Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

312-50v11 Questions and Answers

Question # 6

You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.

What is the best Nmap command you will use? A. nmap -T4 -q 10.10.0.0/24

B. nmap -T4 -F 10.10.0.0/24 C. nmap -T4 -r 10.10.1.0/24 D. nmap -T4 -O 10.10.0.0/24

Full Access
Question # 7

Jude, a pen tester, examined a network from a hacker's perspective to identify exploits and vulnerabilities accessible to the outside world by using devices such as firewalls, routers, and servers. In this process, he also estimated the threat of network security attacks and determined the level of security of the corporate network.

What is the type of vulnerability assessment that Jude performed on the organization?

A.

External assessment

B.

Passive assessment

C.

Host-based assessment

D.

Application assessment

Full Access
Question # 8

The Payment Card Industry Data Security Standard (PCI DSS) contains six different categories of control objectives. Each objective contains one or more requirements, which must be followed in order to achieve compliance. Which of the following requirements would best fit under the objective, "Implement strong access control measures"?

A.

Regularly test security systems and processes.

B.

Encrypt transmission of cardholder data across open, public networks.

C.

Assign a unique ID to each person with computer access.

D.

Use and regularly update anti-virus software on all systems commonly affected by malware.

Full Access
Question # 9

You are using a public Wi-Fi network inside a coffee shop. Before surfing the web, you use your VPN to prevent intruders from sniffing your traffic. If you did not have a VPN, how would you identify whether someone is performing an ARP spoofing attack on your laptop?

A.

You should check your ARP table and see if there is one IP address with two different MAC addresses.

B.

You should scan the network using Nmap to check the MAC addresses of all the hosts and look for duplicates.

C.

You should use netstat to check for any suspicious connections with another IP address within the LAN.

D.

You cannot identify such an attack and must use a VPN to protect your traffic, r

Full Access
Question # 10

Cross-site request forgery involves:

A.

A request sent by a malicious user from a browser to a server

B.

Modification of a request by a proxy between client and server

C.

A browser making a request to a server without the user’s knowledge

D.

A server making a request to another server without the user’s knowledge

Full Access
Question # 11

George, an employee of an organization, is attempting to access restricted websites from an official computer. For this purpose, he used an anonymizer that masked his real IP address and ensured complete and continuous anonymity for all his online activities. Which of the following anonymizers helps George hide his activities?

Full Access
Question # 12

You just set up a security system in your network. In what kind of system would you find the following string of characters used as a rule within its configuration? alert tcp any any -> 192.168.100.0/24 21 (msg: ““FTP on the network!””;)

A.

A firewall IPTable

B.

FTP Server rule

C.

A Router IPTable

D.

An Intrusion Detection System

Full Access
Question # 13

Don, a student, came across a gaming app in a third-party app store and Installed it. Subsequently, all the legitimate apps in his smartphone were replaced by deceptive applications that appeared legitimate. He also received many advertisements on his smartphone after Installing the app. What is the attack performed on Don in the above scenario?

A.

SMS phishing attack

B.

SIM card attack

C.

Agent Smith attack

D.

Clickjacking

Full Access
Question # 14

A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other systems.

However, he is unable to capture any logons though he knows that other users are logging in.

What do you think is the most likely reason behind this?

A.

There is a NIDS present on that segment.

B.

Kerberos is preventing it.

C.

Windows logons cannot be sniffed.

D.

L0phtcrack only sniffs logons to web servers.

Full Access
Question # 15

This form of encryption algorithm is asymmetric key block cipher that is characterized by a 128-bit block size, and its key size can be up to 256 bits. Which among the following is this encryption algorithm?

A.

Twofish encryption algorithm

B.

HMAC encryption algorithm

C.

IDEA

D.

