Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 24

Why containers are less secure that virtual machines?

Host OS on containers has a larger surface attack. 

Containers may full fill disk space of the host. 

A compromise container may cause a CPU starvation of the host. 

Containers are attached to the same virtual network.

SHOW ANSWER

To maintain compliance with regulatory requirements, a security audit of the systems on a network must be performed to determine their compliance with security policies. Which one of the following tools would most likely be used in such an audit?

Vulnerability scanner 

Protocol analyzer 

Port scanner 

Intrusion Detection System

SHOW ANSWER

You have retrieved the raw hash values from a Windows 2000 Domain Controller. Using social engineering, you come to know that they are enforcing strong passwords. You understand that all users are required to use passwords that are at least 8 characters in length. All passwords must also use 3 of the 4 following categories: lower case letters, capital letters, numbers and special characters. With your existing knowledge of users, likely user account names and the possibility that they will choose the easiest passwords possible, what would be the fastest type of password cracking attack you can run against these hash values and still get results?

Online Attack 

Dictionary Attack 

Brute Force Attack 

Hybrid Attack

SHOW ANSWER

When you are collecting information to perform a data analysis, Google commands are very useful to find sensitive information and files. These files may contain information about passwords, system functions, or documentation. What command will help you to search files using Google as a search engine?

 site: target.com filetype:xls username password email 

inurl: target.com filename:xls username password email 

domain: target.com archive:xls username password email 

site: target.com file:xls username password email 

SHOW ANSWER

Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?

msfpayload 

msfcli 

msfencode 

msfd 

SHOW ANSWER

Sandra has been actively scanning the client network on which she is doing a vulnerability assessment test. While conducting a port scan she notices open ports in the range of 135 to 139. What protocol is most likely to be listening on those ports?

Finger 

FTP

Samba 

SMB

SHOW ANSWER

At a Windows Server command prompt, which command could be used to list the running services?

Sc query type= running 

Sc query \\servername 

Sc query 

Sc config

SHOW ANSWER

The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses which of the following?

 Multiple keys for non-repudiation of bulk data 

Different keys on both ends of the transport medium 

Bulk encryption for data transmission over fiber

The same key on each end of the transmission medium 

SHOW ANSWER

What mechanism in Windows prevents a user from accidentally executing a potentially malicious batch (.bat) or PowerShell (.ps1) script?

User Access Control (UAC) 

Data Execution Prevention (DEP) 

Address Space Layout Randomization (ASLR) 

Windows firewall

SHOW ANSWER

Knowing the nature of backup tapes, which of the following is the MOST RECOMMENDED way of storing backup tapes?

In a cool dry environment 

Inside the data center for faster retrieval in a fireproof safe 

In a climate controlled facility offsite 

On a different floor in the same building

SHOW ANSWER

Which of the following tools would MOST LIKELY be used to perform security audit on various of forms of network systems?

 Intrusion Detection System

Vulnerability scanner

Port scanner 

Protocol analyzer

SHOW ANSWER

A consultant has been hired by the V.P. of a large financial organization to assess the company's security posture. During the security testing, the consultant comes across child pornography on the V.P.'s computer. What is the consultant's obligation to the financial organization?

Say nothing and continue with the security testing. 

Stop work immediately and contact the authorities. 

Delete the pornography, say nothing, and continue security testing. 

Bring the discovery to the financial organization's human resource department.

SHOW ANSWER

Tess King is using the nslookup command to craft queries to list all DNS information (such as Name Servers, host names, MX records, CNAME records, glue records (delegation for child Domains), zone serial number, TimeToLive (TTL) records, etc) for a Domain. What do you think Tess King is trying to accomplish? Select the best answer.

A zone harvesting 

A zone transfer

 A zone update 

A zone estimate

SHOW ANSWER

Which of the following is a protocol specifically designed for transporting event messages?

SYSLOG 

SMS 

SNMP

ICMP

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in