CEH Module 1 - Introduction to Ethical Hacking
How do employers protect assets with security policies pertaining to employee surveillance activities? (A) Employers provide employees with written statements that clearly discuss the boundaries of monitoring activities and the consequences. (B) Employers promote monitoring activities of employees as long as the employees demonstrate trustworthiness. (C) Employers use network surveillance to monitor employee e-mail traffic and network access, and to record employee keystrokes. (D) Employers use informal verbal communication channels to explain employee monitoring activities to employees.
A
In order to show improvement of security over time, what must be developed? (A) Metrics (B) Taxonomy of vulnerabilities (C) Testing tools (D) Reports
A
In which of the following hacking phases does an attacker try to detect listening ports to find information about the nature of services running on the target machine? (A) Scanning (B) Maintaining Access (C) Clearing Tracks (D) Gaining Access
A
Which of the following is a detective control? (A) Smart card authentication (B) Security policy (C) Audit trail (D) Continuity of Operations Plan
A
Highlander, Incorporated, decides to hire an ethical hacker to identify vulnerabilities at the regional locations and ensure system security. What is the main difference between a hacker and an ethical hacker when they are trying to compromise the regional offices? (A) Hackers don't have any knowledge of the network before they compromise the network. (B) Ethical Hackers have the permission of upper management. (C) Hackers have more sophisticated tools. (D) Ethical hackers have the permission of the regional server administrators.
B
Ron, a customer support intern, exploited default configurations and settings of the off-the-shelf libraries and code used in the company's CRM platform. How will you categorize this attack? (A) Operating System attack (B) Shrink-wrap code attack (C) Application-level attack (D) Mis-configuration attack
B
The Open Web Application Security Project (OWASP) testing methodology addresses the need to secure web applications by providing which one of the following services? (A) A security certification for hardened web applications (B) A list of flaws and how to fix them (C) An extensible security framework named COBIT (D) Web application patches
B
What information should an IT system analysis provide to the risk assessor? (A) Management buy-in (B) Security architecture (C) Threat statement (D) Impact analysis
B
Which of the following malware types restricts access to the computer system's files and folders, and demands a payment to the malware creator(s) in order to remove the restrictions? (A) Adware (B) Ransomware (C) Spyware (D) Trojan Horse
B
Which type of access control is used on a router or firewall to limit network activity? (A) Mandatory (B) Discretionary (C) Rule-based (D) Role-based
B
A CEH is approached by a friend who believes her husband is cheating. She offers to pay to break into her husband's email account in order to find proof so she can take him to court. What is the ethical response? (A) Say yes; the friend needs help to gather evidence. (B) Say no; make sure that the friend knows the risk she's asking the CEH to take. (C) Say no; the friend is not the owner of the account. (D) Say yes; do the job for free.
C
Ransomware encrypts the files and locks systems, thereby leaving the system in an unusable state. The compromised user has to pay ransom to the attacker to unlock the system and get the files decrypted. Petya delivers malicious code can that even destroy the data with no scope of recovery. What is this malicious code called? (A) Bot (B) Vulnerability (C) Payload (D) Honeypot
C
An IT security engineer notices that the company's web server is currently being hacked. What should the engineer do next? (A) Record as much information as possible from the attack (B) Determine the origin of the attack and launch a counterattack (C) Perform a system restart on the company's web server (D) Unplug the network connection on the company's web server
D
In which phase of risk management process does an analyst calculate the organization's risks and estimate the likelihood and impact of those risks? (A) Risk Treatment (B) Risk monitoring and review (C) Risk identification (D) Risk assessment
D
Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. Employees, when in the office, utilize desktop computers that have Windows 10, Microsoft Office, anti-malware/virus software, and an insurance application developed by a contractor. All of the software updates and patches are managed by the IT department of Highlander, Incorporated. Group policies are used to lock down the desktop computers, including the use of Applocker to restrict the installation of any third-party applications. There are one hundred employees who work from their home offices. Employees who work from home use their own computers, laptops, and personal smartphones. They authenticate to a cloud-based domain service, which is synchronized with the corporate internal domain service. The computers are updated and patched through the cloud-based domain service. Applocker is not used to restrict the installation of third-party applications. The protocol that they have chosen is Authentication Header (AH). The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server and the company uses work folders to synchronize offline copies back to their devices. A competitor has finished the reconnaissance and scanning phases of their attack. They are going to try to gain access to the Highlander, Incorporated, laptops. Which would be the most likely level to gain access? (A) Application Level (B) Hardware Level (C) Operating System (D) Network Level
A
What are the three types of compliances that the Open-Source Security Testing Methodology Manual (OSSTMM) recognizes? (A) Contractual, regulatory, industry. (B) Audit, standards-based, regulatory. (C) Legislative, contractual, standards-based. (D) Legal, performance, audit.
