312-50 Certified Ethical Hacker Certification Practice Exam Set 9

When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire? 



Options are :

  • Layer 3 switch
  • Network tap (Correct)
  • Network bridge
  • Application firewall

Answer : Network tap

ECCouncil EC0-232 ec0-232 E-Commerce Architect Practice Exam Set 7

Which of the following is used to indicate a single-line comment in structured query language (SQL)? 



Options are :

  • %%
  • ||
  • - (Correct)
  • ''

Answer : -

What is the broadcast address for the subnet 190.86.168.0/22? 



Options are :

  • 190.86.169.255
  • 190.86.171.255 (Correct)
  • 190.86.255.255
  • 190.86.168.255

Answer : 190.86.171.255

A hacker is attempting to see which IP addresses are currently active on a network. Which NMAP switch would the hacker use? 



Options are :

  • -sO
  • -sP (Correct)
  • -sU
  • -sS

Answer : -sP

EC0-232 EC-Council E-Commerce Architect Exam Set 5

Which of the following is a hashing algorithm? 



Options are :

  • DES
  • MD5 (Correct)
  • PGP
  • ROT13

Answer : MD5

Which of the following open source tools would be the best choice to scan a network for potential targets? 



Options are :

  • NIKTO
  • NMAP (Correct)
  • CAIN
  • John the Ripper

Answer : NMAP

An attacker sniffs encrypted traffic from the network and is subsequently able to decrypt it. The attacker can now use which cryptanalytic technique to attempt to discover the encryption key?



Options are :

  • Birthday attack
  • Chosen ciphertext attack (Correct)
  • Plaintext attack
  • Meet in the middle attack

Answer : Chosen ciphertext attack

ECCouncil ECSS Certified Security Specialist Practice Exam Set 3

The intrusion detection system at a software development company suddenly generates multiple alerts regarding attacks against the company's external webserver, VPN concentrator, and DNS servers. What should the security team do to determine which alerts to check first? 



Options are :

  • Investigate based on the maintenance schedule of the affected systems.
  • Investigate based on the service level agreements of the systems.
  • Investigate based on the order that the alerts arrived in.
  • Investigate based on the potential effect of the incident. (Correct)

Answer : Investigate based on the potential effect of the incident.

Which of the following is a client-server tool utilized to evade firewall inspection? 



Options are :

  • kismet
  • tcp-over-dns (Correct)
  • hping
  • nikto

Answer : tcp-over-dns

Which of the following is optimized for confidential communications, such as bidirectional voice and video? 



Options are :

  • MD4
  • RC5
  • RC4 (Correct)
  • MD5

Answer : RC4

ECCouncil 312-49v8 Computer Hacking Investigator Exam Set 2

A botnet can be managed through which of the following? 



Options are :

  • IRC (Correct)
  • Linkedin and Facebook
  • A vulnerable FTP server
  • E-Mail

Answer : IRC

How is sniffing broadly categorized? 



Options are :

  • Broadcast and unicast
  • Unmanaged and managed
  • Active and passive (Correct)
  • Filtered and unfiltered

Answer : Active and passive

Which tool would be used to collect wireless packet data? 



Options are :

  • Nessus
  • Netcat
  • John the Ripper
  • NetStumbler (Correct)

Answer : NetStumbler

ECCouncil EC1-349 Computer Hack Forensic Investigator Exam Set 3

What statement is true regarding LM hashes? 



Options are :

  • Uppercase characters in the password are converted to lowercase.
  • LM hashes are based on AES128 cryptographic standard.
  • LM hashes are not generated when the password length exceeds 15 characters. (Correct)
  • LM hashes consist in 48 hexadecimal characters.

Answer : LM hashes are not generated when the password length exceeds 15 characters.

What is the main disadvantage of the scripting languages as opposed to compiled programming languages? 



Options are :

  • Scripting languages are hard to learn.
  • Scripting languages cannot be used to create graphical user interfaces.
  • Scripting languages are not object-oriented.
  • Scripting languages are slower because they require an interpreter to run the code. (Correct)

Answer : Scripting languages are slower because they require an interpreter to run the code.

What is the best defense against privilege escalation vulnerability? 



Options are :

  • Run administrator and applications on least privileges and use a content registry for tracking.
  • None of the above
  • Review user roles and administrator privileges for maximum utilization of automation services.
  • Patch systems regularly and upgrade interactive login privileges at the system administrator level.
  • Run services with least privileged accounts and implement multi-factor authentication and authorization. (Correct)

Answer : Run services with least privileged accounts and implement multi-factor authentication and authorization.

ECCouncil EC0-349 Computer Hack Forensic Investigator Exam Set 3

A hacker, who posed as a heating and air conditioning specialist, was able to install a sniffer program in a switched environment network. Which attack could the hacker use to sniff all of the packets in the network? 



Options are :

  • Tear Drop
  • MAC Flood (Correct)
  • Fraggle
  • Smurf

Answer : MAC Flood

What is a successful method for protecting a router from potential smurf attacks?



Options are :

  • Placing the router in broadcast mode
  • Disabling the router from accepting broadcast ping messages (Correct)
  • Installing the router outside of the network's firewall
  • Enabling port forwarding on the router

Answer : Disabling the router from accepting broadcast ping messages

Which of the following items of a computer system will an anti-virus program scan for viruses? 




Options are :

  • Deleted Files
  • Boot Sector (Correct)
  • Password Protected Files
  • Windows Process List

Answer : Boot Sector

EC0-349 ECCouncil Computer Hacking Forensic Investigator Set 4

The fundamental difference between symmetric and asymmetric key cryptographic systems is that symmetric key cryptography uses which of the following? 



Options are :

  • The same key on each end of the transmission medium (Correct)
  • Different keys on both ends of the transport medium
  • Bulk encryption for data transmission over fiber
  • Multiple keys for non-repudiation of bulk data

Answer : The same key on each end of the transmission medium

Which of the following is an example of two factor authentication?



Options are :

  • Username and Password
  • PIN Number and Birth Date
  • Fingerprint and Smartcard ID (Correct)
  • Digital Certificate and Hardware Token

Answer : Fingerprint and Smartcard ID

How does an operating system protect the passwords used for account logins? 



Options are :

  • The operating system stores all passwords in a protected segment of non-volatile memory.
  • The operating system stores the passwords in a secret file that users cannot find.
  • The operating system encrypts the passwords, and decrypts them when needed.
  • The operating system performs a one-way hash of the passwords. (Correct)

Answer : The operating system performs a one-way hash of the passwords.

EC0-349 ECCouncil Computer Hacking Forensic Investigator Set 8

The use of technologies like IPSec can help guarantee the following: authenticity, integrity, confidentiality and 



Options are :

  • operability.
  • non-repudiation. (Correct)
  • usability.
  • security.

Answer : non-repudiation.

What is the primary drawback to using advanced encryption standard (AES) algorithm with a 256 bit key to share sensitive data? 



Options are :

  • It is a symmetric key algorithm, meaning each recipient must receive the key through a different channel than the message. (Correct)
  • To get messaging programs to function with this algorithm requires complex configurations.
  • Due to the key size, the time it will take to encrypt and decrypt the message hinders efficient communication.
  • It has been proven to be a weak cipher; therefore, should not be trusted to protect sensitive data.

Answer : It is a symmetric key algorithm, meaning each recipient must receive the key through a different channel than the message.

A security engineer is attempting to map a companys internal network. The engineer enters in the following NMAP command:  NMAP n sS P0 p 80 ***.***.**.**  What type of scan is this? 



Options are :

  • Comprehensive scan
  • Quick scan
  • Intense scan
  • Stealth scan (Correct)

Answer : Stealth scan

ECCouncil EC0-349 Computer Hack Forensic Investigator Exam Set 4

An attacker has been successfully modifying the purchase price of items purchased on the company's web site. The security administrators verify the web server and Oracle database have not been compromised directly. They have also verified the Intrusion Detection System (IDS) logs and found no attacks that could have caused this. What is the mostly likely way the attacker has been able to modify the purchase price? 



Options are :

  • By utilizing a buffer overflow attack
  • By using SQL injection
  • By changing hidden form values (Correct)
  • By using cross site scripting

Answer : By changing hidden form values

Which of the following settings enables Nessus to detect when it is sending too many packets and the network pipe is approaching capacity? 



Options are :

  • Silent Dependencies
  • Netstat WMI Scan
  • Consider unscanned ports as closed
  • Reduce parallel connections on congestion (Correct)

Answer : Reduce parallel connections on congestion

A pentester is using Metasploit to exploit an FTP server and pivot to a LAN. How will the pentester pivot using Metasploit? 



Options are :

  • Create a route statement in the meterpreter. (Correct)
  • Issue the pivot exploit and set the meterpreter.
  • Set the payload to propagate through the meterpreter.
  • Reconfigure the network settings in the meterpreter.

Answer : Create a route statement in the meterpreter.

ECCouncil 712-50 Certified CISO (CCISO) Practice Exam Set 2

A security analyst in an insurance company is assigned to test a new web application that will be used by clients to help them choose and apply for an insurance plan. The analyst discovers that the application is developed in ASP scripting language and it uses MSSQL as a database backend. The analyst locates the application's search form and introduces the following code in the search input field:  IMG SRC=vbscript:msgbox("Vulnerable");> originalAttribute="SRC" originalPath="vbscript:msgbox("Vulnerable");>"  When the analyst submits the form, the browser returns a pop-up window that says "Vulnerable". Which web applications vulnerability did the analyst discover? 



Options are :

  • Cross-site request forgery
  • Command injection
  • Cross-site scripting (Correct)
  • SQL injection

Answer : Cross-site scripting

Which of the following programming languages is most vulnerable to buffer overflow attacks? 



Options are :

  • Perl
  • C++ (Correct)
  • Java
  • Python

Answer : C++

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions