112-52 Exam Questions
175 real 112-52 exam questions with expert-verified answers and explanations. Page 2 of 4.
- Question #51Ethical Hacking Fundamentals
In which phase does the attacker gather background information on the target?
ReconnaissanceInformation GatheringAttack PhasesThreat Assessment - Question #52Attacks and Countermeasures
What is a common vulnerability in OT systems that can be exploited in cyber-physical attacks?
OT/ICS systemsnetwork segmentationcyber-physical attacksIT/OT convergence - Question #53Ethical Hacking Fundamentals
Which of the following is a key element of information security laws and regulations?
Privacy ActsRegulatory ComplianceData ProtectionCompliance Framework - Question #54Attacks and Countermeasures
Which type of attack specifically targets the safety mechanisms of industrial control systems to cause physical damage?
ICS attacksStuxnetSCADA/PLCsPhysical damage - Question #55Web Application Security
In web application security, what does the term vulnerability stack refer to?
Vulnerability StackLayered VulnerabilitiesWeb Application SecuritySecurity Architecture - Question #56Attacks and Countermeasures
Which phase in the social engineering process involves developing a relationship with the target for manipulation?
Social EngineeringRelationship BuildingAttack PhasesManipulation Techniques - Question #57Ethical Hacking Fundamentals
Which regulation specifically addresses the protection of personal data within the European Union?
GDPRData ProtectionPrivacy RegulationsEU Compliance - Question #58Attacks and Countermeasures
What is the primary goal of session hijacking attacks?
session hijackingsession securitysession exploitationactive session attacks - Question #59Ethical Hacking Fundamentals
Which type of malware is specifically designed to remain hidden while providing attackers persistent privileged access?
RootkitsMalware TypesPrivilege EscalationPersistence - Question #60Wireless Network Security
What feature is essential for IoT devices to adapt and respond to their environments?
Real-time data processingIoT adaptationSensor dataResponsive systems - Question #61Attacks and Countermeasures
What is a common countermeasure against rainbow table attacks?
rainbow table attackspassword hashingsalted hashescryptographic security - Question #62Ethical Hacking Fundamentals
What is a crucial guideline to follow when conducting penetration testing?
authorizationpenetration testingethical hackinglegal compliance - Question #63Web Application Security
How does understanding the web application architecture assist in securing it?
Web Application ArchitectureVulnerability IdentificationData ExposureSecurity Assessment - Question #64Attacks and Countermeasures
Which method involves guessing passwords through an automated process of trial and error?
Brute Force AttackPassword CrackingAuthenticationAttack Methods - Question #65Attacks and Countermeasures
Which type of malware is designed to steal sensitive information from a system?
malware typesspywareinformation theftsystem threats - Question #66Attacks and Countermeasures
Which type of attack floods a network with excessive traffic to render a service unavailable?
Denial of ServiceNetwork AttacksService AvailabilityTraffic Flooding - Question #67Attacks and Countermeasures
What is the main goal of password cracking?
password crackingunauthorized accessauthentication attackssystem compromise - Question #68Ethical Hacking Fundamentals
What is considered a fundamental characteristic of IoT devices?
IoT devicesNetwork connectivityDevice interconnectivityCommunication protocols - Question #69Wireless Network Security
What is the purpose of Mobile Device Management (MDM) in an enterprise?
Mobile Device ManagementEnterprise SecurityDevice ControlNetwork Access - Question #70Attacks and Countermeasures
What is the outcome of a successful vulnerability exploitation?
vulnerability exploitationunauthorized accesssystem compromiseexploitation outcomes - Question #71Attacks and Countermeasures
Which of the following is a common attack vector for mobile devices?
Mobile securitySmishingPhishing attacksSocial engineering - Question #72Ethical Hacking Fundamentals
Which of the following best defines a 'threat actor'?
Threat ActorVulnerability ExploitationSecurity FundamentalsRisk Assessment - Question #73Web Application Security
What mechanism is typically exploited in a Cross-Site Request Forgery (CSRF) attack?
CSRFAuthentication TrustWeb SecuritySession Management - Question #74Ethical Hacking Fundamentals
Which of the following is a primary security concern associated with container technology?
Container securityContainer sprawlInfrastructure managementDevOps risks - Question #75Attacks and Countermeasures
Which of the following is a strong indicator of a potential insider threat?
insider threatsbehavioral indicatorsdata exfiltrationthreat detection - Question #76Web Application Security
Which attack involves inserting malicious SQL statements into a web application's input fields?
