Certified Ethical Hacker Quiz 2 A friend of yours tells you that he downloaded and executed a file that was sent to him by a coworker. Since the file did nothing when executed, he asks you for help because he suspects that he may have installed a trojan on his computer. What tests would you perform to determine whether his computer is infected?Upload the file to VirusTotalYou do not check; rather, you immediately restore a previous snapshot of the operating system.Use ExifTool and check for malicious content.Use netstat and check for outgoing connections to strange IP addresses or domains. Suppose that you test an application for the SQL injection vulnerability. You know that the backend database is based on Microsoft SQL Server. In the login/password form, you enter the following credentials: Username: attack’ or 1=1 Password: 123456 Based on the above credentials, which of the following SQL commands are you expecting to be executed by the server, if there is indeed an SQL injection vulnerability?select * from Users where UserName = ‘attack’ ’ or 1=1 -- and UserPassword = ‘123456’select * from Users where UserName = ‘attack’ or 1=1 -- and UserPassword = ‘123456’select * from Users where UserName = ‘attack or 1=1 -- and UserPassword = ‘123456’select * from Users where UserName = ‘attack’ or 1=1 --’ and UserPassword = ‘123456’ Judy created a forum. One day, she discovers that a user is posting strange images without writing comments. She immediately calls a security expert, who discovers that the following code is hidden behind those images: What issue occurred for the users who clicked on the image?This php file silently executes the code and grabs the user’s session cookie and session ID.The code redirects the user to another site.The code injects a new cookie to the browser.The code is a virus that is attempting to gather the user’s username and password. Ethical hacker Jane Smith is attempting to perform an SQL injection attack. She wants to test the response time of a true or false response and wants to use a second command to determine whether the database will return true or false results for user IDs. Which two SQL injection types would give her the results she is looking for?Out of band and boolean-basedUnion-based and error-basedTime-based and union-basedTime-based and boolean-based This form of encryption algorithm is a symmetric key block cipher that is characterized by a 128-bit block size, and its key size can be up to 256 bits. Which among the following is this encryption algorithm?SIM card attackClickjackingSMS phishing attackAgent Smith attack This form of encryption algorithm is a symmetric key block cipher that is characterized by a 128-bit block size, and its key size can be up to 256 bits. Which among the following is this encryption algorithm?HMAC encryption algorithmTwofish encryption algorithmIDEABlowfish encryption algorithm A post-breach forensic investigation revealed that a known vulnerability in Apache Struts was to blame for the Equifax data breach that affected 143 million customers. A fix was available from the software vendor for several months prior to the intrusion. This is likely a failure in which of the following security processes?Secure development lifecycleSecurity awareness trainingVendor risk managementPatch management Joe works as an IT administrator in an organization and has recently set up a cloud computing service for the organization. To implement this service, he reached out to a telecom company for providing Internet connectivity and transport services between the organization and the cloud service provider. In the NIST cloud deployment reference architecture, under which category does the telecom company fall in the above scenario?Cloud consumerCloud brokerCloud auditorCloud carrier You start performing a penetration test against a specific website and have decided to start from grabbing all the links from the main page. What is the best Linux pipe to achieve your milestone?wget https://site.com | grep “curl -s https://site.com | grep “dirb https://site.com | grep “site”wget https://site.com | cut -d “http” Attacker Rony installed a rogue access point within an organization’s perimeter and attempted to intrude into its internal network. Johnson, a security auditor, identified some unusual traffic in the internal network that is aimed at cracking the authentication mechanism. He immediately turned off the targeted network and tested for any weak and outdated security mechanisms that are open to attack. What is the type of vulnerability assessment performed by Johnson in the above scenario?Wireless network assessmentApplication assessmentHost-based assessmentDistributed assessment Taylor, a security professional, uses a tool to monitor her company’s website, analyze the website’s traffic, and track the geographical location of the users visiting the company’s website. Which of the following tools did Taylor employ in the above scenario?WebrootWeb-StatWebSite-WatcherWAFW00F Abel, a cloud architect, uses container technology to deploy applications/software including all its dependencies, such as libraries and configuration files, binaries, and other resources that run independently from other processes in the cloud environment. For the containerization of applications, he follows the five-tier container technology architecture. Currently, Abel is verifying and validating image contents, signing images, and sending them to the registries. Which of the following tiers of the container technology