Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 25

Which of the following does proper basic configuration of snort as a network intrusion detection system require?

 Limit the packets captured to the snort configuration file. 

Capture every packet on the network segment. 

Limit the packets captured to a single segment.

Limit the packets captured to the /var/log/snort directory.

SHOW ANSWER

Defining rules, collaborating human workforce, creating a backup plan, and testing the plans are within what phase of the Incident Handling Process?

Preparation phase 

Containment phase 

Recovery phase 

Identification phase

SHOW ANSWER

Which of the following BEST describes how Address Resolution Protocol (ARP) works?

 It sends a reply packet for a specific IP, asking for the MAC address 

It sends a reply packet to all the network elements, asking for the MAC address from a specific IP

It sends a request packet to all the network elements, asking for the domain name from a specific IP 

It sends a request packet to all the network elements, asking for the MAC address from a specific IP 

SHOW ANSWER

It is a short-range wireless communication technology that allows mobile phones, computers and other devices to connect and communicate. This technology intends to replace cables connecting portable devices with high regards to security.

 Bluetooth 

Radio-Frequency Identification 

WLAN 

InfraRed

SHOW ANSWER

What is the benefit of performing an unannounced Penetration Testing?

The tester will have an actual security posture visibility of the target network. 

Network security would be in a "best state" posture. 

It is best to catch critical infrastructure unpatched. 

The tester could not provide an honest analysis.

SHOW ANSWER

A hacker was able to easily gain access to a website. He was able to log in via the frontend user login form of the website using default or commonly used credentials. This exploitation is an example of what Software design flaw?

Insufficient security management 

Insufficient database hardening 

Insufficient input validation 

Insufficient exception handling

SHOW ANSWER

When an alert rule is matched in a network-based IDS like snort, the IDS does which of the following?

Drops the packet and moves on to the next one 

Continues to evaluate the packet until all rules are checked

Stops checking rules, sends an alert, and lets the packet continue 

Blocks the connection with the source IP address in the packet

SHOW ANSWER

If there is an Intrusion Detection System (IDS) in intranet, which port scanning technique cannot be used?

Spoof Scan 

TCP Connect scan 

TCP SYN

Idle Scan

SHOW ANSWER

You are performing information gathering for an important penetration test. You have found pdf, doc, and images in your objective. You decide to extract metadata from these files and analyze it. What tool will help you with the task?

Metagoofil

Armitage

Dimitry 

cdpsnarf

SHOW ANSWER

The network administrator contacts you and tells you that she noticed the temperature on the internal wireless router increases by more than 20% during weekend hours when the office was closed. She asks you to investigate the issue because she is busy dealing with a big conference and she doesn't have time to perform the task. What tool can you use to view the network traffic being sent and received by the wireless router?

Wireshark 

Nessus 

Netcat 

Netstat

SHOW ANSWER

This tool is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools. Which of the following tools is being described?

Aircrack-ng

Airguard 

WLAN-crack 

wificracker

SHOW ANSWER

An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", that the user is directed to a phishing site. Which file does the attacker need to modify?

Hosts 

Sudoers 

Boot.ini 

Networks

SHOW ANSWER

Bob is going to perform an active session hijack against Brownies Inc. He has found a target that allows session oriented connections (Telnet) and performs the sequence prediction on the target operating system. He manages to find an active session due to the high level of traffic on the network. What is Bob supposed to do next?

Take over the session 

Reverse sequence prediction 

Guess the sequence numbers 

Take one of the parties offline

SHOW ANSWER

The security concept of "separation of duties" is most similar to the operation of which type of security device?

Firewall 

Bastion host 

Intrusion Detection System 

Honeypot

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in