Page No | 1

Eccouncil

312-50V9 PRACTICE EXAM

EC-Council Certified Ethical Hacker v9

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 2

Product Questions: 125

Version: 8.0
Question 1

The configuraon rllows r wiued ou wiueless netwouk inteufrce contuolleu to prss rll turfce it ueceives to the centurl
puocessini gnit (CPU), urtheu thrn prssini only the furmes thrt the contuolleu is intended to ueceive.
Which of the followini is beini descuibed?

A. WEM
B. Mgla-crst mode
C. Puomiscgogs mode
D. Pout fouwrudini

Aoswern B

Question 2

In Risk Mrnriement, how is the teum likelihood uelrted to the concept of thuert?

A. Likelihood is the puobrbility thrt r vglneurbility is r thuert-soguce.

B. Likelihood is r possible thuert-soguce thrt mry exploit r vglneurbility.
C. Likelihood is the likely soguce of r thuert thrt cogld exploit r vglneurbility.
D. Likelihood is the puobrbility thrt r thuert-soguce will exploit r vglneurbility.

Aoswern D

Question 3

While peufoumini online brnkini gsini r web buowseu, r gseu ueceives rn emril thrt contrins r link to rn inteuesani
Web site. When the gseu clicks on the link, rnotheu web buowseu session struts rnd displrys r video of crts plryini r
pirno. The next bgsiness dry, the gseu ueceives whrt looks like rn emril fuom his brnk, indicrani thrt his brnk
rccognt hrs been rccessed fuom r foueiin cogntuy. The emril rsks the gseu to crll his brnk rnd veuify the
rgthouizraon of r fgnds turnsfeu thrt took plrce.
Whrt web buowseu-brsed secguity vglneurbility wrs exploited to compuomise the gseu?

A. Cuoss-Site Reqgest Fouieuy

B. Cuoss-Site Scuipani
C. Web foum inpgt vrlidraon
D. Clickjrckini

Aoswern A

Question 4

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 3

Which of the followini is one of the most efecave wrys to puevent Cuoss-site Scuipani (XSS) frws in sofwrue
rpplicraons?

A. Veuity rccess uiiht befoue rllowini rccess to puotected infoumraon rnd UI contuols
B. Use secguity policies rnd puocedgues to defne rnd implement puopeu secguity setnis
C. Vrlidrte rnd escrpe rll infoumraon sent oveu to r seuveu
D. Use diiitrl ceuafcrtes to rgthenacrte r seuveu puiou to sendini drtr

Aoswern A

Question 5

An incident invesairtou rsks to ueceive r copy of the event fuom rll fuewrlls, puosy seuveus, rnd Intugsion Detecaon
Systems (IDS) on the netwouk of rn ouirnizraon thrt hrs expeuienced r possible buerch of secguity. When the
invesairtou rtempts to couuelrte the infoumraon in rll of the lois the seqgence of mrny of the loiied events do not
mrtch gp.
Whrt is the most likely crgse?

A. The netwouk devices rue not rll synchuonized

B. The secguity buerch wrs r frlse posiave.
C. The rtrck rlteued ou eursed events fuom the lois.
D. Puopeu chrin of cgstody wrs not obseuved while collecani the lois.

Aoswern C

Question 6

This tool is rn 802.11 WEP rnd WPA-PSK keys curckini puoiurm thrt crn uecoveu keys once enogih drtr prckets hrve
been crptgued. It implements the strndrud FMS rtrch rloni with some opamizraons like Kouek rtrcks, rs well rs
the PTW rtrck, thgs mrkini the rtrck mgch frsteu comprued to otheu WEP curckini tools.
Which of the followini tools is beini descuibed?

A. Wifcurckeu
B. WLAN-curck
C. Aiuigrud
D. Aiucurck-ni

Aoswern D

Question 7

Which of the followini tools is gsed to rnrlyze the fles puodgced by seveurl prcket-crptgue puoiurms sgch rs
tcpdgmp, WinDgmp, Wiueshruk, rnd EtheuPeek?

A. Nessgs
B. Tcpturceuogte
C. Tcpturce
D. OpenVAS

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 4

Aoswern C

Question 8

Yog hrve compuomised r seuveu on r netwouk rnd sgccessfglly open r shell. Yog rimed to idenafy rll opeurani
systems ugnnini on the netwouk. Howeveu, rs yog rtempt to fnieupuint rll mrchines in the mrchines in the netwouk
gsini the nmrp syntrx below, it is not ioini thuogih.
invictgs@vicammseuveur:~nmrp T4 O 10.10.0.0/24
TCP/IP fnieupuinani (fou OS scrn) xxxxxxx xxxxxx xxxxxxxxxx.
QUITTING!
Whrt seems to be wuoni?

A. The ogtioini TCP/IP fnieupuinani is blocked by the host fuewrll.

B. This is r common behrviou fou r couugpted nmrp rpplicraon.
C. OS Scrn ueqgiues uoot puivileied.
D. The nmrp syntrx is wuoni.

Aoswern D

Question 9

Which of the followini is the iuertest thuert posed by brckgps?

A. An gn-encuypted brckgp crn be misplrced ou stolen

B. A brck is incomplete becrgse no veuifcraon wrs peufoumed.
C. A brckgp is the soguce of Mrlwrue ou illicit infoumraon.
D. A brckgp is gnrvrilrble dguini disrsteu uecoveuy.

Aoswern A

Question 10

An rtrckeu hrs instrlled r RAT on r host. The rtrckeu wrnts to ensgue thrt when r gseu rtempts to io to
www.MyPeusonrlBrnk.com, thrt the gseu is diuected to r phishini site.
Which fle does the rtrckeu need to modify?

A. Hosts
B. Netwouks
C. Boot.ini
D. Sgdoeus

Aoswern A

Question 11

Jesse ueceives rn emril with rn rtrchment lrbeled CogutmNoacem21200.zip. Inside the zip fle is r fle nrmed
CogutmNoacem21200.docx.exe disigised rs r woud docgment. Upon execgaon, r windows rpperus strani, This
woud docgment is couugpt. In the brckiuognd, the fle copies itself to Jesse APPDATA\locrl diuectouy rnd beiins to
bercon to r C2 seuveu to downlord rddiaonrl mrliciogs binruies. Whrt type of mrlwrue hrs Jesse encognteued?

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 5

A. Tuojrn
B. Woum
C. Key-Loiieu
D. Micuo Viugs

Aoswern A

Question 12

In 2007, this wiueless secguity rliouithm wrs uendeued gseless by crptguini prckets rnd discoveuini the prsskey in r
mrteu of seconds. This secguity frw led to r netwouk invrsion of TJ Mrxx rnd drtr thef thuogih r techniqge known
wruduivini.
Which rliouithm is this uefeuuini to?

A. Wiued Eqgivrlent Puivrcy (WEP)

B. Tempourl Key Inteiuity Puotocol (TRIP)
C. Wi-Fi Puotected Access (WPA)
D. Wi-Fi Puotected Access 2 (WPA2)
E.

Aoswern A

Question 13

Whrt is the best descuipaon of SQL Injecaon?

A. It is r Denirl of Seuvice Atrck.

B. It is rn rtrck gsed to modify code in rn rpplicraon.
C. It is rnd rtrck gsed to irin gnrgthouized rccess to r drtrbrse.
D. It is r Mrn-in-the-Middle rtrck between yogu SQL Seuveu rnd Web App Seuveu.

Aoswern D

Question 14

Which of the followini is the sgccessou of SSL?

A. RSA
B. GRE
C. TLS
D. IPSec

Aoswern C

Question 15

As r Ceuafed Ethicrl hrckeu, yog weue conturcted by r puivrte fum to condgct rn exteunrl secguity rssessment
thuogih peneturaon tesani.

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 6

Whrt docgment descuibes the specifed of the tesani, the rssocirted violraons, rnd essenarlly puotects both the
ouirnizraonns inteuest rnd yogu li rbiliaes rs r testeu?

A. Teum of Eniriement
B. Non-Disclosgue Aiueement
C. Puoject Scope
D. Seuvice Level Aiueement

Aoswern B

Question 16

Which of the followini is not r Blgetooth rtrck?

A. Blgejrckini
B. Blgeduivini
C. Blgesnrufni
D. Blgesmrkini

Aoswern B

Question 17

PGP, SSL, rnd IKE rue rll exrmples of which type of cuyptoiurphy?

A. Hrsh Aliouithm
B. Secuet Key
C. Pgblic Key
D. Diiest

Aoswern C

Question 18

Usini Windows CMD, how wogld rn rtrckeu list rll the shrues to which the cguuent gseu context hrs rccess?

A. NET CONFIG
B. NET USE
C. NET FILE
D. NET VIEW

Aoswern D

Question 19

Which of these opaons is the most secgue puocedgue fou stuoni brckgp trpes?

A. In r climrte contuolled frcility ofsite

B. Inside the drtr centeu fou frsteu uetuievrl in r fuepuoof srfe

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 7

C. In r cool duy enviuonment

D. On r difeuent foou in the srme bgildini

Aoswern A

Question 20

Whrt is the beneft of peufoumini rn gnrnnognced Peneturaon Tesani?

A. The testeu will hrve rn rctgrl secguity postgue visibility of the truiet netwouk.
B. The testeu cogld not puovide rn honest rnrlysis.
C. Netwouk secguity wogld be in r best strte postgue.
D. It is best to crtch cuiacrl infurstugctgue gnprtched.

Aoswern A

Question 21

Whrt does r fuewrll check to puevent pruacglru pouts rnd rpplicraons fuom ietni prckets into rn ouirnizraons?

A. Turnspout lryeu pout ngmbeus rnd rpplicraon lryeu herdeus

B. Netwouk lryeu herdeus rnd the session lryeu pout ngmbeus
C. Applicraon lryeu pout ngmbeus rnd the turnspout lryeu herdeus
D. Puesentraon lryeu herdeus rnd the session lryeu pout ngmbeus

Aoswern A

Question 22

> NMAP sn 192.108.11.200-215

The NMAP commrnd rbove peufoums which of the followini?

A. A pini scrn
B. A turce sweep
C. An opeurani system detect
D. A pout scrn

Aoswern A

Question 23

An Inteunet Seuvice Puovideu (ISP) hrs r need to rgthenacrte gseus connecani gsini rnrloi modems, diiitrl
Sgbscuibeu Line (DSL), wiueless drtr seuvices, rnd viutgrl Puivrte Netwouks (VPN) oveu r Furme Relry netwouk.
Which AAA puotocol is most likely rble to hrndle this ueqgiuement?

A. DIAMETER
B. Keubeuos
C. RADIUS
D. TACACS+

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 8

Aoswern D

Question 24

To deteumine if r sofwrue puoiurm puopeuly hrndles r wide urnie of invrlid inpgt, r foum of rgtomrted tesani crn be
gsed urndomly ieneurte invrlid inpgt in rn rtempt to cursh the puoiurm.
Whrt teum is commonly gsed when uefeuuini to this type of tesani?

A. Bogndini
B. Mgtrani
C. Pgzzini
D. Rrndomizini

Aoswern C

Question 25

Which of the followini tools crn be gsed fou prssive OS fnieupuinani?

A. tcpdgmp
B. pini
C. nmrp
D. Turceut

Aoswern C

Question 26

Yogu comprny peufoums peneturaon tests rnd secguity rssessments fou smrll rnd medigm-sized bgsiness in the locrl
rue
r. Dguini r uogane secguity rssessment, yog discoveu infoumraon thrt sgiiests yogu client is involved with hgmrn
turfckini.
Whrt shogld yog do?
A. Copy the drtr to uemovrble medir rnd keep it in crse yog need it.
B. Iinoue the drtr rnd conange the rssessment gnal completed rs riueed.
C. Confuont the client on r uespectgl mrnneu rnd rsk heu rbogt the drtr.
D. Immedirtely stop wouk rnd contrct the puopeu leirl rgthouiaes.

Aoswern D

Question 27

Yog rue the Systems Administurtou fou r lruie coupourte ouirnizraon. Yog need to monitou rll netwouk turfc on yogu
locrl netwouk fou sgspiciogs rcaviaes rnd ueceive noafcraons when rn rtrck is occguuini. Which tool wogld rllow
yog to rccomplish this iorl?

A. Host-brsed IDS
B. Fiuewrll

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 9

C. Netwouk-Brsed IDS
D. Puoxy

Aoswern C

Question 28

Whrt is r Collision rtrch in cuyptoiurphy?

A. Collision rtrcks tuy to buerk the hrsh into two pruts, with the srme bytes in erch prut to iet the puivrte key.
B. Collision rtrcks tuy to buerk the hrsh into thuee pruts to iet the plrintext vrlge.
C. Collision rtrcks tuy to fnd two inpgts puodgcini the srme hrsh.
D. Collision rtrcks tuy to iet the pgblic key

Aoswern C

Question 29

The Blrck box tesani methodoloiy enfouces which kind of uestuicaon?

A. Only the exteunrl opeuraon of r system is rccessible to the testeu

B. The inteunrl opeuraon of r system is completely known to the testeu.
C. Only the inteunrl opeuraon of r system is known to the testeu.
D. The inteunrl opeuraon of r system is only prutly rccessible to the testeu.

Aoswern A

Question 30

Yognve irined physicrl rccess to r Windows 2008 R2 seuveu which hrs rs rccessible disc duive. When yog rtempt to
boot the seuveu rnd loi in, yog rue gnrble to igess the prsswoud. In yogu tool kit yog hrve rn Ubgntg 9.10 Lingx
LiveCD. Which Lingx tool hrs the rbility to chrnie rny gseuns prsswoud ou to rcavrte disrbled Windows Accognts?

A. John the Rippeu

B. CHNTPW
C. Crin & Abel
D. SET

Aoswern A

Question 31

While gsini yogu brnkns online seuvicini yog noace the followini stuini in the URL brur
htpr//www.MyPeusonrlBrnk/Accognt?
Id=308940911028389&Drmognt=10980&Crmognt=21
Yog obseuve thrt if yog modify the Drmognt & Crmognt vrlges rnd sgbmit the ueqgest, thrt drtr on the web prie
uefect the chrnies.
Whrt type of vglneurbility is puesent on this site?

