412-79V10 Exam Questions

Unison, an employee in Sidtac Ltd., notices a USB flash drive on the pavement of the company. Before he could hand it over to the security guard, he tries to insert it into his com...

Anthony, a UK-based bank hired Anthony, to perform a penetration test for the bank. Anthony began performing lookups on the bank's DNS servers, reading news articles online about t...

Which of the following information security acts enables to ease the transfer of financial information between institutions and banks while making the rights of the individual thro...

Henderson at TechSoft Solutions is performing penetration testing on the critical IT assets of the company. As part of this process, he is simulating the method employed by a red t...

John is a newly appointed penetration testing manager in ABC Ltd. He is assigned a task to build a penetration testing team and asked to justify the return on investment (ROI) for...

A penetration tester at Trinity Ltd. is performing IoT device testing. As part of this process, he is checking the IoT devices for open ports using port scanners such as Nmap and M...

Peter is working on a pen testing assignment. During the reconnaissance phase, Peter discovered that the client's SYSLOG systems are taken off for four hours every weekday for main...

Andrew, a leading cyber security provider who recently hired Andrew, a security analyst. He was assigned the task of identifying vulnerabilities in the NFC devices by performing an...

Joe works as an engagement team lead with Xsecurity Inc. His pen testing team follows all the standard pentesting procedures. However, one of the team members wants to add another...

A recent study from MyTech Technologies found that three of the most popular websites are having most commonly exploitable flaw in their web applications. MyTech Technologies condu...

Stuart is a penetration tester working with Regional Server Technologies. He was asked by the company to identify the vulnerabilities in its SQL database. Stuart wanted to perform...

A web application developer is writing code for validating the user input. His aim is to verify the user input against a list of predefined negative inputs to ensure that the user...

Mark, a professional hacker, decided to bring down the services provided by the target organization. In the initial information-gathering stage, he detected some vulnerabilities in...

Alex is a social media editor for Early Times. identified that there are exploitable zero-day vulnerabilities in many of the open source protocols and common file formats software...

Martin is a professional Ethical Hacker and Penetration Tester. He is an ESCA certified professional and was following the LPT methodology to perform the penetration testing. He is...

A network administrator and he is configuring the Active Directory roles in the primary domain controller (DC) server. Whilst configuring the Flexible Single Master Operation (FSMO...

A penetration tester and security expert. He works at Sam Morrison Inc. based in Detroit. He was assigned to do an external penetration testing on one of its clients. Before diggin...

David is working on a pen testing assignment as a junior consultant. His supervisor told him to test a web application for SQL injection. The supervisor also mentioned that some fu...

Adam is working as a senior penetration tester at Eon Tech Services Ltd. The company asked him to perform penetration testing on their database. The company has provided Adam with...

Analyze the ICMP packet below and mark the correct statement. Ethernet II, Src: Dell_c3:b6:31 (d4:be:d9:c3:b6:31), Dst: 0f:1b:1e:02:c1 (c4:0f:1b:1e:02:c1) Internet Protocol Version...

Smith, a pen tester, has been hired to analyze the security posture of an organization and is trying to find the operating systems used in the network using Wireshark. What can be...

Harry, a penetration tester in SqlSac Solutions Ltd., is trying to check if his company's SQL server database is vulnerable. He also wants to check if there are any unpatched versi...

An organization recently faced a cyberattack where an attacker captured legitimate user credentials and gained access to the critical information systems. He also installed various...

Charles, a junior penetration tester, is part of a team assessing the security of perimeter devices of an organization. He is using the following Nmap command to bypass the firewal...

You are working on a pen testing assignment. Your client has asked for a document that shows them the detailed progress of the pen testing. What kind of document have they asked fo...

Adam, a penetration tester at XYZSecurity Inc. He is auditing a wireless network for vulnerabilities. Before starting the audit, he wants to ensure that the wireless card in his ma...

As a disgruntled employee of XYZ Inc. He wanted to take revenge. For that purpose, he created a malicious software that automatically visits every page on the company's website, ch...

A three-way handshake mechanism system A sends an ACK packet to system B. However, system A does not send an ACK packet to system B. In this case, client B is waiting for an ACK pa...

Victor, an IT-based company, uses Oracle database to store all its data. The company also uses Oracle Database Vault to restrict users access to specific areas of their database. C...

Michael, a penetration tester of Rotatrac Pvt. Ltd., has completed his initial penetration testing and now he needs to create a penetration testing report for Rotatrac Pvt. Ltd. Th...

John is working as a cloud security analyst in an organization. The management instructed him to implement a technology in the cloud infrastructure which allows the organization to...

A penetration team found the network switch has changed its behavior to learning mode and is functioning like a hub. The CAM table of the switch was filled with unnecessary traffic...

Which of the following pre-engagement documents identifies the systems to be tested, types of tests, and the depth of the testing?

John is a SD-Networks Ltd as a Network Admin. He received an email from one of his clients stating that the client's company website has some flaws and they are receiving continuou...

Which type of penetration testing will require you to send the Internal Control Questionnaires (ICQ) to the client?

During a DHCP handshake in an IPv4 network, which of the following messages contains the actual IP addressing information for the clients to use?

Depp Networks is a leader in providing ethical hacking services. They were tasked to examine the strength of a client network. After using a wide range of tests, the ethical hacker...

Gibson, a security analyst at MiaTech Solutions, is performing cloud penetration testing. As part of this process, he needs to check for any governance and compliance issues in the...

RFID cards which a guest can get access to the allocated hotel room. Keeping an eye on the RFID technology and with an objective of exploiting it, John, a penetration tester, explo...

Mark, a self-designated himself as a pizza delivery boy and is waiting outside the target company. He observed that an employee of the company is gaining security approval to enter...

A disgruntled employee Robert targeted to acquire business secrets of the organization he is working in and wants to sell the same to a competing organization for financial gain. F...

Identify the fundamental structure used to support and resolve complex issues. The framework that delivers an efficient set of technologies in order to develop applications which a...

Identify the framework that comprises of five levels to guide agency assessment of their security programs and assist in prioritizing efforts for improvement:

NTP protocol is used to synchronize the system clocks of computers with a remote time server or time source over a network. Which one of the following ports is used by NTP at the t...

In the context of penetration testing, what does blue teaming mean?

You work as an IT security auditor hired by a law firm in Boston. You have been assigned the responsibility to audit the client for security risks. When assessing the firm, you dec...

Which of the following is a packet filter that enforces the filtering and security policies to the flowing network traffic. Using firewalls in IPv6 is still the best way of protect...

You are working as a Department of Defense contract company to become compliant with the stringent security policies set by the DoD. One such strict rule is that firewalls must onl...

George is a senior security analyst working for a state agency in Flint. His state's congress just passed a bill mandating every state agency to undergo a security audit annually....

Frank works on a vulnerability assessment for a company on the West coast. The company hired Frank to assess its network security through scanning, pen tests, and vulnerability ass...