Skip survey header

Certified Ethical Hacker Practice Quiz: 312-50 Quiz 32

Certified Ethical Hacker Practice Quiz: 312-50 Quiz 32

1. ABC company is in the process of merging with XYZ company. As part of the merger, a penetration test has been recommended. Testing the network systems, physical security, and data security have all been included in the scope of work.

What else should be included in the scope of work?
2. Hannah is working on the scope of work with her client. During the planning, she discovers that some of the servers are cloud-based servers. Which of the following should she do?
3. Jorge, a hacker, has gained access to a Linux system. He has located the usernames and IDs. He wants the hashed passwords for the users that he found. Which file should he look in?

4. Which of the following ports are used by null sessions on your network?

5. Which of the following motivates attackers to use DoS and DDoS attacks?

6. Which of the following is an attack where all traffic is blocked by taking up all available bandwidth between the target computer and the Internet?
7. You are looking for a web application security tool that runs automated scans looking for vulnerabilities susceptible to SQL injection, cross-site scripting, and remote code injection.

Which of the following web application security tools would you most likely use?
8. Which of the following functions does a single quote (') perform in an SQL injection?

9. If an attacker's intent is to discover and then use sensitive data like passwords, session cookies, and other security configurations such as UDDI, SOAP, and WSDL, which of the following cloud computing attacks is he using?

10. Which of the following cloud security controls includes backups, space availability, and continuity of services?