Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 41

How is sniffing broadly categorized?

 Active and passive 

Broadcast and unicast 

Unmanaged and managed 

Filtered and unfiltered

SHOW ANSWER

To send a PGP encrypted message, which piece of information from the recipient must the sender have before encrypting the message?

Recipient's private key 

Recipient's public key 

Master encryption key

Sender's public key 

SHOW ANSWER

Shellshock had the potential for an unauthorized user to gain access to a server. It affected many internet-facing services, which OS did it not directly affect?

Windows 

Unix 

Linux 

OS X

SHOW ANSWER

The Open Web Application Security Project (OWASP) testing methodology addresses the need to secure web applications by providing which one of the following services?

An extensible security framework named COBIT 

A list of flaws and how to fix them 

Web application patches 

A security certification for hardened web applications

SHOW ANSWER

Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not encrypt email, leaving the information in the message vulnerable to being read by an unauthorized person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by SMTP over TLS is encrypted. What is the name of the command used by SMTP to transmit email over TLS?

OPPORTUNISTICTLS STARTTLS 

FORCETLS 

UPGRADETLS

SHOW ANSWER

Which of the below hashing functions are not recommended for use?

SHA-1.ECC

MD5, SHA-1 

SHA-2. SHA-3 

MD5. SHA-5

SHOW ANSWER

Which solution can be used to emulate computer services, such as mail and ftp, and to capture information related to logins or actions?

Firewall 

Honeypot 

Core server 

Layer 4 switch 

SHOW ANSWER

An IT employee got a call from one of our best customers. The caller wanted to know about the company's network infrastructure, systems, and team. New opportunities of integration are in sight for both company and customer. What should this employee do?

Since the company's policy is all about Customer Service, he/she will provide information. 

Disregarding the call, the employee should hang up. 

The employee should not provide any information without previous management authorization. 

he employees can not provide any information; but, anyway, he/she will provide the name of the person in charge. 

SHOW ANSWER

Which of the following items is unique to the N-tier architecture method of designing software applications?

Application layers can be separated, allowing each layer to be upgraded independently from other layers. 

It is compatible with various databases including Access, Oracle, and SQL.

Data security is tied into each layer and must be updated for all layers when any upgrade is performed. 

 Application layers can be written in C, ASP.NET, or Delphi without any performance loss.

SHOW ANSWER

This TCP flag instructs the sending system to transmit all buffered data immediately

SYN 

RST

PSH 

URG

FIN

SHOW ANSWER

Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of communication?

123 

161 

69 

113

SHOW ANSWER

A large mobile telephony and data network operator has a data that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems. What is the best security policy concerning this setup?

Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.

 As long as the physical access to the network elements is restricted, there is no need for additional measures. 

There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist. 

The operator knows that attacks and down time are inevitable and should have a backup site.

SHOW ANSWER

Which of the following attacks exploits web age vulnerabilities that allow an attacker to force an unsuspecting user's browser to send malicious requests they did not intend?

Command Injection Attacks 

File Injection Attack 

Cross-Site Request Forgery (CSRF)

Hidden Field Manipulation Attack

SHOW ANSWER

The company ABC recently contracted a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent to the accountant but the CFO is worried because he wants to be sure that the information sent to the accountant was not modified once he approved it. What of the following options can be useful to ensure the integrity of the data?

The document can be sent to the accountant using an exclusive USB for that document. 

The CFO can use a hash algorithm in the document once he approved the financial statements. 

The financial statements can be sent twice, one by email and the other delivered in USB and the accountant can compare both to be sure it is the same document. 

The CFO can use an excel file with a password. 

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in