Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 19

A company has hired a security administrator to maintain and administer Linux and Windows-based systems. Written in the nightly report file is the following: Firewall log files are at the expected value of 4 MB. The current time is 12am. Exactly two hours later the size has decreased considerably. Another hour goes by and the log files have shrunk in size again. Which of the following actions should the security administrator take?

 Log the event as suspicious activity and report this behavior to the incident response team immediately.

Log the event as suspicious activity, call a manager, and report this as soon as possible. 

Run an anti-virus scan because it is likely the system is infected by malware. 

Log the event as suspicious activity, continue to investigate, and act according to the site's security policy.

SHOW ANSWER

Which of the following identifies the three modes in which Snort can be configured to run?

Sniffer, Packet Logger, and Network Intrusion Detection System 

Sniffer, Network Intrusion Detection System, and Host Intrusion Detection System 

Sniffer, Host Intrusion Prevention System, and Network Intrusion Prevention System 

Sniffer, Packet Logger, and Host Intrusion Prevention System

SHOW ANSWER

Which of the following statements about a zone transfer is correct? (Choose three.)

A zone transfer is accomplished with the DNS 

A zone transfer is accomplished with the nslookup service 

A zone transfer passes all zone information that a DNS server maintains 

A zone transfer passes all zone information that a nslookup server maintains 

A zone transfer can be prevented by blocking all inbound TCP port 53 connections 

Zone transfers cannot occur on the Internet

SHOW ANSWER

A well-intentioned researcher discovers a vulnerability on the web site of a major corporation. What should he do?

 Ignore it. 

Try to sell the information to a well-paying party on the dark web. 

Notify the web site owner so that corrective action be taken as soon as possible to patch the vulnerability. 

Exploit the vulnerability without harming the web site owner so that attention be drawn to the problem

SHOW ANSWER

You are an Ethical Hacker who is auditing the ABC company. When you verify the NOC one of the machines has 2 connections, one wired and the other wireless. When you verify the configuration of this Windows system you find two static routes. route add 10.0.0.0 mask 255.0.0.0 10.0.0.1 route add 0.0.0.0 mask 255.0.0.0 199.168.0.1 What is the main purpose of those static routes?

Both static routes indicate that the traffic is external with different gateway. 

The first static route indicates that the internal traffic will use an external gateway and the second static route indicates that the traffic will be rerouted. 

Both static routes indicate that the traffic is internal with different gateway. 

The first static route indicates that the internal addresses are using the internal gateway and the second static route indicates that all the traffic that is not internal must go to an external gateway.

SHOW ANSWER

Which of the following statements regarding ethical hacking is incorrect?

 Ethical hackers should never use tools or methods that have the potential of exploiting vulnerabilities in an organization's systems. 

Testing should be remotely performed offsite. 

An organization should use ethical hackers who do not sell vendor hardware/software or other consulting services. 

Ethical hacking should not involve writing to or modifying the target systems.

SHOW ANSWER

Low humidity in a data center can cause which of the following problems?

Heat 

Corrosion 

Static electricity 

Airborne contamination

SHOW ANSWER

Seth is starting a penetration test from inside the network. He hasn't been given any information about the network. What type of test is he conducting?

 Internal Whitebox 

External, Whitebox 

Internal, Blackbox 

External, Blackbox

SHOW ANSWER

Which type of scan measures a person's external features through a digital video camera?

 Iris scan 

 Retinal scan 

Facial recognition scan 

Signature kinetics scan

SHOW ANSWER

A security policy will be more accepted by employees if it is consistent and has the support of

 coworkers. 

executive management. 

the security officer. 

a supervisor.

SHOW ANSWER

This international organization regulates billions of transactions daily and provides security guidelines to protect personally identifiable information (PII). These security controls provide a baseline and prevent low-level hackers sometimes known as script kiddies from causing a data breach. Which of the following organizations is being described?

Payment Card Industry (PCI) 

Center for Disease Control (CDC) 

Institute of Electrical and Electronics Engineers (IEEE) 

International Security Industry Organization (ISIO)

SHOW ANSWER

When purchasing a biometric system, one of the considerations that should be reviewed is the processing speed. Which of the following best describes what it is meant by processing?

The amount of time it takes to convert biometric data into a template on a smart card. 

The amount of time and resources that are necessary to maintain a biometric system. 

The amount of time it takes to be either accepted or rejected form when an individual provides Identification and authentication information. 

How long it takes to setup individual user accounts

SHOW ANSWER

While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?

Cross-Site Request Forgery 

Cross-Site Scripting 

Clickjacking 

Web form input validation

SHOW ANSWER

A big company, who wanted to test their security infrastructure, wants to hire elite pen testers like you. During the interview, they asked you to show sample reports from previous penetration tests. What should you do?

Share reports, after NDA is signed 

Share full reports, not redacted 

Decline but, provide references 

Share full reports with redactions

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in