Mid Term Exam-INT-2681-
Question 1
You are on a Windows system. You receive an alert that a file named MyFile.txt.exe had been found. Which of the following could this indicate?
Cloud based IDS
Network based IDS
Compliance based IDS
Question 2
Which of the following operating systems is the most prevalent in the smartphone market?
Android
IOS
Windows
Blackberry
Question 3
Which of the following is an open-source web server technology?
Nginx
Lightspeed web server
Microsoft
Apache web server
Question 4
The Stuxnet worm was discovered in 2010 and was used to gain sensitive information on Iran’s industrial infrastructure. This worm was probably active for about five years before being discovered. During this time, the attacker had access to the target. Which type of attack was Stuxnet?
Logic bomb
Trojan
Virus
APT
Question 5
Which of the following is a nonprofit organization that provides tools and resources for web app security and is made up of software developers, engineers, and freelancers?
Trivial
OWASP
LOGICNet
HaLow
Question 6
Using a fictitious scenario to persuade someone to perform an action or give information they aren’t authorized to share is called:
Impersonation
Footprinting
Pretexting
Preloading
Question 7
A client asking for small deviations from the scope of work is called:
Change order
Rules of Engagement
Scope creep
Security exception
Question 8
You are using a password attack that tests every possible keystroke for each single key in a password until the correct one is found. Which of the following technical password attacks are you using?
Password sniffing
Pass the hash
Keylogger
Brute force
Question 9
What are the two types of Intrusion Detection Systems (IDSs)?
HIS & NIS
HID & NID
HIDS & NIDS
CIDS & WIDS
Mid Term Exam-INT-2681-Question 10
Which of the following attacks utilizes encryption to deny a user access to a device?
Bruteforce attack
Ransomeware attack
Jailbreak attack
DoS
Question 11
Which of the following documents details exactly what can be tested during a penetration test?
Rule of Engagement
Scope of work
Non-disclosure agreement
Master service agreement
Question 12
Which key area in the mobile device security model is supported by device designers requiring passwords, biometrics, and two-factor authentication methods?
Decryption
Access control
Digital signing
Encryption
Question 13
Which of the following is a deviation from standard operating security protocols?
Security exception
Deviation standard
Blacklisting
Whitelisting
Question 14
Miguel is performing a penetration test on a web server. Miguel was given only the server’s IP address and name. Which of the following best describes the type of penetration test Miguel is performing?
Blackbox
External
Internal
Whitebox
Question 15
This type of assessment evaluates deployment and communication between the server and client. It is imperative to develop tight security through user authorization and validation. Open-source and commercial tools are both recommended for this assessment. Which of the following types of vulnerability research is being done?
Buffer overflow
Default settings
Open service
Application flaws
Question 16
Which of the following best describes what FISMA does?
Defines how federal government data, operations, and assets are handled.
Defines the security standards for any organization that handles cardholder information
Implements accounting and disclosure requirements that increase transparency.
Defines standards that ensure medical information is kept safe.
Question 17
Which of the following assessment types can monitor and alert on attacks but cannot stop them?
Active
Passive
Client based
Host based
Question 18
Jaxon, a pentester, is discovering vulnerabilities and design flaws on the Internet that will open an operating system and applications to attack or misuse. Which of the following tasks is he accomplishing?
Vulnerability scanning
Vulnerability research
Vulnerability management
Internet vulnerability
Question 19
In a world where so much private information is stored and transferred digitally, it is essential to proactively discover weaknesses. An ethical hacker’s assessment sheds light on the flaws that can open doors for malicious attackers. Which of the following types of assessments does an ethical hacker complete to expose these weaknesses?
Passive assessment
Internal assessment
Vulnerability assessment
External assessment
Question 20
Michael is performing a penetration test for a hospital. Which federal regulation does Michael need to ensure he follows?
FISMA
SOX
PCI-DSS
HIPAA
Mid Term Exam-INT-2681-Question 21
Karen received a report of all the mobile devices on the network. This report showed the total risk score, summary of revealed vulnerabilities, and remediation suggestions. Which of the following types of software generated this report?
Antivirus scanner
Port scanner
Threat scanner
Vulnerability scanner
Question 22
Which of the following best describes what SOX does?
Defines the security standards for any organization that handles cardholder information.
Defines how federal government data, operations, and assets are handled.
Implements accounting and disclosure requirements that increase transparency.
Defines standards that ensure medical information is kept safe.
Question 23
Which of the following is a benefit of using a proxy when you find that your scanning attempts are being blocked?
This scan will help you to determine whether the firewall is stateful or stateless and whether or not the ports are open.
It filters incoming and outgoing traffic, provides you with anonymity, and shields you from detection.
None of the answers provided are correct.
As long as you are not bombarding the system, the packet segments float by without concern.
Question 24
While performing a penetration test, you captured a few HTTP POST packets using Wireshark. After examining the selected packet, which of the following concerns or recommendations will you include in your report?
None of the answers provided are correct.
The checksum is unverified
Keep-alive connections are being used.
Passwords are being sent in clear text
Question 25
Which of the following is the term used to describe what happens when an attacker sends falsified messages to link their MAC address with the IP address of a legitimate computer or server on the network?
MAC spoofing
ARP Poisoning
Port mirroring
MAC flooding
Question 26
Information transmitted by the remote host can be captured to expose the application type, application version, and even operating system type and version. Which of the following is a technique hackers use to obtain information about the services running on a target system?
Firewalking
War dialing
Banner grabbing
War driving
Question 27
Joe, a bookkeeper, works in a cubicle environment and is often called away from his desk. Joe doesn’t want to sign out of his computer each time he leaves. Which of the following is the best solutions for securing Joe’s workstation?
Apply multifactor authentication on the computer.
Set a strong password, that require special characters.
Configure the screen saver to require a password.
Change the default account names and passwords.
Question 28
Which of the following types of web server attacks is characterized by altering or vandalizing a website’s appearance in an attempt to humiliate, discredit, or annoy the victim?
Cross-site scripting
Website politicking
Website defacement
Website vandalism
Question 29
The following are countermeasures you would take against a web application attack:
- Secure remote administration and connectivity testing.
- Perform extensive input validation.
- Configure the firewall to deny ICMP traffic.
- Stop data processed by the attacker from being executed.
Which of the following attacks would these countermeasures prevent?
Directory traversal
XSS attacks
XML attacks
DoS attacks
Question 30
Which of the following techniques involves adding random bits of data to a password before it is stored as a hash?
Password sniffing
Pass the hash
Keylogging
Password salting
Mid Term Exam-INT-2681-Question 31
You are analyzing the web applications in your company and have newly discovered vulnerabilities. You want to launch a denial-of-service (DoS) attack against the web server. Which of the following tools would you most likely use?
WebInspect
Burpsuite
Integrity
Metasploit
Question 32
As an ethical hacker, you are looking for a way to organize and prioritize vulnerabilities that were discovered in your work. Which of the following scoring systems could you use?
CISA
CVSS
CVE
NVD
Question 33
Which of the following best describes a honeypot?
A honeypot is a substitute for an IDS or firewall and protects a system.
A honeypot’s purpose is to look like a legitimate network resource.
Virtual honeypots can only simulate one entity on a single device.
All answers provided are correct.
Question 34
Which of the following is a tool for cracking Windows login passwords using rainbow tables?
Snort
Ophcrack
Creamer
Wireshark
Question 35
You have just captured the following packet using Wireshark and the filter shown. Which of the following is the captured password?
watson
St@y0ut!@
watson-p
p@ssw0rd
Question 36
You have found the IP address of a host to be 172.125.68.30. You want to see what other hosts are available on the network. Which of the following nmap commands would you enter to do a ping sweep?
nmap -sS 172.125.68. 1-255
nmap -sU 172.125.68. 1-255
nmap -sM 172.125.68. 1-255
nmap -sn 172.125.68. 1-255
Question 37
A ping sweep is used to scan a range of IP addresses to look for live systems. A ping sweep can also alert a security system, which could result in an alarm being triggered or an attempt being blocked. Which type of scan is being used?
stem scan
Port scan
Network scan
Decoy scan
Question 38
Which of the following best describes a feature of symmetric encryption?
Does not work well for bulk encryption of less sensitive data.
Uses only one algorithm type.
Uses only one key to encrypt and decrypt
Does not require the exchange of the shared secret key.
Question 39
You are executing an attack in order to simulate an outside attack. Which type of penetration test are you performing?
Black hat
White box
White hat
Black box
Question 40
A penetration tester is trying to extract employee information during the reconnaissance phase. What kinds of data is the tester collecting about the employees?
Intellectual property, critical business functions, and management hierarchy
Geographical information, entry control systems, employee routines, and vendor traffic
Contact names, phone numbers, email addresses, fax numbers, and addresses
Operating systems, applications, security policies, and network mapping
Question 41
Firewalls, whether hardware or software, are only as effective as their __________?
Organization
Configuration
Manufacturer
Location
Question 42
Which of the following defines the security standards for any organization that handles cardholder information for any type of payment card?
SOX
PCI-DSS
PCY-DSS
HIPAA
Answer Preview-Mid Term Exam-INT-2681
