Joel and her team have been going through tons of garbage, recycled paper, and other rubbish in order to find some information about the target they are attempting to penetrate. How would you call this type of activity?

A. Dumpster Diving

B. Scanning

C. CI Gathering

D. Garbage Scooping

You ping a target IP to check if the host is up. You do not get a response. You suspect ICMP is blocked at the firewall. Next you use hping2 tool to ping the target host and you get a response. Why does the host respond to hping2 and not ping packet?

A. Ping packets cannot bypass firewalls

B. You must use ping 10.2.3.4 switch

C. Hping2 uses stealth TCP packets to connect

D. Hping2 uses TCP instead of ICMP by default

ICMP ping and ping sweeps are used to check for active systems and to check A. if ICMP ping traverses a firewall.

B. the route that the ICMP ping took.

C. the location of the switchport in relation to the ICMP ping.

D. the number of hops an ICMP ping takes to reach a destination.

What are the three types of compliance that the Open Source Security Testing Methodology Manual (OSSTMM) recognizes?

A. Legal, performance, audit

B. Audit, standards based, regulatory

C. Contractual, regulatory, industry

D. Legislative, contractual, standards based

A consultant is hired to do physical penetration testing at a large financial company. In the first day of his assessment, the consultant goes to the company`s building dressed like an electrician and waits in the lobby for an employee to pass through the main access gate, then the consultant follows the employee behind to get into the restricted area. Which type of attack did the consultant perform?

A. Man trap

B. Tailgating

C. Shoulder surfing

D. Social engineering

What does a type 3 code 13 represent?(Choose two.

A. Echo request

B. Destination unreachable

C. Network unreachable

D. Administratively prohibited

E. Port unreachable

F. Time exceeded

Fingerprinting an Operating System helps a cracker because:

A. It defines exactly what software you have installed

B. It opens a security-delayed window based on the port being scanned

C. It doesn't depend on the patches that have been applied to fix existing security holes

D. It informs the cracker of which vulnerabilities he may be able to exploit on your system

A file integrity program such as Tripwire protects against Trojan horse attacks by:

A. Automatically deleting Trojan horse programs

B. Rejecting packets generated by Trojan horse programs

C. Using programming hooks to inform the kernel of Trojan horse behavior

D. Helping you catch unexpected changes to a system utility file that might indicate it had been replaced by a Trojan horse

How would you describe a simple yet very effective mechanism for sending and receiving unauthorized information or data between machines without alerting any firewalls and IDS's on a network?

A. Covert Channel

B. Crafted Channel

C. Bounce Channel

D. Deceptive Channel

What is Hunt used for?

A. Hunt is used to footprint networks

B. Hunt is used to sniff traffic

C. Hunt is used to hack web servers

D. Hunt is used to intercept traffic i.e. man-in-the-middle traffic

E. Hunt is used for password cracking