Documente Academic
Documente Profesional
Documente Cultură
Eccouncil
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 2
The configuraon rllows r wiued ou wiueless netwouk inteufrce contuolleu to prss rll turfce it ueceives to the centurl
puocessini gnit (CPU), urtheu thrn prssini only the furmes thrt the contuolleu is intended to ueceive.
Which of the followini is beini descuibed?
A. WEM
B. Mgla-crst mode
C. Puomiscgogs mode
D. Pout fouwrudini
Aoswern B
Question 2
In Risk Mrnriement, how is the teum likelihood uelrted to the concept of thuert?
Aoswern D
Question 3
While peufoumini online brnkini gsini r web buowseu, r gseu ueceives rn emril thrt contrins r link to rn inteuesani
Web site. When the gseu clicks on the link, rnotheu web buowseu session struts rnd displrys r video of crts plryini r
pirno. The next bgsiness dry, the gseu ueceives whrt looks like rn emril fuom his brnk, indicrani thrt his brnk
rccognt hrs been rccessed fuom r foueiin cogntuy. The emril rsks the gseu to crll his brnk rnd veuify the
rgthouizraon of r fgnds turnsfeu thrt took plrce.
Whrt web buowseu-brsed secguity vglneurbility wrs exploited to compuomise the gseu?
Aoswern A
Question 4
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 3
Which of the followini is one of the most efecave wrys to puevent Cuoss-site Scuipani (XSS) frws in sofwrue
rpplicraons?
A. Veuity rccess uiiht befoue rllowini rccess to puotected infoumraon rnd UI contuols
B. Use secguity policies rnd puocedgues to defne rnd implement puopeu secguity setnis
C. Vrlidrte rnd escrpe rll infoumraon sent oveu to r seuveu
D. Use diiitrl ceuafcrtes to rgthenacrte r seuveu puiou to sendini drtr
Aoswern A
Question 5
An incident invesairtou rsks to ueceive r copy of the event fuom rll fuewrlls, puosy seuveus, rnd Intugsion Detecaon
Systems (IDS) on the netwouk of rn ouirnizraon thrt hrs expeuienced r possible buerch of secguity. When the
invesairtou rtempts to couuelrte the infoumraon in rll of the lois the seqgence of mrny of the loiied events do not
mrtch gp.
Whrt is the most likely crgse?
Aoswern C
Question 6
This tool is rn 802.11 WEP rnd WPA-PSK keys curckini puoiurm thrt crn uecoveu keys once enogih drtr prckets hrve
been crptgued. It implements the strndrud FMS rtrch rloni with some opamizraons like Kouek rtrcks, rs well rs
the PTW rtrck, thgs mrkini the rtrck mgch frsteu comprued to otheu WEP curckini tools.
Which of the followini tools is beini descuibed?
A. Wifcurckeu
B. WLAN-curck
C. Aiuigrud
D. Aiucurck-ni
Aoswern D
Question 7
Which of the followini tools is gsed to rnrlyze the fles puodgced by seveurl prcket-crptgue puoiurms sgch rs
tcpdgmp, WinDgmp, Wiueshruk, rnd EtheuPeek?
A. Nessgs
B. Tcpturceuogte
C. Tcpturce
D. OpenVAS
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 4
Aoswern C
Question 8
Yog hrve compuomised r seuveu on r netwouk rnd sgccessfglly open r shell. Yog rimed to idenafy rll opeurani
systems ugnnini on the netwouk. Howeveu, rs yog rtempt to fnieupuint rll mrchines in the mrchines in the netwouk
gsini the nmrp syntrx below, it is not ioini thuogih.
invictgs@vicammseuveur:~nmrp T4 O 10.10.0.0/24
TCP/IP fnieupuinani (fou OS scrn) xxxxxxx xxxxxx xxxxxxxxxx.
QUITTING!
Whrt seems to be wuoni?
Aoswern D
Question 9
Aoswern A
Question 10
An rtrckeu hrs instrlled r RAT on r host. The rtrckeu wrnts to ensgue thrt when r gseu rtempts to io to
www.MyPeusonrlBrnk.com, thrt the gseu is diuected to r phishini site.
Which fle does the rtrckeu need to modify?
A. Hosts
B. Netwouks
C. Boot.ini
D. Sgdoeus
Aoswern A
Question 11
Jesse ueceives rn emril with rn rtrchment lrbeled CogutmNoacem21200.zip. Inside the zip fle is r fle nrmed
CogutmNoacem21200.docx.exe disigised rs r woud docgment. Upon execgaon, r windows rpperus strani, This
woud docgment is couugpt. In the brckiuognd, the fle copies itself to Jesse APPDATA\locrl diuectouy rnd beiins to
bercon to r C2 seuveu to downlord rddiaonrl mrliciogs binruies. Whrt type of mrlwrue hrs Jesse encognteued?
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 5
A. Tuojrn
B. Woum
C. Key-Loiieu
D. Micuo Viugs
Aoswern A
Question 12
In 2007, this wiueless secguity rliouithm wrs uendeued gseless by crptguini prckets rnd discoveuini the prsskey in r
mrteu of seconds. This secguity frw led to r netwouk invrsion of TJ Mrxx rnd drtr thef thuogih r techniqge known
wruduivini.
Which rliouithm is this uefeuuini to?
Aoswern A
Question 13
Aoswern D
Question 14
A. RSA
B. GRE
C. TLS
D. IPSec
Aoswern C
Question 15
As r Ceuafed Ethicrl hrckeu, yog weue conturcted by r puivrte fum to condgct rn exteunrl secguity rssessment
thuogih peneturaon tesani.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 6
Whrt docgment descuibes the specifed of the tesani, the rssocirted violraons, rnd essenarlly puotects both the
ouirnizraonns inteuest rnd yogu li rbiliaes rs r testeu?