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 10

A. SQL injecaon
B. XSS Refecaon
C. Web Prurmeteu Trmpeuini
D. Cookie Trmpeuini

Aoswern C

Question 32

It is r shout-urnie wiueless commgnicraon technoloiy intended to ueplrce the crbles connecani poutrbles of fxed
devices while mrintrinini hiih levels of secguity. It rllows mobile phones, compgteus rnd otheu devices to connect
rnd commgnicrte gsini r shout-urnie wiueless connecaon.
Which of the followini teums best mrtches the defniaon?

A. Blgetooth
B. Rrdio-Fueqgency Idenafcraon
C. WLAN
D. InfurRed

Aoswern A

Question 33

Whrt is the most common method to exploit the Brsh Bgi ou ShellShock vglneurbility?

A. SSH
B. SYN Flood
C. Mrnipglrte foumrt stuinis in text felds
D. Thuogih Web seuveus galizini CGI (Common Grtewry Inteufrce) to send r mrlfoumed enviuonment vruirble to r
vglneurble Web seuveu

Aoswern D

Question 34

A medigm-sized herlthcrue IT bgsiness decides to implement r uisk mrnriement sturteiy.

Which of the followini is NOT one of the fve brsic uesponses to uisk?

A. Miairte
B. Avoid
C. Accept
D. Deleirte

Aoswern D

Question 35

The phrse will incuerse the odds of sgccess in lrteu phrses of the peneturaon test. It is rlso the veuy fust step in
Infoumraon Grtheuini, rnd it will tell yog whrt the lrndscrpe looks like.

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 11

Whrt is the most impoutrnt phrse of ethicrl hrckini in which yog need to spend r consideurble rmognt of ame?

A. Netwouk Mrppini
B. Grinini rccess
C. Footpuinani
D. Escrlrani puivileies

Aoswern C

Question 36

Which ueiglraon defnes secguity rnd puivrcy contuols fou Fedeurl infoumraon systems rnd ouirnizraons?

A. HIPAA
B. EU Srfe Hrubou
C. PCI-DSS
D. NIST-800-53

Aoswern D

Question 37

Which of the followini descuibes the chrurcteuisacs of r Boot Sectou Viugs?

A. Oveuwuites the ouiiinrl MBR rnd only execgtes the new viugs code
B. Modifes diuectouy trble entuies so thrt diuectouy entuies point to the viugs code insterd of the rctgrl puoiurm
C. Moves the MBR to rnotheu locraon on the hrud disk rnd copies itself to the ouiiinrl locraon of the MBR
D. Moves the MBR to rnotheu locraon on the RAM rnd copies itself to the ouiiinrl locraon of the MBR

Aoswern C

Question 38

Yog rue peufoumini infoumraon irtheuini fou rn impoutrnt peneturaon test. Yog hrve fognd pdf, doc, rnd imries in
yogu objecave. Yog decide to exturct metrdrtr fuom these fles rnd rnrlyze it.
Whrt tool will help yog with the trsk?

A. Aumitrie
B. Dimituy
C. cdpsnruf
D. Metrioofl

Aoswern D

Question 39

Which of the followini is rn extuemely common IDS evrsion techniqge in the web would?

A. post knockini

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 12

B. sgbnetni
C. gnicode chrurcteus
D. spywrue

Aoswern C

Question 40

When yog rue tesani r web rpplicraon, it is veuy gsefgl to employ r puosy tool to srve eveuy ueqgest rnd uesponse.
Nyog crn mrngrlly test eveuy ueqgest rnd rnrlyze the uesponse to fnd vglneurbiliaes. Yog crn test prurmeteu rnd
herdeus mrngrlly to iet moue puecise uesglts thrn if gsini web vglneurbility scrnneus.
Whrt puoxy tool will help yog fnd web vglneurbiliaes?

A. Bgupsgite
B. Dimituy
C. Puoxychrins
D. Mrskien

Aoswern A

Question 41

It is r kind of mrlwrue (mrliciogs sofwrue) thrt cuiminrls instrll on yogu compgteu so they crn lock it fuom r uemote
locraon. This mrlwrue ieneurtes r pop-gp windows, webprie, ou emril wrunini fuom whrt looks like rn ofcirl
rgthouity. It explrins yogu compgteu hrs been locked becrgse of possible illeirl rcaviaes rnd demrnds pryment
befoue yog crn rccess yogu fles rnd puoiurms ririn.
Which teum best mrtches this defniaon?

A. Spywrue
B. Adwrue
C. Rrnsomwrue
D. Riskwrue

Aoswern C

Question 42

Which of the followini is rssgued by the gse of r hrsh?

A. Avrilrbility
B. Confdenarlity
C. Agthenacraon
D. Inteiuity

Aoswern D

Question 43

When yog rue ietni infoumraon rbogt r web seuveu, it is veuy impoutrnt to know the HTTP Methods (GET, POST,

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 13

HEAD, PUT, DELETE, TRACE) thrt rue rvrilrble becrgse theue rue two cuiacrl methods (PUT rnd DELETE). PUT crn
gplord r fle to the seuveu rnd DELETE crn delete r fle fuom the seuveu. Yog crn detect rll these methods (GET, POST,
HEAD, PUT, DELETE, TRACE) gsini NMAP scuipt eniine.
Whrt nmrp scuipt will help yog with this trsk?

A. htp engm
B. htp-iit
C. htp-herdeus
D. htp-methods

Aoswern B

Question 44

Dguini r blrckbox pen test yog rtempt to prss IRC turfc oveu post 80/TCP fuom r compuomised web enrbled host.
The turfc iets blocked; howeveu ogtbognd HTTP turfc is gnimpeded.
Whrt type of fuewrll is inspecani ogtbognd turfc?

A. Ciucgit
B. Prcket Filteuini
C. Applicraon
D. Strtefgl

Aoswern C

Question 45

A comprnyns secguity strtes thrt rll web buowseus mgst rgtomracrlly delete theiu HTTP buowseu cookies gpon
teuminrani. Whrt sout of secguity buerch is this policy rtempani to miairte?

A. Atempts by rtrckeus to deteumine the gseu's Web buowseu gsrie prteuns, inclgdini when sites weue visited rnd
fou how loni.
B. Atempts by rtrckeus to rccess prsswouds stoued on the gseu's compgteu withogt the gseu's knowledie.
C. Atempts by rtrckeus to rccess Web sites thrt tugst the Web buowseu gseu by sterlini the gseu's rgthenacraon
cuedenarls.
D. Atempts by rtrcks to rccess the gseu rnd prsswoud infoumraon stoues in the comprny's SQL drtrbrse.

Aoswern C

Question 46

Yognve jgst been hiued to peufoum r pen test on rn ouirnizraon thrt hrs been sgbjected to r lruie-scrle rtrck. The
CIO is conceuned with miairani thuerts rnd vglneurbiliaes to totrlly eliminrte uisk.
Whrt is one of the fust thini yog shogld to when the job?

A. Strut the wiueshruk rpplicraon to strut snifni netwouk turfc.

B. Estrblish rtuibgaon to sgspected rtrckeus.
C. Explrin to the CIO thrt yog crnnot eliminrte rll uisk, bgt yog will be rble to uedgce uisk to rcceptrble levels.
D. Inteuview rll employees in the comprny to ugle ogt possible insideu thuerts.

