MCQs Preparation for Manager Digital Forensics and Malware Analysis

MCQs Preparation for Assistant Manager (Digital Forensics. Malware Analysis)

  • Computer Hacking Forensic Investigator (CHFI)
    • CHFI Syllabus
      • Computer Forensics Nowadays MCQs.
      • Process of Computer Forensics Investigation MCQs.
      • Understanding File Systems MCQs.
      • Understanding Hard Disks MCQs.
      • Malware Forensics MCQs.
      • Defeating Anti-Forensics Techniques MCQs.
      • Data Acquisition and Duplication MCQs.
      • Investigating E-mail Crimes MCQs.
      • Mobile Forensics MCQs.
      • Operating System Forensics MCQs.
      • Investigating Web Attacks MCQs.
      • Database Forensics MCQs.
      • Cloud Forensics MCQs.
      • Investigative Reports MCQs.
      • Network Forensics MCQs.
  • Cyber Security Forensic Analyst (CSFA)
    • Syllabus
      • Windows Operating Systems print spool files MCQs.
      • Windows Operating Systems Prefetch MCQs.
      • Windows Operating Systems registry MCQs.
      • Windows Operating Systems shortcuts MCQs.
      • Windows Operating Systems swap file MCQs.
      • Windows Operating Systems Volume Shadow Copy MCQs.
      • Working as an expert technical witness MCQs.
      • Active, archival and latent data MCQs.
      • Affidavits, motions, and subpoenas MCQs.
      • Compact Disc analysis MCQs.
      • Metadata for Microsoft Office and PDF documents MCQs.
      • NTFS MCQs.
      • Overcoming encryption mechanisms and password protection MCQs.
      • PC hardware concepts MCQs.
      • Privacy issues MCQs.
      • Rules of evidence MCQs.
      • Conducting keyword boolean searches MCQs.
      • Creating understandable and accurate reports MCQs.
      • Interpreting Internet History and HTTP concepts MCQs.
      • Manual and automated data recovery MCQs.
      • Creating forensically fit working copies of media MCQs.
      • Interpretation of various log formats MCQs.
      • TCP/IP concepts MCQs.
      • Documentation, chain of custody, and evidence handling procedures MCQs.
      • FAT 16/32 file systems MCQs.
      • File Headers and Footers MCQs.
      • Unallocated space, RAM slack, drive slack, and File slack MCQs.
      • Hashes and Checksums MCQs.
      • Imaging handheld devices MCQs.
      • Insurance/liability issues MCQs.
  • Certified Ethical Hacker (CEH)
    • COURSE OUTLINE

      INTRO TO ETHICAL HACKING
      • Knowledge of Current Security Trends
      • Knowledge of Elements of Information Security
      • Knowledge of Information Security Threats and Attack Vectors
      • Knowledge of hacking concepts, types, and phases
      • Knowledge of ethical hacking concepts and scope
      • Knowledge of information security management and defense-in-depth
      • Knowledge of policies, procedures, and awareness
      • Knowledge of physical security and controls
      • Knowledge of incidence management process
      • Knowledge of vulnerability assessment and penetration testing
      • Knowledge of information security acts and laws
      CRYPTOGRAPHY
      • Knowledge of Cryptography concepts
      • Knowledge of encryption algorithms
      • Cryptography tools
      • Knowledge of Public Key Infrastructure (PKI)
      • Knowledge of email encryption
      • Knowledge of disk encryption
      • Knowledge of Cryptography attacks
      • Cryptanalysis Tools

       

      FOOTPRINTING AND RECONNAISSANCE
      • Knowledge of footprinting concepts
      • Footprinting through search engines
      • Footprint using advanced google hacking techniques
      • Footprint through social networking sites
      • Knowledge of different techniques for website footprinting
      • Knowledge of different techniques for email footprinting
      • Knowledge of different techniques of competitive intelligence
      • Knowledge of different techniques for WHO IS footprinting
      • Knowledge of different techniques for network footprinting
      • Knowledge of different techniques of footprinting through social engineering
      • Footprinting tools
      • Footprinting countermeasures
      • Knowledge of footprinting Pen Testing
      ENUMERATION
      • Knowledge of Enumeration Concepts
      • Knowledge of different techniques for NetBIOS Enumeration
      • Knowledge of different techniques for SNMP enumeration
      • Knowledge of different techniques for LDAP enumeration
      • Knowledge of different techniques for NTP enumeration
      • Knowledge of different techniques for SMTP and DNS enumeration countermeasures
      • Knowledge of enumeration pen testing
      VULNERABILITY ANALYSIS
      • Vulnerability of the management life cycle
      • Knowledge of various approaches to vulnerability analysis
      • Tools used to perform the vulnerability assessments
      • Vulnerability analysis tools and techniques
      SCANNING NETWORKS
      • Knowledge of networking scanning
      • Knowledge of different techniques to check for Live Systems
      • Knowledge of different techniques to check for Open Ports
      • Knowledge of various scanning techniques
      • Knowledge of various IDS Evasion Techniques
      • Knowledge of banner grabbing
      • Knowledge of Vulnerability scanning
      • Drawing network diagrams
      • Using Proxies and Anonymizer for attack
      • Knowledge of IP Spoofing and various detection techniques
      • Knowledge of scanning and Pen Testing

