Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 30

Which one of the following Google advanced search operators allows an attacker to restrict the results to those websites in the given domain?

 [cache:] 

[site:] 

[inurl:] 

[link:]

SHOW ANSWER

Which of the following is a primary service of the U.S. Computer Security Incident Response Team (CSIRT)?

CSIRT provides an incident response service to enable a reliable and trusted single point of contact for reporting computer security incidents worldwide. 

CSIRT provides a computer security surveillance service to supply a government with important intelligence information on individuals travelling abroad. 

CSIRT provides a penetration testing service to support exception reporting on incidents worldwide by individuals and multi-national corporations. 

CSIRT provides a vulnerability assessment service to assist law enforcement agencies with profiling an individual's property or company's asset. 

SHOW ANSWER

Which specific element of security testing is being assured by using hash?

Authentication 

Integrity 

Confidentiality 

Availability

SHOW ANSWER

Which of the following Bluetooth hacking techniques does an attacker use to send messages to users without the recipient's consent, similar to email spamming?

Bluesmacking 

Bluesniffing

Bluesnarfing 

Bluejacking

SHOW ANSWER

While performing online banking using a Web browser, Kyle receives an email that contains an image of a well-crafted art. Upon clicking the image, a new tab on the web browser opens and shows an animated GIF of bills and coins being swallowed by a crocodile. After several days, Kyle noticed that all his funds on the bank was gone. What Web browser-based security vulnerability got exploited by the hacker?

 Clickjacking 

 Web Form Input Validation 

Cross-Site Request Forgery 

Cross-Site Scripting

SHOW ANSWER

Which of the following is the most important phase of ethical hacking wherein you need to spend considerable amount of time?

 Gaining access 

Escalating privileges 

Network mapping 

Footprinting

SHOW ANSWER

Vlady works in a fishing company where the majority of the employees have very little understanding of IT let alone IT Security. Several information security issues that Vlady often found includes, employees sharing password, writing his/her password on a post it note and stick it to his/her desk, leaving the computer unlocked, didn't log out from emails or other social media accounts, and etc. After discussing with his boss, Vlady decided to make some changes to improve the security environment in his company. The first thing that Vlady wanted to do is to make the employees understand the importance of keeping confidential information, such as password, a secret and they should not share it with other persons. Which of the following steps should be the first thing that Vlady should do to make the employees in his company understand to importance of keeping confidential information a secret?

 Warning to those who write password on a post it note and put it on his/her desk 

Developing a strict information security policy 

Information security awareness training 

Conducting a one to one discussion with the other employees about the importance of information security

SHOW ANSWER

A specific site received 91 ICMP_ECHO packets within 90 minutes from 47 different sites. 77 of the ICMP_ECHO packets had an ICMP ID:39612 and Seq:57072. 13 of the ICMP_ECHO packets had an ICMP ID:0 and Seq:0. What can you infer from this information?

 The packets were sent by a worm spoofing the IP addresses of 47 infected sites 

ICMP ID and Seq numbers were most likely set by a tool and not by the operating system 

All 77 packets came from the same LAN segment and hence had the same ICMP ID and Seq number 

13 packets were from an external network and probably behind a NAT, as they had an ICMP ID 0 and Seq 0 

SHOW ANSWER

XOR is a common cryptographic tool. 10110001 XOR 00111010 is?

10111100 

11011000 

10011101 

10001011

SHOW ANSWER

During a penetration test, a tester finds that the web application being analyzed is vulnerable to Cross Site Scripting (XSS). Which of the following conditions must be met to exploit this vulnerability?

The web application does not have the secure flag set. 

The session cookies do not have the HttpOnly flag set.

The victim user should not have an endpoint security solution. 

The victim's browser must have ActiveX technology enabled.

SHOW ANSWER

Which of the following cryptography attack is an understatement for the extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by a coercion or torture?

 Chosen-Cipher text Attack 

Ciphertext-only Attack 

Timing Attack 

Rubber Hose Attack

SHOW ANSWER

Which of the following is a detective control?

Smart card authentication 

Security policy

Audit trail 

Continuity of operations plan

SHOW ANSWER

Which of the following is a common Service Oriented Architecture (SOA) vulnerability?

Cross-site scripting 

SQL injection 

VPath injection 

XML denial of service issues

SHOW ANSWER

Which of the following is considered as one of the most reliable forms of TCP scanning?

TCP Connect/Full Open Scan 

Half-open Scan 

NULL Scan 

Xmas Scan

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in