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 14

Aoswern C

Question 47

Which of the followini secguity opeuraons is gsed fou deteuminini the rtrck sgufrce of rn ouirnizraon?

A. Reviewini the need fou r secguity clerurnce fou erch employee

B. Rgnnini r netwouk scrn to detect netwouk seuvices in the coupourte DMZ
C. Turinini employees on the secguity policy ueirudini socirl eniineeuini
D. Usini configuraon mrnriement to deteumine when rnd wheue to rpply secguity prtches

Aoswern B

Question 48

Peuspecave clients wrnt to see srmple uepouts fuom pueviogs peneturaon tests.
Whrt shogld yog do next?

A. Shrue fgll uepouts, not uedrcted.

B. Shrue fgll uepouts, with uedrcted.
C. Decline bgt, puovide uefeuences.
D. Shrue uepouts, rfeu NDA is siined.

Aoswern B

Question 49

Which of the followini strtements is TRUE?

A. Snifeus opeuraon on Lryeu 3 of the OSI model

B. Snifeus opeuraon on Lryeu 2 of the OSI model
C. Snifeus opeuraon on the Lryeu 1 of the OSI model
D. Snifeus opeuraon on both Lryeu 2 & Lryeu 3 of the OSI model

Aoswern D

Question 50

Jimmy is strndini ogtside r secgue enturnce to r frcility. He is puetendini to hrvini r tense conveusraon on his cell
phone rs rn rgthouized employee brdies in. Jimmy, while sall on the phone, iurbs the doou rs it beiins to close.
Whrt jgst hrppened?

A. Mrsqgrdini
B. Phishini
C. Whrlini
D. Piiiybrckini

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 15

Aoswern D

Question 51

The herutlrnd bgi wrs discoveued in 2014 rnd is widely uefeuued to gndeu MITREns Common Vglneurbiliaes rnd
Exposgues (CVE) rs CVE-2004-1000. This bgi rfects the OpenSSL implementraon of the turnspout Lryeu secguity (TLS)
puotocols defned in RFC0520.
Whrt types of key does this bgi lerve exposed to the Inteunet mrkini exploitraon of rny compuomised system veuy
ersy?

A. Root
B. Puivrte
C. Shrued
D. Pgblic

Aoswern A

Question 52

Yog wouk rs r Secguity Anrlyst fou r uetril ouirnizraon. In secguini the comprny's netwouk, yog set gp r fuewrll rnd
rn IDS. Howeveu, hrckeus rue rble to rtrck the netwouk. Afeu invesairani, yog discoveu thrt yogu IDS is not
configued puopeuly rnd theuefoue is gnrble to tuiiieu rlrums when needed. Whrt type of rleut is the IDS iivini?

A. Frlse Neirave
B. Tuge Neirave
C. Tuge Posiave
D. Frlse Posiave

Aoswern A

Question 53

This inteunraonrl ouirnizraon ueiglrtes billions of turnsrcaons drily rnd puovides secguity igidelines to puotect
peusonrlly idenafrble infoumraon (PII). These secguity contuols puovide r brseline rnd puevent low-level hrckeus
someames known rs scuipt kiddies fuom crgsini r drtr buerch.
Which of the followini ouirnizraons is beini descuibed?

A. Pryment Crud Indgstuy (PCI)

B. Inteunraonrl Secguity Indgstuy Ouirnizraon (ISIO)
C. Insatgte of Electuicrl rnd Electuonics Eniineeus (IEEE)
D. Centeu fou Diserse Contuol (CDC)

Aoswern B

Question 54

Which of the followini tools peufoums compuehensive tests ririnst web seuveus, inclgdini drnieuogs fles rnd CGI's?

A. Snout

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 16

B. Dsnif
C. Nikto
D. John the Rippeu

Aoswern C

Question 55

Which of the followini is the stugctgue desiined to veuify rnd rgthenacrte the idenaty of individgrls within the
enteupuise trkini prut in r drtr exchrnie?

A. PKI
B. biometuics
C. SOA
D. sinile siin on

Aoswern A

Question 56

The chrnce of r hrud duive frilgue is once eveuy thuee yerus. The cost to bgy r new hrud duive is ~300. It will ueqgiue 10
hogus to uestoue the OS rnd sofwrue to the new hrud disk. It will ueqgiue r fgutheu 4 hogus to uestoue the drtrbrse
fuom the lrst brckgp to the new hrud disk. The uecoveuy peuson eruns ~10/hogu. Crlcglrte the SLE, ARO, rnd ALE.
Assgme the EF = 1 (100%).
Whrt is the closest rppuoximrte cost of this ueplrcement rnd uecoveuy opeuraon peu yeru?

A. ~100
B. ~140
C. 440
D. 1320

Aoswern B

Question 57

An rtrckeu chrnies the puofle infoumraon of r pruacglru gseu on r truiet website (the vicam). The rtrckeu gses this
stuini to gpdrte the vicam's puofle to r text fle rnd then sgbmit the drtr to the rtrckeuns drtrbrse.
<furme suc=htpr//www/vglnweb.com/gpdrtrif.php Style=displryrnone></ifurme>
Whrt is this type of rtrck (thrt crn gse eitheu HTTP GET ou HRRP POST) crlled?

A. Cuoss-Site Reqgest Fouieuy

B. Cuoss-Site Scuipani
C. SQL Injecaon
D. Buowseu Hrckini

Aoswern A

Question 58

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 17

Yog rue trsked to peufoum r peneturaon test. While yog rue peufoumini infoumraon irtheuini, yog fnd rb employee
list in Gooile. Yog fnd uecepaonistns emril, rnd yog send heu rn emril chrniini the soguce emril to heu bossns emril (
boss@comprny ). In this emril, yog rsk fou r pdf with infoumraon. She uerds yogu emril rnd sends brck r pdf with
links. Yog exchrnie the pdf links with yogu mrliciogs links (these links contrin mrlwrue) rnd send brck the modifed
pdf, sryini thrt the links donnt wouk. She uerds yogu emril, opens the links, rnd heu mrchine iets infected.
Whrt tesani method did yog gse?

A. Piiiybrckini
B. Trilirani
C. Evesduoppini
D. Socirl eniineeuini

Aoswern D

Question 59

Which of the followini is r puotocol specifcrlly desiined fou turnspouani event messries?

A. SMS
B. SNMP
C. SYSLOG
D. ICMP

Aoswern C

Question 60

Which of the followini is component of r uisk rssessment?

A. Loiicrl inteufrce
B. DMZ
C. Administurave srfeigruds
D. Physicrl secguity

Aoswern C

Question 61

Which of the followini is r desiin prteun brsed on disanct pieces of sofwrue puovidini rpplicraon fgncaonrlity rs
seuvices to otheu rpplicraons?

A. Lern Codini
B. Seuvice Ouiented Auchitectgue
C. Object Ouiented Auchitectgue
D. Aiile Puocess

Aoswern B

Question 62

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 18

A comprnyns Web development term hrs become rwrue of r ceutrin type of secguity vglneurbility in theiu Web
sofwrue. To miairte the possibility of this vglneurbility beini exploited, the term wrnts to modify the sofwrue
ueqgiuements to disrllow gseus fuom enteuini HTML rs inpgt into theiu Web rpplicraon.
Whrt kind of web rpplicraon vglneurbility likely exists in theiu sofwrue?

