لا تريد أن تفوت شيئا؟

نصائح اجتياز امتحان الشهادة

آخر أخبار الامتحانات ومعلومات الخصم

برعاية وحديثة من قبل خبرائنا

نعم، أرسل لي النشرة الإخبارية

خذ اختبارات أخرى عبر الإنترنت
السؤال #1
_________ is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.
A. DNSSEC
B. Resource records
C. Resource transfer
D. Zone transfer
عرض الإجابة
اجابة صحيحة: A
السؤال #2
Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.
A. LDAP Injection attack
B. Cross-Site Scripting (XSS)
C. SQL injection attack
D. Cross-Site Request Forgery (CSRF)
عرض الإجابة
اجابة صحيحة: B
السؤال #3
Which of the following is a hardware requirement that either an IDS/IPS system or a proxy server must have in order to properly function?
A. Fast processor to help with network traffic analysis
B. They must be dual-homed
C. Similar RAM requirements
D. Fast network interface cards
عرض الإجابة
اجابة صحيحة: B
السؤال #4
You may be able to identify the IP addresses and machine names for the firewall, and the names of internal mail servers by:
A. Sending a mail message to a valid address on the target network,and examining the header information generated by the IMAP servers
B. Sending a mail message to an invalid address on the target network,and examining the header information generated by the POP servers
C. Examining the SMTP header information generated by using the -mx command parameter of DIG
D. Examining the SMTP header information generated in response to an e-mail message sent to an invalid address
عرض الإجابة
اجابة صحيحة: D
السؤال #5
Which of the following Google advanced search operators helps an attacker in gathering information about websites that are similar to a specified target URL?
A. [inurl:]
B. [info:]
C. [site:]
D. [related:]
عرض الإجابة
اجابة صحيحة: D
السؤال #6
Which of the following act requires employer's standard national numbers to identify them on standard transactions?
A. SOX
B. HIPAA
C. DMCA
D. PCI-DSS
عرض الإجابة
اجابة صحيحة: B
السؤال #7
What are common files on a web server that can be misconfigured and provide useful information for a hacker such as verbose error messages?
A. httpd
B. administration
C. php
D. idq
عرض الإجابة
اجابة صحيحة: C
السؤال #8
Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?
A. SOA
B. biometrics
C. single sign on
D. PKI
عرض الإجابة
اجابة صحيحة: D
السؤال #9
In this form of encryption algorithm, every individual block contains 64-bit data, and three keys are used, where each key consists of 56?bits. Which is this encryption algorithm?
A. IDEA
B. Triple Data Encryption Standard
C. AES
D. MD5 encryption algorithm
عرض الإجابة
اجابة صحيحة: B
السؤال #10
Nation-state threat actors often discover vulnerabilitiesand hold on to them until they want to launch a sophisticated attack. The Stuxnet attack was an unprecedented style of attack because it used four types of this vulnerability. What is this style of attack called?
A. zero-hour
B. no-day
C. zero-day
D. zero-sum
عرض الإجابة
اجابة صحيحة: C
السؤال #11
Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the attacks process, he performed DNS footprinting to gather information about DNS servers and to identify the hosts connected in the target network. He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names, IP addresses, DNS records, and network Whois records. He further exp
A. Towelroot
B. Knative
C. zANTI
D. Bluto
عرض الإجابة
اجابة صحيحة: D
السؤال #12
Which of the following act requires employer's standard national numbers to identify them on standard transactions?
A. SOX
B. HIPAA
C. DMCA
D. PCI-DSS
عرض الإجابة
اجابة صحيحة: B
السؤال #13
An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", that the user is directed to a phishing site. Which file does the attacker need to modify?
A. Boot
B. Sudoers
C. Networks
D. Hosts
عرض الإجابة
اجابة صحيحة: D
السؤال #14
Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.
A. LDAP Injection attack
B. Cross-Site Scripting (XSS)
C. SQL injection attack
D. Cross-Site Request Forgery (CSRF)
عرض الإجابة
اجابة صحيحة: B
السؤال #15
John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detected for a long time and obtains sensitive information without sabotaging the organization. Which of the following attack techniques is used by John?
A. Insider threat
B. Diversion theft
C. Spear-phishing sites
D. Advanced persistent threat
عرض الإجابة
اجابة صحيحة: D
السؤال #16
What port number is used by LDAP protocol?
A. 445
B. 110
C. 464
D. 389
عرض الإجابة
اجابة صحيحة: D
السؤال #17
