Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 22

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?

 Passive

Reflective 

Active 

Distributive

SHOW ANSWER

During a penetration test, a tester finds a target that is running MS SQL 2000 with default credentials. The tester assumes that the service is running with Local System account. How can this weakness be exploited to access the system?

Using the Metasploit psexec module setting the SA / Admin credential 

Invoking the stored procedure xp_shell to spawn a Windows command shell 

Invoking the stored procedure cmd_shell to spawn a Windows command shell 

Invoking the stored procedure xp_cmdshell to spawn a Windows command shell

SHOW ANSWER

What is the primary drawback to using advanced encryption standard (AES) algorithm with a 256 bit key to share sensitive data?

Due to the key size, the time it will take to encrypt and decrypt the message hinders efficient communication. 

To get messaging programs to function with this algorithm requires complex configurations. 

It has been proven to be a weak cipher; therefore, should not be trusted to protect sensitive data. 

It is a symmetric key algorithm, meaning each recipient must receive the key through a different channel than the message.

SHOW ANSWER

Nathan is testing some of his network devices. Nathan is using Macof to try and flood the ARP cache of these switches. If these switches' ARP cache is successfully flooded, what will be the result?

The switches will drop into hub mode if the ARP cache is successfully flooded. 

If the ARP cache is flooded, the switches will drop into pix mode making it less susceptible to attacks.

Depending on the switch manufacturer, the device will either delete every entry in its ARP cache or reroute packets to the nearest switch. 

The switches will route all traffic to the broadcast address created collisions.

SHOW ANSWER

When setting up a wireless network, an administrator enters a pre-shared key for security. Which of the following is true?

 The key entered is a symmetric key used to encrypt the wireless data. 

The key entered is a hash that is used to prove the integrity of the wireless data.  

The key entered is based on the Diffie-Hellman method. 

The key is an RSA key used to encrypt the wireless data.

SHOW ANSWER

For messages sent through an insecure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. While using a digital signature, the message digest is encrypted with which key?

 Sender's public key 

Receiver's private key 

Receiver's public key 

Sender's private key

SHOW ANSWER

One advantage of an application-level firewall is the ability to

 filter packets at the network level. 

filter specific commands, such as http:post. 

retain state information for each packet. 

monitor tcp handshaking.

SHOW ANSWER

Jesse receives an email with an attachment labeled "Court_Notice_21206.zip". Inside the zip file is a file named "Court_Notice_21206.docx.exe" disguised as a word document. Upon execution, a window appears stating, "This word document is corrupt." In the background, the file copies itself to Jesse APPDATA\local directory and begins to beacon to a C2 server to download additional malicious binaries. What type of malware has Jesse encountered?

 Trojan 

Worm 

Macro Virus 

Key-Logger

SHOW ANSWER

Rebecca commonly sees an error on her Windows system that states that a Data Execution Prevention (DEP) error has taken place. Which of the following is most likely taking place?

 A race condition is being exploited, and the operating system is containing the malicious process. 

A page fault is occurring, which forces the operating system to write data from the hard drive. 

Malware is executing in either ROM or a cache memory area. 

Malicious code is attempting to execute instruction in a non-executable memory region.

SHOW ANSWER

Insecure direct object reference is a type of vulnerability where the application does not verify if the user is authorized to access the internal object via its name or key. Suppose a malicious user Rob tries to get access to the account of a benign user Ned. Which of the following requests best illustrates an attempt to exploit an insecure direct object reference vulnerability?

"GET/restricted/goldtransfer?to=Rob&from=1 or 1=1' HTTP/1.1Host: westbank.com" 

"GET/restricted/accounts/?name=Ned HTTP/1.1 Host: westbank.com" 

"GET/restricted/bank.getaccount('Ned') HTTP/1.1 Host: westbank.com" 

"GET/restricted/\r\n\%00account%00Ned%00access HTTP/1.1 Host: westbank.com" 

SHOW ANSWER

Based on the below log, which of the following sentences are true? Mar 1, 2016, 7:33:28 AM 10.240.250.23 - 54373 10.249.253.15 - 22 tcp_ip

 SSH communications are encrypted it's impossible to know who is the client or the server 

Application is FTP and 10.240.250.23 is the client and 10.249.253.15 is the server 

Application is SSH and 10.240.250.23 is the client and 10.249.253.15 is the server 

Application is SSH and 10.240.250.23 is the server and 10.249.253.15 is the server

SHOW ANSWER

Which of the statements concerning proxy firewalls is correct?

 Proxy firewalls increase the speed and functionality of a network. 

Firewall proxy servers decentralize all activity for an application. 

Proxy firewalls block network packets from passing to and from a protected network.

Computers establish a connection with a proxy firewall which initiates a new network connection for the client.

SHOW ANSWER

A new wireless client is configured to join a 802.11 network. This client uses the same hardware and software as many of the other clients on the network. The client can see the network, but cannot connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the association requests being sent by the wireless client. What is a possible source of this problem?

The WAP does not recognize the client's MAC address 

The client cannot see the SSID of the wireless network 

Client is configured for the wrong channel 

The wireless client is not configured to use DHCP

SHOW ANSWER

Which method of password cracking takes the most time and effort?

Brute force 

Rainbow tables 

Dictionary attack 

Shoulder surfing

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in