Coach Rags Ethical Hacking Test 5 Spring'24(answers), Exams of Biology

Coach Rags Ethical Hacking Test 5 Spring'24(answers)

Typology: Exams

2024/2025

Available from 09/10/2024

tutor-lee-1
tutor-lee-1 🇺🇸

4.3

(3)

11K documents

1 / 7

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Coach Rags
Ethical Hacking
Test 5
Spring'24(answe
rs)
It is ok for a pentester to break local laws
when performing social engineering as a part
of a penetration test. (T/F) - answer False. It
is NOT ok for a pentester to break local laws.
They need to ensure 1) that their methods
are approved in the Rules of Engagement and
2) that they comply with the law. Legal
counsel may be used
What are two of the specific types of
Phishing talked about? - answer whaling,
spear phishing, or voice phishing
pf3
pf4
pf5

Partial preview of the text

Download Coach Rags Ethical Hacking Test 5 Spring'24(answers) and more Exams Biology in PDF only on Docsity!

Coach Rags

Ethical Hacking

Test 5

Spring'24(answe

rs)

It is ok for a pentester to break local laws when performing social engineering as a part of a penetration test. (T/F) - answer False. It is NOT ok for a pentester to break local laws. They need to ensure 1) that their methods are approved in the Rules of Engagement and

  1. that they comply with the law. Legal counsel may be used What are two of the specific types of Phishing talked about? - answer whaling, spear phishing, or voice phishing

URL hijacking is extremely useful for pentesting (T/F) - answer false: while they do have their uses, generally you van not depend on a target to manually enter a URL in wrong, especially a specific error What type of website attack overtakes a DNS (Domain Name System)? - answer Pharming What version of Linux does the SET come pre-installed on? - answer Kali Linux What is Smishing? - answer The sending of fraudulent/spoofed text messages to a target to gather various information Interviewing/Interrogating a target can only take place is person (T/F) - answer False: Interviewing /Interrogating a target can take place in person and over the phone.

What is the most important step when trying to break through a fence? - answer Finding a place to work unobserved Will locked doors stop a determined intruder?

  • answer No What is a way to obtain a master key? - answer Borrow, steal, duplicate, or reverse engineer T/F: Resources on cloud must be able to access without human interaction - answer True Give one example from SaaS, PaaS, or Iaas - answer Google Apps, Hubspot, Salesforce/ AWS Elastic Beanstalk, Azure App Services, Google App Engine/ Amazon Web Services, Microsoft Azure, Google Compute Engine.

Why are immutable infrastructures useful? - answer They reduce configuration drift, make scaling easier, and overall IaC and cloud environments make the process quick and easy What are two types of attack categories? - answer Attack surface and attack goal T/F: Denial-of-service attacks can only be performed on the network - answer False What is another name for vertical privilege escalation? - answer Elevation Are Direct-to-Origin attacks common? - answer No, they are costly and could impact the system greatly Which could technology tool is an automated security assessment tool service for AWS? - answer Amazon Inspector

Why was port 9999 used for the reverse shell the victim machine will connect to? - answer It is not a commonly used port for standard services so it is less likely to be currently in use on the victim's machine