SQL InjectionWeb Application AttacksInput ValidationDatabase Security - Question #77Wireless Network Security
Which wireless encryption method is currently considered the most secure?
wireless encryptionWPA3encryption standardswireless security - Question #78Attacks and Countermeasures
Which of the following is an example of a social engineering technique?
social engineeringpretextingattack classificationhacking techniques - Question #79Ethical Hacking Fundamentals
Which cloud computing service model provides the user with the highest level of control over the operating systems, applications, and network?
Cloud Computing ModelsIaaSService ModelsControl Levels - Question #80Ethical Hacking Fundamentals
What is a primary ethical consideration for an ethical hacker?
ethical-hackingdata-confidentialityprofessional-ethicsresponsible-disclosure - Question #81Attacks and Countermeasures
Which type of attack uses a precomputed table of hash values to recover a password?
rainbow tablespassword attackshash functionspassword recovery - Question #82Attacks and Countermeasures
What is an effective countermeasure for mitigating DDoS attacks?
DDoS mitigationRate limitingNetwork defenseCountermeasures - Question #83Attacks and Countermeasures
Which type of attack involves taking control of multiple IoT devices to launch coordinated attacks?
DDoS attacksBotnetsIoT SecurityAttack Vectors - Question #84Ethical Hacking Fundamentals
Which standard provides a framework for managing sensitive company information?
ISO 27001Information Security ManagementSensitive Data ProtectionSecurity Standards - Question #85Attacks and Countermeasures
What is the primary goal of the 'Exploitation' stage in the Cyber Kill Chain?
Cyber Kill ChainExploitation PhaseNetwork AccessAttack Methodology - Question #86Attacks and Countermeasures
Which of the following is a common password cracking technique?
password crackingbrute force attackauthentication attacksattack methods - Question #87Information Gathering and Vulnerability Analysis
What is a primary security concern with IoT devices?
IoT SecurityDefault CredentialsDevice ConfigurationVulnerability Analysis - Question #88Wireless Network Security
Which attack involves unauthorized access to or theft of information from a Bluetooth device?
BluesnarfingBluetooth attacksUnauthorized accessWireless security - Question #89Attacks and Countermeasures
Which of the following is a common threat to cloud computing environments?
Cloud SecurityAPI VulnerabilitiesInterface SecurityCloud Threats - Question #90Ethical Hacking Fundamentals
What principle is aimed at minimizing the number of individuals who have access to secure information?
principle of least privilegeaccess controlprivilege managementinformation security - Question #91Attacks and Countermeasures
What is a primary feature of the Ophcrack tool?
password crackingrainbow tableshash crackingWindows authentication - Question #92Attacks and Countermeasures
What is a common method to prevent malware spread in an organization?
Malware PreventionSoftware PatchingVulnerability ManagementSecurity Hardening - Question #93Web Application Security
Which of the following is an example of a tool used in penetration testing for web applications?
web application penetration testingBurp Suitepentesting toolsvulnerability assessment - Question #94Attacks and Countermeasures
Which attack is characterized by overwhelming a target with traffic from multiple sources?
DDoS attackDenial of ServiceNetwork attacksTraffic-based attacks - Question #95Attacks and Countermeasures
Which practice should be implemented to secure a cloud environment effectively?
Cloud SecurityData EncryptionAuthenticationBest Practices - Question #96Ethical Hacking Fundamentals
Which of the following is a type of malware?
malwarevirusmalware typessecurity fundamentals - Question #97Attacks and Countermeasures
Which password cracking technique uses precomputed hash values?
rainbow tablespassword crackingprecomputed hashescryptographic attacks - Question #98Wireless Network Security
Which wireless-specific attack involves capturing and analyzing Wi-Fi traffic on a network?
wireless sniffingtraffic analysispacket captureWi-Fi reconnaissance - Question #99Ethical Hacking Fundamentals
In which phase of the hacking cycle does the hacker maintain access to use the network as a launch pad for other attacks?
Hacking CycleMaintaining AccessPost-ExploitationAttack Phases - Question #100Web Application Security
What is the main goal of Cross-Site Scripting (XSS) attacks?
XSSWeb VulnerabilityScript InjectionClient-side Attack