Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 66

An attacker attaches a rogue router in a network. He wants to redirect traffic to a LAN attached to his router as part of a man-in-the-middle attack. What measure on behalf of the legitimate admin can mitigate this attack?

Only using OSPFv3 will mitigate this risk.

Make sure that legitimate network routers are configured to run routing protocols with authentication.

Redirection of the traffic cannot happen unless the admin allows it explicitly.

Disable all routing protocols and only use static routes

SHOW ANSWER

Why should the security analyst disable/remove unnecessary ISAPI filters?

   To defend against webserver attacks

To defend against social engineering attacks

To defend against wireless attacks

To defend against jailbreaking

SHOW ANSWER

env x=`(){ :;};echo exploit` bash -c ‘cat /etc/passwd’
What is the Shellshock bash vulnerability attempting to do on an vulnerable Linux host?

Display passwd content to prompt

Changes all passwords in passwd

Removes the passwd file

Add new user to the passwd file

SHOW ANSWER

Shellshock had the potential for an unauthorized user to gain access to a server. It affected many internet facing services, which OS did it not directly affect?

Windows

Unix

 Linux

OS X

SHOW ANSWER

What type of OS fingerprinting technique sends specially crafted packets to the remote OS and analyzes the received response?

   Passive

Distributive

Reflective

Active

SHOW ANSWER

What mechanism in Windows prevents a user from accidentally executing a potentially malicious batch (.bat) or PowerShell (.ps1) script?

User Access Control

 Data Execution Prevention

Address Space Layout Randomization

Windows firewall

SHOW ANSWER

A network administrator discovers several unknown files in the root directory of his Linux FTP server. One of the files is a tarball, two are shell script files, and the third is a binary file is named “”nc.”” The FTP server’s access logs show that the anonymous user account logged in to the server, uploaded the files, and extracted the contents of the tarball and ran the script using a function provided by the FTP server’s software. The ps command shows that the nc file is running as process, and the netstat command shows the nc process is listening on a network port.
What kind of vulnerability must be present to make this remote attack possible?

 

File system permissions

Privilege escalation

Brute force login

Directory traversal

SHOW ANSWER

An attacker with access to the inside network of a small company launches a successful STP manipulation attack. What will he do next?

He will create a SPAN entry on the spoofed root bridge and redirect traffic to his computer.

He will repeat the same attack against all L2 switches of the network.

He will activate OSPF on the spoofed root bridge.

He will repeat this action so that it escalates to a DoS attack.

SHOW ANSWER

Which system consists of a publicly available set of databases that contain domain name registration contact information?

 CAPTCHA

 IETF

 WHOIS

IANA

SHOW ANSWER

___________ Is a set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attacks types.

DNSSEC

Resource records

Zone transfer

Resource transfer

SHOW ANSWER

Some clients of TPNQM SA were redirected to a malicious site when they tried to access the TPNQM main site. Bob, a system administrator at TPNQM SA, found that they were victims of DNS Cache Poisoning. What should Bob recommend to deal with such a threat

The use of DNSSEC

Client awareness

The use of double-factor authentication

The use of security agents in clients computers

SHOW ANSWER

A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server.
Based on this information, what should be one of your key recommendations to the bank?

 

 Place a front-end web server in a demilitarized zone that only handles external web traffic

Require all employees to change their anti-virus program with a new one.

Issue new certificates to the web servers from the root certificate authority

Move the financial data to another server on the same IP subnet

SHOW ANSWER

In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?

 

Both pharming and phishing attacks are purely technical and are not considered forms of social engineering

In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name

Both pharming and phishing attacks are identical

In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name

SHOW ANSWER

An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to http://www.MyPersonalBank.com, the user is directed to a phishing site.
Which file does the attacker need to modify

Hosts

Boot.ini

Sudoers

Networks

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in