312-50v10 : Certified Ethical Hacker v10 Exam : Part 15

  1. You are tasked to configure the DHCP server to lease the last 100 usable IP addresses in subnet

    Which of the following IP addresses could be leased as a result of the new configuration?

  2. Your company was hired by a small healthcare provider to perform a technician assessment on the network. What is the best approach for discovering vulnerabilities on a Windows-based computer?

    • Create a disk image of a clean Windows installation
    • Use the built-in Windows Update tool
    • Use a scan tool like Nessus 
    • Check MITRE.org for the latest list of CVE findings
  3. You are analyzing a traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs. – What command you would use?

    • tshark –net mask
    • wireshark –capture –local –masked –range 24 
    • sudo tshark –f “net”
    • wireshark –fetch “192.168.8/*”
  4. Initiating an attack against targeted business and organizations, threat actors compromise a carefully selected website by inserting an exploit resulting in malware infection. The attackers run exploits on well-known and trusted sites likely to be visited by their targeted victims. Aside from carefully choosing sites to compromise, these attacks are known to incorporate zero-day exploits that target unpatched vulnerabilities. Thus, the targeted entities are left with little or no defense against these exploits. What type of attack is outlined in the scenario?

    • Heartbeat Attack
    • Spear Phishing Attack\
    • Shellshock Attack
    • Watering Hole Attack 
  5. What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it’s made on the provider’s environment?

    • Behavioral based
    • Heuristics based
    • Honypot based
    • Cloud based 
  6. Which of these options is the most secure procedure for storing backup tapes?

    • In a climate controlled facility offsite 
    • In a cool dry environment
    • On a different floor in the same building
    • Inside the data center for faster retrieval in a fireproof safe
  7. Which security strategy requires using several, varying methods to protect IT systems against attacks?

    • Defense in depth 
    • Covert channels
    • Exponential backoff algorithm
    • Three-way handshake
  8. Which utility will tell you in real time which ports are listening or in another state?

    • Netsat
    • Loki
    • Nmap
    • TCPView 
  9. Which of the following statements regarding ethical hacking is incorrect?

    • An organization should use ethical hackers who do not sell vendor hardware/software or other consulting services
    • Ethical hackers should never use tools or methods that have the potential of exploiting vulnerabilities in an organization’s systems 
    • Ethical hacking should not involve writing to or modifying the target systems.
    • Testing should be remotely performed offsite.
  10. A common cryptographical tool is the use of XOR. XOR the following binary values: 10110001 00111010

    • 10011101
    • 10001011
    • 10111100
    • 11011000
  11. Why containers are less secure than virtual machines?

    • Host OS on containers has a larger surface attack.
    • Containers are attached to the same virtual network.
    • Containers may fulfill disk space of the host.
    • A compromise container may cause a CPU starvation of the host. 
  12. Which of the following is a component of a risk assessment?

    • Administrative safeguards 
    • Physical security
    • Logical interface
    • DMZ
  13. Which of the following is the structure designed to verify and authenticate the identity of individuals within the enterprise taking part in a data exchange?

    • PKI 
    • SOA
    • biometrics
    • single sign on
  14. You are monitoring the network of your organizations. You notice that:

    1. There are huge outbound connections from your Internal Network to External IPs
    2. On further investigation, you see that the external IPs are blacklisted
    3. Some connections are accepted, and some are dropped
    4. You find that it is a CnC communication

    Which of the following solution will you suggest?

    • Block the Blacklist IP’s @ Firewall
    • Update the Latest Signatures on your IDS/IPS
    • Clean the Malware which are trying to Communicate with the External Blacklist IP’s
    • Block the Blacklist IP’s @ Firewall as well as Clean the Malware which are trying to Communicate with the External Blacklist IP’s.
  15. Peter is surfing the internet looking for information about DX Company. Which hacking process is Peter doing?

    • Scanning
    • Footprinting
    • Enumeration
    • System Hacking
  16. Jim’s company regularly performs backups of their critical servers. But the company cannot afford to send backup tapes to an off-site vendor for long-term storage and archiving. Instead, Jim’s company keeps the backup tapes in a safe in the office. Jim’s company is audited each year, and the results from this year’s audit show a risk because backup tapes are not stored off-site. The Manager of Information Technology has a plan to take the backup tapes home with him and wants to know what two things he can do to secure the backup tapes while in transit?

    • Encrypt the backup tapes and transport them in a lock box.
    • Degauss the backup tapes and transport them in a lock box.
    • Hash the backup tapes and transport them in a lock box.
    • Encrypt the backup tapes and use a courier to transport them.
  17. A company’s policy requires employees to perform file transfers using protocols which encrypt traffic. You suspect some employees are still performing file transfers using unencrypted protocols because the employees do not like changes. You have positioned a network sniffer to capture traffic from the laptops used by employees in the data ingest department. Using Wireshark to examine the captured traffic, which command can be used as display filter to find unencrypted file transfers?

    • tcp port = = 21
    • tcp. port = 23
    • tcp.port = = 21 | | tcp.port = =22
    • tcp.port ! = 21
  18. What is the known plaintext attack used against DES which gives the result that encrypting plaintext with one DES key followed by encrypting it with a second DES key is no more secure than using a single key?

    • Man-in-the-middle attack
    • Meet-in-the-middle attack
    • Replay attack
    • Traffic analysis attack
  19. What is the minimum number of network connections in a multihomed firewall?

    • 3
    • 2
    • 5
    • 4
  20. Which of the following tools performs comprehensive tests against web servers, including dangerous files and CGIs?

    • Dsniff
    • John the Ripper
    • Snort
    • Nikto