You have successfully compromised a network workstation and discovered a live server on the same network. You attempted to ping it but received no answer. What’s going on?
Correct
Incorrect
Question 2 of 110
2. Question
1 point(s)
By forcing a particular web application to connect to another database controlled by a hacker, which tool is used to automate SQL injections and exploit a database?
Correct
Incorrect
Question 3 of 110
3. Question
1 point(s)
A security engineer is attempting to map the internal network of a corporation. The engineer types the following NMAP command via the command:
NMAP -n -sS -P0 -p 80 ***.***.**.**
What kind of scan is this?
Correct
Incorrect
Question 4 of 110
4. Question
1 point(s)
Which of the following is an example of an implementation of asymmetric encryption?
Correct
Incorrect
Question 5 of 110
5. Question
1 point(s)
Which of the following is the BEST approach to preventing Personally Identifiable Information (PII) from being abused due to online application vulnerabilities?
Correct
Incorrect
Question 6 of 110
6. Question
1 point(s)
Trinity must scan all hosts on a /16 network for only TCP port 445. What is the quickest way for her to do this with Nmap?
Hint: Stealth is not an issue.
Correct
Incorrect
Question 7 of 110
7. Question
1 point(s)
____________ is a type of malware (malicious software) that crooks install on your computer in order to lock it remotely. This malware displays a warning message in the form of a pop-up window, a webpage, or an email from what appears to be an official authority. It informs you that your computer has been locked due to probable criminal activity and that you must pay a fee before you can access your data and programs again.
Which of the terms below best describes the definition?
Correct
Incorrect
Question 8 of 110
8. Question
1 point(s)
If the port is open, what is the right answer to a NULL scan?
Correct
Incorrect
Question 9 of 110
9. Question
1 point(s)
A nmap command with the 202.176.56-57.* host specification will scan ______________ hosts
Correct
Incorrect
Question 10 of 110
10. Question
1 point(s)
The system administrator observed an alert was logged when the external router was accessed from the administrator’s workstation to update the router configuration when reviewing the IDS logs. What kind of warning is this?
Correct
Incorrect
Question 11 of 110
11. Question
1 point(s)
How does an operating system keep account login passwords secure?
Correct
Incorrect
Question 12 of 110
12. Question
1 point(s)
What type of analysis is carried out when an attacker only has a limited understanding of the application’s inner workings?
Correct
Incorrect
Question 13 of 110
13. Question
1 point(s)
Which settings allow Nessus to recognize when it sends too many packets and the network pipe is full?
Correct
Incorrect
Question 14 of 110
14. Question
1 point(s)
What are two software tools that are used to estimate the operating system? (Select two)
Correct
Incorrect
Question 15 of 110
15. Question
1 point(s)
What can a tester do to ensure that the program is trustworthy and not altering or tampering with critical data on the back end of the system it is loaded on?
Correct
Incorrect
Question 16 of 110
16. Question
1 point(s)
Bob received a text on his phone stating, “Hello, this is Scott Smelby from Yahoo Bank.”
Please contact me at [email protected] for a critical transaction.” Which of the following statements is correct?
Correct
Incorrect
Question 17 of 110
17. Question
1 point(s)
You are attempting to scan a web server’s ports using Nmap. To dodge IDS, which of the following instructions would make the least noise during a scan of popular ports?
Correct
Incorrect
Question 18 of 110
18. Question
1 point(s)
Which of the following approaches is the BEST for preventing Cross-Site Scripting (XSS) flaws?
Correct
Incorrect
Question 19 of 110
19. Question
1 point(s)
Which of the following is an example of preventive control?
Correct
Incorrect
Question 20 of 110
20. Question
1 point(s)
To see if a software program can handle a wide range of invalid input, automated testing can be used to generate invalid input at random and see if the program crashes. What is the most often used term to describe this type of testing?
Correct
Incorrect
Question 21 of 110
21. Question
1 point(s)
What is the subnet 190.86.168.0/22’s broadcast address?
Correct
Incorrect
Question 22 of 110
22. Question
1 point(s)
Which security operations are used to determine an organization’s attack surface?
Correct
Incorrect
Question 23 of 110
23. Question
1 point(s)
In an N-tier application architecture, which layer is responsible for data movement and processing between the tiers?
Correct
Incorrect
Question 24 of 110
24. Question
1 point(s)
ABC’s security administrator must allow Internet traffic through host 10.0.0.2 and UDP traffic through host 10.0.0.3. He must also allow all FTP traffic to reach the rest of the network while blocking all other traffic. Nobody can access the ftp after he applied his ACL setup to the router, and the approved hosts cannot access the Internet. What is going on in the network according to the next configuration?
Correct
Incorrect
Question 25 of 110
25. Question
1 point(s)
How can a policy help an employee become more security conscious?
Correct
Incorrect
Question 26 of 110
26. Question
1 point(s)
Company A and Company B just amalgamated, each with its own Public Key Infrastructure (PKI). What must the Certificate Authorities (CAs) establish in order for Company A and Company B’s private PKIs to trust one another and for each private PKI to authenticate digital certificates issued by the other?
Correct
Incorrect
Question 27 of 110
27. Question
1 point(s)
Risks = Threats x Vulnerabilities is referred to as the ____________.
Correct
Incorrect
Question 28 of 110
28. Question
1 point(s)
This wireless security technique was proved worthless in 2007 when packets were captured, and the passkey was discovered in a matter of seconds. TJ Maxx’s network was infiltrated and data stolen as a result of this security hole, which was exploited using a technique known as wardriving.
To which Algorithm is this alluding?
Correct
Incorrect
Question 29 of 110
29. Question
1 point(s)
This method of password cracking employs a combination of word lists, numbers, and special characters:
Correct
Incorrect
Question 30 of 110
30. Question
1 point(s)
Which security policies govern the usage of a Virtual Private Network (VPN) to access a company’s internal network?
Correct
Incorrect
Question 31 of 110
31. Question
1 point(s)
Which of the following guarantees that policy, procedure, and configuration adjustments are controlled and documented?
Correct
Incorrect
Question 32 of 110
32. Question
1 point(s)
Which of the following assertions best represents Social Engineering in the context of computer security?
Correct
Incorrect
Question 33 of 110
33. Question
1 point(s)
What is a proven approach for safeguarding a router against smurf attacks?
Correct
Incorrect
Question 34 of 110
34. Question
1 point(s)
An injection attack on a web server based on True/False questions is called ___________.
Correct
Incorrect
Question 35 of 110
35. Question
1 point(s)
Your firm conducts penetration tests and security assessments for local small and medium-sized businesses. During a normal security check, you come across evidence that your client is involved in human trafficking.
So, what are your options?
Correct
Incorrect
Question 36 of 110
36. Question
1 point(s)
In the widely used OpenSSL cryptographic software library, which of the following is a severe vulnerability?
Hint: This flaw allows information to be stolen that is normally secured by the SSL/TLS encryption used to secure the Internet.
Correct
Incorrect
Question 37 of 110
37. Question
1 point(s)
Bob discovered that his username and password for a well-known game had been stolen. He contacts the company and resets all of the data. Which of the options below enables two-factor authentication, as recommended by the company?
Correct
Incorrect
Question 38 of 110
38. Question
1 point(s)
When it comes to risk management, which of the following is considered an acceptable option?
Correct
Incorrect
Question 39 of 110
39. Question
1 point(s)
Which of the following best illustrates logical or technical control?
Correct
Incorrect
Question 40 of 110
40. Question
1 point(s)
A company’s developer is entrusted with developing an application that allows consumers to change their billing and shipping information. The billing address field has a 50-character restriction. What pseudo code might the developer use to protect the billing address field from a buffer overflow attack?
Correct
Incorrect
Question 41 of 110
41. Question
1 point(s)
How does the distributed port scan work?
Correct
Incorrect
Question 42 of 110
42. Question
1 point(s)
When it comes to creating new firewall rules, the network team has well-defined protocols to follow. Before implementing any new regulations, you must get permission from a manager. You notice a recently introduced rule while evaluating the firewall configuration but cannot find management clearance. In a circumstance like this, what would be a decent step to include in the procedures?
Correct
Incorrect
Question 43 of 110
43. Question
1 point(s)
Sam is employed as a pen-tester for a company in Houston. He performs penetration testing on IDS to discover how many methods an attacker can get around the IDS. Sam sends a large number of packets to the target IDS, which triggers alarms, allowing Sam to mask the true traffic. What approach is Sam employing to elude IDS?
Correct
Incorrect
Question 44 of 110
44. Question
1 point(s)
What is the best way to protect yourself against a privilege escalation vulnerability?
Correct
Incorrect
Question 45 of 110
45. Question
1 point(s)
Which of the following can be used to administer a botnet?
Correct
Incorrect
Question 46 of 110
46. Question
1 point(s)
Today’s business realities need the development of risk response methods. Which of the five basic risk responses is NOT one of the five?
Correct
Incorrect
Question 47 of 110
47. Question
1 point(s)
You wish to examine your wireless network’s packets. Which program do you think you’d use?
Correct
Incorrect
Question 48 of 110
48. Question
1 point(s)
Bluetooth exchanges data between associated devices using which digital modulation technique?
Correct
Incorrect
Question 49 of 110
49. Question
1 point(s)
Which of these is capable of finding and searching for rogue access points?
Correct
Incorrect
Question 50 of 110
50. Question
1 point(s)
Look over the snort rule and figure out how to apply it. tcp any any –> alert 192.168.1.0/24 111 (content:”| 00 01 86 a5|”; msG. “mountd access”;)
Correct
Incorrect
Question 51 of 110
51. Question
1 point(s)
In wireless communication, what type of antenna is used?
Correct
Incorrect
Question 52 of 110
52. Question
1 point(s)
You are the Network Administrator and have received a report that some websites are no longer accessible. You ping the servers and discover that they are reachable. Then you type in the IP address and open the browser to see if it’s accessible. However, when you try to access them using the URL, they are unavailable. What could be the issue?
Correct
Incorrect
Question 53 of 110
53. Question
1 point(s)
How is the public key delivered, regulated, and ordered so that users can be confident in the sender’s identity?
Correct
Incorrect
Question 54 of 110
54. Question
1 point(s)
What is the BEST course of action if you discover that a rootkit has been installed on one of your systems?
Correct
Incorrect
Question 55 of 110
55. Question
1 point(s)
Which technologies, such as bidirectional voice and video, are best for secret communications?
Correct
Incorrect
Question 56 of 110
56. Question
1 point(s)
What is a ‘null’ user in the context of Windows Security?
Correct
Incorrect
Question 57 of 110
57. Question
1 point(s)
A hacker is trying to determine which IP addresses are active on a network. The hacker would utilize which NMAP switch?
Correct
Incorrect
Question 58 of 110
58. Question
1 point(s)
How does the term “probability” connect to the idea of “threat” in risk management?
Correct
Incorrect
Question 59 of 110
59. Question
1 point(s)
A tester finds an access point utilizing WPA2 encryption during a wireless penetration test. To obtain the key, which of the following attacks should be used?
Correct
Incorrect
Question 60 of 110
60. Question
1 point(s)
What is the most significant drawback of scripting languages over compiled programming languages?
Correct
Incorrect
Question 61 of 110
61. Question
1 point(s)
A huge financial company recruits a consultant to conduct physical penetration testing. The consultant goes to the company’s building dressed as an electrician and waits in the lobby for an employee to pass through the main access gate, then follows the person behind to get into the restricted area on the first day of his inspection. What kind of attack did the consultant carry out?
Correct
Incorrect
Question 62 of 110
62. Question
1 point(s)
You are about to be hired by a well-known bank as a penetration tester. Which of the following documents covers the nature of the testing and its infractions and essentially protects both the bank’s interest and your liability as a tester?
Correct
Incorrect
Question 63 of 110
63. Question
1 point(s)
A user seeks guidance from a network administrator on transmitting encrypted emails from home.
The end-user does not want to be responsible for any license costs or server management. Which of the following encryption protocols should the network administrator propose as the most secure?
Correct
Incorrect
Question 64 of 110
64. Question
1 point(s)
The priority of MX records increases as the number of records grows. (True/False)
Correct
Incorrect
Question 65 of 110
65. Question
1 point(s)
Which of the following is a low-tech method for getting unauthorized system access?
Correct
Incorrect
Question 66 of 110
66. Question
1 point(s)
Bob is a renowned hacker who is well-liked by visitors to “underground” websites. Many people have indicated an interest in learning from Bob since he is eager to share his knowledge with those willing to learn. This knowledge, however, comes with a danger, as it can also be utilized for malicious attacks. What is the most successful way to bridge the knowledge gap between “black” hats or crackers and “white” hats or computer security professionals in this context?
Correct
Incorrect
Question 67 of 110
67. Question
1 point(s)
Which of the following statements about LM hashes is correct?
Correct
Incorrect
Question 68 of 110
68. Question
1 point(s)
What information should a risk assessor get from an IT system analysis?
