Sei sulla pagina 1di 7

Certified Ethical Hacker Sample Test Exam 312-50, EC0-350 Exam

 CEH exam practice tests are available full version at http://www.testking.com

1. What does "message repudiation" refer to in the realm of e-mail security?

a. Message repudiation means an user can validate which mail server or servers a message was
passed through

b. Message repudiation means an user can claim damages for a mail message that damaged their
reputation

c. Message repudiation means a recipient can be sure that a message was sent from a particular
person

d. Message repudiation means a recipient can be sure that a message was sent from a certain host

e. Message repudiation means a sender can claim they did not actually send a particular message

2. How does traceroute map the route that a packet travels from point A to point B?

a. It uses TCP Timestamp packet that will elicit a time exceeded in transit message

b. It uses a protocol that will be rejected at the gateways on its way to its destination

c. It manipulates the values of TTL parameter packet to elicit a time exceeded in transit message

d. It manipulates flags within packets to force gateways into generating error messages

3. Snort has been used to capture packets on the network. On studying the packets, the
SysAdmin finds it to be abnormal. If you were the SysAdmin, why would you find this
abnormal?

(Note: The candidate is being tested on concepts learnt during passive OS fingerprinting, basic TCP/IP
connection concepts and the ability to read packet signatures from sniff dump)

05/20-17:0645.061034 192.160.13.4:31337 --> 172.16.1.101:1

TCP TTL:44 TOS:0x10 ID:242

***FRP** Seq:0xA1D95 Ack:0x53 Win: 0x400

What is suspicious about this attack?


a. This is not a spoofed packet as the IP stack has increasing numbers for the three flags

b. This is BackOriffice activity as the scan comes from port 31337

c. The attacker wants to avoid creating a sub-carrier connection that is not normally valid

d. The packets were created by a tool and not from a standard TCP/IP stack

4. According to CEH methodology, what is the next step to be performed after


"Footprinting"?

a. Enumeration

b. Scanning

c. System Hackiing

d. Social Engineering

e. Denial of Service

5. While performing a ping weep of a subnet you receive an ICMP Type 3/Code 13 for all the
pings sent out. What is the most likely cause behind this response?

a. The firewall is dropping packets

b. The Network IDS is dropping the packets

c. A router is blocking ICMP

d. The host does not repond to ICMP packets

6. Jessica would like to perform a reliable scan against a remote target. She is not
concerned about being stealth at this point. Which of the following scans would be the
most accurate and reliable?

a. A half scan

b. A UDP scan

c. A TCP Connect scan

d. A FIN scan
7. What is Form Scalpel used for?

a. Dissecting HTML Forms

b. Dissecting SQL Forms

c. Analysis of Access Database Forms

d. Troubleshooting Netscap Forms

e. Dissecting ASP Forms

8. In an attempt to secure his Wireless network, Jason turns off broadcasting of the SSID.
He concludes that since his AP requires the client computer to have the proper SSID, it
would prevent others from connecting to the Wireless network. Unfortunately
unauthorized users are still connecting to his Wireless network. Why do you think this is
possible?

a. Jason forgot to turn off the DHCP broadcasting

b. All AP are shipped with a default SSID

c. The SSID is still sent inside both client AP packets

d. Jason's solution only works in ad-hoc mode

9. Which of the following is one of the key features found in a worm but not seen in a
Virus?

a. The payload is very small, usually below 800 bytes

b. It is self-replicating without the need for user intervention

c. It does not have the ability to propagate on its own

d. They are difficult to detect by AV signatures

10. If you perform a port scan with a TCP ACK packet, what should an Open port return?

a. RST

b. No Reply

c. SYN/ACK
d. FIN

11. You are attempting to map out the firewall policy for an organization. You discover your
target system is one hop beyond the firewall. Using hping2 tool, you send SYN packets with
the exact TTL of the target system starting at port 1 and going up to port 1024. What is this
process called?

a. Footprinting

b. Firewalking

c. Enumeration

d. Idle Scanning

12. The Programmers on your team are analyzing the free open source software being used
to run FTP services on a server. They notice that there is an excessive number of fgets()
and gets() on the source code. These C/C++ functions do not check bounds. What kind of
attack is this program susceptible to?

a. Buffer Overflows

b. Denial of Service

c. Shatter Attack

d. CrashTin Attack

Answers

1. Ans: E

2. Ans: c

3. Ans: b

4. Ans: b

5. Ans: c

6. Ans: c

7. Ans: a
8. Ans: c

9. Ans: b

10. Ans: a

11. Ans: b

12. Ans: a

E-Commerce Architect Sample Test

1. Which of the following choices is typical of a portal site?

 Their goal is to keep people on the site as long as possible.


