Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 34

A person approaches a network administrator and wants advice on how to send encrypted email from home. The end user does not want to have to pay for any license fees or manage server services. Which of the following is the most secure encryption protocol that the network administrator should recommend?

 IP Security (IPSEC) 

Multipurpose Internet Mail Extensions (MIME)

Pretty Good Privacy (PGP) 

Hyper Text Transfer Protocol with Secure Socket Layer (HTTPS) 

SHOW ANSWER

MX record priority increases as the number increases. (True/False.)

True 

False

SHOW ANSWER

Which of the following is a low-tech way of gaining unauthorized access to systems?

Social Engineering 

Sniffing 

Eavesdropping 

Scanning

SHOW ANSWER

Bob is acknowledged as a hacker of repute and is popular among visitors of "underground" sites. Bob is willing to share his knowledge with those who are willing to learn, and many have expressed their interest in learning from him. However, this knowledge has a risk associated with it, as it can be used for malevolent attacks as well. In this context, what would be the most effective method to bridge the knowledge gap between the "black" hats or crackers and the "white" hats or computer security professionals? (Choose the test answer.)

Educate everyone with books, articles and training on risk analysis, vulnerabilities and safeguards. 

Hire more computer security monitoring personnel to monitor computer systems and networks. 

Make obtaining either a computer security certification or accreditation easier to achieve so more individuals feel that they are a part of something larger than life. 

Train more National Guard and reservist in the art of computer security to help out in times of emergency or crises

SHOW ANSWER

What statement is true regarding LM hashes?

LM hashes consist in 48 hexadecimal characters. 

LM hashes are based on AES128 cryptographic standard. 

Uppercase characters in the password are converted to lowercase. 

LM hashes are not generated when the password length exceeds 15 characters.

SHOW ANSWER

What information should an IT system analysis provide to the risk assessor?

Management buy-in 

Threat statement 

Security architecture 

Impact analysis

SHOW ANSWER

An attacker has captured a target file that is encrypted with public key cryptography. Which of the attacks below is likely to be used to crack the target file?

 Timing attack 

Replay attack 

Memory trade-off attack 

Chosen plain-text attack

SHOW ANSWER

International Organization for Standardization (ISO) standard 27002 provides guidance for compliance by outlining

 guidelines and practices for security controls. 

financial soundness and business viability metrics. 

standard best practice for configuration management. 

contract agreement writing standards.

SHOW ANSWER

Which of the following is the primary objective of a rootkit?

 It opens a port to provide an unauthorized service 

It creates a buffer overflow 

It replaces legitimate programs 

It provides an undocumented opening in a program

SHOW ANSWER

The "gray box testing" methodology enforces what kind of restriction?

The internal operation of a system is only partly accessible to the tester. 

The internal operation of a system is completely known to the tester. 

Only the external operation of a system is accessible to the tester. 

Only the internal operation of a system is known to the tester

SHOW ANSWER

An attacker changes the profile information of a particular user (victim) on the target website. The attacker uses this string to update the victim's profile to a text file and then submit the data to the attacker's database. < iframe src="http://www.vulnweb.com/updateif.php" style="display:none"> What is this type of attack (that can use either HTTP GET or HTTP POST) called?

Cross-Site Request Forgery 

Cross-Site Scripting 

SQL Injection 

Browser Hacking
SHOW ANSWER

Which of the following tools are used for enumeration? (Choose three.)

SolarWinds 

USER2SID 

Cheops 

SID2USER 

DumpSec

SHOW ANSWER

A pentester is using Metasploit to exploit an FTP server and pivot to a LAN. How will the pentester pivot using Metasploit?

 Issue the pivot exploit and set the meterpreter. 

Reconfigure the network settings in the meterpreter. 

Set the payload to propagate through the meterpreter. 

Create a route statement in the meterpreter.

SHOW ANSWER

Which of the following describes the characteristics of a Boot Sector Virus?

 Moves the MBR to another location on the RAM and copies itself to the original location of the MBR 

Moves the MBR to another location on the hard disk and copies itself to the original location of the MBR 

Modifies directory table entries so that directory entries point to the virus code instead of the actual program 

Overwrites the original MBR and only executes the new virus code

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in