لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detected for a long time and obtains sensitive information without sabotaging the organization. Which of the following attack techniques is used by John?
A. Insider threat
B. Diversion theft
C. Spear-phishing sites
D. Advanced persistent threat
عرض الإجابة
اجابة صحيحة: D
السؤال #2
What are common files on a web server that can be misconfigured and provide useful information for a hacker such as verbose error messages?
A. httpd
B. administration
C. php
D. idq
عرض الإجابة
اجابة صحيحة: C
السؤال #3
In this form of encryption algorithm, every individual block contains 64-bit data, and three keys are used, where each key consists of 56?bits. Which is this encryption algorithm?
A. IDEA
B. Triple Data Encryption Standard
C. AES
D. MD5 encryption algorithm
عرض الإجابة
اجابة صحيحة: B
السؤال #4
Which is the first step followed by Vulnerability Scanners for scanning a network?
A. OS Detection
B. Firewall detection
C. TCP/UDP Port scanning
D. Checking if the remote host is alive
عرض الإجابة
اجابة صحيحة: D
السؤال #5
In order to show improvement of security over time, what must be developed?
A. Reports
B. Testing tools
C. Metrics
D. Taxonomy of vulnerabilities
عرض الإجابة
اجابة صحيحة: C
السؤال #6
You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line. Which command would you use?
A. c:\gpedit
B. c:\compmgmt
C. c:\ncpa
D. c:\services
عرض الإجابة
اجابة صحيحة: B
السؤال #7
An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?
A. Reverse Social Engineering
B. Tailgating
C. Piggybacking
D. Announced
عرض الإجابة
اجابة صحيحة: B
السؤال #8
Tony is a penetration tester tasked with performing a penetration test. After gaining initial access to a target system, he finds a list of hashed passwords. Which of the following tools would not be useful for cracking the hashed passwords?
A. Hashcat
B. John the Ripper
C. THC-Hydra
D. netcat
عرض الإجابة
اجابة صحيحة: D
السؤال #9
Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?
A. Produces less false positives
B. Can identify unknown attacks
C. Requires vendor updates for a new threat
D. Cannot deal with encrypted network traffic
عرض الإجابة
اجابة صحيحة: B
السؤال #10
You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?
A. nmap -A - Pn
B. nmap -sP -p-65535 -T5
C. nmap -sT -O -T0
D. nmap -A --host-timeout 99 -T1
عرض الإجابة
اجابة صحيحة: C
السؤال #11
Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the attacks process, he performed DNS footprinting to gather information about DNS servers and to identify the hosts connected in the target network. He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names, IP addresses, DNS records, and network Whois records. He further exp
A. Towelroot
B. Knative
C. zANTI
D. Bluto
عرض الإجابة
اجابة صحيحة: D
السؤال #12
If you want to only scan fewer ports than the default scan using Nmap tool, which option would you use?
A. -r
B. -F
C. -P
D. -sP
عرض الإجابة
اجابة صحيحة: B
السؤال #13
Tony is a penetration tester tasked with performing a penetration test. After gaining initial access to a target system, he finds a list of hashed passwords. Which of the following tools would not be useful for cracking the hashed passwords?
A. Hashcat
B. John the Ripper
C. THC-Hydra
D. netcat
عرض الإجابة
اجابة صحيحة: D
السؤال #14
Ron, a security professional, was pen testing web applications and SaaS platforms used by his company. While testing, he found a vulnerability that allows hackers to gain unauthorized access to API objects and perform actions such as view, update, and delete sensitive data of the company. What is the API vulnerability revealed in the above scenario?
A. Improper use of CORS
B. Code injections
C. No ABAC validation
D. Business logic flaws
عرض الإجابة
اجابة صحيحة: A
السؤال #15
What type of malware is it that restricts access to a computer system that it infects and demands that the user pay a certain amount of money, cryptocurrency, etc. to the operators of the malware to remove the restriction?
A. Riskware
B. Ransomware
C. Spyware
D. Adware
عرض الإجابة
اجابة صحيحة: B
السؤال #16
Which service in a PKI will vouch for the identity of an individual or company?
A. KDC
B. CR
C. CBC
D. CA
عرض الإجابة
اجابة صحيحة: D
السؤال #17
What are common files on a web server that can be misconfigured and provide useful information for a hacker such as verbose error messages?
