c
Which of the following options of Sublist3r allows the user to specify a comma-separated list of search engines?
-e
Which of the following should NOT be followed when securing an organization from footprinting attacks?
Enabling the geo-tagging functionality on cameras
Sean works as a professional ethical hacker and penetration tester. He is assigned a project for information gathering on a client's network. He started penetration testing and was trying to find out the company's internal URLs, looking for any information about the different departments and business units. Sean was unable find any information. What should Sean do to get the information he needs?
Sean should use Sublist3r tool
Which of the following activities of a user on social networking sites helps an attacker footprint or collect the identity of the user's family members, the user's interests, and related information?
Sharing photos and videos
Robert, an attacker, targeted a high-level executive of an organization and wanted to obtain information about the executive on the Internet. He employed a tool through which he discovered the target user on various social networking sites, along with the complete URL. What is the tool used by Robert in the above scenario?
Sherlock
Which of the following close-in attacks is performed by an attacker to gather information by observing the target's activity at the closest proximity?
Shoulder Surfing
In which of the following footprinting threats does an attacker collect information directly and indirectly through persuasion without using any intrusion methods?
Social Engineering
Which of the following is the direct approach technique that serves as the primary source for attackers to gather competitive intelligence?
Social engineering
James, a professional hacker, targeted the employees of an organization to establish footprints in their network. For this purpose, he employed an online reconnaissance tool to extract information on individuals belonging to the target organization. The tool assisted James in obtaining employee information such as phone numbers, email addresses, address history, age, date of birth, family members, and social profiles. Identify the tool employed by James in the above scenario.
Spokeo
Which of the following tools allows attackers to search for people belonging to the target organization?
Spokeo
Which of the following is an online platform that can be used to collect and analyze information about devices and websites available on the Internet?
Spyse
Identify the meta-feature of the diamond model that can assist a security analyst in describing the relationship between infrastructure and capability.
Technology
Given below are the various phases of the cyber kill chain methodology. 1 Installation 2 Reconnaissance 3 Weaponization 4 Exploitation 5 Actions on objectives 6 Delivery 7 Command and control What is the correct sequence of phases involved in the cyber kill chain methodology?
2 -> 3 -> 6 -> 4 -> 1 -> 7 -> 5
Jake, an ethical hacker, was appointed by an organization to run a security audit and to test for possible loopholes and vulnerabilities on its network. Jake has completed all the necessary steps for performing the security audit and disclosed the vulnerabilities in the network. Given below are the steps for performing a security audit of an organization. 1 Organize an ethical hacking team and prepare the schedule for testing. 2 Analyze the results of the testing and prepare a report. 3 Talk to the client and discuss the needs to be addressed during the testing. 4 Present the findings to the client. 5 Prepare and sign NDA documents with the client. 6 Conduct the test. What is the correct sequence of steps involved in performing a security audit?
3 -> 5 -> 1 -> 6 -> 2 -> 4
Given below are the four key steps of the risk management phase. 1 Risk treatment 2 Risk tracking and review 3 Risk assessment 4 Risk identification What is the correct sequence of steps involved in the risk management phase?
4 -> 3 -> 1 -> 2
Given below are different steps in the threat modeling process. 1 Identify threats 2 Identify security objectives 3 Decompose the application 4 Application overview 5 Identify vulnerabilities What is the correct sequence of steps in the threat modeling process?
5 -> 2 -> 3 -> 1 -> 4
Which of the following TCP communication flags confirms the receipt of a transmission and identifies the next expected sequence number?
ACK flag
Lisa, a security analyst, was tasked with analyzing and documenting the possibility of cyberattacks against an organization. In this task, she followed the diamond model of intrusion analysis. During the initial analysis, Lisa started determining the strategies, methods, procedures, or tools that an attacker might use against the organization's network. Which of the following features of the diamond model did Lisa employ in the above scenario?
Capability
Joel, a professional hacker, has targeted an organization to steal sensitive information remotely. He was successful in the attack and was able to access sensitive data of the organization. He is now trying to wipe out the entries corresponding to his activities in the system to remain undetected. Which of the following hacking steps is Joel performing now?
Clearing logs
Which of the following fundamental elements of information security refers to an assurance that the information is accessible only to those authorized to have access?
Confidentiality
Which of the following practices helps security specialists protect a network against footprinting attempts?
Configure mail servers to ignore mails from anonymous individuals
Which of the following phases of incident handling and response helps responders prevent the spread of infection to other organizational assets and avoid additional damage?
Containment
Which of the following categories of information warfare involves the use of information systems against the virtual personas of individuals or groups and includes information terrorism, semantic attacks, and simula-warfare?
Cyberwarfare
What type of information is gathered by an attacker through Whois database analysis and tracerouting?
DNS records and related information
Which security strategy requires using several, diverse methods to protect IT systems against attacks?
