Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 6

A company recently hired your team of Ethical Hackers to test the security of their network systems. The company wants to have the attack be as realistic as possible. They did not provide any information besides the name of their company. What phase of security testing would your team jump in right away?

Scanning

 Reconnaissance

 Escalation

Enumeration

SHOW ANSWER

You have compromised a server and successfully gained a root access. You want to pivot and pass traffic undetected over the network and evade any possible Intrusion Detection System. What is the best approach?

Install Cryptcat and encrypt outgoing packets from this server. 

Install and use Telnet to encrypt all outgoing traffic from this server

Use Alternate Data Streams to hide the outgoing packets from this server. 

 Use HTTP so that all traffic can be routed via a browser, thus evading the internal Intrusion Detection Systems.

SHOW ANSWER

If you want only to scan fewer ports than the default scan using Nmap tool, which option would you use?

 -sP 

 -P

 -r 

 -F

SHOW ANSWER

The Heartbleed bug was discovered in 2014 and is widely referred to under MITRE's Common Vulnerabilities and Exposures (CVE) as CVE-2014-0160. This bug affects the OpenSSL implementation of the transport layer security (TLS) protocols defined in RFC6520. What type of key does this bug leave exposed to the Internet making exploitation of any compromised system very easy?

Private 

 Public 

Shared 

Root

SHOW ANSWER

Which of the following network attacks relies on sending an abnormally large packet size that exceeds TCP/IP specifications?

Ping of death 

SYN flooding 

 TCP hijacking 

Smurf attack

SHOW ANSWER

Which of the following tools can be used for passive OS fingerprinting?

tcpdump 

nmap 

ping 

 tracert

SHOW ANSWER

Which method can provide a better return on IT security investment and provide a thorough and comprehensive assessment of organizational security covering policy, procedure design, and implementation?

Penetration testing 

Social engineering 

 Vulnerability scanning 

Access control list reviews

SHOW ANSWER

You've gained physical access to a Windows 2008 R2 server which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your tool kit you have an Ubuntu 9.10 Linux LiveCD. Which Linux based tool has the ability to change any user's password or to activate disabled Windows accounts?

CHNTPW

Cain & Abel 

SET 

John the Ripper

SHOW ANSWER

Which protocol and port number might be needed in order to send log messages to a log analysis tool that resides behind a firewall?

UDP 123 

UDP 541

 UDP 514

 UDP 415

SHOW ANSWER

Which of the following tools will scan a network to perform vulnerability checks and compliance auditing?

NMAP 

Metasploit 

 Nessus 

 BeEF 

SHOW ANSWER

Which of the following processes of PKI (Public Key Infrastructure) ensures that a trust relationship exists and that a certificate is still valid for specific operations?

 Certificate issuance 

Certificate validation 

Certificate cryptography

Certificate revocation

SHOW ANSWER

Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers. Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers?

Hardware, Software, and Sniffing. 

Hardware and Software Keyloggers. 

Passwords are always best obtained using Hardware key loggers. 

Software only, they are the most effective.

SHOW ANSWER

The chance of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate the SLE, ARO, and ALE. Assume the EF = 1 (100%). What is the closest approximate cost of this replacement and recovery operation per year?

$146

 $1320

 $440 

$100

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in