Certified Ethical Hacker Examination-Questions & Answers- #13

All these Questions are in this Section were asked in Certified Ethical Hacker Examinations of EC-Council .This is the 13th part


1- A certified ethical hacker (CEH) is approached by a friend who believes her husband is cheating. She offers to pay to break into her husband’s email account in order to find proof so she can take him to court. What is the ethical response?

A. Say no; the friend is not the owner of the account.
B. Say yes; the friend needs help to gather evidence.
C. Say yes; do the job for free.
D. Say no; make sure that the friend knows the risk she’s asking the CEH to take.

Answer: A. Say no; the friend is not the owner of the account.

2- A computer technician is using a new version of a word processing software package when it is discovered that a special sequence of characters causes the entire computer to crash. The technician researches the bug and discovers that no one else experienced the problem. What is the appropriate next step?
A. Ignore the problem completely and let someone else deal with it.
B. Create a document that will crash the computer when opened and send it to friends.
C. Find an underground bulletin board and attempt to sell the bug to the highest bidder.
D. Notify the vendor of the bug and do not disclose it until the vendor gets a chance to issue a fix.

Answer: D. Notify the vendor of the bug and do not disclose it until the vendor gets a chance to issue a fix.




Related Link=> Previous post of Ethical Hacker Examination Que & Ans.
Part-7 , Part-8 , Part-9 , Part-10 , Part-11 , Part-12
Part-6 , Part-5 , Part-4 , Part-3 , Part-2 , Part-1

3- While you were gathering information as part of security assessments for one of your clients, you were able to gather data that show your client is involved with fraudulent activities. What should you do?
A. Immediately stop work and contact the proper legal authorities
B. Ignore the data and continue the assessment until completed as agreed
C. Confront the client in a respectful manner and ask her about the data
D. Copy the data to removable media and keep it in case you need it

Answer: A. Immediately stop work and contact the proper legal authorities

4- A consultant has been hired by the V.P. of a large financial organization to assess the company’s security posture. During the security testing, the consultant comes across child pornography on the V.P.’s computer.What is the consultant’s obligation to the financial organization?
A. Say nothing and continue with the security testing.
B. Stop work immediately and contact the authorities
C. Delete the pornography, say nothing, and continue security testing.
D. Bring the discovery to the financial organization’s human resource department.

Answer: B. Stop work immediately and contact the authorities.

5- . Your company performs penetration tests and security assessments for small and medium-sized business in the local area. During a routine security assessment, you discover information that suggests your client is involved in human trafficking. What should you do
A. Immediately stop work and contact the proper legal authorities
B. Confront the client in a respectful manner and ask her about the data
C. Copy the data to removable media and keep it in case you need it
D. Ignore the data and continue the assessment until completed as agreed

Answer: A. Immediately stop work and contact the proper legal authorities

6- A certified ethical hacker (CEH) completed a penetration test of the main headquarters of a company almost two months ago, but has yet to get paid. The customer is suffering from financial problems, and the CEH is worried that the company will go out of business and end up not paying. What actions should the CEH take?
A. Threaten to publish the penetration test results if not paid.
B. Follow proper legal procedures against the company to request payment.
C. Tell other customers of the financial problems with payments from this company.
D. Exploit some of the vulnerabilities found on the company webserver to deface it.

Answer: B. Follow proper legal procedures against the company to request payment




Related Link=> Previous post of Ethical Hacker Examination Que & Ans.
Part-7 , Part-8 , Part-9 , Part-10 , Part-11 , Part-12
Part-6 , Part-5 , Part-4 , Part-3 , Part-2 , Part-1

7- An ethical hacker for a large security research firm performs penetration tests, vulnerability tests, and risk assessments. A friend recently started a company and asks the hacker to perform a penetration test and vulnerability assessment of the new company as a favor. What should the hacker’s next step be before starting work on this job?
A. Start by foot printing the network and mapping out a plan of attack.
B. Ask the employer for authorization to perform the work outside the company
C. Begin the reconnaissance phase with passive information gathering and then move into active information gathering.
D. Use social engineering techniques on the friend’s employees to help identify areas that may be susceptible to attack.

Answer: B. Ask the employer for authorization to perform the work outside the company.

8- Sophia travels a lot and worries that her laptop containing confidential documents might be stolen. What is the best protection that will work for her?
A. BIOS password
B. Password protected files
C. Hidden folders
D. Full disk encryption

Answer: Full disk encryption

9- Backing up data is a security must. However, it also has certain level of risks when mishandled. Which of the following is the greatest threat posed by backups?
A. A backup is the source of Malware or illicit information
B. A backup is incomplete because no verification was performed
C. A backup is unavailable during disaster recovery
D. An unencrypted backup can be misplaced or stolen

Answer: D. An unencrypted backup can be misplaced or stolen

10- A bank stores and processes sensitive privacy information related to home loans. However, auditing has never been enabled on the system. What is the first step that the bank should take before enabling the audit feature?
A. Perform a cost/benefit analysis of the audit feature
B. Determine the impact of enabling the audit feature
C. Perform a vulnerability scan of the system
D. Allocate funds for staffing of audit log review

Answer: B. Determine the impact of enabling the audit feature



Related Link
Computer Networking #1 -Questions and Answers
SQL Database #3 -Questions & Answers
SQL Database #2 -Questions & Answers
SQL Database #1 -Questions & Answers


Related Link ,See once

SECURITY TOOLS -Cyber Security # 4
Security Tips – Cyber Security #3
Method Of Defence – Cyber Security #2
Computer Threats – Cyber Security #1
Cyber Security Introduction
Cyber Security
Science
>>> CONTACT US < <<

Comment Please