لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت

السؤال #1
Which of the following is an example of an asymmetric encryption implementation?
A. MD5
B. 3DES
C. PGP
D. SHA1
عرض الإجابة
اجابة صحيحة: C
السؤال #2
Which of the following Google advanced search operators helps an attacker in gathering information about websites that are similar to a specified target URL?
A. [inurl:]
B. [info:]
C. [site:]
D. [related:]
عرض الإجابة
اجابة صحيحة: D
السؤال #3
Which statement is TRUE regarding network firewalls preventing Web Application attacks?
A. Network firewalls can prevent attacks because they can detect malicious HTTP traffic
B. Network firewalls cannot prevent attacks because ports 80 and 443 must be opened
C. Network firewalls can prevent attacks if they are properly configured
D. Network firewalls cannot prevent attacks because they are too complex to configure
عرض الإجابة
اجابة صحيحة: B
السؤال #4
Bluetooth uses which digital modulation technique to exchange information between paired devices?
A. PSK (phase-shift keying)
B. FSK (frequency-shift keying)
C. ASK (amplitude-shift keying)
D. QAM (quadrature amplitude modulation)
عرض الإجابة
اجابة صحيحة: A
السؤال #5
Initiating an attack against targeted businesses and organizations, threat actors compromise a carefully selected website byinserting an exploit resulting in malware infection. The attackers run exploits on well-known and trusted sites likely to be visited by their targeted victims. Aside from carefully choosing sites to compromise, these attacks are known toincorporate zero-day exploits that target unpatched vulnerabilities. Thus, the targeted entities are left with little or no defense against these explo
A. Watering Hole Attack
B. Spear Phising Attack
C. Heartbleed Attack
D. Shellshock Attack
عرض الإجابة
اجابة صحيحة: A
السؤال #6
John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detected for a long time and obtains sensitive information without sabotaging the organization. Which of the following attack techniques is used by John?
A. Insider threat
B. Diversion theft
C. Spear-phishing sites
D. Advanced persistent threat
عرض الإجابة
اجابة صحيحة: D
السؤال #7
A Regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the bank?
A. Require all employees to change their passwords immediately
B. Place a front-end web server in a demilitarized zone that only handles external web traffic
C. Issue new certificates to the web servers from the root certificate authority
D. Move the financial data to another server on the same IP subnet
عرض الإجابة
اجابة صحيحة: D
السؤال #8
George is a security professional working for iTech Solutions. He was tasked with securely transferring sensitive data of the organization between industrial systems. In this process, he used a short-range communication protocol based on the IEEE 203.15.4 standard. This protocol is used in devices that transfer data infrequently at a low rate in a restricted area, within a range of 10-100 m. What is the short-range wireless communication technology George employed in the above scenario?
A. MQTT
B. LPWAN
C. Zigbee
D. NB-IoT
عرض الإجابة
اجابة صحيحة: C
السؤال #9
"Testing the network using the same methodologies and tools employed by attackers" Identify the correct terminology that defines the above statement.
A. Penetration Testing
B. Vulnerability Scanning
C. Designing Network Security
D. Security Policy Implementation
عرض الإجابة
اجابة صحيحة: A
السؤال #10
An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", that the user is directed to a phishing site. Which file does the attacker need to modify?
A. Boot
B. Sudoers
C. Networks
D. Hosts
عرض الإجابة
اجابة صحيحة: D
السؤال #11
Which of the following tools can be used for passiveOS fingerprinting?
A. tcpdump
B. ping
C. Tracert
D. nmap
عرض الإجابة
اجابة صحيحة: D
السؤال #12
John is investigating web-application firewall logs and observers that someone is attempting to inject the following: What type of attack is this?
A. SQL injection
B. Buffer overflow
C. CSRF
D. XSS
عرض الإجابة
اجابة صحيحة: B
السؤال #13
A penetration tester is conducting a port scan on a specific host. The tester found several ports opened that were confusing inconcluding the Operating System (OS) version installed. Considering the NMAP result below, which of the follow is likely to be installed on the target machine by the OS? Starting NMAP 5.21 at 2011-03-15 11:06 NMAP scan report for 172.16.40.65 Host is up (1.00s latency). Not shown: 993 closed ports PORT STATE SERVICE 21/tcp open ftp 23/tcp open telnet 80 /tcp open http 139/tcp open n
A. The host is likely a printer
B. The host is likely a router
C. The host is likely a Linux machine
D. The host is likely a Windows machine
عرض الإجابة
اجابة صحيحة: A
السؤال #14
_________ is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.
A. DNSSEC
B. Resource records
C. Resource transfer
D. Zone transfer
عرض الإجابة
اجابة صحيحة: A
السؤال #15
User A is writing a sensitive email message to user B outside the local network. User A has chosen to use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the OSI layer does the encryption and decryption of the message take place?