A
Which of the following terms refers to gaining access to one network and/or computer and then using the same to gain access to multiple networks and computers that contain desirable information? (A) Daisy Chaining (B) Social Engineering (C) Kill Chain (D) Doxing
A
You have been hired to do an ethical hacking (penetration Testing) for a company. Which is the first thing you should do in this process? (A) Network Information Gathering (B) Acquiring Target (C) Escalating Privileges (D) Perimeter Testing
A
The implementation of a BYOD policy that prohibits employees from bringing personal computing devices into a facility falls under what type of security controls? (A) Procedural (B) Physical (C) Logical (D) Technical
B
Which of the following is an active reconnaissance technique? (A) Collecting contact information from yellow pages (B) Scanning a system by using tools to detect open ports (C) Performing dumpster diving (D) Collecting information about a target from search engines
B
Which security control role does encryption meet? (A) Corrective Controls (B) Preventative Controls (C) Both detective and corrective controls (D) Detective Controls
B
A newly discovered flaw in a software application would be considered as which kind of security vulnerability? (A) HTTP header injection vulnerability (B) Time-to-check to time-to-use flaw (C) Zero-day vulnerability (D) Input Validation Flaw
C
Which of the following is a network based threat? (A) Buffer overflow (B) Input validation flaw (C) Session hijacking (D) Arbitrary code execution
C
A consultant is hired to do a physical penetration test at a large financial company. On the first day of his assessment, the consultant goes to the company's building dressed as an electrician and waits in the lobby for an employee to pass through the main access gate, and then the consultant follows the employee behind to get into the restricted area. Which type of attack did the consultant perform? (A) Tailgating (B) Shoulder Surfing (C) Social Engineering (D) Mantrap
A
Anonymous, a known hacker group, claim to have taken down 20,000 Twitter accounts linked to Islamic State in response to the Paris attacks that left 130 people dead. How can you categorize this attack by Anonymous? (A) Hacktivism (B) Spoofing (C) Cracking (D) Social Engineering
A
Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. Employees, when in the office, utilize desktop computers that have Windows 10, Microsoft Office, anti-malware/virus software, and an insurance application developed by a contractor. All of the software updates and patches are managed by the IT department of Highlander, Incorporated. Group policies are used to lock down the desktop computers, including the use of Applocker to restrict the installation of any third-party applications. There are one hundred employees who work from their home offices. Employees who work from home use their own computers, laptops, and personal smartphones. They authenticate to a cloud-based domain service, which is synchronized with the corporate internal domain service. The computers are updated and patched through the cloud-based domain service. Applocker is not used to restrict the installation of third-party applications. The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server, and the company uses work folders to synchronize offline copies back to their devices. A competitor learns that employees use their own personal smartphones to communicate with other employees of Highlander, Incorporated. Which information security attack vector should the competitor use to gather information over a long period of time from the phones, without the victim being aware that he or she has been compromised? (A) Advanced Persistent Threat (B) Botnet (C) Viruses and Worms (D) Mobile Threats
A
Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. Employees, when in the office, utilize desktop computers that have Windows 10, Microsoft Office, anti-malware/virus software, and an insurance application developed by a contractor. All the software updates and patches are managed by the IT department of Highlander, Incorporated. Group policies are used to lock down the desktop computers, including the use of Applocker to restrict the installation of any third-party applications. There are one hundred employees who work from their home offices. Employees who work from home use their own computers, laptops, and personal smartphones. They authenticate to a cloud-based domain service, which is synchronized with the corporate internal domain service. The computers are updated and patched through the cloud-based domain service. Applocker is not used to restrict the installation of third-party applications. The laptops utilize direct access to automatically connect their machines to the Highlander, Incorporated, network when they are not in the regional offices. The laptops are set up to use IPsec when communicating with the cloud-based file server. The protocol that they have chosen is Authentication Header (AH). The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server, and the company uses work folders to synchronize offline copies back to their devices. Based on the knowledge of the network topology, which of the main elements of information security has Highlander, Incorporated, NOT addressed in its plans for its laptops? (A) Authenticity (B) Confidentiality (C) Availability (D) Integrity