Blowfish encryption algorithm

Full Access
Question # 16

“........is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communications. It is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or mobile phone to a tainted hot-spot by posing as a legitimate provider. This type of attack may be used to steal the passwords of

unsuspecting users by either snooping the communication link or by phishing, which involves setting up a fraudulent web site and luring people there.”

Fill in the blank with appropriate choice.

A.

Evil Twin Attack

B.

Sinkhole Attack

C.

Collision Attack

D.

Signal Jamming Attack

Full Access
Question # 17

In Trojan terminology, what is a covert channel?

A.

A channel that transfers information within a computer system or network in a way that violates the security policy

B.

A legitimate communication path within a computer system or network for transfer of data

C.

It is a kernel operation that hides boot processes and services to mask detection

D.

It is Reverse tunneling technique that uses HTTPS protocol instead of HTTP protocol to establish connections

Full Access
Question # 18

Alex, a cloud security engineer working in Eyecloud Inc. is tasked with isolating applications from the underlying infrastructure and stimulating communication via well-defined channels. For this purpose, he used an open-source technology that helped him in developing, packaging, and running applications; further, the technology provides PaaS through OS-level visualization, delivers containerized software packages, and promotes fast software delivery. What is the cloud technology employed by Alex in the above scenario?

A.

Virtual machine

B.

Serverless computing

C.

Docker

D.

Zero trust network

Full Access
Question # 19

Wilson, a professional hacker, targets an organization for financial benefit and plans to compromise its systems by sending malicious emails. For this purpose, he uses a tool to track the emails of the target and extracts information such as sender identities, mall servers, sender IP addresses, and sender locations from different public sources. He also checks if an email address was leaked using the haveibeenpwned.com API. Which of the following tools is used by Wilson in the above scenario?

A.

Factiva

B.

Netcraft

C.

infoga

D.

Zoominfo

Full Access
Question # 20

Hackers often raise the trust level of a phishing message by modeling the email to look similar to the internal email used by the target company. This includes using logos, formatting, and names of the target company. The phishing message will often use the name of the company CEO, President, or Managers. The time a hacker spends performing research to locate this information about a company is known as?

A.

Exploration

B.

Investigation

C.

Reconnaissance

D.

Enumeration

Full Access
Question # 21

In both pharming and phishing attacks, an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims.

What is the difference between pharming and phishing attacks?

A.

In a pharming attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack, an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name

B.

In a phishing attack, a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack, an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name

C.

Both pharming and phishing attacks are purely technical and are not considered forms of social engineering

D.

Both pharming and phishing attacks are identical

Full Access
Question # 22

OpenSSL on Linux servers includes a command line tool for testing TLS. What is the name of the tool and the correct syntax to connect to a web server?

A.

openssl s_client -site www.website.com:443

B.

openssl_client -site www.website.com:443

C.

openssl s_client -connect www.website.com:443

D.

openssl_client -connect www.website.com:443

Full Access
Question # 23

You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity, what tool would you most likely select?

A.

Nmap

B.

Cain & Abel

C.

Nessus

D.

Snort

Full Access
Question # 24

From the following table, identify the wrong answer in terms of Range (ft).

Standard Range (ft)

802.11a 150-150

802.11b 150-150

802.11g 150-150

802.16 (WiMax) 30 miles

A.

802.16 (WiMax)

B.

802.11g

C.

802.11b

D.

802.11a

Full Access
Question # 25

A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?

A.

Perform a vulnerability scan of the system.

B.

Determine the impact of enabling the audit feature.

C.

Perform a cost/benefit analysis of the audit feature.

D.

Allocate funds for staffing of audit log review.

Full Access
Question # 26

You start performing a penetration test against a specific website and have decided to start from grabbing all the links from the main page.

What Is the best Linux pipe to achieve your milestone?

A.

dirb https://site.com | grep "site"

B.

curl -s https://sile.com | grep ‘’ < a href-\’http" | grep "Site-com- | cut -d "V" -f 2

C.

wget https://stte.com | grep "< a href=\*http" | grep "site.com"

D.

wgethttps://site.com | cut-d "http-

Full Access
Question # 27

User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?

