Which of the following information security elements guarantees that the sender of a message cannot later deny having sent the message and the recipient cannot deny having received the message?
A Confidentiality
B Non-repudiation
C Availability
D Integrity Correct answer- B
A phase of the ...
Which of the following information security elements guarantees that the sender of a
message cannot later deny having sent the message and the recipient cannot deny
having received the message?
A Confidentiality
B Non-repudiation
C Availability
D Integrity Correct answer- B
A phase of the cyber kill chain methodology triggers the adversary's malicious code,
which utilizes a vulnerability in the operating system, application, or server on a target
system. At this stage, the organization may face threats such as authentication and
authorization attacks, arbitrary code execution, physical security threats, and security
misconfiguration.
Which is this phase of the cyber kill chain methodology?
A Reconnaissance
B Weaponization
C Exploitation
D Installation Correct answer- C
Which of the following is a category of hackers who are also known as crackers, use
their extraordinary computing skills for illegal or malicious purposes, and are often
involved in criminal activities?
A Black hats
B White hats
C Suicide hackers
D Script kiddies Correct answer- A
John, a professional hacker, has launched an attack on a target organization to extract
sensitive information. He was successful in launching the attack and gathering the
required information. He is now attempting to hide the malicious acts by overwriting the
server, system, and application logs to avoid suspicion.
Which of the following phases of hacking is John currently in?
,A Maintaining access
B Scanning
C Clearing tracks
D Gaining access Correct answer- C
Which of the following risk management phases involves selecting and implementing
appropriate controls for the identified risks to modify them?
A Risk tracking and review
B Risk identification
C Risk treatment
D Risk assessment Correct answer- C
In which of the following incident handling and response phases are the identified
security incidents analyzed, validated, categorized, and prioritized?
A Incident recording and assignment
B Incident triage
C Containment
D Eradication Correct answer- B
Which of the following phases of risk management is an ongoing iterative process that
assigns priorities for risk mitigation and implementation plans to help determine the
quantitative and qualitative value of risk?
A Risk identification
B Risk treatment
C Risk tracking and review
D Risk assessment Correct answer- D
Jack, a security professional, was instructed to introduce a security standard to handle
cardholder information for major debit, credit, prepaid, e-purse, ATM, and POS cards. In
the process, Jack has employed a standard that offers robust and comprehensive
standards as well as supporting materials to enhance payment-card data security.
What is the security standard that Jack has employed?
A HIPAA
B SOX
C DMCA
D PCI DSS Correct answer- D
Morris, an attacker, has targeted an organization's network. To know the structure of the
target network, he combined footprinting techniques with a network utility that helped
him create diagrammatic representations of the target network.
, What is the network utility employed by Morris in the above scenario?
A Netcraft
B Tracert
C Shodan
D BuzzSumo Correct answer- B
Which of the following Google advanced search operators displays similar websites to
the specified URL?
A [site:]
B [info:]
C [inurl:]
D [related:] Correct answer- D
Which of the following techniques is used by an attacker to perform automated
searches on the target website and collect specified information, such as employee
names and email addresses?
A Web spidering
B Website mirroring
C Monitoring of web updates
D Website link extraction Correct answer- A
Jude, an attacker, has targeted an organization's communication network. While
conducting initial footprinting, he used a Google dork to find the VoIP login portals of the
organization.
What is the Google dork that helped Jude find the VoIP login portals?
A inurl:8080 intitle:"login" intext:"UserLogin" "English"
B inurl:/voice/advanced/ intitle:Linksys SPA configuration
C inurl:/remote/login?lang=en
D !Host=*.* intext:enc_UserPassword=* ext:pcf Correct answer- A
Stokes, an attacker, decided to find vulnerable IoT devices installed in the target
organization. In this process, he used an online tool that helped him gather information
such as a device's manufacturer details, its IP address, and the location where it is
installed.
What is the online tool that Stokes used in the above scenario?
A DuckDuckGo
B Baidu
C Shodan
Les avantages d'acheter des résumés chez Stuvia:
Qualité garantie par les avis des clients
Les clients de Stuvia ont évalués plus de 700 000 résumés. C'est comme ça que vous savez que vous achetez les meilleurs documents.
L’achat facile et rapide
Vous pouvez payer rapidement avec iDeal, carte de crédit ou Stuvia-crédit pour les résumés. Il n'y a pas d'adhésion nécessaire.
Focus sur l’essentiel
Vos camarades écrivent eux-mêmes les notes d’étude, c’est pourquoi les documents sont toujours fiables et à jour. Cela garantit que vous arrivez rapidement au coeur du matériel.
Foire aux questions
Qu'est-ce que j'obtiens en achetant ce document ?
Vous obtenez un PDF, disponible immédiatement après votre achat. Le document acheté est accessible à tout moment, n'importe où et indéfiniment via votre profil.
Garantie de remboursement : comment ça marche ?
Notre garantie de satisfaction garantit que vous trouverez toujours un document d'étude qui vous convient. Vous remplissez un formulaire et notre équipe du service client s'occupe du reste.
Auprès de qui est-ce que j'achète ce résumé ?
Stuvia est une place de marché. Alors, vous n'achetez donc pas ce document chez nous, mais auprès du vendeur EvaTee. Stuvia facilite les paiements au vendeur.
Est-ce que j'aurai un abonnement?
Non, vous n'achetez ce résumé que pour €10,54. Vous n'êtes lié à rien après votre achat.
