While pen-testing a client, you discover LM hashing, with no salting, is still while for backward compatibility on most systems. One stolen password hash reads 9FAF6B755DC38E12AAD3B435B51404EE. Is this user following good password procedures?

Which of the following is not a recommended step in recovering from a malware infection?

Which footprinting tool or technique can be used to find the names and addresses of employees or technical points of contact?

What flag or flags are sent in the segment during the second step of the TCP three-way handshake?

A pen tester is attempting to use nslookup and has the tool in interactive mode for the search. Which command should be used to request the appropriate records?

An ethical hacker is hired to test the security of a business network. The CEH is given no prior knowledge of the network and has a specific framework in which to work, defining boundaries, nondisclosure agreements, and the completion date. Which of the following is a true statement?

In which stage of an ethical hack would the attacker actively apply tools and techniques to gather more in-depth information on the targets?

An auditor is performing a walkthrough of a server environment. Regarding a set of production servers, the systems engineer has told the auditor that the systems are operating in an “active-active” configuration. What can the auditor conclude from this?

A new IT leader in an organization wants to introduce quality management into the IT organization. Which is the best standard to use as a reference?

What is the most compelling security reason for isolating IoT devices from other systems on a network?