EMT Practice Test
1. Question Content...
Question2: Fingerprinting VPN firewalls is possible with which of the following tools?
Question5: Which type of antenna is used in wireless communication?
Question6: Which command line switch would be used in NMAP to perform operating system detection?
Question7: Which of the following is an example of an asymmetric encryption implementation?
Question9: Which of the following is an extremely common IDS evasion technique in the web world?
Question14: What is the main reason the use of a stored biometric is vulnerable to an attack?
Question19: A covert channel is a channel that
Question22: Which of the following parameters describe LM Hash (see exhibit):
Exhibit:
Question28: What is the benefit of performing an unannounced Penetration Testing?
Question33: Which of the following is designed to identify malicious attempts to penetrate systems?
Question36: Which element of Public Key Infrastructure (PKI) verifies the applicant?
Question37: Which of the following is the successor of SSL?
Question42: Which type of access control is used on a router or firewall to limit network activity?
Question43: What is the best description of SQL Injection?
Question50: Which of the following is an example of two factor authentication?
Question51: How is sniffing broadly categorized?
Question53: Which tool can be used to silently copy files from USB devices?
Question54: What is a "Collision attack" in cryptography?
Question55: Which type of scan measures a person's external features through a digital video camera?
Question57: Passive reconnaissance involves collecting information through which of the following?
Question60: Which method of password cracking takes the most time and effort?
Question61: What results will the following command yield: 'NMAP -sS -O -p 123-153 192.168.100.3'?
Question67: In Risk Management, how is the term "likelihood" related to the concept of "threat?"
Question70: A botnet can be managed through which of the following?
Question71: Which type of scan is used on the eye to measure the layer of blood vessels?
Question80: Which of the following is not a Bluetooth attack?
Question82: Which of the following tools can be used for passive OS fingerprinting?
Question92: Which of the following is the greatest threat posed by backups?
Question101: In order to show improvement of security over time, what must be developed?
Question106: Which of the following is a component of a risk assessment?
Question107: Which of the following is a component of a risk assessment?
Question109: What statement is true regarding LM hashes?
Question111: How can rainbow tables be defeated?
Question112: Which of the following is the BEST way to defend against network sniffing?
Question114: Smart cards use which protocol to transfer the certificate in a secure manner?
Question129: The "white box testing" methodology enforces what kind of restriction?
Question134: A circuit level gateway works at which of the following layers of the OSI Model?
Question143: Which of the following is a strong post designed to stop a car?
Question144: Which of the following describes the characteristics of a Boot Sector Virus?
Question145: Which set of access control solutions implements two-factor authentication?
Question146: The "gray box testing" methodology enforces what kind of restriction?
Question151: What is the most common method to exploit the "Bash Bug" or "ShellShock" vulnerability?
Question162: Which tool would be used to collect wireless packet data?
Question164: Which of the following is a detective control?
Question167: Which of the following describes the characteristics of a Boot Sector Virus?
Question171: Which of the following is a low-tech way of gaining unauthorized access to systems?
Question172: Which cipher encrypts the plain text digit (bit or byte) one by one?
Question173: One way to defeat a multi-level security solution is to leak data via
Question189: What is the best defense against privilege escalation vulnerability?
Question191: ICMP ping and ping sweeps are used to check for active systems and to check
Question192: How does an operating system protect the passwords used for account logins?
Question195: How can telnet be used to fingerprint a web server?
Question198: Which of the following statements regarding ethical hacking is incorrect?
Question202: Which of the following is a client-server tool utilized to evade firewall inspection?
Question205: Which statement best describes a server type under an N-tier architecture?
Question207: Advanced encryption standard is an algorithm used for which of the following?
Question209: Which of the following is a characteristic of Public Key Infrastructure (PKI)?
Question210: WPA2 uses AES for wireless data encryption at which of the following encryption levels?
Question211: Which of the following statements is TRUE?
Question212: PGP, SSL, and IKE are all examples of which type of cryptography?
Question213: In the OSI model, where does PPTP encryption take place?
Question217: Which of the following levels of algorithms does Public Key Infrastructure (PKI) use?
Question222: Which of the following problems can be solved by using Wireshark?
Question227: Which of the following parameters enables NMAP's operating system detection feature?
Question231: Risks = Threats x Vulnerabilities is referred to as the:
Question238: Which of the following examples best represents a logical or technical control?
Question243: WPA2 uses AES for wireless data encryption at which of the following encryption levels?
Question246: How does the Address Resolution Protocol (ARP) work?
Question256: What is the broadcast address for the subnet 190.86.168.0/22?
Question258: What is the outcome of the comm"nc -l -p 2222 | nc 10.1.0.43 1234"?
Question263: Which of these options is the most secure procedure for storing backup tapes?
Question272: An NMAP scan of a server shows port 69 is open. What risk could this pose?
Question273: An NMAP scan of a server shows port 25 is open. What risk could this pose?
Question275: What information should an IT system analysis provide to the risk assessor?
Question282: Which of the following is assured by the use of a hash?
Question283: How can a policy help improve an employee's security awareness?
Question288: Which of the following is a preventive control?
Question291: Which of the following is considered an acceptable option when managing a risk?
Question293: SOAP services use which technology to format information?
Question296: Which of the following programs is usually targeted at Microsoft Office products?
Question305: The "black box testing" methodology enforces which kind of restriction?
Question309: Which of the following techniques will identify if computer files have been changed?
Question314: How can a rootkit bypass Windows 7 operating system's kernel mode, code signing policy?
Question317: Which type of security document is written with specific step-by-step details?
Question318: > NMAP -sn 192.168.11.200-215
The NMAP command above performs which of the following?
Question320: What are the three types of authentication?
Question322: One advantage of an application-level firewall is the ability to
Question328: Least privilege is a security concept that requires that a user is
Question334: Which statement is TRUE regarding network firewalls preventing Web Application attacks?


