Complete exam
Brad has done some research and determined a certain set of systems on his network fail once every ten years. This purchase price for each of these systems is $1200. Additionally, Brad discovers the administrators on staff, who earn $50 an hour, estimate five hours to replace a machine. Five employees, earning $25 an hour, depend on each system and will be completely unproductive while it is down. If you were to ask Brad for an ALE on these devices, what should he answer with? A. $2075 B. $207.50 C. $ 120 D. $1200 Chapter 1
A. $2075
An ethical hacker is hired to test the security of a business network. The CEH is given no prior knowledge of the network and has a specific framework in which to work, defining boundaries, nondisclosure agreements, and the completion date. Which of the following is a true statement? A. A white hat is attempting a black box test B. A white hat is attempting a white box test C. A black hat is attempting a block box test D. A black hat is attempting a gray box test Chapter 1
A. A white hat is attempting a black box test
Which of the following are passive foot printing methods? (Choose all that apply.) A. Checking DNS replies for network mapping purposes B. Collecting information through publicly accessible sources C. Performing a ping sweep against the network range D. Sniffing network traffic through a network tap. Chapter 2
A. Checking DNS replies for network mapping purposes B. Collecting information through publicly accessible sources
4. An SOA record gathered from a zone transfer is shown here: What is the name of the authoritative DNS server for the domain, and how often will secondary servers check in for updates? A. DNSRV1.anycomp.com, every 3600 seconds B. DNSRV1.anycomp.com, every 600 seconds C. DNSRV1.anycomp.com, every 4 seconds D. postmaster.anycomp.com, every 600 seconds Chapter 2
A. DNSRV1.anycomp.com, every 3600 seconds
Enacted in 2002, this U.S. law requires every federal agency to implement information security programs, including significant reporting on compliance and accreditation. Which of the following is the best choice for this definition? A. FISMA B. HIPAA C. NIST 800-53 D. OSSTMM Chapter 1
A. FISMA
Your company has a document that spells out exactly what employees are allowed to do on their computer systems. It also defines what is prohibited and what consequences await those who break the rules. A copy of this document is signed by all employees prior to their network access. Which of the following best describes this policy? A. Information Security Policy B. Special Access Policy C. Information audit Policy D. Network Connection Policy Chapter 1
A. Information Security Policy
Which OSRF application checks to see if a username has been registered in up to 22 different email providers? A. Mailfy.py B. usufy.py C. entify.py D. searchfy.py Chapter 2
A. Mailfy.py
A security peer is confused about a recent incident. An attacker successfully accessed a machine in the organization and made off with some sensitive data. A full vulnerability scan was run immediately following the theft, and nothing was discovered. Which of the following best describes what may have happened? A. The attacker took advantage of a zero-day vulnerability on the machine. B. The attacker performed a full rebuild of the machine after he was done. C. The attacker performed a denial-of-service attack. D. Security measures on the device were completely disabled before the attack began. Chapter 2
A. The attacker took advantage of a zero-day vulnerability on the machine.
Which foot printing tool or technique can be used to find the names and addresses of employees or technical points of contact? A. whois B. nslookup C. dig D. tracer route Chapter 2
A. Whois
Which of the following best describes the role that the U.S. computer Security Incident Response Team (CSIRT) provides? A. Vulnerability measurement and assessments for the U.S. Department of Defense B. A reliable and consistent point of contact for all incident response services for associates of the department of homeland security C. Incident response services for all internet providers. D. Pen Test registration for public and private sector Chapter 2
B. A reliable and consistent point of contact for all incident response services for associates of the department of homeland security
Sally is a member of a pen test team newly hired to test a bank's security. She begins searching for IP addresses the bank may own by searching public records on the internet. She also looks up news articles and job postings to discover information that may be valuable. In what phase of the pen test is Sally working? A. Preparation B. Assessment C. Conclusion D. Reconnaissance Chapter 1
B. Assessment
Which of the following best describes an effort to identify systems that are critical for continuation of operation for the organization? A. BCP B. BIA C. MTD D. DRP Chapter 1
B. BIA (Business Impact Analysis)
As a pen test team member , you being searching for IP ranges owned by the target organization and discover their network range. You also read job postings and news articles and visit the organization's website. throughout the first week of the test, you also observe when employees come to and leave work, and you rummage through the trash outside the building for useful information. Which type of foot printing are you accomplishing? A. Active B. Passive C. Reconnaissance D. None of the above Chapter 2
B. Passive
In which stage of an ethical hack would the attacker actively apply tools and techniques to gather more in depth information on the targets? A. Active reconnaissance B. Scanning and enumeration C. Gaining access D. Passive reconnaissance Chapter 1
B. Scanning and enumeration
Joe is a security engineer for a firm. His company downsizes, and joe discovers he will be laid off within a short amount of time. Joe plants viruses and sets about destroying data and settings throughout the network, with no regard to being caught. Which type of hacker is Joe considered to be? A. Hacktivist B. Suicide hacker C. Black hat D. Script kiddie Chapter 1
B. Suicide hacker
Which type of attack is generally conducted as an inside attacker with elevated privileges on the resources? A. Gray Box B. White box C. Black box D. Active reconnaissance Chapter 1
B. White box
Which of the following would be the best example of a deterrent control? A. A log aggregation system B. Hidden cameras onsite C. A guard posted outside the door D. Backup recovery systems Chapter 1
C. A guard posted outside the door
You have an FTP service and an HTTP site on a single server. Which DNS record allows you to alias both services to the same record (IP address)? A. NS B. SOA C. CNAME D. PTR Chapter 2
C. CNAME
Elements of security include confidentiality, integrity, and availability. Which technique provides for integrity? A. Encryption B. UPS C. Hashing D. Passwords Chapter 1
C. Hashing
Which of the following would be the best choice for foot printing restricted URLs and OS information from a target? A. www.archive.org B. www.alexa.com C. Netcraft D. Yesware Chapter 2
C. Netcraft
Which of the following consist of a publicly available set of databases that contain domain name registration contact information? A. IETF B. IANA C. Whois D. OSRF Chapter 2
C. Whois
When an attack by a hacker is politically motivated, the hacker is said to be participating in which of the following? A. Black hat hacking B. Gray box attacks C. Gray hat attacks D. Hacktivism Chapter 1
D. Hacktivism
Which of the following common criteria processes refers to the system or product being tested? A. ST B. PP C. EAL D. TOE Chapter 1
D. TOE
Two hacker attempt to crack a company's network resource security. One is considered an ethical hacker, whereas the other is not. What distinguishes the ethical hacker from the cracker? A. The cracker always attempts white box testing. B. The ethical hacker always attempts blackbox testing C. The cracker post results to the internet. D. The ethical hacker always obtains written permission before testing. Chapter 1
D. The ethical hacker always obtains written permission before testing.
Which Google hack would display all pages that have the words SQL and Version in their titles? A. inurl:SQL inurl:version B. allinurl:SQL version C. intitle:SQL inurl:version D. allintitle:SQL version Chapter 2
D. allintitle:SQL version
A pen tester is attempting to use nslookup and has the tool in interactive mode for the search. Which command should be used to request the appropriate records? A. request type =ns B. transfer type = ns C. locate type = ns D. set type = ns Chapter 2
D. set type = ns