MCQs Preparation for Assistant Manager (Digital Forensics. Malware Analysis)
- Computer Hacking Forensic Investigator (CHFI)
- CHFI Syllabus
- Computer Forensics Nowadays MCQs.
- Process of Computer Forensics Investigation MCQs.
- Understanding File Systems MCQs.
- Understanding Hard Disks MCQs.
- Malware Forensics MCQs.
- Defeating Anti-Forensics Techniques MCQs.
- Data Acquisition and Duplication MCQs.
- Investigating E-mail Crimes MCQs.
- Mobile Forensics MCQs.
- Operating System Forensics MCQs.
- Investigating Web Attacks MCQs.
- Database Forensics MCQs.
- Cloud Forensics MCQs.
- Investigative Reports MCQs.
- Network Forensics MCQs.
- CHFI Syllabus
- Cyber Security Forensic Analyst (CSFA)
- Syllabus
- Windows Operating Systems print spool files MCQs.
- Windows Operating Systems Prefetch MCQs.
- Windows Operating Systems registry MCQs.
- Windows Operating Systems shortcuts MCQs.
- Windows Operating Systems swap file MCQs.
- Windows Operating Systems Volume Shadow Copy MCQs.
- Working as an expert technical witness MCQs.
- Active, archival and latent data MCQs.
- Affidavits, motions, and subpoenas MCQs.
- Compact Disc analysis MCQs.
- Metadata for Microsoft Office and PDF documents MCQs.
- NTFS MCQs.
- Overcoming encryption mechanisms and password protection MCQs.
- PC hardware concepts MCQs.
- Privacy issues MCQs.
- Rules of evidence MCQs.
- Conducting keyword boolean searches MCQs.
- Creating understandable and accurate reports MCQs.
- Interpreting Internet History and HTTP concepts MCQs.
- Manual and automated data recovery MCQs.
- Creating forensically fit working copies of media MCQs.
- Interpretation of various log formats MCQs.
- TCP/IP concepts MCQs.
- Documentation, chain of custody, and evidence handling procedures MCQs.
- FAT 16/32 file systems MCQs.
- File Headers and Footers MCQs.
- Unallocated space, RAM slack, drive slack, and File slack MCQs.
- Hashes and Checksums MCQs.
- Imaging handheld devices MCQs.
- Insurance/liability issues MCQs.
- Syllabus
- Certified Ethical Hacker (CEH)
-
COURSE OUTLINE
INTRO TO ETHICAL HACKING
- Knowledge of Current Security Trends
- Knowledge of Elements of Information Security
- Knowledge of Information Security Threats and Attack Vectors
- Knowledge of hacking concepts, types, and phases
- Knowledge of ethical hacking concepts and scope
- Knowledge of information security management and defense-in-depth
- Knowledge of policies, procedures, and awareness
- Knowledge of physical security and controls
- Knowledge of incidence management process
- Knowledge of vulnerability assessment and penetration testing
- Knowledge of information security acts and laws
CRYPTOGRAPHY
- Knowledge of Cryptography concepts
- Knowledge of encryption algorithms
- Cryptography tools
- Knowledge of Public Key Infrastructure (PKI)
- Knowledge of email encryption
- Knowledge of disk encryption
- Knowledge of Cryptography attacks
- Cryptanalysis Tools
FOOTPRINTING AND RECONNAISSANCE
- Knowledge of footprinting concepts
- Footprinting through search engines
- Footprint using advanced google hacking techniques
- Footprint through social networking sites
- Knowledge of different techniques for website footprinting
- Knowledge of different techniques for email footprinting
- Knowledge of different techniques of competitive intelligence
- Knowledge of different techniques for WHO IS footprinting
- Knowledge of different techniques for network footprinting
- Knowledge of different techniques of footprinting through social engineering
- Footprinting tools
- Footprinting countermeasures
- Knowledge of footprinting Pen Testing
ENUMERATION
- Knowledge of Enumeration Concepts
- Knowledge of different techniques for NetBIOS Enumeration
- Knowledge of different techniques for SNMP enumeration
- Knowledge of different techniques for LDAP enumeration
- Knowledge of different techniques for NTP enumeration
- Knowledge of different techniques for SMTP and DNS enumeration countermeasures
- Knowledge of enumeration pen testing
VULNERABILITY ANALYSIS
- Vulnerability of the management life cycle
- Knowledge of various approaches to vulnerability analysis
- Tools used to perform the vulnerability assessments
- Vulnerability analysis tools and techniques
SCANNING NETWORKS
- Knowledge of networking scanning
- Knowledge of different techniques to check for Live Systems
- Knowledge of different techniques to check for Open Ports
- Knowledge of various scanning techniques
- Knowledge of various IDS Evasion Techniques
- Knowledge of banner grabbing
- Knowledge of Vulnerability scanning
- Drawing network diagrams
- Using Proxies and Anonymizer for attack
- Knowledge of IP Spoofing and various detection techniques
- Knowledge of scanning and Pen Testing
SYSTEM HACKING
- Knowledge of CEH Hacking Methodology
- Knowledge of different techniques to gain access to the system
- Knowledge of privilege escalation techniques
- Knowledge of different techniques to create and maintain remote access to the system
- Knowledge of different types of Rootkits
- Knowledge of Steganography and Steganalysis
- Knowledge of techniques to hide the evidence of compromise
- Knowledge of system hacking penetration testing
SOCIAL ENGINEERING
- Knowledge of social engineering
- Knowledge of various social engineering techniques
- Knowledge of insider threats
- Knowledge of impersonation on social networking sites
- Knowledge of identity theft
- Social engineering countermeasures
- Identify theft countermeasures
- Knowledge of Social Engineering Pen Testing
DENIAL-OF-SERVICE
- Knowledge of Denial of Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
- Overview different DoS/DDoS) attack techniques
- Knowledge of the botnet network
- Knowledge of various DoS and DDoS Attack Tools
- DoS/DDoS Countermeasures
- Knowledge of DoS Attack Penetration Testing
SESSION HIJACKING
- Knowledge of session hijacking concepts
- Knowledge of application-level session hijacking
- Knowledge of network-level session hijacking
- Session hijacking tools
- Session hijacking countermeasures
- Knowledge of session hijacking penetration testing
MALWARE THREATS
- Introduction to malware and malware propagation techniques
- Knowledge of Trojans, their types, and how to infect systems
- Knowledge of viruses, their types, and how they infect files
- Introduction to computer worm
- Knowledge of the Malware Analysis Process
- Knowledge of different techniques to detect malware
- Malware countermeasures
- Knowledge of Malware penetration testing
SNIFFING
- Knowledge of sniffing concepts
- Knowledge of MAC attacks
- Knowledge of DHCP attacks
- Knowledge of ARP Poisoning
- Knowledge of MAC Spoofing attacks
- Knowledge of DNS poisoning
- Sniffing tools
- Sniffing countermeasures
- Knowledge of various techniques to detect sniffing
- Knowledge of sniffing Pen Testing
EVADING IDS, FIREWALLS, AND HONEYPOTS
- Knowledge of IDS, Firewall, and honeypot concepts
- IDS, Firewall and honeypot solutions
- Knowledge of different techniques to bypass IDS
- Knowledge of different techniques to bypass firewalls
- IDS/Firewall evading tools
- Knowledge of different techniques to detect honeypots
- IDS/Firewall evasion countermeasures
- Knowledge of IDS and firewall Penetration Testing
HACKING WEB APPLICATIONS
- Knowledge of web application concepts
- Knowledge of web application threats
- Knowledge of web application hacking methodology
- Web application hacking tools
- Knowledge of web application countermeasures
- Web application security tools
- Knowledge of web application penetration testing
IOT HACKING
- Knowledge of IoT concepts
- Cryptography tools
- Knowledge of various IoT threats and attacks
- Knowledge of IoT Hacking
- Knowledge of IoT attacks
- IoT security Tools
SQL INJECTION
- Knowledge of SQL injection concepts
- Knowledge of various types of SQL injection attacks
- Knowledge of SQL injection methodology
- SQL injection tools
- Knowledge of different IDS evasion techniques
- SQL injection countermeasures
- SQL injection detection tools
HACKING WEB SERVERS
- Knowledge of web server concepts
- Knowledge of webserver attacks
- Knowledge of web server attack methodology
- Webserver attack tools
- Countermeasures against webserver attacks
- Knowledge of Patch Management
- Webserver security tools
- Knowledge of Web server penetration testing
HACKING WIRELESS NETWORKS
- Knowledge of wireless concepts
