312-50V7 Exam Questions

What does ICMP (type 11, code 0) denote?

You are the security administrator of Jaco Banking Systems located in Boston. You are setting up customer with a single password, you give them a printed list of 100 unique passwor...

What type of Trojan is this?

Maintaining a secure Web server requires constant effort, resources, and vigilance from an organization. Securely administering a Web server on a daily basis is an essential aspect...

In Buffer Overflow exploit, which of the following registers gets overwritten with return address of the exploit code?

Web servers often contain directories that do not need to be indexed. You create a text file with search engine indexing restrictions and place it on the root directory of the Web...

An attacker has successfully compromised a remote computer. Which of the following comes as one of the last steps that should be taken to ensure that the compromise cannot be trace...

Attackers target HINFO record types stored on a DNS server to enumerate information. These are information records and potential source for reconnaissance. A network administrator...

Bret is a web application administrator and has just read that there are a number of surprisingly common web application vulnerabilities that can be exploited by unsophisticated at...

What is War Dialing?

Steven the hacker realizes the network administrator of Acme Corporation is using syskey in Windows 2008 Server to protect his resources in the organization. Syskey independently e...

Bob waits near a secured door, holding a box. He waits until an employee walks up to the secured door and uses the special card in order to access the restricted area of the target...

Ursula is a college student at a University in Amsterdam. Ursula originally went to college to study engineering but later changed to marine biology after spending a month at sea w...

Attacking well-known system defaults is one of the most common hacker attacks. Most software is shipped with a default configuration that makes it easy to install and setup the app...

This tool is widely used for ARP Poisoning attack. Name the tool.

In the context of password security: a simple dictionary attack involves loading a dictionary file (a text file full of dictionary words) into a cracking application such as L0phtC...

BankerFox is a Trojan that is designed to steal users' banking data related to certain banking entities. When they access any website of the affected banks through the vulnerable F...

You receive an e-mail with the following text message. "Microsoft and HP today warned all customers that a new, highly dangerous virus has been discovered which will erase all your...

Choose one of the following pseudo codes to describe this statement: "If we have written 200 characters to the buffer variable, the stack should stop because it cannot hold any mor...

One of the effective DoS/DDoS countermeasures is 'Throttling'. Which statement correctly defines this term?

Which of the following tool would be considered as Signature Integrity Verifier (SIV)?

Attackers footprint target Websites using Google Hacking techniques. Google hacking is a term that refers to the art of creating complex search engine queries. It detects websites...

Bob has set up three web servers on Windows Server 2008 IIS 7.0. Bob has followed all the recommendations for securing the operating system and IIS. These servers are going to run...

Which of the following statement correctly defines ICMP Flood Attack? (Select 2 answers)

Which type of scan does NOT open a full TCP connection?

Lori was performing an audit of her company's internal Sharepoint pages when she came across the following codE. What is the purpose of this code?

What sequence of packets is sent during the initial TCP three-way handshake?

Steve scans the network for SNMP enabled devices. Which port number Steve should scan?

You are footprinting an organization and gathering competitive intelligence. You visit the company's website for contact information and telephone numbers but do not find them list...

You are the CIO for Avantes Finance International, a global finance company based in Geneva. You are responsible for network functions and logical security throughout the entire co...

A Trojan horse is a destructive program that masquerades as a benign application. The software initially appears to perform a desirable function for the user prior to installation...

Which of the following is NOT part of CEH Scanning Methodology?

Lee is using Wireshark to log traffic on his network. He notices a number of packets being directed to an internal IP from an outside IP where the packets are ICMP and their size i...

This method is used to determine the Operating system and version running on a remote target system. What is it called?

William has received a Chess game from someone in his computer programming class through email. William does not really know the person who sent the game very well, but decides to...

John the hacker is sniffing the network to inject ARP packets. He injects broadcast frames onto the wire to conduct MiTM attack. What is the destination MAC address of a broadcast...

The programmers on your team are analyzing the free, open source software being used to run FTP services on a server in your organization. They notice that there is excessive numbe...

What framework architecture is shown in this exhibit?

You are gathering competitive intelligence on an organization. You notice that they have jobs listed on a few Internet job-hunting sites. There are two jobs for network and system...

TCP packets transmitted in either direction after the initial three-way handshake will have which of the following bit set?

Which of the following steganography utilities exploits the nature of white space and allows the user to conceal information in these white spaces?

You have chosen a 22 character word from the dictionary as your password. How long will it take to crack the password by an attacker?

While testing web applications, you attempt to insert the following test script into the search area on the company's web site: <script>alert('Testing Testing Testing')</script> La...

What techniques would you use to evade IDS during a Port Scan? (Select 4 answers)

Bob was frustrated with his competitor, Brownies Inc., and decided to launch an attack that would result in serious financial losses. He planned the attack carefully and carried ou...

In this type of Man-in-the-Middle attack, packets and authentication tokens are captured using a sniffer. Once the relevant information is extracted, the tokens are placed back on...

Johnny is a member of the hacking group Orpheus1. He is currently working on breaking into the Department of Defense's front end Exchange Server. He was able to get into the server...

The FIN flag is set and sent from host A to host B when host A has no more data to transmit (Closing a TCP connection). This flag releases the connection resources. However, host A...

Jason is the network administrator of Spears Technology. He has enabled SNORT IDS to detect attacks going through his network. He receives Snort SMS alerts on his iPhone whenever t...

Leesa is the senior security analyst for a publicly traded company. The IT department recently rolled out an intranet for company use only with information ranging from training, t...