CEH/PEN - Practice Exam_3 Flashcards
Nmap scan that executes an XMAS scan every 15 seconds
-sX -sneaky
Type of rootkit that will patch, hook, or replace the version of system call in order to hide information
Library level rootkits
IPSEC uses which two modes
AH/ESP
Firewall with multiple network interfaces
Multihomed firewall
Bluejacking is an attack that does what?
Send unsolicited message
Honeypot detection tool
Sobek
Ways in which an IDS detect intrusion attempts
Signature detection
Anomaly detection
What is the length of the IPv6 datagram header?
40 bytes
In the IPv6 header, the traffic class field is similar to which field in the IPv4 header?
TOS field
Programs that can be used to provide unexpected or random inputs to computer programs are referred to as:
fuzzing
In wireshark, the packet bytes pane shows the data of the current packet in which of the following format sytles?
Hex Dump
Penetration testers hide Metasploit shellcode to evade Windows Defender by using which of the following Metasploit framework tools?
Msfencode
What two security issues are related to containers as compared to VMS
- Open network traffic across services
- Sharing the OS Kernel
Within Microsoft Windows NT, which Security Identifier (SID) represents the administrator account
S-1-5- and end with -500
(inherent risk) - (impact of risk controls) = ?
Residual risk
Vulnerability mapping occurs after which phase of a penetration test
Analysis of host scanning
How would you describe an attacker’s attempts to deliver the payload over multiple packets for an extended period of time?
Session splicing
What tactics are used in social engineering attacks
Reciprocity
Social Validation
Authority