CEH v12 Practice Questions
Andrew is conducting a penetration test. He is now embarking on sniffing the target network. What is not available for Andrew when sniffing the network? A) Collecting unencrypted information about usernames and passwords B) Modifying and replaying captured network traffic C) Capturing network traffic for further analysis D) Identifying operating systems, services, protocols, and devices
Modifying and replaying captured network traffic
How works the mechanism of a Boot Sector Virus? A) Moves the MBR to another location on the Random-access memory and copies itself to the original location of the MBR B) Overwrites the original MBR and only executes the new virus code C) Modifies directory table entries to point to the virus code instead of the actual MBR D) Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR
Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR
Which of the following program attack both the boot sector and executable files? A) Stealth virus B) Polymorphic virus C) Macro virus D) Multipartite virus
Multipartite virus
Which regulation defines security and privacy controls for all U.S. federal information systems except those related to national security? A) HIPAA B) EU Safe Harbor C) NIST-800-53 D) PCI-DSS
NIST-800-53
Which of the following tools is a command-line vulnerability scanner that scans web servers for dangerous files/CGIs? A) Snort B) Kon-Boot C) John the Ripper D) Nikto
Nikto
Jack sent an email to Jenny with a business proposal. Jenny accepted it and fulfilled all her obligations. Jack suddenly refused his offer when everything was ready and said taht he had never sent an email. Which of the following digital signature properties will help Jenny prove that Jack is lying? A) Authentication B) Non-Repudiation C) Integrity D) Confidentiality
Non-Repudiation
What does the flag "-oX" mean in Nmap? A) Run an express scan B) Output the results in truncated format to the screen C) Run an Xmas scan D) Output the results in XML format to a file
Outputs the results in XML format to a file
Why is a penetration test considered to be better than a vulnerability scan? A) The tools used by penetration testers tend to have much more comprehensive vulnerability databases B) Penetration tests are intended to exploit weakness in the architecture of your IT network, while a vulnerability scan does not typically involve active exploitation C) Vulnerability scans only do host discovery and port scanning by default D) A penetration test is often performed by an automated tool, while a vulnerability scan requires active engagement
Penetration tests are intended to exploit weakness in the architecture of your IT network, while a vulnerability scan does not typically involve active exploitation
You analyze the logs and see the following output of logs from the machine with the IP address of 192.168.0.132: Time August 21 11:22:06 Port:20 Source:192.168.0.30 Destination:192.168.0.132 Protocol:TCP Time August 21 11:22:08 Port:21 Source:192.168.0.30 Destination:192.168.0.132 Protocol:TCP Time August 21 11:22:11 Port:22 Source:192.168.0.30 Destination:192.168.0.132 Protocol:TCP Time August 21 11:22:14 Port:23 Source:192.168.0.30 Destination:192.168.0.132 Protocol:TCP Time August 21 11:22:15 Port:25 Source:192.168.0.30 Destination:192.168.0.132 Protocol:TCP Time August 21 11:22:19 Port:80 Source:192.168.0.30 Destination:192.168.0.132 Protocol:TCP Time August 21 11:22:21 Port:443 Source:192.168.0.30 Destination:192.168.0.132 Protocol:TCP What conclusion can you make based on this output? A) Port scan targeting 192.168.0.30 B) Teardrop attack targeting 192.168.0.132 C) Denial of service attack targeting 192.168.0.132 D) Port scan targeting 192.168.0.132
Port scan targeting 192.168.0.132
Let's assume that you decided to use PKI to protect the email you will send. At what layer of the OSI model will this message be encrypted and decrypted? A) Session layer B) Application layer C) Presentation layer D) Transport layer
Presentation layer
Viktor, the white hat hacker, conducts a security audit. He gains control over a user account and tries to access another account's sensitive information and files. How can he do this? A) Fingerprinting B) Shoulder-Surfing C) Privilege Escalation D) Port Scanning
Privilege Escalation
Which of the following is an encryption technique where data is encrypted by a sequence of photons that have a spinning trait while travelling from one end to another? A) Elliptic Curve Cryptography B) Quantum Cryptography C) Homomorphic D) Hardware-Based
Quantum Cryptography
Which of the following cipher is based on factoring the product of two large prime numbers? A) MD5 B) RSA C) RC5 D) SHA-1
RSA
Often, for a successful attack, hackers very skillfully simulate phishing messages. To do this, they collect the maximum information about the company that they will attack: emails of real employees (including information about the hierarchy in the company), information about the appearance of the message (formatting, logos), etc. What is the name of the stage of the hacker's work? A) Enumeration stage B) Exploration stage C) Reconnaissance stage D) Investigation stage
