Exam Review - Justin-Boyd/Ethical-Hacking-Class GitHub Wiki
David recently discovered a new security vulnerability in his software that wasn’t known before. Which of the following is the correct term for his discovery?
A. Malware
B. Virus
C. Zero-day
D. Backdoor
Answer
C
Tom is a cyber consultant. He used Nmap to map an organization and find open ports. For one scanned port, he received RST as a response. What is the port status?
A. The port does not exist.
B. The port is vulnerable.
C. The port is open.
D. The port is closed.
Answer
D
Which type of On-Path attack includes the process of redirecting a domain name request to a custom phishing domain?
A. DNS Poisoning
B. Port Stealing
C. SSL Stripping
D. ARP Poisoning
Answer
A
Sasha wants to crack a password on a website. To do so, she did some research on the user and gathered information about him. Which of the following tools can be used to make the cracking process easier?
A. CUPP
B. Hydra
C. Medusa
D. John the Ripper
Answer
A
John wants to launch a phishing campaign. He is looking for a tool to help him clone a specific website. Which of the following tools can he use to create the website?
A. Aircrack
B. WireShark
C. Evil Twin
D. HTTrack
Answer
D
Ted was hired to perform penetration testing on a system. Which of the following platforms can help him accomplish that?
A. Rogue System Detection
B. Blackbox
C. MetaSploit
D. Honeypot
Answer
C
Thomas tries to change his friend’s PC boot order but encounters a password request. Which of the following security solutions was implemented?
A. BIOS password
B. Drive encryption
C. Motherboard locking
D. Boot encryption
Answer
A
Which of the following users would you try to compromise if you could not get root access?
A. An administrator
B. A user with sudo permissions
C. Any user
D. Any user that can connect to the domain
Answer
C
Which of the following tools is highly effective when testing client-server transactions, can be used to manipulate captured data, and can send the data to the server?
A. Data sanitization tools
B. Netdiscover
C. Command line tools
D. Burp Suite
Answer
D
John built a forum-based website. He wants to save a payload in the database to affect its viewers. Which of the following attacks is most likely to be used?
A. Stored XSS
B. Key Logger
C. Banner Grabbing
D. Logic Bomb
Answer
A
Which of the following can Leanne use to prevent SQL Injection on her website?
A. Endpoint protection
B. Concatenation within the query
C. Prepared statements
D. IDS/IPS software
Answer
C