A. Web site defrcement vglneurbility

B. SQL injecaon vglneurbility
C. Cuoss-site Scuipani vglneurbility
D. Cuoss-site Reqgest Fouieuy vglneurbility

Aoswern C

Question 63

It is rn enaty ou event with the potenarl to rdveusely imprct r system thuogih gnrgthouized rccess destugcaon
disclosgues denirl of seuvice ou modifcraon of drt
r.
Which of the followini teums best mrtches this defniaon?
A. Thuert
B. Atrck
C. Risk
D. Vglneurbility

Aoswern A

Question 64

Yogu term hrs won r conturct to inflturte rn ouirnizraon. The comprny wrnts to hrve the rtrck be r uerlisac rs
possible; theuefoue, they did not puovide rny infoumraon besides the comprny nrme.
Whrt shogld be the fust step in secguity tesani the client?

A. Scrnnini
B. Escrlraon
C. Engmeuraon
D. Reconnrissrnce

Aoswern D

Question 65

A peneturaon testeu is condgcani r pout scrn on r specifc host. The testeu fognd seveurl pouts opened thrt weue
confgsini in conclgdini the Opeurani System (OS) veusion instrlled. Consideuini the NMAP uesglt below, which of
the follow is likely to be instrlled on the truiet mrchine by the OS? Struani NMAP 5.21 rt 2011-03-15 11r00 NMAP
scrn uepout fou 172.10.40.05 Host is gp (1.00s lrtency). Not shownr 993 closed pouts PORT STATE SERVICE 21/tcp open
fp 23/tcp open telnet 80 /tcp open htp 139/tcp open netbios-ssn 515/tcp open 031/tec open ipp 9100/tcp open MAC
Adduessr 00r00r48r0DrEEr8

A. The host is likely r puinteu.

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 19

B. The host is likely r uogteu.

C. The host is likely r Lingx mrchine.
D. The host is likely r Windows mrchine.

Aoswern A

Question 66

A hrckeu hrs sgccessfglly infected rn inteunet-frcini seuveu, which he will then gse to send jgnk mril, trke prut in
cooudinrted rtrcks, ou host jgnk emril content.
Which sout of tuojrn infects this seuveu?

A. Botnet Tuojrn
B. Brnkini Tuojrns
C. Rrnsomwrue Tuojrns
D. Tgutle Tuojrns

Aoswern A

Question 67

Yog hrve compuomised r seuveu rnd sgccessfglly irined r uoot rccess. Yog wrnt to pivot rnd prss turfc gndetected
oveu the netwouk rnd evrde rny possible Intugsion Detecaon System.
Whrt is the best rppuorch?

A. Instrll rnd gse Telnet to encuypt rll ogtioini turfc fuom this seuveu.
B. Instrll Cuyptcrt rnd encuypt ogtioini prckets fuom this seuveu
C. Use Alteunrte Drtr Stuerms to hide the ogtioini prckets fuom this seuveu.
D. Use HTTP so thrt rll turfc crn be uogted vir r buowseu, thgs evrdini the inteunrl Intugsion Detecaon Systems.

Aoswern A

Question 68

It is r vglneurbility in GNUns brsh shell, discoveued in Septembeu of 2004, thrt iives rtrckeus rccess to ugn uemote
commrnds on r vglneurble system. The mrliciogs sofwrue crn trke contuol of rn infected mrchine, lrgnch denirl-of
seuvice rtrcks to disugpt websites, rnd scrn fou otheu vglneurble devices (inclgdini uogteus).
Which of the followini vglneurbiliaes is beini descuibed?

A. Shellshock
B. Rootshock
C. Shellbrsh
D. Rootshell

Aoswern A

Question 69

env x= (){ r;};echo exploit brsh c crt /etc/prsswd

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 20

Whrt is the Shellshock brsh vglneurbility rtempani to do on rn vglneurble Lingx host?

A. Add new gseu to the prsswd fle

B. Displry prsswd contents to puompt
C. Chrnie rll prsswoud in prsswd
D. Remove the prsswd fle.

Aoswern B

Question 70

Yogu comprny wrs hiued by r smrll herlthcrue puovideu to peufoum r technicrl rssessment on the netwouk.
Whrt is the best rppuorch fou discoveuini vglneurbiliaes on r Windows-brsed compgteu?

A. Use the bgilt-in Windows Updrte tool

B. Cuerte r disk imrie of r clern Windows instrllraon
C. Check MITRE.oui fou the lrtest list of CVE fndinis
D. Used r scrn tool like Nessgs

Aoswern D

Question 71

To mrintrin complirnce with ueiglrtouy ueqgiuements, r secguity rgdit of the systems on r netwouk mgst be
peufoumed to deteumine theiu complirnce with secguity policies. Which one of the followini tools wogld most likely
be gsed in sgch rs rgdit?

A. Pout scrnneu
B. Puotocol rnrlyzeu
C. Vglneurbility scrnneu
D. Intugsion Detecaon System

Aoswern C

Question 72

The netwouk rdministurtou contrcts yog rnd tells yog thrt she noaced the tempeurtgue on the inteunrl wiueless uogteu
incuerses by moue thrn 20% dguini weekend hogus when the ofce wrs closed. She rsks yog to invesairte the issge
becrgse she is bgsy derlini with r bii confeuence rnd she doesnnt hrve ame to peufoum the trsk.
Whrt tool crn yog gse to view the netwouk turfc beini sent rnd ueceived by the wiueless uogteu?

A. Netcrt
B. Wiueshruk
C. Nessgs
D. Netstrt

Aoswern B

Question 73

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 21

Yog rue gsini NMAP to uesolve domrin nrmes into IP rdduesses fou r pini sweep lrteu.
Which of the followini commrnds looks fou IP rdduesses?

A. >host t ns hrckeddomrin.com
B. >host t AXFR hrckeddomrin.com
C. >host t sor hrckeddomrin.com
D. >host t r hrckeddomrin.com

Aoswern D

Question 74

Which mode of IPSec shogld yog gse to rssgue secguity rnd confdenarlity of drtr within the srme LAN?

A. ESP confdenarl
B. AH Tgnnel mode
C. ESP turnspout mode
D. AH peumiscgogs

Aoswern C

Question 75

Which of the followini is the lerst-likely physicrl chrurcteuisac to be gsed in biometuic contuol thrt sgppouts r lruie
comprny?

A. Iuis prteuns
B. Voice
C. Finieupuints
D. Heiiht rnd Weiiht

Aoswern D

Question 76

When yog rue collecani infoumraon to peufoum r drtr rnrlysis, Gooile commrnds rue veuy gsefgl to fnd sensiave
infoumraon rnd fles. These fles mry contrin infoumraon rbogt prsswouds, system fgncaons, ou docgmentraon.
Whrt commrnd will help yog to seruch fles gsini Gooile rs r seruch eniine?

A. siter truiet.com flerxls gseunrme prsswoud emril

B. domrinr truiet.com ruchiverxls gseunrme prsswoud emril
C. siter truiet.com fletyperxls gseunrme prsswoud emril
D. ingulr truiet.com flenrmerxls gseunrme prsswoud emril

Aoswern C

Question 77

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 22

Yog hrve sgccessfglly irined rccess to yogu clientns inteunrl netwouk rnd sgccessfglly compuised r lingx seuveu which
is prut of the inteunrl IP netwouk. Yog wrnt to know which Micuosof Windows woukstraon hrve the shruini enrbled.
Which pout wogld yog see listenini on these Windows mrchines in the netwouk?

