CEH-001 Practice Questions

WPA2 uses AES for wireless data encryption at which of the following encryption levels?

A Network Administrator was recently promoted to Chief Security Officer at a local university. One of employee's new responsibilities is to manage the implementation of an RFID card access system to a new server room on campus. The server room will house student enrollment information that is securely backed up to an off-site location.

During a meeting with an outside consultant, the Chief Security Officer explains that he is concerned that the existing security controls have not been designed properly. Currently, the Network Administrator is responsible for approving and issuing RFID card access to the server room, as well as reviewing the electronic access logs on a weekly basis.

Which of the following is an issue with the situation?

An NMAP scan of a server shows port 69 is open. What risk could this pose?

A tester has been hired to do a web application security test. The tester notices that the site is dynamic and must make use of a back end database.

In order for the tester to see if SQL injection is possible, what is the first character that the tester should use to attempt breaking a valid SQL request?

The Open Web Application Security Project (OWASP) testing methodology addresses the need to secure web applications by providing which one of the following services?

Which of the following open source tools would be the best choice to scan a network for potential targets?

What is the best defense against privilege escalation vulnerability?

A hacker is attempting to see which ports have been left open on a network. Which NMAP switch would the hacker use?

What are the three types of compliance that the Open Source Security Testing Methodology Manual (OSSTMM) recognizes?

What are common signs that a system has been compromised or hacked? (Choose three.)