Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 20

Your team has won a contract to infiltrate an organization. The company wants to have the attack be as realistic as possible; therefore, they did not provide any information besides the company name. What should be the first step in security testing the client?

Reconnaissance 

Enumeration 

Scanning 

Escalation

SHOW ANSWER

You are the Systems Administrator for a large corporate organization. You need to monitor all network traffic on your local network for suspicious activities and receive notifications when an attack is occurring. Which tool would allow you to accomplish this goal?

Network-based IDS 

Firewall 

Proxy 

Host-based IDS

SHOW ANSWER

An attacker uses a communication channel within an operating system that is neither designed nor intended to transfer information. What is the name of the communications channel?

Classified 

Overt 

Encrypted 

Covert

SHOW ANSWER

What does the -oX flag do in an Nmap scan?

 Perform an express scan 

Output the results in truncated format to the screen 

Perform an Xmas scan 

Output the results in XML format to a file

SHOW ANSWER

In many states sending spam is illegal. Thus, the spammers have techniques to try and ensure that no one knows they sent the spam out to thousands of users at a time. Which of the following best describes what spammers use to hide the origin of these types of e-mails?

A blacklist of companies that have their mail server relays configured to allow traffic only to their specific domain name. 

Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers continuously. 

A blacklist of companies that have their mail server relays configured to be wide open. 

Tools that will reconfigure a mail server's relay component to send the e-mail back to the spammers occasionally.

SHOW ANSWER

What is correct about digital signatures?

 A digital signature cannot be moved from one signed document to another because it is the hash of the original document encrypted with the private key of the signing party. 

Digital signatures may be used in different documents of the same type. 

A digital signature cannot be moved from one signed document to another because it is a plain hash of the document content. 

Digital signatures are issued once for each user and can be used everywhere until they expire

SHOW ANSWER

Null sessions are un-authenticated connections (not using a username or password.) to an NT or 2000 system. Which TCP and UDP ports must you filter to check null sessions on your network?

137 and 139 

137 and 443 

139 and 443 

139 and 445

SHOW ANSWER

Backing up data is a security must. However, it also has certain level of risks when mishandled. Which of the following is the greatest threat posed by backups?

A backup is the source of Malware or illicit information 

A backup is incomplete because no verification was performed 

A backup is unavailable during disaster recovery 

An unencrypted backup can be misplaced or stolen

SHOW ANSWER

What is the best description of SQL Injection?

 It is an attack used to gain unauthorized access to a database. 

It is an attack used to modify code in an application. 

t is a Man-in-the-Middle attack between your SQL Server and Web App Server. 

It is a Denial of Service Attack

SHOW ANSWER

A company has five different subnets: 192.168.1.0, 192.168.2.0, 192.168.3.0, 192.168.4.0 and 192.168.5.0. How can NMAP be used to scan these adjacent Class C networks?

NMAP -P 192.168.1-5. 

NMAP -P 192.168.0.0/16 

NMAP -P 192.168.1.0,2.0,3.0,4.0,5.0 

NMAP -P 192.168.1/17

SHOW ANSWER

Which of the following will perform an Xmas scan using NMAP?

nmap -sA 192.168.1.254 

nmap -sP 192.168.1.254 

nmap -sX 192.168.1.254 

nmap -sV 192.168.1.254

SHOW ANSWER

_________ is a set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attacks types

DNSSEC 

Zone transfer 

Resource transfer 

Resource records

SHOW ANSWER

Which definition among those given below best describes a covert channel?

A server program using a port that is not well known. 

Making use of a protocol in a way it is not intended to be used.

It is the multiplexing taking place on a communication link. 

It is one of the weak channels used by WEP which makes it insecure 

SHOW ANSWER

Which of the following is a restriction being enforced in "white box testing?"

 Only the internal operation of a system is known to the tester 

The internal operation of a system is completely known to the tester 

The internal operation of a system is only partly accessible to the tester

Only the external operation of a system is accessible to the tester

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in