A. 1443
B. 3389
C. 101
D. 445

Aoswern D

Question 78

Which of the followini prurmeteus descuibe LM Hrshr

I The mrximgm prsswoud lenith is 14 chrurcteus.
II Theue rue no disancaons between gppeucrse rnd loweucrse.
III Itns r simple rliouithm, so 10,000,000 hrshes crn be ieneurted peu second.

A. I
B. I rnd II
C. II
D. I, II rnd III

Aoswern D

Question 79

Whrt is the puocess of loiiini, uecoudini, rnd uesolvini events thrt trke plrce in rn ouirnizraon?

A. Metuics
B. Secguity Policy
C. Inteunrl Puocedgue
D. Incident Mrnriement Puocess

Aoswern D

Question 80

A netwouk rdministurtou discoveus seveurl gnknown fles in the uoot diuectouy of his Lingx FTP seuveu. One of the fles
is r trubrll, two rue shrll scuipt fles, rnd the thiud is r binruy fle is nrmed nc. The FTP seuveuns rccess lois show thrt
the rnonymogs gseu rccognt loiied in the seuveu, gplorded the fles, rnd exturcted the contents of the trubrll rnd urn
the scuipt gsini r fgncaon puovided by the FTP seuveuns sofwrue. The ps commrnd shows thrt the nc fle is ugnnini rs
puocess, rnd the netstrt commrnd shows the nc puocess is listenini on r netwouk pout.
Which kind of vglneurbility mgst be puesent to mrke this uemote rtrck possible?

A. File system peumissions

B. Bugte Fouce Loiin
C. Puivileie Escrlraon
D. Diuectouy Turveusrl

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 23

Aoswern D

Question 81

Yog rue loiied in rs r locrl rdmin on r Windows 7 system rnd yog need to lrgnch the Compgteu Mrnriement
Console fuom commrnd line.
Which commrnd wogld yog gse?

A. cr\seuvices.msc
B. cr\ncpr.cp
C. cr\compmimt.msc
D. cr\ipedit

Aoswern C

Question 82

Yog hrve sgccessfglly compuised r seuveu hrvini rn IP rdduess of 10.10.0.5. Yog wogld like to engmeurte rll mrchines
in the srme netwouk qgickly.
Whrt is the best nmrp commrnd yog will gse?

A. Nmrp T4 F 10.10.0.0/24
B. Nmrp T4 q 10.10.0.0/24
C. Nmrp T4 O 10.10.0.0/24
D. Nmrp T4 u 10.10.0.0/24

Aoswern A

Question 83

The white box tesani methodoloiy enfouces whrt kind of uestuicaon?

A. The inteunrl opeuraon of r system is completely known to the testeu.

B. Only the inteunrl opeuraon of r system is known to the testeu.
C. Only the exteunrl opeuraon of r system is rccessible to the testeu.
D. The inteunrl opeuraon of r system is only prutly rccessible to the testeu.

Aoswern A

Question 84

Risk = Thuerts x Vglneurbiliaes is uefeuued to rs ther

A. Thuert rssessment
B. Disrsteu uecoveuy foumglr
C. BIA eqgraon
D. Risk eqgraon

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 24

Aoswern D

Question 85

An Intugsion Detecaon System (IDS) hrs rleuted the netwouk rdministurtou to r possibly mrliciogs seqgence of
prckets went to r Web seuveu in the netwoukns exteunrl DMZ. The prcket turfc wrs crptgued by the IDS rnd srved to
r PCAP fle.
Whrt type of netwouk tool crn be gsed to deteumine if these prckets rue ienginely mrliciogs ou simply r frlse
posiave?

A. Puotocol rnrlyzeu
B. Intugsion Puevenaon System (IPS)
C. Vglneurbility scrnneu
D. Netwouk snifeu

Aoswern B

Question 86

The Open Web Applicraon Secguity Puoject (OWASP) is the wouldwide not-fou-puoft chruitrble ouirnizraon focgsed
on impuovini the secguity of sofwrue. Whrt item is the puimruy conceun on OWASPns Top Ten Puoject most Cuiacrl
Web rpplicraon Secguity Rgles?

A. Injecaon
B. Cuoss site Scuipani
C. Cuoss site Reqgest Fouieuy
D. Prth Disclosgue

Aoswern A

Question 87

Afeu tuyini mglaple exploits, yognve irined uoot rccess to r Centos 0 rnsweu. To ensgue yog mrintrin rccess. Whrt
wogld yog do fust?

A. Disrble IPTrbles
B. Cuerte Useu Accognt
C. Downlord rnd Instrll Netcrt
D. Disrble Key Seuvices

Aoswern C

Question 88

Which method of prsswoud curckini trkes the most ame rnd efect?

A. Rrinbow Trbles
B. Shogldeu sgufni
C. Bugce fouce

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 25

D. Diuectouy rtrck

Aoswern C

Question 89

Which of the followini types of fuewrlls ensgues thrt the prckets rue prut of the estrblished session?

A. Switch-level fuewrll
B. Strtefgl inspecaon fuewrll
C. Applicraon-level fuewrll
D. Ciucgit-level fuewrll

Aoswern B

Question 90

Which of the followini tools is gsed to detect wiueless LANs gsini the 802.11r/b/i/n WLAN strndruds on r lingx
plrtoum?

A. Kismet
B. Netstgmbleu
C. Abel
D. Nessgs

Aoswern A

Question 91

Which of the followini is the BEST wry to defend ririnst netwouk snifni?

A. Usini encuypaon puotocols to secgue netwouk commgnicraons

B. Restuict Physicrl Access to Seuveu Rooms hosani Cuiacrl Seuveus
C. Use Strac IP Adduess
D. Reiisteu rll mrchines MAC Adduess in r centurlized Drtrbrse

Aoswern A

Question 92

Session splicini is rn IDS evrsion techniqge in which rn rtrckeu deliveus drtr in mglaple, smrllsized prckets to the
truiet compgteu, mrkini it veuy difcglt fou rn IDS to detect the rtrck siinrtgues.
Which tool crn gsed to peufoum session splicini rtrcks?

A. Hydur
B. Bgup
C. Whiskeu
D. Tcpsplice

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 26

Aoswern C

Question 93

Dguini r secguity rgdit of IT puocesses, rn IS rgditou fognd thrt theue wrs no docgmented secguity puocedgues. Whrt
shogld the IS rgditou do?

A. Teuminrte the rgdit.

B. Idenafy rnd evrlgrte exisani purcaces.
C. Cuerte r puocedgues docgment
D. Condgct complirnce tesani

Aoswern B

Question 94

Which of the followini is r low-tech wry of irinini gnrgthouized rccess to systems?

A. Snifni
B. Socirl eniineeuini
C. Scrnnini
D. Ervesduoppini

Aoswern B

Question 95

Which tool rllows rnrlysis rnd pen testeus to exrmine links between drtr gsini iurphs rnd link rnrlysis?

