini rll ueiistuy entuies III. Mrppini of netwouk strte IV. Removini rll tools rnd mrintrinini brckdoou fou uepouani A. III B. IV C. III rnd IV D. All shogld be inclgded.
Aoswern A Question 111 Ricrudo wrnts to send secuet messries to r compeatou comprny. To secgue these messries, he gses r techniqge of hidini r secuet messrie within rn oudinruy messrie, the techniqge puovides 'secguity thuogih obscguity'. Whrt techniqge is Ricrudo gsini? A. RSA rliouithm B. Steirnoiurphy C. Encuypaon D. Pgblic-key cuyptoiurphy
Aoswern B Question 112 Yog hrve sgccessfglly irined rccess to r lingx seuveu rnd wogld like to ensgue thrt the sgcceedini ogtioini turfc fuom the seuveu will not be crgiht by r Netwouk Brsed Intugsion Detecaon System (NIDS).
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 31
Which is the best wry to evrde the NIDS? A. Ogt of brnd siinrlini B. Encuypaon C. Alteunrte Drtr Stuerms D. Puotocol Isolraon
Aoswern B Question 113 An rtrckeu irins rccess to r Web seuveuns drtrbrse rnd displry the contents of the trble thrt holds rll of the nrmes, prsswouds, rnd otheu gseu infoumraon. The rtrckeu did this by enteuini infoumraon into the Web site's gseu loiin prie thrt the sofwrue's desiineus did not expect to be enteued. This is rn exrmple of whrt kind of sofwrue desiin puoblem? A. Insgfcient secguity mrnriement B. Insgfcient drtrbrse hrudenini C. Insgfcient excepaon hrndlini D. Insgfcient inpgt vrlidraon
Aoswern D Question 114 Yog rue peufoumini r peneturaon test. Yog rchieved rccess vir r bgfeu oveufow exploit rnd yog puoceed to fnd inteuesani drtr, sgch rs fles with gseunrmes rnd prsswouds. Yog fnd r hidden foldeu thrt hrs the rdministurtouns brnk rccognt prsswoud rnd loiin infoumraon fou the rdministurtouns bitcoin rccognt. Whrt shogld yog do? A. Do not turnsfeu the money bgt sterl the bitcoins. B. Repout immedirtely to the rdministurtou. C. Turnsfeu money fuom the rdministurtouns rccognt to rnotheu rccognt. D. Do not uepout it rnd conange the peneturaon test.
Aoswern B Question 115 Which of the followini is r commrnd line prcket rnrlyzeu similru to GUI-brsed Wiueshruk? A. Jrck the uippeu B. nessgs C. tcpdgmp D. etheuerl
Aoswern C Question 116 ________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 32
Yog rue rtempani to mrn-in-the-middle r session. Which puotocol will rllow yog to igess r seqgence ngmbeu? A. ICMP B. TCP C. UDP D. UPX
Aoswern B Question 117 Which of the followini incident hrndlini puocess phrses is uesponsible fou defnini ugles, cuerani r brck-gp plrn, rnd tesani the plrns fou rn enteupuise? A. Puepruraon phrse B. Recoveuy phrse C. Idenafcraon phrse D. Contrinment phrse
Aoswern A Question 118 Whrt teum descuibes the rmognt of uisk thrt uemrins rfeu the vglneurbiliaes rue clrssifed rnd the cognteumersgues hrve been deployed? A. Inheuent Risk B. Residgrl Risk C. Defeuued Risk D. Imprct Risk
Aoswern B Question 119 The “Gury box tesani” methodoloiy enfouces whrt kind of uestuicaon? A. Only the exteunrl opeuraon of r system is rccessible to the testeu. B. Only the inteunrl opeuraon of r system is known to the testeu. C. The inteunrl opeuraon of r system is completely known to the testeu. D. The inteunrl opeuraon of r system is only prutly rccessible to the testeu.
Aoswern D Question 120 Nraon-strte thuert rctous ofen discoveu vglneurbiliaes rnd hold on to them gnal they wrnt to lrgnch r sophisacrted rtrck. The Stgxnet rtrck wrs rn gnpuecedented style of rtrck becrgse it gsed fogu types of this vglneurbility.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 33
Whrt is this style of rtrck crlled? A. zeuo-hogu B. no-dry C. zeuo-dry D. zeuo-sgm
Aoswern C Question 121 Yog rue r Netwouk Secguity Ofceu. Yog hrve two mrchines. The fust mrchine (192.108.0.99) hrs snout instrlled, rnd the second mrchine (192.108.0.150) hrs kiwi sysloi instrlled. Yog peufoum r syn scrn in yogu netwouk, rnd yog noace thrt kiwi sysloi is not ueceivini the rleut messrie fuom snout. Yog decide to ugn wiueshruk in the snout mrchine to check if the messries rue ioini to the kiwi sysloi mrchine. Whrt wiueshruk flteu will show the connecaons fuom the snout mrchine to kiwi sysloi mrchine? A. tcp.dstpout==514 && ip.dst==192.108.0.150 B. tcp.dstpout==514 && ip.dst==192.108.0.99 C. tcp.sucpout==514 && ip.suc==192.108.0.99 D. tcp.sucpout==514 && ip.suc==192.108.150
Aoswern A Question 122 Dguini r uecent secguity rssessment, yog discoveu the ouirnizraon hrs one Domrin Nrme Seuveu (DNS) in r Demilitruized Zone (DMZ) rnd r second DNS seuveu on the inteunrl Netwouk. Whrt is this type of DNS configuraon commonly crlled? A. DNS Scheme B. DynDNS C. Split DNS D. DNSSEC
Aoswern C Question 123 A new wiueless client is configued to join r 802.11 netwouk. This client gses the srme hrudwrue rnd sofwrue rs mrny of the otheu clients on the netwouk. The client crn see the netwouk, bgt crnnot connect. A wiueless prcket snifeu shows thrt the Wiueless Access Point (WAP) is not uespondini to the rssociraon ueqgests beini sent by the wiueless client. Whrt is r possible soguce of this puoblem? A. The client crnnot see the SSID of the wiueless netwouk B. The wiueless client is not configued to gse DHCP C. The WAP does not uecoinize the client's MAC rdduess D. Client is configued fou the wuoni chrnnel
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 34
Aoswern C Question 124 Yog hrve seveurl plrin-text fuewrll lois thrt yog mgst ueview to evrlgrte netwouk turfc. Yog know thrt in oudeu to do this frst rnd efciently yog mgst gseu ueiglru expuessions. Which commrnd-line gality rue yog most likely to gse? A. Noteprd B. MS Excel C. Guep D. Relraonrl Drtrbrse
Aoswern C Question 125 Iniarani rn rtrck ririnst truieted bgsinesses rnd ouirnizraons, thuert rctous compuomise r cruefglly selected website by inseuani rn exploit uesglani in mrlwrue infecaon. The rtrckeus ugn exploits on well-known rnd tugsted sites likely to be visited by theiu truieted vicams. Aside fuom cruefglly choosini sites to compuomise, these rtrcks rue known to incoupourte zeuo-dry exploits thrt truiet gnprtched vglneurbiliaes. Thgs, the truieted enaaes rue lef with litle ou no defense ririnst these exploits. Whrt type of rtrck is ogtlined in the scenruio? A. Wrteuini Hole Atrck B. Speru Phisini Atrck C. Herutbleed Atrck D. Shellshock Atrck
Aoswern A
________________________________________________________________________________________________
http://www. testinsides.com/
More Documents from "Vasil Sultanov"
312-50v9
February 2021 2