A.

Application

B.

Transport

C.

Session

D.

Presentation

Full Access
Question # 28

Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drawn based on these scan results?

TCP port 21 no response

TCP port 22 no response

TCP port 23 Time-to-live exceeded

A.

The lack of response from ports 21 and 22 indicate that those services are not running on the destination server

B.

The scan on port 23 was able to make a connection to the destination host prompting the firewall to respond with a TTL error

C.

The scan on port 23 passed through the filtering device. This indicates that port 23 was not blocked at the firewall

D.

The firewall itself is blocking ports 21 through 23 and a service is listening on port 23 of the target host

Full Access
Question # 29

Which regulation defines security and privacy controls for Federal information systems and organizations?

A.

HIPAA

B.

EU Safe Harbor

C.

PCI-DSS

D.

NIST-800-53

Full Access
Question # 30

Study the following log extract and identify the attack.

A.

Hexcode Attack

B.

Cross Site Scripting

C.

Multiple Domain Traversal Attack

D.

Unicode Directory Traversal Attack

Full Access
Question # 31

A technician is resolving an issue where a computer is unable to connect to the Internet using a wireless access point. The computer is able to transfer files locally to other machines, but cannot successfully reach the Internet. When the technician examines the IP address and default gateway they are both on the 192.168.1.0/24. Which of the following has occurred?

A.

The computer is not using a private IP address.

B.

The gateway is not routing to a public IP address.

C.

The gateway and the computer are not on the same network.

D.

The computer is using an invalid IP address.

Full Access
Question # 32

What kind of detection techniques is being used in antivirus softwares that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it's made on the premiers environment-

A.

VCloud based

B.

Honypot based

C.

Behaviour based

D.

Heuristics based

Full Access
Question # 33

CyberTech Inc. recently experienced SQL injection attacks on its official website. The company appointed Bob, a security professional, to build and incorporate defensive strategies against such attacks. Bob adopted a practice whereby only a list of entities such as the data type, range, size, and value, which have been approved for secured access, is accepted. What is the defensive technique employed by Bob in the above scenario?

A.

Output encoding

B.

Enforce least privileges

C.

Whitelist validation

D.

Blacklist validation

Full Access
Question # 34

Louis, a professional hacker, had used specialized tools or search engines to encrypt all his browsing activity and navigate anonymously to obtain sensitive/hidden information about official government or federal databases. After gathering the Information, he successfully performed an attack on the target government organization without being traced. Which of the following techniques is described in the above scenario?

A.

Dark web footprinting

B.

VoIP footpnnting

C.

VPN footprinting

D.

website footprinting

Full Access
Question # 35

Robin, an attacker, is attempting to bypass the firewalls of an organization through the DNS tunneling method in order to exfiltrate data. He is using the NSTX tool for bypassing the firewalls. On which of the following ports should Robin run the NSTX tool?

A.

Port 53

B.

Port 23

C.

Port 50

D.

Port 80

Full Access
Question # 36

What is a NULL scan?

A.

A scan in which all flags are turned off

B.

A scan in which certain flags are off

C.

A scan in which all flags are on

D.

A scan in which the packet size is set to zero

E.

A scan with an illegal packet size

Full Access
Question # 37

Attacker Simon targeted the communication network of an organization and disabled the security controls of NetNTLMvl by modifying the values of LMCompatibilityLevel, NTLMMinClientSec, and RestrictSendingNTLMTraffic. He then extracted all the non-network logon tokens from all the active processes to masquerade as a legitimate user to launch further attacks. What is the type of attack performed by Simon?

A.

Internal monologue attack

B.

Combinator attack

C.

Rainbow table attack

D.

Dictionary attack

Full Access
Question # 38

Shellshock allowed an unauthorized user to gain access to a server. It affected many Internet-facing services, which OS did it not directly affect?

