Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 39

A pentester gains access to a Windows application server and needs to determine the settings of the built-in Windows firewall. Which command would be used?

Netsh firewall show config 

WMIC firewall show config 

Net firewall show config 

Ipconfig firewall show config

SHOW ANSWER

You need a tool that can do network intrusion prevention and intrusion detection, function as a network sniffer, and record network activity, what tool would you most likely select?

 Nmap 

Cain & Abel

Nessus 

Snort

SHOW ANSWER

The use of alert thresholding in an IDS can reduce the volume of repeated alerts, but introduces which of the following vulnerabilities?

An attacker, working slowly enough, can evade detection by the IDS. 

Network packets are dropped if the volume exceeds the threshold. 

Thresholding interferes with the IDS' ability to reassemble fragmented packets. 

The IDS will not distinguish among packets originating from different sources

SHOW ANSWER

What is the correct PCAP filter to capture all TCP traffic going to or from host 192.168.0.125 on port 25?

tcp.src == 25 and ip.host == 192.168.0.125 

host 192.168.0.125:25 

port 25 and host 192.168.0.125 

tcp.port == 25 and ip.host == 192.168.0.125

SHOW ANSWER

A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named "nc." The FTP server's access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server's software. The ps command shows that the nc file is running as process, and the netstat command shows the nc process is listening on a network port. What kind of vulnerability must be present to make this remote attack possible?

 File system permissions 

Privilege escalation 

Directory traversal 

Brute force login

SHOW ANSWER

A hacker is attempting to use nslookup to query Domain Name Service (DNS). The hacker uses the nslookup interactive mode for the search. Which command should the hacker type into the command shell to request the appropriate records?

 Locate type=ns 

Request type=ns 

Set type=ns 

Transfer type=ns

SHOW ANSWER

Which of the following processes evaluates the adherence of an organization to its stated security policy?

Vulnerability assessment 

Penetration testing 

Risk assessment 

Security auditing

SHOW ANSWER

What is the main reason the use of a stored biometric is vulnerable to an attack?

The digital representation of the biometric might not be unique, even if the physical characteristic is unique. 

Authentication using a stored biometric compares a copy to a copy instead of the original to a copy. 

A stored biometric is no longer "something you are" and instead becomes "something you have". 

A stored biometric can be stolen and used by an attacker to impersonate the individual identified by the biometric. 

SHOW ANSWER

A computer science student needs to fill some information into a secured Adobe PDF job application that was received from a prospective employer. Instead of requesting a new document that allowed the forms to be completed, the student decides to write a script that pulls passwords from a list of commonly used passwords to try against the secured PDF until the correct password is found or the list is exhausted. Which cryptography attack is the student attempting?

 Man-in-the-middle attack 

Brute-force attack 

Dictionary attack 

Session hijacking

SHOW ANSWER

Which of the following is the best countermeasure to encrypting ransomwares?

Use multiple antivirus softwares 

Keep some generation of off-line backup 

Analyze the ransomware to get decryption key of encrypted data 

Pay a ransom

SHOW ANSWER

You have successfully compromised a machine on the network and found a server that is alive on the same network. You tried to ping it but you didn't get any response back. What is happening?

 ICMP could be disabled on the target server. 

The ARP is disabled on the target server. 

TCP/IP doesn't support ICMP. 

You need to run the ping command with root privileges.

SHOW ANSWER

Which tool is used to automate SQL injections and exploit a database by forcing a given web application to connect to another database controlled by a hacker?

DataThief 

NetCat 

Cain and Abel 

SQLInjector

SHOW ANSWER

A security engineer is attempting to map a company's internal network. The engineer enters in the following NMAP command: NMAP -n -sS -P0 -p 80 ***.***.**.** What type of scan is this?

Quick scan 

Intense scan 

Stealth scan 

Comprehensive scan

SHOW ANSWER

Which of the following is an example of an asymmetric encryption implementation?

 SHA1 

PGP 

3DES 

MD5

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in