Quick Links
Why Us
Unlimited Packages
Site Secure
TESTED 21 Nov 2024
We Accept
John, a professional penetration tester, was hired by an organization for conducting a penetration test on their IT infrastructure. He was assigned the task of identifying risks, rather than finding vulnerabilities. In this process, he defined the goal before initiating the penetration test and performed multiple parallel processes to achieve the goal.
Identify the type of penetration assessment performed by John in the above scenario.
Below are the various steps involved in forensic readiness planning.
l.Keep an incident response team ready to review the incident and preserve the evidence.
2.Create a process for documenting the procedure.
3.ldentify the potential evidence required for an incident.
4.Determine the sources of evidence.
5.Establish a legal advisory board to guide the investigation process.
6.ldentify if the incident requires full or formal investigation.
7.Establish a policy for securely handling and storing the collected evidence.
8.Define a policy that determines the pathway to legally extract electronic evidence with minimal disruption. Identify the correct sequence of steps involved in forensic readiness planning.
Melanie, a professional hacker, is attempting to break into a target network through an application server. In this process, she identified a logic flaw in the target web application that provided visibility into the source code. She exploited this vulnerability to launch further attacks on the target web application.
Which of the web application vulnerabilities was identified by Melanie in the above scenario?
Sandra, a hacker, targeted Johana, a software professional, to steal her banking details. She started sending frequent, random pop-up messages with malicious links to her social media page. Johana accidentally clicked on a link, causing a malicious program to get installed in her system. Subsequently, when Johana attempted to access her banking website, the URL directed her to a malicious website controlled by Sandra. Johana entered her banking credentials on the fake website, which Sandra then captured.
Identify the type of attack performed by Sandra on Johana.
Alice was working on her major project: she saved all her confidential files and locked her laptop. Bob wanted to access Alice’s laptop for his personal use but was unable to access the laptop due to biometric authentication.
Which of the following network defense approaches was employed by Alice on her laptop?
James is a professional hacker attempting to gain access to an industrial system through a remote control device. In this process, he used a specially designed radio transceiver device to sniff radio commands and inject arbitrary code into the firmware of the remote controllers to maintain persistence.
Which of the following attacks is performed by James in the above scenario?
Bob has secretly installed smart CCTV devices (loT devices) outside his home and wants to access the recorded data from a remote location. These smart CCTV devices send sensed data to an intermediate device that carries out pre-processing of data online before transmitting it to the cloudfor storage and analysis. The analyzed data is then sent to Bob for initiating actions.
Identify the component of loT architecture that collects data from loT devices and performs data preprocessing.
An investigator wants to extract information about the status of the network interface cards (NICs) in an organization's Windows-based systems. Identify the command-line utility that can help the investigator detect the network status.
Bob, a network administrator in a company, manages network connectivity to 200 employees in six different rooms. Every employee has their own laptop to connect to the Internet through a wireless network, but the company has only one broadband connection.
Which of the following types of wireless networks allows Bob to provide Internet access to every laptop and bring all the devices to a single network?
Mary was surfing the Internet, and she wanted to hide her details and the content she was surfing over the web. She employed a proxy tool that makes his online activity untraceable.
Identify the type of proxy employed by John in the above scenario.
An organization decided to strengthen the security of its network by studying and analyzing the behavior of attackers. For this purpose. Steven, a security analyst, was instructed to deploy a device to bait attackers. Steven selected a solution that appears to contain very useful information to lure attackers and find their locationsand techniques.
Identify the type of device deployed by Steven in the above scenario.
Melissa, an ex-employee of an organization, was fired because of misuse of resources and security violations. She sought revenge against the company and targeted its network, as she is already aware of its network topology.
Which of the following categories of insiders does Melissa belong to?
An loT sensor in an organization generated an emergency alarm indicating a security breach. The servers hosted in an loT layer accepted, stored, and processed the sensor data received from loT gateways and created dashboards for monitoring, analyzing, and implementing proactive decisions to tackle the issue.
Which of the following layers in the loT architecture performed the above activities after receiving an alert from the loT sensor?
