Practice Test: Module 01 Introduction to Security
Terms in this set (10)
Students also viewed, comptia module 1-4 review questions, simulation lab 1.1: module 01 configure micro…, ]sec-110-02in module 3.
Live Virtual Machine Lab 1.2: Module 01 Gathe…
Recent flashcard sets, częsci ciała.
Money Supply & Demand
Sets found in the same folder
Network security appliances and technologies…, comptia security.
Other sets by this creator
Principles and elements arts/photography, test 2: chapters 6-10 linux, module 11 wireless network security, module 9 review questions, verified questions.
Recall that Draper allocated indirect costs to jobs based on a predetermined indirect cost allocation rate, computed as a percentage of direct labor costs. Because Draper provides a service, there are no direct materials costs. Draper is now considering using an ABC system. Information about ABC costs follows:
Budgeted Cost Cost Activity of Activity Allocation Base Allocation Rate Design $ 50 , 000 Number of designs $ 7 , 000 Programming 550 , 000 Direct labor hours 110 Testing 288 , 000 Number of tests 3 , 500 \begin{array}{lrllr} \hline &\text { Budgeted Cost }&& \text { Cost } \\ \text { Activity } & \text { of Activity } & \text { Allocation Base } & \text { Allocation Rate }\\ \hline \text { Design } & \$ 50,000 & \text { Number of designs } & \$ 7,000 \\ \text { Programming } & 550,000 & \text { Direct labor hours } & 110 \\ \text { Testing } & 288,000 & \text { Number of tests } & 3,500 \\ \hline \end{array} Activity Design Programming Testing Budgeted Cost of Activity $50 , 000 550 , 000 288 , 000 Allocation Base Number of designs Direct labor hours Number of tests Cost Allocation Rate $7 , 000 110 3 , 500
Records for two clients appear here:
Total Direct Labor Costs Total Job of Designs Total Programming Direct Labor Hours Number of Tests Tommy’ Trains $ 13 , 600 3 730 6 Marcia’s Cookies 600 5 300 8 \begin{array}{lcccc} \hline & \begin{array}{c} \text { Total } \\ \text { Direct Labor } \\ \text { Costs } \end{array} & \begin{array}{c} \text { Total } \\ \text { Job } \\ \text { of Designs } \end{array} & \begin{array}{c} \text { Total Programming } \\ \text { Direct Labor } \\ \text { Hours } \end{array} & \begin{array}{c} \text { Number } \\ \text { of Tests } \end{array} \\ \hline \text { Tommy' Trains } & \$ 13,600 & 3 & 730 & 6 \\ \text { Marcia's Cookies } & 600 & 5 & 300 & 8 \\ \hline \end{array} Tommy’ Trains Marcia’s Cookies Total Direct Labor Costs $13 , 600 600 Total Job of Designs 3 5 Total Programming Direct Labor Hours 730 300 Number of Tests 6 8
Requirements
- Compute the total cost of each job.
- Is the job cost greater or less than that computed in Problem 17-35 for each job? Why?
- If Draper wants to earn gross profit equal to 25% of cost, how much (what fee)should it charge each of these two clients?
A babysitter cuts a sandwich into three equal pieces, then keeps two and gives one to the child she is caring for. The child is upset that this is unfair, so the babysitter divides the child's piece into two. Since each of them now has two pieces, the child is content. According to Jean Piaget, this is because the child lacks a. accommodation. b. assimilation. c. formal operational knowledge. d. sensorimotor ability. e. conservation.
You’re looking at some corporate bonds issued by Ford, and you are trying to determine what the nominal interest rate should be on them. You have determined that the real risk-free interest rate is 3.0%, and this rate is expected to continue on into the future without any change. In addition, inflation is expected to be constant over the future at a rate of 3.0%. The default-risk premium is also expected to remain constant at a rate of 1.5%, and the liquidity-risk premium is very small for Ford bonds, only about 0.02%. The maturity-risk premium is dependent on how many years the bond has to maturity. The maturity-risk premiums are as follows:
Given this information, what should the nominal rate of interest on Ford bonds maturing in 0–1 year, 1–2 years, 2–3 years, and 3–4 years be?
How has the Brazilian government worked to promote economic development?
Recommended textbook solutions
Human Resource Management
Operations Management: Sustainability and Supply Chain Management
Applied Calculus for the Managerial, Life, and Social Sciences
Organizational Behavior: Managing People and Organizations
Module 1: Introduction to Cybersecurity Quiz Answers
Introduction to cybersecurity module 1: introduction to cybersecurity quiz answers..
1. Which of the following methods is used to check the integrity of data?
2. Which of the following statements describes cyberwarfare?
Explanation: Methods to ensure confidentiality include data encryption, identity proofing and two factor authentication.
6. Which of the following is a key motivation of a white hat attacker?
10. What are the foundational principles for protecting information systems as outlined in the McCumber Cube? (Choose three correct answers)
Social media platforms: – To gather information based on your online activity, which is then shared with or sold to advertisers for a profit
Explanation: Stuxnet malware that was designed not just to hijack targeted computers but to actually cause physical damage to equipment controlled by computers
- Find Flashcards
- Why It Works
- Teachers & professors
- Content partnerships
- Tutors & resellers
- Employee training
Brainscape's Knowledge Genome TM
See full index, chapter 01 – quiz introduction to security flashcards preview, 07 - spring 2019 - cet-2830c_information security > chapter 01 – quiz introduction to security > flashcards.
Question # 01
Successful attacks are usually not from software that is poorly designed and has architecture/design weaknesses.
a. True b. False
Question # 02
Smart phones give the owner of the device the ability to download security updates.
Question # 03
As security is increased, convenience is often increased.
Question # 04
To mitigate risk is the attempt to address risk by making the risk less serious.
Question # 05
One of the challenges in combating cyberterrorism is that many of the prime targets are not owned and managed by the federal government.
Question # 06
What term refers to an action that provides an immediate solution to a problem by cutting through the complexity that surrounds it?
a. unicorn b. approved action c. secure solution d. silver bullet
d. silver bullet
Question # 07
In what kind of attack can attackers make use of millions of computers under their control in an attack against a single server or network?
a. centered b. local c. remote d. distributed
d. distributed
Question # 08
Which term below is frequently used to describe the tasks of securing information that is in a digital format?
a. network security b. information security c. physical security d. logical security
b. information security
Question # 09
Which of the following ensures that data is accessible to authorized users?
a. availability b. confidentiality c. integrity d. identity
a. availability
Question # 10
In information security, what can constitute a loss?
a. theft of information b. a delay in transmitting information that results in a financial penalty c. the loss of good will or a reputation d. all of the above
d. all of the above
Question # 11
What type of theft involves stealing another person’s personal information, such as a Social Security number, and then using the information to impersonate the victim, generally for financial gain?
a. cyberterrorism b. identity theft c. phishing d. social scam
b. identity theft
Question # 12
Under which laws are health care enterprises required to guard protected health information and implement policies and procedures whether it be in paper or electronic format?
a. HIPAA b. HLPDA c. HCPA d. USHIPA
Question # 13
Which term is used to describe individuals who want to attack computers yet lack the knowledge of computers and networks needed to do so?
a. cybercriminal b. hacker c. script kiddies d. cyberterrorist
c. script kiddies
Question # 14
Select the term that best describes automated attack software?
a. open-source utility b. insider software c. open-source intelligence d. intrusion application
c. open-source intelligence
Question # 15
What class of attacks use innovative attack tools and once a system is infected it silently extracts data over an extended period?
a. Inside Attacks b. Advanced Persistent Threat c. Embedded Attacks d. Modified Threat
b. Advanced Persistent Threat
Question # 16
What term describes a layered security approach that provides the comprehensive protection?
a. comprehensive-security b. diverse-defense c. limiting-defense d. defense-in-depth
d. defense-in-depth
Question # 17
Which of the following is a valid fundamental security principle?
(Choose all that apply.)
a. signature b. diversity c. simplicity d. layering
b. diversity c. simplicity d. layering
Question # 18
Which of the following are considered threat actors?
a. brokers b. competitors c. administrators d. individuals
b. competitors
Question # 19
What are the four different risk response techniques?
