Ethical Hacking Final Exam — Modules 7–14

What is the difference between 802.11 and 802.1x?

Which type of wireless attack forces a target to disconnect from a legitimate access point?

Which of the following command-line commands is most appropriate for discovering WPS-enabled WAPs?

Which of the following tools is most appropriate for performing Bluetooth attacks?

What is a DoS attack against a wireless device called?

The results of an nmap scan document the following ports as open or filtered: 53, 445, 993, and 995. Which port would be the most likely vector for an attack against a SAMBA configuration?

When attempting to "break-in" to the network printer in order to print files from network devices, Nathan finds that port 515 is open on the copier in the reception area. Which of the following services could Nathan target?

A man-in-the-middle attack is also known as which of the following?

A pen-testing team has identified through pcap analysis that false DNS queries have been injected into the network. Which tool could have made this possible?

Which of the following tools is most appropriate for performing password cracking attacks?

Which organization produces the “Ten Most Critical Web Application Security Risks” paper?

According to the 2021 OWASP Top 10 list, which are the two most common coding errors/vulnerabilities?

Which type of attack uses an HTML injection vulnerability to inject HTML code into a website?

If a URL is modified to reference an unknown PHP script on an unknown server, what type of attack might be occurring?

What type of attack attempts to use a victim’s successful authentication on one website to perform malicious activities via another website?

Which type of cloud-based attack exploits virtual hard drive storage that has been detached and returned to a cloud server?

Which attacks involve exploiting folder and file permission settings?

Which of the following attacks might exploit SSH vulnerabilities?

Which Linux exploit attempts to temporarily elevate the permission of the user to root for execution of a command?

Which provides pre-configured automated methods for performing remote access exploits?

Which types of attacks involve manipulating a person to compromise security?

When threat actors perform social engineering, which are possible goals?

When pen testers perform social engineering, which is their goal?

What is the term for the believable situation a threat actor creates to justify their request?

Which social engineering attack uses messaging technology to send unsolicited messages?

Which should be included in a pen-test report?

Which part of a pen-test report provides a concise overview for management?

Which type of control uses formalized processes and policies?

Which items require real-time communication between pen testers and clients?

What is an IOC?

What does the BLT of programming stand for?

Which type of programming language reads source code one line at a time?

What type of program uses Bourne-again shell command lines as code?

Which PowerShell cmdlet sets the script execution security level?

Which types of programming languages use the concept of classes?

Which tool is useful for acquiring potential passwords for brute-force attacks?

What type of file begins with #!/bin/bash?

What does nmap -sP 192.168.0.1/24 do?

Which document defines what targets can or cannot be tested?

Which statement about pen-test reports is true?