312-50V9 Practice Questions

What network security concept requires multiple layers of security controls to be placed throughout an IT infrastructure, which improves the security posture of an organization to...

Scenario: 1. Victim opens the attacker's web site. 2. Attacker sets up a web site which contains interesting and attractive content like 'Do you want to make $1000 in a day?'. 3. V...

If there is an Intrusion Detection System (IDS) in intranet, which port scanning technique cannot be used?

What is correct about digital signatures?

What is not a PCI compliance recommendation?

Which Intrusion Detection System is best applicable for large environments where critical assets on the network need extra security and is ideal for observing sensitive network seg...

An attacker is using nmap to do a ping sweep and a port scanning in a subnet of 254 addresses. In which order should he perform these steps?

What mechanism in Windows prevents a user from accidentally executing a potentially malicious batch (.bat) or PowerShell (.ps1) script?

Which of the following areas is considered a strength of symmetric key cryptography when compared with asymmetric algorithms?

By using a smart card and pin, you are using a two-factor authentication that satisfies

What is the difference between the AES and RSA algorithms?

Which of the following programming languages is most susceptible to buffer overflow attacks, due to its lack of a built-in-bounds checking mechanism? Code: #include <string.h> int...

The security administrator of ABC needs to permit Internet traffic in the host 10.0.0.2 and UDP traffic in the host 10.0.0.3. Also he needs to permit all FTP traffic to the rest of...

Bob received this text message on his mobile phone: ""Hello, this is Scott Smelby from the Yahoo Bank. Kindly contact me for a vital transaction on: [email protected]"". Which...

In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account's confidential files and information. How ca...

Which of the following will perform an Xmas scan using NMAP?

As an Ethical Hacker you are capturing traffic from your customer network with Wireshark and you need to find and verify just SMTP traffic. What command in Wireshark will help you...

Which service in a PKI will vouch for the identity of an individual or company?

In IPv6 what is the major difference concerning application layer vulnerabilities compared to IPv4?

In which phase of the ethical hacking process can Google hacking be employed? This is a technique that involves manipulating a search string with specific operators to search for v...

Which type of security feature stops vehicles from crashing through the doors of a building?

........is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communic...

Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?

What attack is used to crack passwords by using a precomputed table of hashed passwords?

Your next door neighbor, that you do not get along with, is having issues with their network, so he yells to his spouse the network's SSID and password and you hear them both clear...

Shellshock had the potential for an unauthorized user to gain access to a server. It affected many internet- facing services, which OS did it not directly affect?

You want to analyze packets on your wireless network. Which program would you use?

It has been reported to you that someone has caused an information spillage on their computer. You go to the computer, disconnect it from the network, remove the keyboard and mouse...

What is the code written for? #!/usr/bin/python import socket buffer=["A"] counter=50 while len(buffer)<=100: buffer.apend ("A"*counter) counter=counter+50 commands=["HELP","STATS....

An enterprise recently moved to a new office and the new neighborhood is a little risky. The CEO wants to monitor the physical perimeter and the entrance doors 24 hours. What is th...

Which of the following is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal condi...

There are several ways to gain insight on how a cryptosystem works with the goal of reverse engineering the process. A term describes when two pieces of data result in the same val...

Which of the following security policies defines the use of VPN for gaining access to an internal corporate network?

One of the Forbes 500 companies has been subjected to a large scale attack. You are one of the shortlisted pen testers that they may hire. During the interview with the CIO, he emp...

Which of the following is an NMAP script that could help detect HTTP Methods such as GET, POST, HEAD, PUT, DELETE, TRACE?

Which of the following is the most important phase of ethical hacking wherein you need to spend considerable amount of time?

It is a short-range wireless communication technology that allows mobile phones, computers and other devices to connect and communicate. This technology intends to replace cables c...

Matthew received an email with an attachment named "YouWon$10Grand.zip." The zip file contains a file named "HowToClaimYourPrize.docx.exe." Out of excitement and curiosity, Matthew...

Which among the following is a Windows command that a hacker can use to list all the shares to which the current user context has access?

What is the approximate cost of replacement and recovery operation per year of a hard drive that has a value of $300 given that the technician who charges $10/hr would need 10 hour...

Knowing the nature of backup tapes, which of the following is the MOST RECOMMENDED way of storing backup tapes?

Which of the following tools would MOST LIKELY be used to perform security audit on various of forms of network systems?

Security and privacy of/on information systems are two entities that requires lawful regulations. Which of the following regulations defines security and privacy controls for Feder...

A big company, who wanted to test their security infrastructure, wants to hire elite pen testers like you. During the interview, they asked you to show sample reports from previous...

You are about to be hired by a well known Bank to perform penetration tests. Which of the following documents describes the specifics of the testing, the associated violations, and...

The practical realities facing organizations today make risk response strategies essential. Which of the following is NOT one of the five basic responses to risk?

A company recently hired your team of Ethical Hackers to test the security of their network systems. The company wants to have the attack be as realistic as possible. They did not...

TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. Which of the following tools...

The chance of a hard drive failure is known to be once every four years. The cost of a new hard drive is $500. EF (Exposure Factor) is about 0.5. Calculate for the Annualized Loss...

Backing up data is a security must. However, it also have certain level of risks when mishandled. Which of the following is the greatest threat posed by backups?