83

60
21
93
53
50
3
28
72
111
43
124
25
8
125
113
16
13
85
68
101
23
99
35
91
41
82
4
88
61
76
32
42
37
123
58
18
29
14
92
106
46
80
115
9
32
59
44
47
122
30
107
70
74
108
120
48
51
39
81
94
117
7
84
17
110
67
119
102
24
86
98
56
22
66
63
33
36
54
75
73
38
112
90
89
10
1
15
87
103
77
 26
118
95
55
19
69
65
62
11
45
64
97
6
57
27
105
114
116
34
28
2
109
104
12
68
121
5
31
71
100
20
49
B: Can accelerate Benchmark tests
D: FireWalking
A: User Access Control (UAC)
C: Defense in Depht
D: Must be unique and have special character
A: Active
B: False purpose
C: The amonth of time it taken to be either accept or rejected
D: Burpsuite
A: Single-sign-on
D: Network based intrusion detection system
D: msfendcode
A: WIPS
D: IPSEC
C: Result matching "accounting" in domain target an
A: CA
A: Whois
C: Logic Tier
B: Bollards
A: Macro virus
B: Remote access policy
C: Stealth virus
C: Kismet
C: Remote policy
D: Banner grabbing
C: The gatyway is not housting to a Public IP address
C: Single quote
D: Notify the web site owner so that corrective action...
A: Disable all routing protocols and only userogue router
C: Privilege escalation
B: The WAP does not reconize the clients MAC address
D: O-Day vulnerability
A: Possibility of SQL Injection attack is limited
B: The host is likely a printer
C: Place of front end web server in a dmz that only...
D: BBProxy
A: Buffer overflow
D: Determine the impact
A: Cross-site scripting vulnerability
C: Dictionnary attack
C: The password file does not contain
A: Bootnet Trojan
C: NWK element must be hardness with use IDS and strong
A: Cross-site request forgery
C: Host
B: DNS Spoofing
D: First the ping sweep to identify live host
A: The hacker shouldùve used nmap-O host.domain.com
C: She using John in the ripper to crack the password in the secret.txt file
C: The firewell itself is blocking port 21 througth 23
C: Password salting
C: CIVIL
D: Rules of engament
C: tcp.port eq 25
A: Blind SQLi
C: A fingerprint scanner and his username and password
D: This is a scan an enverybody can get a @yahoo.com...
A: He will repeat this action so that it escalation to a Dos attack
B: install a CCTV with cameras pointing to the entrance doors and the street
A: proper chain of curiosity was not observe while collecting the logs
C: the employee should not provide any information
B: someting you have
B: vulnerability scanner
D: Public key cryptography also know as asymetric
B: Not information the employees that they are going to be monitored
B: user perfomed or SVN scan and OS
D: display password content to prompt
A: click jacking attack
A: internal blackbox
A: Windows
A: Sandboxing the code
D: full disk encryption
D: the CFO can use hash algorithm
C: Dumpster diving
B: SYN
C: port scan targeting 192.168.1.106
A: private
D: he is scanning from 192.168.1.64 fo 192.168.1.78 because...
B: the first ACL is denying all TCP traffic and the other
C: collision
D: An authetication system that creates on-time password
B: only compatible with the application protocol HTTP
B: rainbow table attack
A: transport presentation layer post numbers and application layer headers
A: A digital signature can not be moved
A: Rotate employees handing credit card transactions
B: connecting SYN, SYN-ACK, ACK
B: RSA is asymetric, wich is used to create a public/private key pair
B: encrypt the date on the hard drive
B: Hping
B: TCP SYN
C: wired equivalent pravicy (WEP)
D: privilege escalation
A: in a phishing attack a victim is redirected
D: dues to the extensive security
C: mail relaying wich is technique of bouncing e-mail
A: use Tor network with multi-code
D: reconnaissance
D: work at the data link layer
C: DNSEC
C: Evil twin attack
A: containtment
A: HIPAA
B: trojan
C: Tailgating
C: Passwords
D: the hacker succesfully transfert the zone and enumereted the hosts
B: the port will ignore the packets
B: malicious code is attempting to execute instruction in a non-executable memory
C: steganography
C: kisnet
D:Nmap -Sx
A: Speed
B: Metasploit
C: preparation phase
A: macro virus
D: Both static routes indicates...extened different gatway
B: Report immediatly to the administration
C: ICMP could be disabled on the target
C: Wireshark with Aircap
D: hping2 -1 host.domain.com
A: Noting but suggest to him to change the network's SSID and password
D: scan servers with Nmap
What is therole of test automation
What is the way to decide how...
What mechanism in Windows
What is network security co..
What two conditions must a digital
What type of OS fingerprinting technique
When analizing the IDS logs
When purchasing a biometric system
When you are testing a web application
Which access control mechanism allows for
Which IDS is best
Which Metasploit framework
Which of these...is capable of searching
Which protocol is used
Which result whil be
Which service in PKI will
Which system consist of publicly available set of databases..
Which Tier the N-tier application
Which type of security feature
Target Microsoft product
Which of following security policy def... use of VPN
Wich of the following viruses
Which of the following is a passive...
A security analyst
A security engineer at a medium-size accounting firm...
A technician is resolving an issue where a computer is unable
A tester has been hired to do a web application
A well...
An attacker attack a rogue router
A net work discover several unknow file in the root of linux FTP
A new client wireless is configured to join a 801.11 network

