QUESTION 93
Which of the following security policies defines the use of VPN for gaining access to an internal corporate network?
A. Network security policy
B. Information protection policy
C. Access control policy
D. Remote access policy
Correct Answer: D
QUESTION 94
To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used to randomly generate invalid input in an attempt to crash the program. What term is commonly used when referring to this type of testing?
A. Randomizing
B. Bounding
C. Mutating
D. Fuzzing
Correct Answer: D
QUESTION 95
If you want only to scan fewer ports than the default scan using Nmap tool, which option would you use?
A. -sP
B. -P
C. -r
D. -F
Correct Answer: D
QUESTION 96
In Risk Management, how is the term “likelihood” related to the concept of “threat?”
A. Likelihood is the likely source of a threat that could exploit a vulnerability.
B. Likelihood is the probability that a threat-source will exploit a vulnerability.
C. Likelihood is a possible threat-source that may exploit a vulnerability.
D. Likelihood is the probability that a vulnerability is a threat-source.
Correct Answer: B
QUESTION 97
Which of the following statements is TRUE?
A. Sniffers operate on Layer 2 of the OSI model
B. Sniffers operate on Layer 3 of the OSI model
C. Sniffers operate on both Layer 2 & Layer 3 of the OSI model.
D. Sniffers operate on the Layer 1 of the OSI model.
Correct Answer: A
QUESTION 98
What is the least important information when you analyze a public IP address in a security alert?
A. ARP
B. Whois
C. DNS
D. Geolocation
Correct Answer: A
QUESTION 99
You are the Network Admin, and you get a complaint that some of the websites are no longer accessible. You try to ping the servers and find them to be reachable. Then you type the IP address and then you try on the browser, and find it to be accessible. But they are not accessible when you try using the URL. What may be the problem?
A. Traffic is Blocked on UDP Port 53
B. Traffic is Blocked on TCP Port 80
C. Traffic is Blocked on TCP Port 54
D. Traffic is Blocked on UDP Port 80
Correct Answer: A
QUESTION 100
Internet Protocol Security IPSec is actually a suite of protocols. Each protocol within the suite provides different functionality. Collective IPSec does everything except.
A. Work at the Data Link Layer
B. Protect the payload and the headers
C. Encrypt
D. Authenticate
Correct Answer: A
QUESTION 101
On performing a risk assessment, you need to determine the potential impacts when some of the critical business process of the company interrupt its service. What is the name of the process by which you can determine those critical business?
A. Risk Mitigation
B. Emergency Plan Response (EPR)
C. Disaster Recovery Planning (DRP)
D. Business Impact Analysis (BIA)
Correct Answer: D
QUESTION 102
Assume a business-crucial web-site of some company that is used to sell handsets to the customers worldwide. All the developed components are reviewed by the security team on a monthly basis. In order to drive business further, the web-site developers decided to add some 3rd party marketing tools on it. The tools are written in JavaScript and can track the customer’s activity on the site. These tools are located on the servers of the marketing company. What is the main security risk associated with this scenario?
A. External script contents could be maliciously modified without the security team knowledge
B. External scripts have direct access to the company servers and can steal the data from there
C. There is no risk at all as the marketing services are trustworthy
D. External scripts increase the outbound company data traffic which leads greater financial losses
Correct Answer: A
QUESTION 103
What type of analysis is performed when an attacker has partial knowledge of inner-workings of the application?
A. Black-box
B. Announced
C. White-box
D. Grey-box
Correct Answer: D
QUESTION 104
Bob finished a C programming course and created a small C application to monitor the network traffic and produce alerts when any origin sends “many” IP packets, based on the average number of packets sent by all origins and using some thresholds. In concept, the solution developed by Bob is actually:
A. Just a network monitoring tool
B. A signature-based IDS
C. A hybrid IDS
D. A behavior-based IDS
Correct Answer: A
QUESTION 105
Which of the following is a low-tech way of gaining unauthorized access to systems?
A. Scanning
B. Sniffing
C. Social Engineering
D. Enumeration
Correct Answer: C
QUESTION 106
When tuning security alerts, what is the best approach?
A. Tune to avoid False positives and False Negatives
B. Rise False positives Rise False Negatives
C. Decrease the false positives
D. Decrease False negatives
Correct Answer: A
QUESTION 107
In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account’s confidential files and information. How can he achieve this?
A. Privilege Escalation
B. Shoulder-Surfing
C. Hacking Active Directory
D. Port Scanning
Correct Answer: A
QUESTION 108
Which regulation defines security and privacy controls for Federal information systems and organizations?
A. HIPAA
B. EU Safe Harbor
C. PCI-DSS
D. NIST-800-53
Correct Answer: D
QUESTION 109
Your company performs penetration tests and security assessments for small and medium-sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved with human trafficking.
What should you do?
A. Confront the client in a respectful manner and ask her about the data.
B. Copy the data to removable media and keep it in case you need it.
C. Ignore the data and continue the assessment until completed as agreed.
D. Immediately stop work and contact the proper legal authorities.
Correct Answer: D
QUESTION 110
You are a security officer of a company. You had an alert from IDS that indicates that one PC on your Intranet is connected to a blacklisted IP address (C2 Server) on the Internet. The IP address was blacklisted just before the alert. You are staring an investigation to roughly analyze the severity of the situation. Which of the following is appropriate to analyze?
A. Event logs on the PC
B. Internet Firewall/Proxy log
C. IDS log
D. Event logs on domain controller
Correct Answer: B
QUESTION 111
Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of communication?
A. 123
B. 161
C. 69
D. 113
Correct Answer: A
QUESTION 112
It has been reported to you that someone has caused an information spillage on their computer. You go to the computer, disconnect it from the network, remove the keyboard and mouse, and power it down. What step in incident handling did you just complete?
A. Discovery
B. Recovery
C. Containment
D. Eradication
Correct Answer: C
QUESTION 113
Which of the following cryptography attack is an understatement for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by a coercion or torture?
A. Chosen-Cipher text Attack
B. Ciphertext-only Attack
C. Timing Attack
D. Rubber Hose Attack
Correct Answer: D
QUESTION 114
In cryptanalysis and computer security, ‘pass the hash’ is a hacking technique that allows an attacker to authenticate to a remote server/service by using the underlying NTLM and/or LanMan hash of a user’s password, instead of requiring the associated plaintext password as is normally the case. Metasploit Framework has a module for this technique: psexec. The psexec module is often used by penetration testers to obtain access to a given system whose credentials are known. It was written by sysinternals and has been integrated within the framework. The penetration testers successfully gain access to a system through some exploit, use meterpreter to grab the passwords or other methods like fgdump, pwdump, or cachedump and then utilize rainbowtables to crack those hash values. Which of the following is true hash type and sort order that is used in the psexec module’s ‘smbpass’ option?
A. LM:NT
B. NTLM:LM
C. NT:LM
D. LM:NTLM
Correct Answer: A
QUESTION 115
You are looking for SQL injection vulnerability by sending a special character to web applications. Which of the following is the most useful for quick validation?
A. Double quotation
B. Backslash
C. Semicolon
D. Single quotation
Correct Answer: D
You may also like:- Top 10 Computer Fundamentals Questions and Answers
- Quiz Time – Testing Your Knowledge on Popular Computer Questions
- 15 Important Questions Related to Computer
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 14
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 13
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 12
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 11
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 10
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 9
- Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 8