architecture is Abel currently working in?Tier-1: Developer machinesTier-2: Testing and accreditation systemsTier-3: RegistriesTier-4: Orchestrators John, a professional hacker, decided to use DNS to perform data exfiltration on a target network. In this process, he embedded malicious data into the DNS protocol packets that even DNSSEC cannot detect. Using this technique, John successfully injected malware to bypass a firewall and maintained communication with the victim machine and C&C server. What is the technique employed by John to bypass the firewall?DNSSEC zone walkingDNS cache snoopingDNS enumerationDNS tunneling method Steven connected his iPhone to a public computer that had been infected by Clark, an attacker. After establishing the connection with the public computer, Steven enabled iTunes Wi-Fi sync on the computer so that the device could continue communication with that computer even after being physically disconnected. Now, Clark gains access to Steven’s iPhone through the infected computer and is able to monitor and read all of Steven’s activity on the iPhone, even after the device is out of the communication zone. Which of the following attacks is performed by Clark in the above scenario?Man-in-the-disk attackiOS jailbreakingiOS trustjackingExploiting SS7 vulnerability Gerard, a disgruntled ex-employee of Sunglass IT Solutions, targets this organization to perform sophisticated attacks and bring down its reputation in the market. To launch the attacks process, he performed DNS footprinting to gather information about DNS servers and to identify the hosts connected in the target network. He used an automated tool that can retrieve information about DNS zone data including DNS domain names, computer names, IP addresses, DNS records, and network Whois records. He further exploited this information to launch other sophisticated attacks. What is the tool employed by Gerard in the above scenario?TowelrootKnativezANTIBluto Sam is a penetration tester hired by Inception Tech, a security organization. He was asked to perform port scanning on a target host in the network. While performing the given task, Sam sends FIN/ACK probes and determines that an RST packet is sent in response by the target host, indicating that the port is closed. What is the port scanning technique used by Sam to discover open ports?Xmas scanIDLE/IPID header scanTCP Maimon scanACK flag probe scan In this form of encryption algorithm, every individual block contains 64-bit data, and three keys are used, where each key consists of 56 bits. Which is this encryption algorithm?IDEATriple Data Encryption StandardAESMD5 encryption algorithm Jim, a professional hacker, targeted an organization that is operating critical industrial infrastructure. Jim used Nmap to scan open ports and running services on systems connected to the organization’s OT network. He used an Nmap command to identify Ethernet/IP devices connected to the Internet and further gathered information such as the vendor name, product code and name, device name, and IP address. Which of the following Nmap commands helped Jim retrieve the required information?nmap -Pn -sT --scan-delay 1s --max-parallelism 1 -pnmap -Pn -sU -p 44818 --script enip-infonmap -Pn -sT -p 46824nmap -Pn -sT -p 102 --script s7-info Which of the following information security controls creates an appealing isolated environment for hackers to prevent them from compromising critical targets while simultaneously gathering information about the hacker?Hypervisor rootkitKernel rootkitHardware rootkitFirmware rootkit Kevin, a professional hacker, wants to penetrate CyberTech Inc’s network. He employed a technique, using which he encoded packets with Unicode characters. The company’s IDS cannot recognize the packets, but the target web server can decode them. What is the technique used by Kevin to evade the IDS system?Session splicingUrgency flagObfuscatingDesynchronization Security administrator John Smith has noticed abnormal amounts of traffic coming from local computers at night. Upon reviewing, he finds that user data have been exfiltrated by an attacker. AV tools are unable to find any malicious software, and the IDS/IPS has not reported on any non-whitelisted programs. What type of malware did the attacker use to bypass the company’s application whitelisting?File-less malwareZero-day malwarePhishing malwareLogic bomb malware Bella, a security professional working at an IT firm, finds that a security breach has occurred while transferring important files. Sensitive data, employee usernames, and passwords are shared in plaintext, paving the way for hackers to perform successful session hijacking. To address this situation, Bella implemented a protocol that sends data using encryption and digital certificates. Which of the following protocols is used by Bella?FTPSFTPHTTPSIP Ralph, a professional hacker, targeted Jane, who had recently bought new systems for her company. After a few days, Ralph contacted Jane while masquerading as a legitimate customer support executive, informing that her systems need to be serviced for proper functioning and that customer support will send a computer technician. Jane promptly replied positively. Ralph entered Jane’s company using this opportunity and gathered sensitive information by scanning terminals for passwords, searching for important documents in desks, and rummaging bins. What is the type of attack technique Ralph used on Jane?ImpersonationDumpster divingShoulder surfingEavesdropping Time is Up!