Accept, transfer, avoid, and mitigate.
Question # 20
Describe the security principle of simplicity.
Because attacks can come from a variety of sources and in many ways, information security is by its very nature complex.
The more complex something becomes, the more difficult it is to understand.
In addition, complex systems allow many opportunities for something to go wrong.
Complex security systems can be hard to understand, troubleshoot, and feel secure about.
As much as possible, a secure system should be simple for those on the inside to understand and use.
Complex security schemes are often compromised to make them easier for trusted users to work with, yet this can also make it easier for the attackers.
In short, keeping a system simple from the inside but complex on the outside can sometimes be difficult but reaps a significant benefit.
Decks in 07 - Spring 2019 - CET-2830C_Information Security Class (7):
- Chapter 01 – Quiz Introduction To Security
- Chapter 02 Quiz – Malware And Social Engineering Attacks
- Chapter 03 Quiz – Basic Cyprography
- Chapter 04 Quiz – Advanced Cyprography And Pki
- Chapter 05 Quiz – Networking And Server Attacks
- Chapter 06 Quiz – Network Security Devices, Design, And Technology
- Chapter 07 Quiz – Administering A Secure Network
- Corporate Training
- Teachers & Schools
- Android App
- Help Center
- Medical & Nursing
- Law Education
- Foreign Languages
- All Subjects A-Z
- All Certified Classes
- Earn Money!
Assignment Module For Chapter 1 Introduction To Computer Security
Uploaded by, document information, original title, share this document, share or embed document, sharing options.
- Share on Facebook, opens a new window Facebook
- Share on Twitter, opens a new window Twitter
- Share on LinkedIn, opens a new window LinkedIn
- Share with Email, opens mail client Email
- Copy Link Copy Link
Did you find this document useful?
Is this content inappropriate, original title:, reward your curiosity.
- Share on Facebook, opens a new window
- Share on Twitter, opens a new window
- Share on LinkedIn, opens a new window
- Share with Email, opens mail client
25 Free Questions on Certified Ethical Hacker (CEH) Certification
Did you come here looking for free Certified Ethical Hacker Certification questions and answers? You have come to the right place. Certified Ethical Hackers and professionals make use of techniques, methodologies, and commercial-grade hacking tools to legally hack an organization’s network. Find these free Ethical Hacker certification practice questions below and test your skills.
Let’s start learning!
Domain: Information Security Threats and Attack Vectors
Q1: the attacker copies the target’s password file and then tries to crack passwords in his system at a different location. what type of password attack that performed.
A. Active Online Attack B. Passive Online Attack C. Non-Electronic Attack D. Offline Attack
Correct Answer: D
Explanation
Option A: not correct The attacker performs password cracking by directly communicating with the victim’s machine Option B: not correct The attacker performs password cracking without communicating with the authorizing party Option C: not correct The attacker does not need technical knowledge to crack a password, known as a non-technical attack Option D: correct The attacker copies the target’s password file and then tries to crack passwords in his system at a different location
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council (Module 06 System Hacking)
Table of Contents
Domain: Information Security Assessment Process
Q2: the company implements a security policy that has no restriction on the usage of system resources. what type of security policy did the company perform.
A. Promiscuous policy B. Permissive policy C. Prudent policy D. Paranoid policy
Correct Answer: A
Option A: correct The promiscuous Policy has no restriction on the usage of system resources. Option B: not correct The permissive Policy restricts only widely known, dangerous attacks or behavior. Option C: not correct The prudent Policy ensures the maximum and strongest security among them. However, it allows known, necessary risks, blocking all other services but individually enabled services. Option D: not correct Paranoid Policy denied everything, limiting internet usage.
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council (Module 01 Introduction Ethical hacking)
Q3: It is a kind of malware (malicious software) that gets activated upon users’ certain predefined actions. When activated, it can grant attackers unrestricted access or control of all data stored on compromised information systems and can cause potentially immense damage. Which of the following terms best matches the definition?
A. Virus B. Trojan C. Ransomware D. Worm
Correct Answer: B
Option A: not correct A computer virus is a self-replicating program that produces its code by attaching copies of itself to other executable codes and operates without the knowledge or desire of the user. This infection of viruses can lead to data loss, system crash, and file corruption. Option B: correct Trojan is a program in which the malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and cause damage, such as ruining the file allocation table on your hard disk. Option C : not correct Ransomware is a type of malware that restricts access to the infected computer system or critical files and documents stored on it, and after that, demands an online ransom payment to the malware creator(s) to remove user restrictions. Ransomware might encrypt files stored on the system’s hard disk, or merely lock the system and display messages meant to trick the user into paying. Option D : not correct Computer worms are standalone malicious programs that replicate, execute, and spread across network connections independently, without human intervention. Intruders design most worms to replicate and spread across a network, thus consuming available computing resources and, in turn, causing network servers, web servers, and individual computer systems to become overloaded and stop responding.
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council (Module 07 Malware Threat)
Domain : Information Security Technologies
Q4 : server administrator configures access settings for users to authenticate first before accessing web pages. which requirement of information security is addressed by implementing the configuration.
A. Integrity B. Availability C. Confidentiality D. Scalability
Correct Answer: C
Option A : not correct Data integrity ensures that only authorized parties can modify data. Option B : not correct Availability applies to systems and data. ensures that network services and the data are accessible and performing well under all condition Option C : correct Confidentiality means that only authorized persons can work with and see our infrastructure’s digital resources Option D : not correct Scalability is the property of a system to handle a growing amount of work by adding resources to the system
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council (Module 01 Introduction to Ethical Hacking)
Domain : Network and Communication Technologies
Q5 : an organization allows employees to work from the outside network to access the data for a specific purpose. which technology should be implemented to ensure data confidentiality as data is transmitted.
A. Telnet B. VLAN C. WPA2 D. VPN
Option A : not correct Telnet is an application protocol used on the Internet or local area network to provide a bidirectional interactive text-oriented communication facility using a virtual terminal connection Option B : not correct A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer Option C : not correct WPA2 is encryption method for wireless network Option D : correct A virtual private network (VPN) extends a private network across a public network and enables users to send and receive data across shared or public networks with secure access to the private network
Reference: https://en.wikipedia.org/wiki/Virtual_private_network
Domain : Information Security Assessment Process
Q6 : attackers use image files to hide some information for malicious purposes. what type of technique did the attacker perform.
A. Spyware B. Cryptography C. Steganography D. Backdoor
Option A : not correct Spyware is stealthy computer monitoring software that allows you to record all the user activities on the target computer secretly Option B : not correct Cryptography is the practice of concealing information by converting plain text (readable format) into ciphertext (unreadable format) using a key or encryption scheme. Option C : correct Steganography refers to the art of hiding data ” behind ” other data without the target’s knowledge. Steganography hides the existence of the message. It replaces bits of unused data into the usual files such as graphic, sound, text, audio and video with some other surreptitious bits Option D : not correct A backdoor is a program which can bypass the standard system authentication or conventional system mechanism like IDS, firewalls, etc . without being detected. In these types of breaches, hackers leverage backdoor programs to access the victim’s computer or a network.
Domain : Information Security Controls
Q7 : which intrusion detection system is the best applicable to analyze the system’s behavior for desktop pc or server.
A. HIDS B. NIDS C. Firewall D. Antivirus
Option A : correct HIDS (Host-based Intrusion Detection System) analyze each system’s behavior and applicable on Desktop PC or Server Option B : not correct NIDS (Network-based Intrusion Detection System) check every packet entering the network. It is used in a large environment to inspect all traffic. Option C : not correct Firewall is not an IDS Option D : not correct Antivirus is not an IDS
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council (Module 12 IDS, Firewall Honeypot)
Q8 : What is the purpose of a demilitarized zone on a network?
A. Protecting the network devices B. Provide detection for malicious traffic on the network C. Provide security on servers D. Providing security to the internal network and only provide direct access to DMZ nodes
Option A : not correct For protecting network devices using the firewall. Option B : not correct It is the purpose of using the Intrusion Detection System (IDS). Option C : not correct Firewall and IDS will provide security for servers. Option D : correct DMZ is a small network placed as a neutral zone between the internal (trusted) network and external (untrusted) network to prevent an outsider from accessing the internal network directly.
