Last Updated on July 21, 2021 by InfraExam

312-50 : CEH Certified Ethical Hacker (312-50v9) : Part 07

  1. Which of the following tools will scan a network to perform vulnerability checks and compliance auditing?

    • NMAP
    • Metasploit
    • Nessus
    • BeEF
  2. What is the best defense against privilege escalation vulnerability?

    • Patch systems regularly and upgrade interactive login privileges at the system administrator level.
    • Run administrator and applications on least privileges and use a content registry for tracking.
    • Run services with least privileged accounts and implement multi-factor authentication and authorization.
    • Review user roles and administrator privileges for maximum utilization of automation services.
  3. How can a rootkit bypass Windows 7 operating system’s kernel mode, code signing policy?

    • Defeating the scanner from detecting any code change at the kernel
    • Replacing patch system calls with its own version that hides the rootkit (attacker’s) actions
    • Performing common services for the application process and replacing real applications with fake ones
    • Attaching itself to the master boot record in a hard drive and changing the machine’s boot sequence/options
  4. Which of the following items of a computer system will an anti-virus program scan for viruses?

    • Boot Sector
    • Deleted Files
    • Windows Process List
    • Password Protected Files
  5. Which protocol and port number might be needed in order to send log messages to a log analysis tool that resides behind a firewall?

    • UDP 123
    • UDP 541
    • UDP 514
    • UDP 415
  6. A pentester is using Metasploit to exploit an FTP server and pivot to a LAN. How will the pentester pivot using Metasploit?

    • Issue the pivot exploit and set the meterpreter.
    • Reconfigure the network settings in the meterpreter.
    • Set the payload to propagate through the meterpreter.
    • Create a route statement in the meterpreter.
  7. What is the outcome of the comm”nc -l -p 2222 | nc 1234″?

    • Netcat will listen on the interface for 1234 seconds on port 2222.
    • Netcat will listen on port 2222 and output anything received to a remote connection on port 1234.
    • Netcat will listen for a connection from on port 1234 and output anything received to port 2222.
    • Netcat will listen on port 2222 and then output anything received to local interface
  8. Which of the following is a client-server tool utilized to evade firewall inspection?

    • tcp-over-dns
    • kismet
    • nikto
    • hping
  9. Which tool is used to automate SQL injections and exploit a database by forcing a given web application to connect to another database controlled by a hacker?

    • DataThief
    • NetCat
    • Cain and Abel
    • SQLInjector
  10. A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database.

    In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?

    • Semicolon
    • Single quote
    • Exclamation mark
    • Double quote
  11. Which of the following identifies the three modes in which Snort can be configured to run?

    • Sniffer, Packet Logger, and Network Intrusion Detection System
    • Sniffer, Network Intrusion Detection System, and Host Intrusion Detection System
    • Sniffer, Host Intrusion Prevention System, and Network Intrusion Prevention System
    • Sniffer, Packet Logger, and Host Intrusion Prevention System
  12. When using Wireshark to acquire packet capture on a network, which device would enable the capture of all traffic on the wire?

    • Network tap
    • Layer 3 switch
    • Network bridge
    • Application firewall
  13. Which of the following programming languages is most vulnerable to buffer overflow attacks?

    • Perl
    • C++
    • Python
    • Java
  14. Smart cards use which protocol to transfer the certificate in a secure manner?

    • Extensible Authentication Protocol (EAP)
    • Point to Point Protocol (PPP)
    • Point to Point Tunneling Protocol (PPTP)
    • Layer 2 Tunneling Protocol (L2TP)
  15. Which of the following is a hashing algorithm?

    • MD5
    • PGP
    • DES
    • ROT13
  16. Which of the following problems can be solved by using Wireshark?

    • Tracking version changes of source code
    • Checking creation dates on all webpages on a server
    • Resetting the administrator password on multiple systems
    • Troubleshooting communication resets between two systems
  17. What is the correct PCAP filter to capture all TCP traffic going to or from host on port 25?

    • tcp.src == 25 and ==
    • host
    • port 25 and host
    • tcp.port == 25 and ==
  18. Which tool would be used to collect wireless packet data?

    • NetStumbler
    • John the Ripper
    • Nessus
    • Netcat
  19. Which of the following is an example of two factor authentication?

    • PIN Number and Birth Date
    • Username and Password
    • Digital Certificate and Hardware Token
    • Fingerprint and Smartcard ID
  20. Diffie-Hellman (DH) groups determine the strength of the key used in the key exchange process. Which of the following is the correct bit size of the Diffie-Hellman (DH) group 5?

    • 768 bit key
    • 1025 bit key
    • 1536 bit key
    • 2048 bit key