Certified Ethical Hacker Practice Exam

JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.

Certified Ethical Hacker Practice Exam - Part Vlll

Volume H

Email *

Write down your name. *

Write down contact your number *

Q701: What do you call a system where users need to remember only one username and password and be authenticated for multiple services? *

1 point

Simple Sign-on

Unique Sign-on

Single Sign-on

Digital Certificate

Q702: Clive has been monitoring his IDS and sees that there are a huge number of ICMP Echo Reply packets that are being received on the external gateway interface. Further inspection reveals that they are not responses from the internal hosts’ requests but simply responses coming from theInternet.What could be the most likely cause? *

1 point

Someone has spoofed Clive’s IP address while doing a smurf attack.

Someone has spoofed Clive’s IP address while doing a land attack.

Someone has spoofed Clive’s IP address while doing a fraggle attack.

Someone has spoofed Clive’s IP address while doing a DoS attack

Q703: What would best be defined as a security test on services against a known vulnerability database using an automated tool? *

1 point

A penetration test

A privacy review

A server audit

A vulnerability assessment

Q704: A Buffer Overflow attack involves: *

1 point

Using a trojan program to direct data traffic to the target host's memory stack

Flooding the target network buffers with data traffic to reduce the bandwidth available to legitimate users

Using a dictionary to crack password buffers by guessing user names and passwords

Poorly written software that allows an attacker to execute arbitrary code on a target system

Q705: When working with Windows systems, what is the RID of the true administrator account? *

1 point

500

501

512

1001

1024

1000

Q706: If you send an SYN to an open port, what is the correct response? (Choose all correct answers. *

1 point

SYN

ACK

FIN

PSH

Required

Q707: When working with Windows systems, what is the RID of the true administrator account? *

1 point

500

501

1000

1001

1024

512

Q708: You have been called to investigate a sudden increase in network traffic at XYZ. It seems that the traffic generated was too heavy that normal business functions could no longer be rendered to external employees and clients. After a quick investigation, you find that the computer has services running attached to TFN2k and Trinoo software. What do you think was the most likely cause behind this sudden increase in traffic? *

1 point

A distributed denial of service attack.

A network card that was jabbering.

A bad route on the firewall.

Invalid rules entry at the gateway.

Q709: Henry is an attacker and wants to gain control of a system and use it to flood a target system with requests, so as to prevent legitimate users from gaining access. What type of attack is Henryusing? *

1 point

Henry is executing commands or viewing data outside the intended target path

Henry is using a denial of service attack which is a valid threat used by an attacker

Henry is taking advantage of an incorrect configuration that leads to access with higher-than expected privilege

Henry uses poorly designed input validation routines to create or alter commands to gain access to unintended data or execute commands

Q710: Eve decides to get her hands dirty and tries out a Denial of Service attack that is relatively new to her. This time she envisages using a different kind of method to attack Brownies Inc. Eve tries to forge the packets and uses the broadcast address. She launches an attack similar to that of Fraggle. What is the technique that Eve used in the case above? *

1 point

Smurf

Bubonic

SYN Flood

Ping of Death

Clear form

Never submit passwords through Google Forms.

This content is neither created nor endorsed by Google. Report Abuse - Terms of Service - Privacy Policy

Forms