Title | 312-50v11 215qtn |
---|---|
Author | Anonymous User |
Course | International Project Management |
Institution | University of Dhaka |
Pages | 70 |
File Size | 484.8 KB |
File Type | |
Total Downloads | 62 |
Total Views | 131 |
312-50v11 215qtn PA...
312-50v11.prepaway.premium.exam.215q Number:312-50v11 PassingScore:800 TimeLimit:120min FileVersion:2.0
312-50v11 Certified Ethical Hacker v11 Exam Version 2.0
40625B860D595D76F874EF86ABE14545
Exam A QUESTION 1 WhileperformingonlinebankingusingaWebbrowser,auserreceivesanemailthatcontainsalinktoan interestingWebsite.Whentheuserclicksonthelink,anotherWebbrowsersessionstartsanddisplaysa videoofcatsplayingapiano.Thenextbusinessday,theuserreceiveswhatlookslikeanemailfromhisbank, indicatingthathisbankaccounthasbeenaccessedfromaforeigncountry.Theemailaskstheusertocallhis bankandverifytheauthorizationofafundstransferthattookplace.WhatWebbrowser-basedsecurity vulnerabilitywasexploitedtocompromisetheuser? A. B. C. D.
Clickjacking Cross-SiteScripting Cross-SiteRequestForgery Webforminputvalidation
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 2 WhichserviceinaPKIwillvouchfortheidentityofanindividualorcompany? A. B. C. D.
KDC CR CBC CA
Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 3 Identifythewebapplicationattackwheretheattackersexploitvulnerabilitiesindynamicallygeneratedweb pagestoinjectclient-sidescriptintowebpagesviewedbyotherusers. A. B. C. D.
LDAPInjectionattack Cross-SiteScripting(XSS) SQLinjectionattack Cross-SiteRequestForgery(CSRF)
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 4 UserAiswritingasensitiveemailmessagetouserBoutsidethelocalnetwork.UserAhaschosentousePKI tosecurehismessageandensureonlyuserBcanreadthesensitiveemail.AtwhatlayeroftheOSIlayer
40625B860D595D76F874EF86ABE14545
doestheencryptionanddecryptionofthemessagetakeplace? A. B. C. D.
Application Transport Session Presentation
Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 5 Anewwirelessclientisconfiguredtojoina802.11network.Thisclientusesthesamehardwareandsoftware asmanyoftheotherclientsonthenetwork.Theclientcanseethenetwork,butcannotconnect.Awireless packetsniffershowsthattheWirelessAccessPoint(WAP)isnotrespondingtotheassociationrequestsbeing sentbythewirelessclient.Whatisapossiblesourceofthisproblem? A. B. C. D.
TheWAPdoesnotrecognizetheclient’sMACaddress TheclientcannotseetheSSIDofthewirelessnetwork Clientisconfiguredforthewrongchannel ThewirelessclientisnotconfiguredtouseDHCP
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 6 IfyouwanttoonlyscanfewerportsthanthedefaultscanusingNmaptool,whichoptionwouldyouuse? A. B. C. D.
-r -F -P -sP
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 7 Whichofthefollowingisthestructuredesignedtoverifyandauthenticatetheidentityofindividualswithinthe enterprisetakingpartinadataexchange? A. B. C. D.
SOA biometrics singlesignon PKI
40625B860D595D76F874EF86ABE14545
Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 8 Youaretaskedtoperformapenetrationtest.Whileyouareperforminginformationgathering,youfindan employeelistinGoogle.Youfindthereceptionist’semail,andyousendheranemailchangingthesource emailtoherboss’semail(boss@company).Inthisemail,youaskforapdfwithinformation.Shereadsyour emailandsendsbackapdfwithlinks.Youexchangethepdflinkswithyourmaliciouslinks(theselinkscontain malware)andsendbackthemodifiedpdf,sayingthatthelinksdon’twork.Shereadsyouremail,opensthe links,andhermachinegetsinfected.Younowhaveaccesstothecompanynetwork.Whattestingmethoddid youuse? A. B. C. D.
Socialengineering Piggybacking Tailgating Eavesdropping
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 9 Ifatesterisattemptingtopingatargetthatexistsbutreceivesnoresponseoraresponsethatstatesthe destinationisunreachable,ICMPmaybedisabledandthenetworkmaybeusingTCP.Whichotheroption couldthetesterusetogetaresponsefromahostusingTCP? A. B. C. D.
Traceroute Hping TCPping Broadcastping
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 10 WhichisthefirststepfollowedbyVulnerabilityScannersforscanninganetwork? A. B. C. D.
OSDetection Firewalldetection TCP/UDPPortscanning Checkingiftheremotehostisalive
Correct Answer: D Section: (none)
40625B860D595D76F874EF86ABE14545
Explanation Explanation/Reference: QUESTION 11 WhichofthefollowingprogramsisusuallytargetedatMicrosoftOfficeproducts? A. B. C. D.
