WGU C701: ETHICAL HACKING AND PENETRATION TESTING
EXAM 2025|177 QUESTIONS WITH ACCURATE SOLUTIONS
1. What is the term used for a cloud deployment model operated by a
single organization within its own firewall?
Hybrid cloud
Private cloud
Community cloud
Public cloud
2. What does EAP stand for in the context of centralized client
authentication?
Extensible Authentication Protocol
Enhanced Authentication Process
Enterprise Access Protocol
Encrypted Access Protocol
3. Describe the concept of non-repudiation in the context of information
security.
Non-repudiation guarantees that data is available when needed.
Non-repudiation refers to the protection of data from
unauthorized access.
Non-repudiation ensures that both the sender and recipient of a
message cannot deny their involvement in the communication.
Non-repudiation is the process of verifying the integrity of data.
4. Describe the significance of using automated tools like Nessus and
Qualys in vulnerability assessments.
, Automated tools are only useful for network scanning, not
vulnerability assessment.
Automated tools like Nessus and Qualys streamline the
vulnerability assessment process by quickly identifying security
weaknesses.
Automated tools require more manual intervention than
traditional methods.
Automated tools are less effective than manual assessments in
identifying vulnerabilities.
5. The Lockheed Martin kill chain identifies phases of an attack on systems.
Evaluate the given descriptions and determine which one relates to
Exploitation.
Weaponized code executed on a target system.
Weaponized code establishes an outbound channel for remote
access.
Weaponized code transmitted to the target environment.
Weaponized code achieves persistence on a target system.
6. Which of the following hping commands is used by an attacker to scan
the entire subnet to detect live hosts in a target network?
hping3 -9 HTTP -I eth0
hping3 -1 10.0.1.x --rand-dest -I eth0
hping3 -F -P -U 10.0.0.25 -p 80
hping3 -8 50-60 -S 10.0.0.25 -V
7. Morris, an attacker, has targeted an organization's network. To know the
structure of the target network, he combined footprinting techniques
with a network utility that helped him create diagrammatic
, representations of the target network. What is the network utility
employed by Morris in the above scenario?
Netcraft
Tracert
Shodan
BuzzSumo
8. What is the term used to describe the phase in the cyber kill chain where
an adversary's malicious code is triggered?
Weaponization
Exploitation
Installation
Reconnaissance
9. Describe the significance of using a rules file like 'rules.yaml' in the
context of the DumpsterDiver tool.
The rules file 'rules.yaml' is used to configure network settings for
the tool.
The rules file 'rules.yaml' specifies the criteria and patterns for
identifying secrets and hardcoded passwords during analysis.
The rules file 'rules.yaml' is used to log the results of the analysis.
The rules file 'rules.yaml' contains a list of malware signatures.
10. A black hat hacker is also called a_______ _.
Cracker
Thief
None of these
, Sneaker
11. Which of the following SQL injection queries is used by an attacker to
extract table column names?
http://www.certifiedhacker.com/page.aspx?id=1 UNION SELECT
ALL 1,column_name,3,4 from
DB_NAME.information_schema.columns where table_name
='EMPLOYEE_TABLE'--
http://www.certifiedhacker.com/page.aspx?id=1 UNION SELECT
ALL 1,TABLE_NAME,3,4 from sysobjects where xtype=char(85)--
http://www.certifiedhacker.com/page.aspx?id=1 UNION SELECT
ALL 1,COLUMN-NAME-1,3,4 from EMPLOYEE_NAME --
http://www.certifiedhacker.com/page.aspx?id=1 UNION SELECT
ALL 1,DB_NAME,3,4--
12. If an attacker successfully executes the modbus write command on a
PLC, what immediate impact could this have on the industrial control
system?
It would result in the PLC shutting down automatically.
It would allow the attacker to monitor the system without altering
its functions.
It could lead to unauthorized changes in the operation of the
system, potentially causing safety hazards.
It would enhance the security of the PLC by updating its
configurations.