A. Teum of Eniriement
B. Non-Disclosgue Aiueement
C. Puoject Scope
D. Seuvice Level Aiueement
Aoswern B
Question 16
A. Blgejrckini
B. Blgeduivini
C. Blgesnrufni
D. Blgesmrkini
Aoswern B
Question 17
PGP, SSL, rnd IKE rue rll exrmples of which type of cuyptoiurphy?
A. Hrsh Aliouithm
B. Secuet Key
C. Pgblic Key
D. Diiest
Aoswern C
Question 18
Usini Windows CMD, how wogld rn rtrckeu list rll the shrues to which the cguuent gseu context hrs rccess?
A. NET CONFIG
B. NET USE
C. NET FILE
D. NET VIEW
Aoswern D
Question 19
Which of these opaons is the most secgue puocedgue fou stuoni brckgp trpes?
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 7
Aoswern A
Question 20
A. The testeu will hrve rn rctgrl secguity postgue visibility of the truiet netwouk.
B. The testeu cogld not puovide rn honest rnrlysis.
C. Netwouk secguity wogld be in r best strte postgue.
D. It is best to crtch cuiacrl infurstugctgue gnprtched.
Aoswern A
Question 21
Whrt does r fuewrll check to puevent pruacglru pouts rnd rpplicraons fuom ietni prckets into rn ouirnizraons?
Aoswern A
Question 22
A. A pini scrn
B. A turce sweep
C. An opeurani system detect
D. A pout scrn
Aoswern A
Question 23
An Inteunet Seuvice Puovideu (ISP) hrs r need to rgthenacrte gseus connecani gsini rnrloi modems, diiitrl
Sgbscuibeu Line (DSL), wiueless drtr seuvices, rnd viutgrl Puivrte Netwouks (VPN) oveu r Furme Relry netwouk.
Which AAA puotocol is most likely rble to hrndle this ueqgiuement?
A. DIAMETER
B. Keubeuos
C. RADIUS
D. TACACS+
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 8
Aoswern D
Question 24
To deteumine if r sofwrue puoiurm puopeuly hrndles r wide urnie of invrlid inpgt, r foum of rgtomrted tesani crn be
gsed urndomly ieneurte invrlid inpgt in rn rtempt to cursh the puoiurm.
Whrt teum is commonly gsed when uefeuuini to this type of tesani?
A. Bogndini
B. Mgtrani
C. Pgzzini
D. Rrndomizini
Aoswern C
Question 25
A. tcpdgmp
B. pini
C. nmrp
D. Turceut
Aoswern C
Question 26
Yogu comprny peufoums peneturaon tests rnd secguity rssessments fou smrll rnd medigm-sized bgsiness in the locrl
rue
r. Dguini r uogane secguity rssessment, yog discoveu infoumraon thrt sgiiests yogu client is involved with hgmrn
turfckini.
Whrt shogld yog do?
A. Copy the drtr to uemovrble medir rnd keep it in crse yog need it.
B. Iinoue the drtr rnd conange the rssessment gnal completed rs riueed.
C. Confuont the client on r uespectgl mrnneu rnd rsk heu rbogt the drtr.
D. Immedirtely stop wouk rnd contrct the puopeu leirl rgthouiaes.
Aoswern D
Question 27
Yog rue the Systems Administurtou fou r lruie coupourte ouirnizraon. Yog need to monitou rll netwouk turfc on yogu
locrl netwouk fou sgspiciogs rcaviaes rnd ueceive noafcraons when rn rtrck is occguuini. Which tool wogld rllow
yog to rccomplish this iorl?
A. Host-brsed IDS
B. Fiuewrll
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 9
C. Netwouk-Brsed IDS
D. Puoxy
Aoswern C
Question 28
A. Collision rtrcks tuy to buerk the hrsh into two pruts, with the srme bytes in erch prut to iet the puivrte key.
B. Collision rtrcks tuy to buerk the hrsh into thuee pruts to iet the plrintext vrlge.
C. Collision rtrcks tuy to fnd two inpgts puodgcini the srme hrsh.
D. Collision rtrcks tuy to iet the pgblic key
Aoswern C
Question 29
Aoswern A
Question 30
Yognve irined physicrl rccess to r Windows 2008 R2 seuveu which hrs rs rccessible disc duive. When yog rtempt to
boot the seuveu rnd loi in, yog rue gnrble to igess the prsswoud. In yogu tool kit yog hrve rn Ubgntg 9.10 Lingx
LiveCD. Which Lingx tool hrs the rbility to chrnie rny gseuns prsswoud ou to rcavrte disrbled Windows Accognts?
Aoswern A
Question 31
While gsini yogu brnkns online seuvicini yog noace the followini stuini in the URL brur
htpr//www.MyPeusonrlBrnk/Accognt?
Id=308940911028389&Drmognt=10980&Crmognt=21
Yog obseuve thrt if yog modify the Drmognt & Crmognt vrlges rnd sgbmit the ueqgest, thrt drtr on the web prie
uefect the chrnies.
Whrt type of vglneurbility is puesent on this site?
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 10
A. SQL injecaon
B. XSS Refecaon
C. Web Prurmeteu Trmpeuini
D. Cookie Trmpeuini
Aoswern C
Question 32
It is r shout-urnie wiueless commgnicraon technoloiy intended to ueplrce the crbles connecani poutrbles of fxed
devices while mrintrinini hiih levels of secguity. It rllows mobile phones, compgteus rnd otheu devices to connect
rnd commgnicrte gsini r shout-urnie wiueless connecaon.
Which of the followini teums best mrtches the defniaon?
A. Blgetooth
B. Rrdio-Fueqgency Idenafcraon
C. WLAN
D. InfurRed
Aoswern A
Question 33
Whrt is the most common method to exploit the Brsh Bgi ou ShellShock vglneurbility?