Reconnaissance stage
Which of the following is not included in the list of recommendations of PCI Data Security Standards? A) Rotate employees handling credit card transactions on a yearly basis to different departments B) Do not use vendor-supplied defaults for systems passwords and other security parameters C) Protect stored cardholder data D) Encrypt transmission of cardholder data across open, public networks
Rotate employees handing credit card transactions on a yearly basis to different departments
Identify Secure Hashing Algorithm, which produces a 160-bit digest from a message on principles similar to those used in MD4 and MD5? A) SHA-0 B) SHA-2 C) SHA-1 D) SHA-3
SHA-1
Elon plans to make it difficult for the packet filter to determine the purpose of the packet when scanning. Which of the following scanning techniques will Elon use? A) ACK scanning B) SYN/FIN scanning using IP fragments C) ICMP scanning D) IPID scanning
SYN/FIN scanning using IP fragments
Ivan, a black hat hacker, sends partial HTTP requests to the target web server to exhaust the target server's maximum concurrent connection pool. He wants to ensure that all additional connection attempts are rejected. What type of attack does Ivan implement? A) Spoofed Session Flood B) Slowloris C) HTTP GET/POST D) Fragmentation
Slowloris
Phillip, a cybersecurity specialist, needs a tool that can function as a network sniffer, record network activity, prevent and detect network intrusion. Which of the following tools is suitable for Phillip? A) Nessus B) Cain & Abel C) Snort D) Nmap
Snort
Viktor, a white hat hacker, received an order to perform a penetration test from the company "Test us". He starts collecting information and finds the email of an employee of this company in free access. Viktor decides to send a letter to this email, "[email protected]". He asks the employee to immediately open the "link with the report" and check it. An employee of the company "Test us" opens this link and infects his computer. Thanks to these manipulations, Viktor gained access to the corporate network and successfully conducted a pentest. What type of attack did Viktor use? A) Eavesdropping B) Piggybacking C) Tailgating D) Social engineering
Social Engineering
Which of the following best describes as software firewall? A) Software firewall is placed between the anti-virus application and the IDS components of the operating system B) Software firewall is placed between the router and the networking components of the operating systems C) Software firewall is placed between the desktop and the software components of the operating system D) Software firewall is placed between the normal application and the networking components of the operating system
Software firewall is placed between the normal application and the networking components of the operating system
What describes two-factor authentication for a credit card (using a card and pin)? A) Something you know and something you are B) Something you have and something you know C) Something you are and something you remember D) Something you have and something you are
Something you have and something you know
The evil hacker Antonio is trying to attack the IoT device. He will use several fake identifies to create a strong illusion of traffic congestion, affecting communication between neighbouring nodes and networks. What kind of attack does Antonia perform? A) Forged malicious device B) Side-channel attack C) Sybil attack D) Exploit kits
Sybil attack
Alex, a cybersecurity specialist, received a task from the head to scan open ports. One of the main conditions was to use the most reliable type of TCP scanning. Which of the following types of scanning would Alex use? A) NULL Scan B) Half-open Scan C) TCP Connect/Full Open Scan D) Xmas Scan
TCP Connect/Full Open Scan
Which of the following is the type of violation when an unauthorized individual enters a building following an employee through the employee entrance? A) Reverse Social Engineering B) Tailgating C) Pretexting D) Announced
Tailgating
Which of the following SQL injection attack does an attacker usually bypassing user authentication and extract data by using a conditional OR clause so that the condition of the WHERE clause will always be true? A) UNION SQLi B) End-of-Line Comment C) Tautology D) Error-Based SQLi
Tautology
You are configuring the connection of a new employee's laptop to join an 802.11 network. The new laptop has the same hardware and software as the laptops of other employees. You used the wireless packet sniffer and found that it shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the laptop. What can cause this problem? A) The WAP does not recognize the laptop's MAC address B) The laptop is configured for the wrong channel C) The laptop cannot see the SSID of the wireless network D) The laptop is not configured to use DHCP
The WAP does not recognize the laptop's MAC address
Mark, the network administrator, must allow UDP traffic on the host 10.0.0.3 and internet traffic in the host 10.0.0.2. In addition to the main task, he needs to allow all FTP traffic to the rest of the network and deny all other traffic. Mark applies his ACL configuration on the router, and everyone has a problem with accessing FTP. In addition, hosts that are allowed access to the internet cannot connect to it. In accordance with the following configuration, determine what happened on the network? access-list 102 deny tcp any any access-list 104 permit udp host 10.0.0.3 any access-list 110 permit tcp host 10.0.0.2 eq www any access-list 108 permit tcp any eq ftp any A) The ACL 104 needs to be first because its UDP B) The ACL 110 needs to be changed to port 80 C) The ACL for FTP must be before the ACL 110 D) The first ACL is denying all TCP traffic, and the router is ignoring the other ACLs
The first ACL is denying all TCP traffic, and the router is ignoring the other ACLs
Michael, a technical specialist, discovered that the laptop of one of the employees connecting to a wireless point couldn't access the internet, but at the same time, it can transfer files locally. He checked the IP address and the default gateway. They are both on 192.168.1.0/24. Which of the following caused the problem? A) The laptop is using an invalid IP address B) The laptop and the gateway are not on the same network C) The laptop isn't using a private IP address D) The gateway is not routing to a public IP address
The gateway is not routing to a public IP address
John, a cybersecurity specialist, received a copy of the event logs from all firewalls, Intrusion Detection Systems (IDS) and proxy servers on a company's network. He tried to match all the registered events in all the logs, and he found that their sequence didn't match. What can cause such a problem? A) The attacker altered events from the logs B) A proper chain of custody was not observed while collecting the logs C) The security breach was a false positive D) The network devices are not all synchronized
The network devices are not all synchronized
Suppose your company has implemented identify people based on walking patterns and made it part pf physical control access to the office. The system works according to the following principle: The camera captures people walking and identifies employees, and then they must attach their RFID badges to access the office. Which of the following best describes this technology? A) Biological motion cannot be used to identify people B) The solution implements the two factors authentication: physical object and physical characteristic C) The solution will have a high level of false positives D) Although the approach has two phases, it actually implements just one authentication factor
The solution implements the two factors authentication: physical object and physical characteristic
What is the purpose of the demilitarized zone? A) To scan all traffic coming through the DMZ to the internal network B) To provide a place for a honeypot C) To add protection to network devices D) To add an extra layer of security to an organization's local area network
To add an extra layer of security to an organization's local area network
Michael works as a system administrator. He receives a message that several sites are no longer available. Michael tried to go to the sites by URL, but it didn't work. Then he tried to ping the sites and enter IP addresses in the browser and it worked. What problem could Michael identify? A) Traffic is blocked on UDP port 69 B) Traffic is blocked on UDP port 88 C) Traffic is blocked on UDP port 56 D) Traffic is blocked on UDP port 53
Traffic is blocked on UDP port 53
After several unsuccessful attempts to extract cryptography keys using software methods, Mark is thinking about trying another code-breaking methodology. Which of the following will best suit Mark based on his unsuccessful attempts? A) One-Time Pad B) Frequency Analysis C) Brute-Force D) Trickery and Deceit
Trickery and Deceit
For the company, an important criterion is the immutability of the financial reports sent by the financial director to the accountant. They need to be sure that the accountant received the reports and it hasn't been changed. How can this be achieved? A) Financial reports can send the financial statements twice, one by email and the other delivered in USB and the accountant can compare both B) Reports can send to the accountant using an exclusive USB for that document C) Use a hash algorithm in the document once CFO approved the financial statements D) Use a protected excel file
Use a hash algorithm in the document once CFO approved the financial statement
Identify the type of jailbreaking which allows user-level access and does not allow iboot-level access? A) Userland exploit B) iBootrom exploit C) iBoot exploit D) Bootrom exploit
Userland exploit