Alana, an employee in an organization, took a short break after spending exhausting hours on a project. For relaxation, she went to a cafeteria with her laptop, where she connected to the public Internet. While browsing the web, she received a project modifications file on her mail and reverted with another file that contained the required changes.
Which of the following BYOD risks has emerged from the above scenario?
A major fire broke out in the storeroom of CyberSol Inc. It first gutted the equipment in the storeroom and then started spreading to other areas in the company. The officials of the company informed the fire department. The fire rescue team reached the premises and used a distribution piping system to suppress the fire, thereby preventing any human or asset loss.
Identify the type of fire-fighting system used by the rescue team in the above scenario.
Sam is working as a loan agent for a financial institution. He frequently receives a number of emails from clients providing their personal details for loan approval. As these emails contain sensitive data. Sam had set up a feature that directly downloads the emails on his device without storing a copy on the mail server.
Which of the following protocols provides the above-discussed email features?
Bob, a security professional, was recruited by an organization to ensure that application services are being delivered as expected without any delay. To achieve this. Bob decided to maintain different backup servers for the same resources so that if one backup system fails, another will serve the purpose.
Identify the IA principle employed by Bob in the above scenario.
Kevin logged into a banking application with his registered credentials and tried to transfer some amount from his account to Flora's account. Before transferring the amount to Flora’s account, the application sent an OTP to Kevin's mobile for confirmation.
Which of the following authentication mechanisms is employed by the banking application in the above scenario?
A disk drive has 16.384 cylinders, 80 heads, and 63 sectors per track, and each sector can store 512bytes of data. What is the total size of the disk?
Bruce, a professional hacker, targeted an OT network. He initiated a looping strategy to recover the password of the target system. He started sending one character at a time to check whether the first character entered is correct: If so, he continued the loop for consecutive characters. Using thistechnique. Bruce identified how much time the device takes to finish one complete password authentication process, through which he determined the correct characters in the target password.
Identify the type of attack launched by Bruce on the target OT network.
Mark, an attacker, aims to access an organization's internal server, but the local firewall implementation restricted him from achieving this objective. To overcome this issue, he started sending specially crafted requests to the public server, through which he gained access to the local server.
Identify the type of attack initiated by Mark in the above scenario.
Below are the various steps involved in establishing a network connection using the shared key authentication process.
l.The AP sends a challenge text to the station.
2.The station connects to the network.
3.The station encrypts the challenge text using its configured 128-bit key and sends the encrypted text to the AP.
4.The station sends an authentication frame to the AP.
5.The AP uses its configured WEP key to decrypt the encrypted text and compares it with the original challenge text.
What is the correct sequence of steps involved in establishing a network connection using the shared key authentication process?
Peter, a network defender, was instructed to protect the corporate network from unauthorized access. To achieve this, he employed a security solution for wireless communication that uses dragonfly key exchange for authentication, which is the strongest encryption algorithm that protects the network from dictionary and key recovery attacks.
Identify the wireless encryption technology implemented in the security solution selected by Peter in the above scenario.
Clark, a security professional, was instructed to monitor and continue the backup functions without interrupting the system or application services. In this process, Clark implemented a backup mechanism that dynamically backups the data even If the system or application resources are being used.
Which of the following types of backup mechanisms has Clark implemented in the above scenario?
Michael is an attacker who aims to hack Bob's system. He started collecting data without any active interaction with Bob’s system. Using this technique. Michael can extract sensitive information from unencrypted data.
Identify the class of attack Michael has launched in the above scenario.
Finch, a security professional, was instructed to strengthen the security at the entrance. At the doorway, he implemented a security mechanism that allows employees to register their retina scan and a unique six-digit code, using which they can enter the office at any time.
Which of the following combinations of authentication mechanisms is implemented in the above scenario?
William is an attacker who is attempting to hack Bluetooth-enabled devices at public places. Within the target’s range, he used special software to obtain the data stored in the victim’s device. He used a technique that exploits the vulnerability in the OBject Exchange (OBEX) protocol that Bluetooth uses to exchange information.
Identify the attack performed by William in the above scenario.
TESTED 21 Nov 2024