Defense in depth
Jude, a security professional in an organization, was instructed to strengthen the security of the organization. In the process, to prevent direct attacks against an information system, Jude implemented a strategy based on the military principle that it is more difficult for an enemy to defeat a complex and multi-layered security system. What is the security strategy that Jude has implemented to prevent direct attacks against the information system?
Defense-in-depth
Which of the following tasks DOES NOT fall under the scope of ethical hacking?
Defense-in-depth implementation
Juan is the administrator of a Windows domain for a global corporation. He uses his knowledge to scan the internal network to find vulnerabilities without the authorization of his boss; he tries to perform an attack and gain access to an AIX server to show the results to his boss. What kind of role is shown in the scenario?
Gray hat hacker
Which of the following act contains "electronic transactions and code set standards" to transfer information between two parties for specific purposes?
HIPAA
Which of the following is the warfare category in which viruses, worms, Trojan horses, or sniffers are used to make systems shut down automatically, corrupt data, steal information or services, send fraudulent messages, and access unauthorized data?
Hacker Warfare
Anonymous, a known hacker group, claims to have taken down 20,000 Twitter accounts linked to the Islamic State in response to the Paris attacks that left 130 people dead. How can you categorize this attack by Anonymous?
Hacktivism
Individuals who promote security awareness or a political agenda by performing hacking are known as:
Hacktivists
Which of the following categories of hackers can increase awareness of their social or political agendas and boost their reputations in online and offline arenas?
Hacktivists
Which IoC category can be obtained by analyzing aspects of the infected system within the organizational network, such as filenames, file hashes, registry keys, DLLs, and mutex?
Host-based indicators
Which of the following tools consists of a publicly available set of databases that contain personal information of domain owners?
WHOIS lookup tools
In which of the following phases of the cyber kill chain methodology does an adversary select or create a tailored deliverable malicious payload using an exploit and a backdoor to send it to the victim?
Weaponization
Which of the following categories of PRE-ATT&CK techniques is associated with the MITRE ATT&CK framework for describing attacks?
Weaponize
Which of the following web services provides useful information about a target company, such as the market value of the company's shares, company profile, and competitor details?
investing.com
If the final set of security controls does not eliminate all the risk in a system, what could be done next?
If the residual risk is low enough, it can be accepted.
Which of the following countries' cyber laws include the Patents (Amendment) Act, 1999; Trademarks Act, 1999; and The Copyright Act, 1957?
India
Which of the following tools is used for gathering email account information from different public sources and checking whether an email was leaked using the haveibeenpwned.com API?
Infoga
John, a security professional, was tasked with intrusion analysis on a compromised system. For this purpose, John followed the diamond model of intrusion analysis. In this process, John analyzed the hardware and software used by the target and verified whether they have any connection with the attacker. This verification helped John in determining what the attacker used to reach the victim. Which of the following features of the diamond model did John employ in the above scenario?
Infrastructure
Which of the following information security elements includes a checksum and access control to verify that a given block of data is not changed in transit and ensures that only authorized personnel can update, add, or delete data?
Integrity
Which of the following categories of information warfare is a sensor-based technology that can directly disrupt technological systems?
Intelligence-based warfare
Which of the following guidelines or standards governs the credit card industry?
Payment Card Industry Data Security Standards (PCI DSS)
Identify the meta-feature of the diamond model that helps a security analyst in determining the progress of an attack or any malicious activity.
Phase
Jude, a professional hacker, targeted an organization's web server. Jude wanted to extract the information removed from older copies or archived links of the target website. For this purpose, he employed an exploration tool that assisted him in retrieving the archived URLs of the target website. Identify the tool employed by Jude in the above scenario.
Photon
Which of the following types of scanning involves the process of checking the services running on a target computer by sending a sequence of messages to break in?
Port scanning
Which of the following types of hackers compromise systems by running scripts, tools, and software developed by real hackers and usually focus on the quantity rather than quality of the attacks they initiate?
Script Kiddies
Which of the following terms refers to unskilled hackers who compromise systems by running scripts, tools, and software developed by real hackers? They usually focus on the quantity of attacks rather than the quality of the attacks that they initiate.
Script kiddies
Sean works as a penetration tester in ABC firm. He was asked to gather information about the target company. Sean begins with social engineering by following the steps: Secretly observes the target to gain critical information Looks at employee's password or PIN code with the help of binoculars or a low-power telescope Based on the above description, identify the social engineering technique.
Shoulder surfing
Which Google search query will search for any files a target certifiedhacker.com may have?
site: certifiedhacker.com filetype:xml | filetype:conf | filetype:cnf | filetype:reg | filetype:inf | filetype:rdp | filetype:cfg | filetype:txt | filetype:ora | filetype:ini
Sam, an attacker, was hired to launch an attack on an organization to disrupt its operations and gain access to a remote system for compromising the organization's internal network. In the process, Sam launched an attack to tamper with the data in transit to break into the organization's network. What is the type of attack Sam has performed against the target organization?
Active Attack
Bob recently joined an organization and completed his training. His work involved dealing with important documents of the organization. On one Sunday, he connected to the corporate network by providing authentication credentials to access a file online from his residence. Which of the following elements of information security was demonstrated in the above scenario?
Availability
Which of the following activities of an organization on social networking sites helps an attacker footprint or collect information regarding the type of business handled by the organization?
Background checks to hire employees
Steve, an attacker, wants to track the most shared content that belongs to the target organization. For this purpose, he used an advanced social search engine that displayed shared activity across all major social networks including Twitter, Facebook, LinkedIn, Google Plus, and Pinterest. What is the tool employed by Steve in the above scenario?
BuzzSumo
Which of the following techniques does an adversary use to communicate remotely with compromised systems through an encrypted session, where the adversary can steal data, delete data, and launch further attacks through the encrypted channel?
Command and control server
Identify the SOX title that consists of four sections and defines practices to restore investor confidence in securities analysts.
Commission resources and authority
Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. Employees, when in the office, utilize desktop computers that have Windows 10, Microsoft Office, anti-malware/virus software, and an insurance application developed by a contractor. All the software updates and patches are managed by the IT department of Highlander, Incorporated. Group policies are used to lock down the desktop computers, including the use of Applocker to restrict the installation of any third-party applications. There are one hundred employees who work from their home offices. Employees who work from home use their own computers, laptops, and personal smartphones. They authenticate to a cloud-based domain service, which is synchronized with the corporate internal domain service. The computers are updated and patched through the cloud-based domain service. Applocker is not used to restrict
Confidentiality
Which of the following meta-features of the diamond model can help a security analyst analyze how an attacker was routed to the target network or system?
Direction
Don, a professional hacker, was hired to break into an organization's network and extract sensitive data. In the attack process, Don found that the organization has purchased new hardware. He accessed the new hardware while it was in transit and tampered with it to launch further attacks on the target organization. What is the type of attack Don has performed on the target organization?
Distribution Attack
Which of the following techniques is a close-in attack where an attacker simply examines an organization's trash for any discarded sensitive information such as usernames, passwords, credit-card statements, bank statements, ATM receipts, social security numbers, and private telephone numbers?
Dumpster Diving
Which of the following terms refers to a person or security professional who employs their hacking skills for defensive purposes?
Ethical hacker
Highlander, Incorporated, decides to hire an ethical hacker to identify vulnerabilities at the regional locations and ensure system security. What is the main difference between a hacker and an ethical hacker when they are trying to compromise the regional offices?
Ethical hackers have the permission of upper management.
Which of the following deep and dark web searching tools helps an attacker obtain information about official government or federal databases and navigate anonymously without being traced?
ExoneraTor
Which of the following footprinting techniques allows an attacker to gather information passively about the target without direct interaction?
Extracting information using Internet archives
Which of the following TCP communication flags is set to "1" to announce that no more transmissions will be sent to the remote system and the connection established by the SYN flag is terminated?
FIN flag
Which of the following acts was enacted to produce several key security standards and guidelines required by Congressional legislation and provides a comprehensive framework for ensuring the effectiveness of information security controls over information resources that support federal operations and assets?
FISMA
In which of the following hacking phases does an attacker create a profile of the target organization and obtain information such as its IP address range, namespace, and employees?
Footprinting
Which of the following footprinting techniques allows an attacker to gather information about a target with direct interaction?
Gathering website information using web spidering and mirroring tools
Which of the following is a visualization and exploration tool that allows attackers to explore and understand graphs, create hypotheses, and discover hidden patterns between social networking connections?
Gephi
Peter, a professional hacker, targeted an organization's network to gather as much information as possible to perform future attacks. For this purpose, he employed a reconnaissance framework that helped him gather confidential information such as private Secure Shell (SSH) and Secure Sockets Layer (SSL) keys as well as dynamic libraries from an online third-party repository. Identify the online third-party repository targeted by Peter in the above scenario.
GitLab
Which of the following techniques is used to create complex search engine queries?
Google hacking
Which of the following DNS record type helps in DNS footprinting to determine a domain's mail server?
MX
Which of the following meta-features of the diamond model refers to any technique that is used by an adversary to perform an attack?
Methodology
Smith, a professional hacker, has targeted an organization. He employed some footprinting tools to scan through all the domains, subdomains, reachable IP addresses, DNS records, and Whois records to perform further attacks. What is the type of information Smith has extracted through the footprinting attempt?
Network information
Which of the following is the type of threat intelligence that provides contextual information about security events and incidents to help defenders disclose potential risks and provide greater insight into attacker methodologies?
