CMIT 321| ETHICAL HACKING| FINAL EXAM
WITH 100% CORRECT ANSWERS|
2024|GRADED A
1. What are the three techniques that can used to propagate malicious code?
o Autonomous
o Back dating
o Central source
o Back chaining
2. Which of the following is a transmission method of digital date that uses a pseudo
random noise spreading code?
o IR
o OFDM
o DSSS
o FHSS
3. Using private, non-routable IP address for a penetration test is an example of:
o External assessment
o Network based assessment
o Internal assessment
o Host-based assessment
4. Which of the following belowly accurately describes transmission control protocol?
(choose all tthat apply)
o Supports retransmission of lost data
o Connection-less oriented protocol
o Can terminate a connection
o Provides acknowledgment
5. The MAC address of an access point is refvrred to as the .
o OFDM
o SSID
o BSSID
o ESSID
6. Which of the following can used as a traceroute tool/
o Path analyzer pro
o TTL (time to live)
o Nslookup
o Pingpath
7. The security account manager (SAM) database contains:
o Users’ passwords
o Users’ passwords in unicode
o Users’ passwords in hexadecimal (0-F)
o Hashes of Users’ passwords
8. Which two of the following are among the major fice actors of the NIST Cloud
Computing Reference Architecture?
o Cloud broker
o Cloud database
, o CloudShareOne
o Cloud Auditor
9. Examining network devices for srttings and configuration is an example of:
o External assessment
o Network based assessment
o Internal assessment
o Host-based assessment
10. What is the last step in the vulnerability management life cycle?
o Risk assessment
o Remediation
o Monitoring
o Creating a baseline
11. Which of the following is true about active stack finger printing?
o Uses sniffing techniques instead of scanning techniques
o Is based on the fact that various vendors of OS implement the TCP stack
differently
o TCP connect scan
o Is based on the differential implantation of the stack and the various ways an OS
responds to it.
12. Rainbow tables are extremely effective for cracking:
o Windows passwords
o Cisco passwords
o Linux passwords
o Salted passwords
13. Which is the best location to place keyloggers?
o Keyboard hardware and the operating system
o Operating system and UPS
o Monitor and keyboard software
o UPS and keyboard
14. The tool hping can be used for:
o Denial of service
o Social engineering
o Phishing
o DNS lookups
15. Which device in a wireloess local area network determines the next network to which a
packet should be forwards/
o Mobile station
o Wireless router
o Wireless modem
o Antenna
16. A smurf attack involves:
o Sending a large oversized packet
, o Phising
o Enumeration
o Spoofing
17. Which of the following are enabled by tooting? (choose all that apply)
o Tethering
o Removing bloatware
o Low-level access to hardware
o Deleting system files
18. Signs of intrusions include which of the following? (choose all that apply)
o Slow performance
o Strange processes
o Missing logs
o System crashes
19. Identify the attack which forces an unsuspecting users browser to send malicious
request the user did not intend.
o Cross-site request forgery(CSRF0
o LDAP injection attack
o Cross-site scripting (XSS)
o SQL injection attack
20. Footprinting tools will help gather the following information about a target: (choose all
that apply)
o Process lists
o Host names
o DNS records
o IP addresses
21. What virus modifies the directory table entries so they point to the virus code instead of
an actual program/
o Encryption viruses
o Boot sector viruses
o Macro viruses
o Cluster viruses
22. Which of the following are Network Time Protocol (NTP) enumeration commands?
(choose all that apply)
o Ntptrace
o Ntpdate
o Net time
o Ntpq
23. Which of the following IDS detection techniques detects the intrusion based on the fixed
behavioral characteristics/
o Signature recognition
o Anomaly detection
o Protocol anomaly detection
WITH 100% CORRECT ANSWERS|
2024|GRADED A
1. What are the three techniques that can used to propagate malicious code?
o Autonomous
o Back dating
o Central source
o Back chaining
2. Which of the following is a transmission method of digital date that uses a pseudo
random noise spreading code?
o IR
o OFDM
o DSSS
o FHSS
3. Using private, non-routable IP address for a penetration test is an example of:
o External assessment
o Network based assessment
o Internal assessment
o Host-based assessment
4. Which of the following belowly accurately describes transmission control protocol?
(choose all tthat apply)
o Supports retransmission of lost data
o Connection-less oriented protocol
o Can terminate a connection
o Provides acknowledgment
5. The MAC address of an access point is refvrred to as the .
o OFDM
o SSID
o BSSID
o ESSID
6. Which of the following can used as a traceroute tool/
o Path analyzer pro
o TTL (time to live)
o Nslookup
o Pingpath
7. The security account manager (SAM) database contains:
o Users’ passwords
o Users’ passwords in unicode
o Users’ passwords in hexadecimal (0-F)
o Hashes of Users’ passwords
8. Which two of the following are among the major fice actors of the NIST Cloud
Computing Reference Architecture?
o Cloud broker
o Cloud database
, o CloudShareOne
o Cloud Auditor
9. Examining network devices for srttings and configuration is an example of:
o External assessment
o Network based assessment
o Internal assessment
o Host-based assessment
10. What is the last step in the vulnerability management life cycle?
o Risk assessment
o Remediation
o Monitoring
o Creating a baseline
11. Which of the following is true about active stack finger printing?
o Uses sniffing techniques instead of scanning techniques
o Is based on the fact that various vendors of OS implement the TCP stack
differently
o TCP connect scan
o Is based on the differential implantation of the stack and the various ways an OS
responds to it.
12. Rainbow tables are extremely effective for cracking:
o Windows passwords
o Cisco passwords
o Linux passwords
o Salted passwords
13. Which is the best location to place keyloggers?
o Keyboard hardware and the operating system
o Operating system and UPS
o Monitor and keyboard software
o UPS and keyboard
14. The tool hping can be used for:
o Denial of service
o Social engineering
o Phishing
o DNS lookups
15. Which device in a wireloess local area network determines the next network to which a
packet should be forwards/
o Mobile station
o Wireless router
o Wireless modem
o Antenna
16. A smurf attack involves:
o Sending a large oversized packet
, o Phising
o Enumeration
o Spoofing
17. Which of the following are enabled by tooting? (choose all that apply)
o Tethering
o Removing bloatware
o Low-level access to hardware
o Deleting system files
18. Signs of intrusions include which of the following? (choose all that apply)
o Slow performance
o Strange processes
o Missing logs
o System crashes
19. Identify the attack which forces an unsuspecting users browser to send malicious
request the user did not intend.
o Cross-site request forgery(CSRF0
o LDAP injection attack
o Cross-site scripting (XSS)
o SQL injection attack
20. Footprinting tools will help gather the following information about a target: (choose all
that apply)
o Process lists
o Host names
o DNS records
o IP addresses
21. What virus modifies the directory table entries so they point to the virus code instead of
an actual program/
o Encryption viruses
o Boot sector viruses
o Macro viruses
o Cluster viruses
22. Which of the following are Network Time Protocol (NTP) enumeration commands?
(choose all that apply)
o Ntptrace
o Ntpdate
o Net time
o Ntpq
23. Which of the following IDS detection techniques detects the intrusion based on the fixed
behavioral characteristics/
o Signature recognition
o Anomaly detection
o Protocol anomaly detection