A. SSH
B. SYN Flood
C. Mrnipglrte foumrt stuinis in text felds
D. Thuogih Web seuveus galizini CGI (Common Grtewry Inteufrce) to send r mrlfoumed enviuonment vruirble to r
vglneurble Web seuveu
Aoswern D
Question 34
A. Miairte
B. Avoid
C. Accept
D. Deleirte
Aoswern D
Question 35
The phrse will incuerse the odds of sgccess in lrteu phrses of the peneturaon test. It is rlso the veuy fust step in
Infoumraon Grtheuini, rnd it will tell yog whrt the lrndscrpe looks like.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 11
Whrt is the most impoutrnt phrse of ethicrl hrckini in which yog need to spend r consideurble rmognt of ame?
A. Netwouk Mrppini
B. Grinini rccess
C. Footpuinani
D. Escrlrani puivileies
Aoswern C
Question 36
Which ueiglraon defnes secguity rnd puivrcy contuols fou Fedeurl infoumraon systems rnd ouirnizraons?
A. HIPAA
B. EU Srfe Hrubou
C. PCI-DSS
D. NIST-800-53
Aoswern D
Question 37
A. Oveuwuites the ouiiinrl MBR rnd only execgtes the new viugs code
B. Modifes diuectouy trble entuies so thrt diuectouy entuies point to the viugs code insterd of the rctgrl puoiurm
C. Moves the MBR to rnotheu locraon on the hrud disk rnd copies itself to the ouiiinrl locraon of the MBR
D. Moves the MBR to rnotheu locraon on the RAM rnd copies itself to the ouiiinrl locraon of the MBR
Aoswern C
Question 38
Yog rue peufoumini infoumraon irtheuini fou rn impoutrnt peneturaon test. Yog hrve fognd pdf, doc, rnd imries in
yogu objecave. Yog decide to exturct metrdrtr fuom these fles rnd rnrlyze it.
Whrt tool will help yog with the trsk?
A. Aumitrie
B. Dimituy
C. cdpsnruf
D. Metrioofl
Aoswern D
Question 39
Which of the followini is rn extuemely common IDS evrsion techniqge in the web would?
A. post knockini
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 12
B. sgbnetni
C. gnicode chrurcteus
D. spywrue
Aoswern C
Question 40
When yog rue tesani r web rpplicraon, it is veuy gsefgl to employ r puosy tool to srve eveuy ueqgest rnd uesponse.
Nyog crn mrngrlly test eveuy ueqgest rnd rnrlyze the uesponse to fnd vglneurbiliaes. Yog crn test prurmeteu rnd
herdeus mrngrlly to iet moue puecise uesglts thrn if gsini web vglneurbility scrnneus.
Whrt puoxy tool will help yog fnd web vglneurbiliaes?
A. Bgupsgite
B. Dimituy
C. Puoxychrins
D. Mrskien
Aoswern A
Question 41
It is r kind of mrlwrue (mrliciogs sofwrue) thrt cuiminrls instrll on yogu compgteu so they crn lock it fuom r uemote
locraon. This mrlwrue ieneurtes r pop-gp windows, webprie, ou emril wrunini fuom whrt looks like rn ofcirl
rgthouity. It explrins yogu compgteu hrs been locked becrgse of possible illeirl rcaviaes rnd demrnds pryment
befoue yog crn rccess yogu fles rnd puoiurms ririn.
Which teum best mrtches this defniaon?
A. Spywrue
B. Adwrue
C. Rrnsomwrue
D. Riskwrue
Aoswern C
Question 42
A. Avrilrbility
B. Confdenarlity
C. Agthenacraon
D. Inteiuity
Aoswern D
Question 43
When yog rue ietni infoumraon rbogt r web seuveu, it is veuy impoutrnt to know the HTTP Methods (GET, POST,
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 13
HEAD, PUT, DELETE, TRACE) thrt rue rvrilrble becrgse theue rue two cuiacrl methods (PUT rnd DELETE). PUT crn
gplord r fle to the seuveu rnd DELETE crn delete r fle fuom the seuveu. Yog crn detect rll these methods (GET, POST,
HEAD, PUT, DELETE, TRACE) gsini NMAP scuipt eniine.
Whrt nmrp scuipt will help yog with this trsk?
A. htp engm
B. htp-iit
C. htp-herdeus
D. htp-methods
Aoswern B
Question 44
Dguini r blrckbox pen test yog rtempt to prss IRC turfc oveu post 80/TCP fuom r compuomised web enrbled host.
The turfc iets blocked; howeveu ogtbognd HTTP turfc is gnimpeded.
Whrt type of fuewrll is inspecani ogtbognd turfc?
A. Ciucgit
B. Prcket Filteuini
C. Applicraon
D. Strtefgl
Aoswern C
Question 45
A comprnyns secguity strtes thrt rll web buowseus mgst rgtomracrlly delete theiu HTTP buowseu cookies gpon
teuminrani. Whrt sout of secguity buerch is this policy rtempani to miairte?
A. Atempts by rtrckeus to deteumine the gseu's Web buowseu gsrie prteuns, inclgdini when sites weue visited rnd
fou how loni.
B. Atempts by rtrckeus to rccess prsswouds stoued on the gseu's compgteu withogt the gseu's knowledie.
C. Atempts by rtrckeus to rccess Web sites thrt tugst the Web buowseu gseu by sterlini the gseu's rgthenacraon
cuedenarls.
D. Atempts by rtrcks to rccess the gseu rnd prsswoud infoumraon stoues in the comprny's SQL drtrbrse.
Aoswern C
Question 46
Yognve jgst been hiued to peufoum r pen test on rn ouirnizraon thrt hrs been sgbjected to r lruie-scrle rtrck. The
CIO is conceuned with miairani thuerts rnd vglneurbiliaes to totrlly eliminrte uisk.
