Which individuals believe that hacking and defacing websites can promote social change?

Which type of testing occurs when individuals know the entire layout of the network?

This type of security test usually takes on an adversarial role and looks to see what an outsider can access and control.

Which type of penetration test is characterized by its examination of technologies such as old copiers or telecommunication taken from the trash on private property?

Which type of hacker will carry out an attack even if they might get a very long prison term?

During a security review you have discovered that there are no documented security policies for the area you are assessing. Which of the following would be the most appropriate course of action?

Which of the following is the most important step for the ethical hacker to perform during the pre-assessment?

Attackers sometimes hang on to unknown vulnerabilities until they can be used in an attack that has no known defense or patch. Some might call Flame and Stuxnet these types of attacks. Which of the following offers the best description?

When you are assessing backup methods, what is the proper restoration technique if a full backup was performed on Monday and an incremental was performed on Tuesday, Wednesday, and Thursday, with the outage occurring on Friday?

Phishing, social engineering, and buffer overflows are all usually used at what point in the attacker’s process?

Which DNS record gives information about the zone, such as administrator contact, and so on?

While preparing to hack a targeted network, you would like to check the configuration of the DNS server. What port should you look for to attempt a zone transfer?

You have become concerned that someone could attempt to poison your DNS server. What determines how long cache poisoning would last?

Which of the following is a Class D address?

You have captured data from a client to an HTTP server and would like to use Wireshark to filter for the first step of the TCP handshake. Which of the following TCP flags is set?

Which of the following breaks down security assessments into four basic stages, which include planning, discovery, attack, and reporting?

Which DNS record gives information about the zone, such as administrator contact and so on?

Which of the following is used for an ICMP unreachable message?

You have been assigned a junior pen tester during a pen test. You performed the following scan: nmap -sL www.example.com Starting Nmap 6.25 ( http://nmap.org ) at 2016-10-12 18:46 Central Daylight Time Host 93.184.216.34 not scanned Your partner asks you to explain the results. Which of the following best describes the correct answer?

You are performing a penetration test and have been asked to identify any web servers that might be vulnerable to shellshock. Which of the following tools support scripts that enable you to search for these devices?

You have just performed an ACK scan and have been monitoring a sniffer while the scan was performed. The sniffer captured the result of the scan as an ICMP type 3 code 13. What does this result mean?

Which of the following is a passive OS fingerprinting tool?

During a footprinting exercise, you are asked to find and extract metadata from documents hosted on the target company’s website. Which of the following is your best option?

Which Nmap scan option scans ports in consecutive order?

Which of the following options is not typically used for OS fingerprinting?

A connect or SYN scan of an open port produces which of the following responses from a target?

Which of the following hping commands could you use to ping 192.168.123.1?

Which of the following types of biometric systems is considered the most accurate?

You have gained access to a system. You would now like to hide a file that will be hidden and streamed behind another. Which of the following file systems is required?

During a pen test, you have successfully gained access to a system. You were are able to gain local administrator status on one workstation and have now moved to local administrator on a second workstation. With this in mind, which of the following is true?