Certified Ethical Hacker Quiz 5 Welcome to your Certified Ethical Hacker Quiz 5 What is the role of test automation in security testing?It is an option but it tends to be very expensive.It should be used exclusively. Manual testing is outdated because of low speed and possible test setup inconsistencies.Test automation is not usable in security due to the complexity of the tests.It can accelerate benchmark tests and repeat them with a consistent test setup. But it cannot replace manual testing completely. Which of the following is not a Bluetooth attack?BluedrivingBluesmackingBluejackingBluesnarfing What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass through the packet-filtering of the firewall?Session hijackingFirewalkingMan-in-the middle attackNetwork sniffing Which of the following tools is used to analyze the files produced by several packet-capture programs such as tcpdump, WinDump, Wireshark, and EtherPeek?tcptraceNessusOpenVAStcptraceroute What kind of detection techniques is being used in antivirus software that identifies malware by collecting data from multiple protected systems and instead of analyzing files locally it’s made on the provider’s environment?Behavioral basedHeuristics basedHoneypot basedCloud based During a recent security assessment, you discover the organization has one Domain Name Server (DNS) in a Demilitarized Zone (DMZ) and a second DNS server on the internal network. What is this type of DNS configuration commonly called?DynDNSDNS SchemeDNSSECSplit DNS A hacker is an intelligent individual with excellent computer skills and the ability to explore a computer’s software and hardware without the owner’s permission. Their intention can either be to simply gain knowledge or to illegally make changes. Which of the following class of hacker refers to an individual who works both offensively and defensively at various times?White HatSuicide HackerGray HatBlack Hat Peter is surfing the internet looking for information about DX Company. Which hacking process is Peter doing?ScanningFootprintingEnumerationSystem Hacking PGP, SSL, and IKE are all examples of which type of cryptography?DigestSecret KeyPublic KeyHash Algorithm A large mobile telephony and data network operator has a data center that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with firewalls and IPS systems. What is the best security policy concerning this setup?Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.As long as the physical access to the network elements is restricted, there is no need for additional measures.There is no need for specific security measures on the network elements as long as firewalls and IPS systems exist.The operator knows that attacks and down time are inevitable and should have a backup site. The configuration allows a wired or wireless network interface controller to pass all traffic it receives to the Central Processing Unit (CPU), rather than passing only the frames that the controller is intended to receive. Which of the following is being described?Multi-cast modePromiscuous modeWEMPort forwarding Which of the following incident handling process phases is responsible for defining rules, collaborating human workforce, creating a back-up plan, and testing the plans for an organization?Preparation phaseContainment phaseIdentification phaseRecovery phase _________ is a set of extensions to DNS that provide the origin authentication of DNS data to DNS clients (resolvers) so as to reduce the threat of DNS poisoning, spoofing, and similar types of attacks.DNSSECResource recordsResource transferZone transfer An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to "www.MyPersonalBank.com", the user is directed to a phishing site. Which file does the attacker need to modify?Boot.iniSudoersNetworksHosts What does a firewall check to prevent particular ports and applications from getting packets into an organization?Transport layer port numbers and application layer headersPresentation layer headers and the session layer port numbersNetwork layer headers and the session layer port numbersApplication layer port numbers and the transport layer headers You have gained physical access to a Windows 2008 R2 server, which has an accessible disc drive. When you attempt to boot the server and log in, you are unable to guess the password. In your toolkit, you have an Ubuntu 9.10 Linux LiveCD. Which Linux-based tool can change any user’s password or activate disabled Windows accounts?John the RipperSETCHNTPWCain & Abel An attacker with access to the inside network of a small company launches a successful STP manipulation attack. What will he do next?He will create a SPAN entry on the spoofed root bridge and redirect traffic to his computer.He will activate OSPF on the spoofed root bridge.He will repeat this action so that it escalates to a DoS attack.He will repeat the same attack against all L2 switches of the network. What is correct about digital signatures?A digital signature cannot be moved from one signed document to another because it is the hash of the original document encrypted with the private key of the signing party.Digital signatures may be used in different documents of the same type.A digital signature cannot be moved from one signed document to another because it is a plain hash of the document contentDigital signatures are issued once for each user and can be used everywhere until they expire. A company’s security policy states that all Web browsers must automatically delete their HTTP browser cookies upon terminating. What sort of security breach is this policy attempting to mitigate?Attempts by attackers to access the user and password information stored in the company’s SQL databaseAttempts by attackers to access Web sites that trust the Web browser user by stealing the user’s authentication credentials.Attempts by attackers to access passwords stored on the user’s computer without the user’s knowledge.Attempts by attackers to determine the user’s Web browser usage patterns, including when sites were visited and for how long. What two conditions must a digital signature meet?Has to be the same number of characters as a physical signature and must be unique.Has to be unforgeable, and has to be authentic.Must be unique and have special characters.Has to be legible and neat. Time is Up!