New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

CEH v11 312-50v11 ECCouncil Study Notes

Page: 10 / 20
Total 528 questions

Certified Ethical Hacker Exam (CEH v11) Questions and Answers

Question 37

While examining audit logs, you discover that people are able to telnet into the SMTP server on port 25. You would like to block this, though you do not see any evidence of an attack or other wrong doing. However, you are concerned about affecting the normal functionality of the email server. From the following options choose how best you can achieve this objective?

Options:

A.

Block port 25 at the firewall.

B.

Shut off the SMTP service on the server.

C.

Force all connections to use a username and password.

D.

Switch from Windows Exchange to UNIX Sendmail.

E.

None of the above.

Question 38

Identify the web application attack where the attackers exploit vulnerabilities in dynamically generated web pages to inject client-side script into web pages viewed by other users.

Options:

A.

LDAP Injection attack

B.

Cross-Site Scripting (XSS)

C.

SQL injection attack

D.

Cross-Site Request Forgery (CSRF)

Question 39

An attacker has installed a RAT on a host. The attacker wants to ensure that when a user attempts to go to " ", the user is directed to a phishing site.

Which file does the attacker need to modify?

Options:

A.

Boot.ini

B.

Sudoers

C.

Networks

D.

Hosts

Question 40

Ben purchased a new smartphone and received some updates on it through the OTA method. He received two messages: one with a PIN from the network operator and another asking him to enter the PIN received from the operator. As soon as he entered the PIN, the smartphone started functioning in an abnormal manner. What is the type of attack performed on Ben in the above scenario?

Options:

A.

Advanced SMS phishing

B.

Bypass SSL pinning

C.

Phishing

D.

Tap 'n ghost attack

Page: 10 / 20
Total 528 questions