100% satisfaction guarantee Immediately available after payment Both online and in PDF No strings attached
logo-home
CEH test bank $24.25   Add to cart

Exam (elaborations)

CEH test bank

 2 views  0 purchase
  • Course
  • Institution

Which protocol and port number might be needed in order to send log messages to a log analysis tool that resides behind a firewall? - ANS UDP 514 The "gray box testing" methodology enforces what kind of restriction - ANS The internal operation of a system is only partly accessible to the tester ...

[Show more]

Preview 4 out of 84  pages

  • February 15, 2024
  • 84
  • 2023/2024
  • Exam (elaborations)
  • Questions & answers
avatar-seller
CEH test bank
Which protocol and port number might be needed in order to send log messages to a log analysis tool
that resides behind a firewall? - ANS UDP 514



The "gray box testing" methodology enforces what kind of restriction - ANS The internal operation of a
system is only partly accessible to the tester



The "black box testing" methodology enforces which kind of restriction - ANS Only the external
operation of a system is accessible to the tester.



Under the "Post-attack Phase and Activities," it is the responsibility of the tester to restore the systems
to a pretest state.

Which of the following activities should not included in this phase?

I. Removing all files uploaded on the system

II. Cleaning all registry entries

III. Mapping of network state

IV. Removing all tools and maintaining backdoor for reporting - ANS III and IV



The "white box testing" methodology enforces what kind of restriction? - ANS The internal operation of
a system is completely known to the tester



A regional bank hires your company to perform a security assessment on their network after a recent
data breach. The attacker was able to steal financial data from the bank by compromising only a single
server.

Based on this information, what should be one of your key recommendations to the bank? - ANS Place a
front-end web server in a demilitarized zone that only handles external web traffic.

,Place a front-end web server in a demilitarized zone that only handles external web traffic. - ANS
Incident Management Process



Nation-state threat actors often discover vulnerabilities and hold on the them until they want to launch
a sophisticated attack. The Sutxnet attack was an unprecedented style of attack because it used four
types of vulnerability.



What is this style of attack called? - ANS zero-day



What is the benefit of performing an unannounced Penetration Testing - ANS The tester will have an
actual security posture visibility of the target network



This international organization regulates billions of transactions daily and provides security guidelines to
protect personally identifiable information (PII). These security controls provide a baseline and prevent
low-level hackers sometimes known as script kiddies from causing a data breach.



Which of the following organizations is being described? - ANS Payment Card Industry (PCI)



Which of the following incident handling process phases is responsible for defining rules, collaborating
human workforce, creating a backup plan, and testing plans for an organization? - ANS Preparation
phase



It is a regulation that has a set of guidelines, which should be adhered to by anyone who handles and
electronic medical data. These guidelines stipulate that all medical practices must ensure that all
necessary measures are in place while saving, accessing, and sharing any electronic medical data to keep
patient data secure.



Which of the following regulations best matches the description? - ANS HIPAA

,A security analyst is performing an audit on the network to determine if there are any deviations from
the security policies in place. The analyst discovers that a user from the IT department had a dial-out
modem installed. Which is security policy it must the security analyst check to see if dial-out modems
are allowed? - ANS Remote access policy



An enterprise recently moved to a new office in the new neighborhood is a little risky. The CEO wants to
monitor the physical perimeter and the entrance doors 24 hours. What is the best option to do this job?
- ANS Install a CCTV with cameras pointing to the entrance doors and the street



Which of the following security policies define the use of VPN for gaining access to an internal corporate
network? - ANS Remote access policy



A newly discovered flaw in a software application would be considered which kind of security
vulnerability? - ANS 0-day vulnerability



It has been reported to you that someone has caused an information spillage on their computer. You go
to the computer, disconnect it from the network, remove the keyboard and mouse, and power it down.
What step in incident handling did you just complete? - ANS Containment



What network security concept requires multiple layers of security controls to be placed through out an
IT infrastructure, which improves the security posture of an organization to defend against malicious
attacks or potential vulnerabilities? - ANS Defense in depth



Which type of security feature stops vehicles from crashing through the doors of a building? - ANS
Bollards



Seth is starting a penetration test from inside the network. He hasn't been given any information about
the network. What type of test is he conducting? - ANS Internal, Blackbox



What is the role of test automation in security testing - ANS It can accelerate benchmark tests and
repeat them with a consistent test setup. But it cannot replace manual testing completely.

, Which of the following is a command line packet analyzer similar to GUI-based Wireshark - ANS
tcpdump



In Risk Management, how is the term "likelihood" related to the concept of "threat - ANS Likelihood is
the probability that a threat-source will exploit a vulnerability



WPA2 uses AES for wireless data encryption at which of the following encryption levels - ANS 128 bit
and CCMP



Which of the following can the administrator do to verify that a tape backup can be recovered in its
entirety? - ANS Perform a full restore



An unauthorized individual enters a building following an employee through the employee entrance
after the

lunch rush. What type of breach has the individual just performed? - ANS Tailgating



You are a security officer of a company. You had an alert from IDS that indicate one PC on your Intranet

connected to a blacklisted IP address(C2 Server) on the Internet. The IP address was blacklisted just
before of

the alert. You are starting investigation to know the severity of situation roughly. Which of the following
is

appropriate to analyze? - ANS Internet Firewall/Proxy log



Code injection is a form of attack in which a malicious user: - ANS Inserts text into a data field that gets
interpreted as code.



In which of the following cryptography attack methods, attacker makes a series of interactive queries,
choosing

The benefits of buying summaries with Stuvia:

Guaranteed quality through customer reviews

Guaranteed quality through customer reviews

Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.

Quick and easy check-out

Quick and easy check-out

You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.

Focus on what matters

Focus on what matters

Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!

Frequently asked questions

What do I get when I buy this document?

You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.

Satisfaction guarantee: how does it work?

Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.

Who am I buying these notes from?

Stuvia is a marketplace, so you are not buying this document from us, but from seller jessyqueen. Stuvia facilitates payment to the seller.

Will I be stuck with a subscription?

No, you only buy these notes for $24.25. You're not tied to anything after your purchase.

Can Stuvia be trusted?

4.6 stars on Google & Trustpilot (+1000 reviews)

62890 documents were sold in the last 30 days

Founded in 2010, the go-to place to buy study notes for 14 years now

Start selling
$24.25
  • (0)
  Add to cart