1- The intrusion detection system at a software development company suddenly generates multiple alerts regarding attacks against the company’s external webserver, VPN concentrator, and DNS servers. What should the security team do to determine which alerts to check ﬁrst?
A. Investigate based on the maintenance schedule of the affected systems
B. Investigate based on the service level agreements of the systems.
C. Investigate based on the potential effect of the incident.
D. Investigate based on the order that the alerts arrived in.
Answer: C. Investigate based on the potential effect of the incident
2- As a Certiﬁed Ethical Hacker, you were contracted by a private ﬁrm to conduct an external security assessment through penetration testing.What document describes the speciﬁcs of the testing, the associated violations, and essentially protects both the organization’s interest and your liabilities as a tester?
B-Rules of Engagement
C-Service Level Agreement
Answer: Rules of Engagement
3- In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account’s conﬁdential ﬁles and information. How can he achieve this?
A. Port Scanning
B. Hacking Active Directory
C. Privilege Escalation
Answer: C. Privilege Escalation
4-Least privilege is a security concept that requires that a user is
A. limited to those functions required to do the job.
B. given root or administrative privileges.
C. trusted to keep all data and access to that data under their sole control.
D. given privileges equal to everyone else in the department.
Answer: A. limited to those functions required to do the job
6- Deﬁning rules, collaborating human workforce, creating a backup plan, and testing the plans are within what phase of the Incident Handling Process?
A. Preparation phase
B. Containment phase
C. Recovery phase
D. Identiﬁcation phas
Answer: A. Preparation phase
7- What is the term coined for logging, recording and resolving events in a company?
A. Internal Procedure
B. Security Policy
C. Incident Management Process
Answer: C. Incident Management Process
8- Describes the speciﬁcs of the testing, the associated violations, and essentially protects both the bank’s interest and your liabilities as a tester?
A. Service Level Agreement
B. Non-Disclosure Agreement
C. Terms of Engagement
D. Project Scope
Answer: C. Terms of Engagement
9- Which initial procedure should an ethical hacker perform after being brought into an organization?
A. Begin security testing.
B. Turn over deliverables.
C. Sign a formal contract with non-disclosure.
D. Assess what the organization is trying to protect
Answer: C. Sign a formal contract with non-disclosure
10- Which of the following ensures that updates to policies, procedures, and conﬁgurations are made in a controlled and documented fashion?
A. Regulatory compliance
B. Peer review
C. Change management
D. Penetration testing