100% tevredenheidsgarantie Direct beschikbaar na betaling Zowel online als in PDF Je zit nergens aan vast
logo-home
CEH v11 - ITS478 Exam | Questions And Answers Latest {} A+ Graded | 100% Verified €12,96   In winkelwagen

Tentamen (uitwerkingen)

CEH v11 - ITS478 Exam | Questions And Answers Latest {} A+ Graded | 100% Verified

 5 keer bekeken  0 keer verkocht
  • Vak
  • Top Academic Resources 2024/2025
  • Instelling
  • Top Academic Resources 2024/2025

CEH v11 - ITS478 Exam | Questions And Answers Latest {} A+ Graded | 100% Verified

Voorbeeld 4 van de 160  pagina's

  • 20 augustus 2024
  • 160
  • 2024/2025
  • Tentamen (uitwerkingen)
  • Vragen en antwoorden
  • Top Academic Resources 2024/2025
  • Top Academic Resources 2024/2025
avatar-seller
CEH v11 - ITS478 Exam | Questions And Answers Latest {2024- 2025} A+ Graded | 100%
Verified


1.) While performing online banking using a Web browser, a user receives an email that contains a link
to an interesting Web site. When the user clicks on the link, another Web browser session starts and
displays a video of cats playing a piano. The next business day, the user receives what looks like an email
from his bank, indicating that his bank account has been accessed from a foreign country. The email asks
the user to call his bank and verify the authorization of a funds

transfer that took place. What Web browser-based security vulnerability was exploited to compromise
the user?

A. Clickjacking

B. Cross-Site Scripting

C. Cross-Site Request Forgery

D. Web form input validation - Correct Answer: C



Cross-Site Request Forgery, aka a one-click attack or session riding, is an attack in which the attacker
exploits victim's active session with a trusted site to perform malicious activities such as item purchases
and the modification or retrieval of account information. In CSRF web attacks, the attacker creates a
host form, containing malicious information, and sends it to the authorized user. The user fills in the
form and sends it to the web server. Because the data originates from a trusted user, the web server
accepts the data.

- Clickjacking attack is performed when the target website is loaded into an iframe element that is
masked with a web page element that appears legitimate. The attacker performs this attack by tricking
the victim into clicking on any malicious webpage element that is placed transparently on the top of any
trusted web page.

- Cross-site scripting (XSS) enables malicious attackers to inject client-side script into webpages viewed
by other users. Attack occurs when invalidated input data is included in dynamic content that is sent to a
user's web browser for rendering. Attackers inject malicious JavaScript, VBScript, ActiveX, HTML or Flash
for execution on a victim's system by hiding it within legitimate requests.



2.) Which service in a PKI will vouch for the identity of an individual or company?

A. KOC

B. CR

C. CBC

D. CA - Correct Answer: D

,PKI: Public Key Infrastructure, a security architecture developed to increase the confidentiality of
information exchanged over the insecure Internet. It includes hardware, software, people, policies and
procedure required to create, distribute, use, store, and revoke digital certificates.

In cryptography, the PKI helps to bind public keys with corresponding user identities by means of a
certification authority (CA).



3.) Identify the web application attack where the attackers exploit vulnerabilities in dynamically
generated web pages to inject client-side script into web pages viewed by other users.

A. LDAP Injection attack

B. Cross-Site Scripting (XSS)

C. SQL injection attack

D. Cross-Site Request Forgery (CSRF) - Correct Answer: B

Cross-site scripting (XSS) enables malicious attackers to inject client-side script into web pages viewed by
other users. Attack occurs when invalidated input data is included in dynamic content that is sent to a
user's web browser for rendering. Attackers inject malicious JavaScript, VBScript, ActiveX, HTML or Flash
for execution on a victim's system by hiding it within legitimate requests.



Cross-Site Request Forgery, aka a one-click attack or session riding, is an attack in which the attacker
exploits victim's active session with a trusted site to perform malicious activities such as item purchases
and the modification or retrieval of account information. In CSRF web attacks, the attacker creates a
host form, containing malicious information, and sends it to the authorized user. The user fills in the
form and sends it to the web server. Because the data originates from a trusted user, the web server
accepts the data.



XSS attack exploits the trust a user has for a particular website.

CSRF exploits the trust that a website has on a user's browser.



An LDAP attack exploits user parameters to generate an LDAP query. It runs on an internet transport
protocol such as TCP, and it is an open-standard protocol for manipulating and querying Directory
Services. It is used to take advantage of non-validated web application input vulnerabilities to pass LDAP
filters used for searching Directory Services to obtain direct access to databases behind an LDAP tree.



4.) User A is writing a sensitive email message to user B outside the local network. User A has chosen to
use PKI to secure his message and ensure only user B can read the sensitive email. At what layer of the
OSI layer does the encryption and decryption of the message take place?

