Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 27

As an Ethical Hacker you are capturing traffic from your customer network with Wireshark and you need to find and verify just SMTP traffic. What command in Wireshark will help you to find this kind of traffic?

request smtp 25 

tcp.port eq 25 

smtp port 

tcp.contains port 25

SHOW ANSWER

Which of the following is a design pattern based on distinct pieces of software providing application functionality as services to other applications?

 Service Oriented Architecture 

Object Oriented Architecture 

Lean Coding 

Agile Process

SHOW ANSWER

What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass through the packet-filtering of the firewall?

Firewalking B

Session hijacking 

Network sniffing 

Man-in-the-middle attack

SHOW ANSWER

The collection of potentially actionable, overt, and publicly available information is known as

 Open-source intelligence 

Human intelligence 

Social intelligence 

Real intelligence

SHOW ANSWER

Which of the following parameters enables NMAP's operating system detection feature?

NMAP -sV

NMAP -oS 

NMAP -sR 

NMAP -O 

SHOW ANSWER

Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

PKI 

single sign on

biometrics 

SOA

SHOW ANSWER

What network security concept requires multiple layers of security controls to be placed throughout an IT infrastructure, which improves the security posture of an organization to defend against malicious attacks or potential vulnerabilities?

Security through obscurity 

Host-Based Intrusion Detection System 

Defense in depth 

Network-Based Intrusion Detection System

SHOW ANSWER

An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?

Only using OSPFv3 will mitigate this risk. 

Make sure that legitimate network routers are configured to run routing protocols with authentication. 

Redirection of the traffic cannot happen unless the admin allows it explicitly.

Disable all routing protocols and only use static routes. 

SHOW ANSWER

Which of the following is an advantage of utilizing security testing methodologies to conduct a security audit?

 They provide a repeatable framework. 

Anyone can run the command line scripts. 

 They are available at low cost. 

They are subject to government regulation.

SHOW ANSWER

Darius is analysing logs from IDS. He want to understand what have triggered one alert and verify if it's true positive or false positive. Looking at the logs he copy and paste basic details like below: source IP: 192.168.21.100 source port: 80 destination IP: 192.168.10.23 destination port: 63221 What is the most proper answer.

This is most probably true negative. 

This is most probably true positive which triggered on secure communication between client and server. 

This is most probably false-positive, because an alert triggered on reversed traffic. 

This is most probably false-positive because IDS is monitoring one direction traffic. 

SHOW ANSWER

You are tasked to perform a penetration test. While you are performing information gathering, you find an employee list in Google. You find the receptionist's email, and you send her an email changing the source email to her boss's email( boss@company ). In this email, you ask for a pdf with information. She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious links (these links contain malware) and send back the modified pdf, saying that the links don't work. She reads your email, opens the links, and her machine gets infected. You now have access to the company network. What testing method did you use?

Social engineering 

Tailgating 

Piggybacking 

Eavesdropping

SHOW ANSWER

SNMP is a protocol used to query hosts, servers, and devices about performance or health status data. This protocol has long been used by hackers to gather great amount of information about remote hosts. Which of the following features makes this possible? (Choose two.)

 It used TCP as the underlying protocol. 

It uses community string that is transmitted in clear text. 

It is susceptible to sniffing. 

It is used by all network devices on the market.

SHOW ANSWER

Which of the following is a component of a risk assessment?

Physical security 

Administrative safeguards

DMZ 

Logical interface

SHOW ANSWER

Which cipher encrypts the plain text digit (bit or byte) one by one?

 Classical cipher 

Block cipher 

Modern cipher 

Stream cipher

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in