- Knowledge of wireless encryption algorithms
- Knowledge of wireless threats
- Knowledge of wireless hacking methodology
- Wireless hacking tools
- Knowledge of Bluetooth hacking techniques
- Knowledge of wireless hacking countermeasures
- Wireless security tools
- Knowledge of wireless penetration testing
HACKING MOBILE PLATFORMS
- Knowledge of mobile attack platform vectors
- Knowledge of various android threat and attacks
- Knowledge of various iOS threats and attacks
- Knowledge of various Windows Phone OS threats and attacks
- Knowledge of various blackberry threats and attacks
- Knowledge of mobile device management (MDM)
- Mobile Security Guidelines and security tools
- Knowledge of Mobile Penetration Testing
CLOUD COMPUTING
- Knowledge of Cloud Computing Concepts
- Knowledge of Cloud Computing Threats
- Knowledge of Cloud Computing Attacks
- Knowledge of Cloud Computing Security
- Cloud computing Security tools
- Knowledge of Cloud Penetration testing
-
- EC-Council Certified Security Analyst
- Syllabus
- Penetration Testing General Concepts
- Introduction to Penetration Testing Methodologies MCQs and Processes MCQs.
- Penetration Testing Scoping and Engagement Methodologies MCQs
- Open-Source Intelligence (OSINT) Methodologies MCQs
- Social Engineering Penetration Testing Methodologies MCQs
- External Network Penetration Testing Methodologies MCQs
- Internal Network Penetration Testing Methodologies MCQs
- Perimeter Network Penetration Testing Methodologies MCQs
- Web Application Penetration Testing Methodologies MCQs
- Database Penetration Testing Methodologies MCQs
- Wireless Penetration Testing Methodologies MCQs
- Cloud Penetration Testing Methodologies MCQs
- Report Writing and Post Testing Actions MCQs
- Syllabus
Syllabus of Certified Information Systems
Working Area 1-> Information System Auditing Process
Planning
- Planning of IS Audit Standards, Guidelines, and Codes of Ethics
- Planning of Business Processes
- Planning of Types of Controls
- Planning of Risk-based Audit Planning
- Planning of Types of Audits and Assessments
Execution
- Execution of Audit Project Management
- Execution of Sampling Methodology
- Execution of audit Evidence Collection Techniques o Data Analytics
- Execution of reporting and Communication Techniques
- Execution of Quality Assurance and Improvement of the Audit Process
Working Area 2-> Governance and Management of IT
IT Governance and IT Strategy
- IT Standards, Policies and Procedures o Organizational Structure
- Enterprise Architecture
- Enterprise Risk Management o Maturity Models
- Laws, Regulations and Industry Standards Affecting the Organization
- IT Management
- IT Resource Management
- IT Service Provider Acquisition and Management of IT Performance Monitoring and Reporting
- Quality Assurance and Quality Management of IT
Working Area 3-> Information Systems Acquisition, Development and Implementation
- Information Systems Acquisition and Development o Project Governance and Management
- Business Case and Feasibility Analysis o System Development Methodologies
- Control Identification and Design
- Information Systems Implementation
- Testing Methodologies
- Configuration and Release Management
- System Migration, Infrastructure Deployment, and Data Conversion
- Post-implementation Review
Working Area 4-> IS Operations and Business Resilience
- Information Systems Operations
- Common Technology Components
- IT Asset Management
- Job Scheduling and Production Process Automation
- System Interfaces
- End-user Computing
- Data Governance
- Systems Performance Management
- Problem and Incident Management
- Change, Configuration, Release and Patch Management
- T Service Level Management
- Database Management
- Business Resilience
- Business Impact Analysis
- System Resiliency
- Data Backup, Storage and Restoration o Business Continuity Plan
- Disaster Recovery Plans
Working Area 5-> Information Asset Security and Control
- Information Asset Security Frameworks, Standards, and Guidelines o Privacy Principles
- Physical Access and Environmental Controls o Identity and Access Management
- Network and End-point Security o Data Classification
