CEH Practice Questions 8

docx

School

Western Governors University *

*We aren’t endorsed by this school

Course

701

Subject

Information Systems

Date

Feb 20, 2024

Type

docx

Pages

3

Uploaded by ostorgafermin

Report
1. Which system consists of a publicly available set of databases that contain domain name registration contact information? a. WHOIS b. CAPTCHA c. IANA d. IETF 2. Why is a penetration test considered to be more thorough than vulnerability scan? a. Vulnerability scans only do host discovery and port scanning by default b. A penetration test actively exploits vulnerabilities in the targeted infrastructure, while a vulnerability scan does not typically involve active exploitation c. A penetration test is often performed by an automated tool, while a vulnerability scan requires active engagement d. The tools used by penetration testers tend to have much more comprehensive vulnerability databases 3. Bob received this text message on his mobile phone: “Hello, this is Scott Smelby from the Yahoo Bank. Kindly contact me for a vital transaction on: scottsmelby@yahoo.com”. Which statement below is true? a. This is a scam as everybody can a @yahoo address, not the Yahoo customer service employees b. This is a scan because Bob does not know Scott c. Bob should write to scottsmelby@yahoo.com to verify the identity of Scott d. This is probably a legitimate message as it comes from a respectable organization 4. What is the Shellshock bash vulnerability attempting to do on a vulnerable Linux host? env x=’(){ :;};echo exploit’ bash -c ‘cat/etc/passwd’ a. Removes the passwd file b. Changes all passwords in passwd c. Add new user to the passwd file d. Display passwd content to prompt 5. Which of the following is assured by the use of a hash? a. Authentication
b. Confidentiality c. Availability d. Integrity 6. Which results will be returned with the following Google search query? site:target.com -site:Marketing.target.com accounting a. Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting b. Results matching all words in the query c. Results for matches on target.com and Marketing.target.com that include the word “accounting” d. Results matching “accounting” in the domain target.com but not on the site Marketing.target.com 7. Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not encrypt email, leaving the information in the message vulnerable to being read by an unauthorized person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by SMTP over TLS is encrypted. What is the name of the command used by SMTP to transmit email over TLS? a. OPPORTUNISTICTLS b. UPGRADETLS c. FORCETLS d. STARTTLS 8. In the field of cryptanalysis, what is meant by a ‘rubber-hose’ attack? a. Forcing the targeted keystream through a hardware-accelerated device such as an ASIC b. A backdoor placed into a cryptographic algorithm by its creator c. Extraction of cryptographic secrets through coercion or torture d. Attempting to decrypt ciphertext by making logical assumptions about the contents of the original plaintext 9. You are a Network Security Officer. You have two machines. The first machine (192.168.0.99) has Snort installed, and the second machine (192.168.0.150) has Kiwi syslog installed. You perform a SYN scan in your network, and you notice that Kiwi syslog is not
receiving the alert message from Snort. You decide to run Wireshark in the Snort machine to check if the messages are going to the Kiwi syslog machine. What Wireshark filter will show the connections from the Snort machine to Kiwi syslog machine? a. tcp.srcport = = 514 && ip.src = = 192.168.0.99 b. tcp.srcport = = 514 && ip.src = = 192.168.150 c. tcp.srcport = = 514 && ip.dest = = 192.168.0.99 d. tcp.srcport = = 514 && ip.dest = = 192.168.0.150 10. What two conditions must a digital signature meet? a. Has to be the same number of characters as a physical signature and must be unique b. Has to be unforgeable and has to be authentic c. Must be unique and have special characters d. Has to be legible and neat
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
  • Access to all documents
  • Unlimited textbook solutions
  • 24/7 expert homework help

Related Documents

SCM 101 Week 2 .docx
Lab 1 Handout.pdf
project4-step9.docx
Week 3_Homework_Khadka_Kevil.docx
Week 5 Discussion.docx
CEH Practice Questions 6.docx
Syllabus_612_Spring 2024.docx
CEH Practice Questions 5.docx
Assignment 1 Solved (1).docx
Pope_AIT 620 Assignment1.docx
CEH Practice Questions 2.docx
Review Quiz 4.docx