Correct
Incorrect
Question 69 of 110
69. Question
1 point(s)
An attacker has captured a target file encrypted using public key cryptography. Which of the following attacks is most likely to crack the target file?
Correct
Incorrect
Question 70 of 110
70. Question
1 point(s)
The International Organization for Standardization (ISO) standard 27002 sets the conformance standards. Which of the following is a correct statement about ISO?
Correct
Incorrect
Question 71 of 110
71. Question
1 point(s)
Which of the following is a rootkit’s primary goal?
Correct
Incorrect
Question 72 of 110
72. Question
1 point(s)
What type of constraint is enforced by the “grey box testing” methodology?
Correct
Incorrect
Question 73 of 110
73. Question
1 point(s)
On the target website, an attacker modifies the profile information of a specific user (victim). The attacker uses this string to convert the victim’s profile to a text file, which is then sent to the attacker’s database.
iframe src=”http://www.vulnweb.com/updateif.php” style=”display:none”> iframe src=”http://www.vulnweb.com/updateif.php” style=”display:none”>
What is the name of this type of attack (which can employ HTTP GET or HTTP POST)?
Correct
Incorrect
Question 74 of 110
74. Question
1 point(s)
For enumeration, which of the following tools is used? (Select three options)
Correct
Incorrect
Question 75 of 110
75. Question
1 point(s)
A pentester exploits an FTP server with Metasploit and pivots to a LAN. How will the pentester use Metasploit to pivot?
Correct
Incorrect
Question 76 of 110
76. Question
1 point(s)
Which of the following qualities best describes a Boot Sector Virus?
Correct
Incorrect
Question 77 of 110
77. Question
1 point(s)
Which of the following is the best option for surfing the Internet anonymously?
Correct
Incorrect
Question 78 of 110
78. Question
1 point(s)
The browser displays a “Vulnerable” pop-up window when the analyst submits the form. What kind of web application flaw did the analyst find?
Correct
Incorrect
Question 79 of 110
79. Question
1 point(s)
You must examine many plain-text firewall logs in order to assess network activity. You are aware that regular expressions are required for quick and effective log searches. Which command-line tool will you use the most?
Correct
Incorrect
Question 80 of 110
80. Question
1 point(s)
A computer technician is working with a new version of word processing software when he discovers that a specific sequence of characters causes the computer to crash. The technician investigates the bug and determines that no one else has had the same issue. What is the next logical step?
Correct
Incorrect
Question 81 of 110
81. Question
1 point(s)
Which of the following is an application that requires a host application for replication?
Correct
Incorrect
Question 82 of 110
82. Question
1 point(s)
A company employs a penetration tester to conduct a wireless penetration test. According to previous complaints, the last test did not include any management or control packets in the submitted traces. The most likely cause of a shortage of management or control packets is which of the following?
Correct
Incorrect
Question 83 of 110
83. Question
1 point(s)
An attacker uses the command below to scan a host. What are the three flags that have been raised? (Select three)
#nmap -sX host.domain.com
Correct
Incorrect
Question 84 of 110
84. Question
1 point(s)
You are a Sales Manager at Acme Corporation. The organization has stringent network security policies in place. You’re attempting to copy data from the company’s Sales database (Sales.xls) to your own PC. The traffic that leaves your company’s internal network and enters the Internet is filtered and monitored. How are you going to accomplish this without arousing suspicion?
Correct
Incorrect
Question 85 of 110
85. Question
1 point(s)
A penetration tester tries to scan an internal corporate network from the internet without setting off the border sensor. What is the most effective strategy that the tester should use?
Correct
Incorrect
Question 86 of 110
86. Question
1 point(s)
To find Cisco VPN config files, a hacker searches Google for filetype:pcf. Which of the following can be used to decipher connectivity passwords in those files?
Correct
Incorrect
Question 87 of 110
87. Question
1 point(s)
IP spoofing is exemplified by which of the following?
Correct
Incorrect
Question 88 of 110
88. Question
1 point(s)
A technician is attempting to resolve a problem with a computer that is unable to connect to the Internet via a wireless access point. The computer can send files to other computers locally, but it is unable to connect to the Internet. According to the technician, the IP address and default gateway are both on the 192.168.1.0/24 network. Which of the following events has taken place?
Correct
Incorrect
Question 89 of 110
89. Question
1 point(s)
A woman who suspects her husband of adultery approaches a Certified Ethical Hacker (CEH). She offers to pay the hacker to hack into her husband’s email account and obtain material that she may use in court against him. What is the ethical course of action?
