Which of the following tools is used by pen testers and…
Which of the following tools is used by pen testers and analysts specifically to analyze links between data using
link analysis and graphs?A. Metasploit
What would be the response of all open ports?
While doing a technical assessment to determine network vulnerabilities, you used the TCP XMAS scan. What
would be the response of all open ports?
Which of the following is being described?
It is a widely used standard for message logging. It permits separation of the software that generates
messages, the system that stores them, and the software that reports and analyzes them. This protocol is
specifically designed for transporting event messages. Which of the following is being described?
What type of firewall is being utilized for the outboun…
While doing a Black box pen test via the TCP port (80), you noticed that the traffic gets blocked when you tried
to pass IRC traffic from a web enabled host. However, you also noticed that outbound HTTP traffic is being
allowed. What type of firewall is being utilized for the outbound traffic?
What kind of risk will remain even if all theoretically…
What kind of risk will remain even if all theoretically possible safety measures would be applied?
Which of the following is the greatest threat posed by …
Backing up data is a security must. However, it also have certain level of risks when mishandled. Which of the
following is the greatest threat posed by backups?
Calculate for the Annualized Loss Expectancy (ALE).
The chance of a hard drive failure is known to be once every four years. The cost of a new hard drive is $500.
EF (Exposure Factor) is about 0.5. Calculate for the Annualized Loss Expectancy (ALE).
Which of the following tools can be used for passive OS…
TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during
standard layer 4 network communications. Which of the following tools can be used for passive OS
fingerprinting?
What phase of security testing would your team jump in …
A company recently hired your team of Ethical Hackers to test the security of their network systems. The
company wants to have the attack be as realistic as possible. They did not provide any information besides the
name of their company. What phase of security testing would your team jump in right away?
Which of the following is NOT one of the five basic res…
The practical realities facing organizations today make risk response strategies essential. Which of the
following is NOT one of the five basic responses to risk?