Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 18

Which of the following is considered an exploit framework and has the ability to perform automated attacks on services, ports, applications and unpatched security flaws in a computer system?

Wireshark 

Maltego 

Metasploit 

Nessus

SHOW ANSWER

Which of the following viruses tries to hide from anti-virus programs by actively altering and corrupting the chosen service call interruptions when they are being run?

Cavity virus 

Polymorphic virus 

Tunneling virus 

Stealth virus

SHOW ANSWER

There are several ways to gain insight on how a cryptosystem works with the goal of reverse engineering the process. A term describes when two pieces of data result in the same value is?

 Collision 

Collusion 

Polymorphism

Escrow

SHOW ANSWER

The network in ABC company is using the network address 192.168.1.64 with mask 255.255.255.192. In the network the servers are in the addresses 192.168.1.122, 192.168.1.123 and 192.168.1.124. An attacker is trying to find those servers but he cannot see them in his scanning. The command he is using is: nmap 192.168.1.64/28. Why he cannot see the servers?

The network must be down and the nmap command and IP address are ok. 

He needs to add the command ''''ip address'''' just before the IP address. 

He is scanning from 192.168.1.64 to 192.168.1.78 because of the mask /28 and the servers are not in that range. 

He needs to change the address to 192.168.1.0 with the same mask.

SHOW ANSWER

When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?

Network tap 

Layer 3 switch 

Network bridge 

Application firewall

SHOW ANSWER

An attacker gains access to a Web server's database and displays the contents of the table that holds all of the names, passwords, and other user information. The attacker did this by entering information into the Web site's user login page that the software's designers did not expect to be entered. This is an example of what kind of software design problem?

 Insufficient input validation 

Insufficient exception handling 

Insufficient database hardening 

Insufficient security management

SHOW ANSWER

What type of malware is it that restricts access to a computer system that it infects and demands that the user pay a certain amount of money, cryptocurrency, etc. to the operators of the malware to remove the restriction?

Ransomware 

Riskware 

Adware 

Spyware

SHOW ANSWER

What is the name of the attack which is mentioned in the scenario?

 HTTP Parameter Pollution 

HTML Injection 

Session Fixation 

ClickJacking Attack

SHOW ANSWER

You are a Penetration Tester and are assigned to scan a server. You need to use a scanning technique wherein the TCP Header is split into many packets so that it becomes difficult to detect what the packets are meant for. Which of the below scanning technique will you use?

 ACK flag scanning 

TCP Scanning 

IP Fragment Scanning 

Inverse TCP flag scanning

SHOW ANSWER

You've just discovered a server that is currently active within the same network with the machine you recently compromised. You ping it but it did not respond. What could be the case?

TCP/IP doesn't support ICMP 

ARP is disabled on the target server 

ICMP could be disabled on the target server 

You need to run the ping command with root privileges

SHOW ANSWER

How can a rootkit bypass Windows 7 operating system's kernel mode, code signing policy?

Defeating the scanner from detecting any code change at the kernel 

Replacing patch system calls with its own version that hides the rootkit (attacker's) actions 

Performing common services for the application process and replacing real applications with fake ones 

Attaching itself to the master boot record in a hard drive and changing the machine's boot sequence/options 

SHOW ANSWER

An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of the logged events do not match up. What is the most likely cause?

The network devices are not all synchronized. 

Proper chain of custody was not observed while collecting the logs. 

The attacker altered or erased events from the logs. 

The security breach was a false positive.

SHOW ANSWER

John the Ripper is a technical assessment tool used to test the weakness of which of the following?

Usernames 

File permissions 

Firewall rulesets 

Passwords 

SHOW ANSWER

You are using NMAP to resolve domain names into IP addresses for a ping sweep later. Which of the following commands looks for IP addresses?

 >host -t a hackeddomain.com 

>host -t soa hackeddomain.com 

>host -t ns hackeddomain.com 

>host -t AXFR hackeddomain.com

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in