A penetration test was done a t a company. After the test a reportwas written and given to the companyùs IT
A penetration tester is condocting a port scan on a specific host...Nmap
A regional bank hiresbyour company to perform a security assesment on thier network after a recent
A large company intend to use BlakBerry

A Company web

A hacker has managed to gaining accessnto a linux

A hacker has succesful infected-facing server which
a large mobile telephony and data network operator has a dat center
An attacker change the profil information
An attacker has installed a RAT
An attacker is trying to redirect the traffic
An attacker is using nmap to do ping sweep
An attacker tries to do... on the remote web server
Eve stole a file name secret.txt transferred it to
Firewalk has just competed the second phase
How can rainbow tables be def
id executives are found liable for not...
As certified hetical hacker you were
As an ethical hacker you are capturing trafic
Attempting an injection attack on a web server based on responses to true/false
Bob learned that his username and password for a popular game
Bob recieved this text message
An attack with access to inside netwok
An enterprise recently moved to a new ...
A incident investigator ask to recieve a copy of the..logs
An IT employee got a callfrem

graig recieved a report of all the computers on the

Cryptography is the practice
Due to slaw down of...network
Emile uses Nmap
env x='........'
scenario:-
Seth is starting a penetration test from
shellshock had the potential for an unauthorized user to gain access to a server...
Sid is a judge for a programming contest. Before the code reaches him it goes through a restricted OS
Sophia travels a lot and worries that
the company ABC recently contract a new accountant
the company ABC recently discover that thier new product was
the establish of a TCP connection involves a negotiation called 3 way hand ...
the following is part of a log log file taken from the machine on the network with...
the heartbleed bug was discovered in 2014 and is widely refered
the network in ABC Company address 192.168.1.64 with mask 255.255.255.192
the security administration of ABC needs
the are several ways to gain insight on how a cryptog...
Todd has been asked by the security officer
website and web portals that provide web services commonly use the Simple object Access Protocol SOAP
What attack is used...
what does a firewall check to prevent particular ports and applications from
from one signed what is correct about digital signature
What is not a PCI compliance recommandation?
What is the correct process for the TCP three-handshak
what is the....
what is the ....
if a tester is attempting to ping a target
if there is an intrusion IDS in internet
in 2007 this wireless security algorithm was rende...
in an internal security audit the while hat
in both planning and phishing
IPv6 what is the major difference concerning
In many states sending spam is illegal
in order to have a anonimous internet
in wich phase of the ethical
internet protocol security IPSec is actually a suite of protocol
________is a set of extension to DNS that provide to DNS
________is an attack type for a roge wi-fi access point thats appears to be a legitimate
it has been reported to you that someone has
it is a regulation that has a set of guidelines which should be adhered
Jesse recieves an email whit an attachment labeled " ......."
Jimmy is standing outside a secure entrance to facility...
John the Ripper? is a technical assesment tool used to test
look of the following... whatdid the hacker
port scanning can be used as part a technical assesment to determine network vulnerability. The TCP XMAS scan is used to
Rebecca commonly sees an error on her windows system that a Data execution prevention(DEP)
Ricardo wants to send secret messages to a competitor company
wich of the following is a passive packet
which of the following will perform an XMAS
which of the following

Which of the following is considered a strength of symmetric algorithm when compared with asymmetric algorith

You're an ethical hacker who audit a company. When you verify the NOC, one of the machine has 2 connexions, o

An attacker want to launch a ICMP Scan using hping2. What's the syntax of the command ?
e companyùs IT
 ........

otocol SOAP
he TCP XMAS scan is used to

with asymmetric algorithm ?

achine has 2 connexions, one wired and other wireless. When you check the configuration route, you have : route add 10.0.0.
ou have : route add 10.0.0.0 Mask 255.0.0.0 10.0.0.1 route add 0.0.0.0 mask 255.0.0.0 192.168.0.1 (j'ai pas noté la question, e
(j'ai pas noté la question, essaie de voir avec divine stp)