       

      SYSTEM HACKING
      • Knowledge of CEH Hacking Methodology
      • Knowledge of different techniques to gain access to the system
      • Knowledge of privilege escalation techniques
      • Knowledge of different techniques to create and maintain remote access to the system
      • Knowledge of different types of Rootkits
      • Knowledge of Steganography and Steganalysis
      • Knowledge of techniques to hide the evidence of compromise
      • Knowledge of system hacking penetration testing
      SOCIAL ENGINEERING
      • Knowledge of social engineering
      • Knowledge of various social engineering techniques
      • Knowledge of insider threats
      • Knowledge of impersonation on social networking sites
      • Knowledge of identity theft
      • Social engineering countermeasures
      • Identify theft countermeasures
      • Knowledge of Social Engineering Pen Testing
      DENIAL-OF-SERVICE
      • Knowledge of Denial of Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
      • Overview different DoS/DDoS) attack techniques
      • Knowledge of the botnet network
      • Knowledge of various DoS and DDoS Attack Tools
      • DoS/DDoS Countermeasures
      • Knowledge of DoS Attack Penetration Testing
      SESSION HIJACKING
      • Knowledge of session hijacking concepts
      • Knowledge of application-level session hijacking
      • Knowledge of network-level session hijacking
      • Session hijacking tools
      • Session hijacking countermeasures
      • Knowledge of session hijacking penetration testing
      MALWARE THREATS
      • Introduction to malware and malware propagation techniques
      • Knowledge of Trojans, their types, and how to infect systems
      • Knowledge of viruses, their types, and how they infect files
      • Introduction to computer worm
      • Knowledge of the Malware Analysis Process
      • Knowledge of different techniques to detect malware
      • Malware countermeasures
      • Knowledge of Malware penetration testing
      SNIFFING
      • Knowledge of sniffing concepts
      • Knowledge of MAC attacks
      • Knowledge of DHCP attacks
      • Knowledge of ARP Poisoning
      • Knowledge of MAC Spoofing attacks
      • Knowledge of DNS poisoning
      • Sniffing tools
      • Sniffing countermeasures
      • Knowledge of various techniques to detect sniffing
      • Knowledge of sniffing Pen Testing
      EVADING IDS, FIREWALLS, AND HONEYPOTS
      • Knowledge of IDS, Firewall, and honeypot concepts
      • IDS, Firewall and honeypot solutions
      • Knowledge of different techniques to bypass IDS
      • Knowledge of different techniques to bypass firewalls
      • IDS/Firewall evading tools
      • Knowledge of different techniques to detect honeypots
      • IDS/Firewall evasion countermeasures
      • Knowledge of IDS and firewall Penetration Testing
      HACKING WEB APPLICATIONS
      • Knowledge of web application concepts
      • Knowledge of web application threats
      • Knowledge of web application hacking methodology
      • Web application hacking tools
      • Knowledge of web application countermeasures
      • Web application security tools
      • Knowledge of web application penetration testing
      IOT HACKING
      • Knowledge of IoT concepts
      • Cryptography tools
      • Knowledge of various IoT threats and attacks
      • Knowledge of IoT Hacking
      • Knowledge of IoT attacks
      • IoT security Tools

       

      SQL INJECTION
      • Knowledge of SQL injection concepts
      • Knowledge of various types of SQL injection attacks
      • Knowledge of SQL injection methodology
      • SQL injection tools
      • Knowledge of different IDS evasion techniques
      • SQL injection countermeasures
      • SQL injection detection tools
      HACKING WEB SERVERS
      • Knowledge of web server concepts
      • Knowledge of webserver attacks
      • Knowledge of web server attack methodology
      • Webserver attack tools
      • Countermeasures against webserver attacks
      • Knowledge of Patch Management
      • Webserver security tools
      • Knowledge of Web server penetration testing