Q9 : Which of the following types of firewall inspects specific traffic such as http:get or post?
A. Packet filtering firewall B. Application-level firewall C. Circuit-level gateway firewall D. Stateful Multilayer Inspection
Option A : not correct Packet Filtering firewall work at the network layer of the OSI model, each packet compared to a set of criteria before it is forwarded Option B : correct Application-level firewall (proxies) is filter packets at the application layer of the OSI model. This firewall inspect specific traffic on application such as http:get or post Option C : not correct Circuit level gateway firewall is work at the session layer of the OSI model Option D : not correct Combine aspect of the other type of firewalls packet filtering, application-level firewall, and circuit-level gateway firewall
Domain : Information Security Attack Detection
Q10 : the system administrator uses virus detection to prevent viruses on the system. he uses a tool for monitoring system operation requests that are written to disk. what is the virus detection method that the system administrator performs.
A. Scanning B. Interception C. Code Emulation D. Integrity Checking
Option A : not correct Use anti-virus to perform and detect viruses Option B : correct The interceptors monitors system operation requests that are written to disk Option C : not correct Use Virtual Machine to simulate CPU and memory activity Option D : not correct Reading entire disk and recorded integrity data that acts as a signature for the files and systems sector
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council (Module 07 Malware Threats)
Domain : Information Security Tools
Q11 : hyena is a tool to manages and secures windows operating systems and uses a windows explorer-style interface for all operations. it shows shares and user login names for windows servers and domain controllers. what is the purpose of using this tool.
A. NETBIOS Enumeration B. LDAP Enumeration C. SNMP Enumeration D. SMTP Enumeration
Option A: correct Hyena is tool for NETBIOS Enumeration Option B: not correct Hyena is not LDAP Enumeration tool Option C: not correct Hyena is not SNMP Enumeration tool Option D: not correct Hyena is not SMTP Enumeration tool
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council ( Module 04 Enumeration)
Q12 : Hashing is generating a value or values from a string of text using a mathematical function. Which of the following is assured by the use of a hash?
A. Confidentiality B. Integrity C. Availability D. Authentication
Option A: not correct Confidentiality means the only authorized person can access and read the data. Option B: correct The main role of a cryptographic hash function is to provide integrity in document management. Integrity ensures an only authorized person can modify the data. Option C: not correct Availability applies to system and data. Authorized persons can access data via network and minimalize the failure of the network. Option D: not correct Authentication is processed to identifies users or devices to access some resources.
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council ( Module 01 Introduction Ethical Hacking)
Domain : Information Security Systems
Q13 : domain name system (dns) has a few types of records. one type of them is aaaa record. what is the purpose of the aaaa record .
A. IPv4 address resolution record B. IPv6 address resolution record C. Mail exchange record D. Text record
Option A: not correct Record for IPv4 address is A Record. Option B: correct AAA is used for Returns, a 128-bit IPv6 address, most commonly used to map hostnames to the host’s IP address. Option C: not correct Mail exchanger record for DNS is MX Option D: not correct Text record for DNS is TX.
Reference: https://en.wikipedia.org/wiki/List_of_DNS_record_types
Domain : Information Security Assessment and Analysis
Q14 : cvss is a published standard that provides an open framework for communicating the characteristics and impacts of it vulnerabilities. cvss assessment consists of three metrics for measuring vulnerabilities. which of the following is the best definition of base metric.
A. Represents the inherent qualities of a vulnerability B. Represents the vulnerabilities that are based on a particular environment or implementation C. Represents the features that keep on changing during the lifetime of vulnerability D. Represent the type of vulnerability
Option A : correct Base metric represents the inherent qualities of a vulnerability Option B : not correct Environmental metric represents the vulnerabilities that are based on a particular environment or implementation Option C : not correct Temporal metric represents the features that keep on changing during the lifetime of a vulnerability Option D : not correct Not represent any metric
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council (Module 05 Vulnerability Analysis)
Q15 : Which type of hacker performs an attack on the system by using tools and knowledge found on the internet?
