FREE Certified Ethical Hacker MCQ Questions and Answers
Which device consolidates several security tasks into a single system that may be put at a single network point?
A unified threat management (UTM) device is a device that consolidates many security functions or systems into a single system that may be put at a single location throughout the whole network. This UTM would replace the following: (A) a firewall; (B) an intrusion detection device; (C) an intrusion protection device; and (D) antivirus protection.
Which of the following describes the threat agent's strategy for taking advantage of vulnerability?
Threat vectors are the paths or means by which malicious attacks can pass the system's defenses and enter the network. Email-based attacks and malicious attachments target the email threat vector.
In 2004, Johnny Long popularized a footprinting technique using the manipulation of a search string to identify vulnerabilities.
Google Hacking is a footprinting technique that was made popular by Johnny Long in 2004. It involves changing a search string to look for vulnerabilities.
Let's say you want to find information about a website by crawling through it. Which application do you apply?
Web spiders are apps that crawl through a website to discover information about it.
What best characterizes ARP Poisoning?
By changing the ARP cache, ARP poisoning is the process of adding bad entries to machines.
Cloud computing provides users and organization subscribers delivery of different IT services over a network. Which type of cloud computing is geared toward software development and provides a development platform that authorizes subscribers to develop applications without building the infrastructure it would normally take to develop and launch software?
Platform as a Service (PaaS) is a cloud computing model in which a third-party provider sends hardware and software tools to users over the internet. Providers of PaaS host hardware and software on their infrastructure. As a result, PaaS frees developers from needing to install in-house hardware and software to build or execute a new application.
Except for one, all of the examples below are sniffing techniques.
DAC Flooding is not a method for sniffing.
Stan wiretapped his ex-girlfriend's phone to monitor her current partner. What is an example of wiretapping?
Sniffing is the practice of collecting and analyzing packets as they travel via wires or airwaves. Sniffing is also known as wiretapping.
What is the definition of Threat?
A threat is anything that has the potential to compromise the CIA triads of secrecy, integrity, and availability. Any occurrence, event, or incident that has the potential to negatively influence an Information System via illegal access to the computer system, full destruction of the system, disclosure, deletion, or addition of data, and/or denial of service.
When this flag is set, communication is abruptly ended.
When the RST (reset) flag is set, communication is abruptly ended.
Which of these is not an element of security?
The three fundamental principles of information security are Confidentiality, Integrity, and Availability (CIA).