Professional Documents
Culture Documents
com/doc/34499066/Cehv6-Study-Guide
4. Stephanie is the senior security analyst for her company, a manufacturing com pany in Detroit. Stephanie is
in charge of maintaining network security through out the entire company. A colleague of hers recently told her
in confidence tha t he was able to see confidential corporate information on Stephanie’s external website. He
was typing in URLs randomly on the company website and he found inf ormation that should not be public. Her
friend said this happened about a month ago. Stephanie goes to the addresses he said the pages were at, but
snothing. She is very concerned about this, since someone should be held account able if there really was
sensitive information posted on the website. Where can Stephanie go to see past versions and pages of a
website?
A. Stephanie can go to Archive.org to see past versions of the company website.
*B. She should go to the web page Samspade.org to see web pages that might no lon
ger be on the website.
C. If Stephanie navigates to Search.com; she will see old versions of the compan
y website.
D. AddressPast.com would have any web pages that are no longer hosted on the com
pany’s website.
5. You are the chief information officer for your company, a shipping company ba sed out of Oklahoma City.
You are responsible for network security throughout t he home office and all branch offices. You have
implemented numerous layers of security from logical to physical. As part of your procedures, you perform a ye
arly network assessment which includes vulnerability analysis, internal network scanning, and external
penetration tests. Your main concern currently is the se rver in the DMZ which hosts a number of company
websites. To see how the server appears to external users, you log onto a laptop at a Wi-Fi hotspot. Since you
already know the IP address of the web server, you create a telnet session to t hat server and type in the
command:
HEAD /HTTP/1.0
After typing in this command, you are presented with the following screen:
he finds
8. Jonathan is an IT security consultant working for Innovative Security, an IT auditing company in Houston.
Jonathan has just been hired on to audit the netwo rk of a large law firm in downtown Houston. Jonathan starts
his work by perform ing some initial passive scans and social engineering. He then uses Angry IP to scan for
live hosts on the firm’s network. After finding some live IP addresse s, he attempts some firewalking techniques
to bypass the firewall using ICMP but the firewall blocks this traffic. Jonathan decides to use HPING2 to
hopefully bypass the firewall this time. He types in the following command:
What is Jonathan trying to accomplish by using HPING2?
A. Jonathan is attempting to send spoofed SYN packets to the target via a truste
d third party to port 81. *
B. He is using HPING2 to send FIN packets to 10.0.1.24 over port 81.
C. By using this command for HPING2, Jonathan is attempting to connect to the ho
st at 10.0.1.24 through an SSH shell.
D. This HPING2 command that Jonathan is using will attempt to connect to the 10.
0.1.24 host over HTTP by tunneling through port 81.
9. Hayden is the network security administrator for her company, a large marking firm based in Miami. Hayden
just got back from a security conference in Las Ve gas where they talked about all kinds of old and new
security threats; many of w hich she did not know of. Hayden is worried about the current security state of her
company’s network so she decides to start scanning the network from an exte rnal IP address. To see how
some of the hosts on her network react, she sends o ut SYN packets to an IP range. A number of IPs responds
with a SYN/ACK response . Before the connection is established she sends RST packets to those hosts to stop
the session. She has done this to see how her intrusion detection system w ill log the traffic. What type of scan
is Hayden attempting here?
A. Hayden is using a half-open scan to find live hosts on her network. *
ork.
D. This type of scan she is using is called a NULL scan.
10. Paul is the systems administrator for One-Time International, a computer man ufacturing company. Paul is
in charge of the company’s older PBX system as well as its workstations and servers. The company’s internal
network is connected t o the PBX phone system so that customized software applications used by employee s
can use the PBX to dial out to customers. Paul is concerned about crackers br eaking into his network by way
of the PBX. He is particularly worried about war dialing software that might try all of the company’s numbers to
find a way in. What software utility can Paul use to notify him if any war dialing attempts ar e made on his PBX?
A. Paul can use SandTrap which would notify him if anyone tries to break into th
e PBX.*
B. If Paul uses ToneLoc, he will be notified by the software when and if anyone
tries to crack into the PBX system.
C. THC Scan would be the best software program for Paul to use if he wants to be
notified of war dialer attacks.
D. Paul needs to use Roadkil’s Detector software to tell if a hacker is trying t
o break into his phone system
11. You are the chief security information analyst for your company Utilize Inco rporated. You are currently
preparing for a future security audit that will be performed by a consulting company. This security audit is
required by company p olicy. To prepare, you are performing vulnerability analysis, scanning, brute f orce, and
many other techniques. Your network is comprised of Windows as well a s Linux servers. From one of the
client computers running Linux, you open a com mand shell and type in the following command:
What are you trying to accomplish?