Polymorphicvirus Multipartvirus Macrovirus Stealthvirus
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 12 Inaninternalsecurityaudit,thewhitehathackergainscontroloverauseraccountandattemptstoacquire accesstoanotheraccount'sconfidentialfilesandinformation.Howcanheachievethis? A. B. C. D.
PrivilegeEscalation Shoulder-Surfing HackingActiveDirectory PortScanning
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 13 AtechnicianisresolvinganissuewhereacomputerisunabletoconnecttotheInternetusingawireless accesspoint.Thecomputerisabletotransferfileslocallytoothermachines,butcannotsuccessfullyreachthe Internet.WhenthetechnicianexaminestheIPaddressanddefaultgatewaytheyarebothonthe 192.168.1.0/24.Whichofthefollowinghasoccurred? A. B. C. D.
ThecomputerisnotusingaprivateIPaddress. ThegatewayisnotroutingtoapublicIPaddress. Thegatewayandthecomputerarenotonthesamenetwork. ThecomputerisusinganinvalidIPaddress.
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 14 IdentifytheUDPportthatNetworkTimeProtocol(NTP)usesasitsprimarymeansofcommunication?
40625B860D595D76F874EF86ABE14545
A. B. C. D.
113 69 123 161
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 15 Duetoaslowdownofnormalnetworkoperations,theITdepartmentdecidedtomonitorinternettrafficforallof theemployees.Fromalegalstandpoint,whatwouldbetroublesometotakethiskindofmeasure? A. B. C. D.
Alloftheemployeeswouldstopnormalworkactivities ITdepartmentwouldbetellingemployeeswhothebossis Notinformingtheemployeesthattheyaregoingtobemonitoredcouldbeaninvasionofprivacy. Thenetworkcouldstillexperiencetrafficslowdown.
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 16 Whichofthefollowingtoolsperformscomprehensivetestsagainstwebservers,includingdangerousfilesand CGIs? A. B. C. D.
Nikto JohntheRipper Dsniff Snort
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 17 Anincidentinvestigatoraskstoreceiveacopyoftheeventlogsfromallfirewalls,proxyservers,andIntrusion DetectionSystems(IDS)onthenetworkofanorganizationthathasexperiencedapossiblebreachofsecurity. Whentheinvestigatorattemptstocorrelatetheinformationinallofthelogs,thesequenceofmanyofthe loggedeventsdonotmatchup. Whatisthemostlikelycause? A. Thenetworkdevicesarenotallsynchronized. B. Properchainofcustodywasnotobservedwhilecollectingthelogs. C. Theattackeralteredorerasedeventsfromthelogs.
40625B860D595D76F874EF86ABE14545
D. Thesecuritybreachwasafalsepositive. Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 18 DNScachesnoopingisaprocessofdeterminingifthespecifiedresourceaddressispresentintheDNScache records.Itmaybeusefulduringtheexaminationofthenetworktodeterminewhatsoftwareupdateresources areused,thusdiscoveringwhatsoftwareisinstalled. WhatcommandisusedtodetermineiftheentryispresentinDNScache? A. B. C. D.
nslookup-fullrecursiveupdate.antivirus.com dnsnooping-rtupdate.antivirus.com nslookup-norecursiveupdate.antivirus.com dns--snoopupdate.antivirus.com
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 19 WhichofthefollowingisanextremelycommonIDSevasiontechniqueinthewebworld? A. B. C. D.
Spyware Subnetting UnicodeCharacters PortKnocking
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 20 JohntheRipperisatechnicalassessmenttoolusedtotesttheweaknessofwhichofthefollowing? A. B. C. D.
Passwords Filepermissions Firewallrulesets Usernames
Correct Answer: A Section: (none) Explanation Explanation/Reference:
40625B860D595D76F874EF86ABE14545
QUESTION 21 SomeclientsofTPNQMSAwereredirectedtoamalicioussitewhentheytriedtoaccesstheTPNQMmain site.Bob,asystemadministratoratTPNQMSA,foundthattheywerevictimsofDNSCachePoisoning. WhatshouldBobrecommendtodealwithsuchathreat? A. B. C. D.
Theuseofsecurityagentsinclients’computers TheuseofDNSSEC Theuseofdouble-factorauthentication Clientawareness
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 22 Duringablack-boxpentestyouattempttopassIRCtrafficoverport80/TCPfromacompromisedweb enabledhost.Thetrafficgetsblocked;however,outboundHTTPtrafficisunimpeded.Whattypeoffirewallis inspectingoutboundtraffic? A. B. C. D.