A
Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. There are various types of employees working in the company, including technical teams, sales teams, and work-from-home employees. Highlander takes care of the security patches and updates of official computers and laptops; however, the computers or laptops of the work-from-home employees are to be managed by the employees or their ISPs. Highlander employs various group policies to restrict the installation of any third-party applications. As per Highlander's policy, all the employees are able to utilize their personal smartphones to access the company email in order to respond to requests for updates. Employees are responsible for keeping their phones up to date with the latest patches. The phones are not used to directly connect to any other resources in the Highlander, Incorporated, network. The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server, and the company uses work folders to synchronize offline copies back to their devices. Apart from Highlander employees, no one can access the cloud service. What type of cloud service is Highlander using? (A) Private Cloud (B) Public Cloud (C) Hybrid Cloud (D) Community Cloud
A
Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. There are various types of employees working in the company, including technical teams, sales teams, and work-from-home employees. Highlander takes care of the security patches and updates of official computers and laptops; however, the computers or laptops of the work-from-home employees are to be managed by the employees or their ISPs. Highlander employs various group policies to restrict the installation of any third-party applications. As per Highlander's policy, all the employees are able to utilize their personal smartphones to access the company email in order to respond to requests for updates. Employees are responsible for keeping their phones up to date with the latest patches. The phones are not used to directly connect to any other resources in the Highlander, Incorporated, network. The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server, and the company uses work folders to synchronize offline copies back to their devices. Management at Highlander, Incorporated, has agreed to develop an incident management process after discovering laptops were compromised and the situation was not handled in an appropriate manner. What is the first phase that Highlander, Incorporated, needs to implement within their incident management process? (A) Forensic Investigation. (B) Preparation for Incident Handling and Response. (C) Containment. (D) Classification and Prioritization.
A
In which of the following hacking phases does an attacker use steganography and tunneling techniques to hide communication with the target for continuing access to the victim's system and remain unnoticed and uncaught? (A) Clearing Tracks (B) Reconnaissance (C) Scanning (D) Enumeration
A
James has published personal information about all senior executives of Essential Securities Bank on his blog website. He has collected all this information from multiple social media websites and publicly accessible databases. What is this known as? (A) Doxing (B) Phishing (C) Impersonation (D) Social Engineering
A
Stephany is the leader of an information security team of a global corporation that has several branch offices around the world. In the past six months, the company has suffered several security incidents. The CSIRT explains to Stephany that the incidents have something in common: the source IP addresses of all the incidents are from one of the new branches. A lot of the outsourcing staff come to this office to connect their computers to the LAN. What is the most accurate security control to implement to resolve the primary source of the incidents? (A) Network access control (NAC) (B) Awareness to employees (C) Internal Firewall (D) Antimalware application
A
When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is (A) OSSTMM addresses controls and OWASP does not. (B) OWASP addresses controls and OSSTMM does not. (C) OWASP is for web applications and OSSTMM does not include web applications. (D) OSSTMM is gray box testing and OWASP is black box testing.
