Your company has a document that spells out exactly what employees are allowed to do on their computer systems. It also defines what is prohibited and what consequences await those who break the rules. A copy of this document is signed by all employees prior to their network access. Which of the following best describes this policy?

Which of the following statements is true regarding port scanning:

While pen-testing a client, you discover LM hashing, with no salting, is still while for backward compatibility on most systems. One stolen password hash reads 9FAF6B755DC38E12AAD3B435B51404EE. Is this user following good password procedures?

Which of the following is not a recommended step in recovering from a malware infection?

Which footprinting tool or technique can be used to find the names and addresses of employees or technical points of contact?

What flag or flags are sent in the segment during the second step of the TCP three-way handshake?

A pen tester is attempting to use nslookup and has the tool in interactive mode for the search. Which command should be used to request the appropriate records?

An ethical hacker is hired to test the security of a business network. The CEH is given no prior knowledge of the network and has a specific framework in which to work, defining boundaries, nondisclosure agreements, and the completion date. Which of the following is a true statement?

In which stage of an ethical hack would the attacker actively apply tools and techniques to gather more in-depth information on the targets?

An auditor is performing a walkthrough of a server environment. Regarding a set of production servers, the systems engineer has told the auditor that the systems are operating in an “active-active” configuration. What can the auditor conclude from this?