A.

Linux

B.

Unix

C.

OS X

D.

Windows

Full Access
Question # 39

What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?

A.

Man-in-the-middle attack

B.

Meet-in-the-middle attack

C.

Replay attack

D.

Traffic analysis attack

Full Access
Question # 40

Based on the below log, which of the following sentences are true?

Mar 1, 2016, 7:33:28 AM 10.240.250.23 - 54373 10.249.253.15 - 22 tcp_ip

A.

Application is FTP and 10.240.250.23 is the client and 10.249.253.15 is the server.

B.

Application is SSH and 10.240.250.23 is the server and 10.249.253.15 is the client.

C.

SSH communications are encrypted; it’s impossible to know who is the client or the server.

D.

Application is SSH and 10.240.250.23 is the client and 10.249.253.15 is the server.

Full Access
Question # 41

Jude, a pen tester working in Keiltech Ltd., performs sophisticated security testing on his company's network infrastructure to identify security loopholes. In this process, he started to circumvent the network protection tools and firewalls used in the company. He employed a technique that can create forged TCP sessions by carrying out multiple SYN, ACK, and RST or FIN packets. Further, this process allowed Jude to execute DDoS attacks that can exhaust the network resources. What is the attack technique used by Jude for finding loopholes in the above scenario?

A.

UDP flood attack

B.

Ping-of-death attack

C.

Spoofed session flood attack

D.

Peer-to-peer attack

Full Access
Question # 42

Morris, a professional hacker, performed a vulnerability scan on a target organization by sniffing the traffic on the network lo identify the active systems, network services, applications, and vulnerabilities. He also obtained the list of the users who are currently accessing the network. What is the type of vulnerability assessment that Morris performed on the target organization?

A.

internal assessment

B.

Passive assessment

C.

External assessment

D.

Credentialed assessment

Full Access
Question # 43

Take a look at the following attack on a Web Server using obstructed URL:

How would you protect from these attacks?

A.

Configure the Web Server to deny requests involving "hex encoded" characters

B.

Create rules in IDS to alert on strange Unicode requests

C.

Use SSL authentication on Web Servers

D.

Enable Active Scripts Detection at the firewall and routers

Full Access
Question # 44

Which DNS resource record can indicate how long any "DNS poisoning" could last?

A.

MX

B.

SOA

C.

NS

D.

TIMEOUT

Full Access
Question # 45

Matthew, a black hat, has managed to open a meterpreter session to one of the kiosk machines in Evil Corp’s lobby. He checks his current SID, which is S-1-5-21-1223352397-1872883824-861252104-501. What needs to happen before Matthew has full administrator access?

A.

He must perform privilege escalation.

B.

He needs to disable antivirus protection.

C.

He needs to gain physical access.

D.

He already has admin privileges, as shown by the “501” at the end of the SID.

Full Access
Question # 46

In the field of cryptanalysis, what is meant by a “rubber-hose" attack?

A.

Attempting to decrypt cipher text by making logical assumptions about the contents of the original plain text.

B.

Extraction of cryptographic secrets through coercion or torture.

C.

Forcing the targeted key stream through a hardware-accelerated device such as an ASIC.

D.

A backdoor placed into a cryptographic algorithm by its creator.

Full Access
Question # 47

John, a professional hacker, targeted CyberSol Inc., an MNC. He decided to discover the loT devices connected in the target network that are using default credentials and are vulnerable to various hijacking attacks. For this purpose, he used an automated tool to scan the target network for specific types of loT devices and detect whether they are using the default, factory-set credentials. What is the tool employed by John in the above scenario?

A.

loTSeeker

B.

loT Inspector

C.

AT&T loT Platform

D.

Azure loT Central

Full Access
Question # 48

Alice needs to send a confidential document to her coworker. Bryan. Their company has public key infrastructure set up. Therefore. Alice both encrypts the message and digitally signs it. Alice uses_______to encrypt the message, and Bryan uses__________to confirm the digital signature.

A.

Bryan’s public key; Bryan’s public key

B.

Alice’s public key; Alice’s public key

C.

Bryan’s private key; Alice’s public key

D.

Bryan’s public key; Alice’s public key

Full Access
Question # 49

You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?

A.

wireshark --fetch ''192.168.8*''

B.

wireshark --capture --local masked 192.168.8.0 ---range 24

C.

tshark -net 192.255.255.255 mask 192.168.8.0

D.

sudo tshark -f''net 192 .68.8.0/24''

Full Access
Question # 50

What is one of the advantages of using both symmetric and asymmetric cryptography in SSL/TLS?

A.

Symmetric algorithms such as AES provide a failsafe when asymmetric methods fail.

B.

Asymmetric cryptography is computationally expensive in comparison. However, it is well-suited to securely negotiate keys for use with symmetric cryptography.

C.

Symmetric encryption allows the server to securely transmit the session keys out-of-band.

D.

Supporting both types of algorithms allows less-powerful devices such as mobile phones to use symmetric encryption instead.

Full Access
Question # 51

As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security?

A.

Use the same machines for DNS and other applications

B.

Harden DNS servers

C.

Use split-horizon operation for DNS servers

D.

Restrict Zone transfers

E.

Have subnet diversity between DNS servers

Full Access
Question # 52

Daniel Is a professional hacker who Is attempting to perform an SQL injection attack on a target website. www.movlescope.com. During this process, he encountered an IDS that detects SQL Injection attempts based on predefined signatures. To evade any comparison statement, he attempted placing characters such as ‘ 'or '1'='1" In any bask injection statement such as "or 1=1." Identify the evasion technique used by Daniel in the above scenario.

A.

Null byte

B.

IP fragmentation

C.

Char encoding

D.

Variation

Full Access
Question # 53

Mary found a high vulnerability during a vulnerability scan and notified her server team. After analysis, they sent her proof that a fix to that issue had already been applied. The vulnerability that Marry found is called what?

A.

False-negative

B.

False-positive

C.

Brute force attack

D.

Backdoor

Full Access
Question # 54

Tony wants to integrate a 128-bit symmetric block cipher with key sizes of 128,192, or 256 bits into a software program, which involves 32 rounds of computational operations that include substitution and permutation operations on four 32-bit word blocks using 8-variable S-boxes with 4-bit entry and 4-bit exit. Which of the following algorithms includes all the above features and can be integrated by Tony into the software program?

A.

TEA

B.

CAST-128

C.

RC5

D.

serpent

Full Access
Question # 55

During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network.

What is this type of DNS configuration commonly called?

A.

DynDNS

B.

DNS Scheme

C.

DNSSEC

D.

Split DNS

Full Access
Question # 56

Which system consists of a publicly available set of databases that contain domain name registration contact information?

A.

WHOIS

B.

CAPTCHA

C.

IANA

D.

IETF

Full Access
Question # 57

Which tool can be used to silently copy files from USB devices?

A.

USB Grabber

B.

USB Snoopy

C.

USB Sniffer

D.

Use Dumper

Full Access
Question # 58

You are a Network Security Officer. You have two machines. The first machine (192.168.0.99) has snort installed, and the second machine (192.168.0.150) has kiwi syslog installed. You perform a syn scan in your network, and you notice that kiwi syslog is not receiving the alert message from snort. You decide to run wireshark in the snort machine to check if the messages are going to the kiwi syslog machine. What Wireshark filter will show the connections from the snort machine to kiwi syslog machine?

