Q1. This international organizationregulates billions of transactions daily and provides security guidelines to protect personally identifiable information (PII). These security controls provide a baseline and prevent low-level hackers sometimes known as script kiddies from causing a data breach.
Which of the following organizations is being described?
A. Payment Card Industry (PCI)
A. B. International Security Industry Organization (ISIO)
C. Institute of Electrical and Electronics Engineers (IEEE)
D. Center for Disease Control (CDC)
Answer: B
Q2. env x= ‘(){ :;};echo exploit ‘ bash –c ‘cat/etc/passwd
What is the Shellshock bash vulnerability attempting to do on an vulnerable Linux host?
A. Add new user to the passwd file
B. Display passwd contents to prompt
C. Change all password in passwd
D. Remove the passwd file.
Answer: B
Q3. Which of the following is not a Bluetooth attack?
A. Bluejacking
B. Bluedriving
C. Bluesnarfing
D. Bluesmaking
Answer: B
Q4. You are usingNMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands looks for IP addresses?
A. >host –t ns hackeddomain.com
B. >host –t AXFR hackeddomain.com
C. >host –t soa hackeddomain.com
D. >host –t a hackeddomain.com
Answer: D
Q5. The NMAP command above performs which of the following?
A. A ping scan
B. A trace sweep
C. An operating system detect
D. A port scan
Answer: A
Q6. Which of the following is component of a risk assessment?
A. Logical interface
B. DMZ
C. Administrative safeguards
D. Physical security
Answer: C
Q7. A hacker has successfully infected an internet-facing server, which he will then use to send junk mail, take part incoordinated attacks, or host junk email content.
Which sort of trojan infects this server?
A. Botnet Trojan
B. Banking Trojans
C. Ransomware Trojans
D. Turtle Trojans
Answer: A
Q8. Jesse receives an email with an attachment labeled “Court_Notice_21206.zip”. Inside the zip file is a file named “Court_Notice_21206.docx.exe” disguised as a word document.Upon execution, a windows appears stating, “This word document is corrupt.” In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries. What type of malware has Jesse encountered?
A. Trojan
B. Worm
C. Key-Logger
D. Micro Virus
Answer: A
Q9. You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number?
A. ICMP
B. TCP
C. UDP
D. UPX
Answer: B
Q10. When you return to your desk after a lunch break, you notice a strange email in your inbox. The senders is someone you did business with recently but the subject line has strange characters in it.
What should you do?
A. Forward the message to your company’s security response team and permanently delete the message from your computer.
B. Delete the email and pretend nothing happened.
C. Forward the message to your supervisor andask for her opinion on how to handle the situation.
D. Reply to the sender and ask them for more information about the message contents.
Answer: A