A
When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user security training would be beneficial? (A) Social engineering. (B) Vulnerability scanning. (C) Application security testing. (D) Network sniffing.
A
Which United States legislation mandates that the chief executive officer (CEO) and the chief financial officer (CFO) must sign statements verifying the completeness and accuracy of financial reports? (A) Sarbanes-Oxley Act (SOX) (B) Gramm-Leach-Bliley Act (GLBA) (C) Fair and Accurate Credit Transactions Act (FACTA) (D) Federal Information Security Management Act (FISMA)
A
Which of the following attack vectors is a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period of time? The intention of this attack is to steal data rather than to cause damage to the network or organization. (A) Advanced Persistent Threats (B) Botnet (C) Insider Attack (D) Mobile Threats
A
Which of the following can an administrator do to verify that a tape backup can be recovered in its entirety? (A) Perform a full restore. (B) Read the first 512 bytes of the tape. (C) Read the last 512 bytes of the tape. (D) Restore a random file.
A
Which of the following category of information warfare is a sensor-based technology that directly corrupts technological systems? (A) Intelligence-based warfare (B) Economic warfare (C) Electronic warfare (D) Command and control warfare (C2 warfare)
A
Which of the following ensures that updates to policies, procedures, and configurations are made in a controlled and documented manner? (A) Peer Review (B) Regulatory Compliance (C) Change Management (D) Penetration Testing
A
Which of the following guidelines or standards governs the credit card industry? (A) Payment Card Industry Data Security Standards (PCI DSS) (B) Health Insurance Portability and Accountability Act (HIPAA) (C) Sarbanes-Oxley Act (SOX) (D) Control Objectives for Information and Related Technology (COBIT)
A
Which of the following is a primary service of the U.S. CSIRT? (A) CSIRT provides penetration testing service to support exception reporting on incidents worldwide by individuals and multinational corporations. (B) CSIRT provides computer security surveillance service to supply a government with important intelligence information on individuals traveling abroad. (C) CSIRT provides vulnerability assessment service to assist law enforcement agencies with profiling an individual's property or a company's asset. (D) CSIRT provides an incident response service to enable a reliable and trusted single point of contact for reporting computer security incidents worldwide.
A
Which of the following is one of the four critical components of an effective risk assessment? (A) Administrative safeguards. (B) DMZ. (C) Physical security. (D) Logical interface.
A
Which of the following statements correctly defines a zero-day attack? (A) An attack that exploits vulnerabilities before the software developer releases a patch for the vulnerability. (B) An attack that could not exploit vulnerabilities even though the software developer has not released a patch. (C) An attack that exploits an application even if there are zero vulnerabilities. (D) An attack that exploits vulnerabilities after the software developer releases a patch for the vulnerability.
A
Which of the following techniques is used to distribute malicious links via some communication channel such as mails to obtain private information from the victims? (A) Phishing (B) Piggybacking (C) Dumpster Diving (D) Vishing
A
Which of the following statements are true regarding N-tier architecture? (Choose two.) (A) The N-tier architecture must have at least one logical layer. (B) Each layer must be able to exist on a physically independent system. (C) When a layer is changed or updated, the other layers must also be recompiled or modified. (D) Each layer should exchange information only with the layers above and below it.
A C
Why is ethical hacking necessary? (Select two.) (A) Ethical hackers try to find what an intruder can see on the system under evaluation. (B) Ethical hackers try to find if all the components of information systems are adequately protected, updated, and patched (C) Ethical hackers are responsible for incident handling and response in the organization. (D) Ethical hackers are responsible for selecting security solutions and try to verify the ROI of security systems.
A D
A computer technician is using the latest version of a word-processing software and discovers that a particular sequence of characters is causing the entire computer to crash. The technician researches the bug and discovers that no one else has experienced the problem. What is the appropriate next step? (A) Ignore the problem completely and let someone else deal with it. (B) Notify the vendor of the bug and do not disclose it until the vendor gets a chance to issue a fix. (C) Create a document that will crash the computer when opened and send it to friends. (D) Find an underground bulletin board and attempt to sell the bug to the highest bidder.
