Sophos mobile security features include choose all that apply

CEH Study

Question 1 (1 point)

Which two of the following are among the major 5 actors of the NIST Cloud Computing Reference Architecture?

Question 1 options:

Cloud Auditor

CloudShareOne

Cloud Broker

Cloud Database

Question 2 (1 point)

What is the block (word) size used by SHA-512 algorithm?

Question 2 options:

128-bit

64-bit

32-bit

256-bit

Question 3 (1 point)

Which of the following can be utilized as traceroute tool?

Question 3 options:

nslookup

TTL (Time to Live)

Path Analyzer Pro

pingpath

Question 4 (1 point)

What is a network of many hacked smartphones called?

Question 4 options:

phone_net

botnet

4g-hacked

3gees

Which version of the Linux kernal does Android rely upon?

Question 5 options:

2.6

3.0

3.10

3.6

Question 6 (1 point)

The Autorun feature of Removable Disks and CD Drives can be a threat to network Security.

What is the best course of action to remove Autorun for Removable Disks and CD Drives in

Windows?

Question 6 options:

Tape the USB ports

Provide Users without Administrative Rights

Use Group Policy

Remove the CD-ROM Drive from the System

Question 7 (1 point)

According to the text, the three different types of Virtualization include:

Question 7 options:

SAN Virtualization

Network Virtualization

Storage Virtualization

Server Virtualization

Question 8 (1 point)

Among all smartphones, which is most likely to be hacked? (choose all that apply)

Question 8 options:

Blackberry

Windows Phone

iPhone

Android

Question 9 (1 point)

Some of the Infrastructure as a service vendors include: (choose all that apply)

Question 9 options:

Windows SkyDrive

Amazon EC2

Go Grid

Sungrid

Question 10 (1 point)

The psexec utility can be utilized to perform which of the following actions?

Question 10 options:

Get System Information

List Processes

Launch an Interactive Command Session

Show open files

Question 11 (1 point)

Which of the following are Mobile Network Based Attacks? (choose all that apply)

Question 11 options:

Man-in-the-Middle Attacks

Rogue Access Points

Packet Sniffing

SSL Strip

Question 12 (1 point)

The Management Information Base (MIB) includes which of the following?

(choose all that apply)

Question 12 options:

Scalar and Tabular Objects

File and Folder Permissions

OID Numbers

User Accounts

Question 13 (1 point)

Which of the following applies to an SSID? (choose all that apply)

Question 13 options:

Will be encrypted in WEP or WPA/WPA2 is utilized

Is part of the frame header

Is Case Sensitive

Can be up to 32 characters

Question 14 (1 point)

Which of the following are app stores? (choose all that apply)

Question 14 options:

ITunes Store

Fanddago

Google Play

BlackBerry App World

Question 15 (1 point)

Which Cloud Deployment model is a multi-tenant infrastructure shared among

organizations with common characteristics?

Question 15 options:

Private Cloud

Hybrid Cloud

Public Cloud

Community Cloud

Question 16 (1 point)

Question 16 options:

Disable File and Print Sharing

Block ICMP so the host cannot be detected

Use TCP Wrappers

Turn on the Windows Firewal

Question 17 (1 point)

A lack of vetting of apps can lead to which two of the following results?

Question 17 options:

rooting

Malicious apps

jail-breaking

fake apps

According to your text, which of the following are ways to detect an Intrusion with

an (IDS)? (choose all that apply)

Choose all that apply

Question 18 options:

Anti-Virus Alerts

Anomaly Detection

Protocol Anomaly Detection

Signature Detection

Which of the following firewall architectures is designed to host servers that

offer

public services?

Question 19 options:

Screened host

Bastion Host

Screened subnet

Screened

Question 20 (1 point)

Black hat hackers are:

Question 20 options:

Individuals who work both offensively and defensively at various times

Individuals who aim to bring down critical infrastructure for a cause

and are not worried about jail

Individuals professing hacker skills and using them for defensive

purposees, or security analysts

Individuals with extraordinary computing skills, resorting to malicious

or destructive activities

Question 21 (1 point)

Identify the Nmap Scan method that is often referred to as half open scan:

Question 21 options:

SYN Stealth

Half open

Windows Scan

ACK Scan

Question 22 (1 point)

According to the text, a major Denial of Service Attack caused major

problems for ___.