       

      HACKING WIRELESS NETWORKS
      • Knowledge of wireless concepts
      • Knowledge of wireless encryption algorithms
      • Knowledge of wireless threats
      • Knowledge of wireless hacking methodology
      • Wireless hacking tools
      • Knowledge of Bluetooth hacking techniques
      • Knowledge of wireless hacking countermeasures
      • Wireless security tools
      • Knowledge of wireless penetration testing
      HACKING MOBILE PLATFORMS
      • Knowledge of mobile attack platform vectors
      • Knowledge of various android threat and attacks
      • Knowledge of various iOS threats and attacks
      • Knowledge of various Windows Phone OS threats and attacks
      • Knowledge of various blackberry threats and attacks
      • Knowledge of mobile device management (MDM)
      • Mobile Security Guidelines and security tools
      • Knowledge of Mobile Penetration Testing
      CLOUD COMPUTING
      • Knowledge of Cloud Computing Concepts
      • Knowledge of Cloud Computing Threats
      • Knowledge of Cloud Computing Attacks
      • Knowledge of Cloud Computing Security
      • Cloud computing Security tools
      • Knowledge of Cloud Penetration testing

       

  • EC-Council Certified Security Analyst
    • Syllabus
      • Penetration Testing General Concepts
      • Introduction to Penetration Testing Methodologies MCQs and Processes MCQs.
      • Penetration Testing Scoping and Engagement Methodologies MCQs
      • Open-Source Intelligence (OSINT) Methodologies MCQs
      • Social Engineering Penetration Testing Methodologies MCQs
      • External Network Penetration Testing Methodologies MCQs
      • Internal Network Penetration Testing Methodologies MCQs
      • Perimeter Network Penetration Testing Methodologies MCQs
      • Web Application Penetration Testing Methodologies MCQs
      • Database Penetration Testing Methodologies MCQs
      • Wireless Penetration Testing Methodologies MCQs
      • Cloud Penetration Testing Methodologies MCQs
      • Report Writing and Post Testing Actions MCQs

Syllabus of Certified Information Systems

Working Area 1-> Information System Auditing Process

Planning

  • Planning of IS Audit Standards, Guidelines, and Codes of Ethics
  • Planning of Business Processes
  • Planning of Types of Controls
  • Planning of Risk-based Audit Planning
  • Planning of Types of Audits and Assessments

Execution

  • Execution of Audit Project Management
  • Execution of Sampling Methodology
  • Execution of audit Evidence Collection Techniques o Data Analytics
  • Execution of reporting and Communication Techniques
  • Execution of Quality Assurance and Improvement of the Audit Process

Working Area 2-> Governance and Management of IT

 IT Governance and IT Strategy 

  • IT Standards, Policies and Procedures o Organizational Structure
  • Enterprise Architecture
  • Enterprise Risk Management o Maturity Models
  • Laws, Regulations and Industry Standards Affecting the Organization
  • IT Management
  •  IT Resource Management
  • IT Service Provider Acquisition and Management of IT Performance Monitoring and Reporting
  • Quality Assurance and Quality Management of IT

Working Area 3-> Information Systems Acquisition, Development and Implementation

  • Information Systems Acquisition and Development o Project Governance and Management
  • Business Case and Feasibility Analysis o System Development Methodologies
  • Control Identification and Design
  • Information Systems Implementation
  • Testing Methodologies
  • Configuration and Release Management
  • System Migration, Infrastructure Deployment, and Data Conversion
  • Post-implementation Review

Working Area 4-> IS Operations and Business Resilience

 

  • Information Systems Operations
  • Common Technology Components
  • IT Asset Management
  • Job Scheduling and Production Process Automation
  • System Interfaces
  • End-user Computing
  • Data Governance
  • Systems Performance Management
  • Problem and Incident Management
  • Change, Configuration, Release and Patch Management
  • T Service Level Management
  • Database Management
  • Business Resilience
  • Business Impact Analysis
  • System Resiliency
  • Data Backup, Storage and Restoration o Business Continuity Plan
  • Disaster Recovery Plans

Working Area 5-> Information Asset Security and Control

 

