Q451 - A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating. She offers to pay to break into her husband's email account in order to find proof so she can take him to court. What is the ethical response?

1. Say no; the friend is not the owner of the account.
2. Say yes; the friend needs help to gather evidence.
3. Say yes; do the job for free.
4. Say no; make sure that the friend knows the risk she's asking the CEH to take.

Q452 - env x=`(){ :;};echo exploit` bash -c 'cat /etc/passwd'
What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host?

1. Display passwd content to prompt
2. Removes the passwd file
3. Changes all passwords in passwd
4. Add new user to the passwd file

Q453 - As a securing consultant, what are some of the things you would recommend to a company to ensure DNS security?

1. Use the same machines for DNS and other applications
2. Harden DNS servers
3. Use split-horizon operation for DNS servers
4. Restrict Zone transfers
5. Have subnet diversity between DNS servers

Q454 - Some passwords are stored using specialized encryption algorithms known as hashes. Why is this an appropriate method?

1. It is impossible to crack hashed user passwords unless the key used to encrypt them is obtained.
2. If a user forgets the password, it can be easily retrieved using the hash key stored by administrators.
3. Hashing is faster compared to more traditional encryption algorithms.
4. Passwords stored using hashes are non-reversible, making finding the password much more difficult.

Q455 - A company has publicly hosted web applications and an internal Intranet protected by a firewall. Which technique will help protect against enumeration?

1. Reject all invalid email received via SMTP.
2. Allow full DNS zone transfers.
3. Remove A records for internal hosts.
4. Enable null session pipes.

Q456 - Which of the following incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an organization?

1. Preparation phase
2. Containment phase
3. Identification phase
4. Recovery phase

Q457 - In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?

1. In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name.
2. Both pharming and phishing attacks are purely technical and are not considered forms of social engineering.
3. Both pharming and phishing attacks are identical.
4. In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name.

Q458 - While you were gathering information as part of security assessments for one of your clients, you were able to gather data that show your client is involved with fraudulent activities. What should you do?

1. Immediately stop work and contact the proper legal authorities
2. Ignore the data and continue the assessment until completed as agreed
3. Confront the client in a respectful manner and ask her about the data
4. Copy the data to removable media and keep it in case you need it

Q459 - A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database. In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?

1. Semicolon
2. Single quote
3. Exclamation mark
4. Double quote

Q460 - While using your bank's online servicing you notice the following string in the URL bar: "http://www.MyPersonalBank.com/account?id=368940911028389& Damount=10980&Camount=21" You observe that if you modify the Damount & Camount values and submit the request, that data on the web page reflect the changes. Which type of vulnerability is present on this site?

1. Web Parameter Tampering
2. Cookie Tampering
3. XSS Reflection
4. SQL injection

Q461 - When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?

1. At least once a year and after any significant upgrade or modification
2. At least once every three years or after any significant upgrade or modification
3. At least twice a year or after any significant upgrade or modification
4. At least once every two years and after any significant upgrade or modification

Q462 - A covert channel is a channel that

1. transfers information over, within a computer system, or network that is outside of the security policy.
2. transfers information over, within a computer system, or network that is within the security policy.
3. transfers information via a communication path within a computer system, or network for transfer of data.
4. transfers information over, within a computer system, or network that is encrypted.

Q463 - Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet?

1. ICMP Echo scanning
2. SYN/FIN scanning using IP fragments
3. ACK flag probe scanning
4. IPID scanning

Q464 - Which of the following parameters describe LM Hash (see exhibit):
Exhibit:

1. I, II, and III
2. I
3. II
4. I and II

Q465 - A hacker was able to sniff packets on a company's wireless network. The following information was discovered:

Using the Exlcusive OR, what was the original message?

1. 00101000 11101110
2. 11010111 00010001
3. 00001101 10100100
4. 11110010 01011011

Q466 - Which of the following is a form of penetration testing that relies heavily on human interaction and often involves tricking people into breaking normal security procedures?

1. Social Engineering
2. Piggybacking
3. Tailgating
4. Eavesdropping

Q467 - This asymmetry cipher is based on factoring the product of two large prime numbers. What cipher is described above?

1. RSA
2. SHA
3. RC5
4. MD5

Q468 - Which property ensures that a hash function will not produce the same hashed value for two different messages?

1. Collision resistance
2. Bit length
3. Key strength
4. Entropy

Q469 - Assume a business-crucial web-site of some company that is used to sell handsets to the customers worldwide. All the developed components are reviewed by the security team on a monthly basis. In order to drive business further, the web-site developers decided to add some 3rd party marketing tools on it. The tools are written in JavaScript and can track the customer's activity on the site. These tools are located on the servers of the marketing company. What is the main security risk associated with this scenario?

1. External script contents could be maliciously modified without the security team knowledge
2. External scripts have direct access to the company servers and can steal the data from there
3. There is no risk at all as the marketing services are trustworthy
4. External scripts increase the outbound company data traffic which leads greater financial losses

Q470 - What attack is used to crack passwords by using a precomputed table of hashed passwords?

1. Brute Force Attack
2. Hybrid Attack
3. Rainbow Table Attack
4. Dictionary Attack

Q471 - A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm's public facing web servers. The engineer decides to start by using netcat to port 80. The engineer receives this output:

Which of the following is an example of what the engineer performed?

1. Cross-site scripting
2. Banner grabbing
3. SQL injection
4. Whois database query

Q472 - Which of the following is an adaptive SQL Injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?

1. Function Testing
2. Dynamic Testing
3. Static Testing
4. Fuzzing Testing

Q473 - What two conditions must a digital signature meet?

1. Has to be unforgeable, and has to be authentic.
2. Has to be legible and neat.
3. Must be unique and have special characters.
4. Has to be the same number of characters as a physical signature and must be unique.

Q474 - Jimmy is standing outside a secure entrance to a facility. He is pretending to have a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it begins to close. What just happened?

1. Piggybacking
2. Masqurading
3. Phishing
4. Whaling

Q475 - You have the SOA presented below in your Zone. Your secondary servers have not been able to contact your primary server to synchronize information. How long will the secondary servers attempt to contact the primary server before it considers that zone is dead and stops responding to queries?
collegae.edu.SOA, cikkye.edu ipad.college.edu. (200302028 3600 3600 604800 3600)

1. One day
2. One hour
3. One week
4. One month

Q476 - Study the log below and identify the scan type.

1. nmap -sR 192.168.1.10
2. nmap -sS 192.168.1.10
3. nmap -sV 192.168.1.10
4. nmap -sO -T 192.168.1.10

Q477 - Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?

1. They are written in Java.
2. They send alerts to security monitors.
3. They use the same packet analysis engine.
4. They use the same packet capture utility.

Q478 - Which of the following is a component of a risk assessment?

1. Administrative safeguards
2. Physical security
3. DMZ
4. Logical interface

Q479 - What is the outcome of the comm"nc -l -p 2222 | nc 10.1.0.43 1234"?

1. Netcat will listen on the 10.1.0.43 interface for 1234 seconds on port 2222.
2. Netcat will listen on port 2222 and output anything received to a remote connection on 10.1.0.43 port 1234.
3. Netcat will listen for a connection from 10.1.0.43 on port 1234 and output anything received to port 2222.
4. Netcat will listen on port 2222 and then output anything received to local interface 10.1.0.43.

Q480 - Which type of cryptography does SSL, IKE and PGP belongs to?

1. Secret Key
2. Hash Algorithm
3. Digest
4. Public Key