Question 22 options:

DALnet IRC Network

Target

The Department of Defense

780th Military Intelligence Brigade

Question 23 (1 point)

Which of the following Management Information Base (MIB) files contains

information about server services?

Question 23 options:

LNMIB2.MIB

HOSTMIB.MIB

WINS.MIB

DCHP.MIB

Question 24 (1 point)

According to the text, which of the following is a form of MITM Attack?

Question 24 options:

Packet Sniffing

Checksum Evasion

API Hooking

SSL Strip

Question 25 (1 point)

Of the following options, which are virtualization vendors? (

choose all that apply)

Question 25 options:

Microsoft

VMware vSphere

VMware vCloud Suite

Virtual Box

Question 26 (1 point)

Which password cracking technique will the attacker use if she gets

some information about the password to crack?

Question 26 options:

Denial of Service Attack

Distributed Network Attack (DNA)

Rule-based Attack

Syllable Attack

Question 27 (1 point)

Which of the following are signs of file system intrusion?

(choose all that apply)

Question 27 options:

Connection Requests

Double Extensions

Rogue SUID Entries

Reduced Bandwidth

Question 28 (1 point)

According to OWASP, strong encryption channels, such as which of the following should be used? (choose all that apply)

Question 28 options:

RC4

DES

3DES

AES

Question 29 (1 point)

Which of the following are risks of rooting? (choose all that apply)

Question 29 options:

voiding the warranty

malware

bricking

poor performance

Question 30 (1 point)

Buffer overflow attacks allow an attacker to modify the ___________ in order to control the process execution, .

Question 30 options:

Target process's address space

Target remote access

Target rainbow table

Target SAM file

Question 31 (1 point)

According to the text, by 2018, what percentage of enterprises will specify Wi-Fi as the default connection?

Question 31 options:

25%

75%

40%

60%

Question 32 (1 point)

Identify the attack which forces an unsuspecting user's browser to send malicious requests they did not intend.

Question 32 options:

SQL injection attack

LDAP Injection attack

Cross-Site Request Forgery (CSRF)

Cross-Site Scripting (XSS)

Question 33 (1 point)

Which of the following is an antenna based on the principal of a satellite dish and can pick up Wi-Fi signals from 10 miles away?

Question 33 options:

Parabolic

Yagi

Dipole

Omni Directional

Question 34 (1 point)

You should place your Intrusion Detection System (IDS) in this location on the network (choose all that apply):

Question 34 options:

DMZ

Outside the Firewall

At the ISP Location

Inside the Firewall

Question 35 (1 point)

Permutation Scanning involves which of the following?

Question 35 options:

Using a psudorandom function

Looking for new vulnerable machines on the local subnet

Collecting a list of possibly vulnerable machines

Using information from infected machines

Question 36 (1 point)

What are some of the limitations of Cloud Computing services? (choose all that apply)

Question 36 options:

Inflexible

Storage Limits

Control Limits

Contracts

Question 37 (1 point)

Which wireless standard has bandwidth up to 54 Mbps and signals in a regulated frequency spectrum around 5 GHz?

Question 37 options:

802.11a

802.11b

802.11g

802.11i

Question 38 (1 point)

It was well publicized that BlackShades Net was used as an attack tool against:

Question 38 options:

RSA

Syrain Political Activists

Sony Pictures

Target

Question 39 (1 point)

Which Cloud Consumer model includes storage, service management, and content delivery?

Question 39 options:

IaaS

SAN

SaaS

PaaS

Question 40 (1 point)

What were the two dominant attack strategies identified in Symantec's Threat Report?

Question 40 options:

Advanced Persistent Threats

Broader Strokes

Focused Attack

Distributed Denial of Service

Question 41 (1 point)

SYN flooding takes advantage of which of the following? (choose all that apply)

Question 41 options:

A flaw in how the three-way handshake can be implemented

A flaw in some firewalls which do not restrict ICMP traffic by default

Not replying to SYN/ACKs

Holding the incomplete connection for a period up to one second

Question 42 (1 point)

Which of the following is a tool that can be used to check for modified or trojanzied files?

Question 42 options:

chkdsk

scandisk

fsck

tripwire

Question 43 (1 point)

The advantages of a using a Community Cloud Deployment include which of the following? (choose all that apply)

Question 43 options:

High Security

Clear Legal Entity

Compliance to Regulations

Shared Resources

Question 44 (1 point)

Which of the following sentences is true about a proxy?

Question 44 options:

Cannot be used to filter out unwanted content

Allows attacker to view the desktop of users system

Protects the local network from outside access

Does not allow the connection of a number of computers to the Internet when having

only one IP

Question 45 (1 point)

Which of the following Windows Utilities can be utilized to enumerate hosts?

Question 45 options:

net stop

net view

net Use

net start

Question 46 (1 point)

Which of the following is the 3D Graphics Library of Android?

Question 46 options:

OpenGL

SSL

Media Framework

SGL

Question 47 (1 point)

Which of the following applies to an Intrusion Detection System (IDS)? (choose all that apply)

Question 47 options:

Monitors outbound traffic

Monitors inbound traffic

Will perform actions to stop the attacker in their tracks

Signals an alarm

Question 48 (1 point)

What is the size of WEP initialization vector (IV)?

Question 48 options:

8-bit

16-bit

24-bit

32-bit

Question 49 (1 point)

low? (choose all that apply)

Question 49 options:

removing bloatware

Low level access to hardware

tethering

deleting system files

Question 50 (1 point)

If you want to mask (or spoof) your IP Address, what type of scan should you use?

Question 50 options:

IDLE, IPID Scan

ACK Flag Probe Scan

Stealth Scan

UDP Scan

Question 51 (1 point)

An organization can implement this Cloud Deployment model within the corporate firewall.

Question 51 options:

Public Cloud

Hybrid Cloud

Community Cloud

Private Cloud

Question 52 (1 point)

Which of the following is true about the 802.11i standard?

Question 52 options:

It operates at both 2.4 GHZ and 5 GHZ

It defines WPA-2 Enterprise and Personal

It operates at 5 GHZ only

It operates at 2.4 GHZ only

Question 53 (1 point)

Which two of the following are included in Android Runtime?

Question 53 options:

core libraries

Dalvik Virtual Machine

Flash memory driver

Bind IPC driver

Question 54 (1 point)

Which modes on Bluetooth devices at greater risk? (choose all that apply)

Question 54 options:

monitor

promiscuous

open

discovery

Question 55 (1 point)

Which of the following is an example of a Trojan that can be utilized for Website Defacement?

Question 55 options:

Restorator

HTTrack

CrimePack

WGET

Question 56 (1 point)

Which rootkit modifies the boot sequence to load themselves instead of the original virtual machine monitor?

Question 56 options:

Library level rootkits

Hypervisor level rootkit

Boot loader level rootkit

Kernel level rootkit

Question 57 (1 point)

Central Source propagation commonly utilized what two protocols?

Question 57 options:

TFTP

FTP

RDP

RPC

Question 58 (1 point)

What happens when the CAM table is full?

Question 58 options:

It does not affect the switch functioning

Additional ARP request traffic will not be forwarded to any port on the switch

Additional ARP request traffic will flood every port on the switch

The switch will stop functioning and get disconnected from network

Question 59 (1 point)

Which of the following companies offer Cloud Computing services? (choose all that apply)

Question 59 options:

Facebook

Salesforce

Dropbox

Google

Question 60 (1 point)

Which of the following evasion techniques rely on Time-to-Live (TTL) fields of a TCP/IP packet?

Question 60 options:

Denial-of-Service Attack

Obfuscation

Insertion Attack

Unicode Evasion

Question 61 (1 point)

Which of the following conditions shows the presence of a honeypot?

Question 61 options:

Ports show a particular service running and allow a three-way handshake connection

Ports show a particular service running but deny a three-way handshake connection

Scan shows that no scanned port is live on the network

Ports do not show any particular service running

Question 62 (1 point)

What virus modifies the directory table entries so they point to the virus code instead of the actual program?

