Q661 - A company has five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and 192.168.5.0. How can NMAP be used to scan these adjacent Class C networks?

1. NMAP -P 192.168.1-5.
2. NMAP -P 192.168.0.0/16
3. NMAP -P 192.168.1.0,2.0,3.0,4.0,5.0
4. NMAP -P 192.168.1/17

Q662 - Which of the following will perform an Xmas scan using NMAP?

1. nmap -sA 192.168.1.254
2. nmap -sP 192.168.1.254
3. nmap -sX 192.168.1.254
4. nmap -sV 192.168.1.254

Q663 - _________ is a set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attacks types.

1. DNSSEC
2. Zone transfer
3. Resource transfer
4. Resource records

Q664 - Which definition among those given below best describes a covert channel?

1. A server program using a port that is not well known.
2. Making use of a protocol in a way it is not intended to be used.
3. It is the multiplexing taking place on a communication link.
4. It is one of the weak channels used by WEP which makes it insecure

Q665 - Which of the following is a restriction being enforced in "white box testing?"

1. Only the internal operation of a system is known to the tester
2. The internal operation of a system is completely known to the tester
3. The internal operation of a system is only partly accessible to the tester
4. Only the external operation of a system is accessible to the tester

Q666 - An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?

1. Reverse Social Engineering
2. Tailgating
3. Piggybacking
4. Announced

Q667 - A company has hired a security administrator to maintain and administer Linux and Windows-based systems. Written in the nightly report file is the following: Firewall log files are at the expected value of 4 MB. The current time is 12am. Exactly two hours later the size has decreased considerably. Another hour goes by and the log files have shrunk in size again. Which of the following actions should the security administrator take?

1. Log the event as suspicious activity and report this behavior to the incident response team immediately.
2. Log the event as suspicious activity, call a manager, and report this as soon as possible.
3. Run an anti-virus scan because it is likely the system is infected by malware.
4. Log the event as suspicious activity, continue to investigate, and act according to the site's security policy.

Q668 - Which of the following identifies the three modes in which Snort can be configured to run?

1. Sniffer, Packet Logger, and Network Intrusion Detection System
2. Sniffer, Network Intrusion Detection System, and Host Intrusion Detection System
3. Sniffer, Host Intrusion Prevention System, and Network Intrusion Prevention System
4. Sniffer, Packet Logger, and Host Intrusion Prevention System

Q669 - Which of the following statements about a zone transfer is correct? (Choose three.)

1. A zone transfer is accomplished with the DNS
2. A zone transfer is accomplished with the nslookup service
3. A zone transfer passes all zone information that a DNS server maintains
4. A zone transfer passes all zone information that a nslookup server maintains
5. A zone transfer can be prevented by blocking all inbound TCP port 53 connections
6. Zone transfers cannot occur on the Internet

Q670 - A well-intentioned researcher discovers a vulnerability on the web site of a major corporation. What should he do?

1. Ignore it.
2. Try to sell the information to a well-paying party on the dark web.
3. Notify the web site owner so that corrective action be taken as soon as possible to patch the vulnerability.
4. Exploit the vulnerability without harming the web site owner so that attention be drawn to the problem.

Q671 - You are an Ethical Hacker who is auditing the ABC company. When you verify the NOC one of the machines has 2 connections, one wired and the other wireless. When you verify the configuration of this Windows system you find two static routes.
route add 10.0.0.0 mask 255.0.0.0 10.0.0.1
route add 0.0.0.0 mask 255.0.0.0 199.168.0.1
What is the main purpose of those static routes?

1. Both static routes indicate that the traffic is external with different gateway.
2. The first static route indicates that the internal traffic will use an external gateway and the second static route indicates that the traffic will be rerouted.
3. Both static routes indicate that the traffic is internal with different gateway.
4. The first static route indicates that the internal addresses are using the internal gateway and the second static route indicates that all the traffic that is not internal must go to an external gateway.

Q672 - Which of the following statements regarding ethical hacking is incorrect?

1. Ethical hackers should never use tools or methods that have the potential of exploiting vulnerabilities in an organization's systems.
2. Testing should be remotely performed offsite.
3. An organization should use ethical hackers who do not sell vendor hardware/software or other consulting services.
4. Ethical hacking should not involve writing to or modifying the target systems.

Q673 - Low humidity in a data center can cause which of the following problems?

1. Heat
2. Corrosion
3. Static electricity
4. Airborne contamination

Q674 - Seth is starting a penetration test from inside the network. He hasn't been given any information about the network. What type of test is he conducting?

