Certified Ethical Hacker Practice Exam

JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.

Certified Ethical Hacker Practice Exam - Part lX

Email *

Write down your name. *

Write down your contact number. *

Q801: *

1 point

Block output to the console whenever the user runs ifconfig command by running screen capture utiliyu

Run the wiretap program in stealth mode from being detected by the ifconfig command.

Replace original ifconfig utility with the rootkit version of ifconfig hiding Promiscuous information being displayed on the console.

You cannot disable Promiscuous mode detection on Linux systems.

Q802: *

1 point

Opens up a telnet listener that requires no username or password.

Create a FTP server with write permissions enabled.

Creates a share called “sasfile” on the target system.

Creates an account with a user name of Anonymous and a password of noone@nowhere.com.

Q803: You have just installed a new Linux file server at your office. This server is going to be used by several individuals in the organization, and unauthorized personnel must not be able to modify any data. What kind of program can you use to track changes to files on the server? *

1 point

Network Based IDS (NIDS)

Personal Firewall

System Integrity Verifier (SIV)

Linux IP Chains

Q804: Jim’s organization has just completed a major Linux roll out and now all of the organization's systems are running the Linux 2.5 kernel. The roll out expenses has posed constraints on purchasing other essential security equipment and software. The organization requires an option to control network traffic and also perform stateful inspection of traffic going into and out of the DMZ. Which built-in functionality of Linux can achieve this? *

1 point

IP Tables

IP Chains

IP Sniffer

IP ICMP

Q805: WinDump is a popular sniffer which results from the porting to Windows of TcpDump for Linux. What library does it use? *

1 point

LibPcap

WinPcap

Wincap

None of the above

Q806: Several of your co-workers are having a discussion over the etc/passwd file. They are at odds over what types of encryption are used to secure Linux passwords.(Choose all that apply *

1 point

Linux passwords can be encrypted with MD5

Linux passwords can be encrypted with SHA

Linux passwords can be encrypted with DES

Linux passwords can be encrypted with Blowfish

Linux passwords are encrypted with asymmetric algrothims

Required

Q807: Rebecca has noted multiple entries in her logs about users attempting to connect on ports that are either not opened or ports that are not for public usage. How can she restrict this type of abuse by limiting access to only specific IP addresses that are trusted by using one of the built-in LinuxOperating System tools? *

1 point

Ensure all files have at least a 755 or more restrictive permissions.

Configure rules using ipchains.

Configure and enable portsentry on his server.

Install an intrusion detection system on her computer such as Snort.

Q808: John is discussing security with Jane. Jane had mentioned to John earlier that she suspects anLKM has been installed on her server. She believes this is the reason that the server has been acting erratically lately. LKM stands for Loadable Kernel Module. What does this mean in the context of Linux Security? *

1 point

Loadable Kernel Modules are a mechanism for adding functionality to a file system without requiring a kernel recompilation.

Loadable Kernel Modules are a mechanism for adding functionality to an operating-system kernel after it has been recompiled and the system rebooted.

Loadable Kernel Modules are a mechanism for adding auditing to an operating-system kernel without requiring a kernel recompilation.

Loadable Kernel Modules are a mechanism for adding functionality to an operating-system kernel without requiring a kernel recompilation.

Q809: Which of the following snort rules look for FTP root login attempts? *

1 point

alert tcp -> any port 21 (msg:"user root";)

alert tcp -> any port 21 (message:"user root";)

alert ftp -> ftp (content:"user password root";)

alert tcp any any -> any any 21 (content:"user root";)

Q810: *

1 point

IUSR_

acmr,dns

nobody,dns

nobody,IUSR_

Clear form

Never submit passwords through Google Forms.

This content is neither created nor endorsed by Google. Report Abuse - Terms of Service - Privacy Policy

Forms