Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 29

........is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communications. It is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or mobile phone to a tainted hotspot by posing as a legitimate provider. This type of attack may be used to steal the passwords of unsuspecting users by either snooping the communication link or by phishing, which involves setting up a fraudulent web site and luring people there. Fill in the blank with appropriate choice.

 Collision Attack 

Evil Twin Attack 

Sinkhole Attack

Signal Jamming Attack

SHOW ANSWER

Which NMAP feature can a tester implement or adjust while scanning for open ports to avoid detection by the network's IDS?

 Timing options to slow the speed that the port scan is conducted 

Fingerprinting to identify which operating systems are running on the network 

ICMP ping sweep to determine which hosts on the network are not available 

Traceroute to control the path of the packets sent during the scan 

SHOW ANSWER

Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory. What kind of attack is Susan carrying on?

 A sniffing attack 

A spoofing attack 

A man in the middle attack 

 A denial of service attack

SHOW ANSWER

Matthew received an email with an attachment named "YouWon$10Grand.zip." The zip file contains a file named "HowToClaimYourPrize.docx.exe." Out of excitement and curiosity, Matthew opened the said file. Without his knowledge, the file copies itself to Matthew's APPDATA\IocaI directory and begins to beacon to a Command-and-control server to download additional malicious binaries. What type of malware has Matthew encountered?

Key-logger 

Trojan 

Worm 

Macro Virus

SHOW ANSWER

Nation-state threat actors often discover vulnerabilities and hold on to them until they want to launch a sophisticated attack. The Stuxnet attack was an unprecedented style of attack because it used four types of vulnerability. What is this style of attack called?

 zero-day 

zero-hour 

zero-sum 

no-day

SHOW ANSWER

A network security administrator is worried about potential man-in-the-middle attacks when users access a corporate web site from their workstations. Which of the following is the best remediation against this type of attack?

 Implementing server-side PKI certificates for all connections 

Mandating only client-side PKI certificates for all connections 

Requiring client and server PKI certificates for all connections 

Requiring strong authentication for all DNS queries

SHOW ANSWER

What is not a PCI compliance recommendation?

Limit access to card holder data to as few individuals as possible. 

Use encryption to protect all transmission of card holder data over any public network. 

Rotate employees handling credit card transactions on a yearly basis to different departments. 

Use a firewall between the public network and the payment card data.

SHOW ANSWER

When you are testing a web application, it is very useful to employ a proxy tool to save every request and response. You can manually test every request and analyze the response to find vulnerabilities. You can test parameter and headers manually to get more precise results than if using web vulnerability scanners. What proxy tool will help you find web vulnerabilities?

Burpsuite 

Maskgen

Dimitry 

Proxychains

SHOW ANSWER

Which of the following algorithms provides better protection against brute force attacks by using a 160-bit message digest?

MD5 

SHA-1 

RC4 

MD4

SHOW ANSWER

During a penetration test, the tester conducts an ACK scan using NMAP against the external interface of the DMZ firewall. NMAP reports that port 80 is unfiltered. Based on this response, which type of packet inspection is the firewall conducting?

Host

Stateful 

Stateless 

Application

SHOW ANSWER

Which tool allows analysts and pen testers to examine links between data using graphs and link analysis?

Maltego 

Cain & Abel 

Metasploit 

Wireshark

SHOW ANSWER

This configuration allows NIC to pass all traffic it receives to the Central Processing Unit (CPU), instead of passing only the frames that the controller is intended to receive. Select the option that BEST describes the above statement.

Multi-cast mode 

WEM 

Promiscuous mode

Port forwarding 

SHOW ANSWER

Yancey is a network security administrator for a large electric company. This company provides power for over 100, 000 people in Las Vegas. Yancey has worked for his company for over 15 years and has become very successful. One day, Yancey comes in to work and finds out that the company will be downsizing and he will be out of a job in two weeks. Yancey is very angry and decides to place logic bombs, viruses, Trojans, and backdoors all over the network to take down the company once he has left. Yancey does not care if his actions land him in jail for 30 or more years, he just wants the company to pay for what they are doing to him. What would Yancey be considered?

 Yancey would be considered a Suicide Hacker 

Since he does not care about going to jail, he would be considered a Black Hat 

Because Yancey works for the company currently; he would be a White Hat 

Yancey is a Hacktivist Hacker since he is standing up to a company that is downsizing

SHOW ANSWER

An enterprise recently moved to a new office and the new neighborhood is a little risky. The CEO wants to monitor the physical perimeter and the entrance doors 24 hours. What is the best option to do this job?

Use fences in the entrance doors. 

Install a CCTV with cameras pointing to the entrance doors and the street. 

Use an IDS in the entrance doors and install some of them near the corners. 

Use lights in all the entrance doors and along the company's perimeter.
SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in