You have been assigned the task of defending the company from network sniffing. Which of the following is the best option for this task? A) Restrict physical access to the server rooms hosting critical servers B) Use static IP addresses C) Using encryption protocols to secure network connections D) Register all machines MAC addresses in a centralized database
Using encryption protocols to secure network communications
Which of the following is a protocol that used for querying databases that store the registered users or assignees of an internet resource, such as a domain name, and IP address block or an autonomous system? A) Internet engineering task force B) CAPTCHA C) Internet assigned numbers authority D) WHOIS
WHOIS
Which of the following will allow you to prevent unauthorized network access to local area networks and other information assets by wireless devices? A) AISS B) WIPS C) HIDS D) NIDS
WIPS
John needs to choose a firewall that can protect against SQL injection attacks. Which of the following types of firewalls is suitable for this task? A) Packet firewall B) Web application firewall C) Hardware firewall D) Stateful firewall
Web application firewall
While using your bank's online servicing you notice the following string in the URL bar: http://www.MyPersonalBank.com/account?id=368940911028389&Damount=10980&Camount=21 You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflect the changes. Which type of vulnerability is present on this site? A) XSS Reflection B) Cookie Tampering C) SQL injection D) Web Parameter Tampering
Web parameter tampering
Session splicing is an IDS evasion technique that exploits how some IDSs do not reconstruct sessions before performing patter matching on the data. The idea behind session splicing is to split data between several packets, ensuring that no single packet matches any patterns within an IDS signature. Which tool can be used to perform session splicing attacks? A) Whisker B) tcpsplice C) Burp D) Hydra
Whisker
Which of the following does not apply to IPsec? A) Provides authentication B) Use key exchange C) Encrypts the payloads D) Work at the Data Link Layer
Work at the Data Link Layer
Benjamin performs a cloud attack during the translation of the SOAP message in the TLS layer. He duplicates the body of the message and sends it to the server as a legitimate user. As a result of these actions, Benjamin managed to access the server resources to unauthorized access. A) Cloud Hopper B) Side-channel C) Cloudborne D) Wrapping
Wrapping
Which one of the following Google search operators allows restricting results to those from a specific website? A) [site:] B) [link:] C) [inurl:] D) [cache:]
[site:]
Which of the following command will help you launch the Computer Management Console from "Run" windows as a local administrator? A) gpedit.msc B) ncpa.cpl C) services.msc D) compmgmt.msc
compmgmt.msc
You managed to compromise a server with an IP address of10.10.0.5, and you want to get fast a list of all the machines in this network. Which of the following Nmap command will you need? A) nmap -T4 -p 10.10.0.0/24 B) nmap -T4 -r 10.10.1.0/24 C) nmap -T4 -F 10.10.0.0/24 D) nmap -T4 -q 10.10.0.0/24
nmap -T4 -F 10.10.0.0/24
Which of the following Nmap's commands allows you to most reduce the probability of detection by IDS when scanning common ports? A) nmap -A --host-timeout 99-T1 B) nmap -sT -O -T0 C) nmap -sT -O -T2 D) nmap -A -Pn
nmap -sT -O -T0
Which of the following can be designated as "Wireshark for CLI"? A) Nessus B) ethereal C) John the Ripper D) tcpdump
tcpdump
The attacker tries to take advantage of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key. Which of the following queries best describes an attempt to exploit an insecure direct object using the name of the valid account "User 1"? A) "GET/restricted/goldtranfer?to=Account&from=1or1=1'HTTP/1.1Host:westbank.com" B) "GET/restricted/accounts/?name=User1HTTP/1.1Host:wetbank.com" C) "GET/restricted/bank.getaccount("~User1")HTTP/1.1Host:westbank.com" D) "GET/restricted/\r\n\%00account%00User1%00accessHTTP/1.1Host:westbank.com"
"GET/restricted/accounts/?name=User1 HTTP/1.1Host:westbank.com"
Based on the following data, you need to calculate the approximate cost of recovery of the system operation per year: The cost of a new hard drive is $300 The chance of a hard drive failure is 1/3 The recovery specialist earns $10/hour Restore the OS and software to the new hard disk - 10 hours Restore the database form the last backup to the new hard disk - 4 hours Assume the EF = 1 (100%), calculate the SLE, ARO, and ALE A) $146 B) $295 C) $440 D) $960
$146 Explanation 1. AV (Asset value) = $300 + (14 * $10) = $440 - the cost of a hard drive plus the work of a recovery person, i.e.how much would it take to replace 1 asset? 10 hours for resorting the OS and soft + 4 hours for DB restore multiplies by hourly rate of the recovery person. 2. SLE (Single Loss Expectancy) = AV * EF (Exposure Factor) = $440 * 1 = $440 3. ARO (Annual rate of occurrence) = 1/3 (every three years, meaning the probability of occurring during 1 years is 1/3) 4. ALE (Annual Loss Expectancy) = SLE * ARO = 0.33 * $440 = $145.2
