The purpose of this Sample Question Set is to provide you with information about the EXIN Ethical Hacking Foundation (EHF) exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the EHF certification test. To get familiar with real exam environment, we suggest you try our Sample EXIN Ethical Hacking Foundation Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual EXIN Ethical Hacking Foundation certification exam.
These sample questions are simple and basic questions that represent likeness to the real EXIN Ethical Hacking Foundation exam questions. To assess your readiness and performance with real-time scenario based questions, we suggest you prepare with our Premium EXIN EHF Certification Practice Exam. When you solve real time scenario based questions practically, you come across many difficulties that give you an opportunity to improve.
EXIN EHF Sample Questions:
01. A tester is conducting a penetration test on a web server. She begins the test with a banner grabbing attack. She has already verified that the web server is running a Linux distribution. However, the HTTP banner reports that it is running IIS version 8.
What type of defense is the web server administrator using?
a) Folder redirection
b) Port obfuscation
c) Process redirection
d) Service spoofing
02. You have saved the output of an Nmap scan in XML format. What should you use to import the scan results within Metasploit?
a) db_import
b) nmap_import
c) scan_import
03. What is the primary goal of an Ethical Hacker?
a) Avoiding detection
b) Determining return on investment (ROI) for security measures
c) Resolving security vulnerabilities
d) Testing security controls
04. Penetration testers sometimes use shells to communicate and find vulnerabilities in systems. One type of shells is so-called 'Bind Shells'. In certain scenario's these are ineffective. Why is that?
a) Firewalls will block any traffic on a port the Bind Shells tries to communicate on
b) Windows 7 and above cannot run shell commands anymore if the user is not an administrator
c) Bind Shells only run on terminal based operating systems
05. A hacker managed to find an XSS vulnerability. Now she wants to take over sessions. Where does she need the data retrievable from?
a) document.session
b) session.cookie
c) document.cookie
06. What can be used to create a connection between your machine and the website you have your R57 shell running on?
a) Eval function
b) Backconnect shell
c) Reverse shell
07. When creating an XSS PoC, what is the function that provides a pop-up?
a) popup()
b) window.popup()
c) alert()
08. What is a function of the R57 shell?
a) Implementing a web-based version of Metasploit
b) Viewing and transferring files
c) Viewing the webcams of visitors towards the website
09. Someone has breached a website and managed to keep it a secret. The hack was not part of an assignment and there was no permission. What is this person called?
a) White hat hacker
b) Hacktivist
c) Scriptkiddie
d) Black hat hacker
10. You are performing a penetration test and are asked to test the authentication strength of a storage device. You have not received the IP address of the host, but you were told that the system sends a message to the network's broadcast every five minutes. What could you use to find the IP address of the host?
a) Ncrack
b) Netdiscover
c) Wireshark
Answers:
Question: 01
Answer: d |
Question: 02
Answer: a |
Question: 03
Answer: d |
Question: 04
Answer: a |
Question: 05
Answer: c |
Question: 06
Answer: b |
Question: 07
Answer: c |
Question: 08
Answer: b |
Question: 09
Answer: d |
Question: 10
Answer: c |
Note: For any error in EXIN Ethical Hacking Foundation certification exam sample questions, please update us by writing an email on feedback@certfun.com.
