312-50V8 Online Practice Questions and Answers

You are the Systems Administrator for a large corporate organization. You need to monitor all network traffic on your local network for suspicious activities and receive notifications when an attack is occurring. Which tool would allow you to accomplish this goal?

A. Host-based IDS

B. Firewall

C. Network-Based IDS

D. Proxy

Which of the following is NOT a valid NetWare access level?

A. Not Logged in

B. Logged in

C. Console Access

D. Administrator

Which tool/utility can help you extract the application layer data from each TCP connection from a log file into separate files?

A. Snort

B. argus

C. TCPflow

D. Tcpdump

While investigating a claim of a user downloading illegal material, the investigator goes through the files on the suspect's workstation. He comes across a file that is just called "file.txt" but when he opens it, he finds the following:

What can he infer from this file?

A. A picture that has been renamed with a .txt extension

B. An encrypted file

C. An encoded file

D. A buffer overflow

Which of the following guidelines or standards is associated with the credit card industry?

A. Control Objectives for Information and Related Technology (COBIT)

B. Sarbanes-Oxley Act (SOX)

C. Health Insurance Portability and Accountability Act (HIPAA)

D. Payment Card Industry Data Security Standards (PCI DSS)

Which of the following processes of PKI (Public Key Infrastructure) ensures that a trust relationship exists and that a certificate is still valid for specific operations?

A. Certificate issuance

B. Certificate validation

C. Certificate cryptography

D. Certificate revocation

Jane wishes to forward X-Windows traffic to a remote host as well as POP3 traffic. She is worried that adversaries might be monitoring the communication link and could inspect captured traffic. She would like to tunnel the information to the remote end but does not have VPN capabilities to do so.

Which of the following tools can she use to protect the link?

A. MD5

B. PGP

C. RSA

D. SSH

This method is used to determine the Operating system and version running on a remote target system. What is it called?

A. Service Degradation

B. OS Fingerprinting

C. Manual Target System

D. Identification Scanning

You work for Acme Corporation as Sales Manager. The company has tight network security restrictions. You are trying to steal data from the company's Sales database (Sales.xls) and transfer them to your home computer. Your company filters and monitors traffic that leaves from the internal network to the Internet.

How will you achieve this without raising suspicion?

A. Encrypt the Sales.xls using PGP and e-mail it to your personal gmail account

B. Package the Sales.xls using Trojan wrappers and telnet them back your home computer

C. You can conceal the Sales.xls database in another file like photo.jpg or other files and send it out in an innocent looking email or file transfer using Steganography techniques

D. Change the extension of Sales.xls to sales.txt and upload them as attachment to your hotmail account

What is the correct order of steps in CEH System Hacking Cycle?

A. Option A

B. Option B

C. Option C

D. Option D