Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 50

Which of the following is the least-likely physical characteristic to be used in biometric control that supports a large company?

 Height and Weight 

Voice 

Fingerprints 

Iris patterns

SHOW ANSWER

Which component of IPsec performs protocol-level functions that are required to encrypt and decrypt the packets?

Internet Key Exchange (IKE) 

Oakley 

IPsec Policy Agent 

IPsec driver

SHOW ANSWER

Your company was hired by a small healthcare provider to perform a technical assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?

Use a scan tool like Nessus 

Use the built-in Windows Update tool 

Check MITRE.org for the latest list of CVE findings 

Create a disk image of a clean Windows installation

SHOW ANSWER

Which mode of IPSec should you use to assure security and confidentiality of data within the same LAN?

ESP transport mode 

AH permiscuous 

ESP confidential 

AH Tunnel mode

SHOW ANSWER

Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

 Nikto

Snort 

John the Ripper 

Dsniff

SHOW ANSWER

In the context of password security, a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtCrack or John the Ripper, and running it against user accounts located by the application. The larger the word and word fragment selection, the more effective the dictionary attack is. The brute force method is the most inclusive, although slow. It usually tries every possible letter and number combination in its automated exploration. If you would use both brute force and dictionary methods combined together to have variation of words, what would you call such an attack?

 Full Blown 

Thorough 

Hybrid 

BruteDics

SHOW ANSWER

A company is using Windows Server 2003 for its Active Directory (AD). What is the most efficient way to crack the passwords for the AD users?

Perform a dictionary attack. 

Perform a brute force attack. 

Perform an attack with a rainbow table. 

Perform a hybrid attack. 

SHOW ANSWER

Initiating an attack against targeted businesses and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The attackers run exploits on well-known and trusted sites likely to be visited by their targeted victims. Aside from carefully choosing sites to compromise, these attacks are known to incorporate zero-day exploits that target unpatched vulnerabilities. Thus, the targeted entities are left with little or no defense against these exploits. What type of attack is outlined in the scenario?

Watering Hole Attack 

Heartbleed Attack 

Shellshock Attack 

Spear Phising Attack

SHOW ANSWER

Nedved is an IT Security Manager of a bank in his country. One day. he found out that there is a security breach to his company's email server based on analysis of a suspicious connection from the email server to an unknown IP Address. What is the first thing that Nedved needs to do before contacting the incident response team?

Leave it as it Is and contact the incident response te3m right away

Block the connection to the suspicious IP Address from the firewall 

Disconnect the email server from the network 

Migrate the connection to the backup email server

SHOW ANSWER

What tool can crack Windows SMB passwords simply by listening to network traffic?

This is not possible 

Netbus 

NTFSDOS

L0phtcrack

SHOW ANSWER

What is the difference between the AES and RSA algorithms?

Both are asymmetric algorithms, but RSA uses 1024-bit keys. 

RSA is asymmetric, which is used to create a public/private key pair; AES is symmetric, which is used to encrypt data. 

Both are symmetric algorithms, but AES uses 256-bit keys. 

AES is asymmetric, which is used to create a public/private key pair; RSA is symmetric, which is used to encrypt data.

SHOW ANSWER

What port number is used by LDAP protocol?

 110 

389 

 464 

445

SHOW ANSWER

Which of the following types of jailbreaking allows user-level access but does not allow iboot-level access?

Bootrom Exploit 

iBoot Exploit 

Sandbox Exploit 

Userland Exploit

SHOW ANSWER

Jack was attempting to fingerprint all machines in the network using the following Nmap syntax: invictus@victim_server:~$ nmap -T4 -0 10.10.0.0/24 TCP/IP fingerprinting (for OS scan) xxxxxxx xxxxxx xxxxxxxxx. QUITTING! Obviously, it is not going through. What is the issue here?

OS Scan requires root privileges 

The nmap syntax is wrong. 

The outgoing TCP/IP fingerprinting is blocked by the host firewall 

This is a common behavior for a corrupted nmap application

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in