☑ Strong Knowledge on 312-50 Certified Ethical Hacker Practice
Which of the following is a restriction being enforced in white box testing?
Only the internal operation of a system is known to the tester
The internal operation of a system is completely known to the tester
The internal operation of a system is only partly accessible to the tester
Only the external operation of a system is accessible to the tester
Which of the following is a vulnerability in GNUâ€™s bash shell (discovered in September of 2014) that gives attackers access to run remote commands on a vulnerable system?
When security and confidentiality of data within the same LAN is of utmost priority, which IPSec mode should you implement?
AH Tunnel mode
ESP transport mode
Jack was attempting to fingerprint all machines in the network using the following Nmap syntax: invictus@victim_server:~$ nmap -T4 -0 10.10.0.0/24 TCP/IP fingerprinting (for OS scan) xxxxxxx xxxxxx xxxxxxxxx. QUITTING! Obviously, it is not going through. What is the issue here?
OS Scan requires root privileges
The nmap syntax is wrong.
The outgoing TCP/IP fingerprinting is blocked by the host firewall
This is a common behavior for a corrupted nmap application
While performing online banking using a Web browser, Kyle receives an email that contains an image of a well-crafted art. Upon clicking the image, a new tab on the web browser opens and shows an animated GIF of bills and coins being swallowed by a crocodile. After several days, Kyle noticed that all his funds on the bank was gone. What Web browser-based security vulnerability got exploited by the hacker?
Web Form Input Validation
Cross-Site Request Forgery
A hacker was able to easily gain access to a website. He was able to log in via the frontend user login form of the website using default or commonly used credentials. This exploitation is an example of what Software design flaw?
Insufficient security management
Insufficient database hardening
Insufficient input validation
Insufficient exception handling