312-50 Free Practice Test

- (Topic 19)
SSL has been seen as the solution to several common security problems. Administrators will often make use of SSL to encrypt communication from point A to point B. Why do you think this could be a bad idea if there is an Intrusion Detection System deployed to monitor the traffic between point A and B?

1. A. SSL is redundant if you already have IDS in place.
2. B. SSL will trigger rules at regular interval and force the administrator to turn them off.
3. C. SSL will slow down the IDS while it is breaking the encryption to see the packet content.
4. D. SSL will mask the content of the packet and Intrusion Detection System will be blinded.

Correct Answer: D
Because the traffic is encrypted, an IDS cannot understand it or evaluate the payload.

- (Topic 4)
Under what conditions does a secondary name server request a zone transfer from a primary name server?

1. A. When a primary SOA is higher that a secondary SOA
2. B. When a secondary SOA is higher that a primary SOA
3. C. When a primary name server has had its service restarted
4. D. When a secondary name server has had its service restarted
5. E. When the TTL falls to zero

Correct Answer: A
Understanding DNS is critical to meeting the requirements of the CEH. When the serial number that is within the SOA record of the primary server is higher than the Serial number within the SOA record of the secondary DNS server, a zone transfer will take place.

- (Topic 3)
War dialing is a very old attack and depicted in movies that were made years ago. Why would a modem security tester consider using such an old technique?

1. A. It is cool, and if it works in the movies it must work in real life.
2. B. It allows circumvention of protection mechanisms by being on the internal network.
3. C. It allows circumvention of the company PBX.
4. D. A good security tester would not use such a derelict technique.

Correct Answer: B
If you are lucky and find a modem that answers and is connected to the target network, it usually is less protected (as only employees are supposed to know of its existence) and once connected you don’t need to take evasive actions towards any firewalls or IDS.

- (Topic 23)
If you receive a RST packet while doing an ACK scan, it indicates that the port is open.(True/False).

1. A. True
2. B. False

Correct Answer: A
When and ACK is sent to an open port, a RST is returned.

- (Topic 23)
Which type of password cracking technique works like dictionary attack but adds some numbers and symbols to the words from the dictionary and tries to crack the password?

1. A. Dictionary attack
2. B. Brute forcing attack
3. C. Hybrid attack
4. D. Syllable attack
5. E. Rule-based attack

Correct Answer: C