QUESTION 1
An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?
A. Reverse Social Engineering
B. Tailgating
C. Piggybacking
D. Announced
Correct Answer: B
QUESTION 2
Which of the following is the best countermeasure to encrypting ransomwares?
A. Use multiple antivirus softwares
B. Keep some generation of off-line backup
C. Analyze the ransomware to get decryption key of encrypted data
D. Pay a ransom
Correct Answer: B
QUESTION 3
If an attacker uses the command SELECT*FROM user WHERE name = ‘x’ AND userid IS NULL; –‘; which type of SQL injection attack is the attacker performing?
A. End of Line Comment
B. UNION SQL Injection
C. Illegal/Logically Incorrect Query
D. Tautology
Correct Answer: A
QUESTION 4
Sophia travels a lot and worries that her laptop containing confidential documents might be stolen. What is the best protection that will work for her?
A. Full Disk encryption
B. BIOS password
C. Hidden folders
D. Password protected files
Correct Answer: A
QUESTION 5
An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to “www.MyPersonalBank.com”, that the user is directed to a phishing site. Which file does the attacker need to modify?
A. Boot.ini
B. Sudoers
C. Networks
D. Hosts
Correct Answer: D
QUESTION 6
Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?
A. Produces less false positives
B. Can identify unknown attacks
C. Requires vendor updates for a new threat
D. Cannot deal with encrypted network traffic
Correct Answer: B
QUESTION 7
You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line.
Which command would you use?
A. c:\gpedit
B. c:\compmgmt.msc
C. c:\ncpa.cp
D. c:\services.msc
Correct Answer: B
QUESTION 8
Which of the following act requires employer’s standard national numbers to identify them on standard transactions?
A. SOX
B. HIPAA
C. DMCA
D. PCI-DSS
Correct Answer: B
QUESTION 9
In Wireshark, the packet bytes panes show the data of the current packet in which format?
A. Decimal
B. ASCII only
C. Binary
D. Hexadecimal
Correct Answer: D
QUESTION 10
_________ is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.
A. DNSSEC
B. Resource records
C. Resource transfer
D. Zone transfer
Correct Answer: A
QUESTION 11
PGP, SSL, and IKE are all examples of which type of cryptography?
A. Hash Algorithm
B. Digest
C. Secret Key
D. Public Key
Correct Answer: D
QUESTION 12
Which of the following is considered as one of the most reliable forms of TCP scanning?
A. TCP Connect/Full Open Scan
B. Half-open Scan
C. NULL Scan
D. Xmas Scan
Correct Answer: A
QUESTION 13
Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?
A. ICMP Echo scanning
B. SYN/FIN scanning using IP fragments
C. ACK flag probe scanning
D. IPID scanning
Correct Answer: B
QUESTION 14
Which of the following is the BEST way to defend against network sniffing?
A. Restrict Physical Access to Server Rooms hosting Critical Servers
B. Use Static IP Address
C. Using encryption protocols to secure network communications
D. Register all machines MAC Address in a Centralized Database
Correct Answer: C
QUESTION 15
You have successfully gained access to a Linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by Network-Based Intrusion Detection Systems (NIDS). What is the best way to evade the NIDS?
A. Out of band signaling
B. Protocol Isolation
C. Encryption
D. Alternate Data Streams
Correct Answer: C
QUESTION 16
What is the purpose of a demilitarized zone on a network?
A. To scan all traffic coming through the DMZ to the internal network
B. To only provide direct access to the nodes within the DMZ and protect the network behind it
C. To provide a place to put the honeypot
D. To contain the network devices you wish to protect
Correct Answer: B
QUESTION 17
You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?
A. All three servers need to be placed internally
B. A web server facing the Internet, an application server on the internal network, a database server on the internal network
C. A web server and the database server facing the Internet, an application server on the internal network
D. All three servers need to face the Internet so that they can communicate between themselves
Correct Answer: B
QUESTION 18
The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host 10.0.0.3. He also needs to permit all FTP traffic to the rest of the network and deny all other traffic. After he applied his ACL configuration in the router, nobody can access to the ftp, and the permitted hosts cannot access the Internet. According to the next configuration, what is happening in the network?
A. The ACL 104 needs to be first because is UDP
B. The ACL 110 needs to be changed to port 80
C. The ACL for FTP must be before the ACL 110
D. The first ACL is denying all TCP traffic and the other ACLs are being ignored by the router
Correct Answer: D
QUESTION 19
When conducting a penetration test, it is crucial to use all means to get all available information about the target network. One of the ways to do that is by sniffing the network. Which of the following cannot be performed by the passive network sniffing?
A. Identifying operating systems, services, protocols and devices
B. Modifying and replaying captured network traffic
C. Collecting unencrypted information about usernames and passwords
D. Capturing a network traffic for further analysis
Correct Answer: B
QUESTION 20
A company’s Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application. What kind of Web application vulnerability likely exists in their software?
A. Cross-site scripting vulnerability
B. Web site defacement vulnerability
C. SQL injection vulnerability
D. Cross-site Request Forgery vulnerability
Correct Answer: A
QUESTION 21
Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key. Suppose a malicious user Rob tries to get access to the account of a benign user Ned. Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?
A. “GET/restricted/goldtransfer?to=Rob&from=1 or 1=1’ HTTP/1.1Host: westbank.com”
B. “GET/restricted/accounts/?name=Ned HTTP/1.1 Host: westbank.com”
C. “GET/restricted/bank.getaccount(‘Ned’) HTTP/1.1 Host: westbank.com”
D. “GET/restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.com”
Correct Answer: B
QUESTION 22
Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?
A. Metasploit
B. Cain & Abel
C. Maltego
D. Wireshark
Correct Answer: C
QUESTION 23
Which of these is capable of searching for and locating rogue access points?
A. HIDS
B. NIDS
C. WISS
D. WIPS
Correct Answer: D
You may also like:- Top 10 Computer Fundamentals Questions and Answers
- Quiz Time – Testing Your Knowledge on Popular Computer Questions
- 15 Important Questions Related to Computer
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 14
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 13
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 12
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 11
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 10
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 9
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 8