Skip survey header

Certified Ethical Hacker Practice Quiz: 312-50 Quiz 21

Certified Ethical Hacker Practice Quiz: 312-50 Quiz 21

1. The process of analyzing an organization's security and determining its security holes is known as which of the following?
2. Which of the following documents details exactly what can be tested during a penetration test?
3. MinJu, a penetration tester, is testing a client's security. She notices that every Wednesday, a few employees go to a nearby bar for happy hour. She goes to the bar and starts befriending one of the employees with the intention of learning the employee's personal information.

Which information gathering technique is MinJu using?

4. A penetration tester is trying to extract employee information during the reconnaissance phase. What kinds of data is the tester collecting about the employees?

5. Rudy is analyzing a piece of malware discovered in a pentest. He has taken a snapshot of the test system and will run the malware. He will take a snapshot afterwards and monitor different components such as ports, processes, event logs, and more for any changes.

Which of the following processes is he using?

6. Daphne has determined that she has malware on her Linux machine. She prefers to only use open-source software. Which anti-malware software should she use?
7. In 2011, Sony was targeted by an SQL injection attack that compromised over a million emails, usernames, and passwords. Which of the following could have prevented the attack?
8. SQL injections are a result of which of the following flaws?

9. Which of the following is a characteristic of Elliptic Curve Cryptography (ECC)?

10. Which of the following cryptographic algorithms is used in asymmetric encryption?