A.

tcp.srcport= = 514 && ip.src= = 192.168.0.99

B.

tcp.srcport= = 514 && ip.src= = 192.168.150

C.

tcp.dstport= = 514 && ip.dst= = 192.168.0.99

D.

tcp.dstport= = 514 && ip.dst= = 192.168.0.150

Full Access
Question # 59

Gilbert, a web developer, uses a centralized web API to reduce complexity and increase the Integrity of updating and changing data. For this purpose, he uses a web service that uses HTTP methods such as PUT. POST. GET. and DELETE and can improve the overall performance, visibility, scalability, reliability, and portability of an application. What is the type of web-service API mentioned in the above scenario?

A.

JSON-RPC

B.

SOAP API

C.

RESTful API

D.

REST API

Full Access
Question # 60

Which of the following provides a security professional with most information about the system’s security posture?

A.

Phishing, spamming, sending trojans

B.

Social engineering, company site browsing tailgating

C.

Wardriving, warchalking, social engineering

D.

Port scanning, banner grabbing service identification

Full Access
Question # 61

which of the following protocols can be used to secure an LDAP service against anonymous queries?

A.

SSO

B.

RADIUS

C.

WPA

D.

NTLM

Full Access
Question # 62

You are trying to break into a highly classified top-secret mainframe computer with highest security system in place at Merclyn Barley Bank located in Los Angeles.

You know that conventional hacking doesn't work in this case, because organizations such as banks are generally tight and secure when it comes to protecting their systems.

In other words, you are trying to penetrate an otherwise impenetrable system.

How would you proceed?

A.

Look for "zero-day" exploits at various underground hacker websites in Russia and China and buy the necessary exploits from these hackers and target the bank's network

B.

Try to hang around the local pubs or restaurants near the bank, get talking to a poorly-paid or disgruntled employee, and offer them money if they'll abuse their access privileges by providing you with sensitive information

C.

Launch DDOS attacks against Merclyn Barley Bank's routers and firewall systems using 100, 000 or more "zombies" and "bots"

D.

Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic going to the Merclyn Barley Bank's Webserver to that of your machine using DNS Cache Poisoning techniques

Full Access
Question # 63

Bella, a security professional working at an it firm, finds that a security breach has occurred while transferring important files. Sensitive data, employee usernames. and passwords are shared In plaintext, paving the way for hackers 10 perform successful session hijacking. To address this situation. Bella Implemented a protocol that sends data using encryption and digital certificates. Which of the following protocols Is used by Bella?

A.

FTP

B.

HTTPS

C.

FTPS

D.

IP

Full Access
Question # 64

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session 10 to the target employee. The session ID links the target employee to Boneys account page without disclosing any information to the victim. When the target employee clicks on the link, all the sensitive payment details entered in a form are linked to Boneys account. What is the attack performed by Boney in the above scenario?

A.

Session donation attack

B.

Session fixation attack

C.

Forbidden attack

D.

CRIME attack

Full Access
Question # 65

What piece of hardware on a computer's motherboard generates encryption keys and only releases a part of the key so that decrypting a disk on a new piece of hardware is not possible?

A.

CPU

B.

GPU

C.

UEFI

D.

TPM

Full Access
Question # 66

What did the following commands determine?

A.

That the Joe account has a SID of 500

B.

These commands demonstrate that the guest account has NOT been disabled

C.

These commands demonstrate that the guest account has been disabled

D.

That the true administrator is Joe

E.

Issued alone, these commands prove nothing

Full Access
Question # 67

Which of the following is a low-tech way of gaining unauthorized access to systems?

A.

Social Engineering

B.

Eavesdropping

C.

Scanning

D.

Sniffing

Full Access
Question # 68

Ron, a security professional, was pen testing web applications and SaaS platforms used by his company. While testing, he found a vulnerability that allows hackers to gain unauthorized access to API objects and perform actions such as view, update, and delete sensitive data of the company. What is the API vulnerability revealed in the above scenario?

A.

Code injections

B.

Improper use of CORS

C.

No ABAC validation

D.

