Last Updated on July 22, 2021 by InfraExam

312-50 : CEH Certified Ethical Hacker (312-50v9) : Part 19

  1. If executives are found liable for not properly protecting their company’s assets and information systems, what type of law would apply in this situation?

    • Civil
    • International
    • Criminal
    • Common
  2. What is the role of test automation in security testing?

    • It can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot replace manual testing completely.
    • It is an option but it tends to be very expensive.
    • It should be used exclusively. Manual testing is outdated because of low speed and possible test setup inconsistencies.
    • Test automation is not usable in security due to the complexity of the tests.
  3. The company ABC recently discovered that their new product was released by the opposition before their premiere. They contract an investigator who discovered that the maid threw away papers with confidential information about the new product and the opposition found it in the garbage. What is the name of the technique used by the opposition?

    • Hack attack
    • Sniffing
    • Dumpster diving
    • Spying
  4. The company ABC recently contracted a new accountant. The accountant will be working with the financial statements. Those financial statements need to be approved by the CFO and then they will be sent to the accountant but the CFO is worried because he wants to be sure that the information sent to the accountant was not modified once he approved it. What of the following options can be useful to ensure the integrity of the data?

    • The document can be sent to the accountant using an exclusive USB for that document.
    • The CFO can use a hash algorithm in the document once he approved the financial statements.
    • The financial statements can be sent twice, one by email and the other delivered in USB and the accountant can compare both to be sure it is the same document.
    • The CFO can use an excel file with a password.
  5. A hacker has managed to gain access to a Linux host and stolen the password file from /etc/passwd. How can he use it?

    • The password file does not contain the passwords themselves.
    • He can open it and read the user ids and corresponding passwords.
    • The file reveals the passwords to the root user only.
    • He cannot read it because it is encrypted.
  6. Eve stole a file named secret.txt, transferred it to her computer and she just entered these commands:

    312-50 Part 19 Q06 016
    312-50 Part 19 Q06 016

    What is she trying to achieve?

    • She is encrypting the file.
    • She is using John the Ripper to view the contents of the file.
    • She is using ftp to transfer the file to another hacker named John.
    • She is using John the Ripper to crack the passwords in the secret.txt file.
  7. What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass through the packet-filtering of the firewall.

    • Firewalking
    • Session hijacking
    • Network sniffing
    • Man-in-the-middle attack
  8. Seth is starting a penetration test from inside the network. He hasn’t been given any information about the network. What type of test is he conducting?

    • Internal Whitebox
    • External, Whitebox
    • Internal, Blackbox
    • External, Blackbox
  9. Which tier in the N-tier application architecture is responsible for moving and processing data between the tiers?

    • Application Layer
    • Data tier
    • Presentation tier
    • Logic tier
  10. An attacker tries to do banner grabbing on a remote web server and executes the following command.

    312-50 Part 19 Q10 017
    312-50 Part 19 Q10 017

    Service detection performed. Please report any incorrect results at
    Nmap done: 1 IP address (1 host up) scanned in 6.42 seconds

    What did the hacker accomplish?

    • nmap can’t retrieve the version number of any running remote service.
    • The hacker successfully completed the banner grabbing.
    • The hacker should’ve used nmap -O
    • The hacker failed to do banner grabbing as he didn’t get the version of the Apache web server.
  11. _________ is a set of extensions to DNS that provide to DNS clients (resolvers) origin authentication of DNS data to reduce the threat of DNS poisoning, spoofing, and similar attacks types.

    • DNSSEC
    • Zone transfer
    • Resource transfer
    • Resource records
  12. Sid is a judge for a programming contest. Before the code reaches him it goes through a restricted OS and is tested there. If it passes, then it moves onto Sid. What is this middle step called?

    • Fuzzy-testing the code
    • Third party running the code
    • Sandboxing the code
    • String validating the code
  13. An IT employee got a call from one of our best customers. The caller wanted to know about the company’s network infrastructure, systems, and team. New opportunities of integration are in sight for both company and customer. What should this employee do?

    • Since the company’s policy is all about Customer Service, he/she will provide information.
    • Disregarding the call, the employee should hang up.
    • The employee should not provide any information without previous management authorization.
    • The employees can not provide any information; but, anyway, he/she will provide the name of the person in charge.
  14. A well-intentioned researcher discovers a vulnerability on the web site of a major corporation. What should he do?

    • Ignore it.
    • Try to sell the information to a well-paying party on the dark web.
    • Notify the web site owner so that corrective action be taken as soon as possible to patch the vulnerability.
    • Exploit the vulnerability without harming the web site owner so that attention be drawn to the problem.
  15. In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?

    • In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name.
    • Both pharming and phishing attacks are purely technical and are not considered forms of social engineering.
    • Both pharming and phishing attacks are identical.
    • In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a pharming attack an attacker provides the victim with a URL that is either misspelled or looks very similar to the actual websites domain name.
  16. Cryptography is the practice and study of techniques for secure communication in the presence of third parties (called adversaries.) More generally, it is about constructing and analyzing protocols that overcome the influence of adversaries and that are related to various aspects in information security such as data confidentiality, data integrity, authentication, and non-repudiation. Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce.

    Basic example to understand how cryptography works is given below:

    312-50 Part 19 Q16 018
    312-50 Part 19 Q16 018

    Which of the following choices is true about cryptography?

    • Algorithm is not the secret, key is the secret.
    • Symmetric-key algorithms are a class of algorithms for cryptography that use the different cryptographic keys for both encryption of plaintext and decryption of ciphertext.
    • Secure Sockets Layer (SSL) use the asymmetric encryption both (public/private key pair) to deliver the shared session key and to achieve a communication way.
    • Public-key cryptography, also known as asymmetric cryptography, public key is for decrypt, private key is for encrypt.
  17. Which of these is capable of searching for and locating rogue access points?

    • HIDS
    • WISS
    • WIPS
    • NIDS
  18. Which of the following is considered an exploit framework and has the ability to perform automated attacks on services, ports, applications and unpatched security flaws in a computer system?

    • Wireshark
    • Maltego
    • Metasploit
    • Nessus
  19. Sophia travels a lot and worries that her laptop containing confidential documents might be stolen. What is the best protection that will work for her?

    • Password protected files
    • Hidden folders
    • BIOS password
    • Full disk encryption.
  20. The network in ABC company is using the network address with mask In the network the servers are in the addresses, and

    An attacker is trying to find those servers but he cannot see them in his scanning. The command he is using is:

    Why he cannot see the servers?

    • The network must be down and the nmap command and IP address are ok.
    • He needs to add the command ””ip address”” just before the IP address.
    • He is scanning from to because of the mask /28 and the servers are not in that range.
    • He needs to change the address to with the same mask.