Q5. From the following table, identify the wrong answer in terms of Range (ft).

A. 802.11b

B. 802.11g

C. 802.16(WiMax)

D. 802.11a

View Answer

Q6. Steve, a scientist who works in a governmental security agency, developed a technological solution to identify people based on walking patterns and implemented this approach to a physical control access.

A camera captures people walking and identifies the individuals using Steveu2021s approach.

After that, people must approximate their RFID badges. Both the identifications are required to open the door. In this case, we can say:

A. Although the approach has two phases, it actually implements just one authentication factor

B. The solution implements the two authentication factors: physical object and physical characteristic

C. The solution will have a high level of false positives

D. Biological motion cannot be used to identify people

View Answer

Q7. When does the Payment Card Industry Data Security Standard (PCI-DSS) require organizations to perform external and internal penetration testing?

A. At least twice a year or after any significant upgrade or modification

B. At least once a year and after any significant upgrade or modification

C. At least once every two years and after any significant upgrade or modification

D. At least once every three years or after any significant upgrade or modification

View Answer

Q8. Which of the following Secure Hashing Algorithm (SHA) produces a 160-bit digest from a message with a maximum length of (264-1) bits and resembles the MD5 algorithm?

A. SHA-2

B. SHA-3

C. SHA-1

D. SHA-0

View Answer

Q9. How does the Address Resolution Protocol (ARP) work?

A. It sends a request packet to all the network elements, asking for the domain name from a specific IP.

B. It sends a request packet to all the network elements, asking for the MAC address from a specific IP.

C. It sends a reply packet to all the network elements, asking for the MAC address from a specific IP.

D. It sends a reply packet for a specific IP, asking for the MAC address.

View Answer

Q10. Which of the following types of jailbreaking allows user-level access but does not allow iboot-level access?

A. Bootrom Exploit

B. iBoot Exploit

C. Sandbox Exploit

D. Userland Exploit

View Answer

Q11. Which of the following is an adaptive SQL Injection testing technique used to discover coding errors by inputting massive amounts of random data and observing the changes in the output?

A. Function Testing

B. Dynamic Testing

C. Static Testing

D. Fuzzing Testing

View Answer

Q12. Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?

A. Metasploit

B. Cain & Abel

C. Maltego

D. Wireshark

View Answer

Q13. If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which tool could the tester use to get a response from a host using TCP?

A. Traceroute

B. Hping

C. TCP ping

D. Broadcast ping

View Answer

Q14. The establishment of a TCP connection involves a negotiation called three-way handshake. What type of message does the client send to the server in order to begin this negotiation?

A. ACK

B. SYN

C. RST

D. SYN-ACK

View Answer