Question 1

Which of the following statements highlights the difference between a vulnerability assessment and a penetration test?

Accepted Answer

A vulnerability assessment identifies and ranks vulnerabilities, while a penetration test goes further by exploiting these vulnerabilities to validate them and assess their potential impact.

Question 2

The security team found the network switch has changed its behavior to learning mode and is functioning like a hub. The CAM table of the switch was filled with unnecessary traffic. Someone tried to penetrate into the network space by attacking the network switches. They wrote a report and submitted to higher authorities. What kind of an attack did the attackers perform against the network switch?

Accepted Answer

MAC Flooding is an attack where the attacker sends numerous fake MAC addresses to the switch, filling its CAM table and causing it to act like a hub, forwarding all traffic to all ports.

Question 3

George, a reputed ethical hacker and penetration testing consultant, was hired by FNB Services, a startup financial services company, to audit the security of their web applications. During his investigation, George discovered that the company's website is vulnerable to blind SQL injection attacks. George entered a custom SQL query in a form located on the vulnerable page which resulted in a back-end SQL query similar to the one given below: http://fnb.com/forms/?id=1+AND+555=if(ord(mid((select+pass from+users+limit+0,1),1,2))= 97,555,777) What is George trying to achieve with this custom SQL query?

Accepted Answer

The answer of George, a reputed ethical hacker and penetration...

Question 4

A company identified critical vulnerability in its hyperconverged infrastructure that provides services such as computing, networking, and storage resources in a single system. Also, the company identified that this vulnerability may lead to various injection attacks that allow the attackers to execute malicious commands as the root users. The company decided to immediately implement appropriate countermeasure to defend against such attacks. Which of the following defensive mechanisms should the company employ?

Accepted Answer

Input validation is a defensive mechanism that helps prevent injection attacks by ensuring that only properly formatted data is entered into a system, thus preventing malicious commands from being executed.

Question 5

A recent study from HyThech Technologies found that three of the most popular websites are having most commonly exploitable flaw in their web applications. Using this vulnerability, an attacker may inject malicious code that can be executed on a user's machine. Also, the study revealed that most sensitive target of this vulnerability is stealing session cookies. This helps attackers to duplicate the user session and access anything the user can perform on a website like manipulating personal information, creating fake social media posts, stealing credit card information and performing unauthorized financial transactions, etc. Identify the vulnerability revealed by HyThech Technologies?

Accepted Answer

The vulnerability described is Cross-Site Scripting (XSS), which allows attackers to inject malicious scripts into web pages viewed by other users, potentially stealing session cookies and impersonating users.

Question 6

Karen was running port scans on each machine of her network in order to identify suspicious ports on the target machines. She observed the following results during the port scan of a particular machine.

Accepted Answer

The answer of Karen was running port scans on each...

Question 7

Which of the following information security acts enables to ease the transfer of financial information between institutions and banks while making the rights of the individual through security requirements more specific?

Accepted Answer

The Gramm-Leach-Bliley Act (GLBA) is designed to ease the transfer of financial information between institutions while ensuring the protection of individuals' personal information through specific security requirements.

Question 8

Clark, a professional hacker, decided to bring down the services provided by the target organization. In the initial information-gathering stage, he detected some vulnerabilities in the TCP/IP protocol stack of the victim's system. He exploited these vulnerabilities to create multiple malformed packets in ample magnitude and has sent these unusually crafted packets to the victim's machine. Identify the type of attack being performed by Clark?

Accepted Answer

Clark is performing a Denial of Service (DoS) attack by exploiting vulnerabilities in the TCP/IP protocol stack and sending malformed packets to overwhelm the victim's system.

Question 9

John is a network administrator and he is configuring the Active Directory roles in the primary domain controller (DC) server. Whilst configuring the Flexible Single Master Operation (FSMO) roles in the primary DC, he configured one of the roles to synchronize the time among all the DCs in an enterprise. The role that he configured also records the password changes performed by other DCs in the domain, authentication failures due to entering an incorrect password, and processes account lockout activities. Which of the following FSMO roles has John configured?

