1) Which of the following are Penetration testing methodology? A. White box model B. Black box model C. Gray box model D. All of the above 2) Which of the following skills are needed to be a security tester? A. Knowledge of network and computer technology B. Ability to communicate with management and IT personnel C. An understanding of the laws in your location and ability to use necessary tools D. All of the above 3) Which of the following are the district layer of TCP/IP? A. Network and Internet B. Transport and Application C. Network, Internet, Transport, Presentation D. A and B 4) Which of the followings are the TCP segment flags? A. SYN flag: synch flag , ACK flag: acknowledgment flag B. PSH flag: push flag, URG flag: urgent flag, STF flag: set test flag C. PSH flag: push flag, URG flag: urgent flag, RST flag: reset flag, FIN flag: finish flag D. A and C 5) Which of the following are properties of User Datagram Protocol (UDP)? A. Fast but unreliable delivery protocol and Operates on Transport layer B. Used for speed but Does not need to verify receiver is listening or ready C. Depends on higher layers of TCP/IP stack handle problems and Referred to as a connectionless protocol D. All of the above 6) Distributed denial-of-service (DDoS) attack is: A. Attack on host from single servers or workstations and Network could be flooded with billions of packets that causes Loss of bandwidth and Degradation or loss of speed B. Attack on host from multiple servers or workstations and Network could be flooded with billions of packets that causes Loss of bandwidth and Degradation or loss of speed C. Attack on server from multiple host or workstations and Network could be flooded with billions of packets causes Loss of bandwidth and Degradation or loss of speed D. None of the above 7) Different categories of Attacks are: A. Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), Buffer overflow B. Ping of Death, Session hijacking C. Denial-of-Service (DoS), Distributed Denial-of-Service (DDoS), Buffer overflow, Ping of Death, Port High jacking (PoH) D. A and B 8) Which of the following are Social Engineering Tactics? A. Persuasion, Intimidation, Coercion B. Persuasion, Intimidation, Coercion, Extortion, blackmailing C. Persuasion, Intimidation, Coercion, Extortion, Urgency D. All of the above 9) Which of the following/s are types of Port Scans? A. ACK scan, FIN scan, UDP scan B. SYN scan, NULL scan, XMAS scan, C. ACK scan, FIN scan, UDP scan, SYN scan, NULL scan, XMAC scan D. A and B 10) Enumeration extracts information about: A. Resources or shares on the network B. Usernames or groups assigned on the network C. User’s password and recent logon times D. All of the above 11) Which of the following are NetBIOS Enumeration Tools? A. Nbtstat command, Net view command, Net use command B. Nbtstat command, Net view command, Dumpsec command C. Nbtstat command, Net view command, Hyena command D. None of the above 12) D ...