EMT Practice Test
1. Question Content...
Question1: Which command can be used to show the current TCP/IP connections?
Question6: Which utility will tell you in real time which ports are listening or in another state?
Question7: What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?
Question11: What is the purpose of DNS AAAA record?
Question17: 
Identify the correct terminology that defines the above statement.
Question22: Which command line switch would be used in NMAP to perform operating system detection?
Question23: What is the following command used for?
net use \targetipc$ "" /u:""
Question24: Which security control role does encryption meet?
Question28: PGP, SSL, and IKE are all examples of which type of cryptography?
Question30: What is the benefit of performing an unannounced Penetration Testing?
Question31: What is the main security service a cryptographic hash provides?
Question35: What is the role of test automation in security testing?
Question36: How can a rootkit bypass Windows 7 operating system's kernel mode, code signing policy?
Question42: Which of the following levels of algorithms does Public Key Infrastructure (PKI) use?
Question44: The "black box testing" methodology enforces which kind of restriction?
Question49: Which of the following is a restriction being enforced in "white box testing?"
Question51: What statement is true regarding LM hashes?
Question57: Which tool can be used to silently copy files from USB devices?
Question73: How can telnet be used to fingerprint a web server?
Question74: Which of the following is a component of a risk assessment?
Question75: Which of the following is a hashing algorithm?
Question78: How does a denial-of-service attack work?
Question81: Which is the first step followed by Vulnerability Scanners for scanning a network?
Question83: In order to show improvement of security over time, what must be developed?
Question85: Which cipher encrypts the plain text digit (bit or byte) one by one?
Question86: From the following table, identify the wrong answer in terms of Range (ft).
Question88: Least privilege is a security concept that requires that a user is
Question92: Which method of password cracking takes the most time and effort?
Question95: Which of the following descriptions is true about a static NAT?
Question98: Why should the security analyst disable/remove unnecessary ISAPI filters?
Question101: How can a policy help improve an employee's security awareness?
Question105: What is the most common method to exploit the "Bash Bug" or "ShellShock" vulnerability?
Question106: What are the three types of authentication?
Question109: Which of the following tools are used for enumeration? (Choose three.)
Question112: What would you enter, if you wanted to perform a stealth scan using Nmap?
Question120: Which of the following is a preventive control?
Question121: In the field of cryptanalysis, what is meant by a "rubber-hose" attack?
Question122: Which of the following statements is TRUE?
Question139: Which of the following is an example of two factor authentication?
Question140: The "white box testing" methodology enforces what kind of restriction?
Question143: What port number is used by LDAP protocol?
Question150: Which of the following will perform an Xmas scan using NMAP?
Question152: An NMAP scan of a server shows port 25 is open. What risk could this pose?
Question157: This TCP flag instructs the sending system to transmit all buffered data immediately.
Question176: What are two things that are possible when scanning UDP ports? (Choose two.)
Question177: Which of the following describes the characteristics of a Boot Sector Virus?
Question180: Which type of cryptography does SSL, IKE and PGP belongs to?
Question187: Which of the following is the best countermeasure to encrypting ransomwares?
Question190: The following are types of Bluetooth attack EXCEPT_____?
Question192: What is the minimum number of network connections in a multi homed firewall?
Question193: The "gray box testing" methodology enforces what kind of restriction?
Question195: Cross-site request forgery involves:
Question202: What is the algorithm used by LM for Windows2000 SAM?
Question203: Which of the below hashing functions are not recommended for use?
Question204: What hacking attack is challenge/response authentication used to prevent?
Question208: Which of the following is designed to identify malicious attempts to penetrate systems?
Question210: Fingerprinting VPN firewalls is possible with which of the following tools?
Question212: When tuning security alerts, what is the best approach?
Question213: What is not a PCI compliance recommendation?
Question215: 
What does the option * indicate?
Question219: Which element of Public Key Infrastructure (PKI) verifies the applicant?
Question226: When discussing passwords, what is considered a brute force attack?
Question227: Which of the following is a strong post designed to stop a car?
Question230: One way to defeat a multi-level security solution is to leak data via
Question238: Which of the following is considered as one of the most reliable forms of TCP scanning?
Question242: Fingerprinting an Operating System helps a cracker because:
Question243: Which of the following examples best represents a logical or technical control?
Question244: How does the Address Resolution Protocol (ARP) work?
Question245: Which service in a PKI will vouch for the identity of an individual or company?
Question252: Look at the following output. What did the hacker accomplish?
Question255: What is a successful method for protecting a router from potential smurf attacks?
Question256: A zone file consists of which of the following Resource Records (RRs)?