Accepted Answer

The PDC emulator role is responsible for synchronizing the time among all the DCs in an enterprise. It also records the password changes performed by other DCs in the domain, authentication failures due to entering an incorrect password, and processes account lockout activities.

Question 10

GenSec Inc, a UK-based company, uses Oracle database to store all its data. The company also uses Oracle DataBase Vault to restrict users access to specific areas of their database. GenSec hired a senior penetration tester and security auditor named Victor to check the vulnerabilities of the company's Oracle DataBase Vault. He was asked to find all the possible vulnerabilities that can bypass the company's Oracle DB Vault. Victor tried different kinds of attacks to penetrate into the company's Oracle DB Vault and succeeded. Which of the following attacks can help Victor to bypass GenSec's Oracle DB Vault?

Accepted Answer

SQL Injection can be used to bypass database security mechanisms like Oracle DB Vault by injecting malicious SQL code to manipulate the database.

Question 11

Adam is working as a senior penetration tester at Eon Tech Services Ltd. The company asked him to perform penetration testing on their database. The company informs Adam they use Microsoft SQL Server. As a part of the penetration testing, Adam wants to know the complete information about the company's database. He uses the Nmap tool to get the information. Which of the following Nmap commands will Adam use to get the information?

Accepted Answer

The correct port for Microsoft SQL Server is 1433, but the closest option provided is 1443, which seems to be a typo. The command uses the `ms-sql-info` script to gather information about the SQL Server.

Question 12

Adam found a pen drive in his company's parking lot. He connected it to his system to check the content. On the next day, he found that someone has logged into his company email account and sent some emails. What type of social engineering attack has Adam encountered?

Accepted Answer

Adam encountered a "Media Dropping" attack, where attackers leave malicious devices like pen drives in places where people might pick them up and connect them to their systems, leading to unauthorized access or malware installation.

Question 13

James, a penetration tester, found a SQL injection vulnerability in the website http://www.xsecurity.com. He used sqlmap and extracted the website's databases from the sql server, one of them being "offices." Which among the following sqlmap queries does James issue in order to extract the tables related to the database "offices"?

Accepted Answer

The correct sqlmap command to extract tables from a specific database is to use the "--tables" option, which is correctly formatted in option D.

Question 14

Which type of penetration testing will require you to send the Internal Control Questionnaires (ICQ) to the client?

Accepted Answer

White-box testing involves a comprehensive understanding of the internal structure, design, and implementation of the system being tested, which often requires detailed information from the client, such as Internal Control Questionnaires (ICQ).

Question 15

Identify the attack from the description below:

Accepted Answer

The answer of Identify the attack from the description below:
...

Question 16

Linson, an employee in Skitac Ltd., notices a USB flash drive on the pavement of the company. Before he could hand it over to the security guard, he tries to check it out. He connects it with an OTG to his mobile phone and finds some of his favorite music playlists and games. He tries to download them into his mobile, but very lately he came to know that he has been attacked and some of his sensitive financial information was exposed to attackers. What type of attacks did Linson face?

Accepted Answer

Linson faced a social engineering attack, where attackers used a seemingly harmless USB drive to trick him into connecting it to his device, leading to the exposure of his sensitive information.

Question 17

SecInfo is a leading cyber security provider who recently hired Andrew, a security analyst. He was assigned the task of identifying vulnerabilities in the NFC devices by performing an attack on them. In this process, he was present with his device in the close proximity with the NFC devices that are sharing data so that he can eavesdrop on the data and at the same time block the transmission to the receiver. He then manipulated the captured data and further relayed the data to the receiver. Identify the type of attack performed by Andrew on the target NFC devices?

Accepted Answer

Andrew performed a Man-In-The-Middle (MITM) attack, where he intercepted and manipulated the communication between NFC devices before relaying it to the intended receiver.

Exam 5: ECCouncil Computer Hacking Forensic Investigator