All these Questions are in this Section were asked in Certified Ethical Hacker Examinations of EC-Council .This is the 6th part
1- Which access control mechanism allows for multiple systems to use a central authentication server (CAS) that permits users to authenticate once and gain access to multiple systems?
A. Role Based Access Control (RBAC)
B. Discretionary Access Control (DAC)
C. Windows authentication
D. Single sign-on
2- When purchasing a biometric system, one of the considerations that should be reviewed is the processing speed. Which of the following best describes what it is meant by processing?
A. The amount of time it takes to convert biometric data into a template on a smart card.
B. The amount of time and resources that are necessary to maintain a biometric system.
C. The amount of time it takes to be either accepted or rejected form when an individual provides Identiﬁcation and authentication information.
D. How long it takes to setup individual user accounts.
Cyber Security Ethical Hacker Que & Ans-Part-5
Cyber Security Ethical Hacker Que & Ans-Part-4
Cyber Security Ethical Hacker Que & Ans-Part-3
Cyber Security Ethical Hacker Que & Ans-Part-2
Cyber Security Ethical Hacker Que & Ans-Part-1
3- A large mobile telephony and data network operator has a data that houses network elements. These are essentially large computers running on Linux. The perimeter of the data center is secured with ﬁrewalls and IPS systems. What is the best security policy concerning this setup?
A. Network elements must be hardened with user ids and strong passwords. Regular security tests and audits should be performed.
B. As long as the physical access to the network elements is restricted, there is no need for additional measures.
C. There is no need for speciﬁc security measures on the network elements as long as ﬁrewalls and IPSsystems exist.
D. The operator knows that attacks and down time are inevitable and should have a backup site
4-. A company recently hired your team of Ethical Hackers to test the security of their network systems. The company wants to have the attack be as realistic as possible. They did not provide any information besides the name of their company. What phase of security testing would your team jump in right away?
5-. Passive reconnaissance involves collecting information through which of the following?
A. Social engineering
B. Network trafﬁc snifﬁng
C. Man in the middle attacks
D. Publicly accessible sources
6- Which results will be returned with the following Google search query? site:target.com site:Marketing.target.com accounting
A. Results from matches on the site marketing.target.com that are in the domain target.com but do not include the word accounting
B. Results for matches on target.com and Marketing.target.com that include the word “accounting”
C. Results matching “accounting” in domain target.com but not on the site Marketing.target.com
D. Results matching all words in the query
7- Which one of the following Google advanced search operators allows an attacker to restrict the results to those websites in the given domain
8- This phase will increase the odds of success in later phases of the penetration test. It is also the very ﬁrst step in Information Gathering, and it will tell you what the “landscape” looks like. Which of the following is the most important phase of ethical hacking wherein you need to spend considerable amount of time?
A. Gaining access
B. Escalating privilege
C. Network mapping
9- In which phase of the ethical hacking process can Google hacking be employed? This is a technique that involves manipulating a search string with speciﬁc operators to search for vulnerabilities. Example: allintitle: root passwd
A. Maintaining Access
B. Gaining Access
D. Scanning and Enumeration
10- When you are collecting information to perform a data analysis, Google commands are very useful to ﬁnd sensitive information and ﬁles. These ﬁles may contain information about passwords, system functions, or documentation.What command will help you to search ﬁles using Google as a search engine?
A. site: target.com ﬁletype:xls username password email
B. inurl: target.com ﬁlename:xls username password email
C. domain: target.com archive:xls username password email
D. site: target.com ﬁle:xls username password email
Related Link ,See once
SECURITY TOOLS -Cyber Security # 4
Security Tips – Cyber Security #3
Method Of Defence – Cyber Security #2
Computer Threats – Cyber Security #1
Cyber Security Introduction
>>> CONTACT US < <<