  • Information Asset Security Frameworks, Standards, and Guidelines o Privacy Principles
  • Physical Access and Environmental Controls o Identity and Access Management
  • Network and End-point Security o Data Classification
  • Data Encryption and Encryption-related Techniques o Public Key Infrastructure
  • Web-based Communication Technologies o Virtualized Environments
  • Mobile, Wireless and Internet-of-things Devices
  • Security Event Management
  • Security Awareness Training and Programs
  • Information System Attack Methods and Techniques o Security Testing Tools and Techniques
  • Security Monitoring Tools and Techniques o Incident Response Management
  • Evidence Collection and Forensics

 

Security Professional (CISSP)

Syllabus

  • Cryptography
  • Security Architecture and Design
  • Operations Security
  • Information Security Governance and Risk Management
  • Software Development Security
  • Business Continuity and Disaster Recovery Planning
  • Telecommunications and Network Security
  • Legal, Regulations, Investigations and Compliance
  • Physical Security
  • Access Control

Syllabus of EC-Council Certified SOC Analyst (CSA)

 

Understanding cyber threats, IoCs, and attack methodology

  •  cyber threats and attacks
  • Knowledge of  Network Level attacks
  • Knowledge of  Host Level attacks
  • Knowledge of  Application Level attacks
  • Knowledge of  Indicators of Compromise (IoCs)
  • Knowledge of  attacker’s Hacking Methodology

Incidents, events, and logging

  • Knowledge of  fundamentals of incidents, events, and logging
  • Explain the concepts of local logging
  • Explain the concepts of centralized logging

Incident detection with Security Information and Event Management (SIEM)

  • Knowledge of  basic concepts of Security Information and Event Management (SIEM)
  • Knowledge of  different SIEM Solutions
  • Knowledge of  SIEM Deployment
  • Understanding of  different use case examples for Application-Level Incident Detection
  • Understanding of  different use case examples for Insider Incident Detection
  • Understanding of  different use case examples for Network Level Incident Detection
  • Understanding of  different use case examples for Host Level Incident Detection
  • Understanding of  different use case examples for Compliance
  • Knowledge of the concept of handling alert triaging and analysis

Incident response

  • Knowledge of  fundamental concepts of incident response
  • Understanding of  various phases in Incident Response Process
  • Understanding of  how to respond to Network Security Incidents
  • Understanding of  how to respond to Application Security Incidents
  • Understanding of  how to respond to Email Security Incidents
  • Understanding of  how to respond to Insider Incidents
  • Understanding of  how to respond to Malware Incidents

Security operations and management

  • Knowledge of  SOC Fundamentals
  • Knowledge of  components of SOC: People, processes and technology
  • Knowledge of  implementation of SOC

 

Enhanced incident detection with threat intelligence

  • Understanding of  fundamental concepts on threat intelligence
  • Understanding of  different types of threat intelligence
  • Understand how threat intelligence strategy is developed
  • Understanding of  different threat intelligence sources from which intelligence can be obtained
  • Understanding of  different Threat Intelligence Platform (TIP)
  • Knowledge of  need of threat intelligence-driven SOC

 

 

 

MCQs Preparation for Assistant Manager Penetration Testing

  • Computer Hacking Forensic Investigator (CHFI)
  • Cyber Security Forensic Analyst (CSFA)
  • Certified Ethical Hacker (CEH)
  • EC-Council Certified Security Analyst
  • Certified Information Systems
  • Security Professional (CISSP)
  • EC-Council Certified SOC Analyst (CSA)

MCQs Preparation for Network Security, SOC Analyst

  • Computer Hacking Forensic Investigator (CHFI)
  • Cyber Security Forensic Analyst (CSFA)
  • Certified Ethical Hacker (CEH)
  • EC-Council Certified Security Analyst
  • Certified Information Systems
  • Security Professional (CISSP)
  • EC-Council Certified SOC Analyst (CSA)

MCQs Preparation for Assistant Manager (HRIS)

  • Human Resource Information System(HRIS)
  • Support and maintenance of HR System
  • generating HR related reports
  • managing system upgrades and maintains data integrity
  • Analyzing HRIS performance System
  • Integrating new software
  • maintain data bases and running queries
  • implementation of Technological advancement.

These MCQs are also best for Atomic Energy Commission Jobs.

 

 

Prof.Fazal Rehman Shamil (Available for Professional Discussions)
1. Message on Facebook page for discussions,
2. Video lectures on Youtube
3. Email is only for Advertisement/business enquiries.