312-50V9 Practice Questions

What kind of risk will remain even if all theoretically possible safety measures would be applied?

While doing a Black box pen test via the TCP port (80), you noticed that the traffic gets blocked when you tried to pass IRC traffic from a web enabled host. However, you also noti...

It is a widely used standard for message logging. It permits separation of the software that generates messages, the system that stores them, and the software that reports and anal...

While doing a technical assessment to determine network vulnerabilities, you used the TCP XMAS scan. What would be the response of all open ports?

Which of the following tools is used by pen testers and analysts specifically to analyze links between data using link analysis and graphs?

If you are to determine the attack surface of an organization, which of the following is the BEST thing to do?

What is the best Nmap command to use when you want to list all devices in the same network quickly after you successfully identified a server whose IP address is 10.10.0.5?

You've just discovered a server that is currently active within the same network with the machine you recently compromised. You ping it but it did not respond. What could be the ca...

What tool should you use when you need to analyze extracted metadata from files you collected when you were in the initial stage of penetration test (information gathering)?

Which of the following is NOT an ideal choice for biometric controls?

While you were gathering information as part of security assessments for one of your clients, you were able to gather data that show your client is involved with fraudulent activit...

In order to prevent particular ports and applications from getting packets into an organization, what does a firewall check?

Suppose you've gained access to your client's hybrid network. On which port should you listen to in order to know which Microsoft Windows workstations has its file sharing enabled?

Which of the following BEST describes the mechanism of a Boot Sector Virus?

What is the term coined for logging, recording and resolving events in a company?

XOR is a common cryptographic tool. 10110001 XOR 00111010 is?

A server has been infected by a certain type of Trojan. The hacker intended to utilize it to send and host junk mails. What type of Trojan did the hacker use?

First thing you do every office day is to check your email inbox. One morning, you received an email from your best friend and the subject line is quite strange. What should you do...

LM hash is a compromised password hashing function. Which of the following parameters describe LM Hash:?

Defining rules, collaborating human workforce, creating a backup plan, and testing the plans are within what phase of the Incident Handling Process?

Which of the following BEST describes how Address Resolution Protocol (ARP) works?

Which of the following is a form of penetration testing that relies heavily on human interaction and often involves tricking people into breaking normal security procedures?

What tool and process are you going to use in order to remain undetected by an IDS while pivoting and passing traffic over a server you've compromised and gained root access to?

You've just gained root access to a Centos 6 server after days of trying. What tool should you use to maintain access?

What type of malware is it that restricts access to a computer system that it infects and demands that the user pay a certain amount of money, cryptocurrency, etc. to the operators...

The following are types of Bluetooth attack EXCEPT_____?

Which of the following is the BEST approach to prevent Cross-site Scripting (XSS) flaws?

A possibly malicious sequence of packets that were sent to a web server has been captured by an Intrusion Detection System (IDS) and was saved to a PCAP file. As a network administ...

Which of the following is the BEST way to protect Personally Identifiable Information (PII) from being exploited due to vulnerabilities of varying web applications?

A new wireless client that is 802.11 compliant cannot connect to a wireless network given that the client can see the network and it has compatible hardware and software installed....

This configuration allows NIC to pass all traffic it receives to the Central Processing Unit (CPU), instead of passing only the frames that the controller is intended to receive. S...

Which of the following is designed to verify and authenticate individuals taking part in a data exchange within an enterprise?

A software tester is randomly generating invalid inputs in an attempt to crash the program. Which of the following is a software testing technique used to determine if a software p...

What would you type on the Windows command line in order to launch the Computer Management Console provided that you are logged in as an admin?

Which of the following is a wireless network detector that is commonly found on Linux?

Which specific element of security testing is being assured by using hash?

Which of the following is a restriction being enforced in "white box testing?"

Which of the following is a vulnerability in GNU's bash shell (discovered in September of 2014) that gives attackers access to run remote commands on a vulnerable system?

When security and confidentiality of data within the same LAN is of utmost priority, which IPSec mode should you implement?

Jack was attempting to fingerprint all machines in the network using the following Nmap syntax: invictus@victim_server:~$ nmap -T4 -0 10.10.0.0/24 TCP/IP fingerprinting (for OS sca...

While performing online banking using a Web browser, Kyle receives an email that contains an image of a well-crafted art. Upon clicking the image, a new tab on the web browser open...

A hacker was able to easily gain access to a website. He was able to log in via the frontend user login form of the website using default or commonly used credentials. This exploit...

Supposed you are the Chief Network Engineer of a certain Telco. Your company is planning for a big business expansion and it requires that your network authenticate users connectin...

Which type of cryptography does SSL, IKE and PGP belongs to?

A recent security audit revealed that there were indeed several occasions that the company's network was breached. After investigating, you discover that your IDS is not configured...

Which of the following is a hardware requirement that either an IDS/IPS system or a proxy server must have in order to properly function?

Which of the following is an application that requires a host application for replication?

A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking att...

Which of the following can the administrator do to verify that a tape backup can be recovered in its entirety?

Which of the following describes the characteristics of a Boot Sector Virus?