CEH Practice Questions 2
docx
keyboard_arrow_up
School
Western Governors University *
*We aren’t endorsed by this school
Course
701
Subject
Information Systems
Date
Feb 20, 2024
Type
docx
Pages
3
Uploaded by ostorgafermin
1.
Which of the following programs is usually targeted Microsoft Office products?
a.
Polymorphic virus b.
Multipart virus c.
Macro virus d.
Stealth virus 2.
In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account's confidential files and information. How can he achieve this?
a.
Privilege escalation b.
Shoulder surfing c.
Hacking Active Directory d.
Port Scanning 3.
A technician is resolving an issue where a computer is unable to connect to the Internet using
a wireless access point. The computer is able to transfer files locally to other machines but cannot successfully reach the Internet. When the technician examines the IP address and default gateway, they are both on the 192.168.1.0/24. Which of the following has occurred?
a.
The computer is not using a private IP address. b.
The gateway is not routing to a public IP address. c.
The gateway and the computer are not on the same network. d.
The computer is using an invalid IP address. 4.
Identify the UDP port that Network Time Protocol (NTP) uses as its primary means of communication?
a.
113
b.
69
c.
123
d.
161
5.
Due to a slowdown of normal network operations, the IT department decided to monitor internet traffic for all of the employees. From a legal standpoint, what would be troublesome to take this kind of measure?
a.
All of the employees would stop normal work activities
b.
IT department would be telling employees who the boss is
c.
Not informing the employees that they are going to be monitored could be an invasion of privacy
d.
The network could still experience traffic slow down 6.
Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?
a.
Nikto
b.
John the Ripper c.
Dsniff
d.
Snort 7.
An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of the logged events do not match up.
What is most likely cause?
a.
The network devices are not all synchronized
b.
Proper chain of custody was not observed while collecting the logs c.
The attacker altered or erased events from the logs d.
The security breach was a false positive 8.
DNS cache snooping is a process of determining if the specified resource address is present in the DNS cache records. It may be useful during the examination of the network to determine what software update resources are used, thus discovering what software is installed.
What command is used to determine if the entry is present in DNS cache?
a.
nslookup -fullrecursive update.antivirus.com
b.
dnsnooping -rt update.antivirus.com
c.
nslookup -norecursive update.antivirus.com
d.
dns –snoop update.antivirus.com
9.
Which of the following is an extremely common IDS evasion technique in the web world?
a.
Spyware b.
Subnetting c.
Unicode characters
d.
Port Knocking 10. John the Ripper is a technical assessment tool used to test the weakness of which of the following?
a.
Passwords b.
File permissions c.
Firewall rulesets d.
Usernames
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help