Weekend Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

Mark, an attacker, aims to access an organization's internal server, but the local firewall implementation restricted him from achieving this objective. To overcome this issue, he started sending specially crafted requests to the public server, through which he gained access to the local server.

Identify the type of attack initiated by Mark in the above scenario.

A.

Web cache poisoning attack

B.

SSRF attack

C.

TTP response-splitting attack

D.

SSH brute-force attack

Full Access
Question # 5

Clark is an unskilled hacker attempting to perform an attack on a target organization to gain popularity. He downloaded and used freely available hacking tools and software developed by other professional hackers for this purpose.

Identify the type of threat actor described in the above scenario.

A.

Script kiddie

B.

industrial spy

C.

Hacktivist

D.

Cyber terrorist

Full Access
Question # 6

Peter, a network defender, was instructed to protect the corporate network from unauthorized access. To achieve this, he employed a security solution for wireless communication that uses dragonfly key exchange for authentication, which is the strongest encryption algorithm that protects the network from dictionary and key recovery attacks.

Identify the wireless encryption technology implemented in the security solution selected by Peter in the above scenario.

A.

WPA

B.

WPA3

C.

WEP

D.

EAP

Full Access
Question # 7

William is an attacker who is attempting to hack Bluetooth-enabled devices at public places. Within the target’s range, he used special software to obtain the data stored in the victim’s device. He used a technique that exploits the vulnerability in the OBject Exchange (OBEX) protocol that Bluetooth uses to exchange information.

Identify the attack performed by William in the above scenario.

A.

Bluesmacking

B.

Bluesnarfing

C.

Bluebugging

D.

Bluejacking

Full Access
Question # 8

Alice was working on her major project: she saved all her confidential files and locked her laptop. Bob wanted to access Alice’s laptop for his personal use but was unable to access the laptop due to biometric authentication.

Which of the following network defense approaches was employed by Alice on her laptop?

A.

Reactive approach

B.

Proactive approach

C.

Preventive approach

D.

Retrospective approach

Full Access
Question # 9

Kevin logged into a banking application with his registered credentials and tried to transfer some amount from his account to Flora's account. Before transferring the amount to Flora’s account, the application sent an OTP to Kevin's mobile for confirmation.

Which of the following authentication mechanisms is employed by the banking application in the above scenario?

A.

Single sign on (SSO) authentication

B.

Smart card authentication

C.

Biometric authentication

D.

Two factor authentication

Full Access
Question # 10

Harry, a security professional, was hired to identify the details of an attack that was initiated on a Windows system. In this process, Harry decided to check the logs of currently running applications and the information related to previously uninstalled or removed applications for suspicious events.

Which of the following folders in a Windows system stores information on applications run on the system?

A.

C:\Windows\debug

B.

C:\Windows\Book

C.

C:\subdir

D.

C:\Windows\Prefelch

Full Access
Question # 11

Andrew, a system administrator, is performing a UEFI boot process. The current phase of the UEFI boot process consists of the initialization code that the system executes after powering on the EFI system. This phase also manages platform reset events and sets up the system so that it can find, validate, install, and run the PEI.

Which of the following UEFI boot phases is the process currently in?

A.

Pre-EFI initialization phase

B.

Security phase

C.

Boot device selection phase

D.

Driver execution environment phase

Full Access
Question # 12

Peter, an attacker aiming to disrupt organizational services, targeted a configuration protocol that issues IP addresses to host systems. To disrupt the issuance of IP addresses. Peter flooded the target server with spoofed MAC addresses so that valid users cannot receive IP addresses to access the network.

Identify the type of attack Peter has performed in the above scenario.

A.

Session hijacking

B.

Ping-of-death attack

C.

ARP spoofing

D.

DHCP starvation attack

Full Access
Question # 13

Kalley, a shopping freak, often visits different e commerce websites from her office system. One day, she received a free software on her mail with the claim that it is loaded with new clothing offers. Tempted by this, Kalley downloaded the malicious software onto her system. The software infected Kalley's system and began spreading the infection to other systems connected to the network.

Identify the threat source through which Kalley unintentionally invited the malware into the network?

A.

File sharing services

B.

Portable hardware media

C.

insecure patch management

D.

Decoy application

Full Access
Question # 14

Melissa, an ex-employee of an organization, was fired because of misuse of resources and security violations. She sought revenge against the company and targeted its network, as she is already aware of its network topology.

Which of the following categories of insiders does Melissa belong to?

A.

Malicious insider

B.

Professional insider

C.

Compromised insider

D.

Negligent insider

Full Access
Question # 15

A type of malware allows an attacker to trick the target entity into performing a predefined action, and upon its activation, it grants the attacker unrestricted access to all the data stored on the compromised system.

Which of the following is this type of malware?

A.

Key log ger

B.

Botnet

C.

Worm

D.

Trojan

Full Access
Question # 16

Mark, a network administrator in an organization, was assigned the task of preventing data from falling into the wrong hands. In this process, Mark implemented authentication techniques and performed full memory encryption for the data stored on RAM.

In which of the following states has Steve encrypted the data in the above scenario?

A.

Data in transit

B.

Data in rest

C.

Data in use

D.