Which of the following describes the characteristics of a Boot Sector Virus?
A. Moves the MBR to another location on the RAM and copies itself to the original location of the MBR
B. Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR
C. Modifies directory table entries so that directory entries point to the virus code instead of the actual program
D. Overwrites the original MBR and only executes the new virus code
عرض الإجابة
اجابة صحيحة: B
السؤال #18
You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?
A. nmap -A - Pn
B. nmap -sP -p-65535 -T5
C. nmap -sT -O -T0
D. nmap -A --host-timeout 99 -T1
عرض الإجابة
اجابة صحيحة: C
السؤال #19
If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?
A. Traceroute
B. Hping
C. TCP ping
D. Broadcast ping
عرض الإجابة
اجابة صحيحة: B
السؤال #20
This wireless security protocol allows 192-bit minimum-strength security protocols and cryptographic tools to protect sensitive data, such as GCMP-256, HMAC-SHA384, and ECDSA using a 384-bit elliptic curve. Which is this wireless security protocol?
A. WPA3-Personal
B. WPA3-Enterprise
C. WPA2-Enterprise
D. WPA2-Personal
عرض الإجابة
اجابة صحيحة: B
السؤال #21
You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?
A. nmap -A - Pn
B. nmap -sP -p-65535 -T5
C. nmap -sT -O -T0
D. nmap -A --host-timeout 99 -T1
عرض الإجابة
اجابة صحيحة: C
السؤال #22
A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the corporate network. What tool should the analyst use to perform a Blackjacking attack?
A. Paros Proxy
B. BBProxy
C. BBCrack
D. Blooover
عرض الإجابة
اجابة صحيحة: B
السؤال #23
Which of the following programs is usually targeted at Microsoft Office products?
A. Polymorphic virus
B. Multipart virus
C. Macro virus
D. Stealth virus
عرض الإجابة
اجابة صحيحة: C
السؤال #24
Joseph was the Web site administrator for the Mason Insurance in New York, who's main Web site was located at www.masonins.com. Joseph uses his laptop computer regularly to administer the Web site. One night, Joseph received an urgent phone call from his friend, Smith. According to Smith, the main Mason Insurance web site had been vandalized! All of its normal content was removed and replaced with an attacker's message ''Hacker Message: You are dead! Freaks! From his office, which was directly connected to
A. ARP spoofing
B. SQL injection
C. DNS poisoning
D. Routing table injection
عرض الإجابة
اجابة صحيحة: C
السؤال #25
Bluetooth uses which digital modulation technique to exchange information between paired devices?
A. PSK (phase-shift keying)
B. FSK (frequency-shift keying)
C. ASK (amplitude-shift keying)
D. QAM (quadrature amplitude modulation)
عرض الإجابة
اجابة صحيحة: A
السؤال #26
John is investigating web-application firewall logs and observers that someone is attempting to inject the following: What type of attack is this?
A. SQL injection
B. Buffer overflow
C. CSRF
D. XSS
عرض الإجابة
اجابة صحيحة: B
السؤال #27
Which of the following is a hardware requirement that either an IDS/IPS system or a proxy server must have in order to properly function?
A. Fast processor to help with network traffic analysis
B. They must be dual-homed
C. Similar RAM requirements
D. Fast network interface cards
عرض الإجابة
اجابة صحيحة: B
السؤال #28
Which of the following options represents a conceptual characteristic of an anomaly-based IDS over a signature-based IDS?
A. Produces less false positives
B. Can identify unknown attacks
C. Requires vendor updates for a new threat
D. Cannot deal with encrypted network traffic
عرض الإجابة
اجابة صحيحة: B
السؤال #29
You are a penetration tester working to test the user awareness of the employees of the client XYZ. You harvested two employees’ emails from some public sources and are creating a client-side backdoor to send it to the employees via email. Which stage of the cyber kill chain are you at?
A. Reconnaissance
B. Weaponization
C. Command and control
D. Exploitation
عرض الإجابة
اجابة صحيحة: B
السؤال #30
Pentest results indicate that voice over IP traffic is traversing a network. Which of the following tools will decode a packet capture and extract the voice conversations?
A. Hping
B. John the Ripper
C. Cain
D. Nikto
عرض الإجابة
اجابة صحيحة: C

عرض الإجابات بعد التقديم

يرجى إرسال البريد الإلكتروني الخاص بك والواتس اب للحصول على إجابات الأسئلة.

ملحوظة: يرجى التأكد من صلاحية معرف البريد الإلكتروني وWhatsApp حتى تتمكن من الحصول على نتائج الاختبار الصحيحة.

بريد إلكتروني:
رقم الواتس اب/الهاتف:


Copyright © 2024. Designer by SPOTO Official Website. All Rights Reserved.