Certified Ethical Hacker Practice Exam

JavaScript isn't enabled in your browser, so this file can't be opened. Enable and reload.

Certified Ethical Hacker Practice Exam - Part Vl

Volume D

Email *

Write down your name. *

Write down your contact number. *

Q301: Employees in a company are no longer able to access Internet web sites on their computers. The network administrator is able to successfully ping the IP address of web servers on the Internet and is able to open websites by using an IP address in place of the URL. The administrator runs the lookup command for www.eccouncil.org and receives an error message stating there is no response from the server. What should the administrator do next? *

1 point

Configure the firewall to allow traffic on TCP ports 53 and UDP port 53.

Configure the firewall to allow traffic on TCP ports 80 and UDP port 443.

Configure the firewall to allow traffic on TCP port 53.

Configure the firewall to allow traffic on TCP port 8080.

Q302: Which initial procedure should an ethical hacker perform after being brought into an organization? *

1 point

Begin security testing.

Turn over deliverables.

Sign a formal contract with non-disclosure.

Assess what the organization is trying to protect.

Q303: Which of the following guidelines or standards is associated with the credit card industry? *

1 point

Control Objectives for Information and Related Technology (COBIT)

Sarbanes-Oxley Act (SOX)

Health Insurance Portability and Accountability Act (HIPAA)

Payment Card Industry Data Security Standards (PCI DSS)

Q304: An attacker has captured a target file that is encrypted with public-key cryptography. Which of the attacks below is likely to be used to crack the target file? *

1 point

Timing attack

Replay attack

Memory trade-off attack

Chosen plain-text attack

Q305: Which tool can be used to silently copy files from USB devices? *

1 point

USB Grabber

USB Dumper

USB Sniffer

USB Snoopy

Q306: How can a rootkit bypass Windows 7 operating system’s kernel mode, code signing policy? *

1 point

Defeating the scanner from detecting any code change at the kernel

Replacing patch system calls with its own version that hides the rootkit (attacker's) actions

Performing common services for the application process and replacing real applications with fake ones

Attaching itself to the master boot record in a hard drive and changing the machine's boot sequence/options

Q307: A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature? *

1 point

Perform a vulnerability scan of the system.

Determine the impact of enabling the audit feature.

Perform a cost/benefit analysis of the audit feature.

Allocate funds for staffing of audit log review.

Q308: A consultant has been hired by the V.P. of a large financial organization to assess the company's security posture. During the security testing, the consultant comes across child pornography on the V.P.'s computer. What is the consultant's obligation to the financial organization? *

1 point

Say nothing and continue with the security testing.

Stop work immediately and contact the authorities.

Delete the pornography,say nothing,and continue security testing.

Bring the discovery to the financial organization's human resource department.

Q309: How is sniffing broadly categorized? *

1 point

Active and passive

Broadcast and unicast

Unmanaged and managed

Filtered and unfiltered

Q310: An engineer is learning to write exploits in C++ and is using the exploit tool Backtrack. The engineer wants to compile the newest C++ exploit and name it calc.exe. Which command would the engineer use to accomplish this? *

1 point

g++ hackersExploit.cpp -o calc.exe

g++ hackersExploit.py -o calc.exe

g++ -i hackersExploit.pl -o calc.exe

g++ --compile –i hackersExploit.cpp -o calc.exe

Clear form

Never submit passwords through Google Forms.

This content is neither created nor endorsed by Google. Report Abuse - Terms of Service - Privacy Policy

Forms