Robert, a professional hacker, is attempting to execute a fault injection attack on a target IoT device.
In this process, he injects faults into the power supply that can be used for remote execution, also
causing the skipping of key instructions. He also injects faults into the clock network used for
delivering a synchronized signal across the chip.
Which of the following types of fault injection attack is performed by Robert in the above scenario?
D
Explanation:
These types of attacks occur when faults or glitches are INJECTED into the Power supply that can be
used for remote execution.
230/230
Which of the following Metasploit post-exploitation modules can be used to escalate privileges on
Windows systems?
A
Which rootkit is characterized by its function of adding code and/or replacing some of the operating-
system kernel code to obscure a backdoor on a system?
C
Jacob works as a system administrator in an organization. He wants to extract the source code of a
mobile application and disassemble the application to analyze its design flaws. Using this technique,
he wants to fix any bugs in the application, discover underlying vulnerabilities, and improve defense
strategies against attacks.
What is the technique used by Jacob in the above scenario to improve the security of the mobile
application?
A
Which of the following Bluetooth hacking techniques does an attacker use to send messages to users
without the recipients consent, similar to email spamming?
C
Sophia is a shopping enthusiast who spends significant time searching for trendy outfits online. Clark,
an attacker, noticed her activities several times and sent a fake email containing a deceptive page
link to her social media page displaying all-new and trendy outfits. In excitement, Sophia clicked on
the malicious link and logged in to that page using her valid credentials. Which of the following tools
is employed by Clark to create the spoofed email?
228/230
Questions & Answers PDF
P-
C
An attacker identified that a user and an access point are both compatible with WPA2 and WPA3
encryption. The attacker installed a rogue access point with only WPA2 compatibility in the vicinity
and forced the victim to go through the WPA2 four-way handshake to get connected. After the
connection was established, the attacker used automated tools to crack WPA2-encrypted messages.
What is the attack performed in the above scenario?
B
This type of injection attack does not show any error message. It is difficult to exploit as it returns
information when the application is given SQL payloads that elicit a true or false response from the
server. By observing the response, an attacker can extract sensitive information. What type of attack
is this?
D
You are using a public Wi-Fi network inside a coffee shop. Before surfing the web, you use your VPN
to prevent intruders from sniffing your traffic. If you did not have a VPN, how would you identify
whether someone is performing an ARP spoofing attack on your laptop?
A
An attacker utilizes a Wi-Fi Pineapple to run an access point with a legitimate-looking SSID for a
nearby business in order to capture the wireless password. What kind of attack is this?
B