Correct
Incorrect
Question 90 of 110
90. Question
1 point(s)
env x=`(){ :;};echo exploit` bash -c ‘cat /etc/passwd’
What is the Shellshock bash vulnerability attempting to do on a susceptible Linux host?
Correct
Incorrect
Question 91 of 110
91. Question
1 point(s)
What are some of the things you would recommend to a corporation as a security consultant to ensure DNS security?
As a result, an attacker using the Shellshock vulnerability to inject this code would see the password file spewed onto their screen as part of the web page returned.
Correct
Incorrect
Question 92 of 110
92. Question
1 point(s)
Some passwords are kept using hashes, which are specialized encryption methods. Why is this a good approach to use?
Correct
Incorrect
Question 93 of 110
93. Question
1 point(s)
A corporation has publicly accessible web apps as well as an intranet that is protected by a firewall. Which approach will assist you in avoiding being counted?
Correct
Incorrect
Question 94 of 110
94. Question
1 point(s)
For a company, which of the following incident handling process steps is responsible for developing rules, cooperating human workforce, creating a backup plan, and testing plans?
Correct
Incorrect
Question 95 of 110
95. Question
1 point(s)
In pharming and phishing attacks, attackers might build websites that appear authentic to acquire personally identifying information from their victims. What’s the difference between phishing and pharming?
Correct
Incorrect
Question 96 of 110
96. Question
1 point(s)
While conducting security evaluations for one of your clients, you were able to collect data indicating that your client is engaging in fraudulent operations. So, what are your options?
Correct
Incorrect
Question 97 of 110
97. Question
1 point(s)
A tester has been hired to perform a security test on a web application. The tester notes that the site is dynamic and requires the use of a database on the back end.
What is the first character the tester should try breaking a legitimate SQL request with to verify if SQL injection is possible?
Correct
Incorrect
Question 98 of 110
98. Question
1 point(s)
You observe the following string in the URL bar while utilizing your bank’s online services: “http://www.MyPersonalBank.com/account?id=368940911028389 and Damount=10980andCamount=21”
When you adjust the Damount and Camount values and submit the request, you see that the data on the web page reflects the changes.
On this site, what kind of vulnerability can you find?
Correct
Incorrect
Question 99 of 110
99. Question
1 point(s)
When is external and internal penetration testing required under the Payment Card Industry Data Security Standard (PCI-DSS)?
Correct
Incorrect
Question 100 of 110
100. Question
1 point(s)
A covert channel is one that is not open to the public. Which of the following is a correct statement?
Correct
Incorrect
Question 101 of 110
101. Question
1 point(s)
Which scanning method divides the TCP header into many packets, making it harder for packet filters to determine the packet’s purpose?
Correct
Incorrect
Question 102 of 110
102. Question
1 point(s)
A hacker could sniff packets on a company’s wireless network. The following details have been discovered:
What was the original message using the Exclusive OR?
Correct
Incorrect
Question 103 of 110
103. Question
1 point(s)
Which of the following is a type of penetration testing that largely focuses on human interaction and frequently involves duping people into violating standard security protocols?
Correct
Incorrect
Question 104 of 110
104. Question
1 point(s)
This asymmetric cipher is created by multiplying two huge prime integers together. What is the above-mentioned cipher?
Correct
Incorrect
Question 105 of 110
105. Question
1 point(s)
Which condition guarantees a hash function does not provide the same hashed value for two messages?
Correct
Incorrect
Question 106 of 110
106. Question
1 point(s)
What is the most significant security risk in this scenario?
Correct
Incorrect
Question 107 of 110
107. Question
1 point(s)
Using a precomputed table of hashed passwords, what attack is utilized to crack passwords?
Correct
Incorrect
Question 108 of 110
108. Question
1 point(s)
A medium-sized accounting firm’s security engineer has been entrusted with determining how much information can be collected from the firm’s public-facing web servers. The engineer decides to begin by connecting to port 80 via netcat.
This is what the engineer gets:
Which of the following is an example of the work done by the engineer?
Correct
Incorrect
Question 109 of 110
109. Question
1 point(s)
Which of the following is an adaptive SQL Injection testing technique for detecting coding problems by inputting large amounts of random data and analyzing the output changes?
Correct
Incorrect
Question 110 of 110
110. Question
1 point(s)
What are the two requirements for a digital signature?
Correct
Incorrect
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.