Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: dpt65

312-50v11 Questions and Answers

Question # 6

Garry is a network administrator in an organization. He uses SNMP to manage networked devices from a remote location. To manage nodes in the network, he uses MIB. which contains formal descriptions of all network objects managed by SNMP. He accesses the contents of MIB by using a web browser either by entering the IP address and Lseries.mlb or by entering the DNS library name and Lseries.mlb. He is currently retrieving information from an MIB that contains object types for workstations and server services. Which of the following types of MIB is accessed by Garry in the above scenario?

A.

LNMIB2.MIB

B.

WINS.MIB

C.

DHCP.MIS

D.

MIB_II.MIB

Full Access
Question # 7

In the context of Windows Security, what is a 'null' user?

A.

A user that has no skills

B.

An account that has been suspended by the admin

C.

A pseudo account that has no username and password

D.

A pseudo account that was created for security administration purpose

Full Access
Question # 8

What is not a PCI compliance recommendation?

A.

Use a firewall between the public network and the payment card data.

B.

Use encryption to protect all transmission of card holder data over any public network.

C.

Rotate employees handling credit card transactions on a yearly basis to different departments.

D.

Limit access to card holder data to as few individuals as possible.

Full Access
Question # 9

Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?

A.

Take over the session

B.

Reverse sequence prediction

C.

Guess the sequence numbers

D.

Take one of the parties offline

Full Access
Question # 10

Jacob works as a system administrator in an organization. He wants to extract the source code of a mobile application and disassemble the application to analyze its design flaws. Using this technique, he wants to fix any bugs in the application, discover underlying vulnerabilities, and improve defense strategies against attacks.

What is the technique used by Jacob in the above scenario to improve the security of the mobile application?

A.

Reverse engineering

B.

App sandboxing

C.

Jailbreaking

D.

Social engineering

Full Access
Question # 11

John, a professional hacker, decided to use DNS to perform data exfiltration on a target network, in this process, he embedded malicious data into the DNS protocol packets that even DNSSEC cannot detect. Using this technique. John successfully injected malware to bypass a firewall and maintained communication with the victim machine and C&C server. What is the technique employed by John to bypass the firewall?

A.

DNS cache snooping

B.

DNSSEC zone walking

C.

DNS tunneling method

D.

DNS enumeration

Full Access
Question # 12

Calvin, a software developer, uses a feature that helps him auto-generate the content of a web page without manual involvement and is integrated with SSI directives. This leads to a vulnerability in the developed web application as this feature accepts remote user inputs and uses them on the page. Hackers can exploit this feature and pass malicious SSI directives as input values to perform malicious activities such as modifying and erasing server files. What is the type of injection attack Calvin's web application is susceptible to?

A.

Server-side template injection

B.

Server-side JS injection

C.

CRLF injection

D.

Server-side includes injection

Full Access
Question # 13

You are performing a penetration test for a client and have gained shell access to a Windows machine on the internal network. You intend to retrieve all DNS records for the internal domain, if the DNS server is at 192.168.10.2 and the domain name is abccorp.local, what command would you type at the nslookup prompt to attempt a zone transfer?

A.

list server=192.168.10.2 type=all

B.

is-d abccorp.local

C.

Iserver 192.168.10.2-t all

D.

List domain=Abccorp.local type=zone

Full Access
Question # 14

Password cracking programs reverse the hashing process to recover passwords. (True/False.)

A.

True

B.

False

Full Access
Question # 15

One of your team members has asked you to analyze the following SOA record.

What is the TTL? Rutgers.edu.SOA NS1.Rutgers.edu ipad.college.edu (200302028 3600 3600 604800 2400.)

A.

200303028

B.

3600

C.

604800

D.

2400

E.

60

F.

4800

Full Access
Question # 16

Scenario: Joe turns on his home computer to access personal online banking. When he enters the URL www.bank.com. the website is displayed, but it prompts him to re-enter his credentials as if he has never visited the site before. When he examines the website URL closer, he finds that the site is not secure and the web address appears different. What type of attack he is experiencing?.

A.

Dos attack

B.

DHCP spoofing

C.

ARP cache poisoning

D.