Which of the following Nmap options will you use if you want to scan fewer ports than the default? A) -p B) -sP C) -T D) -F
-F
Which of the following command-line flags set a stealth scan for Nmap? A) -sM B) -sU C) -sT D) -sS
-sS
Which of the following flags will trigger an Xmas scan? A) -sP B) -sV C) -sA D) -sX
-sX
Which of the following UDP ports is usually used by Network Time Protocol (NTP)? A) 19 B) 161 C) 177 D) 123
123
Which of the following wireless standard has bandwidth up to 54 Mbit/s and signals in a regulated frequency spectrum around 5 GHz? A) 802.11g B) 802.1n C) 802.11a D) 802.11i
802.11a
The firewall prevents packets from entering the organization through certain ports and applications. What does this firewall check? A) Application layer port numbers and the transport layer headers B) Presentation layer headers and session layer port numbers C) Application layer headers and transport layer port numbers D) Network layer headers and the session layer port numbers
Application layer headers and transport layer port numbers
According to the Payment Card Industry Data Security Standard, when is it necessary to conduct external and internal penetration testing? A) At least once every two years and after any significant upgrade or modification B) At least one every three years or after any significant upgrade or modification C) At least twice a year or after any significant upgrade or modification D) At least once a year and after any significant upgrade or modification
At least once a year and after any significant upgrade or modification
Define Metasploit module used to perform arbitrary, one-off actions such as port scanning, denial of service, SQL injection and fuzzing? A) Payload module B) Auxiliary module C) Exploit module D) NOPS module
Auxiliary module
Ivan, an evil hacker, is preparing to attack the network of a financial company. To do this, he wants to collect information about the operating systems used on the company's computers. Which of the following techniques will Ivan use to achieve the desired result? A) SSDP Scanning B) Banner Grabbing C) IDLE/IPID Scanning D) UDP Scanning
Banner grabbing
The attacker enters its malicious data into intercepted messages in a TCP session since source routing is disabled. He tries to guess the response of the client and server. What hijacking technique is described in this example? A) TCP/IP B) RST C) Registration D) Blind
Blind
Ivan, an evil hacker, conducts an SQLi attack that is based on True/False questions. What type of SQLi does Ivan use? A) DMS-specific SQLi B) Compound SQLi C) Blind SQLi D) Classic SQLi
Blind SQLi
You know that the application you are attacking is vulnerable to an SQL injection, but you cannot see the result of the injection. You send a SQL query to the database, which makes the database wait before it can react. You can see from the time the database takes to respond, whether a query is true or false. What type of SQL injection did you use? A) Blind SQLi B) Out-of-band SQLi C) Error-based SQLi D) UNION SQLi
Blind SQLi
Which of the options presented below is not a Bluetooth attack? A) Bluesnarfing B) Bluesmacking C) Bluejacking D) Bluedriving
Bluedriving
Identify Bluetooth attack techniques that is used in to send messages to users without the recipient's consent, for example for guerrilla marketing campaigns? A) Bluebugging B) Bluesmacking C) Bluejacking D) Bluesnarfing
Bluejacking
Which of the following is a logical collection of internet-connected devices such as computers, smartphones or internet of things (IoT) devices whose security has been breached and control ceded to a third party? A) Botnet B) Spear Phishing C) Rootkit D) Spambot
Botnet
Which of the following web application attack inject the special character elements "Carriage Return" and "Line Feed" into the user's input to trick the web server, web application, or user into believing that the current object is terminated and a new object has been initiated? A) HTML injection B) Server-Side JS injection C) CRLF injection D) Log injection
CRLF injection
Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS? A) Requires vendor updates for a new threat B) Cannot deal with encrypted network traffic C) Produces less false positives D) Can identify unknown attacks
Can identify unknown attacks
Imagine the following scenario: 1. An attacker created a website with tempting content and banner like: "Do you want to make $10,000 in a month?" 2. The victim clicks to the interesting and attractive content URL 3. The attacker creates a transparent 'iframe' in front of the banner which victim attempts to click. The victim thinks that he clicks the "Do you want to make $10,000 in a month?" banner but actually he clicks the content or UPL that exists in the transparent 'iframe' which is set up by the attacker. What is the name of the attack used in the scenario? A) Session fixation B) HTML injection C) HTTP parameter pollution D) Clickjacking attack
