412-79V10 Exam Questions

Jason, a penetration tester, and after completing the initial penetration test, he wanted to create a final penetration test report that consists of all activities performed throug...

Penetration testers are required to follow predefined standard frameworks in making penetration testing reporting formats. Which of the following standards does NOT follow the comm...

You have implemented DNSSEC on your primary internal DNS server to protect it from various DNS attacks. Network users complained they are not able to resolve certain domain's IP ad...

Ross performs security test on his company's network assets and creates a detailed report of all the findings. In his report, he clearly explains the methodological approach that h...

JUA Networking Solutions is a group of certified ethical hacking professionals with a large client base. Stanley works as a penetrating tester at this firm. Future Tech Solutions h...

A senior security analyst at Roger Data Systems Inc. The company asked him to perform a database penetration test on its client network to determine whether the database is vulnera...

A penetration tester in a pen test firm, was asked to get the information about the SMTP server on a target network. What does William need to do to get the SMTP server information...

James is a security consultant at Big Software Pvt Ltd. He is an expert in Footprinting and Social engineering tasks. His team lead tasked him to find details about the domain of h...

Nick is a penetration tester in Stenbiz Ltd. As a part of his duty, he was analyzing the network traffic by using various filters in the Wireshark tool. While sniffing the network...

You are enumerating a target system. Which of the following PortQry commands will give a result similar to the screenshot below: currentDate: 07/10/2015 12:13:28 (unadjusted GMT) s...

Sam is a penetration tester and network admin at McLaren & McLaren. based out of Washington. The company has recently deployed IPv6 in their network. Sam was monitoring the network...

A network admin working in Zero Faults Inc. Recently the company's network was compromised and is experiencing very unusual traffic. Dale checks for the packets and monitors all th...

What is the objective of the following bash script? 1 #!/bin/bash 2 !put clear 3 !put host identification 4 echo "Please enter the scan range." 5 echo "Here you are going to perfor...

TBC Technologies, a large financial company, hired a penetration tester to do physical penetration testing. On the first day of his assignment, the penetration tester walked around...

An attacker with a malicious intention decided to hack confidential data from the target organization. For acquiring such information, he started testing IoT devices that are conne...

Greg, an ethical hacker, after investing in their startup company called Zamtao Ltd., developed a new web application for their company. Before hosting the application, they want t...

Rex is an ex-employee of Netabb Ltd. with bruised feelings due to his layoff, tries to take revenge against the company. He randomly tried several attacks against the organization....

A developer is trying to access the internal website of his company. When he opened a webpage, he received an error message notifying "Proxy Authentication Required". He approached...

Arrange the WEP cracking process in the correct order: I. aircrack-ng -a 1 -f 1000 -e SECRET_SSID -w /root/wordlist.txt -b 00:11:22:33:44:55 wlan0 II. airmon-ng start eth1 III. air...

Recently, Jacob was assigned a project to test the perimeter security of one of a client. As part of the project, Jacob wants to test whether or not a particular port on the firewa...

During testing of a test network, Paul sends TCP probe packets with the ACK flag set to a remote device and then analyzes the header information (TTL and Window Size). Paul is inte...

Rebecca works as a Penetration Tester in a security service firm named Xsecurity. Rebecca placed a sniffer on a subnet residing deep inside the client's network. She used the Firew...

George, a reputed ethical hacker and penetration testing consultant, was hired by FNB Services, a startup financial services company, to audit the security of their applications an...

An organization hosted a website to provide services to its customers. A visitor of this website has reported a complaint to the organization that they are getting an HTTP error me...

Which of the following statements highlights the difference between a vulnerability assessment and a penetration test?

Adam found a pen drive in his company's parking lot. He connected it to his system to check the content. On the next day, he found that someone has logged into his company email ac...

Russell, a penetration tester after performing the penetration testing, wants to create a report so that he can provide details of the testing process and findings of the vulnerabi...

Lee established a new startup where they develop android applications. In order to meet memory requirements of the company, Lee has hired a Cloud Service Provider, who offered memo...

Jeffry, a penetration tester in Repotes Solutions Pvt. Ltd., is facing a problem in testing the firewall. By consulting other penetration testers and considering other alternatives...

WallSec Inc. has faced several network security issues in the past and hired Williamson, a professional pentester, to audit its information systems. Before starting his task, Willi...

Tom is a networking manager in XYZ Inc. He and his team were assigned the task to store and update the confidential files present on a remote server using various network protocols...

Dave, a penetration tester and I are attempting to extract password hashes from the Oracle database. Which of the following utilities should Dave employ in order to brute-force pas...

Which of the following tasks is done after submitting the final pen testing report?

Sam is building a web application for SQL injection vulnerabilities. During the testing, Sam discovered that the web application is vulnerable to SQL injection. He soon discovered...

Stanley, a pen tester needs to perform various tests to detect SQL injection vulnerabilities. He has to make a list of all input fields whose values could be used in SQL queries. H...

During the reconnaissance phase of a penetration test, you discovered that the client has deployed a firewall that only checks the TCP header information. Which of the following te...

A month ago, Jason, a software developer at a reputed IT firm was surfing through his company's website. He was visiting random pages of the company's website and he found that he...

TechSolutions Ltd. is a leading security services company. Matthew works as a penetrating tester with this firm. He was asked to gather information about the target company. Matthe...

Analyze the packet capture from Wireshark below and mark the correct statement.

Sarah, a penetration tester at JK Hopes & Sons based in Las Vegas. As a part of the penetration testing, she was asked to perform the test without exposing the test to anyone else...

Henderson has completed the pen testing tasks. He is now compiling the final report for the client. Henderson needs to include the result of scanning that revealed some SQL injecti...

Which of the following SQLMAP commands will allow you to test if a parameter in a target URL is vulnerable to SQL injection (injectable)?

John, a security analyst working for LeoTech organization, was asked to perform penetration testing on the client organizational network. In this process, he used a methodology whe...

Which of the following acts provides federal protections for personal health information held by covered entities and gives patients an array of rights with respect to that informa...

What is the purpose of a Get-Out-of-Jail-Free card in a pen testing engagement?

Watson, a Penetrating test engineer at neo security services. The company found its wireless network operating in an unusual manner, with signs that a possible cyber attack might h...

A penetration tester at TechSoft Inc. based in Singapore. The company assigned him the task of conducting penetration test on the loT devices connected to the corporate network. As...

Identify the attack from the description below: I. The attacker sends an ARP packet to the network II. The attacker spoofs the ARP messages on the network III. An attacker eavesdro...

Nancy is the network admin at Society Technology Ltd. When she is trying to send data packets from one network (Token-ring) to another network (Ethernet), she receives an error mes...

John is a penetration tester who wants to perform port scan on the DNS Server (IP address: 192.168.0.124) and wants to identify how many services/applications are running on the DN...