What is the following command used for?
net use targetipc$ "" /u:""

1. A. Grabbing the etc/passwd file
2. B. Grabbing the SAM
3. C. Connecting to a Linux computer through Samba.
4. D. This command is used to connect as a null session
5. E. Enumeration of Cisco routers

Correct Answer: D

Which of the following is a low-tech way of gaining unauthorized access to systems?

1. A. Social Engineering
2. B. Eavesdropping
3. C. Scanning
4. D. Sniffing

Correct Answer: A

Hackers often raise the trust level of a phishing message by modeling the email to look similar to the internal email used by the target company. This includes using logos, formatting, and names of the target company. The phishing message will often use the name of the company CEO, President, or Managers. The time a hacker spends performing research to locate this information about a company is known as?

1. A. Exploration
2. B. Investigation
3. C. Reconnaissance
4. D. Enumeration

Correct Answer: C

Which of the following web vulnerabilities would an attacker be attempting to exploit if they delivered the following input?
] >

1. A. XXE
2. B. SQLi
3. C. IDOR
4. D. XXS

Correct Answer: A

Johnson, an attacker, performed online research for the contact details of reputed cybersecurity firms. He found the contact number of sibertech.org and dialed the number, claiming himself to represent a technical support team from a vendor. He warned that a specific server is about to be compromised and requested sibertech.org to follow the provided instructions. Consequently, he prompted the victim to execute unusual commands and install malicious files, which were then used to collect and pass critical Information to Johnson's machine. What is the social engineering technique Steve employed in the above scenario?

1. A. Quid pro quo
2. B. Diversion theft
3. C. Elicitation
4. D. Phishing

Correct Answer: A
https://www.eccouncil.org/what-is-social-engineering/
This Social Engineering scam involves an exchange of information that can benefit both the victim and the trickster. Scammers would make the prey believe that a fair exchange will be present between both sides, but in reality, only the fraudster stands to benefit, leaving the victim hanging on to nothing. An example of a Quid Pro Quo is a scammer pretending to be an IT support technician. The con artist asks for the login credentials of the company’s computer saying that the company is going to receive technical support in return. Once the victim has provided the credentials, the scammer now has control over the company’s computer and may possibly load malware or steal personal information that can be a motive to commit identity theft.
"A quid pro quo attack (aka something for something” attack) is a variant of baiting. Instead of baiting a target with the promise of a good, a quid pro quo attack promises a service or a benefit based on the execution of a specific action."
https://resources.infosecinstitute.com/topic/common-social-engineering-attacks/#:~:text=A%20quid%20pro%20