Introducing The New!
Surepassexam Collection
Get Unlimited Access to all
Surepassexam's PREMIUM files
Q1. To determine if a software program properly handles a wide range of invalid input, a form of automated testing can be used randomly generate invalid input in an attempt to crash the program.
What term is commonly used when referring to this type of testing?
A. Bounding
B. Mutating
C. Puzzing
D. Randomizing
Answer: C
Q2. You have successfully compromised a machine on the network and found a server that is alive on the same network. You tried to ping but you didn’t get any response back.
What is happening?
A. TCP/IP doesn’t support ICMP.
B. ICMP could be disabled on the target server.
C. The ARP is disabled on the target server.
D. You need to run the ping command with root privileges.
Answer: A
Q3. While performing online banking using a web browser, a user receives an email that contains alink to an interesting Web site. When the user clicks on the link, another web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place.
What web browser-based security vulnerability was exploited to compromise the user?
A. Cross-Site Request Forgery
B. Cross-Site Scripting
C. Web form input validation
D. Clickjacking
Answer: A
Q4. The configuration allows a wired or wireless network interface controller to pass all trafice it receives to thecentral processing unit (CPU), rather than passing only the frames that the controller is intended to receive.
Which of the following is being described?
A. WEM
B. Multi-cast mode
C. Promiscuous mode
D. Port forwarding
Answer: B
Q5. In 2007, this wireless security algorithm was rendered useless by capturing packets and discovering the passkey in a matter of seconds. This security flaw led to a network invasion of TJ Maxx and data theft through a technique known wardriving.
Which algorithm is this referring to?
A. Wired Equivalent Privacy (WEP)
B. Temporal Key Integrity Protocol (TRIP)
C. Wi-Fi Protected Access (WPA)
D. Wi-Fi Protected Access 2(WPA2)
Answer: A
Q6. The purpose of a is to deny network access to local area networks and other information assets by unauthorized wireless devices.
A. Wireless Access Point
B. Wireless Analyzer
C. Wireless Access Control list
D. Wireless Intrusion Prevention System
Answer: D
Q7. What is the process of logging, recording, and resolving events that take place in an organization?
A. Metrics
B. Security Policy
C. Internal Procedure
D. Incident Management Process
Answer: D
Q8. Which of the following incident handling process phases is responsible for defining rules, creating a back-up plan, and testing the plans for an enterprise?
A. Preparation phase
A. B. Recovery phase
C. Identification phase
D. Containment phase
Answer: A
Q9. You have compromised a server on a network and successfully open a shell. You aimed to identify all operating systems running on the network. However, as you attemptto fingerprint all machines in the machines in the network using the nmap syntax below, it is not going through.
invictus@victim_server:~$nmap –T4 –O 10.10.0.0/24
TCP/IP fingerprinting (for OS scan) xxxxxxx xxxxxx xxxxxxxxxx. QUITTING!
What seems to be wrong?
A. The outgoing TCP/IP fingerprinting is blocked by the host firewall.
B. This is a common behavior for a corrupted nmap application.
C. OS Scan requires root privileged.
D. The nmap syntax is wrong.
Answer: D
Q10. Which of the following is component of a risk assessment?
A. Logical interface
B. DMZ
C. Administrative safeguards
D. Physical security
Answer: C
Q11. You are logged in as a local admin on a Windows 7 system and you need to launch the Computer Management Console from command line.
Which command would you use?
A. c:\services.msc
B. c:\ncpa.cp
C. c:\compmgmt.msc
D. c:\gpedit
Answer: C
Q12. Perspective clients wantto see sample reports from previous penetration tests. What should you do next?
A. Share full reports, not redacted.
B. Share full reports, with redacted.
C. Decline but, provide references.
D. Share reports, after NDA is signed.
Answer: B
Q13. This international organizationregulates billions of transactions daily and provides security guidelines to protect personally identifiable information (PII). These security controls provide a baseline and prevent low-level hackers sometimes known as script kiddies from causing a data breach.
Which of the following organizations is being described?
A. Payment Card Industry (PCI)
A. B. International Security Industry Organization (ISIO)
C. Institute of Electrical and Electronics Engineers (IEEE)
D. Center for Disease Control (CDC)
Answer: B
Q14. Jesse receives an email with an attachment labeled “Court_Notice_21206.zip”. Inside the zip file is a file named “Court_Notice_21206.docx.exe” disguised as a word document.Upon execution, a windows appears stating, “This word document is corrupt.” In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries. What type of malware has Jesse encountered?
A. Trojan
B. Worm
C. Key-Logger
D. Micro Virus
Answer: A
Q15. During a security audit of IT processes, an IS auditor found that there was no documented security procedures. What should the IS auditor do?
A. Terminate the audit.
B. Identify and evaluate existing practices.
C. Create a procedures document
D. Conduct compliance testing
Answer: B
Q16. You are the Systems Administrator for a large corporate organization. You need to monitor all network traffic on your local network for suspicious activities and receive notifications when an attack is occurring. Which tool would allow you to accomplish this goal?
A. Host-based IDS
B. Firewall
C. Network-Based IDS
D. Proxy
Answer: C
Q17. Port scanning can be used as part of a technical assessment to determine network vulnerabilities. The TCP XMAS scan is used to identify listening port on the targeted system.
If a scanned port is open, what happens?
A. The port will ignore the packets.
B. The port will send an RST.
C. The port will send an ACK.
D. The port will send a SYN.
Answer: A
Q18. It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. This malware generates a pop-up windows, webpage,or email warning from what looks like an officialauthority. It explains your computer has been locked because of possible illegal activities and demands payment before you can access your files and programs again.
Which term best matches this definition?
A. Spyware
B. Adware
C. Ransomware
D. Riskware
Answer: C
Q19. Which of the following tools is used to detect wireless LANs using the 802.11a/b/g/n WLAN standards on a linux platform?
A. Kismet
B. Netstumbler
C. Abel
D. Nessus
Answer: A
Q20. When you return to your desk after a lunch break, you notice a strange email in your inbox. The senders is someone you did business with recently but the subject line has strange characters in it.
What should you do?
A. Forward the message to your company’s security response team and permanently delete the message from your computer.
B. Delete the email and pretend nothing happened.
C. Forward the message to your supervisor andask for her opinion on how to handle the situation.
D. Reply to the sender and ask them for more information about the message contents.
Answer: A
Q21. The NMAP command above performs which of the following?
A. A ping scan
B. A trace sweep
C. An operating system detect
D. A port scan
Answer: A