DNS hijacking

Full Access
Question # 17

Jack, a professional hacker, targets an organization and performs vulnerability scanning on the target web server to identify any possible weaknesses, vulnerabilities, and misconfigurations. In this process, Jack uses an automated tool that eases his work and performs vulnerability scanning to find hosts, services, and other vulnerabilities in the target server. Which of the following tools is used by Jack to perform vulnerability scanning?

A.

Infoga

B.

WebCopier Pro

C.

Netsparker

D.

NCollector Studio

Full Access
Question # 18

Which of the following allows attackers to draw a map or outline the target organization's network infrastructure to know about the actual environment that they are going to hack.

A.

Enumeration

B.

Vulnerability analysis

C.

Malware analysis

D.

Scanning networks

Full Access
Question # 19

A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm’s public facing web servers. The engineer decides to start by using netcat to port 80.

The engineer receives this output:

HTTP/1.1 200 OK

Server: Microsoft-IIS/6

Expires: Tue, 17 Jan 2011 01:41:33 GMT

Date: Mon, 16 Jan 2011 01:41:33 GMT

Content-Type: text/html

Accept-Ranges: bytes

Last Modified: Wed, 28 Dec 2010 15:32:21 GMT

ETag:“b0aac0542e25c31:89d”

Content-Length: 7369

Which of the following is an example of what the engineer performed?

A.

Banner grabbing

B.

SQL injection

C.

Whois database query

D.

Cross-site scripting

Full Access
Question # 20

Which of the following program infects the system boot sector and the executable files at the same time?

A.

Polymorphic virus

B.

Stealth virus

C.

Multipartite Virus

D.

Macro virus

Full Access
Question # 21

An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of the logged events do not match up.

What is the most likely cause?

A.

The network devices are not all synchronized.

B.

Proper chain of custody was not observed while collecting the logs.

C.

The attacker altered or erased events from the logs.

D.

The security breach was a false positive.

Full Access
Question # 22

Why would you consider sending an email to an address that you know does not exist within the company you are performing a Penetration Test for?

A.

To determine who is the holder of the root account

B.

To perform a DoS

C.

To create needless SPAM

D.

To illicit a response back that will reveal information about email servers and how they treat undeliverable mail

E.

To test for virus protection

Full Access
Question # 23

Which of the following is a command line packet analyzer similar to GUI-based Wireshark?

A.

nessus

B.

tcpdump

C.

ethereal

D.

jack the ripper

Full Access
Question # 24

An Internet Service Provider (ISP) has a need to authenticate users connecting via analog modems, Digital Subscriber Lines (DSL), wireless data services, and Virtual Private Networks (VPN) over a Frame Relay network.

Which AAA protocol is the most likely able to handle this requirement?

A.

TACACS+

B.

DIAMETER

C.

Kerberos

D.

RADIUS

Full Access
Question # 25

Given below are different steps involved in the vulnerability-management life cycle.

1) Remediation

2) Identify assets and create a baseline

3) Verification

4) Monitor

5) Vulnerability scan

6) Risk assessment

Identify the correct sequence of steps involved in vulnerability management.

A.

2-->5-->6-->1-->3-->4

B.

2-->1-->5-->6-->4-->3

C.

2-->4-->5-->3-->6--> 1

D.

1-->2-->3-->4-->5-->6

Full Access
Question # 26

During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network.

What is this type of DNS configuration commonly called?

A.

DynDNS

B.

DNS Scheme

C.

DNSSEC

D.

Split DNS

Full Access
Question # 27

What is a NULL scan?

A.

A scan in which all flags are turned off

B.

A scan in which certain flags are off

C.

A scan in which all flags are on

D.

A scan in which the packet size is set to zero

E.

A scan with an illegal packet size

Full Access
Question # 28

Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory.

What kind of attack is Susan carrying on?

A.

A sniffing attack

B.

A spoofing attack

C.

A man in the middle attack

D.

A denial of service attack

Full Access
Question # 29

How is the public key distributed in an orderly, controlled fashion so that the users can be sure of the sender’s identity?

A.

Hash value

B.

Private key

C.

Digital signature

D.

Digital certificate

Full Access
Question # 30

Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?

A.

Kismet

B.

Abel

C.

Netstumbler

D.

Nessus

Full Access
Question # 31

Dayn, an attacker, wanted to detect if any honeypots are installed in a target network. For this purpose, he used a time-based TCP fingerprinting method to validate the response to a normal computer and the response of a honeypot to a manual SYN request. Which of the following techniques is employed by Dayn to detect honeypots?

A.

Detecting honeypots running on VMware

B.

Detecting the presence of Honeyd honeypots

C.

Detecting the presence of Snort_inline honeypots

D.

Detecting the presence of Sebek-based honeypots

Full Access
Question # 32

_________ is a type of phishing that targets high-profile executives such as CEOs, CFOs, politicians, and celebrities who have access to confidential and highly valuable information.

A.

Spear phishing

B.

Whaling

C.

Vishing

D.

Phishing

Full Access
Question # 33

Elante company has recently hired James as a penetration tester. He was tasked with performing enumeration on an organization's network. In the process of enumeration, James discovered a service that is accessible to external sources. This service runs directly on port 21. What is the service enumerated byjames in the above scenario?

A.

Border Gateway Protocol (BGP)

B.

File Transfer Protocol (FTP)

C.

Network File System (NFS)

D.

Remote procedure call (RPC)

Full Access
Question # 34

Which service in a PKI will vouch for the identity of an individual or company?

A.

KDC

B.

CR

C.

CBC

D.

CA

Full Access
Question # 35

A company’s security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?

A.

Attempts by attackers to access the user and password information stored in the company’s SQL database.

B.

Attempts by attackers to access Web sites that trust the Web browser user by stealing the user’s authentication credentials.

C.

Attempts by attackers to access password stored on the user’s computer without the user’s knowledge.

D.

Attempts by attackers to determine the user’s Web browser usage patterns, including when sites were visited and for how long.

Full Access
Question # 36

A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?

A.

Perform a vulnerability scan of the system.

B.

Determine the impact of enabling the audit feature.

C.

Perform a cost/benefit analysis of the audit feature.

D.

Allocate funds for staffing of audit log review.

Full Access
Question # 37

Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the attacks process, he performed DNS footprinting to gather information about ONS servers and to identify the hosts connected in the target network. He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names. IP addresses. DNS records, and network Who is records. He further exploited this information to launch other sophisticated attacks. What is the tool employed by Gerard in the above scenario?

A.

Knative

B.

zANTI

C.

Towelroot

D.

Bluto

Full Access
Question # 38

What port number is used by LDAP protocol?

A.

110

B.

389

C.

464

D.

445

Full Access
Question # 39

Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs:

From the above list identify the user account with System Administrator privileges.

A.

John

B.

Rebecca

C.

Sheela

D.

Shawn

E.

Somia

F.

Chang

G.

Micah

Full Access
Question # 40

Juliet, a security researcher in an organization, was tasked with checking for the authenticity of images to be used in the organization's magazines. She used these images as a search query and tracked the original source and details of the images, which included photographs, profile pictures, and memes. Which of the following footprinting techniques did Rachel use to finish her task?

A.

Reverse image search

B.

Meta search engines

C.

Advanced image search

D.

Google advanced search

Full Access
Question # 41

Attacker Rony Installed a rogue access point within an organization's perimeter and attempted to Intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by Johnson in the above scenario?

A.

Distributed assessment

B.

Wireless network assessment

C.

Most-based assessment

D.

Application assessment

Full Access
Question # 42

Bob was recently hired by a medical company after it experienced a major cyber security breach. Many patients are complaining that their personal medical records are fully exposed on the Internet and someone can find them with a simple Google search. Bob's boss is very worried because of regulations that protect those data. Which of the following regulations is mostly violated?

A.

HIPPA/PHl

B.

Pll

C.

PCIDSS

D.

ISO 2002

Full Access
Question # 43

The network administrator at Spears Technology, Inc has configured the default gateway Cisco router's access-list as below:

You are hired to conduct security testing on their network.

You successfully brute-force the SNMP community string using a SNMP crack tool.

The access-list configured at the router prevents you from establishing a successful connection.

You want to retrieve the Cisco configuration from the router. How would you proceed?

A.

Use the Cisco's TFTP default password to connect and download the configuration file

B.

Run a network sniffer and capture the returned traffic with the configuration file from the router

C.

Run Generic Routing Encapsulation (GRE) tunneling protocol from your computer to the router masking your IP address

D.

Send a customized SNMP set request with a spoofed source IP address in the range -192.168.1.0

Full Access
Question # 44

Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?

A.

ACK flag probe scanning

B.

ICMP Echo scanning

C.

SYN/FIN scanning using IP fragments

D.

IPID scanning

Full Access
Question # 45

You are working as a Security Analyst in a company XYZ that owns the whole subnet range of 23.0.0.0/8 and 192.168.0.0/8.

While monitoring the data, you find a high number of outbound connections. You see that IP’s owned by XYZ (Internal) and private IP’s are communicating to a Single Public IP. Therefore, the Internal IP’s are sending data to the Public IP.

After further analysis, you find out that this Public IP is a blacklisted IP, and the internal communicating devices are compromised.

What kind of attack does the above scenario depict?

A.

Botnet Attack

B.

Spear Phishing Attack

C.

Advanced Persistent Threats

D.

Rootkit Attack

Full Access
Question # 46

You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?

A.

wireshark --fetch ''192.168.8*''

B.

wireshark --capture --local masked 192.168.8.0 ---range 24

C.

tshark -net 192.255.255.255 mask 192.168.8.0

D.

sudo tshark -f''net 192 .68.8.0/24''

Full Access
Question # 47

The establishment of a TCP connection involves a negotiation called three-way handshake. What type of message does the client send to the server in order to begin this negotiation?

A.

ACK

B.

SYN

C.

RST

D.

SYN-ACK

Full Access
Question # 48

Jim’s company regularly performs backups of their critical servers. But the company cannot afford to send backup tapes to an off-site vendor for long-term storage and archiving. Instead, Jim’s company keeps the backup tapes in a safe in the office. Jim’s company is audited each year, and the results from this year’s audit show a risk because backup tapes are not stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?

A.

Encrypt the backup tapes and transport them in a lock box.

B.

Degauss the backup tapes and transport them in a lock box.

C.

Hash the backup tapes and transport them in a lock box.

D.

Encrypt the backup tapes and use a courier to transport them.

Full Access
Question # 49

Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?

A.

symmetric algorithms

B.

asymmetric algorithms

C.

hashing algorithms

D.

integrity algorithms

Full Access
Question # 50

Ethical hacker jane Smith is attempting to perform an SQL injection attach. She wants to test the response time of a true or false response and wants to use a second command to determine whether the database will return true or false results for user IDs. which two SQL Injection types would give her the results she is looking for?

A.

Out of band and boolean-based

B.

Time-based and union-based

C.

union-based and error-based

D.

Time-based and boolean-based

Full Access
Question # 51

You are a penetration tester working to test the user awareness of the employees of the client xyz. You harvested two employees' emails from some public sources and are creating a client-side backdoor to send it to the employees via email. Which stage of the cyber kill chain are you at?

A.

Reconnaissance

B.

Command and control

C.

Weaponization

D.

Exploitation

Full Access
Question # 52

Alice needs to send a confidential document to her coworker. Bryan. Their company has public key infrastructure set up. Therefore. Alice both encrypts the message and digitally signs it. Alice uses_______to encrypt the message, and Bryan uses__________to confirm the digital signature.

A.

Bryan’s public key; Bryan’s public key

B.

Alice’s public key; Alice’s public key

C.

Bryan’s private key; Alice’s public key

D.

Bryan’s public key; Alice’s public key

Full Access
Question # 53

Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that

permits users to authenticate once and gain access to multiple systems?

A.

Role Based Access Control (RBAC)

B.

Discretionary Access Control (DAC)

C.

Single sign-on

D.

Windows authentication

Full Access
Question # 54

During an Xmas scan what indicates a port is closed?

A.

No return response

B.

RST

C.

ACK

D.

SYN

Full Access
Question # 55

Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?

A.

msfpayload

B.

msfcli

C.

msfd

D.

msfencode

Full Access
Question # 56

An attacker with access to the inside network of a small company launches a successful STP manipulation attack. What will he do next?

A.

He will create a SPAN entry on the spoofed root bridge and redirect traffic to his computer.

B.

He will activate OSPF on the spoofed root bridge.

C.

He will repeat this action so that it escalates to a DoS attack.

D.

He will repeat the same attack against all L2 switches of the network.

Full Access
Question # 57

An attacker redirects the victim to malicious websites by sending them a malicious link by email. The link appears authentic but redirects the victim to a malicious web page, which allows the attacker to steal the victim's data. What type of attack is this?