Question 62 options:

Boot Sector Viruses

Macro Viruses

Cluster Viruses

Encryption Viruses

Question 63 (1 point)

Identify the statement which is true for RC6 algorithm:

Question 63 options:

Is a 64 bit block cipher that uses a key length that can vary between 32 and 448 bits

Is a parameterized algorithm with a variable block size, key size, and a variable number

of rounds

Includes integer multiplication and the use of four 4-bit working registers

Is a variable key-size stream cipher with byte-oriented operations and is based on random

permutation

Question 64 (1 point)

ARP Spoofing involves constructing a large number of forged ARP request and reply packets to overload:

Question 64 options:

Hub

Bridge

Router

Switch

Question 65 (1 point)

Packet filtering firewall works at which of these layers of the OSI model?

Question 65 options:

Physical layer

Application layer

Session layer

Network layer

Question 66 (1 point)

All of the following are true about an SSID except which of the following?

Question 66 options:

Is Case Sensitive

Can be up to 32 characters

Is part of the frame header

Will be encrypted in WEP or WPA/WPA2 is utilized

Question 67 (1 point)

According to your text, which of the following are Cloud Deployment Models? (choose all that apply)

Question 67 options:

Community Cloud

Public Cloud

Hybrid Cloud

Private Cloud

Question 68 (1 point)

Which of the following is true about active stack fingerprinting?

Question 68 options:

Uses sniffing techniques instead of the scanning techniques

Uses password crackers to escalate system privileges

TCP connect scan

Is based on the differential implantation of the stack and the various ways an OS responds

to it

Is based on the fact that various vendors of OS implement the TCP stack differently

Question 69 (1 point)

Which of the following are characteristics of Cloud Computing services? (choose all that apply)

Question 69 options:

Distributed Storage

Virtualization Technology

Measured Services

Resource Pooling

Question 70 (1 point)

According to OWASP, the top ten mobile risks include which two of the following?

Question 70 options:

Bluetooth

Insecure Data Storage

Client Side Injection

WEP and WPA1

Question 71 (1 point)

According to your text, examples of malware include which of the following? (choose all that apply)

Question 71 options:

Botnet

Ransomware

Crypter

Metasploit

Question 72 (1 point)

BlackShades Net can best be described as a:

Question 72 options:

Bot

Wrapper

DDoS Tool

RAT

Question 73 (1 point)

With Cross Site Scripting, attackers can inject malicious ____. (choose all that apply)

Question 73 options:

JavaScript

HTML

VBScript

Flash

Question 74 (1 point)

With this Cloud Deployment model, the provider makes services such as applications, servers, and data storage available.

Question 74 options:

Hybrid Cloud

Community Cloud

Public Cloud

Private Cloud

Question 75 (1 point)

When an attacker is performing a denial of service and a SYN attack is initiated which of the following occurs? (choose all that apply)

Question 75 options:

Sends a large number of ACK packets to the target

Uses a fake source address

Sends a large number SYN requests to the target

Uses the actual source address

Question 76 (1 point)

Which scanning technique will bypass firewall rules, logging mechanism, and hide themselves?

Question 76 options:

TCP connect scanning technique

Xmas scanning technique

Stealth scanning technique

Maintaining Access

FIN scanning technique

Question 77 (1 point)

Which of the following characteristics applies to the Simple Service Discovery Protocol (SSDP)? (choose all that apply)

Question 77 options:

Can be vulnerable to denial of service

Not work behind a firewall

Controls Communication for the Universal Plug and Play Service

Uses multicast addresses

Question 78 (1 point)

Of the following, which two are purposes of malware?

Question 78 options:

Making a Computer Useless

Obtaining Passwords

Remove the Default LAN Route

Disable Networking Functions

Question 79 (1 point)

Which of the following techniques is used to simulate an attack from someone who is unfamiliar with the system?

Question 79 options:

White box pen testing

Grey box pen testing

Maintaining Access

Announced pen testing

Black box pen testing

Question 80 (1 point)

Which version of Wired Equivalent Privacy (WEP) uses a 104-bit key size?

Question 80 options:

152 bit WEP

64 bit WEP

128 bit WEP

256 bit WEP

Question 81 (1 point)

Which of the following are Mobile Physical Based Attacks? (choose all that apply)

Question 81 options:

Jail-Breaking

Carrier Loaded Software

Rooting

No passcode

Question 82 (1 point)

Which of the following uses direct client to client (DCC)?

