Certified Ethical Hacker Examination-Questions & Answers- #16

All these Questions are in this Section were asked in Certified Ethical Hacker Examinations of EC-Council .This is the 16th part


1- You are a Network Security Officer. You have two machines. The first machine (192.168.0.99) has snort installed, and the second machine (192.168.0.150) has kiwi syslog installed. You perform a syn scan in your network, and you notice that kiwi syslog is not receiving the alert message from snort. You decide to run wireshark in the snort machine to check if the messages are going to the kiwi syslog machine. What wireshark filter will show the connections from the snort machine to kiwi syslog machine?

A. tcp.dstport==514 && ip.dst==192.168.0.150
B. tcp.srcport==514 && ip.src==192.168.0.99
C. tcp.dstport==514 && ip.dst==192.168.0.0/16
D. tcp.srcport==514 && ip.src==192.168.150

Answer: A. tcp.dstport==514 && ip.dst==192.168.0.150

2- What is the correct PCAP filter to capture all TCP traffic going to or from host 192.168.0.125 on port 25?
A. tcp.src == 25 and ip.host == 192.168.0.125
B. host 192.168.0.125:25
C. port 25 and host 192.168.0.125
D. tcp.port == 25 and ip.host == 192.168.0.125

Answer: D. tcp.port == 25 and ip.host == 192.168.0.125



Related Link=> Previous post of Ethical Hacker Examination Que & Ans.
Part-13 , Part-14 , Part-15
Part-7 , Part-8 , Part-9 , Part-10 , Part-11 , Part-12
Part-6 , Part-5 , Part-4 , Part-3 , Part-2 , Part-1

3- As an Ethical Hacker you are capturing traffic from your customer network with Wireshark and you need to find and verify just SMTP traffic. What command in Wireshark will help you to find this kind of traffic?
A. request smtp 25
B. tcp.port eq 25
C. smtp port
D. tcp.contains port 25

Answer: B. tcp.port eq 25

4- Which of the following is considered an exploit framework and has the ability to perform automated attacks on services, ports, applications and unpatched security flaws in a computer system?
A. Maltego
B. Metasploit
C. Nessus
D. Wireshark

Answer: B. Metasploit

5- Which Metasploit Framework tool can help penetration tester for evading Anti-virus Systems?
A. msfpayload
B. msfcli
C. msfencode
D. msfd

Answer: C. msfencode

6- . A pentester is using Metasploit to exploit an FTP server and pivot to a LAN. How will the pentester pivot using Metasploit?
A. Issue the pivot exploit and set the meterpreter.
B. Reconfigure the network settings in the meterpreter.
C. Set the payload to propagate through the meterpreter.
D. Create a route statement in the meterpreter.

Answer: D. Create a route statement in the meterpreter




Related Link=> Previous post of Ethical Hacker Examination Que & Ans.
Part-13 , Part-14 , Part-15
Part-7 , Part-8 , Part-9 , Part-10 , Part-11 , Part-12
Part-6 , Part-5 , Part-4 , Part-3 , Part-2 , Part-1

7- The establishment of a TCP connection involves a negotiation called 3 way handshake. What type of message sends the client to the server in order to begin this negotiation?
A. RST
B. ACK
C. SYN-ACK
D. SYN

Answer: D. SYN

8- What is the correct process for the TCP three-way handshake connection establishment and connection termination?
A. Connection Establishment: FIN, ACK-FIN, ACK
Connection Termination: SYN, SYN-ACK, ACK
B. Connection Establishment: SYN, SYN-ACK, ACK
Connection Termination: ACK, ACK-SYN, SYN
C. Connection Establishment: ACK, ACK-SYN, SYN
Connection Termination: FIN, ACK-FIN, ACK
D. Connection Establishment: SYN, SYN-ACK, ACK Connection Termination: FIN, ACK-FIN, ACK

Answer: D. Connection Establishment: SYN, SYN-ACK, ACK
Connection Termination: FIN, ACK-FIN, ACK

9- . You have several plain-text firewall logs that you must review to evaluate network traffic. You know that in order to do fast, efficient searches of the logs you must use regular expressions. Which command-line utility are you most likely to use?
A. Grep
B. Notepad
C. MS Excel
D. Relational Database

Answer: A. Grep

10- TCP/IP stack fingerprinting is the passive collection of configuration attributes from a remote device during standard layer 4 network communications. Which of the following tools can be used for passive OS fingerprinting?
A. nmap
B. ping
C. tracert
D. tcpdump

Answer: D. tcpdump



Related Link
Computer Networking #1 -Questions and Answers
SQL Database #3 -Questions & Answers
SQL Database #2 -Questions & Answers
SQL Database #1 -Questions & Answers


Related Link ,See once

SECURITY TOOLS -Cyber Security # 4
Security Tips – Cyber Security #3
Method Of Defence – Cyber Security #2
Computer Threats – Cyber Security #1
Cyber Security Introduction
Cyber Security
Science
>>> CONTACT US < <<

Comment Please