Clickjacking attack
What is a "Collision attack?" A) Collision attacks try to change the hash B) Collision attack on a hash tries to find two inputs producing the same hash value C) Collision attacks attempt to recover information from a hash D) Collision attacks break the hash into several parts, with the same bytes in each part to get the private key
Collision attack on a hash tries to find two inputs producing the same hash value
With which of the following SQL injection attacks can an attacker deface a web page, modify or add data in a database and compromised data integrity? A) Unauthorized access to an application B) Information disclosure C) Compromised Data Integrity D) Loss of data availability
Compromised Data Integrity
You conduct an investigation and finds out that the browser of one of your employees sent malicious request that the employee knew nothing about. Identify the web page vulnerability that the attacker used to attack your employee? A) Cross-Site Request Forgery (CSRF) B) Command Injection Attacks C) File Inclusion Attack D) Hidden Field Manipulation Attack
Cross-Site Request Forgery (CSRF)
The attacker posted a message and an image on the forum, in which he embedded a malicious link. When the victim clicks on this link, the victim's browser sends an authenticated request to a server. What type of attack did the attacker use? A) Session hijacking B) SQL injection C) Cross-site scripting D) Cross-site request forgery
Cross-site request forgery
The web development team is holding an urgent meeting, as they has received information from testers about a new vulnerability in their web software. They make an urgent decision to reduce the likelihood of using the vulnerability. The team decides to modify the software requirements to disallow users from entering HTML as input into their web application. Determine the type of vulnerability that the team found? A) Cross-site request forgery vulnerability B) Website defacement vulnerability C) Cross-site scripting vulnerability D) SQL injection vulnerability
Cross-site scripting vulnerability
The company "Usual company" asked a cybersecurity specialist to check their perimeter email gateway security. To do this, the specialist creates a specially formatted email message: From: [email protected] To: [email protected] Subject: Test message Date: 5/8/2021 11:22 He sends this message over the Internet, and a "Usual company " employee receives it. This means that the gateway of this company doesn't prevent _____. A) Email phishing B) Email harvesting C) Email spoofing D) Email masquerading
Email Spoofing
Maria conducted a successful attack and gained access to a linux server. She wants to avoid that NIDS will not catch the succeeding outgoing traffic from this server in the future. Which of the following is the best way to avoid detection of NIDS? A) Protocol Isolation B) Out of band signaling C) Encryption D) Alternate Data Streams
Encryption
Determine the type of SQL injection: SELECT * FROM user WHERE name='x' AND userid IS NULL; --'; A) UNION SQL Injection B) End of Line Comment C) Illegal/Logically Incorrect Query D) Tautology
End of Line Comment
What is meant by a "rubber-hose" attack in cryptography? A) A backdoor is placed into a cryptographic algorithm by its creator B) Attempting to decrypt ciphertext by making logical assumptions about the contents of the original plain text C) Extraction of cryptographic secrets through coercion or torture D) Forcing the targeted keystream through a hardware-accelerated device such as an ASIC
Extraction of cryptographic secrets through coercion or torture
Rajesh, the system administrator analyzed the IDS logs and noticed that when accessing the external router from the administrator's computer to update the router configuration, IDS registered alerts. What type of an alert is this? A) False negative B) True negative C) True positive D) False positive
False positive
Maria is surfing the internet and trying to find information about Super Security LLC. Which process is Maria doing? A) Enumeration B) Scanning C) System Hacking D) Footprinting
Footprinting
Which of the following methods is best suited to protect confidential information on your laptop which can be stolen while traveling? A) Hidden folders B) Full disk encryption C) Password protected files D) BIOS password
Full disk encryption
What is an automated software testing technique that involves providing invalid, unexpected, or random data as inputs to a computer program? A) Security testing B) Concolic Testing C) Fuzz testing D) Monkey testing
Fuzz testing
John, a penetration tester, decided to conduct a SQL injection test. He enters a huge amount of random data and observers changes in output and security loopholes in web applications. What SQL injection testing did John use? A) Function testing B) Fuzzing testing C) Static testing D) Dynamic testing
Fuzzing testing