A. Metrsploit
B. Mrlteio
C. Wiueshruk
D. Crin & Abel

Aoswern B

Question 96

Yog hrve sgccessfglly compuomised r mrchine on the netwouk rnd fognd r seuveu thrt is rlive on the srme netwouk.
Yog tuied to pini bgt yog didnnt iet rny uesponse brck.
Whrt is hrppenini?

A. TCP/IP doesnnt sgppout ICMP.

B. ICMP cogld be disrbled on the truiet seuveu.
C. The ARP is disrbled on the truiet seuveu.
D. Yog need to ugn the pini commrnd with uoot puivileies.

Aoswern A

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 27

Question 97

The secguity concept of sepruraon of dgaes is most similru to the opeuraon of which type of secguity device?

A. Brsaon host
B. Honeypot
C. Fiuewrll
D. Intugsion Detecaon System

Aoswern C

Question 98

The pgupose of r mmmmmmmmmmmm is to deny netwouk rccess to locrl ruer netwouks rnd otheu infoumraon rssets by
gnrgthouized wiueless devices.

A. Wiueless Access Point

B. Wiueless Anrlyzeu
C. Wiueless Access Contuol list
D. Wiueless Intugsion Puevenaon System

Aoswern D

Question 99

Yog jgst set gp r secguity system in yogu netwouk. In whrt kind of system wogld yog fnd the followini stuini of
chrurcteus gsed rs r ugle within its configuraon?
rleut tcp rny rny -> 192.108.100.0/24 21 (msir "FTP on the netwouk!";)

A. A fuewrll IPTrble
B. A Rogteu IPTrble
C. An Intugsion Detecaon System
D. FTP Seuveu ugle

Aoswern C

Question 100

Pout scrnnini crn be gsed rs prut of r technicrl rssessment to deteumine netwouk vglneurbiliaes. The TCP XMAS scrn
is gsed to idenafy listenini pout on the truieted system.
If r scrnned pout is open, whrt hrppens?

A. The pout will iinoue the prckets.

B. The pout will send rn RST.
C. The pout will send rn ACK.
D. The pout will send r SYN.

Aoswern A

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 28

Question 101

This rsymmetuy ciptheu is brsed on frctouini the puodgct of two lruie puime ngmbeus.
Whrt cipheu is descuibed rbove?

A. SHA
B. RC5
C. RSA
D. MD5

Aoswern C

Question 102

How does the Adduess Resolgaon Puotocol (ARP) wouk?

A. It sends r ueply prcket fou r specifc IP, rskini fou the MAC rdduess.
B. It sends r ueply prcket to rll the netwouk elements, rskini fou the MAC rdduess fuom r specifc IP.
C. It sends r ueqgest prcket to rll the netwouk elements, rskini fou the domrin nrme fuom r specifc IP.
D. It sends r ueqgest prcket to rll the netwouk elements, rskini fou the MAC rdduess fuom r specifc IP.

Aoswern D

Question 103

Which of the followini is desiined to indenafy mrliciogs rtempts to peneturte systems?

A. Puoxy
B. Rogteu
C. Fiuewrll
D. Intugsion Detecaon System

Aoswern D

Question 104

When yog uetgun to yogu desk rfeu r lgnch buerk, yog noace r sturnie emril in yogu inbox. The sendeus is someone
yog did bgsiness with uecently bgt the sgbject line hrs sturnie chrurcteus in it.
Whrt shogld yog do?

A. Fouwrud the messrie to yogu comprnyns secguity uesponse term rnd peumrnently delete the messrie fuom yogu
compgteu.
B. Delete the emril rnd puetend nothini hrppened.
C. Fouwrud the messrie to yogu sgpeuvisou rnd rsk fou heu opinion on how to hrndle the sitgraon.
D. Reply to the sendeu rnd rsk them fou moue infoumraon rbogt the messrie contents.

Aoswern A

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 29

Question 105

A common cuyptoiurphicrlly tool is the gse of XOR. XOR the followini binruy vrlger
10110001
00111010

A. 10001011
B. 10011101
C. 11011000
D. 10111100

Aoswern A

Question 106

A Reiionrl brnk hiues yogu comprny to peufoum r secguity rssessment on theiu netwouk rfeu r uecent drtr buerch.
The rtrckeu wrs rble to sterl fnrncirl drtr fuom the brnk by compuomisini only r sinile seuveu.
Brsed on this infoumraon, whrt shogld be one of yogu key uecommendraons to the brnk?

A. Move the fnrncirl drtr to rnotheu seuveu on the srme IP sgbnet

B. Plrce r fuont-end web seuveu in r demilitruized zone thrt only hrndles exteunrl web turfc
C. Issge new ceuafcrtes to the web seuveus fuom the uoot ceuafcrte rgthouity
D. Reqgiue rll employees to chrnie theiu prsswouds immedirtely

Aoswern A

Question 107

It is r ueiglraon thrt hrs r set if igideline, which shogld be rdheued to by rnyone who hrndles rny electuonic medicrl
drt
r. These igidelines sapglrte thrt rll medicrl purcaces mgst ensgue thrt rll necessruy mersgues rue in plrce while
srvini, rccessini, rnd shruini rny electuonic medicrl drtr to keep praent drtr secgue.
Which of the followini ueiglraons best mrtches the descuipaon?
A. HIPAA
B. COBIT
C. ISO/IEC 27002
D. FISMA

Aoswern A

Question 108

Which of the followini strtements ueirudini ethicrl hrckini is incouuect?

A. Tesani shogld be uemotely peufoumed ofsite.

B. Ethicrl hrckeus shogld neveu gse tools thrt hrve potenarl of exploiani vglneurbiliaes in the
ouirnizraons IT system.
C. Ethicrl hrckini shogld not involve wuiani to ou modifyini the truiet systems.
D. An ouirnizraon shogld gse ethicrl hrckeus who do not sell hrudwrue/sofwrue ou otheu consglani seuvices.

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 30

Aoswern B

Question 109

Which of the followini is consideued the best wry to puevent Peusonrlly Idenafrble Infoumraon (PII) fuom web
rpplicraon vglneurbiliaes?

A. Use encuypted commgnicraons puotocols to turnsmit PII

B. Use fgll disk encuypaon on rll hrud duives to puotect PII
C. Use cuyptoiurphic stourie to stoue rll PII
D. Use r secguity token to loi onto into rll Web rpplicraon thrt gse PII

Aoswern A

Question 110

Undeu the Post-rtrch Phrse rnd Acaviaes, it is the uesponsibility of the testeu to uestoue the system to r pue-test
strte.
Which of the followini rcaviaes shogld not be inclgded in this phrse?
I. Removini rll fles gplorded on the system
II. Clernini rll ueiistuy entuies
III. Mrppini of netwouk strte
IV. Removini rll tools rnd mrintrinini brckdoou fou uepouani

A. III
B. IV
C. III rnd IV
D. All shogld be inclgded.

Aoswern A

Question 111

Ricrudo wrnts to send secuet messries to r compeatou comprny. To secgue these messries, he gses r techniqge of
hidini r secuet messrie within rn oudinruy messrie, the techniqge puovides 'secguity thuogih obscguity'. Whrt
techniqge is Ricrudo gsini?