Circuit Stateful Application PacketFiltering
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 23 Byusingasmartcardandpin,youareusingatwo-factorauthenticationthatsatisfies A. B. C. D.
Somethingyouareandsomethingyouremember Somethingyouhaveandsomethingyouknow Somethingyouknowandsomethingyouare Somethingyouhaveandsomethingyouare
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 24 “........isanattacktypeforarogueWi-Fiaccesspointthatappearstobealegitimateoneofferedonthe premises,butactuallyhasbeensetuptoeavesdroponwirelesscommunications.Itisthewirelessversionof thephishingscam.Anattackerfoolswirelessusersintoconnectingalaptopormobilephonetoatainted hotspotbyposingasalegitimateprovider.Thistypeofattackmaybeusedtostealthepasswordsof unsuspectingusersbyeithersnoopingthecommunicationlinkorbyphishing,whichinvolvessettingupa
40625B860D595D76F874EF86ABE14545
fraudulentwebsiteandluringpeoplethere.” Fillintheblankwithappropriatechoice. A. B. C. D.
EvilTwinAttack SinkholeAttack CollisionAttack SignalJammingAttack
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 25 Aregionalbankhiresyourcompanytoperformasecurityassessmentontheirnetworkafterarecentdata breach.Theattackerwasabletostealfinancialdatafromthebankbycompromisingonlyasingleserver. Basedonthisinformation,whatshouldbeoneofyourkeyrecommendationstothebank? A. B. C. D.
Placeafront-endwebserverinademilitarizedzonethatonlyhandlesexternalwebtraffic Requireallemployeestochangetheiranti-virusprogramwithanewone MovethefinancialdatatoanotherserveronthesameIPsubnet Issuenewcertificatestothewebserversfromtherootcertificateauthority
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 26 Whattermdescribestheamountofriskthatremainsafterthevulnerabilitiesareclassifiedandthe countermeasureshavebeendeployed? A. B. C. D.
Residualrisk Impactrisk Deferredrisk Inherentrisk
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 27 Whichofthefollowingisthebestcountermeasuretoencryptingransomwares? A. Usemultipleantivirussoftwares B. Payaransom C. Keepsomegenerationofoff-linebackup
40625B860D595D76F874EF86ABE14545
D. Analyzetheransomwaretogetdecryptionkeyofencrypteddata Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 28 SessionsplicingisanIDSevasiontechniqueinwhichanattackerdeliversdatainmultiple,smallsizedpackets tothetargetcomputer,makingitverydifficultforanIDStodetecttheattacksignatures.Whichtoolcanbe usedtoperformsessionsplicingattacks? A. B. C. D.
tcpsplice Burp Hydra Whisker
Correct Answer: D Section: (none) Explanation Explanation/Reference: QUESTION 29 YouhavesuccessfullycomprisedaserverhavinganIPaddressof10.10.0.5.Youwouldliketoenumerateall machinesinthesamenetworkquickly. WhatisthebestNmapcommandyouwilluse? A. B. C. D.
nmap-T4-q10.10.0.0/24 nmap-T4-F10.10.0.0/24 nmap-T4-r10.10.1.0/24 nmap-T4-O10.10.0.0/24
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 30 AsaCertifiedEthicalHacker,youwerecontractedbyaprivatefirmtoconductanexternalsecurityassessment throughpenetrationtesting. Whatdocumentdescribesthespecificsofthetesting,theassociatedviolations,andessentiallyprotectsboth theorganization’sinterestandyourliabilitiesasatester? A. B. C. D.
ServiceLevelAgreement ProjectScope RulesofEngagement Non-DisclosureAgreement
Correct Answer: C 40625B860D595D76F874EF86ABE14545
Section: (none) Explanation Explanation/Reference: QUESTION 31 WhichofthefollowingistheBESTwaytodefendagainstnetworksniffing? A. B. C. D.
Usingencryptionprotocolstosecurenetworkcommunications RegisterallmachinesMACAddressinaCentralizedDatabase UseStaticIPAddress RestrictPhysicalAccesstoServerRoomshostingCriticalServers
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 32 Whichofthefollowingistheleast-likelyphysicalcharacteristictobeusedinbiometriccontrolthatsupportsa largecompany? A. B. C. D.
Irispatterns Voice HeightandWeight Fingerprints
Correct Answer: C Section: (none) Explanation Explanation/Reference: QUESTION 33 AlthoughFTPtrafficisnotencryptedbydefault,whichlayer3protocolwouldallowforend-to-endencryptionof theconnection? A. B. C. D.
