- Email support@dumps4free.com
Topic 1, Introduction to Ethical Hacking
Who is an Ethical Hacker?
A.
A person who hacks for ethical reasons
B.
A person who hacks for an ethical cause
C.
A person who hacks for defensive purposes
D.
A person who hacks for offensive purposes
A person who hacks for defensive purposes
Explanation: The Ethical hacker is a security professional who applies his hacking skills
for defensive purposes.
Which of the following activities would not be considered passive footprinting?
A.
Search on financial site such as Yahoo Financial
B.
Perform multiple queries through a search engine
C.
Scan the range of IP address found in their DNS database
D.
Go through the rubbish to find out any information that might have been discarded
Scan the range of IP address found in their DNS database
Explanation: Passive footprinting is a method in which the attacker never makes contact
with the target. Scanning the targets IP addresses can be logged at the target and
therefore contact has been made.
System Administrators sometimes post questions to newsgroups when they run into
technical challenges. As an ethical hacker, you could use the information in
newsgroup posting to glean insight into the makeup of a target network. How would
you search for these posting using Google search?
A.
Search in Google using the key strings “the target company” and “newsgroups”
B.
Search for the target company name at http://groups.google.com
C.
Use NNTP websites to search for these postings
D.
Search in Google using the key search strings “the target company” and
“forums”
Search for the target company name at http://groups.google.com
Explanation: Using http://groups.google.com is the easiest way to access various
newsgroups today. Before http://groups.google.com you had to use special NNTP clients or
subscribe to some nntp to web services.
You are footprinting an organization to gather competitive intelligence. You visit the
company’s website for contact information and telephone numbers but do not find it
listed there. You know that they had the entire staff directory listed on their website
12 months ago but not it is not there.
How would it be possible for you to retrieve information from the website that is
outdated?
A.
Visit google’s search engine and view the cached copy.
B.
Visit Archive.org web site to retrieve the Internet archive of the company’s website.
C.
Crawl the entire website and store them into your computer.
D.
Visit the company’s partners and customers website for this information.
Visit Archive.org web site to retrieve the Internet archive of the company’s website.
Explanation: Explanation: Archive.org mirrors websites and categorizes them by date
and month depending on the crawl time. Archive.org dates back to 1996, Google is
incorrect because the cache is only as recent as the latest crawl, the cache is over-written
on each subsequent crawl. Download the website is incorrect because that's the same as
what you see online. Visiting customer partners websites is just bogus. The answer is then
Firmly, C, archive.org
According to the CEH methodology, what is the next step to be performed after
footprinting?
A.
Enumeration
B.
Scanning
C.
System Hacking
D.
Social Engineering
E.
Expanding Influence
Scanning
Explanation: Once footprinting has been completed, scanning should be attempted next.
Scanning should take place on two distinct levels: network and host.
| Page 3 out of 153 Pages |
| Previous |