Up To The Immediate Present Certified Ethical Hacker Exam (CEH V11) 312-50v11 Preparation Exams

NEW QUESTION 1
An LDAP directory can be used to store information similar to a SQL database. LDAP uses a database structure instead of SQL’s structure. Because of this, LDAP has difficulty representing many-to-one relationships.

• A. Relational, Hierarchical
• B. Strict, Abstract
• C. Hierarchical, Relational
• D. Simple, Complex

Answer: C

NEW QUESTION 2
Switches maintain a CAM Table that maps individual MAC addresses on the network to physical ports on the switch.

In MAC flooding attack, a switch is fed with many Ethernet frames, each containing different source MAC addresses, by the attacker. Switches have a limited memory for mapping various MAC addresses to physical ports. What happens when the CAM table becomes full?

• A. Switch then acts as hub by broadcasting packets to all machines on the network
• B. The CAM overflow table will cause the switch to crash causing Denial of Service
• C. The switch replaces outgoing frame switch factory default MAC address of FF:FF:FF:FF:FF:FF
• D. Every packet is dropped and the switch sends out SNMP alerts to the IDS port

Answer: A

NEW QUESTION 3
What is not a PCI compliance recommendation?

• A. Use a firewall between the public network and the payment card data.
• B. Use encryption to protect all transmission of card holder data over any public network.
• C. Rotate employees handling credit card transactions on a yearly basis to different departments.
• D. Limit access to card holder data to as few individuals as possible.

Answer: C

NEW QUESTION 4
You are analysing traffic on the network with Wireshark. You want to routinely run a cron job which will run the capture against a specific set of IPs - 192.168.8.0/24. What command you would use?

• A. wireshark --fetch ''192.168.8*''
• B. wireshark --capture --local masked 192.168.8.0 ---range 24
• C. tshark -net 192.255.255.255 mask 192.168.8.0
• D. sudo tshark -f''net 192 .68.8.0/24''

Answer: D

NEW QUESTION 5
A user on your Windows 2000 network has discovered that he can use L0phtcrack to sniff the SMB exchanges which carry user logons. The user is plugged into a hub with 23 other systems.
However, he is unable to capture any logons though he knows that other users are logging in. What do you think is the most likely reason behind this?

• A. There is a NIDS present on that segment.
• B. Kerberos is preventing it.
• C. Windows logons cannot be sniffed.
• D. L0phtcrack only sniffs logons to web servers.

Answer: B

NEW QUESTION 6
Email is transmitted across the Internet using the Simple Mail Transport Protocol. SMTP does not encrypt email, leaving the information in the message vulnerable to being read by an unauthorized person. SMTP can upgrade a connection between two mail servers to use TLS. Email transmitted by SMTP over TLS is encrypted. What is the name of the command used by SMTP to transmit email over TLS?

• A. OPPORTUNISTICTLS
• B. UPGRADETLS
• C. FORCETLS
• D. STARTTLS

Answer: D

NEW QUESTION 7
What ports should be blocked on the firewall to prevent NetBIOS traffic from not coming through the firewall if your network is comprised of Windows NT, 2000, and XP?

• A. 110
• B. 135
• C. 139
• D. 161
• E. 445
• F. 1024

Answer: BCE

NEW QUESTION 8
In an internal security audit, the white hat hacker gains control over a user account and attempts to acquire access to another account's confidential files and information. How can he achieve this?

• A. Privilege Escalation
• B. Shoulder-Surfing
• C. Hacking Active Directory
• D. Port Scanning

Answer: A

NEW QUESTION 9
Susan has attached to her company's network. She has managed to synchronize her boss's sessions with that of the file server. She then intercepted his traffic destined for the server, changed it the way she wanted to and then placed it on the server in his home directory.
What kind of attack is Susan carrying on?

• A. A sniffing attack
• B. A spoofing attack
• C. A man in the middle attack
• D. A denial of service attack

Answer: C

NEW QUESTION 10
Which of the following algorithms can be used to guarantee the integrity of messages being sent, in transit, or stored?

