Professional Documents
Culture Documents
N° QUESTION ANSWERS
1 TCP-three handshake process and termination is: B : connection etablishment : SYN, SYN-ACK, ACK
Connection termination : FIN, ACK-FIN, ACK
2 which of the following will perform a Xmas Scan D : nmap –sx 192.168.1.254
using NMAP ?
69 in order to have anonymous internet surf which of the A : use tor network with multi mode
following is the best choice
70 When conducting a pentest, which document give D : rules of engagement
description of the tasks, the permissions,… ?
71 You want to analyze packets on wireless, which C : Wireshark with airaircap
of the following utility is the most appropriate ?
72 What proxy tool will help you to find web D : Burpsuite
vulnerabilities
73 Todd has been asked by security officer to purchase a An authenfication system that createon time passwords
counter-based authentification system. Which of the that are encrypt with secret keys
following best describe this system?
74 As an Ethical Hacker, you are capturing from your C : tcp.port eq 25
customer network … SMTP traffic … WIRESHARK
75 The term describes when 2 pieces have the same Collision
value after encrypting is :
76 A wireless client on a 802.11 network, who use the B : the wap does not recognize the client MAC adresses
same software and hardware than other, can see the
network but can't connect. A wi-fi packet sniffer
show that the WAP response to a request from him.
What's a possible source of the problem ?
77 In a network, if there is an IDS, which port scanning B : TCP SYN
can't be used ?
78
79
80 A large mobile telephony and data network has a data C : networks elements must be hardened with users IDS
center that houses nework elements these are and stongs passwords. Regular security test and audits
essentially large computer running on linux the should be performed
perimeter of the datacenter is secure ; what’s the best
security policy ?
81 An incident investigator ask to receive a copy of the B : the attacker altered or erased event from the log
event log from all firewalls, proxy server …possible A : proper chain of custody
breach of security ; the sequence of many of the
logged events do not match up what’s the most likely
cause ?
82 A company want to perform a web application C : single quote
security test. It's a dynamic site and it use a back end
database. In order to perform an sql injection, what is
the first caracter in the request ?
83 B : it i scan accelerate benchmark tests and repeat with a
consistent test setup. But il cannot replace manually
84 Crypto is the best practice for secure D : public key cryptography, also know as asymetric
communication. Modern crypto implies which of cryptography., public decryp and private encrypt
the following ?
85 Which type of security features stop vehicule in the B : bollards
physical security ?
86 Sid is a judge in a test team, she tests for A : sandboxing the code
accepting a source code in another OS, What is
the middle step ?
87 B : encrypt the data on the hard drive what is the most
secure way to mitigate
88 an attacker attaches a rogue router in network ; he A : disable all routing protocols and only use static route
wants to redirect traffic to a LAN attached to his
router as part of a man in the middle …what measure
on behalf…. Can mitigate this attack ?
89 What is correct about digital signature? D : digital signatures cannot cannot be moved from one
signed doc to another one
90 What firewall check on packet to prevent particulars A : transport layer ports numbers and applications layers
port and application from getting inside ? headers
91 A security Engineer at a medium sized accounting … D : banner grabbing
tasked with discovery…information facing web
server accept range …bit…..wed 28 dec 2010 which
of the following is an example… ?
92 A computer science student need to fill some C : dictionnary attack
information into secured adobe pdf job application
that was received from perspective employer …a list
of password …with cryptography attack the student
is attempt
93 C : defense in deph
94 An IT employee got a call of someone who was C : the employees should not provide any information
without previous management autoritization
asking information about internal computer and
infrastructure, what should he do ?
95 Pharming and Phishing, differences ? A : in a phishing attack is redirect to take website
96
97 There is a regulation for medical electronic hardware. HIPAA
It's define a guideline stipulate that all measures must
be savely. (je ne suis pas sur de la description, check
chez divine stp) Which of the following best match
the description ?
98 julie is afraid by stolen of his computer during one of Full disk description
her travel. She want to protect his data from leakage
in case it's appears. What's the best way to protect
this data ?
99 Which of yhe following is a passive wifi packet KISMET
analyser that works on linux-based system ?
100 An attacker want to launch a ICMP Scan using D : Hping2 -1host.domain.com
hping2. What's the syntax of the command ?
101 The use of vpn for gaining access to an internal B : remote access policy
corporate network
102 Seth is starting a penetration test from inside the A : internal blackbox
network. He hasn’t been given any information about
the network. What type of test is conducted?
103 A tester wants to ping a server but no response B : hping
that states unreachable ICMP may be disabled.
Which option is the best ?
104 B : metasploit
105 Resultat de la commande DIG : DIG 9.7 -P1 axfr D : the hacker successfuly transfered the zone and
domain.com@192.168.1.105 global option: +cmd enumerated the hosts
(plusieurs ligne avec les enregistrements DNS). What
did a hacker complete ?
106 A hacker gain access of a Linux host and has C : the password file does not content password
stolen password for etc/pwd How can he use it ?
107 id executive are found liable for not properly C : civil
protecting their company’s assets and information
system what type of lawwould apply in this
situation ?
108 …Attemptind an injection attack on a webserver A : blind Sql
based on response to true false questions is called
which of the followings ?
109 Which of the following is considered a strength of A: speed
symmetric algorithm when compared with
asymmetric algorithm ?
110 … Nmap –sS –T4 -0 192.168.99.1 … B : he permoed SYN scan and OS scan email
111 Access control through one Central Point A : single sign on
matches with
112 What attack based on precomputed table B : Rainbow table attack
113 Which service in PKI will vouch A : CA
114 Port scanning can be used as part of a technical B : the hosts will ignore packets
assessment to determine network vulnerability. The
Tcp XMAS is used to identify listening ports on the
targeted system. If a scanned port is open, what
happens?
115 An attacker change the profile of a victim using Cross site request forgery (CSRF)
code below:
Iframe src= http vulnerweb …….
………………
Which attack using HTTP Get and Post
116 Rebecca comonly sees an error on her windwows B : malicious code is attempting to execute instructions a
system that states that a data execution in a non executable memory
prevention(DEP) error has taken place which of the
following is most like taking place ?
117 By using a smart card and pin you are using two B : something you have
factorauthentification …
118 in an internal security audit the white hacker gain D : privilege escalation
control over a user account and attempt acces another
account information what kind of technique is used ?
119 There is one scenario : - Victim open attacker Clickjacking attack
website ; - Attacker make an attractive site with fake
gift for the victim ; - Victim click on the link of the
gift ; - Attacker create 'iframe'… What's name of the
attack ?
120 Bob learns that his credentials are compromised: C : a fingerprint scanner and his username and passwords
He contacts for resetting and they suggested dual
factor authentication, which is the best ?
121 You're an ethical hacker who audit a company. When D : both static routes indicates that the traffic is external
you verify the NOC, one of the machine has 2 with different gateway
connexions, one wired and other wireless. When you
check the configuration route, you have : route add
10.0.0.0 Mask 255.0.0.0 10.0.0.1 route add 0.0.0.0
mask 255.0.0.0 192.168.0.1 (j'ai pas noté la question,
essaie de voir avec divine stp)
122 Firewalk complete the second phase of his scan. The C : the filewall itsel is blocking port 21 throug 23 and
output of the scan is sent to a technician. What can be service is listening on port 23 of the target
the conclusion after readint the report ? Tcp 21 no
response tcp 22 no response tcp 23 TTL
123 A company want to make a security assesment after a C : place a front-end web server in DMZ that only
breach, where the attacker has steal financial data handles external web traffic
using only one server. What can be one key of your
recommandations ?
124 Which metasploit frame work tool can help pentest D : Msfencode
125 What's the meaning of this google search query : C : results matching « accountling » in domain target.com
site:target.com -site:marketing.target.com accounting but not on the site
?
A newly discovered flaw in a software in a software application would be considered which kind of
security vulnerability?
Which of the following is considered an exploit framework and has the ability to perform an automated
attack on services, port, application, unpatched security flaw in computer system
You are performing a penetration test, you archived access via a buffer overfload exploit and you
proceed to find interesting data such files…
Your next door neighbor that you do not get alone with is having issue with their network, so he yells to
his spouse he network’s SSID and password and you hear them both cleary. What do you do with this
information
A large company intends to use blackberry for corporate mobile phone and a security… will use the
blackjacking attack method to demonstrate how an attacker … prometric online testing …
?? A penetration test was done at a company after the test a repport was writen …a section of the
report is shown below :