Technical questionnaire

0 of 0 answered

Scanning is performed in which phase of a penetration test?

a ) Passive information gathering
b ) Attack
c ) Post-attack
d ) Active information gathering

What is the attack called “evil twin”?

a ) MAC spoofing
b ) ARP poisoning
c ) Rogue access point
d ) Session hijacking

Within HTTP, which header includes the URL of the web page containing the link that initiated the current request?

a ) Post
b ) Referer
c ) Send
d ) User-Agent

Which port is commonly used in exploitations?

a ) 443
b ) 445
c ) 77
d ) 213

Precomputed hashes that are intended to contain every possible combination of characters for the purpose of comparing them against a captured password, are known as which of the following?

a ) Rainbow tables
b ) Dictionaries
c ) Water Lillies
d ) Salt mines

Which of the following tools can be used for scanning?

a ) John the ripper
b ) Nmap
c ) Hashcat
d ) Aircrack

Sniffing a password from a wireless network is what type of attack?

a ) Brute-force attack
b ) Active attack
c ) Dictionary attack
d ) Passive attack

After performing Nmap TCP port scanning on the company network, Port 137 is found opened. Which of the following services of this port might be used by an attacker?

a ) NTP
b ) POP3
c ) SFTP
d ) NETBIOS

The password for which of the following protocols can be sniffed out of an Unencrypted Wireless Network?

a ) SSL
b ) HTTPS
c ) POP3
d ) SSH

Which of the following is a DNS Enumeration tool?

a ) Nikto
b ) Burpsuite
c ) Clang
d ) NSLookup

Which of the following NMAP scanning types is also known as half-open scanning?

a ) XMAS Tree scan
b ) ACK Scan
c ) SYN stealth scan
d ) TCP Connect

When working with Windows systems, what is the RID of the true administrator account?

a ) 500
b ) 501
c ) 1000
d ) 1001

Which of the following solutions provides an alternative to manual assignment of IP addresses?

a ) DNS
b ) SNMP
c ) NAT
d ) DHCP

Which of the following is not a typical web application attack?

a ) Cross site scripting
b ) SQL Injection
c ) Reverse engineering
d ) Cross site request forgery

What control operates on layer 3 of the OSI Model?

a ) Session
b ) Presentation
c ) Physical
d ) Network

How many bits make up a MAC address?

a ) 24
b ) 48
c ) 32
d ) 64

Which of the following wireless encryption schemes offers the highest level of protection?

a ) WEP
b ) WPA
c ) WPA2
d ) WPA

SQL injection is an attack in which _________ code is inserted into strings that are later passed to an instance of SQL Server.

a ) malicious
b ) redundant
c ) clean
d ) non malicious

Which of the following are a common exploit again SMB?

a ) MS01-999
b ) MS08-067
c ) MS13-097
d ) EX-1901

You have successfully gained access to your client's internal network and successfully compromised a Linux server which is part of the internal IP network. You want to know which Microsoft Windows workstations have file sharing enabled. Which port would you see listening on these Windows machines in the network?

a ) 1433
b ) 161
c ) 3389
d ) 445

Which of the following controller/processing scenarios in principle CAN use the Public Interest legal basis?

a ) A vehicle licensing agency selling owner names and contact details to the private sector in exchange for money
b ) A company director credit checking agency republishing the contents of a Mandatory Public Register of directors which is already in the public domain publishing the names and addresses of directors on the internet
c ) A registered and regulated charity receiving information from any public sector body as part of a lawful Data Sharing Agreement
d ) None of the above

Where the data subject is a child, what steps must controllers take in respect of consent, within the constraints of available technology?

a ) Controllers must make best efforts to verify the consent
b ) Controllers must make reasonable efforts to verify the consent
c ) Controllers must make best efforts to request the consent in clear and plain language, in the context of the age of the child
d ) Controllers must make reasonable efforts to request the consent in clear and plain language, in the context of the age of the child

What does GDPR stand for?

a ) General Data Protection Regulation
b ) Generic Data Principle Regulation
c ) General Duties Policy Regulation
d ) General Data Policy Regulation

Regarding data subjects protected by the GDPR, which of the following statements is true?

a ) The GDPR protects only people who are physically located in the EU
b ) The GDPR protects only EU citizens
c ) The GDPR protects only EU residents
d ) The GDPR protects only EU domiciliaries

For purposes of a data protection impact assessment, when must the controller seek the views of data subjects or their representatives on the intended processing?

a ) Always
b ) Never
c ) When appropriate
d ) When the supervisory authority requests it

A _________ is a set of processes and procedures that transforms data into information and knowledge.

a ) Information system
b ) Knowledge system
c ) Database system
d ) Computer system

In a typical _________ Network, application processing is shared between clients and one more servers.

a ) Client server computing
b ) Cloud computing
c ) Mobile computing
d ) Data computing

The _________ Is defined as a set of activities performed across the organisation creating as output of value to the customer.

a ) Development process
b ) Business process
c ) Quality process
d ) Customer focus

Controls of data communication deal with

a ) The communication channel
b ) The computer
c ) Terminals
d ) All of the above

How should the level of risk for an organization be determined?

a ) Combining consequence and likelihood of events
b ) Combining importance and acceptance of events
c ) Combining acceptable and tolerable events
d ) Combining profitability and analysis of events

