(CEH)Certified Ethical Hacker V9 Certification practice questions and answers for free| Page 31 -- Infibee

General Knowledge
General Aptitude
General English
Networking
Interview Questions
- .NET
- Java
- ASP.NET
- C++
- Perl
- Python
- Ruby and Rails
- Struts
- Core Java
- Hibernate
- DB2
- MS SQL Server
- MySQL
- Oracle
- SQL
- DBMS
- Data Warehousing
- Data structures and Algorithms
- CCNA
- CCNP Routing
- CCNP Switching
- Internetworking
- Border Gateway Protocol
- MCSE
- Exchange Server
- Windows Server 2008
- DNS & Active Directory
- Firewall Questions
- Unix
- Linux Server Administrator
- Linux System Administrator
- Linux File Manipulation
Database

Home
Security
CEH Certified Ethical Hacker 312-50

151.

Which kind of values is injected into a connection to the host machine in an effort to increment the sequence number in a predictable fashion?

A.
Counted
B.
Bit
C.
Null
D.
IP

Answer & Explanation
Report

Answer : [C]
Explanation :

Null values are used to increment the sequence numbers of packets between the victim and the host. The null packets are sent to the host machine in an effort to prepare for desynchronizing the client.

Report

Name

152.

An ethical hacker sends a packet with a deliberate and specific path to its destination. What technique is the hacker using?

A.
IP spoofing
B.
Source routing
C.
ARP poisoning
D.
Host routing

Answer & Explanation
Report

Answer : [B]
Explanation :

Source routing specifies the path the packet will take to its destination. Source routing can give an attacker the flexibility to direct traffic around areas that may prevent traffic flow or redirect traffic in an undesired fashion.

Report

Name

153.

Network-level hijacking focuses on the mechanics of a connection such as the manipulation of packet sequencing. What is the main focus of web app session hijacking?

A.
Breaking user logins
B.
Stealing session IDs
C.
Traffic redirection
D.
Resource DoS

Answer & Explanation
Report

Answer : [B]
Explanation :

Stealing session IDs is the main objective in web session hijacking. Session IDs allow the attacker to assume the role of the legitimate client without the timeconsuming task of brute-forcing user logins or sniffing out authentication information.

Report

Name

154.

A public use workstation contains the browsing history of multiple users who logged in during the last seven days. While digging through the history, a user runs across the following web address: www.test.com/&w25/session=22525. What kind of embedding are you seeing?

A.
URL embedding
B.
Session embedding
C.
Hidden form embedding
D.
Tracking cookie

Answer & Explanation
Report

Answer : [A]
Explanation :

A session ID coded directly into a URL is categorized as a URL-embedded session ID. Remnant session information left in a browser’s history can potentially lead to another user or attacker attempting to reuse an abandoned session.

Report

Name

155.

Julie has sniffed an ample amount of traffic between the targeted victim and an authenticated resource. She has been able to correctly guess the packet sequence numbers and inject packets, but she is unable to receive any of the responses. What does this scenario define?

A.
Switched network
B.
SSL encryption
C.
TCP hijacking
D.
Blind hijacking

Answer & Explanation
Report

Answer : [D]
Explanation :

The key portion of the question is that Julie is not receiving a response to her injected packets and commands. Although the sequence prediction does relate to TCP hijacking, the best answer is blind hijacking.

Report

Name

Pages
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20

Sitemap