Certified Ethical Hacker Quiz 8 To reach a bank web site, the traffic from workstations must pass through a firewall. You have been asked to review the firewall configuration to ensure that workstations in network 10.10.10.0/24 can only reach the bank web site 10.20.20.1 using https. Which of the following firewall rules meets this requirement?if (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 443) then permitif (source matches 10.10.10.0/24 and destination matches 10.20.20.1 and port matches 80 or 443) then permitif (source matches 10.20.20.1 and destination matches 10.10.10.0/24 and port matches 443) then permitif (source matches 10.10.10.0 and destination matches 10.20.20.1 and port matches 443) then permit Although FTP traffic is not encrypted by default, which layer 3 protocol would allow for end-to-end encryption of the connection?SFTPIpsecSSLFTPS Which of the following is the least-likely physical characteristic to be used in biometric control that supports a large company?Iris patternsVoiceHeight and WeightFingerprints Which of the following is the BEST way to defend against network sniffing?Using encryption protocols to secure network communicationsRegister all machines MAC Address in a Centralized DatabaseUse Static IP AddressRestrict Physical Access to Server Rooms hosting Critical Servers As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing. What document describes the specifics of the testing, the associated violations, and essentially protects both the organization’s interest and your liabilities as a tester?Service Level AgreementProject ScopeRules of EngagementNon-Disclosure Agreement You have successfully comprised a server having an IP address of 10.10.0.5. You would like to enumerate all machines in the same network quickly. What is the best Nmap command you will use?nmap -T4 -q 10.10.0.0/24nmap -T4 -F 10.10.0.0/24nmap -T4 -r 10.10.1.0/24nmap -T4 -O 10.10.0.0/24 Session splicing is an IDS evasion technique in which an attacker delivers data in multiple, small sized packets to the target computer, making it very difficult for an IDS to detect the attack signatures. Which tool can be used to perform session splicing attacks?tcpspliceBurpHydraWhisker Which of the following is the best countermeasure to encrypting ransomwares?Use multiple antivirus softwaresPay a ransomKeep some generation of off-line backupAnalyze the ransomware to get decryption key of encrypted data What term describes the amount of risk that remains after the vulnerabilities are classified and the countermeasures have been deployed?Residual riskImpact riskDeferred riskInherent risk A regional bank hires your company to perform a security assessment on their network after a recent data breach. The attacker was able to steal financial data from the bank by compromising only a single server. Based on this information, what should be one of your key recommendations to the bank?Place a front-end web server in a demilitarized zone that only handles external web trafficRequire all employees to change their anti-virus program with a new oneMove the financial data to another server on the same IP subnetIssue new certificates to the web servers from the root certificate authority “........is an attack type for a rogue Wi-Fi access point that appears to be a legitimate one offered on the premises, but actually has been set up to eavesdrop on wireless communications. It is the wireless version of the phishing scam. An attacker fools wireless users into connecting a laptop or mobile phone to a tainted hotspot by posing as a legitimate provider. This type of attack may be used to steal the passwords of unsuspecting users by either snooping the communication link or by phishing, which involves setting up a fraudulent web site and luring people there.” Fill in the blank with appropriate choice.Evil Twin AttackSinkhole AttackCollision AttackSignal Jamming Attack By using a smart card and pin, you are using a two-factor authentication that satisfiesSomething you are and something you rememberSomething you have and something you knowSomething you know and something you areSomething you have and something you are During a black-box pen test you attempt to pass IRC traffic over port 80/TCP from a compromised web enabled host. The traffic gets blocked; however, outbound HTTP traffic is unimpeded. What type of firewall is inspecting outbound traffic?CircuitStatefulApplicationPacket Filtering Some clients of TPNQM SA were redirected to a malicious site when they tried to access the TPNQM main site. Bob, a system administrator at TPNQM SA, found that they were victims of DNS Cache Poisoning. What should Bob recommend to deal with such a threat?The use of security agents in clients’ computersThe use of DNSSECThe use of double-factor authenticationClient awareness John the Ripper is a technical assessment tool used to test the weakness of which of the following?PasswordsFile permissionsFirewall rulesetsUsernames Which of the following is an extremely common IDS evasion technique in the web world?SpywareSubnettingUnicode CharactersPort Knocking DNS cache snooping is a process of determining if the specified resource address is present in the DNS cache records. It may be useful during the examination of the network to determine what software update resources are used, thus discovering what software is installed. What command is used to determine if the entry is present in DNS cache?nslookup -fullrecursive update.antivirus.comdnsnooping -rt update.antivirus.comnslookup -norecursive update.antivirus.comdns --snoop update.antivirus.com An incident investigator asks to receive a copy of the event logs from all firewalls, proxy servers, and Intrusion Detection Systems (IDS) on the network of an organization that has experienced a possible breach of security. When the investigator attempts to correlate the information in all of the logs, the sequence of many of the logged events do not match up. What is the most likely cause?The network devices are not all synchronized.Proper chain of custody was not observed while collecting the logs.The attacker altered or erased events from the logs.The security breach was a false positive. Time is Up!
