- (Topic 2)
E-mail scams and mail fraud are regulated by which of the following?

1. A. 18 U.S.
2. B. pa
3. C. 1030 Fraud and Related activity in connection with Computers
4. D. 18 U.S.
5. E. pa
6. F. 1029 Fraud and Related activity in connection with Access Devices
7. G. 18 U.S.
8. H. pa
9. I. 1362 Communication Lines, Stations, or Systems
10. J. 18 U.S.
11. K. pa
12. L. 2510 Wire and Electronic Communications Interception and Interception of Oral Communication

Correct Answer: A

- (Topic 2)
Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming himself to represent a technical support team from a vendor. He warned that a specific server is about to be compromised and requested sibertech.org to follow the provided instructions. Consequently, he prompted the victim to execute unusual commands and install malicious files, which were then used to collect and pass critical Information to Johnson's machine. What is the social engineering technique Steve employed in the above scenario?

1. A. Quid pro quo
2. B. Diversion theft
3. C. Elicitation
4. D. Phishing

Correct Answer: A
https://www.eccouncil.org/what-is-social-engineering/
This Social Engineering scam involves an exchange of information that can benefit both the victim and the trickster. Scammers would make the prey believe that a fair exchange will be present between both sides, but in reality, only the fraudster stands to benefit, leaving the victim hanging on to nothing. An example of a Quid Pro Quo is a scammer pretending to be an IT support technician. The con artist asks for the login credentials of the company??s computer saying that the company is going to receive technical support in return. Once the victim has provided the credentials, the scammer now has control over the company??s computer and may possibly load malware or steal personal information that can be a
motive to commit identity theft.
"A quid pro quo attack (aka something for something?? attack) is a variant of baiting. Instead of baiting a target with the promise of a good, a quid pro quo attack promises a service or a benefit based on the execution of a specific action." https://resources.infosecinstitute.com/topic/common-social-engineering- attacks/#:~:text=A%20quid%20pro%20quo%20attack,execution%20of%20a%20specific%2 0action.

- (Topic 1)
env x=??(){ :;};echo exploit?? bash –c ??cat/etc/passwd??
What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host?

1. A. Removes the passwd file
2. B. Changes all passwords in passwd
3. C. Add new user to the passwd file
4. D. Display passwd content to prompt

Correct Answer: D

- (Topic 3)
John, a professional hacker, performs a network attack on a renowned organization and gains unauthorized access to the target network. He remains in the network without being detected for a long time and obtains sensitive information without sabotaging the organization. Which of the following attack techniques is used by John?

1. A. Advanced persistent theft
2. B. threat Diversion theft
3. C. Spear-phishing sites
4. D. insider threat

Correct Answer: A
An advanced persistent threat (APT) may be a broad term wont to describe AN attack campaign within which an intruder, or team of intruders, establishes a bootleg, long presence on a network so as to mine sensitive knowledge.
The targets of those assaults, that square measure terribly fastidiously chosen and researched, usually embrace massive enterprises or governmental networks. the implications of such intrusions square measure huge, and include:
✑ Intellectual property thieving (e.g., trade secrets or patents)
✑ Compromised sensitive info (e.g., worker and user personal data)
✑ The sabotaging of essential structure infrastructures (e.g., information deletion)
✑ Total website takeovers
Executing an APT assault needs additional resources than a regular internet application attack. The perpetrators square measure typically groups of intimate cybercriminals having substantial resource. Some APT attacks square measure government-funded and used as cyber warfare weapons.
APT attacks dissent from ancient internet application threats, in that:
✑ They??re considerably additional advanced.
✑ They??re not hit and run attacks—once a network is infiltrated, the culprit remains so as to realize the maximum amount info as potential.
✑ They??re manually dead (not automated) against a selected mark and indiscriminately launched against an outsized pool of targets.
✑ They typically aim to infiltrate a complete network, as opposition one specific half. More common attacks, like remote file inclusion (RFI), SQL injection and cross-site scripting (XSS), square measure oftentimes employed by perpetrators to ascertain a footing in a very targeted network. Next, Trojans and backdoor shells square measure typically wont to expand that foothold and make a persistent presence inside the targeted perimeter.

- (Topic 1)
You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly.
What is the best Nmap command you will use?

1. A. nmap -T4 -q 10.10.0.0/24
2. B. nmap -T4 -F 10.10.0.0/24
3. C. nmap -T4 -r 10.10.1.0/24
4. D. nmap -T4 -O 10.10.0.0/24

Correct Answer: B
https://nmap.org/book/man-port-specification.html
NOTE: In my opinion, this is an absolutely wrong statement of the question. But you may come across a question with a similar wording on the exam. What does "fast" mean? If we want to increase the speed and intensity of the scan we can select the mode using the -T flag (0/1/2/3/4/5). At high -T values, we will sacrifice stealth and gain speed, but we will not limit functionality.
«nmap -T4 -F 10.10.0.0/24» This option is "correct" because of the -F flag.
-F (Fast (limited port) scan)
Specifies that you wish to scan fewer ports than the default. Normally Nmap scans the most common 1,000 ports for each scanned protocol. With -F, this is reduced to 100. Technically, scanning will be faster, but just because we have reduced the number of ports by 10 times, we are just doing 10 times less work, not faster.