B
A penetration tester is hired to do a risk assessment of a company's DMZ. The rules of engagement state that the penetration test has to be done from an external IP address with no prior knowledge of the internal IT systems. What kind of test is being performed? (A) Grey Box (B) Black Box (C) White Box (D) Red Box
B
A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work, so the consultant prints out several audits that they have performed for previous companies. Which of the following is likely to occur as a result? (A) The company accepting bids will want the same type of format of testing. (B) The consultant may expose vulnerabilities of other companies. (C) The consultant will ask for money on the bid because of great work. (D) The company accepting bids will hire the consultant because of the great work performed.
B
A security policy is more acceptable to employees if it is consistent and has the support of: (A) The security officer (B) Coworkers (C) A supervisor (D) Executive management
B
An ethical hacker for a large security research firm performs penetration tests, vulnerability tests, and risk assessments. A friend recently started a company and asks the hacker to perform a penetration test and vulnerability assessment of the new company as a favor. What should the hacker's next step be before starting work on this job? (A) Use social engineering techniques on the friend's employees to help identify areas that may be susceptible to attack. (B) Define the penetration testing scope. (C) Begin the reconnaissance phase with passive information gathering and then move into active information gathering. (D) Start by footprinting the network and mapping out a plan of attack.
B
Cristine is the CEO of a global corporation that has several branch offices around the world. The company employs over 300 workers, half of whom use computers. Recently, the company suffered from a ransomware attack that disrupted many services, and many people have written to Cristine with questions about why it happened. She asks Edwin, the systems administrator, about servers that have encrypted information. Edwin explains to Cristine that the servers have a screen asking about bitcoins to pay to decrypt the information, but he does not know why. What team does the company lack? (A) Vulnerability Management team. (B) CSIRT. (C) Administrators team. (D) unencrypt team.
B
Highlander, is a medical insurance company with several regional company offices in North America. Employees, when in the office, utilize desktop computers that have Windows 10, Microsoft Office, anti-malware/virus software, and an insurance application developed by a contractor. All the software updates and patches are managed by the IT department of Highlander, Incorporated. Group policies are used to lock down the desktop computers, including the use of Applocker to restrict the installation of any third-party applications.There are one hundred employees who work from their home offices. Employees who work from home use their own computers, laptops, and personal smartphones. They authenticate to a cloud-based domain service, which is synchronized with the corporate internal domain service. The computers are updated and patched through the cloud-based domain service. Applocker is not used to restrict the installation of third-party applications. The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server, and the company uses work folders to synchronize offline copies back to their devices. Based on the knowledge of the network topology and trends in network security, what would be the primary target of a hacker trying to compromise Highlander? (A) Personal Laptops (B) Personal Smartphones (C) Cloud Based File Server (D) Company Desktops
B
Jonathan, a solutions architect with a start-up, was asked to redesign the company's web infrastructure to meet the growing customer demands. He proposed the following architecture to the management: CLICK THIS LINK: (A) Ensuring high availability (B) Ensuring integrity of the application servers (C) Ensuring confidentiality of the data (D) Proper user authentication
B
To reduce the attack surface of a system, administrators should perform which of the following processes to remove unnecessary software, services, and insecure configuration settings? (A) Windowing (B) Hardening (C) Harvesting (D) Stealthing
B
What is the correct order of steps in the system hacking cycle? (A) Executing Applications -> Gaining Access -> Covering Tracks -> Escalating Privileges -> Hiding Files (B) Escalating Privileges -> Gaining Access -> Executing Applications -> Covering Tracks -> Hiding Files (C) Covering Tracks -> Hiding Files -> Escalating -> Privileges -> Executing Applications -> Gaining Access (D) Gaining Access -> Escalating Privileges -> Executing Applications -> Hiding Files -> Covering Tracks
B
What is the name of the international standard that establishes a baseline level of confidence in the security functionality of IT products by providing a set of requirements for evaluation? (A) Blue Book (B) Common Criteria (C) The Wassenaar Agreement (D) ISO 26029
B
When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy? (A) A bottom-up approach. (B) A top-down approach. (C) A senior creation approach. (D) An IT assurance approach.
