EC Council CEH assessment with Answers, Exams of Computer Science

Download EC Council CEH assessment with Answers and more Exams Computer Science in PDF only on Docsity! EC Council CEH assessment with Answers. Hacker is a person who illegally breaks into a system or network without any authorization to destroy, steal sensitive data or to perform any malicious attacks. Black hat hackers are: - ✔ Individuals with extraordinary computing skills, resorting to malicious or destructive activities and are also known as crackers In order to compromise or to hack a system or network the hackers go through various phases of the hacking. What is the first hacking phase that hackers perform to gather information about a target prior to launching an attack? - ✔ Reconnaissance Defense-in-depth is a security strategy in which several protection layers are placed throughout an information system. It helps to prevent direct attacks against an information system and data because a break in one layer only leads the attacker to the next layer. - ✔ True Penetration testing is a method of actively evaluating the security of an information system or network by simulating an attack from a malicious source. Which of the following technique is used to simulate an attack from someone who is unfamiliar with the system? - ✔ Black box pen testing Which of the following scanning technique attackers use to bypass firewall rules, logging mechanism, and hide themselves as usual network traffic? - ✔ Stealth scanning technique Which of the following scan only works if operating system's TCP/IP implementation is based on RFC 793? - ✔ NULL scan OS fingerprinting is the method used to determine the operating system running on a remote target system. It is an important scanning method, as the attacker will have a greater probability of success if he/she knows the OS. Active stack fingerprinting is one of the types of OS fingerprinting. Which of the following is true about active stack fingerprinting? - ✔ Is based on the fact that various vendors of OS implement the TCP stack differently Proxy is a network computer that can serve as an intermediary for connecting with other computers. Which of the following sentence is true about a proxy? - ✔ Protects the local network from outside access IP spoofing refers to the procedure of an attacker changing his or her IP address so that he or she appears to be someone else. Which of the following IP spoofing detection technique succeed only when the attacker is in a different subnet? - ✔ Direct TTL probes technique Enumeration is defined as the process of extracting user names, machine names, network resources, shares, and services from a system. Which of the following enumeration an attacker uses to obtain list of computers that belongs to a domain? - ✔ Netbios enumeration Network Time Protocol (NTP) is designed to synchronize clocks of networked computers. Which of the following port NTP uses as its primary means of communication? - ✔ UDP Port 123 Rootkits are kernel programs having the ability to hide themselves and cover up traces of activities. It replaces certain operating system calls and utilities with its own modified versions of those routines. Which of the following rootkit modifies the boot sequence of the machine to load themselves instead of the original virtual machine monitor or operating system? - ✔ Hypervisor level rootkit Steganography is a technique of hiding a secret message within an ordinary message and extracting it at the destination to maintain confidentiality of data. Which of the following steganography technique embed secret message in the frequency domain of a signal? - ✔ Transform domain techniques A virus is a self-replicating program that produces its own code by attaching copies of it into other executable codes. Which of the following virus evade the anti-virus software by intercepting its requests to the operating system? - ✔ Stealth/Tunneling virus Lawful intercept is a process that enables a Law Enforcement Agency (LEA) to perform electronic surveillance on a target as authorized by a judicial or administrative order. will the attacker use if he/she gets some information about the password to crack? - ✔ Rule-based Attack Secure Hashing Algorithm (SHA) is an algorithm for generating cryptographically secure one-way hash, published by the National Institute of Standards and Technology as a U.S. Federal Information Processing Standard. What is the block (word) size used by SHA-512 algorithm? - ✔ 64-bit Which of the following cryptographic attack refers to extraction of cryptographic secrets (e.g. the password to an encrypted file) from a person by coercion or torture? - ✔ Rubber Hose Attack Which of the following is a mutation technique used for writing buffer overflow exploits in order to avoid IDS and other filtering mechanisms? - ✔ Randomly replace the NOPs with functionally equivalent segments of the code (e.g.: x++; x-; ? NOP NOP) Firewall implementation and design for an enterprise can be a daunting task. Choices made early in the design process can have far-reaching security implications for years to come. Which of the following firewall architecture is designed to host servers that offer public services? - ✔ Screened subnet An intrusion detection system (IDS) gathers and analyzes information from within a computer or a network, to identify the possible violations of security policy, including unauthorized access, as well as misuse. Attackers use various IDS evasion techniques to bypass intrusion detection mechanisms. Which of the following evasion technique rely on Time-to-Live (TTL) fields of a TCP/IP packet? - ✔ Insertion Attack Attackers craft malicious probe packets and scan for services such as HTTP over SSL (HTTPS), SMTP over SSL (SMPTS) and IMAP over SSL (IMAPS) to detect honeypots in a network. Which of the following condition shows the presence of a honeypot? - ✔ Ports show a particular service running but deny a three-way handshake connection Identify the denial-of-service attack that is carried out using a method known as "bricking a system." Unlike other DoS attacks, it sabotages the system hardware, requiring the victim to replace or reinstall the hardware. - ✔ Phlashing Some viruses affect computers as soon as their code is executed; other viruses lie dormant until a pre-determined logical circumstance is met. Identify the virus that modifies the directory table entries so that directory entries point to the virus code instead of the actual program. - ✔ Cluster Viruses Which of the following Wi-Fi chalking method refers to drawing symbols in public places to advertise open Wi-Fi networks? - ✔ WarChalking Wired Equivalent Privacy (WEP) is an IEEE 802.11 wireless protocol which provides security algorithms for data confidentiality during wireless transmissions. WEP uses stream cipher RC4 for confidentiality, and the CRC-32 checksum for integrity of wireless transmission. What is the size of WEP initialization vector (IV)? - ✔ 24-bit Bluetooth hacking refers to exploitation of Bluetooth stack implementation vulnerabilities to compromise sensitive data in Bluetooth-enabled devices and networks. Which of the following Bluetooth attack refers to sending unsolicited messages over Bluetooth to Bluetooth-enabled devices such as PDA and mobile phones? - ✔ Bluejacking Enumeration is defined as the process of extracting user names, machine names, network resources, shares, and services from a system. Which of the following command can be used in UNIX environment to enumerate the shared directories on a machine? - ✔ showmount CAM table in switch stores information such as MAC addresses available on physical ports with their associated VLAN parameters. What happens when the CAM table is full? - ✔ Additional ARP request traffic will flood every port on the switch Identify the web application attack where attackers exploit webpage vulnerabilities to force an unsuspecting user's browser to send malicious requests they did not intend. The victim holds an active session with a trusted site and simultaneously visits a malicious site, which injects an HTTP request for the trusted site into the victim user's session, compromising its integrity - ✔ Cross-Site Request Forgery (CSRF) Jason, a penetration tester, is testing a web application that he knows is vulnerable to an SQL injection but the results of the injection are not visible to him. He tried waitfor delay command to check the SQL execution status which confirmed the presence of the SQL injection vulnerability. Which type of SQL injection Jason is attempting on the web application? - ✔ Blind SQL injection Consider the attack scenario given below: Step 1: User browses a web page Step 2: Web server replies with requested page and sets a cookie on the user's browser Step 3: Attacker steals cookie (Sniffing, XSS, phishing attack) Step 4: Attacker orders for product using modified cookie Step 5: Product is delivered to attacker's address Identify the web application attack. - ✔ Cookie poisoning attack An intrusion detection system (IDS) gathers and analyzes information from within a computer or a network, to identify the possible violations of security policy, including unauthorized access, as well as misuse. Which of the following IDS detection technique detects the intrusion based on the fixed behavioral characteristics of the users and components in a computer system? - ✔ Anomaly detection