A. White Hat B. Grey Hat C. Black Hat D. Script Kiddies
Option A : not correct Security analyst or individuals with hacking skill using them for defensive purpose Option B : not correct Work for defensive and offensive purpose Option C : not correct Hacker with malicious and destructive activities Option D : correct Unskilled hackers, hacking and compromising system using tools are the scripts made by real hackers
Q16 : Which of the following OSI layers is the packet filtering firewall work on?
A. Application B. Application, Presentation, Session C. Physical, Data Link D. Data Link, Network, Transport
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council (Module 12 Evading IDS, Firewall and Honeypots)
Q17: The enormous usage of mobile devices has grabbed the attention of attackers. Mobile devices access many of the resources that traditional computers use. Apart from that, mobile devices also have some unique features that add new attack vectors and protocols to the mix. Which of the following are mobile attack vectors?
A. Malware B. Data Exfiltration C. Data Tampering D. Data Breaking
Correct Answers: A, B, and C
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council ( Module 17 Hacking Mobile Platform )
Domain: Network and Communication Technologies
Q18: which of the following protocol used to ensure security in transferring files across the network.
A. SSL B. HTTP C. TLS D. SFTP
Option A: not correct SSL is a protocol used to provide a secure authentication mechanism between two communicating applications Option B: not correct HTTP is an application protocol that used to access the web application Option C: not correct TLS is more secure than SSL. Transport Layer Security (TLS) is a protocol used to establish a secure connection between a client and a server and ensure the privacy and integrity of information during transmission Option D: correct SFTP is the protocol to ensure security in file transfer across the network
Reference: https://en.wikipedia.org/wiki/SSH_File_Transfer_Protocol
Domain: Information Security Attack Detection
Q19: how to detect a honeypot that running on vmware.
A. analyzing outgoing packets B. Looking for MAC Address range on IEEE standard C. Looking for specific TCP/IP parameters such as TTL, RTT, and, TCP timestamp D. using time-based TCP fingerprinting method
Option A: not correct It is used to detect snort firewall. Option B: correct It is used to detect honeypots running on VMware Option C: not correct It is used to detect honeypots using Linux Virtual Machine Option D: not correct An attacker can identify the presence of Honeyd honeypot by performing time-based TCP Fingerprinting
Domain: Information Security Systems
Q20: xyz company uses 10.20.29.0/27 for the local network. which of the following subnet mask in this network.
A. 255.255.255.0 B. 255.255.255.252 C. 255.255.255.248 D. 255.255.255.224
Option A: not correct It is a subnet mask for the/24 prefix Option B: not correct It is a subnet mask for /30 prefix Option C: not correct It is a subnet mask for the/29 prefix Option D: correct It is a subnet mask for /27 prefix
Reference: https://en.wikipedia.org/wiki/Subnetwork
Domain: Information Security Programs
Q21: in the linux system, you want to view firewall logs to evaluate network traffic. it would be best if you searched the specific logs with fast and efficient. which command-line utility are you most likely to use.
A. Notepad B. Nano C. Gedit D. Grep
Correct Answer: D
Explanation
Option A: not correct Notepad is a text editor in the Windows system Option B: not correct Nano is a tool used for the open text files in Linux Option C: not correct Gedit is GUI based text editor in Linux Option D: correct grep is a command-line utility for searching plain-text data sets for lines that match a regular expression
Reference: https://en.wikipedia.org/wiki/Grep
Domain: Information Security Tools
Q22: a pen-tester is attacking wireless networks using fake authentication and arp request injection. which tools should be used by a pen-tester.
A. Aircrack-ng B. Aireplay-ng C. Airman-ng D. Wireshark
Option A: not correct Defacto WEP and WPA/ WPA 2- PSK cracking tool. Option B: correct It is used for traffic generation fake authentication packet replay and ARP request injection. Option C: not correct It is used to enable monitor mode on wireless interfaces from managed mode and vice versa. Option D: not correct Wireshark allows attackers to read/capture live data from Ethernet, Token -Ring, FDDI, serial (PPP and SLIP), 802.11 wireless LAN, ATM connections, etc.
