CEH 02 segundo test para el Certified Ethical Hacker

1. An Intrusion Detection System(IDS) has alerted the network administrator to a possibly malicious sequence of packets went to a Web server in the networks external DMZ. The packet traffic was captured by the IDS and saved to a PCAP file. What type of network tool can be used to determine if these packets are genuinely malicious or simply a false positive?

2. You are performing a penetration test. You achieved access via a buffer overflow exploit and you proceed to find interesting data, such as files with usernames and passwords. You find a hidden folder that has the administrators bank account password and login information for the administrators bitcoin account. What should you do?

3. You’ve just been hired to perform a pentest on an organization that has been subjected to a large-scale attack. The CIO is concerned with mitigating threats and vulnerabilities to totally eliminate risk. What is one of the first thing you should to when the job?

4. Which of the following best describes a distributed denial-of-service attack?

5. The Open Web Application Security Project (OWASP) is the worldwide not-for-profit charitable organization focused on improving the security of software. What item is the primary concern on OWASPs Top Ten Project most Critical Web application Security Rules?

6. Which of the following tools can be used to crack SAM files in Windows?

7. This phase is the very first step in Information Gathering, and it will tell you what the landscape looks like, and also  will increase the odds of success in later phases of the penetration test.  Most experts think that  is the most important phase of ethical hacking in which you need to spend a considerable amount of time. Can you name it?

8. Which of the following is the greatest threat posed by backups?

9. During a security audit of IT processes, an IS auditor found that there was no documented security procedures. What should the IS auditor do?

10. Which of the following is true regarding WEP cracking?