312-50V9 Practice Questions

Risks = Threats x Vulnerabilities is referred to as the:

Which of the following is designed to identify malicious attempts to penetrate systems?

Which of the following is a low-tech way of gaining unauthorized access to systems?

PGP, SSL, and IKE are all examples of which type of cryptography?

Which method of password cracking takes the most time and effort?

What is the most common method to exploit the "Bash Bug" or "ShellShock" vulnerability?

Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

Which of the following tools is used to analyze the files produced by several packet-capture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?

Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?

Windows file servers commonly hold sensitive files, databases, passwords and more. Which of the following choices would be a common vulnerability that usually exposes them?

While conducting a penetration test, the tester determines that there is a firewall between the tester's machine and the target machine. The firewall is only monitoring TCP handsha...

A company firewall engineer has configured a new DMZ to allow public systems to be located away from the internal network. The engineer has three security zones set: Untrust (Inter...

A circuit level gateway works at which of the following layers of the OSI Model?

Which of the following is a symmetric cryptographic standard?

A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new docume...

Which property ensures that a hash function will not produce the same hashed value for two different messages?

How can telnet be used to fingerprint a web server?

Low humidity in a data center can cause which of the following problems?

A consultant is hired to do physical penetration testing at a large financial company. In the first day of his assessment, the consultant goes to the company`s building dressed lik...

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's computer to update the router confi...

While performing data validation of web content, a security technician is required to restrict malicious input. Which of the following processes is an efficient way of restricting...

A covert channel is a channel that

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

Least privilege is a security concept that requires that a user is

If the final set of security controls does not eliminate all risk in a system, what could be done next?

What is one thing a tester can do to ensure that the software is trusted and is not changing or tampering with critical data on the back end of a system it is loaded on?

Which of the following examples best represents a logical or technical control?

It is an entity or event with the potential to adversely impact a system through unauthorized access, destruction, disclosure, denial of service or modification of data. Which of t...

As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing. What document describes the specifics o...

Initiating an attack against targeted businesses and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. Th...

You have successfully gained access to your client's internal network and successfully comprised a Linux server which is part of the internal IP network. You want to know which Mic...

It is a short-range wireless communication technology intended to replace the cables connecting portable of fixed devices while maintaining high levels of security. It allows mobil...

A hacker has successfully infected an internet-facing server which he will then use to send junk mail, take part in coordinated attacks, or host junk email content. Which sort of t...

You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection Syste...

It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. This malware generates a pop-up window, webpage, or...

Which NMAP command combination would let a tester scan every TCP port from a class C network that is blocking ICMP with fingerprinting and service detection?

While checking the settings on the internet browser, a technician finds that the proxy server settings have been checked and a computer is trying to use itself as a proxy server. W...

A company has five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and 192.168.5.0. How can NMAP be used to scan these adjacent Class C networks?

A penetration tester is attempting to scan an internal corporate network from the internet without alerting the border sensor. Which is the most efficient technique should the test...

A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?

ICMP ping and ping sweeps are used to check for active systems and to check

Which command line switch would be used in NMAP to perform operating system detection?

A hacker is attempting to use nslookup to query Domain Name Service (DNS). The hacker uses the nslookup interactive mode for the search. Which command should the hacker type into t...

A hacker searches in Google for filetype:pcf to find Cisco VPN config files. Those files may contain connectivity passwords that can be decoded with which of the following?

An NMAP scan of a server shows port 25 is open. What risk could this pose?

When utilizing technical assessment methods to assess the security posture of a network, which of the following techniques would be most effective in determining whether end-user s...

A company has publicly hosted web applications and an internal Intranet protected by a firewall. Which technique will help protect against enumeration?

Which of the following techniques will identify if computer files have been changed?

What are two things that are possible when scanning UDP ports? (Choose two)

What does a type 3 code 13 represent?(Choose two.