Home > Cyber Security > CEH- (Cerified Ethical Hacker) > Certified Ethical Hacker Examination-Questions & Answers- #2

Certified Ethical Hacker Examination-Questions & Answers- #2

Certified Ethical Hacker Examination - #2 - gkaim

All these Questions are in this Section were asked in Certified Ethical Hacker Examinations of EC-Council .This is 2nd part


1- The intrusion detection system at a software development company suddenly generates multiple alerts regarding attacks against the company’s external webserver, VPN concentrator, and DNS servers. What should the security team do to determine which alerts to check first?

A. Investigate based on the maintenance schedule of the affected systems
B. Investigate based on the service level agreements of the systems.
C. Investigate based on the potential effect of the incident.
D. Investigate based on the order that the alerts arrived in.

Answer: C. Investigate based on the potential effect of the incident

2- As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing.What document describes the specifics of the testing, the associated violations, and essentially protects both the organization’s interest and your liabilities as a tester?
A-Project Scope
B-Rules of Engagement
C-Service Level Agreement
D-Non-Disclosure Agreement

Answer: Rules of Engagement

3- In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account’s confidential files and information. How can he achieve this?
A. Port Scanning
B. Hacking Active Directory
C. Privilege Escalation
D. Shoulder-Surfing

Answer: C. Privilege Escalation

4-Least privilege is a security concept that requires that a user is
A. limited to those functions required to do the job.
B. given root or administrative privileges.
C. trusted to keep all data and access to that data under their sole control.
D. given privileges equal to everyone else in the department.

Answer: A. limited to those functions required to do the job



Related Link
Certified Ethical Hacker Examination Q & A -Part 1
Certified Ethical Hacker Examination Q & A -Part 3

5- When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy?A. A bottom-up approach
B. A top-down approach
C. A senior creation approach
D. An IT assurance approach

Answer: B. A top-down approach

6- Defining rules, collaborating human workforce, creating a backup plan, and testing the plans are within what phase of the Incident Handling Process?
A. Preparation phase
B. Containment phase
C. Recovery phase
D. Identification phas

Answer: A. Preparation phase

7- What is the term coined for logging, recording and resolving events in a company?
A. Internal Procedure
B. Security Policy
C. Incident Management Process
D. Metrics

Answer: C. Incident Management Process

8- Describes the specifics of the testing, the associated violations, and essentially protects both the bank’s interest and your liabilities as a tester?
A. Service Level Agreement
B. Non-Disclosure Agreement
C. Terms of Engagement
D. Project Scope

Answer: C. Terms of Engagement

9- Which initial procedure should an ethical hacker perform after being brought into an organization?
A. Begin security testing.
B. Turn over deliverables.
C. Sign a formal contract with non-disclosure.
D. Assess what the organization is trying to protect

Answer: C. Sign a formal contract with non-disclosure

10- Which of the following ensures that updates to policies, procedures, and configurations are made in a controlled and documented fashion?
A. Regulatory compliance
B. Peer review
C. Change management
D. Penetration testing

Answer: C. Change management




Related Link
Computer Networking #1 -Questions and Answers
SQL Database #3 -Questions & Answers
SQL Database #2 -Questions & Answers
SQL Database #1 -Questions & Answers


Useful Link ,Visit once

SECURITY TOOLS -Cyber Security # 4
Security Tips – Cyber Security #3
Method Of Defence – Cyber Security #2
Computer Threats – Cyber Security #1
Cyber Security Introduction
Cyber Security
Science
>>> CONTACT US < <<

Summary
Article Name=>
Certified Ethical; Hacker # 2
Description=>
All the Questions were asked in Examination of CEH - This is Second part of CEH Examinations Q & A
Author=>
Publisher Name=>
www.gkaim.com
Admin
Welcome Sir, .. Myself Vikas Chaudhary , i was interested in general knowledge since childhood , so i thought why not to share my knowledge with you, that's why i created this educational blog. Here you find world wide general knowledge of all Latest technology , Science & History Que , and Mysterious fact of the world. Here you also find knowledge about cyber security. Thanks for visit.. keep supporting....keep Loving
https://www.gkaim.com

Leave a Reply

%d bloggers like this: