312-50 Certified Ethical Hacker Certification Practice Exam Set 11

How can rainbow tables be defeated? 



Options are :

  • Lockout accounts under brute force password cracking attempts
  • Use of non-dictionary words
  • Password salting (Correct)
  • All uppercase character passwords

Answer : Password salting

ECCouncil EC1-349 Computer Hack Forensic Investigator Exam Set 4

Which of the following processes evaluates the adherence of an organization to its stated security policy? 



Options are :

  • Vulnerability assessment
  • Penetration testing
  • Risk assessment
  • Security auditing (Correct)

Answer : Security auditing

A penetration tester is hired to do a risk assessment of a company's DMZ. The rules of engagement states that the penetration test be done from an external IP address with no prior knowledge of the internal IT systems. What kind of test is being performed? 



Options are :

  • red box
  • grey box
  • white box
  • black box (Correct)

Answer : black box

Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety? 



Options are :

  • Perform a full restore. (Correct)
  • Restore a random file.
  • Read the last 512 bytes of the tape.
  • Read the first 512 bytes of the tape.

Answer : Perform a full restore.

312-50v7 Ethical Hacking & Countermeasures V7 Practice Test Set 9

A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted.  Which cryptography attack is the student attempting? 



Options are :

  • Dictionary attack (Correct)
  • Man-in-the-middle attack
  • Session hijacking
  • Brute-force attack

Answer : Dictionary attack

Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP? 



Options are :

  • Nessus scripting engine
  • SAINT scripting engine
  • NMAP scripting engine (Correct)
  • Metasploit scripting engine

Answer : NMAP scripting engine

How can telnet be used to fingerprint a web server? 



Options are :

  • telnet webserverAddress 80 HEAD / HTTP/2.0
  • telnet webserverAddress 80 HEAD / HTTP/1.0 (Correct)
  • telnet webserverAddress 80 PUT / HTTP/2.0
  • telnet webserverAddress 80 PUT / HTTP/1.0

Answer : telnet webserverAddress 80 HEAD / HTTP/1.0

ECCouncil 312-50 Certified Ethical Hacker Practice Test Set 5

In order to show improvement of security over time, what must be developed? 



Options are :

  • Reports
  • Testing tools
  • Taxonomy of vulnerabilities
  • Metrics (Correct)

Answer : Metrics

Bluetooth uses which digital modulation technique to exchange information between paired devices? 



Options are :

  • FSK (frequency-shift keying)
  • QAM (quadrature amplitude modulation)
  • ASK (amplitude-shift keying)
  • None
  • PSK (phase-shift keying) (Correct)

Answer : PSK (phase-shift keying)

Which of the following describes the characteristics of a Boot Sector Virus? 



Options are :

  • Overwrites the original MBR and only executes the new virus code
  • Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR (Correct)
  • Modifies directory table entries so that directory entries point to the virus code instead of the actual program
  • None
  • Moves the MBR to another location on the RAM and copies itself to the original location of the MBR

Answer : Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR

ECCouncil ECSS Certified Security Specialist Practice Exam Set 10

Which of the following is a detective control? 



Options are :

  • Continuity of operations plan
  • Smart card authentication
  • Security policy
  • Audit trail (Correct)

Answer : Audit trail

When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user security training would be beneficial? 



Options are :

  • Social engineering (Correct)
  • Application security testing
  • Vulnerability scanning
  • Network sniffing

Answer : Social engineering

If the final set of security controls does not eliminate all risk in a system, what could be done next? 



Options are :

  • If the residual risk is low enough, it can be accepted. (Correct)
  • Ignore any remaining risk.
  • Continue to apply controls until there is zero risk.
  • Remove current controls since they are not completely effective.

Answer : If the residual risk is low enough, it can be accepted.

ECCouncil EC0-479 Certified Security Analyst (ECSA) Exam Set 1

A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature? 



Options are :

  • Perform a cost/benefit analysis of the audit feature.
  • Determine the impact of enabling the audit feature. (Correct)
  • Perform a vulnerability scan of the system.
  • Allocate funds for staffing of audit log review.

Answer : Determine the impact of enabling the audit feature.

Which of the following is a component of a risk assessment? 



Options are :

  • Logical interface
  • Physical security
  • DMZ
  • Administrative safeguards (Correct)

Answer : Administrative safeguards

Passive reconnaissance involves collecting information through which of the following? 



Options are :

  • Social engineering
  • Network traffic sniffing
  • Man in the middle attacks
  • Publicly accessible sources (Correct)

Answer : Publicly accessible sources

EC1-349 ECCouncil Computer Hacking Forensic Investigator Set 5

A company has publicly hosted web applications and an internal Intranet protected by a firewall. Which technique will help protect against enumeration? 



Options are :

  • Reject all invalid email received via SMTP.
  • Enable null session pipes.
  • Remove A records for internal hosts. (Correct)
  • Allow full DNS zone transfers.

Answer : Remove A records for internal hosts.

Which of the following lists are valid data-gathering activities associated with a risk assessment? 



Options are :

  • Attack profile, defense profile, loss profile
  • Threat identification, response identification, mitigation identification
  • Threat identification, vulnerability identification, control analysis (Correct)
  • System profile, vulnerability identification, security determination

Answer : Threat identification, vulnerability identification, control analysis

Which of the following is a symmetric cryptographic standard?




Options are :

  • 3DES (Correct)
  • PKI
  • DSA
  • RSA

Answer : 3DES

ECCouncil EC0-479 Certified Security Analyst (ECSA) Exam Set 4

Which of the following examples best represents a logical or technical control? 



Options are :

  • Corporate security policy
  • Smoke and fire alarms
  • Security tokens (Correct)
  • Heating and air conditioning

Answer : Security tokens

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response? 



Options are :

  • Active (Correct)
  • Distributive
  • Passive
  • Reflective

Answer : Active

A company firewall engineer has configured a new DMZ to allow public systems to be located away from the internal network. The engineer has three security zones set:  Untrust (Internet) (Remote network = 217.77.88.0/24) DMZ (DMZ) (11.12.13.0/24) Trust (Intranet) (192.168.0.0/24)  The engineer wants to configure remote desktop access from a fixed IP on the remote network toa remote desktop server in the DMZ. Which rule would best fit this requirement? 



Options are :

  • Permit 217.77.88.12 11.12.13.0/24 RDP 3389
  • Permit 217.77.88.0/24 11.12.13.0/24 RDP 3389
  • Permit 217.77.88.12 11.12.13.50 RDP 3389 (Correct)
  • Permit 217.77.88.0/24 11.12.13.50 RDP 3389

Answer : Permit 217.77.88.12 11.12.13.50 RDP 3389

ECCouncil 412-79 Certified Security Analyst (ECSA) Exam Set 1

John the Ripper is a technical assessment tool used to test the weakness of which of the following? 



Options are :

  • Firewall rulesets
  • File permissions
  • Usernames
  • Passwords (Correct)

Answer : Passwords

Least privilege is a security concept that requires that a user is 



Options are :

  • trusted to keep all data and access to that data under their sole control.
  • given privileges equal to everyone else in the department.
  • limited to those functions required to do the job. (Correct)
  • given root or administrative privileges.

Answer : limited to those functions required to do the job.

Which of the following programs is usually targeted at Microsoft Office products? 



Options are :

  • Macro virus (Correct)
  • Multipart virus
  • Polymorphic virus
  • Stealth virus

Answer : Macro virus

ECCouncil 312-49 Computer Hacking Forensic Investigator Exam Set 4

Which of the following is a preventive control? 



Options are :

  • Audit trail
  • Security policy
  • Smart card authentication (Correct)
  • Continuity of operations plan

Answer : Smart card authentication

Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products? 



Options are :

  • Microsoft Security Baseline Analyzer
  • Microsoft Baseline Security Analyzer (Correct)
  • Retina
  • Core Impact

Answer : Microsoft Baseline Security Analyzer

A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints out several audits that have been performed. Which of the following is likely to occur as a result? 



Options are :

  • The consultant may expose vulnerabilities of other companies. (Correct)
  • The company accepting bids will want the same type of format of testing.
  • The consultant will ask for money on the bid because of great work.
  • The company accepting bids will hire the consultant because of the great work performed.

Answer : The consultant may expose vulnerabilities of other companies.

ECCouncil 312-49 Computer Hacking Forensic Investigator Exam Set 7

While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handshaking of packets at the session layer of the OSI model. Which type of firewall is the tester trying to traverse? 



Options are :

  • Packet filtering firewall
  • Stateful multilayer inspection firewall
  • Circuit-level gateway firewall (Correct)
  • Application-level firewall

Answer : Circuit-level gateway firewall

Low humidity in a data center can cause which of the following problems? 



Options are :

  • Static electricity (Correct)
  • Heat
  • Airborne contamination
  • Corrosion

Answer : Static electricity

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions