Exam (elaborations)
CEH V11 PRACTICE TEST.
- Course
- Institution
CEH V11 PRACTICE TEST.
[Show more]
Seller
Follow
TUTORCARREY
Content preview
CEH V11 PRACTICE TESTD. Digital certificate - correct answer How is the public key distributed in an
orderly, controlled fashion so that the users can be sure
of the sender's identity?
A. Hash value
B. Digital signature
C. Private key
D. Digital certificate
E. All are DDOS tools - correct answer What do Trinoo, TFN2k, WinTrinoo, T-Sight,
and Stracheldraht have in common?
A. All are tools that can be used not only by hackers, but also security personnel
B. All are hacking tools developed by the legion of doom
C. All are tools that are only effective against Windows D. All are tools that are
only effective against Linux
E. All are DDOS tools
B. SOA, NS, A, and MX records - correct answer A zone file consists of which of
the following Resource Records (RRs)?
A. DNS, NS, PTR, and MX records
B. SOA, NS, A, and MX records
C. DNS, NS, AXFR, and MX records
D. SOA, NS, AXFR, and MX records
C. It replaces legitimate programs - correct answer Which of the following is the
primary objective of a rootkit?
,A. It creates a buffer overflow
B. It provides an undocumented opening in a program
C. It replaces legitimate programs
D. It opens a port to provide an unauthorized service
D. Email Spoofing - correct answer CompanyXYZ has asked you to assess the
security of their perimeter email gateway. From your office in New York, you craft
a specially formatted email message and send it across the Internet to an
employee of CompanyXYZ. The employee of CompanyXYZ is aware of your test.
Your email message looks like this:
From: jim_miller@companyxyz.com
To: michelle_saunders@companyxyz.com Subject: Test message
Date: 4/3/2017 14:37
The employee of CompanyXYZ receives your email message. This proves that
CompanyXYZ's email gateway doesn't prevent what?
A. Email Harvesting
B. Email Masquerading
C. Email Phishing
D. Email Spoofing
C. You attempt every single possibility until you exhaust all possible
combinations or discover the password - correct answer When discussing
passwords, what is considered a brute force attack?
A. You wait until the password expires
, B. You create hashes of a large number of words and compare it with the
encrypted passwords
C. You attempt every single possibility until you exhaust all possible
combinations or discover the password
D. You load a dictionary of words into your cracking program
E. You threaten to use the rubber hose on someone unless they reveal their
password
D. Try to hang around the local pubs or restaurants near the bank, get talking to a
poorly-paid or disgruntled employee, and offer them money if they'll abuse their
access privileges by providing you with sensitive information - correct answer
You are trying to break into a highly classified top-secret mainframe computer
with highest security system in place at Merclyn Barley Bank located in Los
Angeles. You know that conventional hacking doesn't work in this case, because
organizations such as banks are generally tight and secure when it comes to
protecting their systems. In other words, you are trying to penetrate an otherwise
impenetrable system.How would you proceed?
A. Launch DDOS attacks against Merclyn Barley Bank's routers and firewall
systems using 100, 000 or more "zombies" and "bots"
B. Look for "zero-day" exploits at various underground hacker websites in Russia
and China and buy the necessary exploits from these hackers and target the
bank's network
C. Try to conduct Man-in-the-Middle (MiTM) attack and divert the network traffic
going to the Merclyn Barley Bank's Webserver to that of your machine using DNS
Cache Poisoning techniques
D. Try to hang around the local pubs or restaurants near the bank, get talking to a
poorly-paid or disgruntled employee, and offer them money if they'll abuse their
access privileges by providing you with sensitive information
C. Cross-site-scripting attack - correct answer This is an attack that takes
advantage of a web site vulnerability in which the site displays content that
includes un-sanitized user-provided data. What is this attack?
A. URL Traversal attack
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller TUTORCARREY. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $9.49. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
78998 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now