Exam (elaborations)
CEH EXAM WITH COMPLETE SOLUTIONS LATEST UPDATE
- Course
- Institution
CEH EXAM WITH COMPLETE SOLUTIONS LATEST UPDATE...
[Show more]
Content preview
CEH EXAM WITH COMPLETE SOLUTIONSLATEST UPDATE
C. Promiscuous mode - ANSWER The configuration allows a wired or wireless network
interface
controller to pass all the traffic it receives to the central processing
unit (CPU) instead of passing only the frames the controller is
supposed to receive.
Which of the following does the given statement best describes?
A. WEM
B. Multi-cast mode
C. Promiscuous mode
D. Port forwarding
D. Likelihood is the probability that a threat-source will exploit a vulnerability. - ANSWER
In Risk Management, how does the term "likelihood" relate to the
concept of "threat?"
A. Likelihood is the probability that a vulnerability is a threat-
source.
B. Likelihood is a possible threat-source that may exploit a
vulnerability.
C. Likelihood is the likely source of a threat that could exploit a
vulnerability.
D. Likelihood is the probability that a threat-source will exploit a
vulnerability.
,A. Cross-Site Request Forgery - ANSWER While performing online banking using a web
browser, a user receives
an email that contains a link to an interesting Web site. When the
user clicks on the link, another web browser session starts and
displays a video of cats playing a piano. The next business day, the
user receives an email that appears to be from his bank, informing him that
his bank account has been accessed from a foreign country. The email
requests the user to call his bank and confirm whether a funds transfer
that occurred was authorized.
Which of the following web browser-based security vulnerability was
used to compromise the user?
A. Cross-Site Request Forgery
B. Cross-Site Scripting
C. Web form input validation
D. Clickjacking
C. Validate and escape all information sent over to a server - ANSWER Which of the
following is one of the best ways to avoid Cross-site Scripting (X55) weaknesses in
software applications?
A. Check access right before access is given to protected information and UI
controls
B. Utilize security policies and procedures to define and implement appropriate security
settings
C. Validate and escape all information sent over to a server
D. The authenticity of a server would be ascertained by the use of digital certificates
before sending data
C. The attack tampered with or wiped events within the logs - ANSWER An incident
investigator requests to obtain a copy of the event from all
,firewalls, proxy servers and IDS on the network
of an organization that has been involved in a potential breach of security. When the
investigator tries to correlate the
information in all of the logs the sequence of many of the logged
events do not match up.
What is the most likely cause?
A. The network devices are not all synchronized
B. The security breach was a false positive
C. The attack altered or erased events from the logs.
D. Proper chain of custody was not observed while collecting the logs
D. Aircrack-ng - ANSWER This tool is an 802.11 WEP and WPA-PSK keys cracking
program that can
recover keys once enough data packets have been captured. It
implements the standard FMS attack along with some optimizations
like Korek attacks, as well as the PTW attack thus making the attack much
faster compared to other WEP cracking tools.
Which of the following tools is being described?
A. Wificracker
B. WLAN crack
C. Airguard
D. Aircrack-ng
C. Tcptrace - ANSWER Which one of the following tools is used to analyze the files that
several packet-capture programs such as tcpdump, WinDump, Wireshark,
and EtherPeek have generated?
A. Nessus
, B. Tcptraceroute
C. Tcptrace
D. OpenVAS
D. The syntax of nmap is wrong - ANSWER You have finally compromised a server at a
network and you managed to
open a shell. You wanted to find all running operating systems on the
network. However, as you try to fingerprint all machines in
the machines in the network using the nmap syntax below, it is not going through.
invictus@victim_server:~$nmap T4 O 10.10.0.0/24
TCP/IP fingerprinting (for OS scan) xxxxxxx xxxxxx xxxxxxxxxx.
QUITTING!
What seems to be wrong?
A. The outgoing TCP/IP fingerprinting is blocked by the host firewall.
B. This is a default behavior for a corrupted nmap application.
C. OS Scan requires root privileged.
D. The nmap syntax is wrong.
A. An un-encrypted backup can be misplaced or stolen - ANSWER What is the most
critical risk of backups?
A. An un-encrypted backup can be misplaced or stolen
B. A backup is incomplete because no verification was performed.
C. A backup is the source of Malware or illicit information.
D. A backup is unavailable during disaster recovery.
A. Hosts - ANSWER An attacker has installed a RAT on a host. The attacker wants to
ensure that when a user attempts to go to www.MyPersonalBank.com, that the user
is directed to a phishing site.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Chrisyuis. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $17.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
77858 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now