Complete exam

Brad has done some research and determined a certain set of systems on his network fail once every ten years. This purchase price for each of these systems is $1200. Additionally, Brad discovers the administrators on staff, who earn $50 an hour, estimate five hours to replace a machine. Five employees, earning $25 an hour, depend on each system and will be completely unproductive while it is down. If you were to ask Brad for an ALE on these devices, what should he answer with? A. $2075 B. $207.50 C. $ 120 D. $1200 Chapter 1

A. $2075

An ethical hacker is hired to test the security of a business network. The CEH is given no prior knowledge of the network and has a specific framework in which to work, defining boundaries, nondisclosure agreements, and the completion date. Which of the following is a true statement? A. A white hat is attempting a black box test B. A white hat is attempting a white box test C. A black hat is attempting a block box test D. A black hat is attempting a gray box test Chapter 1

A. A white hat is attempting a black box test

Which of the following are passive foot printing methods? (Choose all that apply.) A. Checking DNS replies for network mapping purposes B. Collecting information through publicly accessible sources C. Performing a ping sweep against the network range D. Sniffing network traffic through a network tap. Chapter 2

A. Checking DNS replies for network mapping purposes B. Collecting information through publicly accessible sources

4. An SOA record gathered from a zone transfer is shown here: What is the name of the authoritative DNS server for the domain, and how often will secondary servers check in for updates? A. DNSRV1.anycomp.com, every 3600 seconds B. DNSRV1.anycomp.com, every 600 seconds C. DNSRV1.anycomp.com, every 4 seconds D. postmaster.anycomp.com, every 600 seconds Chapter 2

A. DNSRV1.anycomp.com, every 3600 seconds

Enacted in 2002, this U.S. law requires every federal agency to implement information security programs, including significant reporting on compliance and accreditation. Which of the following is the best choice for this definition? A. FISMA B. HIPAA C. NIST 800-53 D. OSSTMM Chapter 1

A. FISMA

Your company has a document that spells out exactly what employees are allowed to do on their computer systems. It also defines what is prohibited and what consequences await those who break the rules. A copy of this document is signed by all employees prior to their network access. Which of the following best describes this policy? A. Information Security Policy B. Special Access Policy C. Information audit Policy D. Network Connection Policy Chapter 1

A. Information Security Policy

Which OSRF application checks to see if a username has been registered in up to 22 different email providers? A. Mailfy.py B. usufy.py C. entify.py D. searchfy.py Chapter 2

A. Mailfy.py

A security peer is confused about a recent incident. An attacker successfully accessed a machine in the organization and made off with some sensitive data. A full vulnerability scan was run immediately following the theft, and nothing was discovered. Which of the following best describes what may have happened? A. The attacker took advantage of a zero-day vulnerability on the machine. B. The attacker performed a full rebuild of the machine after he was done. C. The attacker performed a denial-of-service attack. D. Security measures on the device were completely disabled before the attack began. Chapter 2

A. The attacker took advantage of a zero-day vulnerability on the machine.

Which foot printing tool or technique can be used to find the names and addresses of employees or technical points of contact? A. whois B. nslookup C. dig D. tracer route Chapter 2

A. Whois

Which of the following best describes the role that the U.S. computer Security Incident Response Team (CSIRT) provides? A. Vulnerability measurement and assessments for the U.S. Department of Defense B. A reliable and consistent point of contact for all incident response services for associates of the department of homeland security C. Incident response services for all internet providers. D. Pen Test registration for public and private sector Chapter 2

B. A reliable and consistent point of contact for all incident response services for associates of the department of homeland security

Sally is a member of a pen test team newly hired to test a bank's security. She begins searching for IP addresses the bank may own by searching public records on the internet. She also looks up news articles and job postings to discover information that may be valuable. In what phase of the pen test is Sally working? A. Preparation B. Assessment C. Conclusion D. Reconnaissance Chapter 1

B. Assessment

Which of the following best describes an effort to identify systems that are critical for continuation of operation for the organization? A. BCP B. BIA C. MTD D. DRP Chapter 1

B. BIA (Business Impact Analysis)

As a pen test team member , you being searching for IP ranges owned by the target organization and discover their network range. You also read job postings and news articles and visit the organization's website. throughout the first week of the test, you also observe when employees come to and leave work, and you rummage through the trash outside the building for useful information. Which type of foot printing are you accomplishing? A. Active B. Passive C. Reconnaissance D. None of the above Chapter 2

B. Passive

In which stage of an ethical hack would the attacker actively apply tools and techniques to gather more in depth information on the targets? A. Active reconnaissance B. Scanning and enumeration C. Gaining access D. Passive reconnaissance Chapter 1

B. Scanning and enumeration

Joe is a security engineer for a firm. His company downsizes, and joe discovers he will be laid off within a short amount of time. Joe plants viruses and sets about destroying data and settings throughout the network, with no regard to being caught. Which type of hacker is Joe considered to be? A. Hacktivist B. Suicide hacker C. Black hat D. Script kiddie Chapter 1

B. Suicide hacker

Which type of attack is generally conducted as an inside attacker with elevated privileges on the resources? A. Gray Box B. White box C. Black box D. Active reconnaissance Chapter 1

B. White box

Which of the following would be the best example of a deterrent control? A. A log aggregation system B. Hidden cameras onsite C. A guard posted outside the door D. Backup recovery systems Chapter 1

C. A guard posted outside the door

You have an FTP service and an HTTP site on a single server. Which DNS record allows you to alias both services to the same record (IP address)? A. NS B. SOA C. CNAME D. PTR Chapter 2

C. CNAME

Elements of security include confidentiality, integrity, and availability. Which technique provides for integrity? A. Encryption B. UPS C. Hashing D. Passwords Chapter 1

C. Hashing

Which of the following would be the best choice for foot printing restricted URLs and OS information from a target? A. www.archive.org B. www.alexa.com C. Netcraft D. Yesware Chapter 2

C. Netcraft

Which of the following consist of a publicly available set of databases that contain domain name registration contact information? A. IETF B. IANA C. Whois D. OSRF Chapter 2

C. Whois

When an attack by a hacker is politically motivated, the hacker is said to be participating in which of the following? A. Black hat hacking B. Gray box attacks C. Gray hat attacks D. Hacktivism Chapter 1

D. Hacktivism

Which of the following common criteria processes refers to the system or product being tested? A. ST B. PP C. EAL D. TOE Chapter 1

D. TOE

Two hacker attempt to crack a company's network resource security. One is considered an ethical hacker, whereas the other is not. What distinguishes the ethical hacker from the cracker? A. The cracker always attempts white box testing. B. The ethical hacker always attempts blackbox testing C. The cracker post results to the internet. D. The ethical hacker always obtains written permission before testing. Chapter 1

D. The ethical hacker always obtains written permission before testing.

Which Google hack would display all pages that have the words SQL and Version in their titles? A. inurl:SQL inurl:version B. allinurl:SQL version C. intitle:SQL inurl:version D. allintitle:SQL version Chapter 2

D. allintitle:SQL version

A pen tester is attempting to use nslookup and has the tool in interactive mode for the search. Which command should be used to request the appropriate records? A. request type =ns B. transfer type = ns C. locate type = ns D. set type = ns Chapter 2

D. set type = ns