A. httpd
B. administration
C. php
D. idq
عرض الإجابة
اجابة صحيحة: C
السؤال #18
Which of the following is an application that requires a host application for replication?
A. Micro
B. Worm
C. Trojan
D. Virus
عرض الإجابة
اجابة صحيحة: D
السؤال #19
In this form of encryption algorithm, every individual block contains 64-bit data, and three keys are used, where each key consists of 56?bits. Which is this encryption algorithm?
A. IDEA
B. Triple Data Encryption Standard
C. AES
D. MD5 encryption algorithm
عرض الإجابة
اجابة صحيحة: B
السؤال #20
You are a penetration tester working to test the user awareness of the employees of the client XYZ. You harvested two employees’ emails from some public sources and are creating a client-side backdoor to send it to the employees via email. Which stage of the cyber kill chain are you at?
A. Reconnaissance
B. Weaponization
C. Command and control
D. Exploitation
عرض الإجابة
اجابة صحيحة: B
السؤال #21
You are a penetration tester working to test the user awareness of the employees of the client XYZ. You harvested two employees’ emails from some public sources and are creating a client-side backdoor to send it to the employees via email. Which stage of the cyber kill chain are you at?
A. Reconnaissance
B. Weaponization
C. Command and control
D. Exploitation
عرض الإجابة
اجابة صحيحة: B
السؤال #22
If an attacker uses the command SELECT*FROM user WHERE name = "?x' AND userid IS NULL; --"?; which type of SQL injection attack is the attacker performing?
A. End of Line Comment
B. UNION SQL Injection
C. Illegal/Logically Incorrect Query
D. Tautology
عرض الإجابة
اجابة صحيحة: A
السؤال #23
Peter extracts the SIDs list from Windows 2000 Server machine using the hacking tool "SIDExtractor". Here is the output of the SIDs: s-1-5-21-1125394485-807628933-54978560-100Johns s-1-5-21-1125394485-807628933-54978560-652Rebecca s-1-5-21-1125394485-807628933-54978560-412Sheela s-1-5-21-1125394485-807628933-54978560-999Shawn s-1-5-21-1125394485-807628933-54978560-777Somia s-1-5-21-1125394485-807628933-54978560-500chang s-1-5-21-1125394485-807628933-54978560-555Micah From the above list identify the user a
A. John
B. Rebecca
C. Sheela
D. Shawn
E. Somia
F. Chang
G. Micah
عرض الإجابة
اجابة صحيحة: F
السؤال #24
Sophia travels a lot and worries that her laptop containing confidential documents might be stolen. What is the best protection that will work for her?
A. Full Disk encryption
B. BIOS password
C. Hidden folders
D. Password protected files
عرض الإجابة
اجابة صحيحة: A
السؤال #25
You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist's email, and you send her an email changing the source email to her boss's email (boss@company). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She
A. Social engineering
B. Piggybacking
C. Tailgating
D. Eavesdropping
عرض الإجابة
اجابة صحيحة: A
السؤال #26
Which service in a PKI will vouch for the identity of an individual or company?
A. KDC
B. CR
C. CBC
D. CA
عرض الإجابة
اجابة صحيحة: D
السؤال #27
These hackers have limited or no training and know how to use only basic techniques or tools. What kind of hackers are we talking about?
A. Black-Hat Hackers A
B. Script Kiddies
C. White-Hat Hackers
D. Gray-Hat Hacker
عرض الإجابة
اجابة صحيحة: B
السؤال #28
Which of the following types of SQL injection attacks extends the results returned by the original query, enabling attackers to run two or more statements if they have the same structure as the original one?
A. Error-based injection
B. Boolean-based blind SQL injection
C. Blind SQL injection
D. Union SQL injection
عرض الإجابة
اجابة صحيحة: D
السؤال #29
An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?
A. Reverse Social Engineering
B. Tailgating
C. Piggybacking
D. Announced
عرض الإجابة
اجابة صحيحة: B
السؤال #30
This wireless security protocol allows 192-bit minimum-strength security protocols and cryptographic tools to protect sensitive data, such as GCMP-256, HMAC-SHA384, and ECDSA using a 384-bit elliptic curve. Which is this wireless security protocol?
A. WPA3-Personal
B. WPA3-Enterprise
C. WPA2-Enterprise
D. WPA2-Personal
عرض الإجابة
اجابة صحيحة: B

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.