Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 15

Which set of access control solutions implements two-factor authentication?

 USB token and PIN 

Fingerprint scanner and retina scanner 

Password and PIN 

 Account and password

SHOW ANSWER

An attacker is using nmap to do a ping sweep and a port scanning in a subnet of 254 addresses. In which order should he perform these steps?

The sequence does not matter. Both steps have to be performed against all hosts.

First the port scan to identify interesting services and then the ping sweep to find hosts responding to icmp echo requests

First the ping sweep to identify live hosts and then the port scan on the live hosts. This way he saves time

The port scan alone is adequate. This way he saves time

SHOW ANSWER

Which type of intrusion detection system can monitor and alert on attacks, but cannot stop them?

Detective

 Passive 

Intuitive 

Reactive

SHOW ANSWER

In the field of cryptanalysis, what is meant by a "rubber-hose" attack?

Attempting to decrypt cipher text by making logical assumptions about the contents of the original plain text. 

Extraction of cryptographic secrets through coercion or torture.

 Forcing the targeted key stream through a hardware-accelerated device such as an ASIC

A backdoor placed into a cryptographic algorithm by its creator. 

SHOW ANSWER

An attacker has been successfully modifying the purchase price of items purchased on the company's web site. The security administrators verify the web server and Oracle database have not been compromised directly. They have also verified the Intrusion Detection System (IDS) logs and found no attacks that could have caused this. What is the mostly likely way the attacker has been able to modify the purchase price?

By using SQL injection 

By changing hidden form values 

By using cross site scripting 

By utilizing a buffer overflow attack

SHOW ANSWER

Which of the following is an extremely common IDS evasion technique in the web world?

unicode characters 

spyware 

 port knocking

subnetting

SHOW ANSWER

The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the central processing unit (CPU), rather than passing only the frames that the controller is intended to receive. Which of the following is being described?

 promiscuous mode 

port forwarding 

multi-cast mode 

WEM

SHOW ANSWER

Bob, a system administrator at TPNQM SA, concluded one day that a DMZ is not needed if he properly configures the firewall to allow access just to servers/ports, which can have direct internet access, and block the access to workstations. Bob also concluded that DMZ makes sense just when a stateful firewall is available, which is not the case of TPNQM SA. In this context, what can you say?

Bob can be right since DMZ does not make sense when combined with stateless firewalls

Bob is partially right. He does not need to separate networks if he can create rules by destination IPs, one by one 

Bob is totally wrong. DMZ is always relevant when the company has internet servers and workstations

 Bob is partially right. DMZ does not make sense when a stateless firewall is available

SHOW ANSWER

Which address translation scheme would allow a single public IP address to always correspond to a single machine on an internal network, allowing "server publishing"?

Overloading Port Address Translation 

Dynamic Port Address Translation

Dynamic Network Address Translation 

 Static Network Address Translation 

SHOW ANSWER

Which of the following is a passive wireless packet analyzer that works on Linux-based systems?

 Burp Suite 

 OpenVAS 

tshark 

Kismet

SHOW ANSWER

Which of the following is the greatest threat posed by backups?

 A backup is the source of Malware or illicit information. 

 A backup is unavailable during disaster recovery. 

 A backup is incomplete because no verification was performed. 

An un-encrypted backup can be misplaced or stolen.

SHOW ANSWER

Which Type of scan sends a packets with no flags set?

Open Scan

Null Scan 

Xmas Scan 

Half-Open Scan

SHOW ANSWER

Ricardo wants to send secret messages to a competitor company. To secure these messages, he uses a technique of hiding a secret message within an ordinary message. The technique provides 'security through obscurity'. What technique is Ricardo using?

 Steganography 

ublic-key cryptography 

RSA algorithm 

 Encryption

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in