13. What does the SYN flag in TCP communication signify?
Termination of a connection
Establishment of a connection
Error recovery
EXAM 2025|177 QUESTIONS WITH ACCURATE SOLUTIONS
1. What is the term used for a cloud deployment model operated by a
single organization within its own firewall?
Hybrid cloud
Private cloud
Community cloud
Public cloud
2. What does EAP stand for in the context of centralized client
authentication?
Extensible Authentication Protocol
Enhanced Authentication Process
Enterprise Access Protocol
Encrypted Access Protocol
3. Describe the concept of non-repudiation in the context of information
security.
Non-repudiation guarantees that data is available when needed.
Non-repudiation refers to the protection of data from
unauthorized access.
Non-repudiation ensures that both the sender and recipient of a
message cannot deny their involvement in the communication.
Non-repudiation is the process of verifying the integrity of data.
4. Describe the significance of using automated tools like Nessus and
Qualys in vulnerability assessments.
, Automated tools are only useful for network scanning, not
vulnerability assessment.
Automated tools like Nessus and Qualys streamline the
vulnerability assessment process by quickly identifying security
weaknesses.
Automated tools require more manual intervention than
traditional methods.
Automated tools are less effective than manual assessments in
identifying vulnerabilities.
5. The Lockheed Martin kill chain identifies phases of an attack on systems.
Evaluate the given descriptions and determine which one relates to
Exploitation.
Weaponized code executed on a target system.
Weaponized code establishes an outbound channel for remote
access.
Weaponized code transmitted to the target environment.
Weaponized code achieves persistence on a target system.
6. Which of the following hping commands is used by an attacker to scan
the entire subnet to detect live hosts in a target network?
hping3 -9 HTTP -I eth0
hping3 -1 10.0.1.x --rand-dest -I eth0
hping3 -F -P -U 10.0.0.25 -p 80
hping3 -8 50-60 -S 10.0.0.25 -V
7. Morris, an attacker, has targeted an organization's network. To know the
structure of the target network, he combined footprinting techniques
with a network utility that helped him create diagrammatic
, representations of the target network. What is the network utility
employed by Morris in the above scenario?
Netcraft
Tracert
Shodan
BuzzSumo
8. What is the term used to describe the phase in the cyber kill chain where
an adversary's malicious code is triggered?
Weaponization
Exploitation
Installation
Reconnaissance
9. Describe the significance of using a rules file like 'rules.yaml' in the
context of the DumpsterDiver tool.
The rules file 'rules.yaml' is used to configure network settings for
the tool.
The rules file 'rules.yaml' specifies the criteria and patterns for
identifying secrets and hardcoded passwords during analysis.
The rules file 'rules.yaml' is used to log the results of the analysis.
The rules file 'rules.yaml' contains a list of malware signatures.
10. A black hat hacker is also called a_______ _.
Cracker
Thief
None of these
, Sneaker
11. Which of the following SQL injection queries is used by an attacker to
extract table column names?
http://www.certifiedhacker.com/page.aspx?id=1 UNION SELECT
ALL 1,column_name,3,4 from
DB_NAME.information_schema.columns where table_name
='EMPLOYEE_TABLE'--
http://www.certifiedhacker.com/page.aspx?id=1 UNION SELECT
ALL 1,TABLE_NAME,3,4 from sysobjects where xtype=char(85)--
http://www.certifiedhacker.com/page.aspx?id=1 UNION SELECT
ALL 1,COLUMN-NAME-1,3,4 from EMPLOYEE_NAME --
http://www.certifiedhacker.com/page.aspx?id=1 UNION SELECT
ALL 1,DB_NAME,3,4--
12. If an attacker successfully executes the modbus write command on a
PLC, what immediate impact could this have on the industrial control
system?
It would result in the PLC shutting down automatically.
It would allow the attacker to monitor the system without altering
its functions.
It could lead to unauthorized changes in the operation of the
system, potentially causing safety hazards.
It would enhance the security of the PLC by updating its
configurations.
13. What does the SYN flag in TCP communication signify?
Termination of a connection
Establishment of a connection
Error recovery
