All these Questions are in this Section were asked in Certified Ethical Hacker Examinations of EC-Council .This is the 12th part
1- . A hacker is an intelligent individual with excellent computer skills that grant them the ability to explore a computer’s software and hardware without the owner’s permission. Their intention can either be to simply gain knowledge or to illegally make changes. Which of the following class of hacker refers to individual who work both offensively and defensively at various times?
A. Gray Hat
B. Black Hat
C. Suicide Hacker (Don’t bother suffering long term jail)
D. White Hat
2- . Nation-state threat actors often discover vulnerabilities and hold on to them until they want to launch a sophisticated attack. The Stuxnet attack was an unprecedented style of attack because it used four types of vulnerability. What is this style of attack called?
3- . A newly discovered ﬂaw in a software application would be considered which kind of security vulnerability?
A. Input validation ﬂaw
B. HTTP header injection vulnerability
C. 0-day vulnerability
D. Time-to-check to time-to-use ﬂaw
5- An IT employee got a call from one of our best customers. The caller wanted to know about the company’s network infrastructure, systems, and team. New opportunities of integration are in sight for both company and customer. What should this employee do?
A. Since the company’s policy is all about Customer Service, he/she will provide information.
B. Disregarding the call, the employee should hang up.
C. The employee should not provide any information without previous management authorization.
D. The employees can not provide any information; but, anyway, he/she will provide the name of the person in charge
6- A well-intentioned researcher discovers a vulnerability on the web site of a major corporation. What should he do?
B. Try to sell the information to a well-paying party on the dark web.
C. Exploit the vulnerability without harming the web site owner so that attention be drawn to the problem.
D. Notify the web site owner so that corrective action be taken as soon as possible to patch the vulnerability.
7- To reduce the attack surface of a system, administrators should perform which of the following processes to remove unnecessary software, services, and insecure conﬁguration settings?
8- . An unauthorized individual enters a building following an employee through the employee entrance after the lunch rush. What type of breach has the individual just performed?
C. Reverse Social Engineering
9- Jimmy is standing outside a secure entrance to a facility. He is pretending to having a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it begins to close. What just happened?
10- It is an entity or event with the potential to adversely impact a system through unauthorized access, destruction, disclosure, denial of service or modiﬁcation of data. Which of the following terms best matches the deﬁnition?
Related Link ,See once
SECURITY TOOLS -Cyber Security # 4
Security Tips – Cyber Security #3
Method Of Defence – Cyber Security #2
Computer Threats – Cyber Security #1
Cyber Security Introduction
>>> CONTACT US < <<