All these Questions are in this Section were asked in Certified Ethical Hacker Examinations of EC-Council .This is the 7th part
1- What tool should you use when you need to analyze extracted metadata from files you collected when you were in the initial stage of penetration test (information gathering)?
A. Armitage (GUI that visualizes targets and recommends exploits)
B. Dimitry (Deepmagic Information Gathering Tool)
C. Metagoofil
D. cdpsnarf (extract information from CDP packets)
2- . What is the way to decide how a packet will move from an untrusted outside host to a protected inside that is behind a firewall, which permits the hacker to determine which ports are open and if the packets can pass through the packet-filtering of the firewall.
A. Firewalking (Active reconnaissance technique, analyze IP packet responses to determine ACL filters and map networks)
B. Session hijacking (exploit session to gain unauthorized access to information/service)
C. Man-in-the-middle attack (secretly relays and alters the communication between two parties)
D. Network sniffing (sniff out data flowing over computer network links in real time)
Related Link
Cyber Security Ethical Hacker Que & Ans-Part-6
Cyber Security Ethical Hacker Que & Ans-Part-5
Cyber Security Ethical Hacker Que & Ans-Part-4
Cyber Security Ethical Hacker Que & Ans-Part-3
Cyber Security Ethical Hacker Que & Ans-Part-2
Cyber Security Ethical Hacker Que & Ans-Part-1
3- Firewalk has just completed the second phase (the scanning phase) and a technician receives the output shown below. What conclusions can be drawn based on these scan results?
TCP port 21 – no response
TCP port 22 – no response
TCP port 23 – Time-to-live exceeded
A. The firewall itself is blocking ports 21 through 23 and a service is listening on port 23 of the target host.
B. The lack of response from ports 21 and 22 indicate that those services are not running on the destination server.
C. The scan on port 23 passed through the filtering device. This indicates that port 23 was not blocked at the firewall.
D. The scan on port 23 was able to make a connection to the destination host prompting the firewall to respond with a TTL error.
4- . A penetration tester was hired to perform a penetration test for a bank. The tester began searching for IP ranges owned by the bank, performing lookups on the bank’s DNS servers, reading news articles online about the bank, watching what times the bank employees come into work and leave from work, searching the bank’s job postings (paying special attention to IT related jobs), and visiting the local dumpster for the bank’s corporate office. What phase of the penetration test is the tester currently in?
A. Information reporting
B. Vulnerability assessment
C. Active information gathering
D. Passive information gathering
5- Which of the following provides a security professional with most information about the system’s security posture
6- A Security Engineer at a medium-sized accounting firm has been tasked with discovering how much information can be obtained from the firm’s public facing web servers. The engineer decides to start by using netcat to port 80. The engineer receives this output:
HTTP/1.1 200 OK
Server: Microsoft-IIS/6
Expires: Tue, 17 Jan 2011 01:41:33 GMT
Date: Mon, 16 Jan 2011 01:41:33 GMT
Content-Type: text/html
Accept-Ranges: bytes
Last-Modified: Wed, 28 Dec 2010 15:32:21 GMT
ETag: “b0aac0542e25c31:89d”
Content-Length: 7369
Which of the following is an example of what the engineer performed?
A. Banner grabbing
B. Cross-site scripting
C. SQL injection
D. Whois database quer
Related Link
Cyber Security Ethical Hacker Que & Ans-Part-6
Cyber Security Ethical Hacker Que & Ans-Part-5
Cyber Security Ethical Hacker Que & Ans-Part-4
Cyber Security Ethical Hacker Que & Ans-Part-3
Cyber Security Ethical Hacker Que & Ans-Part-2
Cyber Security Ethical Hacker Que & Ans-Part-1
7- A hacker named Jack is trying to compromise a bankís computer system. He needs to know the operating system of that computer to launch further attacks.What process would help him?
8- An attacker tries to do banner grabbing on a remote web server and executes the following command.
$ nmap -sV host.domain.com -p 80
He gets the following output
Starting Nmap 6.47 ( http://nmap.org ) at 2018-08-30 19:10
Nmap scan report for host.domain.com (108.61.158.211)
Host is up (0.032s latency).PORT STATE SERVICE VERSION
80/tcp open http Apache https
Service detection performed. Please report any incorrect results at http://nmap.org/submit/.Nmap done: 1 IP address (1 host up) scanned in 6.42 seconds
What did the hacker accomplish?
A. nmap can’t retrieve the version number of any running remote service.
B. The hacker successfully completed the banner grabbing.
C. The hacker should’ve used nmap -O host.domain.com.
D. The hacker failed to do banner grabbing as he didn’t get the version of the Apache web server.
9- Which of the following open source tools would be the best choice to scan a network for potential targets?
A. NMAP
B. NIKTO
C. CAIN
D. John the Ripper
10- Which of the following resources does NMAP need to be used as a basic vulnerability scanner covering several vectors like SMB, HTTP and FTP?
A. Metasploit scripting engine
B. Nessus scripting engine
C. NMAP scripting engine
D. SAINT scripting engine
Related Link ,See once
SECURITY TOOLS -Cyber Security # 4
Security Tips – Cyber Security #3
Method Of Defence – Cyber Security #2
Computer Threats – Cyber Security #1
Cyber Security Introduction
Cyber Security
Science
>>> CONTACT US < <<