A. Application
B. Transport
C. Session
D. Presentation
عرض الإجابة
اجابة صحيحة: D
السؤال #16
Which of the following describes the characteristics of a Boot Sector Virus?
A. Moves the MBR to another location on the RAM and copies itself to the original location of the MBR
B. Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR
C. Modifies directory table entries so that directory entries point to the virus code instead of the actual program
D. Overwrites the original MBR and only executes the new virus code
عرض الإجابة
اجابة صحيحة: B
السؤال #17
In order to show improvement of security over time, what must be developed?
A. Reports
B. Testing tools
C. Metrics
D. Taxonomy of vulnerabilities
عرض الإجابة
اجابة صحيحة: C
السؤال #18
In this form of encryption algorithm, every individual block contains 64-bit data, and three keys are used, where each key consists of 56?bits. Which is this encryption algorithm?
A. IDEA
B. Triple Data Encryption Standard
C. AES
D. MD5 encryption algorithm
عرض الإجابة
اجابة صحيحة: B
السؤال #19
Bluetooth uses which digital modulation technique to exchange information between paired devices?
A. PSK (phase-shift keying)
B. FSK (frequency-shift keying)
C. ASK (amplitude-shift keying)
D. QAM (quadrature amplitude modulation)
عرض الإجابة
اجابة صحيحة: A
السؤال #20
Which statement is TRUE regarding network firewalls preventing Web Application attacks?
A. Network firewalls can prevent attacks because they can detect malicious HTTP traffic
B. Network firewalls cannot prevent attacks because ports 80 and 443 must be opened
C. Network firewalls can prevent attacks if they are properly configured
D. Network firewalls cannot prevent attacks because they are too complex to configure
عرض الإجابة
اجابة صحيحة: B
السؤال #21
Tony is a penetration tester tasked with performing a penetration test. After gaining initial access to a target system, he finds a list of hashed passwords. Which of the following tools would not be useful for cracking the hashed passwords?
A. Hashcat
B. John the Ripper
C. THC-Hydra
D. netcat
عرض الإجابة
اجابة صحيحة: D
السؤال #22
Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the attacks process, he performed DNS footprinting to gather information about DNS servers and to identify the hosts connected in the target network. He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names, IP addresses, DNS records, and network Whois records. He further exp
A. Towelroot
B. Knative
C. zANTI
D. Bluto
عرض الإجابة
اجابة صحيحة: D
السؤال #23
Assume a business-crucial web-site of some company that is used to sell handsets to the customers worldwide. All the developed components are reviewed by the security team on a monthly basis. In order to drive business further, the web-site developers decided to add some 3rd party marketing tools on it. The tools are written in JavaScript and can track the customer's activity on the site. These tools are located on the servers of the marketing company. What is the main security risk associated with this sce
A. External scripts have direct access to the company servers and can steal the data from there
B. External scripts increase the outbound company data traffic which leads greater financial losses
C. External script contents could be maliciously modified without the security team knowledge
D. There is no risk at all as the marketing services are trustworthy
عرض الإجابة
اجابة صحيحة: C
السؤال #24
You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist's email, and you send her an email changing the source email to her boss's email (boss@company). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She
A. Social engineering
B. Piggybacking
C. Tailgating
D. Eavesdropping
عرض الإجابة
اجابة صحيحة: A
السؤال #25
Passive reconnaissance involves collecting information through which of the following?
A. Social engineering
B. Network traffic sniffing
C. Man in the middle attacks
D. Publicly accessible sources
عرض الإجابة
اجابة صحيحة: D
السؤال #26
Which of the following Linux commands will resolve a domain name into IP address?
A. >host -t soa hackeddomain
B. >host -t a hackeddomain
C. >host -t ns hackeddomain
D. >host -t AXFR hackeddomain
عرض الإجابة
اجابة صحيحة: B
السؤال #27
The configuration allows a wired or wireless network interface controller to pass all trafice it receives to thecentral processing unit (CPU), rather than passing only the frames that the controller is intended to receive. Which of the following is being described?
A. Port forwarding
B. Promiscuous mode
C. Multi-cast mode
D. WEM
عرض الإجابة
اجابة صحيحة: C
السؤال #28
You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line. Which command would you use?
A. c:\gpedit
B. c:\compmgmt
C. c:\ncpa
D. c:\services
عرض الإجابة
اجابة صحيحة: B
السؤال #29
In Wireshark, the packet bytes panes show the data of the current packet in which format?
A. Decimal
B. ASCII only
C. Binary
D. Hexadecimal
عرض الإجابة
اجابة صحيحة: D
السؤال #30
Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?
A. SOA
B. biometrics
C. single sign on
D. PKI
عرض الإجابة
اجابة صحيحة: D

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف: