Browse Exams Pricing

Exams112-52Questions

112-52 Exam Questions

175 real 112-52 exam questions with expert-verified answers and explanations. Page 3 of 4.

Question #101Ethical Hacking Fundamentals
Which of the following is a core principle of the CIA triad?
CIA TriadConfidentialityInformation Security Fundamentals
Question #102Attacks and Countermeasures
Which technique helps mitigate DoS and DDoS attacks by controlling traffic flow?
DoS/DDoS mitigationRate limitingTraffic controlAttack countermeasures
Question #103Wireless Network Security
Which countermeasure can mitigate the risk of a rogue access point?
Rogue Access PointWireless AuditsAP DetectionWireless Countermeasures
Question #104Information Gathering and Vulnerability Analysis
Which of the following is a common method used in identity theft?
Identity TheftSocial EngineeringPhysical SecurityInformation Gathering
Question #105Attacks and Countermeasures
What is the MOST effective countermeasure against packet sniffing?
packet sniffingencryptionHTTPSnetwork countermeasures
Question #106Ethical Hacking Fundamentals
What is a key security concern when using public cloud services?
cloud securitydata visibilitydata controlshared responsibility
Question #107Information Gathering and Vulnerability Analysis
Which device is commonly used to perform packet sniffing?
Packet sniffingNetwork devicesHub broadcastNetwork reconnaissance
Question #108Attacks and Countermeasures
Which type of sniffing technique is used on a switch-based network?
MAC floodingNetwork sniffingSwitch exploitationLayer 2 attacks
Question #109Attacks and Countermeasures
Which phase in the mobile attack anatomy involves exploiting a vulnerability to gain unauthorized access?
Mobile Attack PhasesExploitationVulnerability ExploitationUnauthorized Access
Question #110Attacks and Countermeasures
Which countermeasure is effective in protecting cloud environments against data breaches?
Multi-factor authenticationCloud securityData breach preventionAccess control
Question #111Attacks and Countermeasures
Which of the following BEST helps prevent session hijacking?
session-hijackinghttps-encryptiontransport-securityweb-cookies
Question #112Attacks and Countermeasures
Which action MOST improves IoT device security?
default credentialsIoT securitydevice hardeningauthentication
Question #113Attacks and Countermeasures
Which stage of the Cyber Kill Chain involves delivering the weaponized payload to the target?
Cyber Kill ChainDelivery StageAttack PhasesPayload Transmission
Question #114Ethical Hacking Fundamentals
What is the primary focus of Operational Technology (OT) systems?
Operational Technology (OT)Physical Device ControlICS/SCADACritical Infrastructure
Question #115Ethical Hacking Fundamentals
Which phase of penetration testing involves attempting to exploit identified vulnerabilities?
Penetration TestingExploitation PhaseVulnerability TestingMethodology
Question #116Information Gathering and Vulnerability Analysis
In the context of vulnerability assessment, what is the significance of false positives?
false positivesvulnerability assessmentscanning accuracysecurity testing
Question #117Ethical Hacking Fundamentals
What is the purpose of the Health Insurance Portability and Accountability Act (HIPAA)?
HIPAAHealthcare SecurityCompliancePrivacy
Question #118Ethical Hacking Fundamentals
Which statement BEST describes a limitation of ethical hacking?
ethical hacking limitationssecurity assurancerisk managementpenetration testing
Question #119Ethical Hacking Fundamentals
Ethical hackers should follow which important guideline?
Ethical principlesVulnerability disclosureProfessional responsibilityStakeholder communication
Question #120Ethical Hacking Fundamentals
What primarily distinguishes a grey hat hacker from a black hat hacker?
Hacker ClassificationLegality and IntentEthical HackingThreat Actors
Question #121Attacks and Countermeasures
Which of the following is an effective countermeasure against cloud-based data breaches?
Cloud Data EncryptionEncryption at Rest/TransitData Breach PreventionAccess Control
Question #122Web Application Security
What is an effective countermeasure against web server attacks?
input validationsanitizationinjection preventionweb security
Question #123Ethical Hacking Fundamentals
The term ethical hacking is defined by which of the following actions?
ethical hackingpenetration testingauthorized testingsecurity assessment
Question #124Attacks and Countermeasures
An attacker tries every possible password combination systematically. What attack is this?
brute-forcepassword-attacksattack-typescredential-compromise
Question #125Web Application Security
Which SQL injection character is commonly used to comment out the rest of a SQL query?
SQL InjectionComment SyntaxSQL PayloadQuery Manipulation
Question #126Web Application Security
Which type of XSS is stored on the server and executed when users access the page?
XSS VulnerabilityStored XSSWeb Application AttackServer-side Execution
Question #127Attacks and Countermeasures
Which attack sends a massive number of ICMP echo requests?
ICMPDenial of ServicePing FloodDoS Attack
Question #128Web Application Security
Which of the following statements about SQL injection attacks is true?
SQL InjectionDatabase SecurityWeb Application AttacksInput Validation
Question #129Ethical Hacking Fundamentals
In the context of information security, what does the 'CIA triad' stand for?
CIA TriadConfidentialityIntegrityAvailability
Question #130Web Application Security
Which attack targets the configuration and administration of the web server itself?
directory traversalpath traversalweb server configurationfile access attacks
Question #131Attacks and Countermeasures
Which is the MOST effective countermeasure against social engineering attacks?
Social EngineeringSecurity AwarenessCountermeasuresHuman Security
Question #132Wireless Network Security
Which term refers to an unauthorized device that connects to a wireless network?
rogue access pointwireless securityunauthorized accessnetwork threats
Question #133Attacks and Countermeasures
What technique involves the social engineer pretending to be someone else to obtain sensitive information?
Social EngineeringPretextingInformation GatheringAttack Techniques
Question #134Ethical Hacking Fundamentals
Which activity is outside the scope of an ethical hacker?
Ethical Hacking ScopeLegal BoundariesDDoS AttacksResponsible Disclosure
Question #135Information Gathering and Vulnerability Analysis
Which of the following is typically identified during a vulnerability assessment?
vulnerability assessmentsoftware vulnerabilitiespatch managementthreat identification
Question #136Attacks and Countermeasures
What is the purpose of the post-exploitation phase in penetration testing?
Post-exploitationPenetration TestingData ValuationPenetration Testing Phases
Question #137Web Application Security
Which of the following is a key component of web application security?
TLS/SSLData EncryptionHTTPSTransport Security
Question #138Information Gathering and Vulnerability Analysis
In which phase of penetration testing is information gathered to identify potential targets and their vulnerabilities?
Penetration Testing PhasesInformation GatheringDiscovery PhaseVulnerability Identification
Question #139Ethical Hacking Fundamentals
What is a key benefit of conducting penetration testing?
Penetration TestingCompliance ValidationSecurity AssessmentRisk Identification
Question #140Ethical Hacking Fundamentals
Which type of hacker works ethically to improve system security?
White HatHacker ClassificationsEthical HackingSecurity Ethics
Question #141Web Application Security
Which of the following is a web application attack?
Cross-Site Scripting (XSS)Web Application AttacksClient-Side SecurityWeb Vulnerabilities
Question #142Attacks and Countermeasures
What is an effective countermeasure against pretexting?
pretextingsocial engineeringemployee awareness trainingcountermeasures
Question #143Wireless Network Security
Which wireless encryption standard provides the highest level of security?
WPA3wireless encryption802.11 standardsnetwork security
Question #144Attacks and Countermeasures
In the context of network security, what is session hijacking?
Session HijackingSession ManagementMan-in-the-MiddleAuthentication
Question #145Information Gathering and Vulnerability Analysis
What is the primary purpose of a packet sniffer?
Packet SniffingNetwork Traffic AnalysisNetwork MonitoringReconnaissance
Question #146Web Application Security
Which technique is MOST effective in preventing SQL Injection attacks?
SQL InjectionInput ValidationPrepared StatementsWeb Application Security
Question #147Attacks and Countermeasures
Which of the following is a common cloud computing threat?
Cloud securityData breachesCloud threatsRisk assessment
Question #148Attacks and Countermeasures
Which of the following is a sign of a potential vishing attack?
VishingSocial EngineeringVoice PhishingPhishing Attacks
Question #149Information Gathering and Vulnerability Analysis
Which technique allows an attacker to see data in transit over a network?
Network SniffingData InterceptionPacket CaptureNetwork Reconnaissance
Question #150Ethical Hacking Fundamentals
Which type of hacker is considered ethical and works with organizations to improve their security?
White Hat HackerEthical HackingHacker ClassificationsSecurity Professional

PreviousPage 3 of 4Next

study smarter, certify faster.

Product

Browse Exams
Pricing
PDF Downloads

Resources

Blog
Glossary
Topics
FAQ
Contact Us

Legal

Terms of Service
Privacy Policy
Cookie Policy
DMCA
Refund Policy

Company

About
Contact

© 2026 NerdExam. All rights reserved.Built for IT professionals

NerdExam is a trading name of WADL Solutions Limited, a company incorporated in Hong Kong (CR# 80143234). Registered office: Unit 2904-05, 29/F, Universal Trade Centre, 3 Arbuthnot Road, Central, Hong Kong.

CompTIA, AWS, Cisco, Microsoft, Google Cloud, Oracle, VMware, and other certification names referenced on this site are trademarks of their respective owners. NerdExam is not affiliated with, endorsed by, or sponsored by any certification vendor.