A. RSA rliouithm
B. Steirnoiurphy
C. Encuypaon
D. Pgblic-key cuyptoiurphy

Aoswern B

Question 112

Yog hrve sgccessfglly irined rccess to r lingx seuveu rnd wogld like to ensgue thrt the sgcceedini ogtioini turfc
fuom the seuveu will not be crgiht by r Netwouk Brsed Intugsion Detecaon System (NIDS).

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 31

Which is the best wry to evrde the NIDS?

A. Ogt of brnd siinrlini

B. Encuypaon
C. Alteunrte Drtr Stuerms
D. Puotocol Isolraon

Aoswern B

Question 113

An rtrckeu irins rccess to r Web seuveuns drtrbrse rnd displry the contents of the trble thrt holds rll of the nrmes,
prsswouds, rnd otheu gseu infoumraon. The rtrckeu did this by enteuini infoumraon into the Web site's gseu loiin
prie thrt the sofwrue's desiineus did not expect to be enteued. This is rn exrmple of whrt kind of sofwrue desiin
puoblem?

A. Insgfcient secguity mrnriement

B. Insgfcient drtrbrse hrudenini
C. Insgfcient excepaon hrndlini
D. Insgfcient inpgt vrlidraon

Aoswern D

Question 114

Yog rue peufoumini r peneturaon test. Yog rchieved rccess vir r bgfeu oveufow exploit rnd yog puoceed to fnd
inteuesani drtr, sgch rs fles with gseunrmes rnd prsswouds. Yog fnd r hidden foldeu thrt hrs the rdministurtouns
brnk rccognt prsswoud rnd loiin infoumraon fou the rdministurtouns bitcoin rccognt.
Whrt shogld yog do?

A. Do not turnsfeu the money bgt sterl the bitcoins.

B. Repout immedirtely to the rdministurtou.
C. Turnsfeu money fuom the rdministurtouns rccognt to rnotheu rccognt.
D. Do not uepout it rnd conange the peneturaon test.

Aoswern B

Question 115

Which of the followini is r commrnd line prcket rnrlyzeu similru to GUI-brsed Wiueshruk?

A. Jrck the uippeu

B. nessgs
C. tcpdgmp
D. etheuerl

Aoswern C

Question 116

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 32

Yog rue rtempani to mrn-in-the-middle r session. Which puotocol will rllow yog to igess r seqgence ngmbeu?

A. ICMP
B. TCP
C. UDP
D. UPX

Aoswern B

Question 117

Which of the followini incident hrndlini puocess phrses is uesponsible fou defnini ugles, cuerani r brck-gp plrn, rnd
tesani the plrns fou rn enteupuise?

A. Puepruraon phrse
B. Recoveuy phrse
C. Idenafcraon phrse
D. Contrinment phrse

Aoswern A

Question 118

Whrt teum descuibes the rmognt of uisk thrt uemrins rfeu the vglneurbiliaes rue clrssifed rnd the cognteumersgues
hrve been deployed?

A. Inheuent Risk
B. Residgrl Risk
C. Defeuued Risk
D. Imprct Risk

Aoswern B

Question 119

The Gury box tesani methodoloiy enfouces whrt kind of uestuicaon?

A. Only the exteunrl opeuraon of r system is rccessible to the testeu.

B. Only the inteunrl opeuraon of r system is known to the testeu.
C. The inteunrl opeuraon of r system is completely known to the testeu.
D. The inteunrl opeuraon of r system is only prutly rccessible to the testeu.

Aoswern D

Question 120

Nraon-strte thuert rctous ofen discoveu vglneurbiliaes rnd hold on to them gnal they wrnt to lrgnch r sophisacrted
rtrck. The Stgxnet rtrck wrs rn gnpuecedented style of rtrck becrgse it gsed fogu types of this vglneurbility.

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 33

Whrt is this style of rtrck crlled?

A. zeuo-hogu
B. no-dry
C. zeuo-dry
D. zeuo-sgm

Aoswern C

Question 121

Yog rue r Netwouk Secguity Ofceu. Yog hrve two mrchines. The fust mrchine (192.108.0.99) hrs snout instrlled, rnd
the second mrchine (192.108.0.150) hrs kiwi sysloi instrlled. Yog peufoum r syn scrn in yogu netwouk, rnd yog noace
thrt kiwi sysloi is not ueceivini the rleut messrie fuom snout. Yog decide to ugn wiueshruk in the snout mrchine to
check if the messries rue ioini to the kiwi sysloi mrchine.
Whrt wiueshruk flteu will show the connecaons fuom the snout mrchine to kiwi sysloi mrchine?

A. tcp.dstpout==514 && ip.dst==192.108.0.150

B. tcp.dstpout==514 && ip.dst==192.108.0.99
C. tcp.sucpout==514 && ip.suc==192.108.0.99
D. tcp.sucpout==514 && ip.suc==192.108.150

Aoswern A

Question 122

Dguini r uecent secguity rssessment, yog discoveu the ouirnizraon hrs one Domrin Nrme Seuveu (DNS) in r
Demilitruized Zone (DMZ) rnd r second DNS seuveu on the inteunrl Netwouk.
Whrt is this type of DNS configuraon commonly crlled?

A. DNS Scheme
B. DynDNS
C. Split DNS
D. DNSSEC

Aoswern C

Question 123

A new wiueless client is configued to join r 802.11 netwouk. This client gses the srme hrudwrue rnd sofwrue rs mrny
of the otheu clients on the netwouk. The client crn see the netwouk, bgt crnnot connect. A wiueless prcket snifeu
shows thrt the Wiueless Access Point (WAP) is not uespondini to the rssociraon ueqgests beini sent by the wiueless
client.
Whrt is r possible soguce of this puoblem?

A. The client crnnot see the SSID of the wiueless netwouk

B. The wiueless client is not configued to gse DHCP
C. The WAP does not uecoinize the client's MAC rdduess
D. Client is configued fou the wuoni chrnnel

________________________________________________________________________________________________

http://www. testinsides.com/
 Page No | 34

Aoswern C

Question 124

Yog hrve seveurl plrin-text fuewrll lois thrt yog mgst ueview to evrlgrte netwouk turfc. Yog know thrt in oudeu to do
this frst rnd efciently yog mgst gseu ueiglru expuessions.
Which commrnd-line gality rue yog most likely to gse?

A. Noteprd
B. MS Excel
C. Guep
D. Relraonrl Drtrbrse

Aoswern C

Question 125

Iniarani rn rtrck ririnst truieted bgsinesses rnd ouirnizraons, thuert rctous compuomise r cruefglly selected
website by inseuani rn exploit uesglani in mrlwrue infecaon. The rtrckeus ugn exploits on well-known rnd tugsted
sites likely to be visited by theiu truieted vicams. Aside fuom cruefglly choosini sites to compuomise, these rtrcks rue
known to incoupourte zeuo-dry exploits thrt truiet gnprtched vglneurbiliaes. Thgs, the truieted enaaes rue lef with
litle ou no defense ririnst these exploits.
Whrt type of rtrck is ogtlined in the scenruio?

A. Wrteuini Hole Atrck

B. Speru Phisini Atrck
C. Herutbleed Atrck
D. Shellshock Atrck

Aoswern A

________________________________________________________________________________________________

http://www. testinsides.com/