Call
whatsapp
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
9447387064 | 9847003556
0471-2335855 | 8089080088 | 0471-2334855
Cisco Training in Trivandrum, Trinity Technologies

No.1 Training Institute in Kerala

CEH QUESTIONS : PART 70

It is a regulation that has a set of guidelines, which should be adhered to by anyone who handles any electronic medical data. These guidelines stipulate that all medical practices must ensure that all necessary measures are in place while saving, accessing, and sharing any electronic medical data to keep patient data secure.
 Which of the following regulations best matches the description?

 

COBIT

FISMA

ISO/IEC 27002

HIPAA SHOW ANSWER

What is not a PCI compliance recommendation?

Limit access to card holder data to as few individuals as possible.

Use encryption to protect all transmission of card holder data over any public network.

Rotate employees handling credit card transactions on a yearly basis to different departments.

Use a firewall between the public network and the payment card data.

SHOW ANSWER

By using a smart card and pin, you are using a two-factor authentication that satisfies

Something you know and something you are

Something you have and something you know

Something you have and something you are

Something you are and something you remember

SHOW ANSWER

Bob learned that his username and password for a popular game has been compromised. He contacts the company and resets all the information. The company suggests he use two-factor authentication, which option below offers that?

A new username and password

Disable his username and use just a fingerprint scanner.

His username and a stronger password

A fingerprint scanner and his username and password SHOW ANSWER

Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?

A biometric system that bases authentication decisions on behavioral attributes.

 A biometric system that bases authentication decisions on physical attributes.

An authentication system that creates one-time passwords that are encrypted with secret keys.

An authentication system that uses passphrases that are converted into virtual passwords.

SHOW ANSWER

Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?

 

Role Based Access Control (RBAC)

Discretionary Access Control (DAC)

Windows authentication

Single sign-on SHOW ANSWER

When purchasing a biometric system, one of the considerations that should be reviewed is the processing speed. Which of the following best describes what it is meant by processing?

 

The amount of time it takes to convert biometric data into a template on a smart card.

The amount of time and resources that are necessary to maintain a biometric system.

The amount of time it takes to be either accepted or rejected form when an individual provides Identification and authentication information.

How long it takes to setup individual user accounts.

SHOW ANSWER

A large mobile telephony and data network operator has a data that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems. What is the best security policy concerning this setup?

    Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.

As long as the physical access to the network elements is restricted, there is no need for additional measures.

There is no need for specific security measures on the network elements as long as firewalls and IPSsystems exist.

The operator knows that attacks and down time are inevitable and should have a backup site.

SHOW ANSWER

Which results will be returned with the following Google search query? site:target.com -site:Marketing.target.com accounting

Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting

Results for matches on target.com and Marketing.target.com that include the word “accounting”

Results matching “accounting” in domain target.com but not on the site Marketing.target.com

 Results matching all words in the query

SHOW ANSWER

Which one of the following Google advanced search operators allows an attacker to restrict the results to those websites in the given domain

[site:]

[cache:]

[link:]

[inurl:]

SHOW ANSWER

In which phase of the ethical hacking process can Google hacking be employed?

Maintaining Access

 Gaining Access

Reconnaissance

Scanning and Enumeration

SHOW ANSWER

Scenario: 1. Victim opens the attacker’s web site.
2. Attacker sets up a web site which contains interesting and attractive content like ‘Do you want to make $1000 in a day?’.
3. Victim clicks to the interesting and attractive content url.
4. Attacker creates a transparent ‘iframe’ in front of the url which victim attempt to click, so victim thinks that he/she clicks to the ‘Do you want to make $1000 in a day?’ url but actually he/she clicks to the content or url that exists in the transparent ‘iframe’ which is setup by the attacker. What is the name of the attack which is mentioned in the scenario?

 

HTTP Parameter Pollution 

HTML Injection 

Session Fixation 

ClickJacking Attack SHOW ANSWER

Jimmy is standing outside a secure entrance to a facility. He is pretending to have a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it begins to close. What just happened?

 

Masquerading

Whaling

Phishing

Tailgating SHOW ANSWER

It has been reported to you that someone has caused an information spillage on their computer. You go to the computer, disconnect it from the network, remove the keyboard and mouse, and power it down. What step in incident handling did you just complete?

 Containment 

Eradication

 Recovery 

Discovery

SHOW ANSWER
BACK | NEXT
TRINITY SOFTWARE SOLUTIONS,IInd floor, Radheyam Towers, Gandhari Amman Kovil Road, Pulimood, Trivandrum - 1
0471-2334855 | 2335855 | 9447387064 | 9847003556 info@trinitytechnology.in