Last Updated on July 23, 2021 by InfraExam
312-50v10 : Certified Ethical Hacker v10 Exam : Part 10
You want to analyze packets on your wireless network. Which program would you use?
- Wireshark with Airpcap
- Airsnort with Airpcap
- Wireshark with Winpcap
- Ethereal with Winpcap
Jimmy is standing outside a secure entrance to a facility. He is pretending to have a tense conversation on his cell phone as an authorized employee badges in. Jimmy, while still on the phone, grabs the door as it begins to close.
What just happened?
What is the most secure way to mitigate the theft of corporate information from a laptop that was left in a hotel room?
- Set a BIOS password
- Encrypt the data on the hard drive.
- Use a strong logon password to the operating system.
- Back up everything on the laptop and store the backup in a safe place.
In both pharming and phishing attacks an attacker can create websites that look similar to legitimate sites with the intent of collecting personal identifiable information from its victims. What is the difference between pharming and phishing attacks?
- Both pharming and phishing attacks are identical.
- In a pharming attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name.
- In a phishing attack a victim is redirected to a fake website by modifying their host configuration file or by exploiting vulnerabilities in DNS. In a phishing attack an attacker provides the victim with a URL that is either misspelled or looks similar to the actual websites domain name.
- Both pharming and phishing attacks are purely technical and are not considered forms of social engineering
What is the role of test automation in security testing?
- It is an option but it tends to be very expensive.
- It should be used exclusively. Manual testing is outdated because of low speed and possible test setup inconsistencies.
- Test automation is not usable in security due to the complexity of the tests.
- It can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot replace manual testing completely.
A hacker has successfully infected an internet-facing server which he will then use to send junk mail, take part in coordinated attacks, or host junk email content.
Which sort of trojan infects this server?
- Botnet Trojan
- Turtle Trojans
- Banking Trojans
- Ransomware Trojans
In order to have an anonymous Internet surf, which of the following is best choice?
- Use SSL sites when entering personal information
- Use Tor network with multi-node
- Use shared WiFi
- Use public VPN
In which phase of the ethical hacking process can Google hacking be employed? This is a technique that involves manipulating a search string with specific operators to search for vulnerabilities.
allintitle: root passwd
- Maintaining Access
- Gaining Access
- Scanning and Enumeration
Todd has been asked by the security officer to purchase a counter-based authentication system. Which of the following best describes this type of system?
- A biometric system that bases authentication decisions on behavioral attributes.
- A biometric system that bases authentication decisions on physical attributes.
- An authentication system that creates one-time passwords that are encrypted with secret keys.
- An authentication system that uses passphrases that are converted into virtual passwords.
How can rainbow tables be defeated?
- Password salting
- Use of non-dictionary words
- All uppercase character passwords
- Lockout accounts under brute force password cracking attempts
The network in ABC company is using the network address 192.168.1.64 with mask 255.255.255.192. In the network the servers are in the addresses 192.168.1.122, 192.168.1.123 and 192.168.1.124.
An attacker is trying to find those servers but he cannot see them in his scanning. The command he is using is: nmap 192.168.1.64/28
Why he cannot see the servers?
- He needs to change the address to 192.168.1.0 with the same mask
- He needs to add the command “”ip address”” just before the IP address.
- He is scanning from 192.168.1.64 to 192.168.1.78 because of the mask /28 and the servers are not in that range.
- The network must be down and the nmap command and IP address are ok
In many states sending spam is illegal. Thus, the spammers have techniques to try and ensure that no one knows they sent the spam out to thousands of users at a time. Which of the following best describes what spammers use to hide the origin of these types of e-mails?
- A blacklist of companies that have their mail server relays configured to allow traffic only to their specific domain name.
- Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers continuously.
- A blacklist of companies that have their mail server relays configured to be wide open.
- Tools that will reconfigure a mail server’s relay component to send the e-mail back to the spammers occasionally.
Emil uses nmap to scan two hosts using this command:
nmap -sS -T4 -O 192.168.99.1 192.168.99.7
He receives this output:
What is his conclusion?
- Host 192.168.99.7 is an iPad.
- He performed a SYN scan and OS scan on hosts 192.168.99.1 and 192.168.99.7
- Host 192.168.99.1 is the host that he launched the scan from.
- Host 192.168.99.7 is down.
Port scanning can be used as part of a technical assessment to determine network vulnerabilities. The TCP XMAS scan is used to identify listening ports on the targeted system.
If a scanned port is open, what happens?
- The port will ignore the packets.
- The port will send an RST.
- The port will send an ACK.
- The port will send a SYN.
Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?
Which of the following is a passive wireless packet analyzer that works on Linux-based systems?
- Burp Suite
Which service in a PKI will vouch for the identity of an individual or company?
What mechanism in Windows prevents a user from accidentally executing a potentially malicious batch (.bat) or PowerShell (.ps1) script?
- User Access Control (UAC)
- Data Execution Prevention (DEP)
- Address Space Layout Randomization (ASLR)
- Windows firewall
Seth is starting a penetration test from inside the network. He hasn’t been given any information about the network. What type of test is he conducting?
- Internal, Blackbox
- External, Blackbox
- External, Whitebox
- Internal, Whitebox
What is the code written for?
- Buffer Overflow
- Denial-of-service (DoS)