Domain 5: Procedures/Methodology
Which of the following best describes a certificate authority (CA)?
An entity that issues digital certificates.
Lorena, the CIO, wants to ensure that the company's security practices and policies match well with their firewall security configuration for maximum protection against hacking. Which of the following actions should Lorena take?
Hire a penetration tester.
The Simple Network Management Protocol (SNMP) is used to manage devices such as routers, hubs, and switches. SNMP works with an SNMP agent and an SNMP management station in which layer of the OSI model?
Application Layer
In which phase of the ethical hacking process do you gather information from a system to learn more about its configurations, software, and services?
Enumeration
It may be tempting for an organization to feel secure after going through the process of penetration testing and the corrections and hardening that you must perform. Which of the following should you help them to understand?
Hackers have time on their side, and there will always be new threats to security.
Which of the following assessment types relies on each step to determine the next step, and then only tests relevant areas of concern?
Inference-based
Which of the following flags is used by a TCP scan to direct the sending system to send buffered data?
PSH
First, you must locate the live nodes in the network. Second, you must itemize each open port and service in the network. Finally, you test each open port for known vulnerabilities. These are the three basic steps in which of the following types of testing?
Penetration
Randy was just hired as a penetration tester for the red team. Which of the following best describes the red team?
Performs offensive security tasks to test the network's security.
Which of the following scans is used to actively engage a target in an attempt to gather information about it?
Port scan
When a penetration tester starts gathering details about employees, vendors, business processes, and physical security, which phase of testing are they in?
Reconnaissance
Which of the following is an entity that accepts and validates information contained within a request for a certificate?
Registration authority
The penetration testing life cycle is a common methodology used when performing a penetration test. This methodology is almost identical to the ethical hacking methodology. Which of the following is the key difference between these methodologies?
Reporting
Rose, an ethical hacker, has created a report that clearly identifies her findings and recommendations for locking down an organization's systems and patching problems. Which of the following phases of the vulnerability management life cycle is she working in?
Risk assessment
Which of the following solutions creates the risk that a hacker might gain access to the system?
Service-based
Allen, the network administrator, needs a tool that can do network intrusion prevention and intrusion detection, capture packets, and monitor information. Which of the following tools would he most likely select?
Snort
Which of the following is malware that works by stealth to capture information and then sends it to a hacker to gain remote access?
Spyware
Which of the following forms of cryptography is best suited for bulk encryption because of its speed?
Symmetric cryptography
IP address spoofing, fragmentation attacks, using proxy servers, ICMP tunneling, and ACK tunneling are all examples of which of the following firewall penetration testing techniques?
TCP packet filtering
Which of the following phases of the vulnerability management lifecycle implements patches, hardening, and correction of weaknesses?
The remediation phase
Which of the following is a characteristic of the Advanced Encryption Standard (AES) symmetric block cipher?
Uses the Rijndael block cipher.
Which of the following best describes a DoS attack?
A hacker overwhelms or damages a system and prevents users from accessing a service.
Which of the following describes a PKI?
A security architecture that ensures data connections between entities are validated and secure.
MinJu, a penetration tester, is testing a client's security. She notices that every Wednesday, a few employees go to a nearby bar for happy hour. She goes to the bar and starts befriending one of the employees with the intention of learning the employee's personal information. Which information gathering technique is MinJu using?
Social engineering
Heather is performing a penetration test. She has gathered a lot of valuable information about her target already. Heather has used some hacking tools to determine that, on her target network, a computer named Production Workstation has port 445 open. Which step in the ethical hacking methodology is Heather performing?
Scanning and enumeration
A technician is using a modem to dial a large block of phone numbers in an attempt to locate other systems connected to a modem. Which type of network scan is being used?
Wardialing
Which of the following terms is the encrypted form of a message that is unreadable except to its intended recipient?
ciphertext
Which of the following system exploitation methods happens by adding a malicious file to a file path that is missing quotation marks and has spaces in it?
Path interception
Which of the following is considered an out-of-band distribution method for private key encryption?
Copying the key to a USB drive.
Which of the following is the number of keys used in symmetric encryption?
One
A penetration tester is trying to extract employee information during the reconnaissance phase. What kinds of data is the tester collecting about the employees?
Contact names, phone numbers, email addresses, fax numbers, and addresses
You are an ethical hacker contracting with a medical clinic to evaluate their environment. Which of the following is the first thing you should do?
Define the effectiveness of the current security policies and procedures.