A.

Phishing

B.

Vlishing

C.

Spoofing

D.

DDoS

Full Access
Question # 58

CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. The employee of CompanyXYZ is aware of your test. Your email message looks like this:

From: jim_miller@companyxyz.com

To: michelle_saunders@companyxyz.com Subject: Test message

Date: 4/3/2017 14:37

The employee of CompanyXYZ receives your email message.

This proves that CompanyXYZ’s email gateway doesn’t prevent what?

A.

Email Masquerading

B.

Email Harvesting

C.

Email Phishing

D.

Email Spoofing

Full Access
Question # 59

When you are testing a web application, it is very useful to employ a proxy tool to save every request and response. You can manually test every request and analyze the response to find vulnerabilities. You can test parameter and headers manually to get more precise results than if using web vulnerability scanners.

What proxy tool will help you find web vulnerabilities?

A.

Maskgen

B.

Dimitry

C.

Burpsuite

D.

Proxychains

Full Access
Question # 60

What is a “Collision attack” in cryptography?

A.

Collision attacks try to get the public key

B.

Collision attacks try to break the hash into three parts to get the plaintext value

C.

Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key

D.

Collision attacks try to find two inputs producing the same hash

Full Access
Question # 61

Allen, a professional pen tester, was hired by xpertTech solutWns to perform an attack simulation on the organization's network resources. To perform the attack, he took advantage of the NetBIOS API and targeted the NetBIOS service. B/enumerating NetBIOS, he found that port 139 was open and could see the resources that could be accessed or viewed on a remote system. He came across many NetBIOS codes during enumeration.

identify the NetBIOS code used for obtaining the messenger service running for the logged-in user?

Full Access
Question # 62

This is an attack that takes advantage of a web site vulnerability in which the site displays content that includes un-sanitized user-provided data.

What is this attack?

A.

Cross-site-scripting attack

B.

SQL Injection

C.

URL Traversal attack

D.

Buffer Overflow attack

Full Access
Question # 63

env x=’(){ :;};echo exploit’ bash –c ‘cat/etc/passwd’

What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host?

A.

Removes the passwd file

B.

Changes all passwords in passwd

C.

Add new user to the passwd file

D.

Display passwd content to prompt

Full Access
Question # 64

James is working as an ethical hacker at Technix Solutions. The management ordered James to discover how vulnerable its network is towards footprinting attacks. James took the help of an open-source framework for performing automated reconnaissance activities. This framework helped James in gathering information using free tools and resources. What is the framework used by James to conduct footprinting and reconnaissance activities?

A.

WebSploit Framework

B.

Browser Exploitation Framework

C.

OSINT framework

D.

SpeedPhish Framework

Full Access
Question # 65

When configuring wireless on his home router, Javik disables SSID broadcast. He leaves authentication “open” but sets the SSID to a 32-character string of random letters and numbers.

What is an accurate assessment of this scenario from a security perspective?

A.

Since the SSID is required in order to connect, the 32-character string is sufficient to prevent brute-force attacks.

B.

Disabling SSID broadcast prevents 802.11 beacons from being transmitted from the access point, resulting in a valid setup leveraging “security through obscurity”.

C.

It is still possible for a hacker to connect to the network after sniffing the SSID from a successful wireless association.

D.

Javik’s router is still vulnerable to wireless hacking attempts because the SSID broadcast setting can be enabled using a specially crafted packet sent to the hardware address of the access point.

Full Access
Question # 66

You went to great lengths to install all the necessary technologies to prevent hacking attacks, such as expensive firewalls, antivirus software, anti-spam systems and intrusion detection/prevention tools in your company's network. You have configured the most secure policies and tightened every device on your network. You are confident that hackers will never be able to gain access to your network with complex security system in place.

Your peer, Peter Smith who works at the same department disagrees with you.

He says even the best network security technologies cannot prevent hackers gaining access to the network because of presence of "weakest link" in the security chain.

What is Peter Smith talking about?

A.

Untrained staff or ignorant computer users who inadvertently become the weakest link in your security chain

B.

"zero-day" exploits are the weakest link in the security chain since the IDS will not be able to detect these attacks

C.

"Polymorphic viruses" are the weakest link in the security chain since the Anti-Virus scanners will not be able to detect these attacks

D.

Continuous Spam e-mails cannot be blocked by your security system since spammers use different techniques to bypass the filters in your gateway

Full Access
Question # 67

This wireless security protocol allows 192-bit minimum-strength security protocols and cryptographic tools to protect sensitive data, such as GCMP-2S6. MMAC-SHA384, and ECDSA using a 384-bit elliptic curve. Which is this wireless security protocol?

A.

WPA2 Personal

B.

WPA3-Personal

C.

WPA2-Enterprise

D.

WPA3-Enterprise

Full Access
Question # 68

Susan, a software developer, wants her web API to update other applications with the latest information. For this purpose, she uses a user-defined HTTP tailback or push APIs that are raised based on trigger events: when invoked, this feature supplies data to other applications so that users can instantly receive real-time Information.

Which of the following techniques is employed by Susan?

A.

web shells

B.

Webhooks

C.

REST API

D.

SOAP API

Full Access
Question # 69

You have been authorized to perform a penetration test against a website. You want to use Google dorks to footprint the site but only want results that show file extensions. What Google dork operator would you use?

A.

filetype

B.

ext

C.

inurl

D.

site

Full Access
Question # 70

What is the least important information when you analyze a public IP address in a security alert?

A.

DNS

B.

Whois

C.

Geolocation

D.

ARP

Full Access
Question # 71

What type of virus is most likely to remain undetected by antivirus software?

A.

Cavity virus

B.

Stealth virus

C.

File-extension virus

D.

Macro virus

Full Access
Question # 72

Clark, a professional hacker, was hired by an organization lo gather sensitive Information about its competitors surreptitiously. Clark gathers the server IP address of the target organization using Whole footprinting. Further, he entered the server IP address as an input to an online tool to retrieve information such as the network range of the target organization and to identify the network topology and operating system used in the network. What is the online tool employed by Clark in the above scenario?

A.

AOL

B.

ARIN

C.

DuckDuckGo

D.

Baidu

Full Access
Question # 73

Under what conditions does a secondary name server request a zone transfer from a primary name server?

A.

When a primary SOA is higher that a secondary SOA

B.

When a secondary SOA is higher that a primary SOA

C.

When a primary name server has had its service restarted

D.

When a secondary name server has had its service restarted

E.

When the TTL falls to zero

Full Access
Question # 74

Which of the following is the best countermeasure to encrypting ransomwares?

A.

Use multiple antivirus softwares

B.

Pay a ransom

C.

Keep some generation of off-line backup

D.

Analyze the ransomware to get decryption key of encrypted data

Full Access
Question # 75

Bella, a security professional working at an it firm, finds that a security breach has occurred while transferring important files. Sensitive data, employee usernames. and passwords are shared In plaintext, paving the way for hackers 10 perform successful session hijacking. To address this situation. Bella Implemented a protocol that sends data using encryption and digital certificates. Which of the following protocols Is used by Bella?

A.

FTP

B.

HTTPS

C.

FTPS

D.

IP

Full Access
Question # 76

Boney, a professional hacker, targets an organization for financial benefits. He performs an attack by sending his session ID using an MITM attack technique. Boney first obtains a valid session ID by logging into a service and later feeds the same session 10 to the target employee. The session ID links the target employee to Boneys account page without disclosing any information to the victim. When the target employee clicks on the link, all the sensitive payment details entered in a form are linked to Boneys account. What is the attack performed by Boney in the above scenario?

A.

Session donation attack

B.

Session fixation attack

C.

Forbidden attack

D.

CRIME attack

Full Access
Question # 77

Which of the following tools can be used to perform a zone transfer?

A.

NSLookup

B.

Finger

C.

Dig

D.

Sam Spade

E.

Host

F.

Netcat

G.

Neotrace

Full Access
Question # 78

A security analyst uses Zenmap to perform an ICMP timestamp ping scan to acquire information related to the

current time from the target host machine.

Which of the following Zenmap options must the analyst use to perform the ICMP timestamp ping scan?

A.

-PY

B.

-PU

C.

-PP

D.

-Pn

Full Access
Question # 79

John is investigating web-application firewall logs and observers that someone is attempting to inject the following:

char buff[10];

buff[>o] - 'a':

What type of attack is this?

A.

CSRF

B.

XSS

C.

Buffer overflow

D.

SQL injection

Full Access