100% tevredenheidsgarantie Direct beschikbaar na je betaling Lees online óf als PDF Geen vaste maandelijkse kosten
logo-home
Eerder door jou gezocht
Eerder door jou gezocht
logo
CEH Exam Prep 3 Questions with Correct Answers €13,19
In winkelwagen
Snel navigeren naar
Voorbeeld
  2.  
  3. CEH
  4.  
  5. CEH

Tentamen (uitwerkingen)

CEH Exam Prep 3 Questions with Correct Answers
 0 keer verkocht
  • Vak
  • CEH
  • Instelling
  • CEH

CEH Exam Prep 3 Questions with Correct Answers Excessive RST packets or ICMP type-3 response packets in Wireshark indicate a - Answer-TCP half open/stealth scan attempt on the network. Check for SYN+ACK, RST, and RST+ACK packets or ICMP type 3 packets/ 3way handshake - Answer-Full TCP Connect S...

[Meer zien]

Voorbeeld 2 van de 11  pagina's

Document informatie

  • 12 augustus 2024
  • 11
  • 2024/2025
  • Tentamen (uitwerkingen)
  • Vragen en antwoorden

Onderwerpen

  • ceh
  • ceh exam prep 3
  • ceh exam prep 3 questions with correct answers

Geschreven voor

  • CEH
  • CEH

Verkoper

avatar-seller
Scholarsstudyguide

Ontvangen beoordelingen

Voorbeeld van de inhoud

CEH Exam Prep 3 Questions with
Correct Answers
Excessive RST packets or ICMP type-3 response packets in Wireshark indicate a -
Answer-TCP half open/stealth scan attempt on the network.

Check for SYN+ACK, RST, and RST+ACK packets or ICMP type 3 packets/ 3way
handshake - Answer-Full TCP Connect Scan

g filter to view the packets moving without a flag set/ NULL - Answer-TCP.flags==0x000

an attacker sends a TCP packet without setting a flag on it If they receive an RST
packet in response, then the port is closed. If there is no response, then the port is open
or filtered - Answer-NULL Port Scan

Use the filter _________ to detect a SYN/FIN attack. - Answer-tcp.flags==0x003

filter to view packets with an ICMP Type-3 Code-3 port to detect a UDP scan attempt -
Answer-icmp.type==3 and icmp.code==3

Use _____ to filter FTP requests Use ______ to verify the success of a password
cracking attempt - Answer-ftp.request.command
ftp.response.code==230

Sniffing performed over a switched network is called ______
In this type of sniffing, the attacker injects packets into the network traffic to gain
information from the switch, which maintains its own ARP cache known as content
addressable memory (CAM). - Answer-Active sniffing

Sniffing performed on the hub is called _____
Since a hub broadcasts all packets, an attacker only has to initiate a session and wait
for someone else to send packets on the same collision domain. - Answer-Passive

The signs of a MAC flooding (AKA Malformed) are detected by analyzing the - Answer-
source IP, destination IP, and TTL values
Check whether the traffic originates from various IP addresses and is directed to the
same destination IP address with the same TTL values

the attacker's MAC address is associated with the IP address of the target host or a
number of hosts in the target network Check for "duplicate IP address configured"
messages in the Warnings tab in Wireshark To locate duplicate IP address traffic, use
the following filter: arp.duplicate-address-detected - Answer-ARP Poisoning attack

, OR, --, ', and = - Answer-SQL injection

concentrates on identifying and responding to security-related activities such as threats,
viruses, malware, data loss, etc. It records logs about user login, unauthorized access
to resources, etc. - Answer-Security logging

concentrates on system-processing activities. It informs the network defender regarding
failures and potentially actionable conditions. It also facilitates service provisioning and
financial decisions - Answer-Operational logging

part of security logging because regulations are developed to enhance the security of
systems and data - Answer-Compliance logging

beneficial to application/system developers, not system administrators. It concentrates
on recording debugging logs, which are analyzed by the application developer to detect
issues. This type of logging can be disabled and enabled in a production system based
on circumstantial requirements. - Answer-Application debug loggingApplication debug
logging


