In which of the following password protection technique, random...
A hacker named Jack is trying to compromise a bank's computer system....
Log monitoring tools performing behavioral analysis have alerted to...
What type of analysis is performed when an attacker has partial...
Which of the following provides a security professional with most...
Which of the following is an adaptive SQL injection testing technique...
Darius just received a call: Unknown Caller: Hello, my name is Rashad...
You need a tool that can do network intrusion prevention and intrusion...
The name for tools which receive event logs from servers, network...
Why is a penetration test considered to be more thorough than...
Peter is surfing the internet looking for information about DX...
Which command can be used to show current TCP/IP connections.
Hackers often raise the trust level of a phishing message by modeling...
What is the process for allowing or blocking a specific port in the...
Using spoofed IP address to generate port responses during a scan...
What is the purpose of a demilitarized zone on a network?
In IPv6 what is the major difference concerning application layer...
A pen tester is configuring a windows laptop for a test. In setting up...
PGP, SSL, and IKE are all examples of which type of cryptography?
These hackers have limited or no training and know how to use only...
What is the most important for a pentester before he can start any...
Matthew, a black hat, has managed to open a meterpreter session to one...
Which is the first step followed by Vulnerability Scanners for...
A hacker gained access to database with logins and hashed passwords....
The following is a part of a log file taken from the machine on the...
Which Metasploit Framework tool can help penetration tester for...
Max saw a guy (Mario) who looked like a janitor who was holding a lot...
A tester has been hired to do a web application security test. The...
An LDAP directory can be used to store information similar to a SQL...
Which of the following DoS tools is used to attack targets web...
Security Policy is a definition of what it means to be secure for a...
Elliot is in the process of exploiting a web application that uses SQL...
To reach a bank web site, the traffic from workstations must pass...
The name for tools which receive event logs from servers, network...
You are working as a Security Analyst in a company XYZ that owns the...
Jim's company regularly performs backups of their critical...
Darius is analysing logs from IDS. He want to understand what have...
What is one of the advantages of using both symmetric and asymmetric...
Assume a business-crucial web-site of some company that is used to...
What is the process for allowing or blocking a specific port in the...
What is the difference between the AES and RSA algorithms?
Which of the following techniques are NOT relevant in preventing arp...
The I.T. Helpdesk at XYZ Company has begun receiving several phone...
During a Xmas scan what indicates a port is closed?
Developers at your company are creating a web application which will...
CompanyXYZ has asked you to assess the security of their perimeter...
Vlady works in a fishing company where the majority of the employees...
What does the -oX flag do in an Nmap scan?
Email is transmitted across the Internet using the Simple Mail...
You are attempting to run an Nmap port scan on a web server. Which of...
Tremp is an IT Security Manager, and he is planning to deploy an IDS...
The systems administrator for one of your clients has just called you,...
When a security analyst prepares for the formal security assessment -...
Cross-site request forgery involves:
Which of the following statements is FALSE with respect to Intrusion...
What is the purpose of DNS AAAA record?
A bank stores and processes sensitive privacy information related to...
Although FTP traffic is not encrypted by default, which layer 3...
You are performing a web application penetration test for one of your...
Trinity needs to scan all hosts on a /16 network for TCP port 445...
What kind of detection techniques is being used in antivirus softwares...
Clara, a black hat, has connected her Linux laptop to an Ethernet jack...
The Payment Card Industry Data Security Standard (PCI DSS) contains...
Analyst is investigating proxy logs and found out that one of the...
You are performing a penetration test for a client, and have gained...
While scanning with Nmap, Patin found several hosts which have the IP...
You are tasked to configure the DHCP server to lease the last 100...
Suppose your company has just passed a security risk assessment...
This proprietary information security standard wireless guidelines...
Which of the following algorithms is used for Kerberos...
A company's policy requires employees to perform file transfers...
OpenSSL on Linux servers includes a command line tool for testing TLS....
You have successfully logged on a Linux system. You want now to cover...
Using spoofed IP address to generate port responses during a scan...
How is the public key distributed in an orderly, controlled fashion in...
Why containers are less secure that virtual machines?
Your company provides data analytics services to several large...
Darius is analysing logs from IDS. He want to understand what have...
Darius and Mathew were performing internal vulnerability scan within...
What is one of the advantages of using both symmetric and asymmetric...
DHCP snooping is a great solution to prevent rogue DHCP servers on...
Which of below hashing functions are not recommended for use:
Which of the below encryption algorithms are the fastest?
AES is asymmetric, which is used to create a public/private key pair;...
When configuring wireless on his home router, Javik disables SSID...
What is the known plaintext attack used against DES which results in...
Which utility will tell you in real time which ports are listening or...
Which TCP scanning method is unlikely to set off network IDS?
User A is writing a sensitive email message to user B outside the...
A Multihomed firewall has a minimum of how many network connections?
Which of the following is true regarding a PKI system?
What is the main security service a cryptographic hash provides?
You are analysing a traffic on the network with Wireshark. You want to...
Which of the following is NOT correct about the usefulness of...
What does mean the line 7 of the traceroute : ark@debian-lxde:~$...
Your business has decided to add credit card numbers to the data it...
At 2:05pm your log monitoring tool sends an alert to the InfoSec team...
Nedved is an IT Security Manager of a Bank in his country. One day, he...
Which of the following steps for risk assessment methodology refers to...
Your company has web servers, DNS servers, and mail servers in a DMZ...
The network team has well established procedures to follow for...
You type the following command at a Linux command prompt: hping3 -c...