Operational threat intelligence
Which of the following features in FOCA allows an attacker to find more servers in the same segment of a determined address?
PTR scanning
A penetration tester was hired to perform a penetration test for a bank. The tester began searching for IP ranges owned by the bank, performing lookups on the bank's DNS servers, reading news articles online about the bank, watching the bank employees time in and out, searching the bank's job postings (paying special attention to IT-related jobs), and visiting the local dumpster for the bank's corporate office. What phase of the penetration test is the tester currently in?
Passive information gathering
Highlander, Incorporated, is a medical insurance company with several regional company offices in North America. There are various types of employees working in the company, including technical teams, sales teams, and work-from-home employees. Highlander takes care of the security patches and updates of official computers and laptops; however, the computers or laptops of the work-from-home employees are to be managed by the employees or their ISPs. Highlander employs various group policies to restrict the installation of any third-party applications. As per Highlander's policy, all the employees are able to utilize their personal smartphones to access the company email in order to respond to requests for updates. Employees are responsible for keeping their phones up to date with the latest patches. The phones are not used to directly connect to any other resources in the Highlander, Incorporated, network. The database that hosts the information collected from the insurance application is hosted on a cloud-based file server, and their email server is hosted on Office 365. Other files created by employees get saved to a cloud-based file server, and the company uses work folders to synchronize offline copies back to their devices. Management at Highlander, Incorporated, has agreed to develop an incident management process after discovering laptops were compromised and the situation was not handled in an appropriate manner. What is the first phase that Highlander, Incorporated, needs to implement within their incident management process?
Preparation for incident handling and response
Which of the following categories of information warfare involves the use of various techniques such as propaganda and terror to demoralize the adversary in an attempt to succeed in battle?
Psychological Warfare
Passive reconnaissance involves collecting information through which of the following?
Publicly accessible sources
What information is gathered about the victim using email tracking tools?
Recipient's IP address, geolocation, proxy detection, operating system, and browser information
Jacob, a professional hacker, targeted an organization's website to find a way into its network. To achieve his goal, he employed a footprinting tool that helped him in gathering confidential files and other relevant information related to the target website from public source-code repositories. Identify the footprinting tool employed by Jacob in the above scenario.
Recon-ng
In machine-learning classification techniques, which of the following is a subcategory of supervised learning that is used when the data classes are not separated or the data are continuous?
Regression
Which of the following meta-features of the diamond model helps security professionals determine whether an attack was successful?
Result
Which results will be returned with the following Google search query? site:target.com -site:Marketing.target.com accounting
Results matching "accounting" in domain target.com but not on the site Marketing.target.com
In which phase of risk management process does an analyst calculate the organization's risks and estimate the likelihood and impact of those risks?
Risk assessment
Which of the following DNS record types indicates the authority for a domain of the target DNS server?
SOA
You are doing research on SQL injection attacks. Which of the following combination of Google operators will you use to find all Wikipedia pages that contain information about SQL, injection attacks, or SQL injection techniques?
SQL injection site:Wikipedia.org
Which of the following TCP communication flags notifies the transmission of a new sequence number and represents the establishment of a connection between two hosts?
SYN flag
In which of the following hacking phases does an attacker try to detect listening ports to find information about the nature of services running on the target machine?
Scanning
What is the output returned by search engines when extracting critical details about a target from the Internet?
Search engine results pages ("SERPs")
Bayron is the CEO of a medium size company with regional operations in America. He recently hired a security analyst to implement an Information Security Management System (ISMS) to minimize risk and limit the impact of a security breach. The analyst was asked to design and implement patch management, vulnerability management, IDS deployment, and security incident handling procedures for the company. Which of these is a reactive process?
Security incident handling
Which of the following tools allows attackers to collect information such as subdomains, IP addresses, HTTP response status, SSL/TTL certificates, vulnerability scores, and DNS records of the target domain or website?
Spyse
Which of the following search engine tools helps an attacker use an image as a search query and track the original source and details of images, such as photographs, profile pictures, and memes?
TinEye
Which of the following titles of SOX consists of four sections; defines practices to restore investor confidence in securities analysts; defines the SEC's authority to censure or bar securities professionals from practice; and defines the conditions to bar a person from practicing as a broker, advisor, or dealer?
Title VI: Commission Resources and Authority
Yancey is a network security administrator for a large electric company. This company provides power for over 100,000 people in Las Vegas. Yancey has worked for his company for more than 15 years and has become very successful. One day, Yancey comes into work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years; he just wants the company to pay for what they are doing to him. What would Yancey be considered?
Yancey would be considered a suicide hacker.
Which of the following commands allows attackers to retrieve the archived URLs of a target website from archive.org?
photon.py -u http//www.certifiedhacker.com -1 3 -t 200 --wayback
Which of the following tools does an attacker use to perform a query on the platforms included in OSRFramework?
searchfy.py
