Certified Ethical Hacker Examination-Questions & Answers- #11

All these Questions are in this Section were asked in Certified Ethical Hacker Examinations of EC-Council .This is the 11th part


1- Which of the following statements regarding ethical hacking is incorrect?

A. Ethical hackers should never use tools or methods that have the potential of exploiting vulnerabilities in an organization’s systems.
B. Testing should be remotely performed offsite.
C. An organization should use ethical hackers who do not sell vendor hardware/software or other consulting services.
D. Ethical hacking should not involve writing to or modifying the target systems.

Answer: A. Ethical hackers should never use tools or methods that have the potential of exploiting vulnerabilities in an organization’s systems.

2- . First thing you do every office day is to check your email inbox. One morning, you received an email from your best friend and the subject line is quite strange. What should you do?
A. Delete the email and pretend nothing happened.
B. Forward the message to your supervisor and ask for her opinion on how to handle the situation.
C. Forward the message to your company’s security response team and permanently delete the message from your computer.
D. Reply to the sender and ask them for more information about the message contents.

Answer: C. Forward the message to your company’s security response team and permanently delete the message from your computer.



Related Link=> Previous post of Ethical Hacker Examination Que & Ans.
Part-7 , Part-8 , Part-9 , Part-10
Part-6 , Part-5 , Part-4 , Part-3 , Part-2 , Part-1

3- . Bob received this text message on his mobile phone: ““Hello, this is Vikas from the Yahoo Bank. Kindly contact me for a vital transaction on: vikas@yahoo.com””. Which statement below is true?
A. This is probably a legitimate message as it comes from a respectable organization.
B. Bob should write to vikas@yahoo.com to verify the identity of vikas.
C. This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.
D. This is a scam because Bob does not know Scott.

Answer: C. This is a scam as everybody can get a @yahoo address, not the Yahoo customer service employees.

4- . In many states sending spam is illegal. Thus, the spammers have techniques to try and ensure that no one knows they sent the spam out to thousands of users at a time. Which of the following best describes what spammers use to hide the origin of these types of e-mails?’
A. A blacklist of companies that have their mail server relays configured to allow traffic only to their specific domain name.
B. Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers continuously.
C. A blacklist of companies that have their mail server relays configured to be wide open.
D. Tools that will reconfigure a mail server’s relay component to send the e-mail back to the spammers occasionally.

Answer: B. Mail relaying, which is a technique of bouncing e-mail from internal to external mails servers continuously.

5- Bob, your senior colleague, has sent you a mail regarding a deal with one of the clients. You are requested to accept the offer and you oblige. After 2 days, Bob denies that he had ever sent a mail. What do you want to know to prove yourself that it was Bob who had send a mail
A. Integrity
B. Confidentiality
C. Authentication
D. Non-Repudiation

Answer: D. Non-Repudiation

6- The collection of potentially actionable, overt, and publicly available information is known as

Answer: Open-source intelligence



Related Link=> Previous post of Ethical Hacker Examination Que & Ans.
Part-7 , Part-8 , Part-9 , Part-10
Part-6 , Part-5 , Part-4 , Part-3 , Part-2 , Part-1

7- An IT security engineer notices that the company’s web server is currently being hacked. What should the engineer do next?
A. Unplug the network connection on the company’s web server.
B. Determine the origin of the attack and launch a counterattack.
C. Record as much information as possible from the attack.
D. Perform a system restart on the company’s web server.

Answer: C. Record as much information as possible from the attack.

8- A security consultant is trying to bid on a large contract that involves penetration testing and reporting. The company accepting bids wants proof of work so the consultant prints out several audits that have been performed. Which of the following is likely to occur as a result?
A. The consultant will ask for money on the bid because of great work.
B. The consultant may expose vulnerabilities of other companies.
C. The company accepting bids will want the same type of format of testing.
D. The company accepting bids will hire the consultant because of the great work performed.

Answer: B. The consultant may expose vulnerabilities of other companies.

9- What is the most secure way to mitigate the theft of corporate information from a laptop that was left in a hotel room?
A. Back up everything on the laptop and store the backup in a safe place
B. Use a strong logon password to the operating system
C. Encrypt the data on the hard drive
D. Set a BIOS password

Answer: C. Encrypt the data on the hard drive

10- Alice encrypts her data using her public key PK and stores the encrypted data in the cloud. Which of the following attack scenario will compromise the privacy of her data?

Answer: Alice also stores her private key in the cloud, and Harry breaks into the cloud server as before



Related Link
Computer Networking #1 -Questions and Answers
SQL Database #3 -Questions & Answers
SQL Database #2 -Questions & Answers
SQL Database #1 -Questions & Answers


Related Link ,See once

SECURITY TOOLS -Cyber Security # 4
Security Tips – Cyber Security #3
Method Of Defence – Cyber Security #2
Computer Threats – Cyber Security #1
Cyber Security Introduction
Cyber Security
Science
>>> CONTACT US < <<

Comment Please