,A. Application --> Layer we see SMTP, HTTP, FTP, DNS, POP3

B. Transport --> "Post Office" layer, parcels and letters; TCP, UDP

C. Session --> Communication management between devices; NetBIOS, SAP

D. Presentation --> Character encoding, application encryption; MPEG, SSL, TLS; Application, encryption -
Correct Answer: D



5.) A new wireless client is configured to join a 802.11 network. This client uses the same hardware and
software as many of the other clients on the network. The client can see the network, but cannot
connect. A wireless packet sniffer shows that the Wireless Access Point (WAP) is not responding to the
association requests being sent by the wireless client. What is a possible source of this problem?

A. The WAP does not recognize the client's MAC address Access control

B. The client cannot see the SSID of the wireless network

C. Client is configured for the wrong channel

D. The wireless client is not configured to use DHCP - Correct Answer: A



6.) If you want to only scan fewer ports than the default scan using Nmap tool, which option would you
use?

A. -r Sequential port scan

B. -F Fast port scan for speed up

C. -P port scan (?)

D. -sP perform a ping scan only - Correct Answer: B



7.) Which of the following is the structure designed to verify and authenticate the identity of individuals
within the enterprise taking part in a data exchange?

A. SOA

B. biometrics

C. single sign on

D.PKI - Correct Answer: D



8.) You are tasked to perform a penetration test. While you are performing information gathering, you
find an employee list in Google. You find the receptionist's email, and you send her an email changing
the source email to her boss's email (boss@company). In this email, you ask for a pdf with information.

, She reads your email and sends back a pdf with links. You exchange the pdf links with your malicious
links (these links contain malware) and send back the modified pdf, saying that the links don't work. She
reads your email, opens the links, and her machine gets infected. You now have access to the company
network. What testing method did you use?

A. Social engineering

B. Piggybacking

C. Tailgating

D. Eavesdropping - Correct Answer: A



9.) If a tester is attempting to ping a target that exists but receives no response or a response that states
the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other
option could the tester use to get a response from a host using TCP?

A. Traceroute

B. Hping

C. TCP ping

D. Broadcast ping - Correct Answer: B

Hping2/Hping3 is a command-line-oriented network scanning and packet crafting tool for the TCP/IP
protocol that sends ICMP echo requests and supports TCP, UDP, ICMP and raw-IP protocols. It performs
network security auditing, firewall testing, manual path MTU discovery, advanced traceroute, remote OS
fingerprinting. It can send custom TCP/IP packets and display target replies similarly to a ping program
with ICMP replies.

- Traceroute : uses the ICMP protocol concept and Time to Live (TTL) field of the IP header to find the
path of the target host in the network.



10.) Which is the first step followed by Vulnerability Scanners for scanning a network?

A. OS Detection

B. Firewall detection

C. TCP/UDP Port scanning

D. Checking if the remote host is alive - Correct Answer: D

Some objectives for scanning a network:

- Discover the network's live hosts, IP addresses, and open ports of the live hosts. Using the open ports,
the attacker will determine the best means of entering into the system.

- Discover the OS and system architecture of the target, aka fingerprinting.

Voordelen van het kopen van samenvattingen bij Stuvia op een rij:

Verzekerd van kwaliteit door reviews

Verzekerd van kwaliteit door reviews

Stuvia-klanten hebben meer dan 700.000 samenvattingen beoordeeld. Zo weet je zeker dat je de beste documenten koopt!

Snel en makkelijk kopen

Snel en makkelijk kopen

Je betaalt supersnel en eenmalig met iDeal, creditcard of Stuvia-tegoed voor de samenvatting. Zonder lidmaatschap.

Focus op de essentie

Focus op de essentie

Samenvattingen worden geschreven voor en door anderen. Daarom zijn de samenvattingen altijd betrouwbaar en actueel. Zo kom je snel tot de kern!

Veelgestelde vragen

Wat krijg ik als ik dit document koop?

Je krijgt een PDF, die direct beschikbaar is na je aankoop. Het gekochte document is altijd, overal en oneindig toegankelijk via je profiel.

Tevredenheidsgarantie: hoe werkt dat?

Onze tevredenheidsgarantie zorgt ervoor dat je altijd een studiedocument vindt dat goed bij je past. Je vult een formulier in en onze klantenservice regelt de rest.

Van wie koop ik deze samenvatting?

Stuvia is een marktplaats, je koop dit document dus niet van ons, maar van verkoper oneclass. Stuvia faciliteert de betaling aan de verkoper.

Zit ik meteen vast aan een abonnement?

Nee, je koopt alleen deze samenvatting voor €12,96. Je zit daarna nergens aan vast.

Is Stuvia te vertrouwen?

4,6 sterren op Google & Trustpilot (+1000 reviews)

Afgelopen 30 dagen zijn er 79271 samenvattingen verkocht

Opgericht in 2010, al 14 jaar dé plek om samenvattingen te kopen

Start met verkopen
€12,96
  • (0)
  Kopen