1. Internal Whitebox
2. External, Whitebox
3. Internal, Blackbox
4. External, Blackbox

Q675 - Which type of scan measures a person's external features through a digital video camera?

1. Iris scan
2. Retinal scan
3. Facial recognition scan
4. Signature kinetics scan

Q676 - A security policy will be more accepted by employees if it is consistent and has the support of

1. coworkers.
2. executive management.
3. the security officer.
4. a supervisor.

Q677 - This international organization regulates billions of transactions daily and provides security guidelines to protect personally identifiable information (PII). These security controls provide a baseline and prevent low-level hackers sometimes known as script kiddies from causing a data breach. Which of the following organizations is being described?

1. Payment Card Industry (PCI)
2. Center for Disease Control (CDC)
3. Institute of Electrical and Electronics Engineers (IEEE)
4. International Security Industry Organization (ISIO)

Q678 - When purchasing a biometric system, one of the considerations that should be reviewed is the processing speed. Which of the following best describes what it is meant by processing?

1. The amount of time it takes to convert biometric data into a template on a smart card.
2. The amount of time and resources that are necessary to maintain a biometric system.
3. The amount of time it takes to be either accepted or rejected form when an individual provides Identification and authentication information.
4. How long it takes to setup individual user accounts.

Q679 - While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?

1. Cross-Site Request Forgery
2. Cross-Site Scripting
3. Clickjacking
4. Web form input validation

Q680 - A big company, who wanted to test their security infrastructure, wants to hire elite pen testers like you. During the interview, they asked you to show sample reports from previous penetration tests. What should you do?

1. Share reports, after NDA is signed
2. Share full reports, not redacted
3. Decline but, provide references
4. Share full reports with redactions

Q681 - Eve stole a file named secret.txt, transferred it to her computer and she just entered these commands:

What is she trying to achieve?

1. She is encrypting the file.
2. She is using John the Ripper to view the contents of the file.
3. She is using ftp to transfer the file to another hacker named John.
4. She is using John the Ripper to crack the passwords in the secret.txt file.

Q682 - Let's imagine three companies (A, B and C), all competing in a challenging global environment. Company A and B are working together in developing a product that will generate a major competitive advantage for them. Company A has a secure DNS server while company B has a DNS server vulnerable to spoofing. With a spoofing attack on the DNS server of company B, company C gains access to outgoing e-mails from company B. How do you prevent DNS spoofing?

1. Install DNS logger and track vulnerable packets
2. Disable DNS timeouts
3. Install DNS Anti-spoofing
4. Disable DNS Zone Transfer

Q683 - Which of the following is considered an exploit framework and has the ability to perform automated attacks on services, ports, applications and unpatched security flaws in a computer system?

1. Wireshark
2. Maltego
3. Metasploit
4. Nessus

Q684 - Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?

1. Cavity virus
2. Polymorphic virus
3. Tunneling virus
4. Stealth virus

Q685 - There are several ways to gain insight on how a cryptosystem works with the goal of reverse engineering the process. A term describes when two pieces of data result in the same value is?

1. Collision
2. Collusion
3. Polymorphism
4. Escrow

Q686 - The network in ABC company is using the network address 192.168.1.64 with mask 255.255.255.192. In the network the servers are in the addresses 192.168.1.122, 192.168.1.123 and 192.168.1.124. An attacker is trying to find those servers but he cannot see them in his scanning. The command he is using is:
nmap 192.168.1.64/28.
Why he cannot see the servers?

1. The network must be down and the nmap command and IP address are ok.
2. He needs to add the command ''''ip address'''' just before the IP address.
3. He is scanning from 192.168.1.64 to 192.168.1.78 because of the mask /28 and the servers are not in that range.
4. He needs to change the address to 192.168.1.0 with the same mask.

Q687 - When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?

1. Network tap
2. Layer 3 switch
3. Network bridge
4. Application firewall

Q688 - An attacker gains access to a Web server's database and displays the contents of the table that holds all of the names, passwords, and other user information. The attacker did this by entering information into the Web site's user login page that the software's designers did not expect to be entered. This is an example of what kind of software design problem?

1. Insufficient input validation
2. Insufficient exception handling
3. Insufficient database hardening
4. Insufficient security management

Q689 - What type of malware is it that restricts access to a computer system that it infects and demands that the user pay a certain amount of money, cryptocurrency, etc. to the operators of the malware to remove the restriction?

1. Ransomware
2. Riskware
3. Adware
4. Spyware

Q690 - Scenario: What is the name of the attack which is mentioned in the scenario?

1. HTTP Parameter Pollution
2. HTML Injection
3. Session Fixation
4. ClickJacking Attack