Q1. You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection System.
What is the best approach?
A. Install and use Telnet to encrypt all outgoing traffic from this server.
B. Install Cryptcat and encrypt outgoing packets from this server
C. Use Alternate Data Streams to hide the outgoing packets from this server.
D. Use HTTP so that all traffic can be routed via a browser, thus evading the internal Intrusion Detection Systems.
Answer: A
Q2. As a Certified Ethical hacker, you were contracted by aprivate firm to conduct an external security assessment through penetration testing.
What document describes the specified of the testing, the associated violations, and essentially protects both the organization’s interest and your li abilities as a tester?
A. Term of Engagement
B. Non-Disclosure Agreement
C. Project Scope
D. Service Level Agreement
Answer: B
Q3. Which of the following statements regarding ethical hacking is incorrect?
A. Testing should be remotely performed offsite.
B. Ethical hackers should never use tools that have potential of exploiting vulnerabilities in the
organizations IT system.
C. Ethical hacking should not involve writing to or modifying the target systems.
D. An organization should use ethical hackers who do not sell hardware/software or other consulting services.
Answer: B
Q4. The configuration allows a wired or wireless network interface controller to pass all trafice it receives to thecentral processing unit (CPU), rather than passing only the frames that the controller is intended to receive.
Which of the following is being described?
A. WEM
B. Multi-cast mode
C. Promiscuous mode
D. Port forwarding
Answer: B
Q5. Which of these options is the most secure procedure for strong backup tapes?
A. In a climate controlled facility offsite
B. Inside the data center for faster retrieval in afireproof safe
C. In a cool dry environment
D. On a different floor in the same building
Answer: A
Q6. During a security audit of IT processes, an IS auditor found that there was no documented security procedures. What should the IS auditor do?
A. Terminate the audit.
B. Identify and evaluate existing practices.
C. Create a procedures document
D. Conduct compliance testing
Answer: B
Q7. An Internet Service Provider (ISP) has a need to authenticate users connecting using analog modems, digital Subscriber Line (DSL), wireless data services, and virtual Private Networks (VPN) over a Frame Relay network.
Which AAA protocol is most likely able to handle this requirement?
A. DIAMETER
B. Kerberos
C. RADIUS
A. D. TACACS+
Answer: D
Q8. An attacker changes the profile information of a particular user on a target website (the victim). The attacker uses this string to update the victim's profile to a text file and then submit the data to the attacker’s database.
<frame src=http://www/vulnweb.com/updataif.php Style=”display:none”></iframe> What is this type of attack (that can use either HTTP GET or HRRP POST) called?
A. Cross-Site Request Forgery
B. Cross-Site Scripting
C. SQL Injection
D. Browser Hacking
Answer: A
Q9. Which of the following isthe greatest threat posed by backups?
A. An un-encrypted backup can be misplaced or stolen
B. A back is incomplete because no verification was performed.
C. A backup is the source of Malware or illicit information.
D. A backup is unavailable duringdisaster recovery.
Answer: A
Q10. You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.
What is the best nmap command you will use?
A. Nmap –T4 –F 10.10.0.0/24
B. Nmap –T4 –q 10.10.0.0/24
C. Nmap –T4 –O 10.10.0.0/24
D. Nmap –T4 –r 10.10.0.0/24
Answer: A