B
When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing? (A) At least once a year and after any significant upgrade or modification (B) At least twice a year or after any significant upgrade or modification (C) At least once every three years or after any significant upgrade or modification (D) At least once every two years and after any significant upgrade or modification
B
Which initial procedure should an ethical hacker perform after being brought into an organization? (A) Begin security testing. (B) Sign a formal contract with a non-disclosure clause or agreement (C) Turn over deliverables (D) Assess what the organization is trying to protect
B
Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation? (A) Vulnerability Assessment (B) Penetration Testing (C) Social Engineering (D) Access Control List Reviews
B
Which of the following examples best represents a logical or technical control? (A) Heating and Air Conditioning (B) Security Tokens (C) Smoke and Fire Alarms (D) Corporate Security Policy
B
Which of the following terms refers to unskilled hackers who compromise systems by running scripts, tools, and software developed by real hackers? They usually focus on the quantity of attacks rather than the quality of the attacks that they initiate. (A) Hacktivist (B) Script Kiddies (C) Gray Hats (D) Suicide Hackers
B
Which security strategy requires using several, diverse methods to protect IT systems against attacks? (A) Exponential backoff algorithm (B) Defense in depth (C) Covert channels (D) Three-way handshake
B
You are the security administrator of Xtrinity, Inc. You write security policies and conduct assessments to protect the company's network. During one of your periodic checks to see how well policy is being followed by the employees, you discover that an employee has attached his laptop to his personal 4G Wi-Fi device. He has used this 4G connection to download certain files from the Internet, thereby bypassing your firewall. A security policy breach has occurred as a direct result of this activity. The employee explains that he used the modem because he had to download software for a department project. How would you resolve this situation? (A) Install a network-based IDS (B) Enforce the corporate security policy (C) Conduct a needs analysis (D) Reconfigure the firewall
B
A certified ethical hacker (CEH) completed a penetration test of the main headquarters of a company almost two months ago but has yet to get paid. The customer is suffering from financial problems, and the CEH is worried that the company will go out of business and end up not paying. What actions should the CEH take? (A) Exploit some of the vulnerabilities found on the company webserver to deface it. (B) Tell other customers of the financial problems with payments from this company. (C) Follow proper legal procedures against the company to request payment. (D) Threaten to publish the penetration test results if not paid.
C
A network administrator is promoted as chief security officer at a local university. One of his new responsibilities is to manage the implementation of an RFID card access system to a new server room on campus. The server room will house student enrollment information that is securely backed up to an off-site location.During a meeting with an outside consultant, the chief security officer explains that he is concerned that the existing security controls have not been designed properly. Currently, the network administrator is responsible for approving and issuing RFID card access to the server room, as well as reviewing the electronic access logs on a weekly basis.Which of the following is an issue with the situation? (A) Undue influence (B) An inadequate disaster recovery plan (C) Segregation of Duties (D) Lack of Experience
C
Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. There are various types of employees working in the company, including technical teams, sales teams, and work-from-home employees. Highlander takes care of the security patches and updates of official computers and laptops; however, the computers or laptops of the work-from-home employees are to be managed by the employees or their ISPs. Highlander employs various group policies to restrict the installation of any third-party applications. As per Highlander's policy, all the employees are able to utilize their personal smartphones to access the company email in order to respond to requests for updates. Employees are responsible for keeping their phones up to date with the latest patches. The phones are not used to directly connect to any other resources in the Highlander, Incorporated, network. The company is concerned about the potential vulnerabilities that could exist on their devices. What would be the best type of vulnerability assessment for the employees' smartphones? (A) Passive Assessment (B) Wireless Network Assessment (C) Active Assessment (D) Host-Based Assessment
C
Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. There are various types of employees working in the company, including technical teams, sales teams, and work-from-home employees. Highlander takes care of the security patches and updates of official computers and laptops; however, the computers or laptops of the work-from-home employees are to be managed by the employees or their ISPs. Highlander employs various group policies to restrict the installation of any third-party applications. As per Highlander's policy, all the employees are able to utilize their personal smartphones to access the company email in order to respond to requests for updates. Employees are responsible for keeping their phones up to date with the latest patches. The phones are not used to directly connect to any other resources in the Highlander, Incorporated, network. The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server, and the company uses work folders to synchronize offline copies back to their devices. Highlander, Incorporated, is concerned about their defense in depth. The scope of their concern is especially the users with mobile phones. In order to provide appropriate security, which layer of defense in depth should they focus the most attention on? (A) Internal Network (B) Policies, Procedures, and Awareness (C) Perimeter (D) Physical
C
In the software security development lifecycle, threat modeling occurs in which phase? (A) Implementation (B) Verification (C) Design (D) Requirements
C
International Organization for Standardization (ISO) standard 27002 provides guidance for compliance by outlining (A) Financial soundness and business viability metrics (B) Standard best practice for configuration management (C) Guidelines and practices for security controls (D) Contract agreement writing standards
C
Juan is the administrator of a Windows domain for a global corporation. He uses his knowledge to scan the internal network to find vulnerabilities without the authorization of his boss; he tries to perform an attack and gain access to an AIX server to show the results to his boss. What kind of role is shown in the scenario? (A) Annoying employee (B) White Hat hacker (C) Gray Hat hacker (D) Black Hat Hacker
C
What is the objective of a reconnaissance phase in a hacking life-cycle? (A) Identifying specific vulnerabilities in the target network. (B) Gaining access to the target system with admin/root level privileges. (C) Gathering as much information as possible about the target. (D) Gaining access to the target system and network.
C
Which of the following is a preventive control? (A) Performance Review (B) Continuity of Operations Plan (C) Smart Card Authentication (D) Audit Trail
C
Which of the following is considered an acceptable option when managing a risk? (A) Initiate Risk (B) Reject the Risk (C) Mitigate the Risk (D) Deny the Risk
C
Which of the following tasks DOES NOT fall under the scope of ethical hacking? (A) Vulnerability Scanning (B) Risk Assessment (C) Defense-in-depth implementation (D) Pen Testing
C
Which of these is a preventive security control? (A) Forensics (B) Security Incident Handling (C) Vulnerability Management (D) Disaster Recovery
C
Yancey is a network security administrator for a large electric company. This company provides power for over 100,000 people in Las Vegas. Yancey has worked for his company for more than 15 years and has become very successful. One day, Yancey comes into work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years; he just wants the company to pay for what they are doing to him. What would Yancey be considered? (A) Since he does not care about going to jail, he would be considered a black hat. (B) Because Yancey works for the company currently, he would be a white hat. (C) Yancey would be considered a suicide hacker. (D) Yancey is a hacktivist hacker since he is standing up to a company that is downsizing.
C
An e-commerce site was put into a live environment and the programmers failed to remove the secret entry point (bits of code embedded in programs) that was used during the application development to quickly gain access at a later time, often during the testing or debugging phase. What is this secret entry point known as? (A) SQL injection (B) Honey pot (C) SDLC process (D) Trap door
D
Arturo is the leader of information security professionals of a small financial corporation that has a few branch offices in Africa. The company suffered an attack of USD 10 million through an interbanking system. The CSIRT explained to Arturo that the incident occurred because 6 months ago the hackers came in from the outside through a small vulnerability, then they did a lateral movement to the computer of a person with privileges in the interbanking system. Finally, the hackers got access and did the fraudulent transactions. What is the most accurate name for the kind of attack in this scenario? (A) Backdoor (B) External Attack (C) Internal Attack (D) APT
D
Bayron is the CEO of a medium size company with regional operations in America. He recently hired a security analyst to implement an ISMS. This analyst will design and implement Patch Management, Vulnerability Management and Security Incident Handler procedures for the company. Which of these is a reactive process? (A) Vulnerability Management. (B) A and B are correct. (C) Patch Management (D) Security Incident Handler
D
Company XYZ is one of the most famous and well-known organization across the globe for its cyber security services. It has received Best Cyber Security Certification Provider Award for three consecutive times. One day, a hacker identified severe vulnerability in XYZ's website and exploited the vulnerabilities in the website successfully compromising customers' private data. Besides the loss of data and the compromised network equipment, what has been the worst damage for Company XYZ? (A) Routers (B) Customers (C) Credit Score (D) Reputation
D
How can a policy help improve an employee's security awareness? (A) By sharing security secrets with employees, enabling employees to share secrets, and establishing a consultative helpline (B) By using informal networks of communication, establishing secret passing procedures, and immediately terminating employees (C) By decreasing an employee's vacation time, addressing ad hoc employment clauses, and ensuring that managers know employee strengths (D) By implementing written security procedures, enabling employee security training, and promoting the benefits of security
D
Individuals who promote security awareness or a political agenda by performing hacking are known as: (A) Suicide Hackers (B) Script Kiddies (C) Cyber Terrorists (D) Hacktivist
D
Low humidity in a data center can cause which of the following problems? (A) Heat (B) Airborne Contamination (C) Corrosion (D) Static Electricity
D
Which fundamental element of information security refers to an assurance that the information is accessible only to those authorized to have access? (A) Availability (B) Integrity (C) Authenticity (D) Confidentiality
D
Which of the following can be categorized as a host-based threat? (A) Distributed Denial-of Service (B) IDS bypass (C) Man-in-the-Middle attack (D) Privilege escalation
D
Which of the following items is unique to the N-tier architecture method of designing software applications? (A) It is compatible with various databases including Access, Oracle, and SQL. (B) Application layers can be written in C, ASP.NET, or Delphi without any performance loss. (C) Data security is tied into each layer and must be updated for all layers when an upgrade is performed. (D) Application layers can be separated, allowing each layer to be upgraded independently from other layers.
D
Which of the following policies provides the guidelines on the processing, storage and transmission of sensitive information? (A) Server Security Policy. (B) Network Security Policy. (C) Acceptable Use Policy. (D) Information Protection Policy.
D
Which of the following processes evaluates the adherence of an organization to its stated security policy? (A) Vulnerability Assessment (B) Risk Assessment (C) Penetration Testing (D) Security Auditing
D
Which of the following security policies protects the organizational resources and enables organizations to track their assets? (A) Remote Access Policy (B) User Account Policy (C) Information Protection Policy (D) Access Control Policy
D
Which of the following terms refers to the existence of a weakness, design flaw, or implementation error that can lead to an unexpected event compromising the security of the system? (A) Exploit (B) Hacking (C) Zero-Day Attack (D) Vulnerability
D
Which type of scan is used on the eye to measure the layer of blood vessels? (A) Facial Recognition Scan (B) Iris Scan (C) Signature Kinetics Scan (D) Retinal Scan
D
Which type of security documents provides specific step-by-step details? (A) Process (B) Paradigm (C) Policy (D) Procedure
D
Which vital role does the U.S. Computer Security Incident Response Team (CSIRT) provide? (A) Measurement of key vulnerability assessments on behalf of the Department of Defense (DoD) and State Department, as well as private sectors. (B) Maintenance of the nation's Internet infrastructure, builds out new Internet infrastructure, and decommissions old Internet infrastructure. (C) Registration of critical penetration testing for the Department of Homeland Security and public and private sectors. (D) 24x7 CSIRT Services to any user, company, government agency, or organization.
D
