PrepAway - Latest Free Exam Questions & Answers

Category: 312-50 (CEH v7)

Exam 312-50 (CEH v7): Certified Ethical Hacker (CEH v7)

Which of the following statement is incorrect related to this attack?

In this attack, a victim receives an e-mail claiming from PayPal stating that their account has been disabled and confirmation is required before activation. The attackers then scam to collect not one but two credit card numbers, ATM PIN number and other personal details.

Ignorant users usually fall prey to this scam. Which of the following statement is incorrect related to this attack?

How would you verify if a website is authentic or not?

An Attacker creates a zuckerjournals.com website by copying and mirroring HACKERJOURNALS.COM site to spread the news that Hollywood actor Jason Jenkins died in a car accident. The attacker then submits his fake site for indexing in major search engines. When users search for "Jason Jenkins", attacker’s fake site shows up and dupes victims by the fake news.
(exhibit)

This is another great example that some people do not know what URL’s are. Real website:

Fake website: http://www.zuckerjournals.com

The website is clearly not WWW.HACKERJOURNALS.COM. It is obvious for many, but unfortunately some people still do not know what an URL is. It’s the address that you enter into the address bar at the top your browser and this is clearly not legit site, its www.zuckerjournals.com

How would you verify if a website is authentic or not?

Why?

One of the ways to map a targeted network for live hosts is by sending an ICMP ECHO request to the broadcast or the network address. The request would be broadcasted to all hosts on the targeted network. The live hosts will send an ICMP ECHO Reply to the attacker’s source IP address.

You send a ping request to the broadcast address 192.168.5.255.
(exhibit)

There are 40 computers up and running on the target network. Only 13 hosts send a reply while others do not. Why?

What defensive measures will you take to protect your network from these attacks?

Finding tools to run dictionary and brute forcing attacks against FTP and Web servers is an easy task for hackers. They use tools such as arhontus or brutus to break into remote servers.

A command such as this, will attack a given 10.0.0.34 FTP and Telnet servers simultaneously with a list of passwords and a single login name: linksys. Many FTP-specific password-guessing tools are also available from major security sites.

What defensive measures will you take to protect your network from these attacks?


Page 3 of 2612345...1020...Last »