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council ( Module 16 Hacking Wireless Network)
Q23: It is the process of replacing unwanted bits in an image and its source files with the secret data. Which of the term being described?
Option A: not correct Spyware is stealthy computer monitoring software that allows you to record all the user activities on the target computer secretly Option B: not correct Cryptography is the practice of concealing information by converting plain text (readable format) into ciphertext (unreadable format) using a key or encryption scheme. Option C: correct Steganography refers to the art of hiding data ” behind ” other data without the target’s knowledge. Steganography hides the existence of the message. It replaces bits of unused data into the usual files such as graphics, sound, text, audio, and video with some other surreptitious bits Option D: not correct A backdoor is a program that can bypass the standard system authentication or conventional system mechanism like IDS, firewalls, etc . without being detected. In these types of breaches, hackers leverage backdoor programs to access the victim’s computer or a network.
Q24: Which protocol is used for setting up secure channels between two devices, typically in VPNs?
A. PPP B. IPSEC C. WPA D. WEP
Option A: not correct PPP is protocol in WAN connection Option B: correct Options C & D: not correct WEP and WPA are encryption in wireless communication
Q25: John the Ripper is a technical assessment tool used to test the weakness of which of the following?
A. Usernames B. File permissions C. Firewall rulesets D. Passwords
Correct Answer : D
Options A, B & C: not correct John the ripper targeted for password
Option D: correct John the ripper is the tool for brute force password attack. It is used to find a password combination.
Reference: CEHv10, Ethical Hacking and Countermeasure EC-Council (Module 13 Hacking Web Server)
We are hopeful that these Certified Ethical Hacker exam questions must have helped you get an assessment of the exam and you are more confident with your preparation now. We also provide you with more such Ethical Hacking practice exam Questions. Preparation is the key to success. Keep Learning!
- About the Author
- More from Author
About Abilesh Premkumar
- Top 25 DevSecOps Interview Question and Answers for 2023 - March 1, 2023
- How to prepare for VMware Certified Technical Associate [VCTA-DCV] Certification? - February 14, 2023
- Top 20 Cloud Influencers in 2023 - January 31, 2023
- 25 Free Question on SC-100: Microsoft Cybersecurity Architect - January 27, 2023
- Preparation Guide on MS-101: Microsoft 365 Mobility and Security - December 26, 2022
- Exam tips to prepare for Certified Kubernetes Administrator: CKA Exam - November 24, 2022
- Top Hands-On Labs To Prepare For AWS Certified Cloud Practitioner Certification - October 27, 2022
- Why do you need to upskill your teams with the Azure AI fundamentals? - October 11, 2022
Related Posts
How to Become a Cyber Security Professional?
A Quick Introduction to Cybersecurity
Leave a comment cancel reply.
Your email address will not be published. Required fields are marked *
IMAGES
VIDEO
COMMENTS
Threat actors who violate computer security for personal gain or to inflict malicious damage. - steal credit card numbers - corrupt a hard drive.
Study with Quizlet and memorize flashcards containing terms like Your company's Accounts Payable department reports that an invoice was marked as paid
Which type of threat actor would benefit the most from accessing your enterprise's new machine learning. algorithm research and development program?
Why might internal security threats cause greater damage to an organization than external security threats? Internal users have better hacking
Study Chapter 01 – Quiz Introduction to Security flashcards from Brian Smith's Valencia Community College class online, or in Brainscape's iPhone or Android
Assignment-Module-for-Chapter-1-Introduction-to-Computer-Security (1) - Read online for free.
Domain: Information Security Threats and Attack Vectors ... Hacking and Countermeasure EC-Council (Module 01 Introduction Ethical hacking)
Showing 1 to 39 of 39 · Module 4 Quiz.docx · Defense Institute of Security Assistance Management · Introduction to Security Cooperation · SC -101-E01-2 - Summer
View SC 101 Module 3 Quiz.docx from MTH 133 at Central Michigan University. ... SC-101-E01-2020: Introduction to Security CooperationModule 3Review Test
This publication has been developed by NIST in accordance with its statutory responsibilities under the. Federal Information Security Modernization Act