Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 38

Trinity needs to scan all hosts on a /16 network for TCP port 445 only. What is the fastest way she can accomplish this with Nmap? Stealth is not a concern.

nmap -sn -sF 10.1.0.0/16 445 

nmap -p 445 -n -T4 -open 10.1.0.0/16 

nmap -s 445 -sU -T5 10.1.0.0/16 

map -p 445 -max -Pn 10.1.0.0/16

SHOW ANSWER

It is a kind of malware (malicious software) that criminals install on your computer so they can lock it from a remote location. This malware generates a pop-up window, webpage, or email warning from what looks like an official authority. It explains that your computer has been locked because of possible illegal activities on it and demands payment before you can access your files and programs again. Which of the following terms best matches the definition?

Ransomware 

Adware 

Spyware 

Riskware

SHOW ANSWER

What are the three types of authentication?

Something you: know, remember, prove 

Something you: have, know, are 

Something you: show, prove, are 

Something you: show, have, prove

SHOW ANSWER

What is the proper response for a NULL scan if the port is open?

SYN 

ACK 

FIN 

PSH 

RST 

No response

SHOW ANSWER

An nmap command that includes the host specification of 202.176.56-57.* will scan _______ number of hosts.

 2 

256 

512 

Over 10, 000

SHOW ANSWER

When analyzing the IDS logs, the system administrator noticed an alert was logged when the external router was accessed from the administrator's computer to update the router configuration. What type of an alert is this?

False positive 

False negative 

True positve 

True negative

SHOW ANSWER

How does an operating system protect the passwords used for account logins?

The operating system performs a one-way hash of the passwords.

The operating system stores the passwords in a secret file that users cannot find. 

The operating system encrypts the passwords, and decrypts them when needed. 

The operating system stores all passwords in a protected segment of non-volatile memory.

The operating system stores all passwords in a protected segment of non-volatile memory.

SHOW ANSWER

What type of analysis is performed when an attacker has partial knowledge of innerworkings of the application?

 Black-box 

Announced 

White-box 

Grey-box

SHOW ANSWER

Which of the following settings enables Nessus to detect when it is sending too many packets and the network pipe is approaching capacity?

Netstat WMI Scan 

Silent Dependencies 

Consider unscanned ports as closed 

Reduce parallel connections on congestion

SHOW ANSWER

Name two software tools used for OS guessing? (Choose two.)

Nmap 

Snadboy 

Queso 

UserInfo 

NetBus

SHOW ANSWER

What is one thing a tester can do to ensure that the software is trusted and is not changing or tampering with critical data on the back end of a system it is loaded on?

Proper testing 

Secure coding principles 

Systems security and architecture review 

Analysis of interrupts within the software

SHOW ANSWER

Bob received this text message on his mobile phone: ""Hello, this is Scott Smelby from the Yahoo Bank. Kindly contact me for a vital transaction on: scottsmelby@yahoo.com"". Which statement below is true?

This is probably a legitimate message as it comes from a respectable organization. 

Bob should write to scottsmelby@yahoo.com to verify the identity of Scott. 

This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees. 

This is a scam because Bob does not know Scott

SHOW ANSWER

You are attempting to run an Nmap port scan on a web server. Which of the following commands would result in a scan of common ports with the least amount of noise in order to evade IDS?

nmap -A - Pn 

nmap -sP -p-65535-T5 

nmap -sT -O -T0 

nmap -A --host-timeout 99-T1

SHOW ANSWER

Which of the following is the BEST approach to prevent Cross-site Scripting (XSS) flaws?

Use digital certificates to authenticate a server prior to sending data. 

Verify access right before allowing access to protected information and UI controls. 

Verify access right before allowing access to protected information and UI controls. 

Validate and escape all information sent to a server.

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in