EC Council Certification and Training - Information seucirty Training Provider in Malaysia & Australia

Search...

Friday, May 24th

Home
About Us
About Us
Our Mission
FAQ
Organizations Trained
Career with Us

IT Security Trainer
Corporate Training Executive
Marketing Executive
Certification
EC-Council Certification Path
Certified Ethical Hacker (CEH)

Path
FAQ
Exam Info

Computer Hacking Forensic Investigator (CHFI)

Path

EC-Council Certified Security Analyst (ECSA)

Path

Licensed Penetration Tester (LPT)

Path
FAQ
Testimonials
Audited Logos

EC-Council Network Security Administrator (ENSA)
EC-Council VoIP Professional (ECVP)

Path

EC-Council Disaster Recovery Professional (EDRP)

Path

EC-Council Certified Secure Programmer (ECSP)

Path

EC-Council Certified Incident Handler (ECIH)
EC-Council Certified Security Specialist (ECSS)
Certified Secure Computer User (CSCU)
Network 5
Project Management in IT Security
Customer Relationship Management
Project Management
Master of Security Science (MSS)
Schedule
Partnership
Corporate Partnership

Accredited Training Centers

Hong Kong
Laos
Australia
Brunei
Malaysia
Philippines
Singapore
Sri Lanka
Taiwan
Vietnam
Myanmar

Unauthorized Training Providers

Academia Partnership

Features and Benefits
Becoming New Partner
Accredited Academic Training Centers

Australia
Malaysia
Singapore
Taiwan
Thailand
Vietnam
Resource
IT Jokes
Security News
HackerJournals Whitepapers
HackerJournals Central
HackerJournals Tools
HackerJournals Video
HackerJournals Blogs
HackerJournals Vulnerabilities
HackerJournals Newspaper
CEH Blog
Global Job Board
Media Centre
Media Release

2011
2012

News Clipping

2011
2012
2013
Contact
Login
Partner Login

Partner Portal

ECA-Member Login

ECA-Member Portal

Information Security Assessment

Full Name

Contact Number

Designation

Company

Remarks

Question 1:

Which of the following is the best example of a strong password?

A. Dad1969 B. pa44w0rd C. PeteR%0ffic3 D. good2go

Question 2:

What should you do if you receive a call from someone in your computer support department asking for your password?

A. Send the password via e-mail to ensure you're giving it to the right person B. Inform them that there is no reason they should need your password and refuse to give it to them C. Give it to them without question D. Ask them why they need the password. If the reason sounds legitimate, go ahead and give it to them

Question 3:

Authentication is the process of determining the user's identity. In private and public computer networks, authentication is commonly done through the use of login IDs and passwords. Digest authentication is one of the authentication mechanisms.
Following is true about Digest authentication

A. It uses a negotiation process to decide on the level of security to be used B. It is based on the challenge-response authentication model C. It is a basic form of authentication available to web applications D. It uses public key cryptography and a digital certificate to authenticate a user

Question 4:

Which of the following is NOT a sound strategy when formulating IT organizational objectives and considerations?

A. Selection of a service provider for wireless connectivity should factor in the carrier's ability to provide protection and the steps it has taken to secure its own networks B. Wireless capability should not be built onto an already vulnerable wired infrastructure environment C. To maximize return on investment, enterprises should focus only on short-term gains, needs, and technologies

Question 5:

Physical security describes measures that prevent or deter attackers from accessing a facility, resource, or information stored on physical media. Mantrap is one such security measure that helps in deterring the threats related to physical security.
Mantrap:

A. is the area where the majority of employees work B. consists of two separate doors with an airlock in between C. is an integrated application of a number of electronic security systems D. is an art of unlocking a lock without the use of its key

Question 6:

Firewall is a set of related programs, located at a network gateway server that protects the resources of a private network from users from other networks. A firewall examines all traffic routed between the two networks to see if it meets certain criteria.
Packet filter is one of the categories of firewall.
Packet filtering firewall:

A. works at the application layer of the OSI model B. works at the network level of the OSI model C. works at the session layer of the OSI model D. works at the physical layer of the OSI model

Question 7:

May 16 22:46:08 victim-host inetd[600]: /usr/lib/fs/cachefs/cachefsd: Segmentation Fault - core dumped
May 16 22:46:21 victim-host last message repeated 7 times
May 16 22:46:22 victim-host inetd[600]: /usr/lib/fs/cachefs/cachefsd: Bus Error - core dumped
May 16 22:46:24 victim-host inetd[600]: /usr/lib/fs/cachefs/cachefsd: Segmentation Fault - core dumped
May 16 22:46:56 victim-host inetd[600]: /usr/lib/fs/cachefs/cachefsd: Bus Error - core dumped
May 16 22:46:59 victim-host last message repeated 1 time
May 16 22:47:02 victim-host inetd[600]: /usr/lib/fs/cachefs/cachefsd: Segmentation Fault - core dumped
May 16 22:47:07 victim-host last message repeated 3 times
May 16 22:47:09 victim-host inetd[600]: /usr/lib/fs/cachefs/cachefsd: Hangup
May 16 22:47:11 victim-host inetd[600]: /usr/lib/fs/cachefs/cachefsd: Segmentation Fault - core dumped

Identify the Operating System used by the victim-host:

A. Solaris B. Windows NT C. Windows 2000 D. Linux

Question 8:

Following your company's security standards and policies is even more important when you're working away from the office.

Which of the following represent good telephone security practices? (Choose 3 answers)

A. Never use the speakerphone B. Never write your PIN on your calling card C. Never discuss confidential information over the telephone in public areas D. Never transfer your telephone calls to people you don't know

Question 9:

The first wireless standard was 802.11. The following is true about the 802.11a standard:

A. It operates at 20mhz, in the 2.4Ghz range B. The actual transmission rate averages 24.7mbps C. It works at 40mhz, in the 5ghz range D. It can transmit up to 8km in the city

Question 10:

Which of the following statements is NOT true regarding the current state of security threats on wireless devices?

A. Palm OS viruses and trojans first appeared in September 2000 B. No known viruses, trojans, worms, or malicious threats have targeted any Pocket PC, Palm OS, or Symbian OS wireless devices C. GPRS, WLAN 802.11, Bluetooth, and CDMA are different wireless networking technologies that can provide a transport mechanism spreading malicious content D. Short Message Service (SMS) delivered system command based exploits have been seen on mobile phones

Question 11:

An attack is defined as an assault on system security that derives from an intelligent threat. An attack is any action that violates security.
Protocol Exploit attack falls under which category of attacks?

A. SQL Injection B. Distributed Denial of Service C. Virus D. Denial of Service E. Buffer Overflow

Question 12:

Vulnerability scanning is the automated process of proactively identifying vulnerabilities of computing systems present in a network. Which of the below given tools are used for vulnerability scanning:

A. THC scan B. Nmap C. Qualys D. Pof E. Strobe

Question 13:

Reflected DoS attacks exploit the TCP three-way handshake vulnerability. The attacking machines send out huge volumes of SYN packets but with the IP source address pointing to the target machine. One of the countermeasures to prevent reflected DoS attack is to block ___________

A. Port 225 B. Port 135 C. Port 80 D. Port 179

Question 14:

Trojans are basically malicious, security-breaking programs, which cause considerable damage to both the hardware and software contents of a system. W32.Ranky.FW is a new Trojan discovered in the wild. To which class of Trojan does it belong to?

A. Data Sending Trojan B. Remote access Trojan C. Proxy Trojan D. FTP Trojan E. Firewall Trojan

Question 15:

In an attempt to protect cookies, site developers often encode the cookies. Easily reversible encoding methods such as Base64 and ROT13 (rotating the letters of the alphabet 13 characters) give many a false sense of security regarding the use of cookies. The following is true about Cookie Snooping:

A. An attack exposes the directory structure of the application, and often the underlying web server and operating system B. Cookie snooping techniques can use a local proxy to enumerate cookies C. It uses SQL to directly manipulate database data D. It is a buffer overflow attack

Question 16:

__________ in a DNS record indicates authority for the domain

A. SRV B. SOA C. DOA D. AOD

Question 17:

________ is an 802.11b protocol analyzer/sniffer written in Java

A. Airmagnet v1.2 B. Mognet C. Windump D. Drifnet

Question 18:

The user is at high risk while receiving files via instant messengers, no matter who it's from or where it's from. Since there is no file checking utility bundled with the instant messengers, there is always a risk of infection by a Trojan. Identify the Trojan which disguises as MSN Messenger:

A. Backdoor.Tricker B. Backdoor.Ranky.X C. W32.Darjen D. Trojan.Sinkin

Question 19:

A denial of service attack (DoS) is an attack through which a person can render a system unusable, or significantly slow it down for legitimate users, by overloading its resources.
Which of the following tool is a DoS exploit that can be run against Windows 2000 machines.

A. Shaft B. Bubonic.c C. Tribal Flood Network D. Trinoo

Question 20:

Following are the protocols that are susceptible to sniffing.
Select the correct one. You can choose more than one option.

A. FTP B. SNMP C. NNTP D. All of the above E. Telnet

Enter the code

Reset user setting
TOP