Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 47

A company's Web development team has become aware of a certain type of security vulnerability in their Web software. To mitigate the possibility of this vulnerability being exploited, the team wants to modify the software requirements to disallow users from entering HTML as input into their Web application. What kind of Web application vulnerability likely exists in their software?

Cross-site scripting vulnerability 

Cross-site Request Forgery vulnerability 

SQL injection vulnerability 

Web site defacement vulnerability

SHOW ANSWER

Which of the following defines the role of a root Certificate Authority (CA) in a Public Key Infrastructure (PKI)?

The root CA is the recovery agent used to encrypt data when a user's certificate is lost. 

The root CA stores the user's hash value for safekeeping.

The CA is the trusted root that issues certificates. 

The root CA is used to encrypt email messages to prevent unintended disclosure of data. 

SHOW ANSWER

Which service in a PKI will vouch for the identity of an individual or company?

 KDC 

CA 

CR 

CBC

SHOW ANSWER

It is a vulnerability in GNU's bash shell, discovered in September of 2014, that gives attackers access to run remote commands on a vulnerable system. The malicious software can take control of an infected machine, launch denial-of-service attacks to disrupt websites, and scan for other vulnerable devices (including routers). Which of the following vulnerabilities is being described?

Shellshock

Rootshock

Rootshell 

Shellbash

SHOW ANSWER

What is the term coined for logging, recording and resolving events in a company?

Internal Procedure 

Security Policy 

Incident Management Process 

Metrics

SHOW ANSWER

Windows file servers commonly hold sensitive files, databases, passwords and more. Which of the following choices would be a common vulnerability that usually exposes them?

Cross-site scripting 

SQL injection 

Missing patches 

CRLF injection

SHOW ANSWER

Password cracking programs reverse the hashing process to recover passwords. (True/False.)

True 

False 

SHOW ANSWER

What does a firewall check to prevent particular ports and applications from getting packets into an organization?

Transport layer port numbers and application layer headers 

Presentation layer headers and the session layer port numbers 

Network layer headers and the session layer port numbers 

Application layer port numbers and the transport layer headers

SHOW ANSWER

_________ is a tool that can hide processes from the process list, can hide files, registry entries, and intercept keystrokes

Trojan 

RootKit 

DoS tool 

Scanner 

Backdoor

SHOW ANSWER

Which of the following is a client-server tool utilized to evade firewall inspection?

tcp-over-dns 

kismet 

nikto 

hping 

SHOW ANSWER

Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products?

 Microsoft Security Baseline Analyzer 

Retina 

Core Impact 

Microsoft Baseline Security Analyzer

SHOW ANSWER

Which set of access control solutions implements two-factor authentication?

USB token and PIN 

Fingerprint scanner and retina scanner 

Password and PIN 

Account and password

SHOW ANSWER

An attacker is using nmap to do a ping sweep and a port scanning in a subnet of 254 addresses. In which order should he perform these steps?

 The sequence does not matter. Both steps have to be performed against all hosts. 

First the port scan to identify interesting services and then the ping sweep to find hosts responding to icmp echo requests. 

First the ping sweep to identify live hosts and then the port scan on the live hosts. This way he saves time. 

The port scan alone is adequate. This way he saves time.

SHOW ANSWER

Which type of intrusion detection system can monitor and alert on attacks, but cannot stop them?

Detective 

Passive 

Intuitive 

Reactive

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in