Exam 5: ECCouncil Computer Hacking Forensic Investigator

An IT security engineer notices that the company's web server is currently being hacked. What should the engineer do next?

A company identified critical vulnerability in its hyperconverged infrastructure that provides services such as computing, networking, and storage resources in a single system. Also, the company identified that this vulnerability may lead to various injection attacks that allow the attackers to execute malicious commands as the root users. The company decided to immediately implement appropriate countermeasure to defend against such attacks. Which of the following defensive mechanisms should the company employ?

Karen was running port scans on each machine of her network in order to identify suspicious ports on the target machines. She observed the following results during the port scan of a particular machine.

A hacker, who posed as a heating and air conditioning specialist, was able to install a sniffer program in a switched environment network. Which attack could the hacker use to sniff all of the packets in the network?

ABC bank, a UK-based bank hired Anthony, to perform a penetration test for the bank. Anthony began performing lookups on the bank's DNS servers, reading news articles online about the bank, performing competitive intelligence gathering, watching what times the bank employees come and go, and searching the bank's job postings. What phase of the penetration testing is Anthony currently in?

Jackson, a social media editor for Early Times, identified that there are exploitable zero-day vulnerabilities in many of the open source protocols and common file formats across software used by some of the specific industries. To identify vulnerabilities in software, he had sent malformed or random input to the target software and then observed the result. This technique helps in uncovering zero-day vulnerabilities and helps security teams in identifying areas where the quality and security of the software need to be improved. Identify the technique used by Jackson to uncover zero-day vulnerabilities?

An organization has deployed a web application that uses encoding technique before transmitting the data over the Internet. This encoding technique helps the organization to hide the confidential data such as user credentials, email attachments, etc. when in transit. This encoding technique takes 3 bytes of binary data and divides it into four chunks of 6 bits. Each chunk is further encoded into respective printable character. Identify the encoding technique employed by the organization?

A common cryptographical tool is the use of XOR. XOR the following binary values: 10110001 00111010

Which of the following conditions must be given to allow a tester to exploit a Cross-Site Request Forgery (CSRF) vulnerable web application?

When comparing the testing methodologies of Open Web Application Security Project (OWASP) and Open Source Security Testing Methodology Manual (OSSTMM) the main difference is

Which of the following tools would be the best choice for achieving compliance with PCI Requirement 11?

Jacob is a penetration tester at TechSoft Inc. based at Singapore. The company assigned him the task of conducting penetration test on the IoT devices connected to the corporate network. As part of this process, he captured the network traffic of the devices, their mobile applications, and cloud connections to check whether any critical data are transmitted in plain text. Also, he tried to check whether SSL/TLS protocols are properly updated and implemented. Which of the following IoT security issues Jacob is dealing with?

To reduce the attack surface of a system, administrators should perform which of the following processes to remove unnecessary software, services, and insecure configuration settings?

While testing the company's web applications, a tester attempts to insert the following test script into the search area on the company's web site: <script>alert(" Testing Testing Testing ")</script> Afterwards, when the tester presses the search button, a pop-up box appears on the screen with the text: "Testing Testing Testing". Which vulnerability has been detected in the web application?

Advanced encryption standard is an algorithm used for which of the following?

Which type of antenna is used in wireless communication?

Moses, a professional hacker, attempts to overwhelm the target victim computer by transmitting TCP connection requests faster than the computer can process them. He started sending multiple SYN packets of size between 800 and 900 bytes with spoofed source addresses and port numbers. The main intention of Moses behind this attack is to exhaust the server resources and saturate the network of the target organization. Identify the type of attack being performed by Moses?

Joe works as an engagement team lead with Xsecurity Inc. His pen testing team follows all the standard pentesting procedures, however, one of the team members inadvertently deletes a document containing the client's sensitive information. The client is suing Xsecurity for damages. Which part of the Penetration Testing Contract should Joe have written better to avoid this lawsuit?

An organization deployed Microsoft Azure cloud services for running their business activities. They appointed Jamie, a security analyst for performing cloud penetration testing. Microsoft prohibits certain tests to be carried out on their platform. Which of the following penetration testing activities Jamie cannot perform on the Microsoft Azure cloud service?

A network security administrator is worried about potential man-in-the-middle attacks when users access a corporate web site from their workstations. Which of the following is the best remediation against this type of attack?