This standard corresponds to WLANs and uses FHSS or DSSS as the frequency
hopping spectrum. It allows an electronic device to connect to the internet using a
wireless connection that is established in any network. - Answer-802.11 (wifi)

This standard is the second extension to the original 802.11 standard. It operates in the
5 GHz frequency band and supports a bandwidth of up to 54 Mbps by using OFDM. It
has a fast maximum speed, but is more sensitive to walls and other obstacles - Answer-
802.11a

IEEE expanded the 802.11 standard by creating the 802.11b specifications in 1999.
This standard operates in the 2.4 GHz industrial, scientific and medical (ISM) radio band
and supports a bandwidth of up to 11 Mbps by using DSSS modulation - Answer-
802.11b

This standard is an enhanced version of the 802.11a and 802.11b standards. It
supports the regulatory domains. The particulars of this standard can be set at the
media access control (MAC) layer. - Answer-802.11d

This standard defines the quality of service (QoS) for wireless applications. The
enhanced service is modified using the MAC layer. This standard maintains the quality
of video and audio streaming, real-time online applications, voice over internet protocol
(VoIP), etc. - Answer-802.11e

This standard is an extension of the 802.11 standard. It supports a maximum bandwidth
of 54 Mbps using the OFDM technology and uses the same 2.4 GHz band as 802.11b.

Dit zijn jouw voordelen als je samenvattingen koopt bij Stuvia:

Bewezen kwaliteit door reviews

Bewezen kwaliteit door reviews

Studenten hebben al meer dan 850.000 samenvattingen beoordeeld. Zo weet jij zeker dat je de beste keuze maakt!

In een paar klikken geregeld

In een paar klikken geregeld

Geen gedoe — betaal gewoon eenmalig met iDeal, Bancontact of creditcard en je bent klaar. Geen abonnement nodig.

Focus op de essentie

Focus op de essentie

Studenten maken samenvattingen voor studenten. Dat betekent: actuele inhoud waar jij écht wat aan hebt. Geen overbodige details!

Veelgestelde vragen

Wat krijg ik als ik dit document koop?

Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.

Tevredenheidsgarantie: hoe werkt dat?

Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.

Van wie koop ik deze samenvatting?

Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper Scholarsstudyguide. Stuvia faciliteert de betaling aan de verkoper.

Zit ik meteen vast aan een abonnement?

Nee, je koopt alleen deze samenvatting voor €13,19. Je zit daarna nergens aan vast.

Is Stuvia te vertrouwen?

4,6 sterren op Google & Trustpilot (+1000 reviews)

Afgelopen 30 dagen zijn er 64670 samenvattingen verkocht

Opgericht in 2010, al 15 jaar dé plek om samenvattingen te kopen

Start met verkopen

Laatst bekeken door jou

Tentamen (uitwerkingen) ·

(0)

2020 HESI EXIT V2 EXAM QUESTION AND ANSWERS GRADED A

Tentamen (uitwerkingen) ·

(0)

EMT Airway Test Exam Questions with Complete Answers

Voordeelbundel ·

(0)

Bio 2170 Compilled Exams Package Deal Bundle !!

Voordeelbundel ·

(0)

EU Law II. Substantive Law of the EU (European Union)

Tentamen (uitwerkingen) ·

(1)

KPEERI Exam Study Guide 2023/2024 Latest Update

Tentamen (uitwerkingen) ·

(0)

AUI2601 Assignment 3 Semester 1 - Due 1 May 2024

Tentamen (uitwerkingen) ·

(0)

NURS 6630 Final Exam 5 - ALL the Questions and Answers

Tentamen (uitwerkingen) ·

(0)

Biochemistry ACS Exam Questions and Answers - Graded A

Samenvatting ·

(0)

Wirtschaftskreislauf und Wirtschaftsleistungen

€13,19
  • (0)
In winkelwagen
Toegevoegd