A. You are attempting to establish a null session on the 192.168.2.121 host. *
B. You are trying to connect to this host at the IPC share using the currently l
ogged on user’s credentials.
C. By typing in this command, you are attempting to connect to the SMB share on
the host using an Anonymous connection.
D. You are trying to connect to the localhost share of the client computer.
12. Lauren is a network security officer for her agency, a large state-run agenc y in California. Lauren has been
asked by the IT manager of another state agenc y to perform a security audit on their network. This audit she
has been asked t o perform will be an external audit. The IT manager thought that Lauren would b e a great
candidate for this task since she does not work for the other agency b ut is an accomplished IT auditor. The
first task that she has been asked to per form is to attempt to crack user passwords. Since Lauren knows that
all state a gency passwords must abide by the same password policy, she believes she can fin ish this
particular task quickly. What would be the best password attack method for Lauren to use in this situation?
A. Lauren should use a rule-based attack on the agency’s user passwords. *
B. Lauren can produce the best and fastest results if she uses a dictionary atta
ck.
C. A hyberfil-based password attack would be the best method of password crackin
g in this scenario.
mirroring on the internal-facing p ort of that office’s firewall. On this port, he uses Wireshark to capture traff ic.
Alarmingly, he finds a huge number of UDP packets going both directions on ports 2140 and 3150. What is
most likely occurring here?
A. A client inside the network has been infected with the Deep Throat Trojan. *
B. This type of traffic is indicative of the Netbus Trojan.
C. Most likely, a computer inside the network is infected with the SQL Slammer w
orm.
D. Seeing traffic on UDP ports 2140 and 3150 means that a computer is infected w
ith the Bobax Trojan
14. Tyler is the senior security officer for WayUP Enterprises, an online retail company based out of Los Angeles.
Tyler is currently performing a network secu rity audit for the entire company. After seeing some odd traffic on
the firewal l going outbound to an IP address found to be in North Korea, Tyler decides to l ook further. Tyler
traces the traffic back to the originating IP inside the net work; which he finds to be a client running Windows
XP. Tyler logs onto this cl ient computer and types in the following command:
B. He is trying to see all UDP traffic between client1 and client29 only.
C. This command will capture all traffic on the internal network except for traf
fic originating from client1 and client29.
D. Miles will be able to capture all traffic on the network originating from cli
ent1 and client29 except UDP traffic.
17. Neil is an IT security consultant working on contract for Davidson Avionics.
Neil has been hired to audit the network of Davidson Avionics. He has been gi
ven permission to perform any tests necessary. Neil has created a fake company
ID badge and uniform. Neil waits by one of the company’s entrance doors and fol
lows an employee into the office after they use their valid access card to gain
entrance. What type of social engineering attack has Neil employed here?
A. Neil has used a tailgating social engineering attack to gain access to the of
fices. *
B. He has used a piggybacking technique to gain unauthorized access.
C. This type of social engineering attack is called man trapping.
D. Neil is using the technique of reverse social engineering to gain access to t
he offices of Davidson Avionics
18. Xavier is a network security specialist working for a federal agency in Wash ington DC. Xavier is
responsible for maintaining agency security policies, teac hing security awareness classes, and monitoring the
overall health of the networ k. One of Xavier’s coworkers receives a help desk call from a user who is havin g
issues navigating to certain sites on the Internet. Xavier’s coworker cannot figure out the issue so he hands it
off to Xavier. He logs on to the user’s com puter and goes to a couple of websites the user said were having
issues. When X avier types in www.Google.com, it takes him to Boogle.com instead. When Xavier types in
Yahoo.com, it takes him to Yahooo.com instead. Xavier checks all the I P settings on the computer which are
static and they appear to be correct. Xavi er checks the local DNS settings as well as the DNS settings on the
server and t hey are correct. Xavier opens a command window and types in: ipconfig /flushdn s. When he
navigates to the previous sites, he is still directed to the wrong o nes. What issue is Xavier seeing here on the
client computer?
A. This client computer has had the hosts file poisoned. *
B. From this behavior, it is evident that the client computer’s DNS cache has be
en poisoned.
C. Xavier is seeing a computer that has been infected with an IRC bot Trojan.
D. This computer has obviously been hit by a Smurf attack.
19. Javier is a network security consultant working on contract for a state agen cy in Texas. Javier has been
asked to test the agency’s network security from e very possible aspect. Javier decides to use the Reaper
Exploit virus to see if he can exploit any weaknesses in the company’s email. He infects a couple of co mputers
with the virus and waits for the users of those machines to use their em ail client. After a short amount of time,
he receives numerous emails that were
http://www.scribd.com/doc/34499066/Cehv6-Study-Guide