IT Questions Bank Mar 16, 2020 Last Updated: Jun 29, 2023 No Comments Share Tweet Share Pin it IT Questions Bank › Category: Ethical HackerMatch the cloud attack to the description.ITExamAnswers asked 10 months ago • Ethical HackerWhich two misconfigured cloud authentication methods could leverage a cloud asset? (Choose two.)ITExamAnswers asked 10 months ago • Ethical HackerAn attacker enters the string 192.168.78.6;cat /etc/httpd/httpd.conf on a web application hosted on a Linux server. Which type of attack occurred?ITExamAnswers asked 10 months ago • Ethical HackerWhat are two examples of immutable queries that should be used as mitigation for SQL injection vulnerabilities? (Choose two.)ITExamAnswers asked 10 months ago • Ethical HackerAn attacker enters the string ‘John’ or ‘1=1’ on a web form that is connected to a back-end SQL server causing the server to display all records in the database table. Which type of SQL injection attack was used in this scenario?ITExamAnswers asked 10 months ago • Ethical HackerWhat kind of social engineering attack can be prevented by developing policies such as updating anti-malware applications regularly and using secure virtual browsers with little connectivity to the rest of the system and the rest of the network?ITExamAnswers asked 10 months ago • Ethical HackerWhat is a characteristic of a pharming attack?ITExamAnswers asked 10 months ago • Ethical HackerWhich statement correctly describes a type of physical social engineering attack?ITExamAnswers asked 10 months ago • Ethical HackerA threat actor spoofed the phone number of the director of HR and called the IT help desk with a login problem. The threat actor claims to be the director and wants the help desk to change the password. What method of influence is this cybercriminal using?ITExamAnswers asked 10 months ago • Ethical HackerA cybersecurity student is learning about the Social-Engineer Toolkit (SET), and the student has discovered that this tool can be used to launch various social engineering attacks. Which two social engineering attacks can be launched using SET?ITExamAnswers asked 10 months ago • Ethical HackerA penetration tester deploys a rogue AP in the target wireless infrastructure. What is the first step that has to be taken to force wireless clients to connect to the rogue AP?ITExamAnswers asked 10 months ago • Ethical HackerRefer to the exhibit. What is the penetration tester trying to achieve by running this exploit?ITExamAnswers asked 10 months ago • Ethical HackerA penetration tester runs the Nmap NSE script nmap –script smtp-open-relay.nse 10.0.0.1 command on a Kali Linux PC. What is the purpose of running this script?ITExamAnswers asked 10 months ago • Ethical HackerRefer to the exhibit. A penetration is being prepared to run the EternalBlue exploit using Metasploit against a target with an IP address of 10.0.0.1/8 from the source PC with an IP address of 10.0.0.111/8. What two commands must be entered before the exploit command can be run? (Choose two.)ITExamAnswers asked 10 months ago • Ethical HackerAn organization wants to test its vulnerability to an employee with network privileges accessing the network maliciously. Which type of penetration test should be used to test this vulnerability?ITExamAnswers asked 10 months ago • Ethical Hacker