SFTP Ipsec SSL FTPS
Correct Answer: B Section: (none) Explanation Explanation/Reference: QUESTION 34 Toreachabankwebsite,thetrafficfromworkstationsmustpassthroughafirewall.Youhavebeenaskedto reviewthefirewallconfigurationtoensurethatworkstationsinnetwork10.10.10.0/24canonlyreachthebank 40625B860D595D76F874EF86ABE14545
website10.20.20.1usinghttps.Whichofthefollowingfirewallrulesmeetsthisrequirement? A. if(sourcematches10.10.10.0/24anddestinationmatches10.20.20.1andportmatches443)thenpermit B. if(sourcematches10.10.10.0/24anddestinationmatches10.20.20.1andportmatches80or443)then permit C. if(sourcematches10.20.20.1anddestinationmatches10.10.10.0/24andportmatches443)thenpermit D. if(sourcematches10.10.10.0anddestinationmatches10.20.20.1andportmatches443)thenpermit Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 35 Jim’scompanyregularlyperformsbackupsoftheircriticalservers.Butthecompanycannotaffordtosend backuptapestoanoff-sitevendorforlong-termstorageandarchiving.Instead,Jim’scompanykeepsthe backuptapesinasafeintheoffice.Jim’scompanyisauditedeachyear,andtheresultsfromthisyear’saudit showariskbecausebackuptapesarenotstoredoff-site.TheManagerofInformationTechnologyhasaplan totakethebackuptapeshomewithhimandwantstoknowwhattwothingshecandotosecurethebackup tapeswhileintransit? A. B. C. D.
Encryptthebackuptapesandtransporttheminalockbox. Degaussthebackuptapesandtransporttheminalockbox. Hashthebackuptapesandtransporttheminalockbox. Encryptthebackuptapesanduseacouriertotransportthem.
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 36 YouaretheNetworkAdmin,andyougetacomplaintthatsomeofthewebsitesarenolongeraccessible.You trytopingtheserversandfindthemtobereachable.ThenyoutypetheIPaddressandthenyoutryonthe browser,andfindittobeaccessible.ButtheyarenotaccessiblewhenyoutryusingtheURL. Whatmaybetheproblem? A. B. C. D.
TrafficisBlockedonUDPPort53 TrafficisBlockedonTCPPort80 TrafficisBlockedonTCPPort54 TrafficisBlockedonUDPPort80
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 37 WhichofthefollowingtoolsisusedtodetectwirelessLANsusingthe802.11a/b/g/nWLANstandardsona Linuxplatform?
40625B860D595D76F874EF86ABE14545
A. B. C. D.
Kismet Abel Netstumbler Nessus
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 38 YouareworkingasaSecurityAnalystinacompanyXYZthatownsthewholesubnetrangeof23.0.0.0/8and 192.168.0.0/8. Whilemonitoringthedata,youfindahighnumberofoutboundconnections.YouseethatIP’sownedbyXYZ (Internal)andprivateIP’sarecommunicatingtoaSinglePublicIP.Therefore,theInternalIP’saresending datatothePublicIP. Afterfurtheranalysis,youfindoutthatthisPublicIPisablacklistedIP,andtheinternalcommunicatingdevices arecompromised. Whatkindofattackdoestheabovescenariodepict? A. B. C. D.
BotnetAttack SpearPhishingAttack AdvancedPersistentThreats RootkitAttack
Correct Answer: A Section: (none) Explanation Explanation/Reference: QUESTION 39 Scenario: 1.Victimopenstheattacker’swebsite. 2.Attackersetsupawebsitewhichcontainsinterestingandattractivecontentlike‘Doyouwanttomake $1000inaday?’. 3.VictimclickstotheinterestingandattractivecontentURL. 4.Attackercreatesatransparent‘iframe’infrontoftheURLwhichthevictimattemptstoclick,sothevictim thinksthathe/sheclicksonthe‘Doyouwanttomake$1000inaday?’URLbutactuallyhe/sheclicksonthe contentorURLthatexistsinthetransparent'iframe'whichissetupbytheattacker. Whatisthenameoftheattackwhichismentionedinthescenario? A. B. C. D.
SessionFixation HTMLInjection HTTPParameterPollution ClickjackingAttack
Correct Answer: D
40625B860D595D76F874EF86ABE14545
Section: (none) Explanation Explanation/Reference: QUESTION 40 AnetworkadministratordiscoversseveralunknownfilesintherootdirectoryofhisLinuxFTPserver.Oneof thefilesisatarball,twoareshellscriptfiles,andthethirdisabinaryfileisnamed“nc.”TheFTPserver’s accesslogsshowthattheanonymoususeraccountloggedintotheserver,uploadedthefiles,andextracted thecontentsofthetarballandranthescriptusingafunctionprovidedbytheFTPserver’ssoftware.Theps commandshowsthatthencfileisrunningasprocess,andthenetstatcommandshowsthencprocessis listeningonanetworkport. Whatkindofvulnerabilitymustbepresenttomakethisremoteattackpossible? A. B. C. D.
F...