Data inactive

Full Access
Question # 17

Paola, a professional hacker, configured her wireless router in an organization's premises and advertised it with a spoofed SSID. She lured victims to connect to the router by sending the fake SSID. She started sniffing all the traffic from the victims that is passing through his wireless router.

Which of the following types of attacks is Paola performing in the above scenario?

A.

Key reinstallation attack

B.

Ad-hoc connection attack

C.

Rogue AP attack

D.

AP MAC spoofing attack

Full Access
Question # 18

Morris, an attacker, targeted an application server to manipulate its services. He succeeded by employing input validation attacks such as XSS that exploited vulnerabilities present in the programming logic of an application. Identify the web application layer in which Morris has manipulated the programming logic.

A.

Business layer

B.

Presentation layer

C.

Database layer

D.

Client layer

Full Access
Question # 19

Identify the backup mechanism that is performed within the organization using external devices such as hard disks and requires human interaction to perform the backup operations, thus, making it suspect able to theft or natural disasters.

A.

Offsite data backup

B.

Cloud data backup

C.

Online data backup

D.

Onsite data backup

Full Access
Question # 20

Jack, a forensic investigator, was appointed to investigate a Windows-based security incident. In this process, he employed an Autopsy tool to recover the deleted files from unallocated space, which helps in gathering potential evidence.

Which of the following functions of Autopsy helped Jack recover the deleted files?

A.

Timeline analysis

B.

Web artifacts

C.

Data carving

D.

Multimedia

Full Access
Question # 21

Bob, a forensic investigator, is investigating a live Windows system found at a crime scene. In this process, Bob extracted subkeys containing information such as SAM. Security, and software using an automated tool called FTK Imager.

Which of the following Windows Registry hives' subkeys provide the above information to Bob?

A.

H KEY-CLASSES. ROOT

B.

HKEY .CURRENT CONFIG

C.

HKEY CURRENT USER

D.

HKEY LOCAL MACHINE

Full Access
Question # 22

Sarah, a forensic investigator, is working on a criminal case. She was provided with all the suspect devices. Sarah employs an imaging software tool for duplicating the original data from the suspect devices. However, the tool she employed failed to image the data as the suspect version of the drive was very old and incompatible with imaging software. Hence, Sarah used an alternative data acquisition technique and succeeded in imaging the data.

Which of the following types of data acquisition techniques did Sarah employ in the above scenario?

A.

Bit-stream disk-to-disk

B.

Bit-stream disk-to-image file

C.

Sparse acquisition

D.

Logical acquisition

Full Access
Question # 23

James is a professional hacker attempting to gain access to an industrial system through a remote control device. In this process, he used a specially designed radio transceiver device to sniff radio commands and inject arbitrary code into the firmware of the remote controllers to maintain persistence.

Which of the following attacks is performed by James in the above scenario?

A.

Malicious reprogramming attack

B.

Re pairing with a malicious RF controller

C.

Command injection

D.

Abusing reprogramming attack

Full Access
Question # 24

While investigating a web attack on a Windows-based server, Jessy executed the following command on her system:

C:\> net view <10.10.10.11>

What was Jessy’s objective in running the above command?

A.

Verify the users using open sessions

B.

Check file space usage to look for a sudden decrease in free space

C.

Check whether sessions have been opened with other systems

D.

Review file shares to ensure their purpose

Full Access
Question # 25

Clark, a security professional, was instructed to monitor and continue the backup functions without interrupting the system or application services. In this process, Clark implemented a backup mechanism that dynamically backups the data even If the system or application resources are being used.

Which of the following types of backup mechanisms has Clark implemented in the above scenario?

A.

Full backup

B.

Cold backup

C.

Hot backup

D.

Offline backup

Full Access
Question # 26

Which of the following standards and criteria version of SWCDE mandates that any action with the potential to alter, damage, or destroy any aspect of original evidence must be performed by qualified persons in a forensically sound manner?

A.

Standards and Criteria 11

B.

Standards and Criteria 13

C.

Standards and Criteria 17

D.

Standards and Criteria 15

Full Access
Question # 27

Cibel.org, an organization, wanted to develop a web application for marketing its products to the public. In this process, they consulted a cloud service provider and requested provision of development tools, configuration management, and deployment platforms for developing customized applications.

Identify the type of cloud service requested by Cibel.org in the above scenario.

A.

Security-as-a-service (SECaaS)

B.

Infrastructure-as-a-service (laaS)

C.

identity-as-a-service (IDaaS)

D.

Platform-as-a-service

Full Access
Question # 28

Sam is working as a loan agent for a financial institution. He frequently receives a number of emails from clients providing their personal details for loan approval. As these emails contain sensitive data. Sam had set up a feature that directly downloads the emails on his device without storing a copy on the mail server.

Which of the following protocols provides the above-discussed email features?

A.

SHA-1

B.

ICMP

C.

SNMP

D.

POP3

Full Access
Question # 29

James, a forensic specialist, was appointed to investigate an incident in an organization. As part of the investigation, James is attempting to identify whether any external storage devices are connected to the internal systems. For this purpose, he employed a utility to capture the list of all devices connected to the local machine and removed suspicious devices.

Identify the tool employed by James in the above scenario.

A.

Promise Detect

B.

DriveLetlerView

C.

ESEDatabaseView

D.

ProcDump

Full Access