All these Questions are in this Section were asked in Certified Ethical Hacker Examinations of EC-Council .This is the 17th part
1- Which of the following is a command line packet analyzer similar to GUI-based Wireshark?
A. tcpdump
B. nessus
C. etherea
D. Jack the ripper
2- Which technical characteristic do Ethereal/Wireshark, TCPDump, and Snort have in common?
A. They are written in Java.
B. They send alerts to security monitors.
C. They use the same packet analysis engine.
D. They use the same packet capture utility.
3- . Pentest results indicate that voice over IP traffic is traversing a network. Which of the following tools will decode a packet capture and extract the voice conversations?
A. Cain
B. John the Ripper
C. Nikto
D. Hping
Related Link=> Previous post of Ethical Hacker Examination Que & Ans.
Part-13 , Part-14 , Part-15 , Part-16
Part-7 , Part-8 , Part-9 , Part-10 , Part-11 , Part-12
Part-6 , Part-5 , Part-4 , Part-3 , Part-2 , Part-1
4- . Which of the following scanning tools is specifically designed to find potential exploits in Microsoft Windows products?
A. Microsoft Security Baseline Analyzer
B. Retina
C. Core Impact
D. Microsoft Baseline Security Analyzer
5- ICMP ping and ping sweeps are used to check for active systems and to check
A. if ICMP ping traverses a firewall.
B. the route that the ICMP ping took.
C. the location of the switchport in relation to the ICMP ping.
D. the number of hops an ICMP ping takes to reach a destination.
6- An attacker is using nmap to do a ping sweep and a port scanning in a subnet of 254 addresses. In which order should he perform these steps?
A. The sequence does not matter. Both steps have to be performed against all hosts.
B. First the port scan to identify interesting services and then the ping sweep to find hosts responding to icmp echo requests.
C. First the ping sweep to identify live hosts and then the port scan on the live hosts. This way he saves time.
D. The port scan alone is adequate. This way he saves time.
Related Link=> Previous post of Ethical Hacker Examination Que & Ans.
Part-13 , Part-14 , Part-15 , Part-16
Part-7 , Part-8 , Part-9 , Part-10 , Part-11 , Part-12
Part-6 , Part-5 , Part-4 , Part-3 , Part-2 , Part-1
7- If a tester is attempting to ping a target that exists but receives no response or a response that states the destination is unreachable, ICMP may be disabled and the network may be using TCP. Which other option could the tester use to get a response from a host using TCP?
A. TCP ping
B. Traceroute
C. Broadcast ping
D. Hping
8- You want to do an ICMP scan on a remote computer using hping2. What is the proper syntax?
A. hping2 host.domain.com
B. hping2 –set-ICMP host.domain.com
C. hping2 -i host.domain.com
D. hping2 -1 host.domain.com
9- Which of the following scanning method splits the TCP header into several packets and makes it difficult for packet filters to detect the purpose of the packet
A. ACK flag probe scanning
B. IPID scanning
C. SYNFIN scanning using IP fragments
D. ICMP Echo scanning
10- You are a Penetration Tester and are assigned to scan a server. You need to use a scanning technique wherein the TCP Header is split into many packets so that it becomes difficult to detect what the packets are meant for.
Related Link
Computer Networking #1 -Questions and Answers
SQL Database #3 -Questions & Answers
SQL Database #2 -Questions & Answers
SQL Database #1 -Questions & Answers
Related Link ,See once
SECURITY TOOLS -Cyber Security # 4
Security Tips – Cyber Security #3
Method Of Defence – Cyber Security #2
Computer Threats – Cyber Security #1
Cyber Security Introduction
Cyber Security
Science
>>> CONTACT US < <<