Question 82 options:

Internet Relay Chat

Internet Browser

File Sharing with Mapped Drives

Email Clients such as Outlook Express

Question 83 (1 point)

Which device in a wireless local area network determines the next network to which a packet should be forwarded?

Question 83 options:

Wireless modem

Antenna

Mobile station

Wireless router

Question 84 (1 point)

Mobile Devices are replacing which of the following devices? (choose all that apply)

Question 84 options:

PDA

GPS

laptop

desktop

Question 85 (1 point)

Which of the following are some of the main functions of an Intrusion Detection System (IDS)? (choose all that apply)

Question 85 options:

Performs packet sniffing

Blocks rule-based traffic

Performs packet analysis

Gathers and analyses information from a network

Question 86 (1 point)

Which of the following scans only works if the operating systems TCP/IP implementation is based on RFC 793?

Question 86 options:

Maintaining Access

IDLE scan

TCP connect scan

NULL scan

FTP bounce scan

Question 87 (1 point)

Which of the following is one of the most reliable forms of TCP scanning?

Question 87 options:

Half-open Scan

XMAS Scan

Connect Scan

Inverse TCP Flag Scan

Question 88 (1 point)

Fake Defender deleted apk files from which two of the following locations?

Question 88 options:

/users/Download

/home/Download

/mnt/external_sd/Download

/mnt/extSdCard/Download

Question 89 (1 point)

Which of the following 802.11 standards uses Orthogonal Frequency Division Multiplexing? (choose all that apply)

Question 89 options:

802.11a

802.11b

802.11g

802.11n

Question 90 (1 point)

Passive sniffing refers to:

Question 90 options:

Sniffing through a hub

Sniffing through a switch

Sniffing through a bridge

Sniffing through a router

Question 91 (1 point)

Which of the following are methods to connect smartphones to a network? (choose all that apply)

Question 91 options:

3G/4G

Wired Connection

Wi-Fi

Bluetooth

Question 92 (1 point)

Which of the following are disadvantages of signature detection? (choose all that apply)

Question 92 options:

False Alerts

Signature Detection

False Positives

Administrative Alerts

Question 93 (1 point)

Which of the following protocols are susceptible to sniffing?

Question 93 options:

FTP

SNMP

NNTP

Telnet

Question 94 (1 point)

Which of the following are SPAM? (choose all that apply)

Question 94 options:

SMS

MMS

TLS

IM

Question 95 (1 point)

Which of the following factors contribute to a successful session hijacking attack?

Question 95 options:

Definite session expiration time

No clear text transmission

Weak session ID generation algorithm

Account lockout for invalid session IDs

Question 96 (1 point)

Which of the following ports does NTP use as its primary means of communication?

Question 96 options:

UDP port 161

UDP port 113

UDP port 320

UDP port 123

Question 97 (1 point)

Which of the following viruses evades the anti-virus software by intercepting its requests to the operating system?

Question 97 options:

Cluster virus

System or boot sector virus

Macro virus

Stealth/Tunneling virus

Question 98 (1 point)

Which of the following Wi-Fi chalking methods refers to drawing symbols in public places to advertise open Wi-Fi?

Question 98 options:

WarFlying

WarWalking

WarChalking

WarDriving

Question 99 (1 point)

According to your text, what are the 3 types of cloud services?

Question 99 options:

Platform as a Service

Infrastructure as a Service

Virtualization as a Service

Software as a Service

Question 100 (1 point)

Which of the following is transmission method of digital data that uses a pseudo random noise spreading code?

Question 100 options:

OFDM

IR

DSSS

FHSS

Question 101 (1 point)

Which of the following steganography techniques embeds a secret message in the frequency domain of a signal?

Question 101 options:

Transform domain techniques

Cover generation techniques

Domain distortion techniques

Spread spectrum techniques

Question 102 (1 point)

Which of the following commands can be used in a UNIX environment to enumerate the shared directories?

Question 102 options:

rpcclient

rpcinfo

finger

Showmount

Question 103 (1 point)

Which of the following are Network Time Protocol (NTP) enumeration commands? (choose all that apply)

Question 103 options:

ntptrace

ntpq

ntpdate

Net time

Question 104 (1 point)

The SMTP Protocol provides 3 built in commands, including which of the following?

Question 104 options:

FINGER

RCPT TO

VRFY

EXPN

Question 105 (1 point)

Temporal keys are changed for every ___________.

Question 105 options:

1,000 packets

5,000 packets

10,000 packets

15,000 packets

Question 106 (1 point)

The MAC Address of an access point is referred to as the ___.

Question 106 options:

BSSID

OFDM

ESSID

SSID

Question 107 (1 point)

According to your text, components of a Cloud Broker include which of the following? (choose all that apply)

Question 107 options:

Service Arbitration

Service Negotiation

Service Intermediation

Service Aggregation

Question 108 (1 point)

Which of the following is a symptom of a DoS attack?

Question 108 options:

Decrease in the amount of spam emails received

Automatic increase in network performance

Automatic increase in network bandwidth

Unavailability of a particular website

Question 109 (1 point)

Which of the following are LDAP enumeration tools? (choose all that apply)

Question 109 options:

Active Directory Explorer

JXplorer

SnScan

LEX

Question 110 (1 point)

Identify the correct statement for a software firewall.

Question 110 options:

Software firewall is placed between the router and the networking components of the

operating system

Software firewall is placed between the desktop and the software components of the

operating system

Software firewall is placed between the normal application and the networking component

s of the operating system

Software firewall is placed between the anti-virus application and the IDS components of

the operating system

Question 111 (1 point)

Which of the following is an antenna used in wireless base stations and provides a 360 degree horizontal radiation pattern?

Question 111 options:

Omnidirectional antenna

Parabolic grid antenna

Yagi antenna

Dipole antenna

Question 112 (1 point)

Signs of Intrusions include which of the following? (choose all that apply)

Question 112 options:

Strange Processes

Slow Performance

System Crashes

Missing Logs

Question 113 (1 point)

According to the text, which of the following will protect by limiting the ability to access resources?

Question 113 options:

Jail Breaking

Android Rooting

app sandboxing

Jail break detection

Question 114 (1 point)

Sophos mobile security features include (choose all that apply)

Question 114 options:

Spam Protection

Loss and Theft Protection

antivirus anti-malware

Privacy Protection and security

Question 115 (1 point)

According to OWASP, which of the following should be applied to transport channels? (choose all that apply)

Question 115 options:

SSL

TLS

WPA2 with AES

WPA

Question 116 (1 point)

According to the text, characteristics of Virtualization in cloud computing technology include which of the following? (choose all that apply)

Question 116 options:

Wireless Capable

Partitioning

Isolation

Encapsulation

Question 117 (1 point)

What does SSL Strip do? (choose all that apply)

Question 117 options:

Remove HTTPS

Force HTTP

Exploit the Server

Exploit the Client Connection

Question 118 (1 point)

Which two of the following are signs of network intrusion? (choose all that apply)

Question 118 options:

Sudden Influx of Data

File Size Modifications

Repeated Service Probes

Missing Files

Question 119 (1 point)

Which of the following below accurately describes Transmission Control Protocol? (choose all that apply)

Question 119 options:

Can terminate a connection

Provides acknowledgment

Supports Retransmission of lost Data

Connection-less oriented protocol

Question 120 (1 point)

Footprining tools will help gather the following information about a target. (choose all that apply)

Question 120 options:

IP Addresses

Host Names

Process Lists

DNS Records

Question 121 (1 point)

Which of the following are types of database attacks? (choose all that apply)

Question 121 options:

HOS Command Execution

Privilege Escalation

Data Dumping

SQL Injection

Question 122 (1 point)

Which of the following techniques practiced by an attacker exploits human behavior to make attacks?

Question 122 options:

Denial of Service

SQL injection

Social Engineering

Buffer overflow

Question 123 (1 point)

Identify the denial-of-service attack that is carried out using a method known as "bricking a system."

Question 123 options:

Bandwidth Attacks

Phlashing

Application Level Flood Attacks

ICMP Flood Attack

Question 124 (1 point)

Which of the following enumeration techniques does an attacker use to obtain list of computers that belongs to a domain?

Question 124 options:

Netbios enumeration

SNMP enumeration

SMTP enumeration

NTP enumeration

Question 125 (1 point)

Which is the best location to place keyloggers?

Question 125 options:

UPS and keyboard

Monitor and keyboard software

Keyboard hardware and the operating system

Operating system and UPS