Business continuity is the capability of an organization to react to disruptions. What should the Business Continuity Management System (BCMS) be?

a ) A part of the organization's IT Management system
b ) A part of the organization’s overall management system
c ) Always managed by an external service provider
d ) Separate from the organization’s overall management system

An organization should provide appropriate procedures to respond to unanticipated threats and changing internal and external conditions and ensure that its activities continue based on their identified recovery objectives in the BIA.

a ) Flexible
b ) Proactive
c ) Smart
d ) Strict

When identifying risks of disruptive incidents, how are single points of failure (SPOF), inadequacies in fire protection, electrical resilience, staffing levels, IT security and IT resilience considered?

a ) Impacts
b ) Risks
c ) Threats
d ) Vulnerabilities

The organization should establish a formal evaluation process for determining continuity and recovery priorities and objectives. What is one of the purposes of the Business Impact Analysis (BIA)?

a ) to determine the business continuity strategy
b ) to determine minimal acceptable outage
c ) to identify risks

Which of the following is an international IT Service Management (ITSM) Standard?

a ) ISO 9000.
b ) ISO 20000.
c ) ISO 27001.
d ) ISO 14000.

How many principles are there under the Data Protection Act 1998?

a ) 2
b ) 8
c ) 10
d ) 16

Which one of the following would be classified as sensitive personal data?

a ) Address
b ) CCTV video
c ) Name
d ) Religion

If you lose some personal data, such as the physical loss of a laptop, who should you report it to?

a ) The information commissions office
b ) The health and safety executive
c ) The local authority
d ) The government

What is the minimum age for subject access in England and Wales?

a ) 11
b ) 16
c ) 21
d ) None of the above

When should you conduct a Privacy Impact Assessment?

a ) Before a project has been designed or in the early stages of design.
b ) Once the project has been implemented.
c ) One to two years after the project is underway when privacy issues have become clearer.
d ) It makes no difference.

Which layer of the OSI model contains the MAC and LLC sublayers?

a ) Network Layer
b ) Transport Layer
c ) Physical Layer
d ) Data Link Layer

Identify the well-known UDP port number for NTP?

a ) 53
b ) 69
c ) 123
d ) 143

What is the first DHCP message sent by a client attempting to obtain IP address information from a DHCP server?

a ) DHCPOFFER
b ) DHCPACK
c ) DHCPDISCOVER
d ) DHCPREQUEST

What switch feature allows you to connect a network sniffer to a switch port, then tells the switch to send a copy of frames seen on one port, out of the port to which your network sniffer is connected?

a ) Port interception
b ) Port duplexing
c ) Port mirroring
d ) Port redirect

The binary number 10110100 has a decimal equivalent of?

a ) 160
b ) 190
c ) 172
d ) 180

A group of compromised computers that have software installed by a worm or Trojan is known as which of the following?

a ) Virus
b ) Honeypot
c ) Botnet
d ) Zombie

What protocol is used to request a MAC address that corresponds to a known IPv4 address on the local network?

a ) IGMP
b ) TTL
c ) ICMP
d ) ARP

Which of the following is the best mode to use when scanning for viruses?

a ) Safe Mode
b ) Last known good configuration
c ) Command Line
d ) Boot into Windows normally

To code applications in a secure manner, what is the best practice to use?

a ) Cross-site scripting
b ) Flash version 3
c ) Input validation
d ) HTML version 5

What port number is associated with the protocol HTTPS?

a ) 80
b ) 69
c ) 443
d ) 3389

How many assignable IP addresses exist in the 172.16.1.10/27 network?

a ) 30
b ) 32
c ) 14
d ) 64

Which of the following technologies is best suited to prevent wired rogue devices from connecting to a network?

a ) NAC
b ) PRTG
c ) Port Security
d ) NTP

What is the most secure file system to use on a Windows system?

a ) FAT
b ) NTFS
c ) DFS
d ) FAT32

Which of the following is a security reason to implement virtualisation in a network?

a ) To isolate network services and roles
b ) To analyse network traffic more easily
c ) To add network services at lower costs
d ) To centralise patch management

Which one of these is NOT a Denial of Service Attack?

a ) Fraggle attack
b ) Smurf attack
c ) Ping of death
d ) Knife bomb

How can the following IPv6 address be condensed? 2009:0123:4040:0000:0000:0000:000A:100B

a ) 2009::123:404:A:100B
b ) 2009:123:404:A:1B
c ) 2009:123:4040::A100B
d ) 2009:0123:4040::0::000A:100B

What method is used to replicate DNS information for DNS servers but is also a tempting exploit target for attackers?

a ) DNSSEC
b ) AXR
c ) DNS Registration
d ) Zone Transfers

What type of analysis is best suited to identify a previously unknown malware package operating on a compromised system?

a ) Trend analysis
b ) Signature Analysis
c ) Heuristic Analysis
d ) Regression Analysis

You suspect that a system in a data center may be sending beaconing traffic to a remote system. Which of the following is NOT a useful tool to help verify your suspicions?

a ) Flows
b ) A protocol analyser
c ) SNMP
d ) An IDS or IPS

Which one of these is not a SIEM?

a ) OSSIM
b ) Splunk
c ) Overwatch
d ) LogRhythm

Accredited partners