• A. symmetric algorithms
• B. asymmetric algorithms
• C. hashing algorithms
• D. integrity algorithms

Answer: C

NEW QUESTION 11
Bob is doing a password assessment for one of his clients. Bob suspects that security policies are not in place. He also suspects that weak passwords are probably the norm throughout the company he is evaluating. Bob is familiar with password weaknesses and key loggers.
Which of the following options best represents the means that Bob can adopt to retrieve passwords from his clients hosts and servers?

• A. Hardware, Software, and Sniffing.
• B. Hardware and Software Keyloggers.
• C. Passwords are always best obtained using Hardware key loggers.
• D. Software only, they are the most effective.

Answer: A

NEW QUESTION 12
Fred is the network administrator for his company. Fred is testing an internal switch.
From an external IP address, Fred wants to try and trick this switch into thinking it already has established a session with his computer. How can Fred accomplish this?

• A. Fred can accomplish this by sending an IP packet with the RST/SIN bit and the source address of his computer.
• B. He can send an IP packet with the SYN bit and the source address of his computer.
• C. Fred can send an IP packet with the ACK bit set to zero and the source address of the switch.
• D. Fred can send an IP packet to the switch with the ACK bit and the source address of his machine.

Answer: D

NEW QUESTION 13
When purchasing a biometric system, one of the considerations that should be reviewed is the processing speed. Which of the following best describes what it is meant by processing?

• A. The amount of time and resources that are necessary to maintain a biometric system
• B. How long it takes to setup individual user accounts
• C. The amount of time it takes to be either accepted or rejected from when an individual provides identification and authentication information
• D. The amount of time it takes to convert biometric data into a template on a smart card

Answer: C

NEW QUESTION 14
What do Trinoo, TFN2k, WinTrinoo, T-Sight, and Stracheldraht have in common?

• A. All are hacking tools developed by the legion of doom
• B. All are tools that can be used not only by hackers, but also security personnel
• C. All are DDOS tools
• D. All are tools that are only effective against Windows
• E. All are tools that are only effective against Linux

Answer: C

NEW QUESTION 15
Within the context of Computer Security, which of the following statements describes Social Engineering best?

• A. Social Engineering is the act of publicly disclosing information
• B. Social Engineering is the means put in place by human resource to perform time accounting
• C. Social Engineering is the act of getting needed information from a person rather than breaking into a system
• D. Social Engineering is a training program within sociology studies

Answer: C

NEW QUESTION 16
Which is the first step followed by Vulnerability Scanners for scanning a network?

• A. OS Detection
• B. Firewall detection
• C. TCP/UDP Port scanning
• D. Checking if the remote host is alive

Answer: D

NEW QUESTION 17
How does a denial-of-service attack work?

• A. A hacker prevents a legitimate user (or group of users) from accessing a service
• B. A hacker uses every character, word, or letter he or she can think of to defeat authentication
• C. A hacker tries to decipher a password by using a system, which subsequently crashes the network
• D. A hacker attempts to imitate a legitimate user by confusing a computer or even another person

Answer: A

NEW QUESTION 18
Which of the following is a command line packet analyzer similar to GUI-based Wireshark?

• A. nessus
• B. tcpdump
• C. ethereal
• D. jack the ripper

Answer: B

NEW QUESTION 19
DHCP snooping is a great solution to prevent rogue DHCP servers on your network. Which security feature on switchers leverages the DHCP snooping database to help prevent man-in-the-middle attacks?

• A. Spanning tree
• B. Dynamic ARP Inspection (DAI)
• C. Port security
• D. Layer 2 Attack Prevention Protocol (LAPP)

Answer: B

NEW QUESTION 20
When discussing passwords, what is considered a brute force attack?

• A. You attempt every single possibility until you exhaust all possible combinations or discover the password
• B. You threaten to use the rubber hose on someone unless they reveal their password
• C. You load a dictionary of words into your cracking program
• D. You create hashes of a large number of words and compare it with the encrypted passwords
• E. You wait until the password expires

Answer: A

NEW QUESTION 21
......