Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 7

What type of vulnerability/attack is it when the malicious person forces the user's browser to send an authenticated request to a server?

 Cross-site request forgery 

 Cross-site scripting 

Session hijacking

Server side request forgery

SHOW ANSWER

Websites and web portals that provide web services commonly use the Simple Object Access Protocol SOAP. Which of the following is an incorrect definition or characteristics in the protocol?

Based on XML 

 Provides a structured model for messaging 

Exchanges data between web services

 Only compatible with the application protocol HTTP

SHOW ANSWER

Sophia travels a lot and worries that her laptop containing confidential documents might be  stolen. What is the best protection that will work for her?

Password protected files 

Hidden folders 

 BIOS password 

Full disk encryption.

SHOW ANSWER

Which of the following describes the characteristics of a Boot Sector Virus?

           Moves the MBR to another location on the hard disk and copies itself to the original location of  the MBR

Moves the MBR to another location on the RAM and copies itself to the original location of the MBR

Modifies directory table entries so that directory entries point to the virus code instead of the actual program

Overwrites the original MBR and only executes the new virus code

SHOW ANSWER

Which Open Web Application Security Project (OWASP) implements a web application full of known vulnerabilities?

WebBugs 

 WebGoat 

VULN_HTML 

WebScarab

SHOW ANSWER

Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.

 SQL injection attack 

Cross-Site Scripting (XSS)

 LDAP Injection attack 

Cross-Site Request Forgery (CSRF)

SHOW ANSWER

You have successfully gained access to a linux server and would like to ensure that the succeeding outgoing traffic from this server will not be caught by a Network Based Intrusion Detection Systems (NIDS). What is the best way to evade the NIDS?

Encryption 

Protocol Isolation 

Alternate Data Streams 

 Out of band signalling

SHOW ANSWER

What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

All are hacking tools developed by the legion of doom 

 All are tools that can be used not only by hackers, but also security personnel 

 All are DDOS tools 

 All are tools that are only effective against Windows

 All are tools that are only effective against Linux

SHOW ANSWER

The purpose of a __________ is to deny network access to local area networks and other information assets by unauthorized wireless devices.

Wireless Intrusion Prevention System 

 Wireless Access Point 

 Wireless Access Control List 

 Wireless Analyzer

SHOW ANSWER

An attacker with access to the inside network of a small company launches a successful STP manipulation attack. What will he do next?

 He will create a SPAN entry on the spoofed root bridge and redirect traffic to his computer. 

He will activate OSPF on the spoofed root bridge. 

He will repeat the same attack against all L2 switches of the network. 

 He will repeat this action so that it escalates to a DoS attack.

SHOW ANSWER

Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct bit size of the Diffie-Hellman (DH) group 5?

 768 bit key 

 1025 bit key

1536 bit key

2048 bit key

SHOW ANSWER

Which among the following is a Windows command that a hacker can use to list all the shares to which the current user context has access?

NET FILE 

 NET USE 

 NET CONFIG 

 NET VIEW

SHOW ANSWER

If executives are found liable for not properly protecting their company's assets and information systems, what type of law would apply in this situation?

 Civil 

International 

Criminal

Common

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in