Business logic flaws

Full Access
Question # 69

While browsing his Facebook teed, Matt sees a picture one of his friends posted with the caption. "Learn more about your friends!", as well as a number of personal questions. Matt is suspicious and texts his friend, who confirms that he did indeed post it. With assurance that the post is legitimate. Matt responds to the questions on the post, a few days later. Mates bank account has been accessed, and the password has been changed. What most likely happened?

A.

Matt inadvertently provided the answers to his security questions when responding to the post.

B.

Matt's bank-account login information was brute forced.

C.

Matt Inadvertently provided his password when responding to the post.

D.

Matt's computer was infected with a keylogger.

Full Access
Question # 70

The change of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate the SLE, ARO, and ALE. Assume the EF = 1(100%). What is the closest approximate cost of this replacement and recovery operation per year?

A.

$1320

B.

$440

C.

$100

D.

$146

Full Access
Question # 71

In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account's confidential files and information. How can he achieve this?

A.

Privilege Escalation

B.

Shoulder-Surfing

C.

Hacking Active Directory

D.

Port Scanning

Full Access
Question # 72

You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?

A.

All three servers need to be placed internally

B.

A web server facing the Internet, an application server on the internal network, a database server on the internal network

C.

A web server and the database server facing the Internet, an application server on the internal network

D.

All three servers need to face the Internet so that they can communicate between themselves

Full Access
Question # 73

One of your team members has asked you to analyze the following SOA record. What is the version?

Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.) (Choose four.)

A.

200303028

B.

3600

C.

604800

D.

2400

E.

60

F.

4800

Full Access
Question # 74

A friend of yours tells you that he downloaded and executed a file that was sent to him by a coworker. Since the file did nothing when executed, he asks you for help because he suspects that he may have installed a trojan on his computer.

what tests would you perform to determine whether his computer Is Infected?

A.

Use ExifTool and check for malicious content.

B.

You do not check; rather, you immediately restore a previous snapshot of the operating system.

C.

Upload the file to VirusTotal.

D.

Use netstat and check for outgoing connections to strange IP addresses or domains.

Full Access
Question # 75

in an attempt to increase the security of your network, you Implement a solution that will help keep your wireless network undiscoverable and accessible only to those that know It. How do you accomplish this?

A.

Delete the wireless network

B.

Remove all passwords

C.

Lock all users

D.

Disable SSID broadcasting

Full Access
Question # 76

Suppose your company has just passed a security risk assessment exercise. The results display that the risk of the breach in the main company application is 50%. Security staff has taken some measures and

implemented the necessary controls. After that, another security risk assessment was performed showing that risk has decreased to 10%. The risk threshold for the application is 20%. Which of the following risk decisions will be the best for the project in terms of its successful continuation with the most business profit?

A.

Accept the risk

B.

Introduce more controls to bring risk to 0%

C.

Mitigate the risk

D.

Avoid the risk

Full Access
Question # 77

Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. You are requested to accept the offer and you oblige. After 2 days. Bob denies that he had ever sent a mail. What do you want to ""know"" to prove yourself that it was Bob who had send a mail?

A.

Authentication

B.

Confidentiality

C.

Integrity

D.

Non-Repudiation

Full Access
Question # 78

A post-breach forensic investigation revealed that a known vulnerability in Apache Struts was to blame for the Equifax data breach that affected 143 million customers. A fix was available from the software vendor for several months prior 10 the Intrusion. This Is likely a failure in which of the following security processes?

A.

vendor risk management

B.

Security awareness training

C.

Secure deployment lifecycle

D.

Patch management

Full Access
Question # 79

Stella, a professional hacker, performs an attack on web services by exploiting a vulnerability that provides additional routing information in the SOAP header to support asynchronous communication. This further allows the transmission of web-service requests and response messages using different TCP connections. Which of the following attack techniques is used by Stella to compromise the web services?

A.

XML injection

B.

WS-Address spoofing

C.

SOAPAction spoofing

D.

Web services parsing attacks

Full Access