All these Questions are in this Section were asked in Certified Ethical Hacker Examinations of EC-Council .This is 2nd part
1- The intrusion detection system at a software development company suddenly generates multiple alerts regarding attacks against the company’s external webserver, VPN concentrator, and DNS servers. What should the security team do to determine which alerts to check first?
A. Investigate based on the maintenance schedule of the affected systems
B. Investigate based on the service level agreements of the systems.
C. Investigate based on the potential effect of the incident.
D. Investigate based on the order that the alerts arrived in.
2- As a Certified Ethical Hacker, you were contracted by a private firm to conduct an external security assessment through penetration testing.What document describes the specifics of the testing, the associated violations, and essentially protects both the organization’s interest and your liabilities as a tester?
A-Project Scope
B-Rules of Engagement
C-Service Level Agreement
D-Non-Disclosure Agreement
3- In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account’s confidential files and information. How can he achieve this?
A. Port Scanning
B. Hacking Active Directory
C. Privilege Escalation
D. Shoulder-Surfing
4-Least privilege is a security concept that requires that a user is
A. limited to those functions required to do the job.
B. given root or administrative privileges.
C. trusted to keep all data and access to that data under their sole control.
D. given privileges equal to everyone else in the department.
Related Link
Certified Ethical Hacker Examination Q & A -Part 1
Certified Ethical Hacker Examination Q & A -Part 3
5- When creating a security program, which approach would be used if senior management is supporting and enforcing the security policy?A. A bottom-up approach
B. A top-down approach
C. A senior creation approach
D. An IT assurance approach
6- Defining rules, collaborating human workforce, creating a backup plan, and testing the plans are within what phase of the Incident Handling Process?
A. Preparation phase
B. Containment phase
C. Recovery phase
D. Identification phas
7- What is the term coined for logging, recording and resolving events in a company?
A. Internal Procedure
B. Security Policy
C. Incident Management Process
D. Metrics
8- Describes the specifics of the testing, the associated violations, and essentially protects both the bank’s interest and your liabilities as a tester?
A. Service Level Agreement
B. Non-Disclosure Agreement
C. Terms of Engagement
D. Project Scope
9- Which initial procedure should an ethical hacker perform after being brought into an organization?
A. Begin security testing.
B. Turn over deliverables.
C. Sign a formal contract with non-disclosure.
D. Assess what the organization is trying to protect
10- Which of the following ensures that updates to policies, procedures, and configurations are made in a controlled and documented fashion?
A. Regulatory compliance
B. Peer review
C. Change management
D. Penetration testing
Related Link
Computer Networking #1 -Questions and Answers
SQL Database #3 -Questions & Answers
SQL Database #2 -Questions & Answers
SQL Database #1 -Questions & Answers
Useful Link ,Visit once
SECURITY TOOLS -Cyber Security # 4
Security Tips – Cyber Security #3
Method Of Defence – Cyber Security #2
Computer Threats – Cyber Security #1
Cyber Security Introduction
Cyber Security
Science
>>> CONTACT US < <<