Practical certificates and exams

eth0eth0 Member Posts: 86 ■■□□□□□□□□
in Other Security Certifications
Do you know other that Offensive Security practical certificates and exams from infosec that can be made on-line? Because to be honest for example https://www.concise-courses.com/test-yourself/cpte/ C)PTE aka Mile2 Certified Penetration Testing Engineer - exams like that are so much stupid icon_rolleyes.gif.
CPTE Certified Penetration Testing Engineer Practice Exam

1. Why wouldn't it be surprising to find netcat on a trojaned-computer?
Netcat can be used to block any port from proper operation
Netcat is used by system administrators to detect remote access trojans
Netcat can be used to perform port scanning
Netcat encrypts all communications

2. What technology has made trojans easy to distribute?
Digitally Signed Software
Legacy Assembly language code
Personal firewall software
EXE wrappers

3. Which of the following ports is most frequently associated with a trojan on a Windows computer?
53
135
31337
3389

4. What process is used by a Cisco switch to prevent or detect ARP cache poisoning?
ARP watch
Dynamic ARP Inspection
VLANs
IPSec-ready

5. Which of the following protocols sends data in clear text and is thus insecure?
SSH
SNMP V3
POP3
WEP

6. What technology can be deployed at the network layer to protect against sniffing?
SSL
Certificates
IPSec
SSH

7. A direct attack on a database system is one that attacks what?
The application code of the database system
The data residing on the database tables
The web front-end to the database
The first user account created on the database server

8. SQL injection is defined as?
The gaining of access to a database management system by injecting code into a system process
The insertion of invalidated SQL code into an input field which is used to directly build an SQL statement
The process of placing new data into a database by inserting malicious code
Altering data on a victim's database server to that of a hacker's choice

9. Types of potential vulnerabilities that are commonly scanned for using a Rainbow table include:
Password vulnerabilities
Weak operating system and application default settings
Common configuration and coding mistakes
Protocol vulnerabilities (such as the TCP/IP stack vulnerabilities)

10. Which of these methods would be considered an example of active reconnaissance?
War dialing
Whois lookup
Google hacking
Capturing wireless transmissions
· Share on FacebookShare on Twitter
Sign In or Register to comment.