312-50 Certified Ethical Hacker Certification Practice Exam Set 1

When you are getting information about a web server, it is very important to know the HTTP Methods (GET, POST, HEAD, PUT, DELETE, TRACE) that are available because there are two critical methods (PUT and DELETE). PUT can upload a file to the server and DELETE can delete a file from the server. You can detect all these methods (GET, POST, HEAD, PUT, DELETE, TRACE) using NMAP script engine.  What nmap script will help you with this task? 

Options are :

  • http enum
  • http-headers
  • http-git
  • http-methods (Correct)

Answer : http-methods

ECCouncil ECSS Certified Security Specialist Practice Exam Set 9

An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", that the user is directed to a phishing site.  Which file does the attacker need to modify?

Options are :

  • Networks
  • Boot.ini
  • Hosts (Correct)
  • Sudoers

Answer : Hosts

Under the "Post-attack Phase and Activities", it is the responsibility of the tester to restore the systems to a pre-test state.  Which of the following activities should not be included in this phase? (see exhibit)  Exhibit:

Options are :

  • All should be included.
  • III and IV
  • III (Correct)
  • IV

Answer : III

Which of the following is the BEST way to defend against network sniffing? 

Options are :

  • Using encryption protocols to secure network communications (Correct)
  • Register all machines MAC Address in a Centralized Database
  • Restrict Physical Access to Server Rooms hosting Critical Servers
  • Use Static IP Address

Answer : Using encryption protocols to secure network communications

312-50 Certified Ethical Hacker Certification Practice Exam Set 2

You just set up a security system in your network. In what kind of system would you find the following string of characters used as a rule within its configuration?  alert tcp any any -> 21 (msg: "FTP on the network!";) 

Options are :

  • A firewall IPTable
  • A Router IPTable
  • FTP Server rule
  • An Intrusion Detection System (Correct)

Answer : An Intrusion Detection System

The network administrator contacts you and tells you that she noticed the temperature on the internal wireless router increases by more than 20% during weekend hours when the office was closed. She asks you to investigate the issue because she is busy dealing with a big conference and she doesn’t have time to perform the task.  What tool can you use to view the network traffic being sent and received by the wireless router? 

Options are :

  • Wireshark (Correct)
  • Nessus
  • Netstat
  • Netcat

Answer : Wireshark

While using your bank’s online servicing you notice the following string in the URL bar: “http://www.MyPersonalBank.com/account?id=368940911028389&Damount=10980&Camount=21 ”  You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflect the changes.  Which type of vulnerability is present on this site? 

Options are :

  • Cookie Tampering
  • SQL injection
  • XSS Reflection
  • Web Parameter Tampering (Correct)

Answer : Web Parameter Tampering

712-50 EC-Council Certified CISO Certification Practice Exam Set 8

Which of the following is a component of a risk assessment?

Options are :

  • DMZ
  • Administrative safeguards (Correct)
  • Physical security
  • Logical interface

Answer : Administrative safeguards

Which of the following describes the characteristics of a Boot Sector Virus?

Options are :

  • Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR (Correct)
  • Moves the MBR to another location on the RAM and copies itself to the original location of the MBR
  • Modifies directory table entries so that directory entries point to the virus code instead of the actual program
  • Overwrites the original MBR and only executes the new virus code

Answer : Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR

After trying multiple exploits, you've gained root access to a Centos 6 server. To ensure you maintain access, what would you do first? 

Options are :

  • Download and Install Netcat
  • Create User Account (Correct)
  • Disable Key Services
  • Disable IPTables

Answer : Create User Account

ECCouncil EC0-232 ec0-232 E-Commerce Architect Practice Exam Set 8

You have several plain-text firewall logs that you must review to evaluate network traffic. You know that in order to do fast, efficient searches of the logs you must use regular expressions.  Which command-line utility are you most likely to use? 

Options are :

  • Notepad
  • Grep (Correct)
  • MS Excel
  • Relational Database

Answer : Grep

You are a Network Security Officer. You have two machines. The first machine ( has snort installed, and the second machine ( has kiwi syslog installed. You perform a syn scan in your network, and you notice that kiwi syslog is not receiving the alert message from snort. You decide to run wireshark in the snort machine to check if the messages are going to the kiwi syslog machine.  What wireshark filter will show the connections from the snort machine to kiwi syslog machine?

Options are :

  • tcp.srcport==514 && ip.src==192.168.150
  • tcp.srcport==514 && ip.src==
  • tcp.dstport==514 && ip.dst== (Correct)
  • tcp.dstport==514 && ip.dst==

Answer : tcp.dstport==514 && ip.dst==

You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist's email, and you send her an email changing the source email to her boss's email( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network.  What testing method did you use? 

Options are :

  • Tailgating
  • Eavesdropping
  • Piggybacking
  • Social engineering (Correct)

Answer : Social engineering

ECCouncil ECSS Certified Security Specialist Practice Exam Set 7

Jesse receives an email with an attachment labeled “Court_Notice_21206.zip”. Inside the zip file is a file named “Court_Notice_21206.docx.exe” disguised as a word document. Upon execution, a window appears stating, “This word document is corrupt.” In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries.  What type of malware has Jesse encountered? 

