A server has been infected by a certain type of Trojan. The hacker intended to utilize it to send and host junk mails. What type of Trojan did the hacker use?


A. Turtle Trojans
B. Ransomware Trojans
C. Botnet Trojan
D. Banking Trojans

XOR is a common cryptographic tool. 10110001 XOR 00111010 is?


A. 10111100
B. 11011000
C. 10011101
D. 10001011

What is the term coined for logging, recording and resolving events in a company?


A. Internal Procedure
B. Security Policy
C. Incident Management Process
D. Metrics

Which of the following BEST describes the mechanism of a Boot Sector Virus?


A. Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR
B. Moves the MBR to another location on the RAM and copies itself to the original location of the MBR
C. Overwrites the original MBR and only executes the new virus code
D. Modifies directory table entries so that directory entries point to the virus code instead of the actual program

Suppose youve gained access to your clients hybrid network. On which port should you listen to in order to know which Microsoft Windows workstations has its file sharing enabled?


A. 1433
B. 161
C. 445
D. 3389

In order to prevent particular ports and applications from getting packets into an organization, what does a firewall check?


A. Network layer headers and the session layer port numbers
B. Presentation layer headers and the session layer port numbers
C. Application layer port numbers and the transport layer headers
D. Transport layer port numbers and application layer headers

While you were gathering information as part of security assessments for one of your clients, you were able to gather data that show your client is involved with fraudulent activities. What should you do?


A. Immediately stop work and contact the proper legal authorities
B. Ignore the data and continue the assessment until completed as agreed
C. Confront the client in a respectful manner and ask her about the data
D. Copy the data to removable media and keep it in case you need it

Which of the following is NOT an ideal choice for biometric controls?


A. Iris patterns
B. Fingerprints
C. Height and weight
D. Voice

What tool should you use when you need to analyze extracted metadata from files you collected when you were in the initial stage of penetration test (information gathering)?


A. Armitage
B. Dimitry
C. Metagoofil
D. cdpsnarf

Youve just discovered a server that is currently active within the same network with the machine you recently compromised. You ping it but it did not respond. What could be the case?


A. TCP/IP doesnt support ICMP
B. ARP is disabled on the target server
C. ICMP could be disabled on the target server
D. You need to run the ping command with root privileges