As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing.
What document describes the specifics of the testing, the associated violations, and essentially protects both the organizations interest and your liabilities as a tester?


A. Service Level Agreement
B. Project Scope
C. Rules of Engagement
D. Non-Disclosure Agreement

Rebecca commonly sees an error on her Windows system that states that a Data Execution Prevention (DEP) error has taken place. Which of the following is most likely taking place?


A. Malicious code is attempting to execute instruction a non-executable memory region.
B. A page fault is occuring, which forces the operating system to write data from the hard drive.
C. A race condition is being exploited, and the operating system is containing the malicious process.
D. Malware is executing in either ROM or a cache memory area.

Which results will be returned with the following Google search query? site:target.com
site:Marketing.target.com accounting


A. Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting.
B. Results matching all words in the query.
C. Results for matches on target.com and Marketing.target.com that include the word accounting
D. Results matching accounting in domain target.com but not on the site Marketing.target.com

An attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server and NTP server because of the importance of their job. The attacker gain access to the DNS server and redirect the direction www.google.com
to his own IP address. Now when the employees of the office wants to go to Google they are being redirected to the attacker machine. What is the name of this kind of attack?


A. MAC Flooding
B. Smurf Attack
C. DNS spoofing
D. ARP Poisoning

A company's Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application.

What kind of Web application vulnerability likely exists in their software?


A. Cross-site scripting vulnerability
B. Session management vulnerability
C. SQL injection vulnerability
D. Cross-site Request Forgery vulnerability

Jesse receives an email with an attachment labeled Court_Notice_21206.zip. Inside the zip file named Court_Notice_21206.docx.exe disguised as a word document. Upon execution, a window appears stating, This word document is corrupt. In the background, the file copies itself to Jesse APPDATAlocal directory and begins to beacon to a C2 server to download additional malicious binaries.

What type of malware has Jesse encountered?


A. Worm
B. Macro Virus
C. Key-Logger
D. Trojan

It is a regulation that has a set of guidelines, which should be adhered to by anyone who handles any electronic medical data. These guidelines stipulate that all medical practices must ensure that all necessary measures are in place while saving, accessing, and sharing any electronic medical data to keep patient data secure.

Which of the following regulations best matches the description?


A. FISMA
B. ISO/IEC 27002
C. HIPAA
D. COBIT

In IPv6 what is the major difference concerning application layer vulnerabilities compared to IPv4?


A. Implementing IPv4 security in a dual-stack network offers protection from IPv6 attacks too.
B. Vulnerabilities in the application layer are independent of the network layer. Attacks and mitigation techniques are almost identical.
C. Due to the extensive security measures built in IPv6, application layer vulnerabilities need not be addresses.
D. Vulnerabilities in the application layer are greatly different from IPv4.

A penetration test was done at a company. After the test, a report was written and given to the companys IT authorities. A section from the report is shown below:

Access List should be written between VLANs.
Port security should be enabled for the intranet.
A security solution which filters data packets should be set between intranet (LAN) and DMZ.
A WAF should be used in front of the web applications.
According to the section from the report, which of the following choice is true?


A. A stateful firewall can be used between intranet (LAN) and DMZ.
B. There is access control policy between VLANs.
C. MAC Spoof attacks cannot be performed.
D. Possibility of SQL Injection attack is eliminated.

Which system consists of a publicly available set of databases that contain domain name registration contact information?


A. IANA
B. CAPTCHA
C. IETF
D. WHOIS