Identify the standard by the description: A regulation contains a set of guidelines that everyone who processes any electronic data in medicine should adhere to. It includes information on medical practices, ensuring that all necessary measures are in place while saving, accessing, and sharing any electronic medical data to secure patient data. A) FISMA B) HIPAA C) COBIT D) ISO/IEC 27002
HIPAA
Which of the following requires establishing national standards for electronic health care transactions and national identifiers for providers, health insurance plans, and employers? A) PCI-DSS B) HIPAA C) DMCA D) SOX
HIPAA
Identify a vulnerability in OpenSSL that allows stealing the information protected under normal conditions by the SSL/TLS encryption used to secure the internet? A) SSL/TLS Renegotiation Vulnerability B) POODLE C) Heartbleed Bug D) Shellshock
Heartbleed Bug
Wireshark is one of the most important tools for a cybersecurity specialist. It is used for network troubleshooting, analysis, software, etc. You often have to work with a packet bytes pane. In what format is the data presented in this pane? A) ASCII only B) Decimal C) Binary D) Hexadecimal
Hexadecimal
The evil hacker Ivan has installed a remote access trojan on a host. He wants to be sure that when a victim attempts to go to "www.site.com" that the user is directed to a phishing site. Which file should Ivan change in this case? A) Boot.ini B) Sudoers C) Hosts D) Networks
Hosts
Which of the following protocols is used in a VPN for setting up a secure channel between two devices? A) SET B) PPP C) PEM D) IPSEC
IPSEC
Alex, a cyber security specialist, should conduct a pentest inside the network, while he received absolutely no information about the attacked network. What type of testing will Alex conduct? A) Internal, white-box B) Internal, black-box C) Internal, grey-box D) External, black-box
Internal, black-box
Which of the following tools is a packet sniffer, network detector and IDS for 802.11(a,b,g,n) wireless LANs? A) Nessus B) Abel C) Kismet D) Nmap
Kismet
John, a system administrator, is learning how to work with new technology: Docker. He will use it to create a network connection between the container interfaces and its parent host interface. Which of the following network drivers is suitable for John? A) Overlay networking B) Macvlan networking C) Host networking D) Bridge networking
Macvlan networking
Josh, a security analyst, wants to choose a tool for himself to examine links between data. One of the main requirements is to present data using graphs and link analysis. Which of the following tools will meet John's requirements? A) Palantir B) Maltego C) Analyst's Notebook D) Metasploit
Maltego
Determine the attack by the description: The known-plaintext attack used against DES. This attack causes that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key. A) Replay attack B) Traffic analysis attack C) Meet-in-the-middle attack D) Man-in-the-middle attack
Meet-in-the-middle attack
Which of the following is a network software suite designed for 802.11 WEP and WPA-PSK keys cracking that can recover keys once enough data packets have been captured? A) Aircrack-ng B) wificracker C) WLAN-crack D) Airgaurd
Aircrack-ng
Your company has a risk assessment, and according to its results, the risk of a breach in the main company application is 40%. Your cybersecurity department has made changes to the application and requested a re-assessment of the risks. The assessment showed that the risk fell to 12%, with a risk threshold of 20%. Which of the following options would be the best from a business point of view? A) Avoid the risk B) Accept the risk C) Introduce more controls to bring risk to 0% D) Limit the risk
Accept the risk
Which of the following layer in IoT architecture helps bridge the gap between two endpoints, such as a device and a client, and carries out message routing, message identification, and subscribing? A) Access Gateway B) internet C) Middleware D) Edge technology
Access Gateway
You make a series of interactive queries, choosing subsequent plaintexts based on the information from the previous encryption. What type of attack are you trying to perform? A) Adaptive chosen-plaintext attack B) Ciphertext-only attack C) Known-plaintext attack D) Chosen-plaintext attack
Adaptive chosen-plaintext attack
Black hat hacker Ivan wants to implement a man-in-the-middle attack on the corporate network. For this, he connects his router to the network and redirects traffic to intercept packets. What can the administrator do to mitigate the attack? A) Use only static routes in the corporation's network B) Use the Open Shortest Path First (OSPF) C) Redirection of the traffic is not possible without the explicit admin's confirmation D) Add message authentication to the routing protocol
Add message authentication to the routing protocol
What is a set of extensions to DNS that provide to DNS clients (resolvers) origin authentication, authenticated denial of existence and data integrity, but not availability or confidentiality? A) Zone tranfer B) Resource records C) Resource tranfer D) DNSSEC
DNSSEC