Options are :

  • Macro Virus
  • Worm
  • Trojan (Correct)
  • Key-Logger

Answer : Trojan

Nation-state threat actors often discover vulnerabilities and hold on to them until they want to launch a sophisticated attack. The Stuxnet attack was an unprecedented style of attack because it used four types of vulnerability.  What is this style of attack called?

Options are :

  • zero-sum
  • zero-day (Correct)
  • zero-hour
  • no-day

Answer : zero-day

Using Windows CMD, how would an attacker list all the shares to which the current user context has access? 

Options are :

  • NET USE (Correct)

Answer : NET USE

EC0-479 EC-Council Certified Security Analyst Practice Exam Set 6

When you are testing a web application, it is very useful to employ a proxy tool to save every request and response. You can manually test every request and analyze the response to find vulnerabilities. You can test parameter and headers manually to get more precise results than if using web vulnerability scanners.  What proxy tool will help you find web vulnerabilities? 

Options are :

  • Maskgen
  • Dimitry
  • Proxychains
  • Burpsuite (Correct)

Answer : Burpsuite

What is a "Collision attack" in cryptography? 

Options are :

  • Collision attacks try to find two inputs producing the same hash. (Correct)
  • Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key.
  • Collision attacks try to break the hash into three parts to get the plaintext value.
  • Collision attacks try to get the public key.

Answer : Collision attacks try to find two inputs producing the same hash.

The Open Web Application Security Project (OWASP) is the worldwide not-for-profit charitable organization focused on improving the security of software. What item is the primary concern on OWASP's Top Ten Project Most Critical Web Application Security Risks? 

Options are :

  • Cross Site Scripting
  • Injection (Correct)
  • Path disclosure
  • Cross Site Request Forgery

Answer : Injection

312-50v7 Ethical Hacking and Countermeasures V7 Part 2 Exam Set 9

You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by a Network Based Intrusion Detection Systems (NIDS).  What is the best way to evade the NIDS? 

Options are :

  • Alternate Data Streams
  • Protocol Isolation
  • Encryption (Correct)
  • Out of band signalling

Answer : Encryption

Which of the following is the successor of SSL? 

Options are :

  • IPSec
  • TLS (Correct)
  • GRE
  • RSA

Answer : TLS

You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number? 

Options are :

  • ICMP
  • UPX
  • TCP (Correct)
  • UPD

Answer : TCP

EC0-349 ECCouncil Computer Hacking Forensic Investigator Set 1

This international organization regulates billions of transactions daily and provides security guidelines to protect personally identifiable information (PII). These security controls provide a baseline and prevent low-level hackers sometimes known as script kiddies from causing a data breach.  Which of the following organizations is being described?

Options are :

  • Institute of Electrical and Electronics Engineers (IEEE)
  • Payment Card Industry (PCI) (Correct)
  • Center for Disease Control (CDC)
  • International Security Industry Organization (ISIO)

Answer : Payment Card Industry (PCI)

Which of the following statements is TRUE?

Options are :

  • Sniffers operate on Layer 2 of the OSI model (Correct)
  • Sniffers operate on the Layer 1 of the OSI model.
  • Sniffers operate on both Layer 2 & Layer 3 of the OSI model.
  • Sniffers operate on Layer 3 of the OSI model

Answer : Sniffers operate on Layer 2 of the OSI model

When you are collecting information to perform a data analysis, Google commands are very useful to find sensitive information and files. These files may contain information about passwords, system functions, or documentation.  What command will help you to search files using Google as a search engine? 

Options are :

  • inurl: target.com filename:xls username password email
  • site: target.com filetype:xls username password email (Correct)
  • domain: target.com archive:xls username password email
  • site: target.com file:xls username password email

Answer : site: target.com filetype:xls username password email

ECCouncil EC1-349 Computer Hack Forensic Investigator Exam Set 3

Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?

Options are :

  • Maltego (Correct)
  • Wireshark
  • Metasploit
  • Cain & Abel

Answer : Maltego

Which of the following is the least-likely physical characteristic to be used in biometric control that supports a large company? 

Options are :

  • Iris patterns
  • Fingerprints
  • Voice
  • Height and Weight (Correct)

Answer : Height and Weight

What is the best description of SQL Injection? 

Options are :

  • It is a Man-in-the-Middle attack between your SQL Server and Web App Server.
  • It is a Denial of Service Attack.
  • It is an attack used to modify code in an application.
  • It is an attack used to gain unauthorized access to a database. (Correct)

Answer : It is an attack used to gain unauthorized access to a database.

712-50 EC-Council Certified CISO Certification Practice Exam Set 12

A medium-sized healthcare IT business decides to implement a risk management strategy.  Which of the following is NOT one of the five basic responses to risk? 

Options are :

  • Delegate (Correct)
  • Avoid
  • Accept
  • Mitigate

Answer : Delegate

In 2007, this wireless security algorithm was rendered useless by capturing packets and discovering the passkey in a matter of seconds. This security flaw led to a network invasion of TJ Maxx and data theft through a technique known as wardriving.  Which Algorithm is this referring to? 

Options are :

  • Wired Equivalent Privacy (WEP) (Correct)
  • Temporal Key Integrity Protocol (TKIP)
  • Wi-Fi Protected Access 2 (WPA2)
  • Wi-Fi Protected Access (WPA)

Answer : Wired Equivalent Privacy (WEP)

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions