Q&A

Certified Ethical Hacker v10 – Multiple Choice Questions with Answers – Part 12

QUESTION 254

Which of the following is assured by the use of a hash?

A. Authentication
B. Confidentially
C. Availability
D. Integrity

Correct Answer: D


QUESTION 255

Risks=Threats x Vulnerabilities is referred to as the:

A. BIA equation
B. Disaster recovery formula
C. Risk equation
D. Threat assessment

Correct Answer: C


QUESTION 256

The tools which receive event logs from servers, network equipment, and applications, and perform analysis and correlation on those logs, and can generate alarms for security relevant issues, are known as what?

A. Network Sniffer
B. Vulnerability Scanner
C. Intrusion Prevention Server
D. Security Incident and Event Monitoring

Correct Answer: D


QUESTION 257

You have just been hired to perform a pen test on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities to totally eliminate risk. What is one of the first things you should do when given the job?

A. Establish attribution to suspected attackers
B. Interview all employees in the company to rule out possible insider threats
C. Explain to the CIO that you cannot eliminate all risk, but you will be able to reduce risk to acceptable levels.
D. Start the wireshark application to start sniffing network traffic.

Correct Answer: C


QUESTION 258

The purpose of a _______is to deny network access to local area networks and other information assets by unauthorized wireless devices.

A. Wireless Analyzer
B. Wireless Jammer
C. Wireless Access Point
D. Wireless Access Control List

Correct Answer: D


QUESTION 259

What does the –oX flag do in an Nmap scan?

A. Perform an Xmas scan
B. Perform an eXpress scan
C. Output the results in truncated format to the screen
D. Output the results in XML format to a file

Correct Answer: D


QUESTION 260

During an Xmas scan, what indicates a port is closed?

A. RST
B. SYN
C. ACK
D. No return response

Correct Answer: A


QUESTION 261

While performing online banking using a Web browser, a user receives an email that contains a link to an interesting Web site. When the user clicks on the link, another Web browser session starts and displays a video of cats playing a piano. The next business day, the user receives what looks like an email from his bank, indicating that his bank account has been accessed from a foreign country. The email asks the user to call his bank and verify the authorization of a funds transfer that took place. What Web browser-based security vulnerability was exploited to compromise the user?

A. Clickjacking
B. Cross-Site Scripting
C. Cross-Site Request Forgery
D. Web form input validation

Correct Answer: C


QUESTION 262

Tremp is an IT Security Manager, and he is planning to deploy an IDS in his small company. He is looking for an IDS with the following characteristics: -Verifies success or failure of an attack – Monitors system activities – Detects attacks that a network-based IDS fails to detect. – Near real-time detection and response – Does not require additional hardware – Lower entry cost. Which type of IDS is best suited for Tremp’s requirements?

A. Network-based IDS
B. Open source-based IDS
C. Host-based IDS
D. Gateway-based IDS

Correct Answer: C


QUESTION 263

Which of the following parameters describe LM Hash:
I – The maximum password length is 14 characters
II – There are no distinctions between uppercase and lowercase
III – The password is split into two 7-byte halves

A. II
B. I
C. I, II, and III
D. I and II

Correct Answer: C


QUESTION 264

Which of the following is not a Bluetooth attack?

A. Bluesnarfing
B. Bluedriving
C. Bluesmacking
D. Bluejacking

Correct Answer: B


QUESTION 265

The Open Web Application Security Project (OWASP) is the worldwide not-for-profit charitable organization focused on improving the security of software. What item is the primary concern on OWASP’s Top Ten Project Most Critical Web Application Security Risks?

A. Cross Site Scripting
B. Injection
C. Path disclosure
D. Cross Site Request Forgery

Correct Answer: B


QUESTION 266

A pen-tester is configuring a Windows laptop for a test. In setting up Wireshark, what river and library are required to allow the NIC to work in promiscuous mode?

A. Winprom
B. Libpcap
C. Winpsw
D. Winpcap

Correct Answer: D


QUESTION 267

Analyst is investigating proxy logs and found out that one of the internal user visited website storing suspicious java scripts. After opening one of them, he noticed that it is very hard to understand the code and that all codes differ from the typical java script. What is the name of this technique to hide the code and extend analysis time?

A. Steganography
B. Code encoding
C. Obfuscation
D. Encryption

Correct Answer: C


QUESTION 268

During the security audit of IT processes, an IS auditor found that there were no documented security procedures. What should the IS auditor do?

A. Create a procedures document
B. Terminate the audit
C. Conduct compliance testing
D. Identify and evaluate existing practices

Correct Answer: D


QUESTION 269

You just set up a security system in your network. In what kind of system would you find the following string of characters used as a rule within its configuration? alert tcp any any -> 192.168.100.0/24 21 (msg:““FTP on the network!””;)

A. A firewall IPTable
B. FTP Server rule
C. A Router IPTable
D. An Intrusion Detection System

Correct Answer: D


QUESTION 270

While scanning with Nmap, Patin found several hosts which have the IP ID of incremental sequences. He then decided to conduct: nmap –Pn –p –sl kiosk.adobe.com www.riaa.com kiosk.adobe.com is the host with incremental IP ID sequence. What is the purpose of using “-sl” with Nmap?

A. Conduct stealth scan
B. Conduct ICMP scan
C. Conduct IDLE scan
D. Conduct silent scan

Correct Answer: C


QUESTION 271

What is the process of logging, recording, and resolving events that take place in an organization?

A. Incident Management Process
B. Security Policy
C. Internal Procedure
D. Metrics

Correct Answer: A


QUESTION 272

During a black-box pen test you attempt to pass IRC traffic over port 80/TCP from a compromised web enabled host. The traffic gets blocked; however, outbound HTTP traffic is unimpeded. What type of firewall is inspecting outbound traffic?

A. Circuit
B. Stateful
C. Application
D. Packet Filtering

Correct Answer: C


QUESTION 273

The change of a hard drive failure is once every three years. The cost to buy a new hard drive is $300. It will require 10 hours to restore the OS and software to the new hard disk. It will require a further 4 hours to restore the database from the last backup to the new hard disk. The recovery person earns $10/hour. Calculate the SLE, ARO, and ALE. Assume the EF = 1(100%). What is the closest approximate cost of this replacement and recovery operation per year?

A. $1320
B. $440
C. $100
D. $146

Correct Answer: D


QUESTION 274

Which of the following is an extremely common IDS evasion technique in the web world?

A. Unicode Characters
B. Subnetting
C. Port Knocking
D. Spyware

Correct Answer: A


QUESTION 275

You are attempting to man-in-the-middle a session. Which protocol will allow you to guess a sequence number?

A. ICMP
B. TCP
C. UPX
D. UPD

Correct Answer: B


QUESTION 276

What is a “Collision attack” in cryptography?

A. Collision attacks try to get the public key
B. Collision attacks try to break the hash into three parts to get the plaintext value
C. Collision attacks try to break the hash into two parts, with the same bytes in each part to get the private key
D. Collision attacks try to find two inputs producing the same hash

Correct Answer: D

H4ck0
Step by step hacking tutorials about wireless cracking, kali linux, metasploit, ethical hacking, seo tips and tricks, malware analysis and scanning.
https://www.yeahhub.com/