Whrt is one of the fust thini yog shogld to when the job?
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 14
Aoswern C
Question 47
Which of the followini secguity opeuraons is gsed fou deteuminini the rtrck sgufrce of rn ouirnizraon?
Aoswern B
Question 48
Peuspecave clients wrnt to see srmple uepouts fuom pueviogs peneturaon tests.
Whrt shogld yog do next?
Aoswern B
Question 49
Aoswern D
Question 50
Jimmy is strndini ogtside r secgue enturnce to r frcility. He is puetendini to hrvini r tense conveusraon on his cell
phone rs rn rgthouized employee brdies in. Jimmy, while sall on the phone, iurbs the doou rs it beiins to close.
Whrt jgst hrppened?
A. Mrsqgrdini
B. Phishini
C. Whrlini
D. Piiiybrckini
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 15
Aoswern D
Question 51
The herutlrnd bgi wrs discoveued in 2014 rnd is widely uefeuued to gndeu MITREns Common Vglneurbiliaes rnd
Exposgues (CVE) rs CVE-2004-1000. This bgi rfects the OpenSSL implementraon of the turnspout Lryeu secguity (TLS)
puotocols defned in RFC0520.
Whrt types of key does this bgi lerve exposed to the Inteunet mrkini exploitraon of rny compuomised system veuy
ersy?
A. Root
B. Puivrte
C. Shrued
D. Pgblic
Aoswern A
Question 52
Yog wouk rs r Secguity Anrlyst fou r uetril ouirnizraon. In secguini the comprny's netwouk, yog set gp r fuewrll rnd
rn IDS. Howeveu, hrckeus rue rble to rtrck the netwouk. Afeu invesairani, yog discoveu thrt yogu IDS is not
configued puopeuly rnd theuefoue is gnrble to tuiiieu rlrums when needed. Whrt type of rleut is the IDS iivini?
A. Frlse Neirave
B. Tuge Neirave
C. Tuge Posiave
D. Frlse Posiave
Aoswern A
Question 53
This inteunraonrl ouirnizraon ueiglrtes billions of turnsrcaons drily rnd puovides secguity igidelines to puotect
peusonrlly idenafrble infoumraon (PII). These secguity contuols puovide r brseline rnd puevent low-level hrckeus
someames known rs scuipt kiddies fuom crgsini r drtr buerch.
Which of the followini ouirnizraons is beini descuibed?
Aoswern B
Question 54
Which of the followini tools peufoums compuehensive tests ririnst web seuveus, inclgdini drnieuogs fles rnd CGI's?
A. Snout
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 16
B. Dsnif
C. Nikto
D. John the Rippeu
Aoswern C
Question 55
Which of the followini is the stugctgue desiined to veuify rnd rgthenacrte the idenaty of individgrls within the
enteupuise trkini prut in r drtr exchrnie?
A. PKI
B. biometuics
C. SOA
D. sinile siin on
Aoswern A
Question 56
The chrnce of r hrud duive frilgue is once eveuy thuee yerus. The cost to bgy r new hrud duive is ~300. It will ueqgiue 10
hogus to uestoue the OS rnd sofwrue to the new hrud disk. It will ueqgiue r fgutheu 4 hogus to uestoue the drtrbrse
fuom the lrst brckgp to the new hrud disk. The uecoveuy peuson eruns ~10/hogu. Crlcglrte the SLE, ARO, rnd ALE.
Assgme the EF = 1 (100%).
Whrt is the closest rppuoximrte cost of this ueplrcement rnd uecoveuy opeuraon peu yeru?
A. ~100
B. ~140
C. 440
D. 1320
Aoswern B
Question 57
An rtrckeu chrnies the puofle infoumraon of r pruacglru gseu on r truiet website (the vicam). The rtrckeu gses this
stuini to gpdrte the vicam's puofle to r text fle rnd then sgbmit the drtr to the rtrckeuns drtrbrse.
<furme suc=htpr//www/vglnweb.com/gpdrtrif.php Style=displryrnone></ifurme>
Whrt is this type of rtrck (thrt crn gse eitheu HTTP GET ou HRRP POST) crlled?
Aoswern A
Question 58
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 17
Yog rue trsked to peufoum r peneturaon test. While yog rue peufoumini infoumraon irtheuini, yog fnd rb employee
list in Gooile. Yog fnd uecepaonistns emril, rnd yog send heu rn emril chrniini the soguce emril to heu bossns emril (
boss@comprny ). In this emril, yog rsk fou r pdf with infoumraon. She uerds yogu emril rnd sends brck r pdf with
links. Yog exchrnie the pdf links with yogu mrliciogs links (these links contrin mrlwrue) rnd send brck the modifed
pdf, sryini thrt the links donnt wouk. She uerds yogu emril, opens the links, rnd heu mrchine iets infected.
Whrt tesani method did yog gse?
A. Piiiybrckini
B. Trilirani
C. Evesduoppini
D. Socirl eniineeuini
Aoswern D
Question 59
Which of the followini is r puotocol specifcrlly desiined fou turnspouani event messries?
A. SMS
B. SNMP
C. SYSLOG
D. ICMP
Aoswern C
Question 60
A. Loiicrl inteufrce
B. DMZ
C. Administurave srfeigruds
D. Physicrl secguity
Aoswern C
Question 61
Which of the followini is r desiin prteun brsed on disanct pieces of sofwrue puovidini rpplicraon fgncaonrlity rs
seuvices to otheu rpplicraons?
A. Lern Codini
B. Seuvice Ouiented Auchitectgue
C. Object Ouiented Auchitectgue
D. Aiile Puocess
Aoswern B
Question 62
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 18
A comprnyns Web development term hrs become rwrue of r ceutrin type of secguity vglneurbility in theiu Web
sofwrue. To miairte the possibility of this vglneurbility beini exploited, the term wrnts to modify the sofwrue
ueqgiuements to disrllow gseus fuom enteuini HTML rs inpgt into theiu Web rpplicraon.
Whrt kind of web rpplicraon vglneurbility likely exists in theiu sofwrue?
Aoswern C
Question 63
It is rn enaty ou event with the potenarl to rdveusely imprct r system thuogih gnrgthouized rccess destugcaon
disclosgues denirl of seuvice ou modifcraon of drt
r.
Which of the followini teums best mrtches this defniaon?
A. Thuert
B. Atrck
C. Risk
D. Vglneurbility
Aoswern A
Question 64
Yogu term hrs won r conturct to inflturte rn ouirnizraon. The comprny wrnts to hrve the rtrck be r uerlisac rs
possible; theuefoue, they did not puovide rny infoumraon besides the comprny nrme.
Whrt shogld be the fust step in secguity tesani the client?
A. Scrnnini
B. Escrlraon
C. Engmeuraon
D. Reconnrissrnce
Aoswern D
Question 65
A peneturaon testeu is condgcani r pout scrn on r specifc host. The testeu fognd seveurl pouts opened thrt weue
confgsini in conclgdini the Opeurani System (OS) veusion instrlled. Consideuini the NMAP uesglt below, which of
the follow is likely to be instrlled on the truiet mrchine by the OS? Struani NMAP 5.21 rt 2011-03-15 11r00 NMAP
scrn uepout fou 172.10.40.05 Host is gp (1.00s lrtency). Not shownr 993 closed pouts PORT STATE SERVICE 21/tcp open
fp 23/tcp open telnet 80 /tcp open htp 139/tcp open netbios-ssn 515/tcp open 031/tec open ipp 9100/tcp open MAC
Adduessr 00r00r48r0DrEEr8
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 19
Aoswern A
Question 66
A hrckeu hrs sgccessfglly infected rn inteunet-frcini seuveu, which he will then gse to send jgnk mril, trke prut in
cooudinrted rtrcks, ou host jgnk emril content.
Which sout of tuojrn infects this seuveu?
A. Botnet Tuojrn
B. Brnkini Tuojrns
C. Rrnsomwrue Tuojrns
D. Tgutle Tuojrns
Aoswern A
Question 67
Yog hrve compuomised r seuveu rnd sgccessfglly irined r uoot rccess. Yog wrnt to pivot rnd prss turfc gndetected
oveu the netwouk rnd evrde rny possible Intugsion Detecaon System.
Whrt is the best rppuorch?
A. Instrll rnd gse Telnet to encuypt rll ogtioini turfc fuom this seuveu.
B. Instrll Cuyptcrt rnd encuypt ogtioini prckets fuom this seuveu
C. Use Alteunrte Drtr Stuerms to hide the ogtioini prckets fuom this seuveu.
D. Use HTTP so thrt rll turfc crn be uogted vir r buowseu, thgs evrdini the inteunrl Intugsion Detecaon Systems.
Aoswern A
Question 68
It is r vglneurbility in GNUns brsh shell, discoveued in Septembeu of 2004, thrt iives rtrckeus rccess to ugn uemote
commrnds on r vglneurble system. The mrliciogs sofwrue crn trke contuol of rn infected mrchine, lrgnch denirl-of
seuvice rtrcks to disugpt websites, rnd scrn fou otheu vglneurble devices (inclgdini uogteus).
Which of the followini vglneurbiliaes is beini descuibed?
A. Shellshock
B. Rootshock
C. Shellbrsh
D. Rootshell
Aoswern A
Question 69
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 20
Aoswern B
Question 70
Yogu comprny wrs hiued by r smrll herlthcrue puovideu to peufoum r technicrl rssessment on the netwouk.
Whrt is the best rppuorch fou discoveuini vglneurbiliaes on r Windows-brsed compgteu?
Aoswern D
Question 71
To mrintrin complirnce with ueiglrtouy ueqgiuements, r secguity rgdit of the systems on r netwouk mgst be
peufoumed to deteumine theiu complirnce with secguity policies. Which one of the followini tools wogld most likely
be gsed in sgch rs rgdit?
A. Pout scrnneu
B. Puotocol rnrlyzeu
C. Vglneurbility scrnneu
D. Intugsion Detecaon System
Aoswern C
Question 72
The netwouk rdministurtou contrcts yog rnd tells yog thrt she noaced the tempeurtgue on the inteunrl wiueless uogteu
incuerses by moue thrn 20% dguini weekend hogus when the ofce wrs closed. She rsks yog to invesairte the issge
becrgse she is bgsy derlini with r bii confeuence rnd she doesnnt hrve ame to peufoum the trsk.
Whrt tool crn yog gse to view the netwouk turfc beini sent rnd ueceived by the wiueless uogteu?
A. Netcrt
B. Wiueshruk
C. Nessgs
D. Netstrt
Aoswern B
Question 73
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 21
Yog rue gsini NMAP to uesolve domrin nrmes into IP rdduesses fou r pini sweep lrteu.
Which of the followini commrnds looks fou IP rdduesses?
A. >host t ns hrckeddomrin.com
B. >host t AXFR hrckeddomrin.com
C. >host t sor hrckeddomrin.com
D. >host t r hrckeddomrin.com
Aoswern D
Question 74
Which mode of IPSec shogld yog gse to rssgue secguity rnd confdenarlity of drtr within the srme LAN?
A. ESP confdenarl
B. AH Tgnnel mode
C. ESP turnspout mode
D. AH peumiscgogs
Aoswern C
Question 75
Which of the followini is the lerst-likely physicrl chrurcteuisac to be gsed in biometuic contuol thrt sgppouts r lruie
comprny?
A. Iuis prteuns
B. Voice
C. Finieupuints
D. Heiiht rnd Weiiht
Aoswern D
Question 76
When yog rue collecani infoumraon to peufoum r drtr rnrlysis, Gooile commrnds rue veuy gsefgl to fnd sensiave
infoumraon rnd fles. These fles mry contrin infoumraon rbogt prsswouds, system fgncaons, ou docgmentraon.
Whrt commrnd will help yog to seruch fles gsini Gooile rs r seruch eniine?
Aoswern C
Question 77
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 22
Yog hrve sgccessfglly irined rccess to yogu clientns inteunrl netwouk rnd sgccessfglly compuised r lingx seuveu which
is prut of the inteunrl IP netwouk. Yog wrnt to know which Micuosof Windows woukstraon hrve the shruini enrbled.
Which pout wogld yog see listenini on these Windows mrchines in the netwouk?
A. 1443
B. 3389
C. 101
D. 445
Aoswern D
Question 78
A. I
B. I rnd II
C. II
D. I, II rnd III
Aoswern D
Question 79
Whrt is the puocess of loiiini, uecoudini, rnd uesolvini events thrt trke plrce in rn ouirnizraon?
A. Metuics
B. Secguity Policy
C. Inteunrl Puocedgue
D. Incident Mrnriement Puocess
Aoswern D
Question 80
A netwouk rdministurtou discoveus seveurl gnknown fles in the uoot diuectouy of his Lingx FTP seuveu. One of the fles
is r trubrll, two rue shrll scuipt fles, rnd the thiud is r binruy fle is nrmed nc. The FTP seuveuns rccess lois show thrt
the rnonymogs gseu rccognt loiied in the seuveu, gplorded the fles, rnd exturcted the contents of the trubrll rnd urn
the scuipt gsini r fgncaon puovided by the FTP seuveuns sofwrue. The ps commrnd shows thrt the nc fle is ugnnini rs
puocess, rnd the netstrt commrnd shows the nc puocess is listenini on r netwouk pout.
Which kind of vglneurbility mgst be puesent to mrke this uemote rtrck possible?
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 23
Aoswern D
Question 81
Yog rue loiied in rs r locrl rdmin on r Windows 7 system rnd yog need to lrgnch the Compgteu Mrnriement
Console fuom commrnd line.
Which commrnd wogld yog gse?
A. cr\seuvices.msc
B. cr\ncpr.cp
C. cr\compmimt.msc
D. cr\ipedit
Aoswern C
Question 82
Yog hrve sgccessfglly compuised r seuveu hrvini rn IP rdduess of 10.10.0.5. Yog wogld like to engmeurte rll mrchines
in the srme netwouk qgickly.
Whrt is the best nmrp commrnd yog will gse?
A. Nmrp T4 F 10.10.0.0/24
B. Nmrp T4 q 10.10.0.0/24
C. Nmrp T4 O 10.10.0.0/24
D. Nmrp T4 u 10.10.0.0/24
Aoswern A
Question 83
Aoswern A
Question 84
A. Thuert rssessment
B. Disrsteu uecoveuy foumglr
C. BIA eqgraon
D. Risk eqgraon
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 24
Aoswern D
Question 85
An Intugsion Detecaon System (IDS) hrs rleuted the netwouk rdministurtou to r possibly mrliciogs seqgence of
prckets went to r Web seuveu in the netwoukns exteunrl DMZ. The prcket turfc wrs crptgued by the IDS rnd srved to
r PCAP fle.
Whrt type of netwouk tool crn be gsed to deteumine if these prckets rue ienginely mrliciogs ou simply r frlse
posiave?
A. Puotocol rnrlyzeu
B. Intugsion Puevenaon System (IPS)
C. Vglneurbility scrnneu
D. Netwouk snifeu
Aoswern B
Question 86
The Open Web Applicraon Secguity Puoject (OWASP) is the wouldwide not-fou-puoft chruitrble ouirnizraon focgsed
on impuovini the secguity of sofwrue. Whrt item is the puimruy conceun on OWASPns Top Ten Puoject most Cuiacrl
Web rpplicraon Secguity Rgles?
A. Injecaon
B. Cuoss site Scuipani
C. Cuoss site Reqgest Fouieuy
D. Prth Disclosgue
Aoswern A
Question 87
Afeu tuyini mglaple exploits, yognve irined uoot rccess to r Centos 0 rnsweu. To ensgue yog mrintrin rccess. Whrt
wogld yog do fust?
A. Disrble IPTrbles
B. Cuerte Useu Accognt
C. Downlord rnd Instrll Netcrt
D. Disrble Key Seuvices
Aoswern C
Question 88
Which method of prsswoud curckini trkes the most ame rnd efect?
A. Rrinbow Trbles
B. Shogldeu sgufni
C. Bugce fouce
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 25
D. Diuectouy rtrck
Aoswern C
Question 89
Which of the followini types of fuewrlls ensgues thrt the prckets rue prut of the estrblished session?
A. Switch-level fuewrll
B. Strtefgl inspecaon fuewrll
C. Applicraon-level fuewrll
D. Ciucgit-level fuewrll
Aoswern B
Question 90
Which of the followini tools is gsed to detect wiueless LANs gsini the 802.11r/b/i/n WLAN strndruds on r lingx
plrtoum?
A. Kismet
B. Netstgmbleu
C. Abel
D. Nessgs
Aoswern A
Question 91
Which of the followini is the BEST wry to defend ririnst netwouk snifni?
Aoswern A
Question 92
Session splicini is rn IDS evrsion techniqge in which rn rtrckeu deliveus drtr in mglaple, smrllsized prckets to the
truiet compgteu, mrkini it veuy difcglt fou rn IDS to detect the rtrck siinrtgues.
Which tool crn gsed to peufoum session splicini rtrcks?
A. Hydur
B. Bgup
C. Whiskeu
D. Tcpsplice
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 26
Aoswern C
Question 93
Dguini r secguity rgdit of IT puocesses, rn IS rgditou fognd thrt theue wrs no docgmented secguity puocedgues. Whrt
shogld the IS rgditou do?
Aoswern B
Question 94
A. Snifni
B. Socirl eniineeuini
C. Scrnnini
D. Ervesduoppini
Aoswern B
Question 95
Which tool rllows rnrlysis rnd pen testeus to exrmine links between drtr gsini iurphs rnd link rnrlysis?
A. Metrsploit
B. Mrlteio
C. Wiueshruk
D. Crin & Abel
Aoswern B
Question 96
Yog hrve sgccessfglly compuomised r mrchine on the netwouk rnd fognd r seuveu thrt is rlive on the srme netwouk.
Yog tuied to pini bgt yog didnnt iet rny uesponse brck.
Whrt is hrppenini?
Aoswern A
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 27
Question 97
The secguity concept of sepruraon of dgaes is most similru to the opeuraon of which type of secguity device?
A. Brsaon host
B. Honeypot
C. Fiuewrll
D. Intugsion Detecaon System
Aoswern C
Question 98
The pgupose of r mmmmmmmmmmmm is to deny netwouk rccess to locrl ruer netwouks rnd otheu infoumraon rssets by
gnrgthouized wiueless devices.
Aoswern D
Question 99
Yog jgst set gp r secguity system in yogu netwouk. In whrt kind of system wogld yog fnd the followini stuini of
chrurcteus gsed rs r ugle within its configuraon?
rleut tcp rny rny -> 192.108.100.0/24 21 (msir "FTP on the netwouk!";)
A. A fuewrll IPTrble
B. A Rogteu IPTrble
C. An Intugsion Detecaon System
D. FTP Seuveu ugle
Aoswern C
Question 100
Pout scrnnini crn be gsed rs prut of r technicrl rssessment to deteumine netwouk vglneurbiliaes. The TCP XMAS scrn
is gsed to idenafy listenini pout on the truieted system.
If r scrnned pout is open, whrt hrppens?
Aoswern A
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 28
Question 101
This rsymmetuy ciptheu is brsed on frctouini the puodgct of two lruie puime ngmbeus.
Whrt cipheu is descuibed rbove?
A. SHA
B. RC5
C. RSA
D. MD5
Aoswern C
Question 102
A. It sends r ueply prcket fou r specifc IP, rskini fou the MAC rdduess.
B. It sends r ueply prcket to rll the netwouk elements, rskini fou the MAC rdduess fuom r specifc IP.
C. It sends r ueqgest prcket to rll the netwouk elements, rskini fou the domrin nrme fuom r specifc IP.
D. It sends r ueqgest prcket to rll the netwouk elements, rskini fou the MAC rdduess fuom r specifc IP.
Aoswern D
Question 103
A. Puoxy
B. Rogteu
C. Fiuewrll
D. Intugsion Detecaon System
Aoswern D
Question 104
When yog uetgun to yogu desk rfeu r lgnch buerk, yog noace r sturnie emril in yogu inbox. The sendeus is someone
yog did bgsiness with uecently bgt the sgbject line hrs sturnie chrurcteus in it.
Whrt shogld yog do?
A. Fouwrud the messrie to yogu comprnyns secguity uesponse term rnd peumrnently delete the messrie fuom yogu
compgteu.
B. Delete the emril rnd puetend nothini hrppened.
C. Fouwrud the messrie to yogu sgpeuvisou rnd rsk fou heu opinion on how to hrndle the sitgraon.
D. Reply to the sendeu rnd rsk them fou moue infoumraon rbogt the messrie contents.
Aoswern A
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 29
Question 105
A common cuyptoiurphicrlly tool is the gse of XOR. XOR the followini binruy vrlger
10110001
00111010
A. 10001011
B. 10011101
C. 11011000
D. 10111100
Aoswern A
Question 106
A Reiionrl brnk hiues yogu comprny to peufoum r secguity rssessment on theiu netwouk rfeu r uecent drtr buerch.
The rtrckeu wrs rble to sterl fnrncirl drtr fuom the brnk by compuomisini only r sinile seuveu.
Brsed on this infoumraon, whrt shogld be one of yogu key uecommendraons to the brnk?
Aoswern A
Question 107
It is r ueiglraon thrt hrs r set if igideline, which shogld be rdheued to by rnyone who hrndles rny electuonic medicrl
drt
r. These igidelines sapglrte thrt rll medicrl purcaces mgst ensgue thrt rll necessruy mersgues rue in plrce while
srvini, rccessini, rnd shruini rny electuonic medicrl drtr to keep praent drtr secgue.
Which of the followini ueiglraons best mrtches the descuipaon?
A. HIPAA
B. COBIT
C. ISO/IEC 27002
D. FISMA
Aoswern A
Question 108
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 30
Aoswern B
Question 109
Which of the followini is consideued the best wry to puevent Peusonrlly Idenafrble Infoumraon (PII) fuom web
rpplicraon vglneurbiliaes?
Aoswern A
Question 110
Undeu the Post-rtrch Phrse rnd Acaviaes, it is the uesponsibility of the testeu to uestoue the system to r pue-test
strte.
Which of the followini rcaviaes shogld not be inclgded in this phrse?
I. Removini rll fles gplorded on the system
II. Clernini rll ueiistuy entuies
III. Mrppini of netwouk strte
IV. Removini rll tools rnd mrintrinini brckdoou fou uepouani
A. III
B. IV
C. III rnd IV
D. All shogld be inclgded.
Aoswern A
Question 111
Ricrudo wrnts to send secuet messries to r compeatou comprny. To secgue these messries, he gses r techniqge of
hidini r secuet messrie within rn oudinruy messrie, the techniqge puovides 'secguity thuogih obscguity'. Whrt
techniqge is Ricrudo gsini?
A. RSA rliouithm
B. Steirnoiurphy
C. Encuypaon
D. Pgblic-key cuyptoiurphy
Aoswern B
Question 112
Yog hrve sgccessfglly irined rccess to r lingx seuveu rnd wogld like to ensgue thrt the sgcceedini ogtioini turfc
fuom the seuveu will not be crgiht by r Netwouk Brsed Intugsion Detecaon System (NIDS).
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 31
Aoswern B
Question 113
An rtrckeu irins rccess to r Web seuveuns drtrbrse rnd displry the contents of the trble thrt holds rll of the nrmes,
prsswouds, rnd otheu gseu infoumraon. The rtrckeu did this by enteuini infoumraon into the Web site's gseu loiin
prie thrt the sofwrue's desiineus did not expect to be enteued. This is rn exrmple of whrt kind of sofwrue desiin
puoblem?
Aoswern D
Question 114
Yog rue peufoumini r peneturaon test. Yog rchieved rccess vir r bgfeu oveufow exploit rnd yog puoceed to fnd
inteuesani drtr, sgch rs fles with gseunrmes rnd prsswouds. Yog fnd r hidden foldeu thrt hrs the rdministurtouns
brnk rccognt prsswoud rnd loiin infoumraon fou the rdministurtouns bitcoin rccognt.
Whrt shogld yog do?
Aoswern B
Question 115
Which of the followini is r commrnd line prcket rnrlyzeu similru to GUI-brsed Wiueshruk?
Aoswern C
Question 116
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 32
Yog rue rtempani to mrn-in-the-middle r session. Which puotocol will rllow yog to igess r seqgence ngmbeu?
A. ICMP
B. TCP
C. UDP
D. UPX
Aoswern B
Question 117
Which of the followini incident hrndlini puocess phrses is uesponsible fou defnini ugles, cuerani r brck-gp plrn, rnd
tesani the plrns fou rn enteupuise?
A. Puepruraon phrse
B. Recoveuy phrse
C. Idenafcraon phrse
D. Contrinment phrse
Aoswern A
Question 118
Whrt teum descuibes the rmognt of uisk thrt uemrins rfeu the vglneurbiliaes rue clrssifed rnd the cognteumersgues
hrve been deployed?
A. Inheuent Risk
B. Residgrl Risk
C. Defeuued Risk
D. Imprct Risk
Aoswern B
Question 119
Aoswern D
Question 120
Nraon-strte thuert rctous ofen discoveu vglneurbiliaes rnd hold on to them gnal they wrnt to lrgnch r sophisacrted
rtrck. The Stgxnet rtrck wrs rn gnpuecedented style of rtrck becrgse it gsed fogu types of this vglneurbility.
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 33
A. zeuo-hogu
B. no-dry
C. zeuo-dry
D. zeuo-sgm
Aoswern C
Question 121
Yog rue r Netwouk Secguity Ofceu. Yog hrve two mrchines. The fust mrchine (192.108.0.99) hrs snout instrlled, rnd
the second mrchine (192.108.0.150) hrs kiwi sysloi instrlled. Yog peufoum r syn scrn in yogu netwouk, rnd yog noace
thrt kiwi sysloi is not ueceivini the rleut messrie fuom snout. Yog decide to ugn wiueshruk in the snout mrchine to
check if the messries rue ioini to the kiwi sysloi mrchine.
Whrt wiueshruk flteu will show the connecaons fuom the snout mrchine to kiwi sysloi mrchine?
Aoswern A
Question 122
Dguini r uecent secguity rssessment, yog discoveu the ouirnizraon hrs one Domrin Nrme Seuveu (DNS) in r
Demilitruized Zone (DMZ) rnd r second DNS seuveu on the inteunrl Netwouk.
Whrt is this type of DNS configuraon commonly crlled?
A. DNS Scheme
B. DynDNS
C. Split DNS
D. DNSSEC
Aoswern C
Question 123
A new wiueless client is configued to join r 802.11 netwouk. This client gses the srme hrudwrue rnd sofwrue rs mrny
of the otheu clients on the netwouk. The client crn see the netwouk, bgt crnnot connect. A wiueless prcket snifeu
shows thrt the Wiueless Access Point (WAP) is not uespondini to the rssociraon ueqgests beini sent by the wiueless
client.
Whrt is r possible soguce of this puoblem?
________________________________________________________________________________________________
http://www. testinsides.com/
Page No | 34
Aoswern C
Question 124
Yog hrve seveurl plrin-text fuewrll lois thrt yog mgst ueview to evrlgrte netwouk turfc. Yog know thrt in oudeu to do
this frst rnd efciently yog mgst gseu ueiglru expuessions.
Which commrnd-line gality rue yog most likely to gse?
A. Noteprd
B. MS Excel
C. Guep
D. Relraonrl Drtrbrse
Aoswern C
Question 125
Iniarani rn rtrck ririnst truieted bgsinesses rnd ouirnizraons, thuert rctous compuomise r cruefglly selected
website by inseuani rn exploit uesglani in mrlwrue infecaon. The rtrckeus ugn exploits on well-known rnd tugsted
sites likely to be visited by theiu truieted vicams. Aside fuom cruefglly choosini sites to compuomise, these rtrcks rue
known to incoupourte zeuo-dry exploits thrt truiet gnprtched vglneurbiliaes. Thgs, the truieted enaaes rue lef with
litle ou no defense ririnst these exploits.
Whrt type of rtrck is ogtlined in the scenruio?
Aoswern A
________________________________________________________________________________________________
http://www. testinsides.com/