100% tevredenheidsgarantie Direct beschikbaar na betaling Zowel online als in PDF Je zit nergens aan vast
logo-home
CEH Master 2022 EXAM QUESTIONS AND ANSWERS| GRADED A+ €13,75   In winkelwagen

Tentamen (uitwerkingen)

CEH Master 2022 EXAM QUESTIONS AND ANSWERS| GRADED A+

 23 keer bekeken  0 keer verkocht
  • Vak
  • Instelling

CEH Master 2022 EXAM QUESTIONS AND ANSWERS| GRADED A+CEH Master 2022 EXAM ISO 27001 Correct Answer: Considered the Governance standard, based on BS 7799. Defines a standard for creating an IS Management System. Focuses on Security Governance. ISO 27002 Correct Answer: Considered the secu...

[Meer zien]

Voorbeeld 4 van de 50  pagina's

  • 14 juli 2022
  • 50
  • 2021/2022
  • Tentamen (uitwerkingen)
  • Vragen en antwoorden
avatar-seller
CEH Master 2022 EXAM
ISO 27001 Correct Answer: Considered the Governance standard, based on BS 7799. Defines a standard
for creating an IS Management System.

Focuses on Security Governance.

ISO 27002 Correct Answer: Considered the security controls standard, based on BS 7799. Recommends
security controls based on industry best practices

Focuses on Security Objectives

Cain & Able can do....? Correct Answer: record and extract VOIP conversations
Capture/decrypt RDP traffic
Collect and prepare server certs for MITM attacks
Perform ARP poisoning
start/stop/pause/continue remote windows services
detect 802.11 WLANs
reveal passwords in text boxes
enumerate netwoks and extract SIDs

Retinal Scan Correct Answer: Most likely to reveal private health info about a user and considered to be
invasive

Windows XP and 7 respond to pings sent to network or broadcast addresses by default? Correct Answer:
NO.

Windows "NET" command can do...? Correct Answer: manage services
manage user accounts
connect to a remote resource
manage a printer que
manage a shared resource

Metamorphic virus Correct Answer: Rewrites itself every time they infect a new file

Microsoft Secure Development Lifecycle Correct Answer: 1. Training
2. Requirements
3. Design
4. Implementation
5. Verification
6. Release
7. Response

HTTP PUT method should be considered a RISK Correct Answer: Allows clients to update files on a
webserver

,Worms and BOTs can propagate without human interaction Correct Answer:

What tool do you use to perform Blackjacking? Correct Answer: BBProxy

Known plaintext attack Correct Answer: Attack has both plaintext and cipher text

COBIT (Control Objects for Information Related Technology) Correct Answer: Four domains:
-Planning and Organization
-Acquisition and implementation
-Delivery and support
-Monitoring and Evaluation

ITIL Correct Answer: Developed by CCTA for UK Gov
ITIL Standardizes IT management procedures
Five main categories
-Service strategy
-Service design
-Service transition
-Service operation
-Continual service improvement

Windows NT 4.0 SP4 uses _____ for hashing Correct Answer: MD5

Kismet Correct Answer: Runs on Linux and OS X
Supports monitor mode and 802.11n
Can be used as an IDS

NetSumbler Correct Answer: Can only be installed on windows
Does not detect 802.11n
detects 802.11a,b,g
does not support monitor mode

ARP spoofing takes advantage of _________ relationship Correct Answer: TRUST

SC Query only shows ________ services on a windows machine Correct Answer: ACTIVE

802.1X uses ____________ to establish port-based network access control Correct Answer: EAP
(Extensible Authentication Protocol)

Directive security control Correct Answer: AKA procedural controls
used to define appropriate use & behavoir

Deterrent security control Correct Answer: Used to dissuade or deter attacks

Preventative security control Correct Answer: Used to stop attacks by preventing users from performing
specific actions

,Compensating security control Correct Answer: Used to supplement directive controls

Detective security control Correct Answer: Used to monitor and/or send alerts about activity

Corrective Correct Answer: Used to repair damage caused by malicious events

Recovery Correct Answer: Used to restore system to a normal state after attack

Application firewalls (what layer?) Correct Answer: Operate at layer 7

Circuit firewalls (what layer?) Correct Answer: Operate at layer 5

Packet filter firewall (what layer?) Correct Answer: Operate at layer 3

Stateful multilayer firewall Correct Answer: Combine quality of all other firewalls
Operate at multiple layers

