Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 43

A large company intends to use Blackberry for corporate mobile phones and a security analyst is assigned to evaluate the possible threats. The analyst will use the Blackjacking attack method to demonstrate how an attacker could circumvent perimeter defenses and gain access to the corporate network. What tool should the analyst use to perform a Blackjacking attack?

 Paros Proxy 

BBProxy 

BBCrack 

Blooover

SHOW ANSWER

Which of the following is a vulnerability in GNU's bash shell (discovered in September of 2014) that gives attackers access to run remote commands on a vulnerable system?

Shellshock 

Rootshell 

Rootshock 

Shellbash

SHOW ANSWER

You are working as a Security Analyst in a company XYZ that owns the whole subnet range of 23.0.0.0/8 and 192.168.0.0/8. While monitoring the data, you find a high number of outbound connections. You see that IP's owned by XYZ (Internal) and private IP's are communicating to a Single Public IP. Therefore, the Internal IP's are sending data to the Public IP. After further analysis, you find out that this Public IP is a blacklisted IP, and the internal communicating devices are compromised. What kind of attack does the above scenario depict?

Botnet Attack 

Spear Phishing Attack 

 Advanced Persistent Threats 

Rootkit Attack

SHOW ANSWER

What is the least important information when you analyze a public IP address in a security alert?

 ARP 

Whois 

DNS 

Geolocation

SHOW ANSWER

How can telnet be used to fingerprint a web server?

telnet webserverAddress 80HEAD / HTTP/1.0 

telnet webserverAddress 80PUT / HTTP/1.0 

telnet webserverAddress 80HEAD / HTTP/2.0 

telnet webserverAddress 80PUT / HTTP/2.0

SHOW ANSWER

If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?

Hping 

Traceroute 

TCP ping 

Broadcast ping

SHOW ANSWER

Which of the following tools would be the best choice for achieving compliance with PCI Requirement 11?

Truecrypt 

Sub7 

Nessus 

Clamwin

SHOW ANSWER

An attacker is trying to redirect the traffic of a small office. That office is using their own mail server, DNS server and NTP server because of the importance of their job. The attacker gains access to the DNS server and redirects the direction www.google.com to his own IP address. Now when the employees of the office want to go to Google they are being redirected to the attacker machine. What is the name of this kind of attack?

ARP Poisoning 

Smurf Attack 

DNS spoofing 

MAC Flooding

SHOW ANSWER

After trying multiple exploits, you've gained root access to a Centos 6 server. To ensure you maintain access, what would you do first?

Create User Account

Disable Key Services 

Disable IPTables 

Download and Install Netcat

SHOW ANSWER

If an e-commerce site was put into a live environment and the programmers failed to remove the secret entry point that was used during the application development, what is this secret entry point known as?

SDLC process 

Honey pot 

SQL injection 

Trap door
SHOW ANSWER

Security and privacy of/on information systems are two entities that requires lawful regulations. Which of the following regulations defines security and privacy controls for Federal information systems and organizations?

NIST SP 800-53 

PCI-DSS 

EU Safe Harbor 

HIPAA

SHOW ANSWER

A circuit level gateway works at which of the following layers of the OSI Model?

 Layer 5 - Application 

Layer 4 - TCP 

Layer 3 - Internet protocol 

Layer 2 - Data link

SHOW ANSWER

You need to deploy a new web-based software package for your organization. The package requires three separate servers and needs to be available on the Internet. What is the recommended architecture in terms of server placement?

All three servers need to be placed internally 

A web server facing the Internet, an application server on the internal network, a database server on the internal network 

A web server and the database server facing the Internet, an application server on the internal network 

All three servers need to face the Internet so that they can communicate between themselves

SHOW ANSWER

What is the purpose of a demilitarized zone on a network?

 To scan all traffic coming through the DMZ to the internal network 

To only provide direct access to the nodes within the DMZ and protect the network behind it 

To provide a place to put the honeypot 

To contain the network devices you wish to protect

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in