CS-ETHICAL HACKING-EXAM REVIEW

John built a forum-based website. He wants to save a payload in the database to affect its viewers. What attack is most likely to be used?

Stored XSS

While using Nmap to map an organization and find open ports, Tom receives RST as a response. What is the port status?

The port is closed.

A new security vulnerability in software that wasn't known before.

Zero-day

Thomas tries to change his friend's PC boot order but encounters a password request. What security solution was implemented?

BIOS password

What tool is highly effective when testing client-server transactions, can be used to manipulate captured data, and can send the data to the server?

Burp Suite

In order to crack a password on a website, Sasha did some research on the user and gathered information about him. What tool can be used to make the cracking process easier?

CUPP

Which type of On-Path attack includes the process of redirecting a domain name request to a custom phishing domain?

DNS Poisoning

What tool can be used to clone a specific website to be used in a phishing campaign?

HTTrack

What platform can help Ted perform penetration testing on a system?

MetaSploit

What can be used to prevent SQL Injection on a website?

Prepared statements

Which of the following users would you try to compromise if you could not get root access?

Any user