Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 48

Which of the following LM hashes represent a password of less than 8 characters? (Choose two.)

BA810DBA98995F1817306D272A9441BB 

44EFCE164AB921CQAAD3B435B51404EE 

0182BD0BD4444BF836077A718CCDF409 

CEC52EB9C8E3455DC2265B23734E0DAC 

B757BF5C0D87772FAAD3B435B51404EE 

E52CAC67419A9A224A3B108F3FA6CB6D

SHOW ANSWER

A software tester is randomly generating invalid inputs in an attempt to crash the program. Which of the following is a software testing technique used to determine if a software program properly handles a wide range of invalid input?

 Mutating 

Randomizing 

Fuzzing 

Bounding

SHOW ANSWER

SOAP services use which technology to format information?

SATA 

PCI 

XML 

ISDN

SHOW ANSWER

When security and confidentiality of data within the same LAN is of utmost priority, which IPSec mode should you implement?

AH Tunnel mode 

AH promiscuous 

ESP transport mode 

ESP confidential

SHOW ANSWER

You're doing an internal security audit and you want to find out what ports are open on all the servers. What is the best way to find out?

Scan servers with Nmap 

Physically go to each server 

Scan servers with MBSA 

Telent to every port on each server

SHOW ANSWER

Session splicing is an IDS evasion technique in which an attacker delivers data in multiple, smallsized packets to the target computer, making it very difficult for an IDS to detect the attack signatures. Which tool can be used to perform session splicing attacks?

Whisker 

tcpsplice 

Burp 

Hydra 

SHOW ANSWER

A penetration tester was hired to perform a penetration test for a bank. The tester began searching for IP ranges owned by the bank, performing lookups on the bank's DNS servers, reading news articles online about the bank, watching what times the bank employees come into work and leave from work, searching the bank's job postings (paying special attention to IT related jobs), and visiting the local dumpster for the bank's corporate office. What phase of the penetration test is the tester currently in?

Information reporting 

Vulnerability assessment 

Active information gathering 

Passive information gathering

SHOW ANSWER

Advanced encryption standard is an algorithm used for which of the following?

 Data integrity 

Key discovery 

Bulk data encryption 

Key recovery

SHOW ANSWER

Which of the following tools can be used to perform a zone transfer?

NSLookup 

Finger 

Dig 

Sam Spade 

Host 

Netcat 

Neotrace

SHOW ANSWER

By using a smart card and pin, you are using a two-factor authentication that satisfies

 Something you know and something you are 

Something you have and something you know 

Something you have and something you are 

Something you are and something you remember

SHOW ANSWER

Your business has decided to add credit card numbers to the data it backs up to tape. Which of the following represents the best practice your business should observe?

 Hire a security consultant to provide direction. 

Do not back up cither the credit card numbers or then hashes. 

Back up the hashes of the credit card numbers not the actual credit card numbers. 

Encrypt backup tapes that are sent off-site.

SHOW ANSWER

You are performing a penetration test. You achieved access via a buffer overflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrator's bank account password and login information for the administrator's bitcoin account. What should you do?

Report immediately to the administrator 

Do not report it and continue the penetration test. 

 Transfer money from the administrator's account to another account. 

Do not transfer the money but steal the bitcoins.

SHOW ANSWER

A company's policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wire shark to examine the captured traffic, which command can be used as a display filter to find unencrypted file transfers?

tcp.port != 21 

tcp.port = 23 

 tcp.port ==21 

tcp.port ==21 || tcp.port ==22

SHOW ANSWER

Some clients of TPNQM SA were redirected to a malicious site when they tried to access the TPNQM main site. Bob, a system administrator at TPNQM SA, found that they were victims of DNS Cache Poisoning. What should Bob recommend to deal with such a threat?

 The use of security agents in clients' computers 

The use of DNSSEC 

The use of double-factor authentication 

Client awareness

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in