Hinfo shows what? (DNS record) Correct Answer: CPU type
OS Type

OSSTMM defines three types of compliance.... Correct Answer: Legislative (SOX, HIPPA)
Contractual (PCI)
Standards-based (ITIL, ISO, OSSTM)

WPA uses _________ to ensure integrity & protect against MITM attacks? Correct Answer: MIC
(Message Integrity Checks)

Metagoofil switches Correct Answer: -f writes all links to a date-time stamped file
-t recognizes all which will search all 17576 three letter file extensions
-e allows you to specify time delay between searches
-r specifies the number of threads to use when downloading files

PCI DSS Requirement 11 requires an organization does? Correct Answer: "Regularly test systems and
processes" aka perform vulnerability assessments

WPA2 uses _______ cipher instead of ________ cipher. Correct Answer: Uses block cipher instead of
stream cipher

What is libwhisker? Correct Answer: Pearl module that supports IDS evasion
Nikto uses libwhisker

OWASP 2013 Top 6 Correct Answer: 1. Injections
2. Broken Auth
3. XSS
4. Insecure Direct Object References
5. Security misconfig
6. Sensitive Data Exposure

, ESP is used with what? Correct Answer: IPSec uses ESP during tunneling mode; it encrypts the entire
packet; aka TUNNEL MODE

IPSec Transport mode is used for host-to-host (typically within the same LAN), only IP payload is
encrypted with this IPSec implementation

What methods does NMAP scrip "http-methods" consider to be risky? Correct Answer: CONNECT (may
allow attacker to use server as a proxy)
DELETE (allows attacker to delete files from server)
PUT (allows attacker to upload to the server)
TRACE (could allow XSS)

Only OPTIONS is not considered risky.

NMAP range scanning Correct Answer: you can use "-" to denote ranges to scan:
Example: nmap 10.-2.9.-

This will scan 10.0.9.0/24, 10.1.9.0/24 & 10.2.9.0/24

Human-based Social Engineering attacks Correct Answer: Shoulder Surfing
Tailgaiting
Dumpster diving

Pcap Correct Answer: Used by Nmap Snort and TCPDump
Libpcap is a version of pcap, written in c/c++

What layer do stateful firewalls operate at? Correct Answer: The transport layer

What layer do packet filtering firewall operate at? Correct Answer: The network layer

GLBA does what? Correct Answer: Protects the confidentiality and integrity of personal info that is
collected by financial institutions.

TCSEC does what? Correct Answer: Provides guidance on evaluating the effectiveness of computer
security controls.

TNIEG (Turst Network Interpretation Environments Guideline) Correct Answer: Provides guidance on
minimum security protection required in different network environments

TCSEC (Trusted Computer System Evaluation Criteria) Correct Answer: Provide guidance on computer
system security
AKA the orange book, created by the DoD in the 80s

AAA Protocols Correct Answer: TACACS (the oldest)
Diameter (the newest)
RADIUS (IETF standard, less flexible than diameter)
TACACS+ (replaced TACACS)

Voordelen van het kopen van samenvattingen bij Stuvia op een rij:

Verzekerd van kwaliteit door reviews

Verzekerd van kwaliteit door reviews

Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!

Snel en makkelijk kopen

Snel en makkelijk kopen

Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.

Focus op de essentie

Focus op de essentie

Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!

Veelgestelde vragen

Wat krijg ik als ik dit document koop?

Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.

Tevredenheidsgarantie: hoe werkt dat?

Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.

Van wie koop ik deze samenvatting?

Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper Classroom. Stuvia faciliteert de betaling aan de verkoper.

Zit ik meteen vast aan een abonnement?

Nee, je koopt alleen deze samenvatting voor €13,75. Je zit daarna nergens aan vast.

Is Stuvia te vertrouwen?

4,6 sterren op Google & Trustpilot (+1000 reviews)

Afgelopen 30 dagen zijn er 67866 samenvattingen verkocht

Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen

Start met verkopen
€13,75
  • (0)
  Kopen