WGU Master's Course C701 - Ethical Hacking Newest Exam 2024/ 130
Actual Exam Questions with Correct Verified Answers/ Graded A+
1. Which of the following information security elements B
guarantees that the sender of a message cannot later
deny having sent the message and the recipient can-
not deny having received the message?
A Confidentiality
B Non-repudiation
C Availability
D Integrity
2. A phase of the cyber kill chain methodology trig- C
gers the adversary's malicious code, which utilizes a
vulnerability in the operating system, application, or
server on a target system. At this stage, the organi-
zation may face threats such as authentication and
authorization attacks, arbitrary code execution, phys-
ical security threats, and security misconfiguration.
Which is this phase of the cyber kill chain methodol-
ogy?
A Reconnaissance
B Weaponization
C Exploitation
D Installation
3. Which of the following is a category of hackers who A
are also known as crackers, use their extraordinary
computing skills for illegal or malicious purposes,
and are often involved in criminal activities?
A Black hats
B White hats
C Suicide hackers
D Script kiddies
4. John, a professional hacker, has launched an attack C
on a target organization to extract sensitive infor-
mation. He was successful in launching the attack
and gathering the required information. He is now
attempting to hide the malicious acts by overwriting
the server, system, and application logs to avoid sus-
picion.
Which of the following phases of hacking is John
currently in?
A Maintaining access
B Scanning
C Clearing tracks
D Gaining access
5. Which of the following risk management phases in- C
volves selecting and implementing appropriate con-
trols for the identified risks to modify them?
A Risk tracking and review
B Risk identification
C Risk treatment
D Risk assessment
6. In which of the following incident handling and re- B
sponse phases are the identified security incidents
analyzed, validated, categorized, and prioritized?
A Incident recording and assignment
B Incident triage
C Containment
D Eradication
7. Which of the following phases of risk management is D
an ongoing iterative process that assigns priorities
for risk mitigation and implementation plans to help
determine the quantitative and qualitative value of
risk?
8. Jack, a security professional, was instructed to intro- D
duce a security standard to handle cardholder infor-
mation for major debit, credit, prepaid, e-purse, ATM,
and POS cards. In the process, Jack has employed a
standard that offers robust and comprehensive stan-
dards as well as supporting materials to enhance
payment-card data security.
What is the security standard that Jack has em-
ployed?
A HIPAA
B SOX
C DMCA
D PCI DSS
9. Morris, an attacker, has targeted an organization's B
network. To know the structure of the target network,
he combined footprinting techniques with a network
utility that helped him create diagrammatic represen-
tations of the target network.
What is the network utility employed by Morris in the
above scenario?
A Netcraft
B Tracert
C Shodan
D BuzzSumo
10. Which of the following Google advanced search oper- D
ators displays similar websites to the specified URL?
11. Which of the following techniques is used by an at- A
tacker to perform automated searches on the target
website and collect specified information, such as
employee names and email addresses?
A Web spidering
B Website mirroring
C Monitoring of web updates
D Website link extraction
12. Jude, an attacker, has targeted an organization's A
communication network. While conducting initial
footprinting, he used a Google dork to find the VoIP
login portals of the organization.
What is the Google dork that helped Jude find the
VoIP login portals?
A inurl:8080 intitle:"login" intext:"UserLogin" "Eng-
lish"
B inurl:/voice/advanced/ intitle:Linksys SPA configu-
ration
C inurl:/remote/login?lang=en
D !Host=*.* intext:enc_UserPassword=* ext:pcf
13. Stokes, an attacker, decided to find vulnerable IoT C
devices installed in the target organization. In this
process, he used an online tool that helped him
gather information such as a device's manufacturer
details, its IP address, and the location where it is
installed.
What is the online tool that Stokes used in the above
scenario?
A DuckDuckGo
Voordelen van het kopen van samenvattingen bij Stuvia op een rij:
Verzekerd van kwaliteit door reviews
Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!
Snel en makkelijk kopen
Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.
Focus op de essentie
Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!
Veelgestelde vragen
Wat krijg ik als ik dit document koop?
Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.
Tevredenheidsgarantie: hoe werkt dat?
Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.
Van wie koop ik deze samenvatting?
Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper TestPrepPros. Stuvia faciliteert de betaling aan de verkoper.
Zit ik meteen vast aan een abonnement?
Nee, je koopt alleen deze samenvatting voor €18,66. Je zit daarna nergens aan vast.