 Their goal is to sell a specific product.
 Their goal is to deliver shorter marketing messages, created by different companies.
 Their goal is to maintain a heavy advertising presence, with little as little content as possible.

2. Which of the following choices is a benefit of outsourcing your e-commerce site design

 It allows for better customization to your business.


 It establishes more control of your e-commerce environment.
 It usually involves an large capital investment up-front, but pays back upon completion.
 It allows for ease of implementation.

3. Which of the following choices is an area of liability of concern to the electronic publisher?

 Call-center communications to the customer


 Customer access to the online store
 Copyright issues
 Displaying company information online.

4. Which of the following times is the best time for performing a test evaluation of your e-
commerce site?

 After initial development to make sure that the site is meeting your goals.
 Once your site has been in production for a month, so that customers have time to give feedback.
 Once the site is nearly ready for production.
 During the storyboard process.

5. Luke noticed that his server restarted at 4AM yesterday morning which was a Sunday (non-
working day). Would he suspect that it was a hacking attempt or hacking success? Why?

 No. The logs show no unusual activity at that time.


 No. Computers occasionally reboot themselves to clean up records.
 Yes. Out of the ordinary occurences are likely the result of hacking attempts.
 Yes. Most hacking programs need to reboot the computer
6. What port is used when resolving normal DNS queries?

 UDP port 53
 UDP Port 23
 TCP Port 53
 TCP Port 23

7. You have installed a vulnerability scanner on your system, yet it has still been compromised
by an illicit logon. What is the cause of your problem?

 The vulnerability scanner did not update its database


 Vulnerability scanners only scan for weaknesses.
 The scanner was not running at the time.
 The vulnerability scanner was set to scan another system, and thus couldn't scan itself.

8. Which of the following tools is used to detect and announce that a system file has been
changed?

 Checksum Analysis
 MD5
 Tripwire
 A changed INODE

9. Which of the following choices can be the cause of information leakage, potentially allowing
further intrusion upon a network?

 IP services
 Active ports
 Modem banks
 Routers and Switches

10. Which of the following e-business solutions should be recommended to a customer who is
interesting in collecting, manipulating and analyzing data from many different sources and
platforms?

 e-Commerce
 Web Self -Service
 Business Intelligence
 Messaging and Collaboration

11. Wheel Widgets, an automotive assembly plant, is experiencing problems with inventory
that are resulting in cost overruns. They would like to develop a "just-in-time" parts delivery
system. Which of the following e-business solutions should be proposed?

 e-Commerce
 Business Intelligence
 Supply Chain Management
 Secure Way Host Integration and Web Self-Service
Answers

1. Answer C is correct. Portal sites, such as Yahoo!, deliver the messages of many different companies.

2. Answer D is correct. Outsourcing your e-commerce solution provides ease of implementation and
administration.

3. Answer C is correct. Copyright issues are of special concern on the Internet.

4. Answer C is correct. The best time to perform a site evaluation is when you are close to the end of
development, but not yet in production.

5. Answer D is correct.Many virus and sniffer programs require that the computer reboot to complete
the infestation.

6. Answer A is correct.UDP Port 53 is used when resolving normal DNS queries.

7. Answer B is correct. Vulnerability scanners only scan for weaknesses.

8. Answer C is correct. Tripwire detects and announces when a file has been changed.

9. Answer D is correct. Routers and switches can be the cause of information leakage, potentially
allowing further intrusion upon a network.

10. Answer C is correct

11. Answer C is correct

More information http://www.cehcertification.net

Potrebbero piacerti anche