Download PASSEMALL Prep app now
or get instant
to install app
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.
Which of the following actions is not expressly forbidden by the CEH Code of Ethics?
Disclosing potential dangers to the Internet community
What testing method did you use in the situation: You've been assigned with conducting a penetration test. While researching information, you come across an employee list on Google. You locate the receptionist's email address and send her an email with the source email set to her boss's address ([email protected]). You request a pdf with information in this email. She reads your email and responds with a pdf including links. You replace the pdf links with your malicious links (which include malware) and return the updated pdf, claiming that the links no longer function. She receives your email, clicks on the links, and her computer becomes infected. You can now connect to the company network.
Which of the following is an example of Whois, Nslookup, and ARIN?
Network footprinting tools
As it means that packet filters cannot tell whether a connection was started inside or outside the organization, which of the following firewall limitations is a critical vulnerability?
Inability to detect the keep the state status.
A list of resolved vulnerabilities is included by which of the following?
Security vulnerability summary
What method of dealing with risk is the organization using in the case that the organization determines that the risk of collecting personal data from its customers is not acceptable and stops during a risk assessment?
To generate excessive amounts of spam e-mail, which of the following types of injections can be injected into conversations between an application and a server?
The best explanation that why brute force attacks are always successful is which of the following?
They test every possible valid combination.
Which of the following scoring systems could you use in the case that you as an ethical hacker are looking for a way to organize and prioritize vulnerabilities that were discovered in your work?
Which one of the following approaches would be a satisfactory implementation of multifactor authentication in the case that Gary’s firm recognized that they are not currently using multifactor authentication for remote users after a recent penetration test?
Passwords combined with smartcards
Which of the following processes is Rudy using in the case: Rudy is examining malware detected during a pentest. He's taken a snapshot of the test machine and is about to launch the malware. He will then take a snapshot and monitor various components such as ports, processes, event logs, and others for any changes.
Host integrity monitoring
Which of the following describes what Alan expects to see in the inventory in the caseAlan, an ethical hacker, roots or jailbreaks a cellphone. He double-checks the inventory data supplied by the mobile device management (MDM) software that controls the mobile device.
The inventory will show the device as vulnerable.
Which law will help Charles protect his work if he found a song he wrote being used without his permission in a video on YouTube?