- Data Encryption and Encryption-related Techniques o Public Key Infrastructure
- Web-based Communication Technologies o Virtualized Environments
- Mobile, Wireless and Internet-of-things Devices
- Security Event Management
- Security Awareness Training and Programs
- Information System Attack Methods and Techniques o Security Testing Tools and Techniques
- Security Monitoring Tools and Techniques o Incident Response Management
- Evidence Collection and Forensics
Security Professional (CISSP)
Syllabus
- Cryptography
- Security Architecture and Design
- Operations Security
- Information Security Governance and Risk Management
- Software Development Security
- Business Continuity and Disaster Recovery Planning
- Telecommunications and Network Security
- Legal, Regulations, Investigations and Compliance
- Physical Security
- Access Control
Syllabus of EC-Council Certified SOC Analyst (CSA)
Understanding cyber threats, IoCs, and attack methodology
- cyber threats and attacks
- Knowledge of Network Level attacks
- Knowledge of Host Level attacks
- Knowledge of Application Level attacks
- Knowledge of Indicators of Compromise (IoCs)
- Knowledge of attacker’s Hacking Methodology
Incidents, events, and logging
- Knowledge of fundamentals of incidents, events, and logging
- Explain the concepts of local logging
- Explain the concepts of centralized logging
Incident detection with Security Information and Event Management (SIEM)
- Knowledge of basic concepts of Security Information and Event Management (SIEM)
- Knowledge of different SIEM Solutions
- Knowledge of SIEM Deployment
- Understanding of different use case examples for Application-Level Incident Detection
- Understanding of different use case examples for Insider Incident Detection
- Understanding of different use case examples for Network Level Incident Detection
- Understanding of different use case examples for Host Level Incident Detection
- Understanding of different use case examples for Compliance
- Knowledge of the concept of handling alert triaging and analysis
Incident response
- Knowledge of fundamental concepts of incident response
- Understanding of various phases in Incident Response Process
- Understanding of how to respond to Network Security Incidents
- Understanding of how to respond to Application Security Incidents
- Understanding of how to respond to Email Security Incidents
- Understanding of how to respond to Insider Incidents
- Understanding of how to respond to Malware Incidents
Security operations and management
- Knowledge of SOC Fundamentals
- Knowledge of components of SOC: People, processes and technology
- Knowledge of implementation of SOC
Enhanced incident detection with threat intelligence
- Understanding of fundamental concepts on threat intelligence
- Understanding of different types of threat intelligence
- Understand how threat intelligence strategy is developed
- Understanding of different threat intelligence sources from which intelligence can be obtained
- Understanding of different Threat Intelligence Platform (TIP)
- Knowledge of need of threat intelligence-driven SOC
MCQs Preparation for Assistant Manager Penetration Testing
- Computer Hacking Forensic Investigator (CHFI)
- Cyber Security Forensic Analyst (CSFA)
- Certified Ethical Hacker (CEH)
- EC-Council Certified Security Analyst
- Certified Information Systems
- Security Professional (CISSP)
- EC-Council Certified SOC Analyst (CSA)
MCQs Preparation for Network Security, SOC Analyst
- Computer Hacking Forensic Investigator (CHFI)
- Cyber Security Forensic Analyst (CSFA)
- Certified Ethical Hacker (CEH)
- EC-Council Certified Security Analyst
- Certified Information Systems
- Security Professional (CISSP)
- EC-Council Certified SOC Analyst (CSA)
MCQs Preparation for Assistant Manager (HRIS)
- Human Resource Information System(HRIS)
- Support and maintenance of HR System
- generating HR related reports
- managing system upgrades and maintains data integrity
- Analyzing HRIS performance System
- Integrating new software
- maintain data bases and running queries
- implementation of Technological advancement.
These MCQs are also best for Atomic Energy Commission Jobs.
