Exam (elaborations)
ECSA and CHFI Flash Test Questions And Accurate Answers
- Course
- Institution
ECSA and CHFI Flash Test Questions And Accurate Answers...
[Show more]
Content preview
ECSA and CHFI Flash Test Questions AndAccurate Answers
A - ANSWER Your company's network just finished going through a SAS 70 audit. This
audit reported that
overall, your network is secure, but there are some areas that needs improvement. The
major area
was SNMP security. The audit company recommended turning off SNMP, but that is not
an option
since you have so many remote nodes to keep track of. What step could you take to help
secure
SNMP on your network?
A. Change the default community string names
B. Block all internal MAC address from using SNMP
C. Block access to UDP port 171
D. Block access to TCP port 171
A - ANSWER What layer of the OSI model do routers function on?
A. 3
B. 4
C. 5
D. 1
A - ANSWER What is an "idle" system also known as?
A. Zombie
B. PC not being used
C. Bot
,D. PC not connected to the Internet
D - ANSWER What operating system would respond to the following command?
C:\\ nmap -sW <ip>
A. Mac OS X
B. Windows XP
C. Windows 95
D. FreeBSD
D - ANSWER Why are Linux/Unix based computers better to use than Windows
computers for idle scanning?
A. Windows computers will not respond to idle scans
B. Linux/Unix computers are constantly talking
C. Linux/Unix computers are easier to compromise
D. Windows computers are constantly talking
D - ANSWER How many bits is the length of the Source Port Number in the TCP Header
packet?
A. 48
B. 32
C. 64
D. 16
A - ANSWER Why are Linux/Unix based computers to be used instead of Windows
computers for idle scanning?
A. Because Windows computers are constantly talking
,B. Because Linux/Unix computers are constantly talking
C. Because Linux/Unix computers are easier to compromise
D. Because Windows computers will not respond to idle scans
D - ANSWER Simon is a former employee of Trinitron XML Inc. He feels that he was
wrongly terminated and wants
to hack into his earlier company's network. As Simon remembers some of the server
names,
he tries running the axfr and ixfr commands using DIG. What is Simon trying to achieve
here?
A. Enumerate all users in the domain
B. Perform DNS poisoning
C. Send DOS commands to crash the DNS servers
D. Zone transfer
B - ANSWER You are performing the final round of testing for you new website before it
goes live. The website
contains many dynamic pages and interfaces with a SQL back-end that queries your
product
inventory in
database. You happen upon a web security site suggesting you enter the following text
in a form search field
on web pages to test for susceptibilities:
<script>alert("This is a test.")</script>
When you type this and click on search, you get a pop-up window that says: "This is a
test." What does this test show?
A. Your website is vulnerable to web bugs
B. Your website is vulnerable to CSS
C. Your website is not vulnerable
, D. Your website is vulnerable to SQL injection
A - ANSWER After having attended a CEH security seminar, you write down a list of
changes you would want to carry out on
your network to increase its security. One of the first things you change is to switch the
RestrictAnonymous setting from 0 to 1 on your servers. This, as you were told, would
stop
anonymous users from establishing a null session on the server. Using Userinfo tool
mentioned at the seminar, you succeed in establishing a null session with one of the
servers. Why is that?
A. RestrictAnonymous must be set to "2" for complete security
B. RestrictAnonymous must be set to "3" for complete security
C. There is no way to always prevent an anonymous null session from establishing
D. RestrictAnonymous must be set to "10" for complete security
A - ANSWER What will the following command accomplish?
C:\\ nmap -v -sS -Po <ip> -data_length 6600 0-packet_trace
A. Test ability of a router to handle over-sized packets
B. Stress test a router with fragmented packets
C. Stress test a WLAN with fragmented packets
D. Stress test a router with under-sized packets
D - ANSWER What are the security risks of running an "in-place repair" installation for
Windows XP?
A. There is no security risk in performing the "in-place repair" installation on Windows
XP
B. Shift+F1 provides administrative privileges
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Easton. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $15.99. You're not tied to anything after your purchase.
Can Stuvia be trusted?
4.6 stars on Google & Trustpilot (+1000 reviews)
79373 documents were sold in the last 30 days
Founded in 2010, the go-to place to buy study notes for 14 years now