WGU C701 - Ethical Hacking ACTUAL
QUESTIONS AND CORRECT ANSWERS
Which of the following information security elements guarantees that the sender of a message
cannot later deny having sent the message and the recipient cannot deny having received the
message?
A Confidentiality
B Non-repudiation
C Availability
D Integrity - CORRECT ANSWERS B
A phase of the cyber kill chain methodology triggers the adversary's malicious code, which
utilizes a vulnerability in the operating system, application, or server on a target system. At this
stage, the organization may face threats such as authentication and authorization attacks,
arbitrary code execution, physical security threats, and security misconfiguration.
Which is this phase of the cyber kill chain methodology?
A Reconnaissance
B Weaponization
C Exploitation
D Installation - CORRECT ANSWERS C
Which of the following is a category of hackers who are also known as crackers, use their
extraordinary computing skills for illegal or malicious purposes, and are often involved in
criminal activities?
,A Black hats
B White hats
C Suicide hackers
D Script kiddies - CORRECT ANSWERS A
John, a professional hacker, has launched an attack on a target organization to extract sensitive
information. He was successful in launching the attack and gathering the required information.
He is now attempting to hide the malicious acts by overwriting the server, system, and
application logs to avoid suspicion.
Which of the following phases of hacking is John currently in?
A Maintaining access
B Scanning
C Clearing tracks
D Gaining access - CORRECT ANSWERS C
Which of the following risk management phases involves selecting and implementing
appropriate controls for the identified risks to modify them?
A Risk tracking and review
B Risk identification
C Risk treatment
D Risk assessment - CORRECT ANSWERS C
In which of the following incident handling and response phases are the identified security
incidents analyzed, validated, categorized, and prioritized?
,A Incident recording and assignment
B Incident triage
C Containment
D Eradication - CORRECT ANSWERS B
Which of the following phases of risk management is an ongoing iterative process that assigns
priorities for risk mitigation and implementation plans to help determine the quantitative and
qualitative value of risk?
A Risk identification
B Risk treatment
C Risk tracking and review
D Risk assessment - CORRECT ANSWERS D
Jack, a security professional, was instructed to introduce a security standard to handle cardholder
information for major debit, credit, prepaid, e-purse, ATM, and POS cards. In the process, Jack
has employed a standard that offers robust and comprehensive standards as well as supporting
materials to enhance payment-card data security.
What is the security standard that Jack has employed?
A HIPAA
B SOX
C DMCA
D PCI DSS - CORRECT ANSWERS D
, Morris, an attacker, has targeted an organization's network. To know the structure of the target
network, he combined footprinting techniques with a network utility that helped him create
diagrammatic representations of the target network.
What is the network utility employed by Morris in the above scenario?
A Netcraft
B Tracert
C Shodan
D BuzzSumo - CORRECT ANSWERS B
Which of the following Google advanced search operators displays similar websites to the
specified URL?
A [site:]
B [info:]
C [inurl:]
D [related:] - CORRECT ANSWERS D
Which of the following techniques is used by an attacker to perform automated searches on the
target website and collect specified information, such as employee names and email addresses?
A Web spidering
B Website mirroring
C Monitoring of web updates
D Website link extraction - CORRECT ANSWERS A
QUESTIONS AND CORRECT ANSWERS
Which of the following information security elements guarantees that the sender of a message
cannot later deny having sent the message and the recipient cannot deny having received the
message?
A Confidentiality
B Non-repudiation
C Availability
D Integrity - CORRECT ANSWERS B
A phase of the cyber kill chain methodology triggers the adversary's malicious code, which
utilizes a vulnerability in the operating system, application, or server on a target system. At this
stage, the organization may face threats such as authentication and authorization attacks,
arbitrary code execution, physical security threats, and security misconfiguration.
Which is this phase of the cyber kill chain methodology?
A Reconnaissance
B Weaponization
C Exploitation
D Installation - CORRECT ANSWERS C
Which of the following is a category of hackers who are also known as crackers, use their
extraordinary computing skills for illegal or malicious purposes, and are often involved in
criminal activities?
,A Black hats
B White hats
C Suicide hackers
D Script kiddies - CORRECT ANSWERS A
John, a professional hacker, has launched an attack on a target organization to extract sensitive
information. He was successful in launching the attack and gathering the required information.
He is now attempting to hide the malicious acts by overwriting the server, system, and
application logs to avoid suspicion.
Which of the following phases of hacking is John currently in?
A Maintaining access
B Scanning
C Clearing tracks
D Gaining access - CORRECT ANSWERS C
Which of the following risk management phases involves selecting and implementing
appropriate controls for the identified risks to modify them?
A Risk tracking and review
B Risk identification
C Risk treatment
D Risk assessment - CORRECT ANSWERS C
In which of the following incident handling and response phases are the identified security
incidents analyzed, validated, categorized, and prioritized?
,A Incident recording and assignment
B Incident triage
C Containment
D Eradication - CORRECT ANSWERS B
Which of the following phases of risk management is an ongoing iterative process that assigns
priorities for risk mitigation and implementation plans to help determine the quantitative and
qualitative value of risk?
A Risk identification
B Risk treatment
C Risk tracking and review
D Risk assessment - CORRECT ANSWERS D
Jack, a security professional, was instructed to introduce a security standard to handle cardholder
information for major debit, credit, prepaid, e-purse, ATM, and POS cards. In the process, Jack
has employed a standard that offers robust and comprehensive standards as well as supporting
materials to enhance payment-card data security.
What is the security standard that Jack has employed?
A HIPAA
B SOX
C DMCA
D PCI DSS - CORRECT ANSWERS D
, Morris, an attacker, has targeted an organization's network. To know the structure of the target
network, he combined footprinting techniques with a network utility that helped him create
diagrammatic representations of the target network.
What is the network utility employed by Morris in the above scenario?
A Netcraft
B Tracert
C Shodan
D BuzzSumo - CORRECT ANSWERS B
Which of the following Google advanced search operators displays similar websites to the
specified URL?
A [site:]
B [info:]
C [inurl:]
D [related:] - CORRECT ANSWERS D
Which of the following techniques is used by an attacker to perform automated searches on the
target website and collect specified information, such as employee names and email addresses?
A Web spidering
B Website mirroring
C Monitoring of web updates
D Website link extraction - CORRECT ANSWERS A
